Fedora EPEL 6 Update: plowshare-0.9.4-0.44.20130901git.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2013-11452
2013-09-05 18:13:21
--------------------------------------------------------------------------------
Name : plowshare
Product : Fedora EPEL 6
Version : 0.9.4
Release : 0.44.20130901git.el6
URL : http://plowshare.googlecode.com
Summary : Download and upload files from file-sharing websites
Description :
plowshare is a command-line downloader/uploader for some of the most popular
file-sharing websites. It works on UNIX-like systems and presently supports
Megaupload, Rapidshare, 2Shared, 4Shared, ZShare, Badongo, Depositfiles,
Mediafire, Netload.in, Storage.to, Uploaded.to, Uploading.com, Sendspace,
Usershare, X7.to and others.
--------------------------------------------------------------------------------
Update Information:
Update to new upstream snapshot.
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update plowshare' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 8 months
Fedora EPEL 6 Update: python-parse-1.6.2-4.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2013-11367
2013-08-28 15:56:59
--------------------------------------------------------------------------------
Name : python-parse
Product : Fedora EPEL 6
Version : 1.6.2
Release : 4.el6
URL : http://pypi.python.org/pypi/parse
Summary : Opposite of format()
Description :
Parse strings using a specification based on the Python format() syntax.
``parse()`` is the opposite of ``format()``
--------------------------------------------------------------------------------
Update Information:
The intial version of the package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #987619 - Review Request: python-parse - Opposite of format()
https://bugzilla.redhat.com/show_bug.cgi?id=987619
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update python-parse' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 8 months
[SECURITY] Fedora EPEL 6 Update: python-pyrad-2.0-3.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2013-11453
2013-09-05 18:13:22
--------------------------------------------------------------------------------
Name : python-pyrad
Product : Fedora EPEL 6
Version : 2.0
Release : 3.el6
URL : https://github.com/wichert/pyrad
Summary : Python RADIUS client
Description :
pyrad is an implementation of a RADIUS client as described in RFC2865.
It takes care of all the details like building RADIUS packets, sending
them and decoding responses.
--------------------------------------------------------------------------------
Update Information:
* Better random number generator
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #911682 - CVE-2013-0294 python-pyrad: poor randomness leads to predictable password hashing and RADIUS IDs
https://bugzilla.redhat.com/show_bug.cgi?id=911682
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update python-pyrad' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 8 months
[SECURITY] Fedora EPEL 5 Update: python-pyrad-1.1-3.el5
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2013-11460
2013-09-05 18:13:42
--------------------------------------------------------------------------------
Name : python-pyrad
Product : Fedora EPEL 5
Version : 1.1
Release : 3.el5
URL : http://www.wiggy.net/code/pyrad/
Summary : Python RADIUS client
Description :
This is an implementation of a RADIUS client as described in RFC2865.
It takes care of all the details like building RADIUS packets, sending
them and decoding responses.
--------------------------------------------------------------------------------
Update Information:
* Better random number generator
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #911682 - CVE-2013-0294 python-pyrad: poor randomness leads to predictable password hashing and RADIUS IDs
https://bugzilla.redhat.com/show_bug.cgi?id=911682
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update python-pyrad' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 8 months
Fedora EPEL 6 Update: msmtp-1.4.31-1.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2013-11413
2013-09-02 17:10:36
--------------------------------------------------------------------------------
Name : msmtp
Product : Fedora EPEL 6
Version : 1.4.31
Release : 1.el6
URL : http://msmtp.sourceforge.net
Summary : SMTP client
Description :
It forwards messages to an SMTP server which does the delivery.
Features include:
* Sendmail compatible interface (command line options and exit codes).
* Authentication methods PLAIN,LOGIN,CRAM-MD5,DIGEST-MD5,GSSAPI,and NTLM
* TLS/SSL both in SMTP-over-SSL mode and in STARTTLS mode.
* Fast SMTP implementation using command pipelining.
* Support for Internationalized Domain Names (IDN).
* DSN (Delivery Status Notification) support.
* RMQS (Remote Message Queue Starting) support (ETRN keyword).
* IPv6 support.
--------------------------------------------------------------------------------
Update Information:
* Ver. 1.4.31
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #868816 - msmtp-1.4.31 is available
https://bugzilla.redhat.com/show_bug.cgi?id=868816
[ 2 ] Bug #885764 - msmtp is not available in EPEL-6
https://bugzilla.redhat.com/show_bug.cgi?id=885764
[ 3 ] Bug #1003242 - No such branch
https://bugzilla.redhat.com/show_bug.cgi?id=1003242
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update msmtp' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 8 months
Fedora EPEL 5 Update: msmtp-1.4.31-1.el5
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2013-11412
2013-09-02 17:10:34
--------------------------------------------------------------------------------
Name : msmtp
Product : Fedora EPEL 5
Version : 1.4.31
Release : 1.el5
URL : http://msmtp.sourceforge.net
Summary : SMTP client
Description :
It forwards messages to an SMTP server which does the delivery.
