July 2005 - announce - Fedora Mailing-Lists

[SECURITY] Fedora Core 4 Update: mysql-4.1.12-2.FC4.1

by Tom Lane

--------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-557 2005-07-20 --------------------------------------------------------------------- Product : Fedora Core 4 Name : mysql Version : 4.1.12 Release : 2.FC4.1 Summary : MySQL client programs and shared library. Description : MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. This package contains the MySQL client programs, the client shared library, and generic MySQL files. --------------------------------------------------------------------- Update Information: Update to MySQL 4.1.12 (includes a low-impact security fix, see bz#158689). Repair some issues in openssl support. Re-enable the old ISAM table type. --------------------------------------------------------------------- * Tue Jul 12 2005 Tom Lane <tgl(a)redhat.com> 4.1.12-2.FC4.1 - Update to MySQL 4.1.12 (includes a fix for bz#158688, bz#158689) - Extend mysql-test-ssl.patch to solve rpl_openssl test failure (bz#155850) - Update mysql-lock-ssl.patch to match the upstream committed version - Add --with-isam to re-enable the old ISAM table type, per bz#159262 - Add dependency on openssl-devel per bz#159569 - Remove manual.txt, as upstream decided not to ship it anymore; it was redundant with the mysql.info file anyway. - Fix buffer overflow newly exposed in isam code; it's the same issue previously found in myisam, and not very exciting, but I'm tired of seeing build warnings. * Mon May 9 2005 Tom Lane <tgl(a)redhat.com> 4.1.11-4 - Include proper locking for OpenSSL in the server, per bz#155850 * Mon Apr 25 2005 Tom Lane <tgl(a)redhat.com> 4.1.11-3 - Enable openssl tests during build, per bz#155850 - Might as well turn on --disable-dependency-tracking --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/ 774460107972d53004a6a2008caebc72 SRPMS/mysql-4.1.12-2.FC4.1.src.rpm e45f42d42cf30b5b78a2d549f0e25847 ppc/mysql-4.1.12-2.FC4.1.ppc.rpm 98c3ccc6b9fddc04e939e533773ec789 ppc/mysql-server-4.1.12-2.FC4.1.ppc.rpm cd0089e82da75b84e7db807d1d61dc4d ppc/mysql-devel-4.1.12-2.FC4.1.ppc.rpm 1ab9651bdc3f25ce5d8608b6e52e296c ppc/mysql-bench-4.1.12-2.FC4.1.ppc.rpm f13f7b728be053fae4306a5fb3da9b77 ppc/debug/mysql-debuginfo-4.1.12-2.FC4.1.ppc.rpm d7579b55ca0523ee093562ca80be3647 ppc/mysql-4.1.12-2.FC4.1.ppc64.rpm 657bb78043fdb9fbc4ab51d9153f147b x86_64/mysql-4.1.12-2.FC4.1.x86_64.rpm c522150d70660d88a0c3ab44a2cfa4ba x86_64/mysql-server-4.1.12-2.FC4.1.x86_64.rpm cb21a91f82c0b39d227c0aaa4d498f53 x86_64/mysql-devel-4.1.12-2.FC4.1.x86_64.rpm 0187d563d0cdecec49375c9b39e5c116 x86_64/mysql-bench-4.1.12-2.FC4.1.x86_64.rpm 85d8d44fc23c0c3960dc825937fa02e2 x86_64/debug/mysql-debuginfo-4.1.12-2.FC4.1.x86_64.rpm 97de47bd2c66fc9e213f9484d04db852 x86_64/mysql-4.1.12-2.FC4.1.i386.rpm 97de47bd2c66fc9e213f9484d04db852 i386/mysql-4.1.12-2.FC4.1.i386.rpm 3999316e1bea7bc0b832447a59870b98 i386/mysql-server-4.1.12-2.FC4.1.i386.rpm 1137e6778dc99f56df1c8c0eb462338b i386/mysql-devel-4.1.12-2.FC4.1.i386.rpm 657113d7ec9d26971f064035ab410a7b i386/mysql-bench-4.1.12-2.FC4.1.i386.rpm f7c8443e9d551b7fc2651c98195a24e1 i386/debug/mysql-debuginfo-4.1.12-2.FC4.1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------

