Fedora 7 Update: postgresql-8.2.7-1.fc7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-2688
2008-03-26 16:47:21
--------------------------------------------------------------------------------
Name : postgresql
Product : Fedora 7
Version : 8.2.7
Release : 1.fc7
URL : http://www.postgresql.org/
Summary : PostgreSQL client programs and libraries
Description :
PostgreSQL is an advanced Object-Relational database management system
(DBMS) that supports almost all SQL constructs (including
transactions, subselects and user-defined types and functions). The
postgresql package includes the client programs and libraries that
you'll need to access a PostgreSQL DBMS server. These PostgreSQL
client programs are programs that directly manipulate the internal
structure of PostgreSQL databases on a PostgreSQL server. These client
programs can be located on the same machine with the PostgreSQL
server, or may be on a remote machine which accesses a PostgreSQL
server over a network connection. This package contains the docs
in HTML for the whole package, as well as command-line utilities for
managing PostgreSQL databases on a PostgreSQL server.
If you want to manipulate a PostgreSQL database on a remote PostgreSQL
server, you need this package. You also need to install this package
if you're installing the postgresql-server package.
--------------------------------------------------------------------------------
Update Information:
Update to PostgreSQL 8.2.7
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 26 2008 Tom Lane <tgl(a)redhat.com> 8.2.7-1
- Update to PostgreSQL 8.2.7
* Mon Jan 7 2008 Tom Lane <tgl(a)redhat.com> 8.2.6-1
- Update to PostgreSQL 8.2.6 to fix CVE-2007-4769, CVE-2007-4772,
CVE-2007-6067, CVE-2007-6600, CVE-2007-6601
- Make initscript and pam config files be installed unconditionally;
seems new buildroots don't necessarily have those directories in place
* Thu Sep 20 2007 Tom Lane <tgl(a)redhat.com> 8.2.5-1
- Update to PostgreSQL 8.2.5 and pgtcl 1.6.0
- Fix multilib problem for /usr/include/ecpg_config.h (which is new in 8.2.x)
- Use tzdata package's data files instead of private copy, so that
postgresql-server need not be turned for routine timezone updates
- Don't remove postgres user/group during RPM uninstall, per Fedora
packaging guidelines
- Recent perl changes in rawhide mean we need a more specific BuildRequires
* Wed Jun 20 2007 Tom Lane <tgl(a)redhat.com> 8.2.4-2
- Fix oversight in postgresql-test makefile: pg_regress isn't a shell script
anymore. Per upstream bug 3398.
* Tue Apr 24 2007 Tom Lane <tgl(a)redhat.com> 8.2.4-1
- Update to PostgreSQL 8.2.4 for CVE-2007-2138, data loss bugs
Resolves: #237682
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update postgresql' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------
16 years, 1 month
Fedora 7 Update: perl-Catalyst-Controller-BindLex-0.03-2.fc7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-2687
2008-03-26 16:47:16
--------------------------------------------------------------------------------
Name : perl-Catalyst-Controller-BindLex
Product : Fedora 7
Version : 0.03
Release : 2.fc7
URL : http://search.cpan.org/dist/Catalyst-Controller-BindLex/
Summary : Stash your lexical goodness
Description :
This plugin lets you put your lexicals on the stash and elsewhere
very easily.
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update perl-Catalyst-Controller-BindLex' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------
16 years, 1 month
Fedora 8 Update: python-ply-2.3-2.fc8.1
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-2684
2008-03-26 16:47:02
--------------------------------------------------------------------------------
Name : python-ply
Product : Fedora 8
Version : 2.3
Release : 2.fc8.1
URL : http://www.dabeaz.com/ply/
Summary : Python Lex-Yacc
Description :
PLY is a straightforward lex/yacc implementation. Here is a list of its
essential features:
* It is implemented entirely in Python.
* It uses LR-parsing which is reasonably efficient and well suited for larger
grammars.
* PLY provides most of the standard lex/yacc features including support
for empty productions, precedence rules, error recovery, and support
for ambiguous grammars.
* PLY is straightforward to use and provides very extensive error checking.
* PLY doesn't try to do anything more or less than provide the basic lex/yacc
functionality. In other words, it's not a large parsing framework or a
component of some larger system.
