--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2011-3030
2011-04-10 20:23:19
--------------------------------------------------------------------------------
Name : tmux
Product : Fedora EPEL 6
Version : 1.4
Release : 3.el6
URL : http://sourceforge.net/projects/tmux
Summary : A terminal multiplexer
Description :
tmux is a "terminal multiplexer." It enables a number of terminals (or
windows) to be accessed and controlled from a single terminal. tmux is
intended to be a simple, modern, BSD-licensed alternative to programs such
as GNU Screen.
--------------------------------------------------------------------------------
Update Information:
tmux didn't drop group privileges correctly in all cases.
This is fixed by using an updated patch originating from the debian tmux package.
Fixes RHBZ #694564, CVE-2011-1496
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #694564 - CVE-2011-1496 tmux does not drop group tmux privileges properly [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=694564
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update tmux' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2011-2983
2011-04-06 22:21:57
--------------------------------------------------------------------------------
Name : ngrep
Product : Fedora EPEL 6
Version : 1.45
Release : 7.el6
URL : http://ngrep.sourceforge.net/
Summary : Network layer grep tool
Description :
ngrep strives to provide most of GNU grep's common features, applying them
to the network layer. ngrep is a pcap-aware tool that will allow you to
specify extended regular or hexadecimal expressions to match against data
payloads of packets. It currently recognizes TCP, UDP, ICMP, IGMP and Raw
protocols across Ethernet, PPP, SLIP, FDDI, Token Ring, 802.11 and null
interfaces, and understands bpf filter logic in the same fashion as more
common packet sniffing tools, such as tcpdump and snoop.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #166481 - Review Request: ngrep - network grep
https://bugzilla.redhat.com/show_bug.cgi?id=166481
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update ngrep' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2011-3031
2011-04-10 20:23:21
--------------------------------------------------------------------------------
Name : pdfmerge
Product : Fedora EPEL 6
Version : 1.0.4
Release : 1.el6
URL : http://dmaphy.github.com/pdfmerge/
Summary : Command line utility program for merging PDF files
Description :
pdfmerge is a command line program that merges PDF files. It can merge
any number of pdf files from command line.
--------------------------------------------------------------------------------
Update Information:
This update brings the new pdfmerge 1.0.4 to you which fixes some issues and improves the handling of pdfmerge.
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update pdfmerge' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2011-3076
2011-04-15 17:09:16
--------------------------------------------------------------------------------
Name : 389-ds-base
Product : Fedora EPEL 5
Version : 1.2.8.2
Release : 1.el5
URL : http://port389.org/
Summary : 389 Directory Server (base)
Description :
389 Directory Server is an LDAPv3 compliant server. The base package includes
the LDAP server and command line utilities for server administration.
--------------------------------------------------------------------------------
Update Information:
The 389-ds-base-1.2.8.2 release - fix bug 696407
The 389-ds-base-1.2.8.1 release
This is the 389-ds-base-1.2.8.0 release - some bug fixes for winsync
and matching rules and schema
The 389-ds-base-1.2.8.rc5 release - Fix a bug in settting up GSSAPI replication
This is the 1.2.8 release candidate 4 release
This is 389-ds-base-1.2.8 RC 2 - this fixes several bugs found in alpha and RC 1 testing
This is the 389-ds-base-1.2.8 release candidate 1 build
Split off 389-ds-base-libs to solve multilib issues
1.2.8.a3 release - git tag 389-ds-base-1.2.8.a3
see bugs for a list of bugs fixed
This is the 1.2.8 alpha 2 release - many bug fixes
389-ds-base 1.2.8 alpha 1
contains many bug fixes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #696407 - If an entry with a mixed case RDN is turned to be a tombstone, it fails to assemble DN from entryrdn
https://bugzilla.redhat.com/show_bug.cgi?id=696407
[ 2 ] Bug #693962 - Full replica push loses some entries with multi-valued RDNs
https://bugzilla.redhat.com/show_bug.cgi?id=693962
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update 389-ds-base' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2011-3034
2011-04-10 20:23:28
--------------------------------------------------------------------------------
Name : pam_shield
Product : Fedora EPEL 5
Version : 0.9.5
Release : 7.el5
URL : http://www.heiho.net/pam_shield/index.html
Summary : Pam Shield - A pam module to counter brute force attacks
Description :
This is a pam module that supports brute force blocking against pam
authentication mechanisms.
--------------------------------------------------------------------------------
Update Information:
packing fixes
added %{optflags}
added %{optflags}
added %{optflags}
added %{optflags}
added %{optflags}
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #694557 - pam_shield not built with $RPM_OPT_FLAGS
https://bugzilla.redhat.com/show_bug.cgi?id=694557
[ 2 ] Bug #691153 - Review Request: pam_shield - pam module to block brute force attacks
https://bugzilla.redhat.com/show_bug.cgi?id=691153
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update pam_shield' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2011-2938
2011-03-30 17:04:23
--------------------------------------------------------------------------------
Name : 389-admin
Product : Fedora EPEL 5
Version : 1.1.16
Release : 1.el5
URL : http://port389.org/
Summary : 389 Administration Server (admin)
Description :
389 Administration Server is an HTTP agent that provides management features
for 389 Directory Server. It provides some management web apps that can
be used through a web browser. It provides the authentication, access control,
and CGI utilities used by the console.