18 years, 9 months

1
0
0 / 0

[SECURITY] Fedora Core 4 Update: thunderbird-1.0.6-1.1.fc4

by Christopher Aillon

--------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-606 2005-07-20 --------------------------------------------------------------------- Product : Fedora Core 4 Name : thunderbird Version : 1.0.6 Release : 1.1.fc4 Summary : Mozilla Thunderbird mail/newsgroup client Description : Mozilla Thunderbird is a standalone mail and newsgroup client. --------------------------------------------------------------------- Update Information: Mozilla Thunderbird is a standalone mail and newsgroup client. A bug was found in the way Thunderbird handled anonymous functions during regular expression string replacement. It is possible for a malicious HTML mail to capture a random block of client memory. The Common Vulnerabilities and Exposures project has assigned this bug the name CAN-2005-0989. A bug was found in the way Thunderbird validated several XPInstall related JavaScript objects. A malicious HTML mail could pass other objects to the XPInstall objects, resulting in the JavaScript interpreter jumping to arbitrary locations in memory. (CAN-2005-1159) A bug was found in the way the Thunderbird privileged UI code handled DOM nodes from the content window. An HTML message could install malicious JavaScript code or steal data when a user performs commonplace actions such as clicking a link or opening the context menu. (CAN-2005-1160) A bug was found in the way Thunderbird executed JavaScript code. JavaScript executed from HTML mail should run with a restricted access level, preventing dangerous actions. It is possible that a malicious HTML mail could execute JavaScript code with elevated privileges, allowing access to protected data and functions. (CAN-2005-1532) A bug was found in the way Thunderbird executed Javascript in XBL controls. It is possible for a malicious HTML mail to leverage this vulnerability to execute other JavaScript based attacks even when JavaScript is disabled. (CAN-2005-2261) A bug was found in the way Thunderbird handled certain Javascript functions. It is possible for a malicious HTML mail to crash the client by executing malformed Javascript code. (CAN-2005-2265) A bug was found in the way Thunderbird handled child frames. It is possible for a malicious framed HTML mail to steal sensitive information from its parent frame. (CAN-2005-2266) A bug was found in the way Thunderbird handled DOM node names. It is possible for a malicious HTML mail to overwrite a DOM node name, allowing certain privileged chrome actions to execute the malicious JavaScript. (CAN-2005-2269) A bug was found in the way Thunderbird cloned base objects. It is possible for HTML content to navigate up the prototype chain to gain access to privileged chrome objects. (CAN-2005-2270) Users of Thunderbird are advised to upgrade to this updated package that contains Thunderbird version 1.0.6 and is not vulnerable to these issues. --------------------------------------------------------------------- * Wed Jul 20 2005 Christopher Aillon <caillon(a)redhat.com> 1.0.6-1.1.fc4 - Update to 1.0.6 * Mon Jul 18 2005 Christopher Aillon <caillon(a)redhat.com> 1.0.6-0.1.fc4 - 1.0.6 Release Candidate --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/ 51f614a0a887ffb58ce6bbf4f4eb7431 SRPMS/thunderbird-1.0.6-1.1.fc4.src.rpm fc206b1fd0dccb15da66b2fe3b272175 ppc/thunderbird-1.0.6-1.1.fc4.ppc.rpm 0b94083b2f2415f84069e30c20742ec1 ppc/debug/thunderbird-debuginfo-1.0.6-1.1.fc4.ppc.rpm 38da7902f6e1bcfc45ef688e04a770e8 x86_64/thunderbird-1.0.6-1.1.fc4.x86_64.rpm 1a6bbee24e0559176e19ba1218d91e02 x86_64/debug/thunderbird-debuginfo-1.0.6-1.1.fc4.x86_64.rpm f858562b2d77180acb6d40022fe1c3cd i386/thunderbird-1.0.6-1.1.fc4.i386.rpm 90cba454ded9c8d4e049262abdea64d2 i386/debug/thunderbird-debuginfo-1.0.6-1.1.fc4.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------