--------------------------------------------------------------------------------
Update Information:
Initial release.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update python-ply' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------
16 years, 1 month
[SECURITY] Fedora 8 Update: blam-1.8.3-14.fc8
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-2682
2008-03-26 16:46:54
--------------------------------------------------------------------------------
Name : blam
Product : Fedora 8
Version : 1.8.3
Release : 14.fc8
URL : http://www.cmartin.tk/blam.html
Summary : An RSS/RDF feed reader
Description :
Blam is a tool that helps you keep track of the growing
number of news feeds distributed as RSS. Blam lets you
subscribe to any number of feeds and provides an easy to
use and clean interface to stay up to date
--------------------------------------------------------------------------------
Update Information:
Mozilla Firefox is an open source Web browser. Several flaws were found in
the processing of some malformed web content. A web page containing such
malicious content could cause Firefox to crash or, potentially, execute
arbitrary code as the user running Firefox. (CVE-2008-1233, CVE-2008-1235,
CVE-2008-1236, CVE-2008-1237) Several flaws were found in the display of
malformed web content. A web page containing specially-crafted content could,
potentially, trick a Firefox user into surrendering sensitive information.
(CVE-2008-1234, CVE-2008-1238, CVE-2008-1241) All Firefox users should
upgrade to these updated packages, which correct these issues, and are rebuilt
against the update Firefox packages.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 25 2008 Christopher Aillon <caillon(a)redhat.com> - 1.8.3-14
- Rebuild against newer gecko
* Fri Feb 8 2008 Christopher Aillon <caillon(a)redhat.com> - 1.8.3-13
- Rebuild against newer gecko
* Tue Nov 27 2007 Christopher Aillon <caillon(a)redhat.com> - 1.8.3-12
- Rebuild against newer gecko
* Thu Nov 22 2007 Peter Gordon <peter(a)thecodergeek.com> - 1.8.3-11
- Fix CVE-2005-4790 (bug 252294).
* Tue Nov 13 2007 Peter Gordon <peter(a)thecodergeek.com> - 1.8.3-10
- Rebuild for new Gecko (Firefox 2.0.0.9).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #438721 - CVE-2008-1237 javascript crashes
https://bugzilla.redhat.com/show_bug.cgi?id=438721
[ 2 ] Bug #438713 - CVE-2008-1233 Mozilla products XPCNativeWrapper pollution
https://bugzilla.redhat.com/show_bug.cgi?id=438713
[ 3 ] Bug #438717 - CVE-2008-1235 chrome privilege via wrong principal
https://bugzilla.redhat.com/show_bug.cgi?id=438717
[ 4 ] Bug #438715 - CVE-2008-1234 universal XSS using event handlers
https://bugzilla.redhat.com/show_bug.cgi?id=438715
[ 5 ] Bug #438718 - CVE-2008-1236 browser engine crashes
https://bugzilla.redhat.com/show_bug.cgi?id=438718
[ 6 ] Bug #438724 - CVE-2008-1238 Referrer spoofing bug
https://bugzilla.redhat.com/show_bug.cgi?id=438724
[ 7 ] Bug #438730 - CVE-2008-1241 XUL popup spoofing
https://bugzilla.redhat.com/show_bug.cgi?id=438730
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update blam' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------
16 years, 1 month
[SECURITY] Fedora 8 Update: firefox-2.0.0.13-1.fc8
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-2682
2008-03-26 16:46:54
--------------------------------------------------------------------------------
Name : firefox
Product : Fedora 8
Version : 2.0.0.13
Release : 1.fc8
URL : http://www.mozilla.org/projects/firefox/
Summary : Mozilla Firefox Web browser.
Description :
Mozilla Firefox is an open-source web browser, designed for standards
compliance, performance and portability.
--------------------------------------------------------------------------------
Update Information:
Mozilla Firefox is an open source Web browser. Several flaws were found in
the processing of some malformed web content. A web page containing such
malicious content could cause Firefox to crash or, potentially, execute
arbitrary code as the user running Firefox. (CVE-2008-1233, CVE-2008-1235,
CVE-2008-1236, CVE-2008-1237) Several flaws were found in the display of
malformed web content. A web page containing specially-crafted content could,
potentially, trick a Firefox user into surrendering sensitive information.
