Fedora EPEL 5 Update: ldns-1.6.4-4.el5
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2010-2691
2010-04-29 15:56:55
--------------------------------------------------------------------------------
Name : ldns
Product : Fedora EPEL 5
Version : 1.6.4
Release : 4.el5
URL : http://www.nlnetlabs.nl/ldns/
Summary : Lowlevel DNS(SEC) library with API
Description :
ldns is a library with the aim to simplify DNS programing in C. All
lowlevel DNS/DNSSEC operations are supported. We also define a higher
level API which allows a programmer to (for instance) create or sign
packets.
--------------------------------------------------------------------------------
Update Information:
The LOC fix in 1.6.4-3 had some debug output still present that would confuse
automated use of ldns-read-zone. That was removed in this release.
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update ldns' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 11 months
Fedora EPEL 4 Update: flashrom-0.9.1-4.svn995.el4
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2010-2698
2010-04-29 15:57:15
--------------------------------------------------------------------------------
Name : flashrom
Product : Fedora EPEL 4
Version : 0.9.1
Release : 4.svn995.el4
URL : http://flashrom.org
Summary : Simple program for reading/writing BIOS chips content
Description :
Utility which can be used to detect BIOS chips (DIP, PLCC), read their contents
and write new contents on the chips ("flash the chip").
--------------------------------------------------------------------------------
Update Information:
New svn ver. 995 (with really lots of new chips and m/b added)
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update flashrom' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 11 months
Fedora EPEL 5 Update: flashrom-0.9.1-4.svn995.el5
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2010-2688
2010-04-29 15:56:48
--------------------------------------------------------------------------------
Name : flashrom
Product : Fedora EPEL 5
Version : 0.9.1
Release : 4.svn995.el5
URL : http://flashrom.org
Summary : Simple program for reading/writing BIOS chips content
Description :
Utility which can be used to detect BIOS chips (DIP, PLCC), read their contents
and write new contents on the chips ("flash the chip").
--------------------------------------------------------------------------------
Update Information:
New svn ver. 995 (with really lots of new chips and m/b added)
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update flashrom' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 11 months
[SECURITY] Fedora EPEL 5 Update: xar-1.5.2-6.el5
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2010-2689
2010-04-29 15:56:50
--------------------------------------------------------------------------------
Name : xar
Product : Fedora EPEL 5
Version : 1.5.2
Release : 6.el5
URL : http://code.google.com/p/xar/
Summary : The eXtensible ARchiver
Description :
The XAR project aims to provide an easily extensible archive format. Important
design decisions include an easily extensible XML table of contents for random
access to archived files, storing the toc at the beginning of the archive to
allow for efficient handling of streamed archives, the ability to handle files
of arbitrarily large sizes, the ability to choose independent encodings for
individual files in the archive, the ability to store checksums for individual
files in both compressed and uncompressed form, and the ability to query the
table of content's rich meta-data.
--------------------------------------------------------------------------------
Update Information:
This update fixes CVE-2010-0055, an issue where xar did not properly validate
package signatures, which allows attackers to have an unspecified impact via a
modified package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #570678 - CVE-2010-0055 xar: signature bypass vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=570678
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update xar' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 11 months
Fedora EPEL 5 Update: metagoofil-1.4a-5.el5
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2010-2672
2010-04-26 23:06:16
--------------------------------------------------------------------------------
Name : metagoofil
Product : Fedora EPEL 5
Version : 1.4a
Release : 5.el5
URL : http://www.edge-security.com/metagoofil.php
Summary : Meta-data analyzer, information gathering tool
Description :
Metagoofil is an information gathering tool designed for extracting meta-data
of public documents (PDF,DOC,XLS,PPT,ODP,ODS) available in the target/victim
websites.
--------------------------------------------------------------------------------
Update Information:
metagoofil - Metadata analyzer, information gathering tool Metagoofil is an
information gathering tool designed for extracting metadata from public
documents (pdf,doc,xls,ppt,odp,ods) availables in the target/victim websites.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #575504 - Review Request: metagoofil - Metadata analyzer, information gathering tool
https://bugzilla.redhat.com/show_bug.cgi?id=575504
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update metagoofil' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 11 months
[SECURITY] Fedora EPEL 5 Update: mod_auth_shadow-2.2-5.el5
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2010-2569
2010-04-09 22:09:36
--------------------------------------------------------------------------------
Name : mod_auth_shadow
Product : Fedora EPEL 5
Version : 2.2
Release : 5.el5
URL : http://mod-auth-shadow.sourceforge.net
Summary : An Apache module for authentication using /etc/shadow
Description :
When performing this task one encounters one fundamental
difficulty: The /etc/shadow file is supposed to be
read/writeable only by root. However, the webserver is
supposed to run under a non-root user, such as "nobody".
mod_auth_shadow addresses this difficulty by opening a pipe
to an suid root program, validate, which does the actual
validation. When there is a failure, validate writes an
error message to the system log, and waits three seconds
before exiting.