18 years, 9 months

1
0
0 / 0

[SECURITY] Fedora Core 4 Update: firefox-1.0.6-1.1.fc4

by Christopher Aillon

--------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-605 2005-07-20 --------------------------------------------------------------------- Product : Fedora Core 4 Name : firefox Version : 1.0.6 Release : 1.1.fc4 Summary : Mozilla Firefox Web browser. Description : Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. --------------------------------------------------------------------- Update Information: Mozilla Firefox is an open source Web browser. A bug was found in the way Firefox handled synthetic events. It is possible that Web content could generate events such as keystrokes or mouse clicks that could be used to steal data or execute malicious JavaScript code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-2260 to this issue. A bug was found in the way Firefox executed Javascript in XBL controls. It is possible for a malicious webpage to leverage this vulnerability to execute other JavaScript based attacks even when JavaScript is disabled. (CAN-2005-2261) A bug was found in the way Firefox set an image as the desktop wallpaper. If a user chooses the "Set As Wallpaper..." context menu item on a specially crafted image, it is possible for an attacker to execute arbitrary code on a victim's machine. (CAN-2005-2262) A bug was found in the way Firefox installed its extensions. If a user can be tricked into visiting a malicious webpage, it may be possible to obtain sensitive information such as cookies or passwords. (CAN-2005-2263) A bug was found in the way Firefox handled the _search target. It is possible for a malicious website to inject JavaScript into an already open webpage. (CAN-2005-2264) A bug was found in the way Firefox handled certain Javascript functions. It is possible for a malicious web page to crash the browser by executing malformed Javascript code. (CAN-2005-2265) A bug was found in the way Firefox handled multiple frame domains. It is possible for a frame as part of a malicious web site to inject content into a frame that belongs to another domain. This issue was previously fixed as CAN-2004-0718 but was accidentally disabled. (CAN-2005-1937) A bug was found in the way Firefox handled child frames. It is possible for a malicious framed page to steal sensitive information from its parent page. (CAN-2005-2266) A bug was found in the way Firefox opened URLs from media players. If a media player opens a URL that is JavaScript, JavaScript is executed with access to the currently open webpage. (CAN-2005-2267) A design flaw was found in the way Firefox displayed alerts and prompts. Alerts and prompts were given the generic title [JavaScript Application] which prevented a user from knowing which site created them. (CAN-2005-2268) A bug was found in the way Firefox handled DOM node names. It is possible for a malicious site to overwrite a DOM node name, allowing certain privileged chrome actions to execute the malicious JavaScript. (CAN-2005-2269) A bug was found in the way Firefox cloned base objects. It is possible for Web content to navigate up the prototype chain to gain access to privileged chrome objects. (CAN-2005-2270) Users of Firefox are advised to upgrade to this updated package that contains Firefox version 1.0.6 and is not vulnerable to these issues. --------------------------------------------------------------------- * Wed Jul 20 2005 Christopher Aillon <caillon(a)redhat.com> 0:1.0.6-1.1.fc4 - Update to 1.0.6 * Mon Jul 18 2005 Christopher Aillon <caillon(a)redhat.com> 0:1.0.6-0.1.fc4 - 1.0.6 Release Candidate --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/ ff916b514b9af918d03c5c3fc84b7d27 SRPMS/firefox-1.0.6-1.1.fc4.src.rpm 9facc82245e82e7eb55ed5efb9928bfd ppc/firefox-1.0.6-1.1.fc4.ppc.rpm 2ec89c34a5f8f407039d6062a55c5aa7 ppc/debug/firefox-debuginfo-1.0.6-1.1.fc4.ppc.rpm 6ddc89c3fba24903f5304bc08e8a3163 x86_64/firefox-1.0.6-1.1.fc4.x86_64.rpm d2f45bece85710236ed59f25b68f3a56 x86_64/debug/firefox-debuginfo-1.0.6-1.1.fc4.x86_64.rpm 5e71924a825cdcf578af4362c431adbf i386/firefox-1.0.6-1.1.fc4.i386.rpm 23816e60313ff356c93b52045ab12ecb i386/debug/firefox-debuginfo-1.0.6-1.1.fc4.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------

