October 2008 - package-announce - Fedora Mailing-Lists

[SECURITY] Fedora 9 Update: drupal-6.6-1.fc9

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2008-9213 2008-10-30 11:39:59 -------------------------------------------------------------------------------- Name : drupal Product : Fedora 9 Version : 6.6 Release : 1.fc9 URL : http://www.drupal.org Summary : An open-source content-management platform Description : Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. -------------------------------------------------------------------------------- Update Information: Update to 6.6, security fixes: SA-2008-067 ( http://drupal.org/node/324824 ) ------------DESCRIPTION------------ Multiple vulnerabilities and weaknesses were discovered in Drupal. ------------FILE INCLUSION------------ On a server configured for IP-based virtual hosts, Drupal may be caused to include and execute specifically named files outside of its root directory. This bug affects both Drupal 5 and Drupal 6. ------------CROSS SITE SCRIPTING------------ The title of book pages is not always properly escaped, enabling users with the "create book content" permission or the permission to edit any node in the book hierarchy to insert arbitrary HTML and script code into pages. Such a Cross site scripting [ http://en.wikipedia.org/wiki/Cross- site_scripting ] attack may lead to the attacker gaining administrator access. This bug affects Drupal 6. Remember to log in to your site as the admin user before upgrading this package. After upgrading the package, browse to http://host/drupal/update.php to run the upgrade script. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 22 2008 Jon Ciesla <limb(a)jcomserv.net> - 6.6-1 - Upgrade to 6.6, SA-2008-067. * Thu Oct 9 2008 Jon Ciesla <limb(a)jcomserv.net> - 6.5-1 - Upgrade to 6.5, SA-2008-060. - Added notes to README and drupal.conf re CVE-2008-3661. * Thu Aug 14 2008 Jon Ciesla <limb(a)jcomserv.net> - 6.4-1 - Upgrade to 6.4, SA-2008-047. * Thu Jul 10 2008 Jon Ciesla <limb(a)jcomserv.net> - 6.3-1 - Upgrade to 6.3, upstream security fixes, SA-2008-044. -------------------------------------------------------------------------------- References: [ 1 ] Bug #468422 - drupal: File inclusion, XSS vulnerability (SA-2008-067) https://bugzilla.redhat.com/show_bug.cgi?id=468422 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update drupal' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys --------------------------------------------------------------------------------

15 years, 6 months

1
0
0 / 0

Fedora 9 Update: python-tidy-0.2-4.fc9

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2008-8964 2008-10-30 11:39:51 -------------------------------------------------------------------------------- Name : python-tidy Product : Fedora 9 Version : 0.2 Release : 4.fc9 URL : http://utidylib.berlios.de/ Summary : Python wrapper for tidy, from the HTML tidy project Description : Python wrapper (bindings) for tidylib, this allows you to tidy HTML files through a Pythonic interface. -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 18 2008 Terje Rosten <terjeros(a)phys.ntnu.no> - 0.2-4 - Not 64 bits clean, #467246, thanks to Jose Pedro Oliveira for report and patch. -------------------------------------------------------------------------------- References: [ 1 ] Bug #467246 - python-tidy: the bindings are not 64bit safe https://bugzilla.redhat.com/show_bug.cgi?id=467246 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update python-tidy' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys --------------------------------------------------------------------------------

15 years, 6 months

1
0
0 / 0

Fedora 8 Update: httperf-0.9.0-2.fc8

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2008-8943 2008-10-30 11:39:37 -------------------------------------------------------------------------------- Name : httperf Product : Fedora 8 Version : 0.9.0 Release : 2.fc8 URL : http://www.hpl.hp.com/research/linux/httperf/ Summary : Tool for measuring web server performance Description : Httperf is a tool for measuring web server performance. It provides a flexible facility for generating various HTTP workloads and for measuring server performance. The focus of httperf is not on implementing one particular benchmark but on providing a robust, high-performance tool that facilitates the construction of both micro- and macro-level benchmarks. The three distinguishing characteristics of httperf are its robustness, which includes the ability to generate and sustain server overload, support for the HTTP/1.1 and SSL protocols, and its extensibility to new workload generators and performance measurements. -------------------------------------------------------------------------------- Update Information: New package: Httperf is a tool for measuring web server performance. -------------------------------------------------------------------------------- References: [ 1 ] Bug #460707 - Review Request: httperf - Tool for measuring web server performance https://bugzilla.redhat.com/show_bug.cgi?id=460707 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update httperf' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys --------------------------------------------------------------------------------

15 years, 6 months

1
0
0 / 0

Fedora 8 Update: remoot-0.9-3.fc8

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2008-9053 2008-10-30 11:39:37 -------------------------------------------------------------------------------- Name : remoot Product : Fedora 8 Version : 0.9 Release : 3.fc8 URL : http://remoot.sourceforge.net/ Summary : ReMoot is a remote control wrapper Description : ReMoot is a remote control that supports many popular multimedia applications running on GNU/Linux. It wraps around these apps and provides a unified and easy-to-use interface which can be accessed in many different ways. You can use the remote control from the command-line, with desktop icons or panel buttons, over the web with "rewwwoot" or by mapping your multimedia keyboard to it so that you can control all supported applications with the same keys. -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update remoot' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys --------------------------------------------------------------------------------

