[SECURITY] Fedora EPEL 6 Update: nodejs-send-0.3.0-4.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-2821
2014-09-24 23:01:24
--------------------------------------------------------------------------------
Name : nodejs-send
Product : Fedora EPEL 6
Version : 0.3.0
Release : 4.el6
URL : https://github.com/visionmedia/send
Summary : Better streaming static file server with Range and conditional-GET support
Description :
Send is Connect's static() extracted for generalized use, a streaming static
file server supporting partial responses (Ranges), conditional-GET
negotiation, high test coverage, and granular events which may be leveraged
to take appropriate actions in your application or framework.
--------------------------------------------------------------------------------
Update Information:
When relying on the root option to restrict file access it may be possible for an application consumer to escape out of the restricted directory and access files in a similarly named directory. For example, static(_dirname + '/public') would allow access to _dirname + '/public-restricted'.
https://nodesecurity.io/advisories/send-directory-traversal
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1146063 - CVE-2014-6394 nodejs-send: directory traversal vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=1146063
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update nodejs-send' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
9 years, 5 months
Fedora EPEL 7 Update: CBFlib-0.9.5.1-1.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-3144
2014-10-07 23:41:10
--------------------------------------------------------------------------------
Name : CBFlib
Product : Fedora EPEL 7
Version : 0.9.5.1
Release : 1.el7
URL : http://www.bernstein-plus-sons.com/software/CBF
Summary : Crystallographic Binary File and Image Library
Description :
CBFlib (Crystallographic Binary File library) is a library of ANSI-C
functions providing a simple mechanism for accessing Crystallographic
Binary Files (CBF files) and Image-supporting CIF (imgCIF) files. The
CBFlib API is loosely based on the CIFPARSE API for mmCIF files. Like
CIFPARSE, CBFlib does not perform any semantic integrity checks;
rather it simply provides functions to create, read, modify and write
CBF binary data files and imgCIF ASCII data files.
--------------------------------------------------------------------------------
Update Information:
initial release for EPEL7
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update CBFlib' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
9 years, 5 months
Fedora EPEL 7 Update: perl-Safe-Isa-1.000005-2.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-3393
2014-10-14 17:20:14
--------------------------------------------------------------------------------
Name : perl-Safe-Isa
Product : Fedora EPEL 7
Version : 1.000005
Release : 2.el7
URL : http://search.cpan.org/dist/Safe-Isa/
Summary : Call isa, can, does and DOES safely on things that may not be objects
Description :
How many times have you found yourself writing:
if ($obj->isa('Something')) {
and then shortly afterwards cursing and changing it to:
if (Scalar::Util::blessed($obj) and $obj->isa('Something')) {
Right. That's why this module exists.
--------------------------------------------------------------------------------
Update Information:
This is the first EPEL release of perl-Safe-Isa.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #855656 - Review Request: perl-Safe-Isa - Call isa, can, does and DOES safely on things that may not be objects
https://bugzilla.redhat.com/show_bug.cgi?id=855656
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update perl-Safe-Isa' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
9 years, 5 months
Fedora EPEL 6 Update: php-horde-Horde-Imap-Client-2.25.2-1.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-3385
2014-10-14 17:19:50
--------------------------------------------------------------------------------
Name : php-horde-Horde-Imap-Client
Product : Fedora EPEL 6
Version : 2.25.2
Release : 1.el6
URL : http://pear.horde.org
Summary : Horde IMAP abstraction interface
Description :
An abstracted API interface to various IMAP4rev1 (RFC 3501) backend
drivers.
--------------------------------------------------------------------------------
Update Information:
Horde_Imap_Client 2.25.2
* [mms] Add support for UTF8 extension for POP3 servers (RFC 6856).
* [mms] Add support for LANG extension for POP3 servers (RFC 6856).
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update php-horde-Horde-Imap-Client' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
9 years, 5 months
Fedora EPEL 5 Update: glue-schema-2.0.11-1.el5
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-3331
2014-10-13 20:53:58
--------------------------------------------------------------------------------
Name : glue-schema
Product : Fedora EPEL 5
Version : 2.0.11
Release : 1.el5
URL : http://forge.ogf.org/sf/projects/glue-wg
Summary : LDAP schema files for the GLUE 1.3 and GLUE 2.0 Schema
Description :
The GLUE specification is an information model for Grid entities such
as computing clusters and data storage facilities. As a conceptual
model, it is designed to be independent from the concrete data models
adopted for its implementation. The specification can be rendered to
several concrete data models such as XML Schema, LDAP Schema or SQL.
This package provides LDAP schema files for the GLUE 1.3 and GLUE 2.0 Schema.