18 years, 9 months

1
0
0 / 0

[SECURITY] Fedora Core 3 Update: thunderbird-1.0.6-1.1.fc3

by Christopher Aillon

--------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-604 2005-07-20 --------------------------------------------------------------------- Product : Fedora Core 3 Name : thunderbird Version : 1.0.6 Release : 1.1.fc3 Summary : Mozilla Thunderbird mail/newsgroup client Description : Mozilla Thunderbird is a standalone mail and newsgroup client. --------------------------------------------------------------------- Update Information: Mozilla Thunderbird is a standalone mail and newsgroup client. A bug was found in the way Thunderbird handled anonymous functions during regular expression string replacement. It is possible for a malicious HTML mail to capture a random block of client memory. The Common Vulnerabilities and Exposures project has assigned this bug the name CAN-2005-0989. A bug was found in the way Thunderbird validated several XPInstall related JavaScript objects. A malicious HTML mail could pass other objects to the XPInstall objects, resulting in the JavaScript interpreter jumping to arbitrary locations in memory. (CAN-2005-1159) A bug was found in the way the Thunderbird privileged UI code handled DOM nodes from the content window. An HTML message could install malicious JavaScript code or steal data when a user performs commonplace actions such as clicking a link or opening the context menu. (CAN-2005-1160) A bug was found in the way Thunderbird executed JavaScript code. JavaScript executed from HTML mail should run with a restricted access level, preventing dangerous actions. It is possible that a malicious HTML mail could execute JavaScript code with elevated privileges, allowing access to protected data and functions. (CAN-2005-1532) A bug was found in the way Thunderbird executed Javascript in XBL controls. It is possible for a malicious HTML mail to leverage this vulnerability to execute other JavaScript based attacks even when JavaScript is disabled. (CAN-2005-2261) A bug was found in the way Thunderbird handled certain Javascript functions. It is possible for a malicious HTML mail to crash the client by executing malformed Javascript code. (CAN-2005-2265) A bug was found in the way Thunderbird handled child frames. It is possible for a malicious framed HTML mail to steal sensitive information from its parent frame. (CAN-2005-2266) A bug was found in the way Thunderbird handled DOM node names. It is possible for a malicious HTML mail to overwrite a DOM node name, allowing certain privileged chrome actions to execute the malicious JavaScript. (CAN-2005-2269) A bug was found in the way Thunderbird cloned base objects. It is possible for HTML content to navigate up the prototype chain to gain access to privileged chrome objects. (CAN-2005-2270) Users of Thunderbird are advised to upgrade to this updated package that contains Thunderbird version 1.0.6 and is not vulnerable to these issues. --------------------------------------------------------------------- * Wed Jul 20 2005 Christopher Aillon <caillon(a)redhat.com> 1.0.6-1.1.fc3 - Update to 1.0.6 * Mon Jul 18 2005 Christopher Aillon <caillon(a)redhat.com> 1.0.6-0.1.fc3 - 1.0.6 Release Candidate --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ e060dd6ce427541531cc40c28a678643 SRPMS/thunderbird-1.0.6-1.1.fc3.src.rpm 617b9df6931ff067e896d29399849df0 x86_64/thunderbird-1.0.6-1.1.fc3.x86_64.rpm 8bcb33b02ad164e499e4109dc6909caa x86_64/debug/thunderbird-debuginfo-1.0.6-1.1.fc3.x86_64.rpm 2781375f4ff5c6280692d573787f5064 i386/thunderbird-1.0.6-1.1.fc3.i386.rpm 774d64ba857b9c430c3ae87471bc68f6 i386/debug/thunderbird-debuginfo-1.0.6-1.1.fc3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------