15 years, 6 months

1
0
0 / 0

Fedora 9 Update: tcl-snack-2.2.10-6.fc9

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2008-9088 2008-10-30 11:39:30 -------------------------------------------------------------------------------- Name : tcl-snack Product : Fedora 9 Version : 2.2.10 Release : 6.fc9 URL : http://www.speech.kth.se/snack/ Summary : Sound toolkit Description : The Snack Sound Toolkit is designed to be used with a scripting language such as Tcl/Tk or Python. Using Snack you can create powerful multi-platform audio applications with just a few lines of code. Snack has commands for basic sound handling, such as playback, recording, file and socket I/O. Snack also provides primitives for sound visualization, e.g. waveforms and spectrograms. It was developed mainly to handle digital recordings of speech, but is just as useful for general audio. Snack has also successfully been applied to other one-dimensional signals. The combination of Snack and a scripting language makes it possible to create sound tools and applications with a minimum of effort. This is due to the rapid development nature of scripting languages. As a bonus you get an application that is cross-platform from start. It is also easy to integrate Snack based applications with existing sound analysis software. -------------------------------------------------------------------------------- Update Information: Disable broken ALSA support -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- References: [ 1 ] Bug #463259 - /usr/lib/tcl8.5/snack2.2/libsnack.so: undefined symbol: _snd_pcm_mmap_hw_ptr https://bugzilla.redhat.com/show_bug.cgi?id=463259 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update tcl-snack' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys --------------------------------------------------------------------------------

15 years, 6 months

1
0
0 / 0

Fedora 9 Update: iml-1.0.2-4.fc9

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2008-9208 2008-10-30 11:39:25 -------------------------------------------------------------------------------- Name : iml Product : Fedora 9 Version : 1.0.2 Release : 4.fc9 URL : http://www.cs.uwaterloo.ca/~z4chen/iml.html Summary : Finds solutions to systems of linear equations over integers Description : IML package provides efficient routines to solve nonsingular systems of linear equations, certified solve any shape systems of linear equations, and perform mod p matrix operations, such as computing row-echelon form, determinant, rank profile, inverse of a mod p matrix. -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update iml' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys --------------------------------------------------------------------------------

15 years, 6 months

1
0
0 / 0

Fedora 8 Update: kdesvn-1.0.4-1.fc8

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2008-9206 2008-10-30 11:39:14 -------------------------------------------------------------------------------- Name : kdesvn Product : Fedora 8 Version : 1.0.4 Release : 1.fc8 URL : http://kdesvn.alwins-world.de/ Summary : A subversion client for KDE with KIO integration Description : KDESvn is a frontend to the subversion vcs. In difference to most other tools it uses the subversion C-Api direct via a c++ wrapper made by Rapid SVN and doesn't parse the output of the subversion client. So it is a real client itself instead of a frontend to the command line tool. It is designed for the K-Desktop environment and uses all of the goodies it has. It is planned for future that based on the native client some plugins for konqueror and/or kate will made. -------------------------------------------------------------------------------- Update Information: Update to 1.0.4. Replace broken 1.0.3 build. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 24 2008 - Orion Poplawski <orion(a)cora.nwra.com> - 1.0.4-1 - Update to 1.0.4 * Fri Oct 3 2008 - Orion Poplawski <orion(a)cora.nwra.com> - 1.0.3-1 - Update to 1.0.3 * Mon Sep 29 2008 - Orion Poplawski <orion(a)cora.nwra.com> - 1.0.2-1 - Update to 1.0.2 - Add BR sqlite-devel needed for Qt3 build * Thu Aug 7 2008 - Orion Poplawski <orion(a)cora.nwra.com> - 1.0.0-1 - Update to 1.0.0 - Drop png patch applied upstream - Update asneeded patch - Handle multiple languages * Tue Jul 15 2008 - Orion Poplawski <orion(a)cora.nwra.com> - 0.14.6-1 - Update to 0.14.6 * Mon May 19 2008 - Orion Poplawski <orion(a)cora.nwra.com> - 0.14.4-1 - Update to 0.14.4 * Tue May 6 2008 - Orion Poplawski <orion(a)cora.nwra.com> - 0.14.3-1 - Update to 0.14.3 * Tue Feb 19 2008 Fedora Release Engineering <rel-eng(a)fedoraproject.org> - 0.14.1-4 - Autorebuild for GCC 4.3 * Tue Dec 11 2007 Alex Lancaster <alexlan[AT]fedoraproject.org> - 0.14.1-3 - BuildRequires: kdelibs-devel -> kdelibs3-devel * Tue Dec 11 2007 Alex Lancaster <alexlan[AT]fedoraproject.org> - 0.14.1-2 - Rebuild for new openssl/openldap * Mon Nov 19 2007 - Orion Poplawski <orion(a)cora.nwra.com> - 0.14.1-1 - Update to 0.14.1 - Link libsvnqt.so with --as-needed - Add patch to fix bug #388821 (dangling symlinks) -------------------------------------------------------------------------------- References: [ 1 ] Bug #468468 - Completely unusable kdesvn 1.0.3 pushed to F8 stable updates https://bugzilla.redhat.com/show_bug.cgi?id=468468 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update kdesvn' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys --------------------------------------------------------------------------------