(CVE-2008-1234, CVE-2008-1238, CVE-2008-1241) All Firefox users should
upgrade to these updated packages, which correct these issues, and are rebuilt
against the update Firefox packages.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 25 2008 Christopher Aillon <caillon(a)redhat.com> 2.0.0.13-1
- Update to 2.0.0.13
* Fri Feb 8 2008 Christopher Aillon <caillon(a)redhat.com> 2.0.0.12-1
- Update to 2.0.0.12
* Thu Dec 13 2007 Christopher Aillon <caillon(a)redhat.com> 2.0.0.10-3
- Fix the getStartPage method to not return blank.
Patch by pspencer(a)fields.utoronto.ca
* Wed Nov 28 2007 Christopher Aillon <caillon(a)redhat.com> 2.0.0.10-2
- Make Canvas.drawImage work again
* Mon Nov 26 2007 Christopher Aillon <caillon(a)redhat.com> 2.0.0.10-1
- Update to 2.0.0.10
* Mon Nov 5 2007 Martin Stransky <stransky(a)redhat.com> 2.0.0.9-1
- updated to the latest upstream
* Wed Oct 31 2007 Martin Stransky <stransky(a)redhat.com> 2.0.0.8-3
- added mozilla-plugin-config to startup script
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #438721 - CVE-2008-1237 javascript crashes
https://bugzilla.redhat.com/show_bug.cgi?id=438721
[ 2 ] Bug #438713 - CVE-2008-1233 Mozilla products XPCNativeWrapper pollution
https://bugzilla.redhat.com/show_bug.cgi?id=438713
[ 3 ] Bug #438717 - CVE-2008-1235 chrome privilege via wrong principal
https://bugzilla.redhat.com/show_bug.cgi?id=438717
[ 4 ] Bug #438715 - CVE-2008-1234 universal XSS using event handlers
https://bugzilla.redhat.com/show_bug.cgi?id=438715
[ 5 ] Bug #438718 - CVE-2008-1236 browser engine crashes
https://bugzilla.redhat.com/show_bug.cgi?id=438718
[ 6 ] Bug #438724 - CVE-2008-1238 Referrer spoofing bug
https://bugzilla.redhat.com/show_bug.cgi?id=438724
[ 7 ] Bug #438730 - CVE-2008-1241 XUL popup spoofing
https://bugzilla.redhat.com/show_bug.cgi?id=438730
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update firefox' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------
16 years, 1 month
[SECURITY] Fedora 8 Update: kazehakase-0.5.3-5.fc8
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-2682
2008-03-26 16:46:54
--------------------------------------------------------------------------------
Name : kazehakase
Product : Fedora 8
Version : 0.5.3
Release : 5.fc8
URL : http://kazehakase.sourceforge.jp/
Summary : Kazehakase browser using Gecko rendering engine
Description :
Kazehakase is a Web browser which aims to provide
a user interface that is truly user-friendly & fully customizable.
This package uses Gecko for HTML rendering engine.
If you want to use WebKit for HTML rendering engine, install
"kazehakase-webkit" rpm instead.
--------------------------------------------------------------------------------
Update Information:
Mozilla Firefox is an open source Web browser. Several flaws were found in
the processing of some malformed web content. A web page containing such
malicious content could cause Firefox to crash or, potentially, execute
arbitrary code as the user running Firefox. (CVE-2008-1233, CVE-2008-1235,
CVE-2008-1236, CVE-2008-1237) Several flaws were found in the display of
malformed web content. A web page containing specially-crafted content could,
potentially, trick a Firefox user into surrendering sensitive information.
(CVE-2008-1234, CVE-2008-1238, CVE-2008-1241) All Firefox users should
upgrade to these updated packages, which correct these issues, and are rebuilt
against the update Firefox packages.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 25 2008 Christopher Aillon <caillon(a)redhat.com> - 0.5.3-5
- Rebuild against newer gecko
* Wed Mar 5 2008 Mamoru Tasaka <mtasaka(a)ioa.s.u-tokyo.ac.jp> - 0.5.3-4
- Create kazehakase-base, split gecko.so from -base package
so that users can install only WebKit based package.