18 years, 9 months

1
0
0 / 0

[SECURITY] Fedora Core 3 Update: firefox-1.0.6-1.1.fc3

by Christopher Aillon

--------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-603 2005-07-20 --------------------------------------------------------------------- Product : Fedora Core 3 Name : firefox Version : 1.0.6 Release : 1.1.fc3 Summary : Mozilla Firefox Web browser. Description : Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. --------------------------------------------------------------------- Update Information: Mozilla Firefox is an open source Web browser. A bug was found in the way Firefox handled synthetic events. It is possible that Web content could generate events such as keystrokes or mouse clicks that could be used to steal data or execute malicious JavaScript code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-2260 to this issue. A bug was found in the way Firefox executed Javascript in XBL controls. It is possible for a malicious webpage to leverage this vulnerability to execute other JavaScript based attacks even when JavaScript is disabled. (CAN-2005-2261) A bug was found in the way Firefox set an image as the desktop wallpaper. If a user chooses the "Set As Wallpaper..." context menu item on a specially crafted image, it is possible for an attacker to execute arbitrary code on a victim's machine. (CAN-2005-2262) A bug was found in the way Firefox installed its extensions. If a user can be tricked into visiting a malicious webpage, it may be possible to obtain sensitive information such as cookies or passwords. (CAN-2005-2263) A bug was found in the way Firefox handled the _search target. It is possible for a malicious website to inject JavaScript into an already open webpage. (CAN-2005-2264) A bug was found in the way Firefox handled certain Javascript functions. It is possible for a malicious web page to crash the browser by executing malformed Javascript code. (CAN-2005-2265) A bug was found in the way Firefox handled multiple frame domains. It is possible for a frame as part of a malicious web site to inject content into a frame that belongs to another domain. This issue was previously fixed as CAN-2004-0718 but was accidentally disabled. (CAN-2005-1937) A bug was found in the way Firefox handled child frames. It is possible for a malicious framed page to steal sensitive information from its parent page. (CAN-2005-2266) A bug was found in the way Firefox opened URLs from media players. If a media player opens a URL that is JavaScript, JavaScript is executed with access to the currently open webpage. (CAN-2005-2267) A design flaw was found in the way Firefox displayed alerts and prompts. Alerts and prompts were given the generic title [JavaScript Application] which prevented a user from knowing which site created them. (CAN-2005-2268) A bug was found in the way Firefox handled DOM node names. It is possible for a malicious site to overwrite a DOM node name, allowing certain privileged chrome actions to execute the malicious JavaScript. (CAN-2005-2269) A bug was found in the way Firefox cloned base objects. It is possible for Web content to navigate up the prototype chain to gain access to privileged chrome objects. (CAN-2005-2270) Users of Firefox are advised to upgrade to this updated package that contains Firefox version 1.0.6 and is not vulnerable to these issues. --------------------------------------------------------------------- * Wed Jul 20 2005 Christopher Aillon <caillon(a)redhat.com> 0:1.0.6-1.1.fc3 - Update to 1.0.6 * Mon Jul 18 2005 Christopher Aillon <caillon(a)redhat.com> 0:1.0.6-0.1.fc3 - 1.0.6 Candidate Release * Sun May 15 2005 Christopher Aillon <caillon(a)redhat.com> - Re-enable jsd now that there are venkman versions that work with Firefox --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ af02171d12225714c15c60f04c20e2f9 SRPMS/firefox-1.0.6-1.1.fc3.src.rpm ef8cb22e843e9c462b070913124eb55d x86_64/firefox-1.0.6-1.1.fc3.x86_64.rpm 54fbfd492a9d044b64166a226cef75ca x86_64/debug/firefox-debuginfo-1.0.6-1.1.fc3.x86_64.rpm 0b8019d7294f3be8d1647cf7d571ae14 i386/firefox-1.0.6-1.1.fc3.i386.rpm 8f0c85f49676902e4f0be8f90aa52712 i386/debug/firefox-debuginfo-1.0.6-1.1.fc3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------

18 years, 9 months

1
0
0 / 0

Official Launch of the Fedora BugZappers Triage Team

by Jack Aboutboul

Want to help out with the Fedora Project, but can't code a lick? Well fear not my dear friends. There are many ways you can help the cause and today I am pleased to announce a brand new way you can help contribute. Join the Fedora BugZappers! Who are the BugZappers? The BugZappers, (http://www.fedoraproject.org/wiki/BugZappers) are the official triage team of the Fedora Project. The main goal of the team is to triage, or do a first pass, of bugs in Bugzilla and ensure that a number of parameters are satisfactorily met. Basically what that means is that the BugZappers will go through bugs as they come in and try and make sure the bugs are valid (i.e. not a duplicate), sane and contain enough information to be escalated to developers. If you have ever reported a bug and wondered why it took so long to get fixed, well then BugZappers is the right project to join. Tell Me More! The BugZappers aim to be the primary line of defense for Fedora Quality Assurance (QA). The BugZappers will begin running Bug Day events, every alternating week, usually on Wednesdays. Bug Day events are when the team gets together to concentrate our focus on certain subsections of the project which need work. Triage should continue on though, and remember kids, "Every day should be a Bug Day!" So, if you are tired of hearing complaints about things not working, pieces being broken or just plain want to help Fedora be the best dang Fedora it can be, then join the BugZappers team and help the developers make the most of their coding time. It's fun, it's easy, you don't need much experience to start and we are willing to show you the path of the righteous, should you choose to accept this mission. What's in it for me? Glad you asked. First of all there is candy. OK, so there is no candy, but there is free stuff. The team is working on some giveaways and run contests during Bug Day events. You also get to work on triaging things that annoy you first, so your problems get fixed sooner; kernel problems anyone? Also, a wise man once said, much fame and fortune come to he who close many bugs. OK, it really wasn't a wise man buy you get the point. How Do I Join? Step 1: Sign up for the mailing list at: http://www.redhat.com/mailman/listinfo/fedora-triage-list Step 2: Join us on IRC We live in #fedora-bugs on Freenode Step 3: Read/Modify/Enhance the wiki Our wiki is located at http://www.fedoraproject.org/wiki/BugZappers . Additionally, we have more information available on the wiki at: http://www.fedoraproject.org/wiki/BugsReports and http://www.fedoraproject.org/wiki/Bugs . More content will be added as we get the project off the ground and moving. Also, be sure to look for our announcement of the first Bug Day event coming soon to an Inbox near you! Thanks, Jack