15 years, 6 months

1
0
0 / 0

[SECURITY] Fedora 9 Update: libtirpc-0.1.7-20.fc9

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2008-9204 2008-10-30 11:39:02 -------------------------------------------------------------------------------- Name : libtirpc Product : Fedora 9 Version : 0.1.7 Release : 20.fc9 URL : http://nfsv4.bullopensource.org/ Summary : Transport Independent RPC Library Description : This package contains SunLib's implementation of transport-independent RPC (TI-RPC) documentation. This library forms a piece of the base of Open Network Computing (ONC), and is derived directly from the Solaris 2.3 source. TI-RPC is an enhanced version of TS-RPC that requires the UNIX System V Transport Layer Interface (TLI) or an equivalent X/Open Transport Interface (XTI). TI-RPC is on-the-wire compatible with the TS-RPC, which is supported by almost 70 vendors on all major operating systems. TS-RPC source code (RPCSRC 4.0) remains available from several internet sites. -------------------------------------------------------------------------------- Update Information: CVE-2008-4619 -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2008 Steve Dickson <steved(a)redhat.com> 0.1.7-20 - Fix bad assumption taddr2uaddr processing that caused a segfault (bz468014) * Tue Sep 16 2008 Steve Dickson <steved(a)redhat.com> 0.1.7-19 - Added super-H(sh3,sh4) architecture support - Updated COPYING with new license agreement - Fix incorrect sizeof() in __rpc_getbroadifs - Fix for taddr2addr conversion bug of local addresses - Fixed some of warnings in: src/auth_time.c, src/clnt_dg.c and src/clnt_raw.c -------------------------------------------------------------------------------- References: [ 1 ] Bug #468014 - CVE-2008-4619 libtirpc: rpcbind DoS in the taddr2uaddr XDR_DECODE https://bugzilla.redhat.com/show_bug.cgi?id=468014 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update libtirpc' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys --------------------------------------------------------------------------------

15 years, 6 months

1
0
0 / 0

Fedora 9 Update: libchewing-0.3.1-0.fc9

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2008-8874 2008-10-30 11:38:55 -------------------------------------------------------------------------------- Name : libchewing Product : Fedora 9 Version : 0.3.1 Release : 0.fc9 URL : http://chewing.csie.net/ Summary : Intelligent phonetic input method library for Traditional Chinese Description : libchewing is an intelligent phonetic input method library for Chinese. It provides the core algorithm and logic that can be used by various input methods. The Chewing input method is a smart bopomofo phonetics input method that is useful for inputting Mandarin Chinese. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 8 2008 Ding-Yi Chen <dchen at redhat dot com> - 0.3.1-0 - Upstream update. * Wed Sep 17 2008 Ding-Yi Chen <dchen at redhat dot com> - 0.3.0.901-0 - Upstream update. * Thu May 29 2008 Tom "spot" Callaway <tcallawa(a)redhat.com> - 0.3.0-12 - fix license tag * Tue Apr 22 2008 Caius Chance <cchance(a)redhat.com> - 0.3.0-11.fc10 - Resolves: rhbz195416 (Initial input mode between Chinese and English.) -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update libchewing' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys --------------------------------------------------------------------------------

15 years, 6 months

1
0
0 / 0

Fedora 9 Update: opticalraytracer-1.2-1.fc9

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2008-8701 2008-10-30 11:38:55 -------------------------------------------------------------------------------- Name : opticalraytracer Product : Fedora 9 Version : 1.2 Release : 1.fc9 URL : http://arachnoid.com/OpticalRayTracer/index.html Summary : Utility that analyzes systems of lenses Description : OpticalRayTracer is a X Window GUI-based utility that analyzes systems of lenses. It uses optical principles and a virtual optical bench to predict the behavior of many kinds of ordinary and exotic lens types. OpticalRayTracer includes an advanced, easy-to-use interface that allows the user to rearrange the optical configuration by simply dragging lenses around using the mouse. -------------------------------------------------------------------------------- Update Information: Initial release. -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- References: [ 1 ] Bug #461897 - Review Request: opticalraytracer - OpticalRayTracer is a Linux utility that analyzes systems of lenses https://bugzilla.redhat.com/show_bug.cgi?id=461897 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update opticalraytracer' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys --------------------------------------------------------------------------------

15 years, 6 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

package-announce October 2008