--------------------------------------------------------------------------------
Update Information:
BDII 5.2.23
* http://gridinfo.web.cern.ch/sys-admins/bdii-releases/bdii-5223-1
glue-schema 2.0.11
* http://gridinfo.web.cern.ch/sys-admins/bdii-releases/glue-schema-2011-1
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update glue-schema' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
9 years, 5 months
Fedora EPEL 5 Update: bdii-5.2.23-1.el5
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-3331
2014-10-13 20:53:58
--------------------------------------------------------------------------------
Name : bdii
Product : Fedora EPEL 5
Version : 5.2.23
Release : 1.el5
URL : http://gridinfo.web.cern.ch/
Summary : The Berkeley Database Information Index (BDII)
Description :
The Berkeley Database Information Index (BDII) consists of a standard
LDAP database which is updated by an external process. The update process
obtains LDIF from a number of sources and merges them. It then compares
this to the contents of the database and creates an LDIF file of the
differences. This is then used to update the database.
--------------------------------------------------------------------------------
Update Information:
BDII 5.2.23
* http://gridinfo.web.cern.ch/sys-admins/bdii-releases/bdii-5223-1
glue-schema 2.0.11
* http://gridinfo.web.cern.ch/sys-admins/bdii-releases/glue-schema-2011-1
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update bdii' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
9 years, 5 months
Fedora EPEL 6 Update: golang-github-influxdb-influxdb-0.8.0-0.3.rc4.git67f9869.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-3268
2014-10-10 21:11:04
--------------------------------------------------------------------------------
Name : golang-github-influxdb-influxdb
Product : Fedora EPEL 6
Version : 0.8.0
Release : 0.3.rc4.git67f9869.el6
URL : http://godoc.org/github.com/influxdb/influxdb
Summary : Scalable datastore for metrics, events, and real-time analytics
Description :
InfluxDB is an open source distributed time series database with no external
dependencies. It's useful for recording metrics, events, and performing
analytics.
It has a built-in HTTP API so you don't have to write any server side code to
get up and running.
InfluxDB is designed to be scalable, simple to install and manage, and fast to
get data in and out.
It aims to answer queries in real-time. That means every data point is indexed
as it comes in and is immediately available in queries that should return
in < 100ms.
--------------------------------------------------------------------------------
Update Information:
Add subpackages (client for kubernetes, datastore for databases, devel for all)
Resolves: rhbz#1141892 - initial package upload
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1141892 - Review Request: golang-github-influxdb-influxdb - Golang client libs for influxdb
https://bugzilla.redhat.com/show_bug.cgi?id=1141892
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update golang-github-influxdb-influxdb' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
9 years, 5 months
Fedora EPEL 5 Update: openblas-0.2.12-1.el5
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-3342
2014-10-14 17:17:53
--------------------------------------------------------------------------------
Name : openblas
Product : Fedora EPEL 5
Version : 0.2.12
Release : 1.el5
URL : https://github.com/xianyi/OpenBLAS/
Summary : An optimized BLAS library based on GotoBLAS2
Description :
OpenBLAS is an optimized BLAS library based on GotoBLAS2 1.13 BSD
version. The project is supported by the Lab of Parallel Software and
Computational Science, ISCAS. http://www.rdcps.ac.cn
--------------------------------------------------------------------------------
Update Information:
Update to 0.2.12 with improved gemv performance on modern Intel and AMD CPUs. See other changes at https://github.com/xianyi/OpenBLAS/releases/tag/v0.2.12
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1118644 - openblas-0.2.12 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1118644
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update openblas' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
9 years, 5 months
Fedora EPEL 7 Update: vamp-plugin-sdk-2.5-4.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-3353
2014-10-14 17:18:25
--------------------------------------------------------------------------------
Name : vamp-plugin-sdk
Product : Fedora EPEL 7
Version : 2.5
Release : 4.el7
URL : http://www.vamp-plugins.org/
Summary : An API for audio analysis and feature extraction plugins
Description :
Vamp is an API for C and C++ plugins that process sampled audio data
to produce descriptive output (measurements or semantic observations).
--------------------------------------------------------------------------------
Update Information:
vamp-plugin-sdk for EPEL7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1148151 - Please package vamp-plugin-sdk for EPEL7
https://bugzilla.redhat.com/show_bug.cgi?id=1148151
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update vamp-plugin-sdk' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
9 years, 5 months
Fedora EPEL 7 Update: t1utils-1.37-7.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-3390
2014-10-14 17:20:06
--------------------------------------------------------------------------------
Name : t1utils
Product : Fedora EPEL 7
Version : 1.37
Release : 7.el7
URL : http://www.lcdf.org/~eddietwo/type/
Summary : Collection of Type 1 and 2 font manipulation utilities
Description :
t1utils is a collection of programs for manipulating PostScript type 1
and type 2 fonts containing programs to convert between PFA (ASCII)
format, PFB (binary) format, a human-readable and editable ASCII
format, and Macintosh resource forks.
--------------------------------------------------------------------------------
Update Information:
t1utils is a collection of programs for manipulating PostScript type 1 and type 2 fonts containing programs to convert between PFA (ASCII) format, PFB (binary) format, a human-readable and editable ASCII format, and Macintosh resource forks.
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update t1utils' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
9 years, 5 months