18 years, 9 months

1
0
0 / 0

Fedora Core 4 Update: freeradius-1.0.4-1.FC4.1

by Thomas Woerner

--------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-602 2005-07-20 --------------------------------------------------------------------- Product : Fedora Core 4 Name : freeradius Version : 1.0.4 Release : 1.FC4.1 Summary : High-performance and highly configurable free RADIUS server. Description : The FreeRADIUS Server Project is a high performance and highly configurable GPL'd free RADIUS server. The server is similar in some respects to Livingston's 2.0 server. While FreeRADIUS started as a variant of the Cistron RADIUS server, they don't share a lot in common any more. It now has many more features than Cistron or Livingston, and is much more configurable. FreeRADIUS is an Internet authentication daemon, which implements the RADIUS protocol, as defined in RFC 2865 (and others). It allows Network Access Servers (NAS boxes) to perform authentication for dial-up users. There are also RADIUS clients available for Web servers, firewalls, Unix logins, and more. Using RADIUS allows authentication and authorization for a network to be centralized, and minimizes the amount of re-configuration which has to be done when adding or deleting new users. --------------------------------------------------------------------- Update Information: Fixes missing ldap plugin. --------------------------------------------------------------------- * Wed Jul 20 2005 Thomas Woerner <twoerner(a)redhat.com> 1.0.4-1.FC4.1 - new version 1.0.4 - droppend radrelay patch (fixed upstream) - added missing build requires for libtool-ltdl-devel (#160877) - modified file list to get a report for missing plugins --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/ a51fa9e2809f03f98d28bce6089d3e51 SRPMS/freeradius-1.0.4-1.FC4.1.src.rpm db011e5c9044216e7c2a76815064ebfe ppc/freeradius-1.0.4-1.FC4.1.ppc.rpm 8bd3c642452cbe98dc6655f342ca4330 ppc/freeradius-mysql-1.0.4-1.FC4.1.ppc.rpm b5430a868c61a80746acdc3a3e04f5ab ppc/freeradius-postgresql-1.0.4-1.FC4.1.ppc.rpm 62d77c13aefbdd4c3758ad4ff0b3bdaf ppc/freeradius-unixODBC-1.0.4-1.FC4.1.ppc.rpm 0c4e4ee863a08060436322d91fb79584 ppc/debug/freeradius-debuginfo-1.0.4-1.FC4.1.ppc.rpm 0ffe42e6641a1265ae6e5dfffdbcffd9 x86_64/freeradius-1.0.4-1.FC4.1.x86_64.rpm 6a9319c6924667deef028c0eaad9fb70 x86_64/freeradius-mysql-1.0.4-1.FC4.1.x86_64.rpm 4107da0cd2391e4c1d17c15236a5dbdf x86_64/freeradius-postgresql-1.0.4-1.FC4.1.x86_64.rpm ef78eb055368270b4af28cd6132eee41 x86_64/freeradius-unixODBC-1.0.4-1.FC4.1.x86_64.rpm 911f54259a12748f3cf3997f65723cc0 x86_64/debug/freeradius-debuginfo-1.0.4-1.FC4.1.x86_64.rpm 1aeb4cbb393a7e731ab740b1fdae5e24 i386/freeradius-1.0.4-1.FC4.1.i386.rpm 34778f69fa2cf36edf6d324a3ec2da9c i386/freeradius-mysql-1.0.4-1.FC4.1.i386.rpm 8f8e28cd5b6253332ae07a18d58c936c i386/freeradius-postgresql-1.0.4-1.FC4.1.i386.rpm 5b18442ad0e54a8e20412803ea6c5cbd i386/freeradius-unixODBC-1.0.4-1.FC4.1.i386.rpm 91fd6b450005e165c5618dd851ce6679 i386/debug/freeradius-debuginfo-1.0.4-1.FC4.1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------