Features include:
* Sendmail compatible interface (command line options and exit codes).
* Authentication methods PLAIN,LOGIN,CRAM-MD5,DIGEST-MD5,GSSAPI,and NTLM
* TLS/SSL both in SMTP-over-SSL mode and in STARTTLS mode.
* Fast SMTP implementation using command pipelining.
* Support for Internationalized Domain Names (IDN).
* DSN (Delivery Status Notification) support.
* RMQS (Remote Message Queue Starting) support (ETRN keyword).
* IPv6 support.
--------------------------------------------------------------------------------
Update Information:
* Ver. 1.4.31
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #868816 - msmtp-1.4.31 is available
https://bugzilla.redhat.com/show_bug.cgi?id=868816
[ 2 ] Bug #885764 - msmtp is not available in EPEL-6
https://bugzilla.redhat.com/show_bug.cgi?id=885764
[ 3 ] Bug #1003242 - No such branch
https://bugzilla.redhat.com/show_bug.cgi?id=1003242
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update msmtp' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 8 months
Fedora EPEL 6 Update: qrencode-3.4.2-1.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2013-11436
2013-09-04 17:14:31
--------------------------------------------------------------------------------
Name : qrencode
Product : Fedora EPEL 6
Version : 3.4.2
Release : 1.el6
URL : http://fukuchi.org/works/qrencode/
Summary : Generate QR 2D barcodes
Description :
Qrencode is a utility software using libqrencode to encode string data in
a QR Code and save as a PNG image.
--------------------------------------------------------------------------------
Update Information:
Initial release for EPEL
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #926414 - qrencode: Does not support aarch64 in f19 and rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=926414
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update qrencode' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 8 months
Fedora EPEL 6 Update: perl-Unicode-UTF8-0.59-3.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2013-11446
2013-09-04 17:15:02
--------------------------------------------------------------------------------
Name : perl-Unicode-UTF8
Product : Fedora EPEL 6
Version : 0.59
Release : 3.el6
URL : http://search.cpan.org/dist/Unicode-UTF8/
Summary : Encoding and decoding of UTF-8 encoding form
Description :
This module provides functions to encode and decode UTF-8 encoding form as
specified by Unicode and ISO/IEC 10646:2011.
--------------------------------------------------------------------------------
Update Information:
This is the first Fedora/EPEL release of perl-Unicode-UTF8.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1003650 - Review Request: perl-Unicode-UTF8 - Encoding and decoding of UTF-8 encoding form
https://bugzilla.redhat.com/show_bug.cgi?id=1003650
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update perl-Unicode-UTF8' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 8 months
Fedora EPEL 6 Update: davix-0.2.6-1.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2013-11425
2013-09-03 16:08:21
--------------------------------------------------------------------------------
Name : davix
Product : Fedora EPEL 6
Version : 0.2.6
Release : 1.el6
URL : https://svnweb.cern.ch/trac/lcgutil/wiki/davix
Summary : Toolkit for Http-based file management
Description :
Davix is a toolkit designed for file operations
with Http based protocols (WebDav, Amazon S3, ...).
Davix provides an API and a set of command line tools.
--------------------------------------------------------------------------------
Update Information:
Release 0.2.6 davix
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update davix' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 8 months
[SECURITY] Fedora EPEL 6 Update: perl-Crypt-DSA-1.17-10.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2013-11445
2013-09-04 17:15:00
--------------------------------------------------------------------------------
Name : perl-Crypt-DSA
Product : Fedora EPEL 6
Version : 1.17
Release : 10.el6
URL : http://search.cpan.org/dist/Crypt-DSA/
Summary : Perl module for DSA signatures and key generation
Description :
Crypt::DSA is an implementation of the DSA (Digital Signature Algorithm)
signature verification system. This package provides DSA signing, signature
verification, and key generation.
--------------------------------------------------------------------------------
Update Information:
As taught by the '09 Debian PGP disaster relating to DSA, the randomness source is extremely important. On systems without /dev/random, Crypt::DSA falls back to using Data::Random. Data::Random uses rand(), about which the perldoc says "rand() is not cryptographically secure. You should not rely on it in security-sensitive situations." In the case of DSA, this is even worse. Using improperly secure randomness sources can compromise the signing key upon signature of a message.
See: http://rdist.root.org/2010/11/19/dsa-requirements-for-random-k-value/
It might seem that this would not affect Linux since /dev/random is always available and so the fall back to Data::Random would never happen. However, if an application is confined using a MAC system such as SELinux then access to /dev/random could be denied by policy and the fall back would be triggered.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #743567 - CVE-2011-3599 perl-Crypt-DSA: Cryptographically insecure method used for random numbers generation on systems without /dev/random
https://bugzilla.redhat.com/show_bug.cgi?id=743567
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update perl-Crypt-DSA' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 8 months