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2010-1151 modauthshadow: bad wait(2) call causes randomized
authorization behaviour (#578168).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #578168 - CVE-2010-1151 mod_auth_shadow: bad wait(2) call causes randomized authorization behaviour
https://bugzilla.redhat.com/show_bug.cgi?id=578168
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update mod_auth_shadow' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 11 months
Fedora EPEL 5 Update: wxGTK-2.8.11-1.el5
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2010-2660
2010-04-26 23:05:39
--------------------------------------------------------------------------------
Name : wxGTK
Product : Fedora EPEL 5
Version : 2.8.11
Release : 1.el5
URL : http://www.wxwidgets.org/
Summary : GTK2 port of the wxWidgets GUI library
Description :
wxWidgets/GTK2 is the GTK2 port of the C++ cross-platform wxWidgets
GUI library, offering classes for all common GUI controls as well as a
comprehensive set of helper classes for most common application tasks,
ranging from networking to HTML display and image manipulation.
--------------------------------------------------------------------------------
Update Information:
update to 2.8.11 full changelog at
http://prdownloads.sourceforge.net/wxwindows/changes-2.8.11.txt
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #580600 - Regression in wxWidgets 2.8 causing a segfault
https://bugzilla.redhat.com/show_bug.cgi?id=580600
[ 2 ] Bug #570458 - wxHtmlEasyPrinting::PreviewFile window at background under wxGTK2
https://bugzilla.redhat.com/show_bug.cgi?id=570458
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update wxGTK' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 11 months
[SECURITY] Fedora EPEL 4 Update: mod_auth_shadow-2.2-4.el4
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2010-2567
2010-04-09 22:09:31
--------------------------------------------------------------------------------
Name : mod_auth_shadow
Product : Fedora EPEL 4
Version : 2.2
Release : 4.el4
URL : http://mod-auth-shadow.sourceforge.net
Summary : An Apache module for authentication using /etc/shadow
Description :
When performing this task one encounters one fundamental
difficulty: The /etc/shadow file is supposed to be
read/writeable only by root. However, the webserver is
supposed to run under a non-root user, such as "nobody".
mod_auth_shadow addresses this difficulty by opening a pipe
to an suid root program, validate, which does the actual
validation. When there is a failure, validate writes an
error message to the system log, and waits three seconds
before exiting.
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2010-1151 modauthshadow: bad wait(2) call causes randomized
authorization behaviour (#578168).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #578168 - CVE-2010-1151 mod_auth_shadow: bad wait(2) call causes randomized authorization behaviour
https://bugzilla.redhat.com/show_bug.cgi?id=578168
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update mod_auth_shadow' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 11 months
Fedora EPEL 4 Update: wxGTK-2.8.11-1.el4
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2010-2669
2010-04-26 23:06:09
--------------------------------------------------------------------------------
Name : wxGTK
Product : Fedora EPEL 4
Version : 2.8.11
Release : 1.el4
URL : http://www.wxwidgets.org/
Summary : GTK2 port of the wxWidgets GUI library
Description :
wxWidgets/GTK2 is the GTK2 port of the C++ cross-platform wxWidgets
GUI library, offering classes for all common GUI controls as well as a
comprehensive set of helper classes for most common application tasks,
ranging from networking to HTML display and image manipulation.
--------------------------------------------------------------------------------
Update Information:
update to 2.8.11 full changelog at
http://prdownloads.sourceforge.net/wxwindows/changes-2.8.11.txt
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #580600 - Regression in wxWidgets 2.8 causing a segfault
https://bugzilla.redhat.com/show_bug.cgi?id=580600
[ 2 ] Bug #570458 - wxHtmlEasyPrinting::PreviewFile window at background under wxGTK2
https://bugzilla.redhat.com/show_bug.cgi?id=570458
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update wxGTK' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 11 months
Fedora EPEL 5 Update: whereami-1.0-2.el5
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2010-2683
2010-04-26 23:06:45
--------------------------------------------------------------------------------
Name : whereami
Product : Fedora EPEL 5
Version : 1.0
Release : 2.el5
URL : http://pjp.dgplug.org/tools
Summary : Displays work location
Description :
Whereami displays information about the machine(location) you are working on.
Information like terminal name, present working directory, host name, and the
host IP address. This is extremely useful for those who tend to work remotely
on several machines at the same time.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #583301 - Review Request: whereami - Displays work location
https://bugzilla.redhat.com/show_bug.cgi?id=583301
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update whereami' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 11 months