18 years, 9 months

1
0
0 / 0

Fedora Core 4 Update: kernel-2.6.12-1.1398_FC4

by Dave Jones

--------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-572 2005-07-15 --------------------------------------------------------------------- Product : Fedora Core 4 Name : kernel Version : 2.6.12 Release : 1.1398_FC4 Summary : The Linux kernel (the core of the Linux operating system). Description : The kernel package contains the Linux kernel (vmlinuz), the core of the Red Hat Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. --------------------------------------------------------------------- * Fri Jul 15 2005 Dave Jones <davej(a)redhat.com> - Include a number of patches likely to show up in 2.6.12.3 * Thu Jul 14 2005 Dave Jones <davej(a)redhat.com> - Add Appletouch support. * Wed Jul 13 2005 David Woodhouse <dwmw2(a)redhat.com> - Audit updates. In particular, don't printk audit messages that are passed from userspace when auditing is disabled. * Tue Jul 12 2005 Dave Jones <davej(a)redhat.com> - Fix up several reports of CD's causing crashes. - Make -p port arg of rpc.nfsd work. - Work around a usbmon deficiency. - Fix connection tracking bug with bridging. (#162438) * Mon Jul 11 2005 Dave Jones <davej(a)redhat.com> - Fix up locking in piix IDE driver whilst tuning chipset. --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/ d60975e1a16064f73648ff4214715a6d SRPMS/kernel-2.6.12-1.1398_FC4.src.rpm f6115f583228118c20b38402ca60ea1d ppc/kernel-2.6.12-1.1398_FC4.ppc.rpm 524039577f55a2bd7321418732a291dc ppc/kernel-devel-2.6.12-1.1398_FC4.ppc.rpm c2e0891dc4a99b9eb1fe9c3688d864ca ppc/kernel-smp-2.6.12-1.1398_FC4.ppc.rpm 927df1215539fdd716c74abeb9a7b6de ppc/kernel-smp-devel-2.6.12-1.1398_FC4.ppc.rpm 3ed769a3ba498d9dd1266add3f259f1c ppc/debug/kernel-debuginfo-2.6.12-1.1398_FC4.ppc.rpm 3857f71be4ffdeca8b309ca1e29759bc ppc/kernel-2.6.12-1.1398_FC4.ppc64.rpm 853694ec5db007cf0a36b226a4f75694 ppc/kernel-devel-2.6.12-1.1398_FC4.ppc64.rpm fca7efcef4e84a40b61aea0e03a75f23 ppc/kernel-2.6.12-1.1398_FC4.ppc64iseries.rpm 7005912e1d33c1843aeb4cb653c3a424 ppc/kernel-devel-2.6.12-1.1398_FC4.ppc64iseries.rpm 9c97f4ad5a2c37701bba142ef786869d x86_64/kernel-2.6.12-1.1398_FC4.x86_64.rpm 40ae8531537f7ac1d5784063407aeff7 x86_64/kernel-devel-2.6.12-1.1398_FC4.x86_64.rpm c2a4f2d332b95d128528abe01c9533e2 x86_64/kernel-smp-2.6.12-1.1398_FC4.x86_64.rpm 20f42bd2178b643a0fdbff20532c72bf x86_64/kernel-smp-devel-2.6.12-1.1398_FC4.x86_64.rpm 7142e5e15fdf520d8dfc89c8953b0b12 x86_64/debug/kernel-debuginfo-2.6.12-1.1398_FC4.x86_64.rpm 8a13d764eaeed65871579e27a461337d x86_64/kernel-doc-2.6.12-1.1398_FC4.noarch.rpm 04a278fdd00bdb01aebac101a002b054 i386/kernel-2.6.12-1.1398_FC4.i586.rpm 677187f478b404d03bb9f7febad17bcd i386/kernel-devel-2.6.12-1.1398_FC4.i586.rpm 7fda173b7d5a2490f5e45f9d7134bfac i386/debug/kernel-debuginfo-2.6.12-1.1398_FC4.i586.rpm 650a339a9d1437658260ea7d28df617c i386/kernel-2.6.12-1.1398_FC4.i686.rpm d8f301430c6bc35d6bc5a5f5ecdcc188 i386/kernel-devel-2.6.12-1.1398_FC4.i686.rpm 1dadb93aa84cc37e25deddc545bc94b0 i386/kernel-smp-2.6.12-1.1398_FC4.i686.rpm 734f49956151ccff7d06a014f7f262e5 i386/kernel-smp-devel-2.6.12-1.1398_FC4.i686.rpm 9cd10325d3b24b663ce6934085e416b7 i386/kernel-xen0-2.6.12-1.1398_FC4.i686.rpm 9a6652a2905ca5642be945a87b1d580e i386/kernel-xen0-devel-2.6.12-1.1398_FC4.i686.rpm 3a564afecc494e657337be375f62dab4 i386/kernel-xenU-2.6.12-1.1398_FC4.i686.rpm a70eb479e1478ab87801edd7f8f73747 i386/kernel-xenU-devel-2.6.12-1.1398_FC4.i686.rpm a53522cf81dce5043c93ca00bcebbc52 i386/debug/kernel-debuginfo-2.6.12-1.1398_FC4.i686.rpm 8a13d764eaeed65871579e27a461337d i386/kernel-doc-2.6.12-1.1398_FC4.noarch.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------