--------------------------------------------------------------------------------
Update Information:
This is the 1.1.16 release
1.1.15 release - git tag 389-admin-1.1.15
see Bugs for the list of bugs fixed
start-ds-admin.in -- replaced "return 1" with "exit 1"
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #476925 - Admin Server: Do not allow 8-bit passwords for the admin user
https://bugzilla.redhat.com/show_bug.cgi?id=476925
[ 2 ] Bug #614690 - adminutil ICU RB generation can fail
https://bugzilla.redhat.com/show_bug.cgi?id=614690
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update 389-admin' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2011-2931
2011-03-30 17:04:07
--------------------------------------------------------------------------------
Name : 389-admin-console
Product : Fedora EPEL 5
Version : 1.1.7
Release : 1.el5
URL : http://port389.org
Summary : 389 Admin Server Management Console
Description :
A Java based remote management console used for Managing 389
Admin Server. Requires the 389 Console to load and run the
jar files.
--------------------------------------------------------------------------------
Update Information:
This is the 1.1.7 release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #476925 - Admin Server: Do not allow 8-bit passwords for the admin user
https://bugzilla.redhat.com/show_bug.cgi?id=476925
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update 389-admin-console' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2011-3038
2011-04-10 20:23:36
--------------------------------------------------------------------------------
Name : libisofs
Product : Fedora EPEL 4
Version : 1.0.6
Release : 1.el4
URL : http://libburnia-project.org/
Summary : Library to create ISO 9660 disk images
Description :
Libisofs is a library to create an ISO-9660 filesystem and supports
extensions like RockRidge or Joliet. It is also a full featured
ISO-9660 editor, allowing you to modify an ISO image or multisession
disc, including file addition or removal, change of file names and
attributes etc. It supports the extension AAIP which allows to store
ACLs and xattr in ISO-9660 filesystems as well. As it is linked with
zlib, it supports zisofs compression, too.
--------------------------------------------------------------------------------
Update Information:
Changes towards previous version 1.0.4:
* Burning DVD-R DAO with 2 kB size granularity rather than 32 kB
* New API call burn_allow_drive_role_4()
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update libisofs' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2011-3001
2011-04-06 22:23:22
--------------------------------------------------------------------------------
Name : python-feedparser
Product : Fedora EPEL 6
Version : 5.0.1
Release : 1.el6
URL : http://feedparser.org/
Summary : Parse RSS and Atom feeds in Python
Description :
Universal Feed Parser is a Python module for downloading and parsing
syndicated feeds. It can handle RSS 0.90, Netscape RSS 0.91,
Userland RSS 0.91, RSS 0.92, RSS 0.93, RSS 0.94, RSS 1.0, RSS 2.0,
Atom 0.3, Atom 1.0, and CDF feeds. It also parses several popular extension
modules, including Dublin Core and Apple's iTunes extensions.
--------------------------------------------------------------------------------
Update Information:
Current release: 5.0.1 - February 20, 2011
* Fix issue 91 (invalid text in XML declaration causes sanitizer to crash)
* Fix issue 254 (sanitization can be bypassed by malformed XML comments)
* Fix issue 255 (sanitizer doesn't strip unsafe URI schemes)
Previous release: 5.0 - January 25, 2011
* Improved MathML support
* Support microformats (rel-tag, rel-enclosure, xfn, hcard)
* Support IRIs
* Allow safe CSS through sanitization
* Allow safe HTML5 through sanitization
* Support SVG
* Support inline XML entity declarations
* Support unescaped quotes and angle brackets in attributes
* Support additional date formats
* Added the request_headers argument to parse()
* Added the response_headers argument to parse()
* Support multiple entry, feed, and source authors
* Officially make Python 2.4 the earliest supported version
* Support Python 3
* Bug fixes, bug fixes, bug fixes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #684877 - CVE-2009-5065 CVE-2011-1156 CVE-2011-1157 CVE-2011-1158 python-feedparser: multiple flaws corrected in version 5.1
https://bugzilla.redhat.com/show_bug.cgi?id=684877
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update python-feedparser' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2011-3000
2011-04-06 22:23:20
--------------------------------------------------------------------------------
Name : python-feedparser
Product : Fedora EPEL 5
Version : 5.0.1
Release : 1.el5
URL : http://feedparser.org/
Summary : Parse RSS and Atom feeds in Python
Description :
Universal Feed Parser is a Python module for downloading and parsing
syndicated feeds. It can handle RSS 0.90, Netscape RSS 0.91,
Userland RSS 0.91, RSS 0.92, RSS 0.93, RSS 0.94, RSS 1.0, RSS 2.0,
Atom 0.3, Atom 1.0, and CDF feeds. It also parses several popular extension
modules, including Dublin Core and Apple's iTunes extensions.
--------------------------------------------------------------------------------
Update Information:
Current release: 5.0.1 - February 20, 2011
* Fix issue 91 (invalid text in XML declaration causes sanitizer to crash)
* Fix issue 254 (sanitization can be bypassed by malformed XML comments)
* Fix issue 255 (sanitizer doesn't strip unsafe URI schemes)
Previous release: 5.0 - January 25, 2011
* Improved MathML support
* Support microformats (rel-tag, rel-enclosure, xfn, hcard)
* Support IRIs
* Allow safe CSS through sanitization
* Allow safe HTML5 through sanitization
* Support SVG
* Support inline XML entity declarations
* Support unescaped quotes and angle brackets in attributes
* Support additional date formats
* Added the request_headers argument to parse()
* Added the response_headers argument to parse()
* Support multiple entry, feed, and source authors
* Officially make Python 2.4 the earliest supported version
* Support Python 3
* Bug fixes, bug fixes, bug fixes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #684877 - CVE-2009-5065 CVE-2011-1156 CVE-2011-1157 CVE-2011-1158 python-feedparser: multiple flaws corrected in version 5.1
https://bugzilla.redhat.com/show_bug.cgi?id=684877
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update python-feedparser' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------