18 years, 9 months

2
2
0 / 0

[SECURITY] Fedora Core 3 Update: kdelibs-3.3.1-2.14.FC3

by than

--------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-594 2005-07-19 --------------------------------------------------------------------- Product : Fedora Core 3 Name : kdelibs Version : 3.3.1 Release : 2.14.FC3 Summary : K Desktop Environment - Libraries Description : Libraries for the K Desktop Environment. KDE Libraries include: kdecore (KDE core library), kdeui (user interface), kfm (file manager), khtmlw (HTML widget), kio (Input/Output, networking), kspell (spelling checker), jscript (javascript), kab (addressbook), kimgio (image manipulation). --------------------------------------------------------------------- Update Information: A flaw was discovered affecting Kate, the KDE advanced text editor, and Kwrite. Depending on system settings it may be possible for a local user to read the backup files created by Kate or Kwrite. The Common Vulnerabilities and Exposures project assigned the name CAN-2005-1920 to this issue. Users of Kate or Kwrite should update to this erratum package which contains a backported patch from the KDE security team correcting this issue. --------------------------------------------------------------------- * Tue Jul 12 2005 Than Ngo <than(a)redhat.com> 6:3.3.1-2.14.FC3 - Kate backup file permission leak, apply patch to fix this vulnerabilities CAN-2005-1920 - apply cvs patch to get rid of warning "Mutex destroy failure", #160922 * Wed May 4 2005 Than Ngo <than(a)redhat.com> 6:3.3.1-2.13.FC3 - new patch to fix kimgio input validation vulnerabilities, CAN-2005-1046 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 7c16ace15f5c3cc17833062448f9a479 SRPMS/kdelibs-3.3.1-2.14.FC3.src.rpm ab43dbc1f7f8bd0ab15abbd1b81fa8b7 x86_64/kdelibs-3.3.1-2.14.FC3.x86_64.rpm 00ff507d1d9629744a0750c5dc36c0ca x86_64/kdelibs-devel-3.3.1-2.14.FC3.x86_64.rpm 3aab6b8bf911cc5915392cafd78c5da3 x86_64/debug/kdelibs-debuginfo-3.3.1-2.14.FC3.x86_64.rpm 4ea59323607d5df364a9ba9a0bb9a6c7 x86_64/kdelibs-3.3.1-2.14.FC3.i386.rpm 4ea59323607d5df364a9ba9a0bb9a6c7 i386/kdelibs-3.3.1-2.14.FC3.i386.rpm 99f32b21eb7cf1c5a612356bcd935bcc i386/kdelibs-devel-3.3.1-2.14.FC3.i386.rpm a1baca56812419ec7f261291bb86084b i386/debug/kdelibs-debuginfo-3.3.1-2.14.FC3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------

18 years, 9 months

1
0
0 / 0

Fedora Core 4 Update: radvd-0.8-2.FC4

by Jason Vas Dias

--------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-595 2005-07-19 --------------------------------------------------------------------- Product : Fedora Core 4 Name : radvd Version : 0.8 Release : 2.FC4 Summary : A Router Advertisement daemon. Description : Radvd is the router advertisement daemon for IPv6. It listens to router solicitations and sends router advertisements as described in "Neighbor Discovery for IP Version 6 (IPv6)" (RFC 2461). With these advertisements, hosts can automatically configure their addresses and some other parameters. They also can choose a default router based on these advertisements. Install radvd if you are setting up IPv6 network and/or Mobile IPv6 services. --------------------------------------------------------------------- --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/ 40eb95779d33e520c211c13f00c72b97 SRPMS/radvd-0.8-2.FC4.src.rpm ba208dcd52a3b329ec42e0184b46090d ppc/radvd-0.8-2.FC4.ppc.rpm 85374292e0e4395392d0919cd16b5282 ppc/debug/radvd-debuginfo-0.8-2.FC4.ppc.rpm eafe5668eaed0cb8ebfc4397586e8a3a x86_64/radvd-0.8-2.FC4.x86_64.rpm a3e09c8e71c0ca4a1b93217a3c53eb82 x86_64/debug/radvd-debuginfo-0.8-2.FC4.x86_64.rpm e1410e3529c80f1a9cefa662b02d198a i386/radvd-0.8-2.FC4.i386.rpm af6ec6f612d7c6bd6ae762c3035b2b72 i386/debug/radvd-debuginfo-0.8-2.FC4.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------

18 years, 9 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

announce July 2005