* Sun Mar 2 2008 Mamoru Tasaka <mtasaka(a)ioa.s.u-tokyo.ac.jp> - 0.5.3-3
- Support WebGTK
* Sat Mar 1 2008 Mamoru Tasaka <mtasaka(a)ioa.s.u-tokyo.ac.jp> - 0.5.3-1
- 0.5.3
* Fri Feb 29 2008 Mamoru Tasaka <mtasaka(a)ioa.s.u-tokyo.ac.jp> - 0.5.2-8.svn3410_trunk
- More try to use xulrunner
* GRE version fix
* Remove seemingly undesirable linking
* Sun Feb 24 2008 Mamoru Tasaka <mtasaka(a)ioa.s.u-tokyo.ac.jp> - 0.5.2-7.svn3391_trunk
- More try to use xulrunner
* Fix linkage for gecko.so
* Don't use MOZILLA_INTERNAL_API anymore
* NS_NewStorageStream should be changed to use xpcom
http://developer.mozilla.org/en/docs/Migrating_from_Internal_Linkage_to_F...
* Sat Feb 23 2008 Mamoru Tasaka <mtasaka(a)ioa.s.u-tokyo.ac.jp> - 0.5.2-2.svn3391_trunk
- F-9: Try latest svn for xulrunner
* Fri Feb 15 2008 Mamoru Tasaka <mtasaka(a)ioa.s.u-tokyo.ac.jp> - 0.5.2-1.2.svn3358
- F-9: Try latest svn for xulrunner
(Still build explicitly disabled. Now it builds, does not crash
but hangs eternally...)
* Sat Feb 9 2008 Mamoru Tasaka <mtasaka(a)ioa.s.u-tokyo.ac.jp>
- Rebuild for new gecko engine (F-7/F-8)
* Wed Jan 30 2008 Mamoru Tasaka <mtasaka(a)ioa.s.u-tokyo.ac.jp> - 0.5.2-1
- 0.5.2
* Tue Nov 27 2007 Christopher Aillon <caillon(a)redhat.com>
- F-7/8: Rebuild against newer gecko
* Mon Nov 12 2007 Mamoru Tasaka <mtasaka(a)ioa.s.u-tokyo.ac.jp> - 0.5.0-2
- F-9: try to switch to xulrunner
* Tue Nov 6 2007 Mamoru Tasaka <mtasaka(a)ioa.s.u-tokyo.ac.jp> - 0.5.0-1.dist.1
- Rebuild against new gecko engine
- Switch to use gecko virtual dependency (bug 352091)
* Mon Oct 29 2007 Mamoru Tasaka <mtasaka(a)ioa.s.u-tokyo.ac.jp> - 0.5.0-1
- 0.5.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #438721 - CVE-2008-1237 javascript crashes
https://bugzilla.redhat.com/show_bug.cgi?id=438721
[ 2 ] Bug #438713 - CVE-2008-1233 Mozilla products XPCNativeWrapper pollution
https://bugzilla.redhat.com/show_bug.cgi?id=438713
[ 3 ] Bug #438717 - CVE-2008-1235 chrome privilege via wrong principal
https://bugzilla.redhat.com/show_bug.cgi?id=438717
[ 4 ] Bug #438715 - CVE-2008-1234 universal XSS using event handlers
https://bugzilla.redhat.com/show_bug.cgi?id=438715
[ 5 ] Bug #438718 - CVE-2008-1236 browser engine crashes
https://bugzilla.redhat.com/show_bug.cgi?id=438718
[ 6 ] Bug #438724 - CVE-2008-1238 Referrer spoofing bug
https://bugzilla.redhat.com/show_bug.cgi?id=438724
[ 7 ] Bug #438730 - CVE-2008-1241 XUL popup spoofing
https://bugzilla.redhat.com/show_bug.cgi?id=438730
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update kazehakase' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------
16 years, 1 month
[SECURITY] Fedora 8 Update: chmsee-1.0.0-1.30.fc8
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-2682
2008-03-26 16:46:54
--------------------------------------------------------------------------------
Name : chmsee
Product : Fedora 8
Version : 1.0.0
Release : 1.30.fc8
URL : http://chmsee.gro.clinux.org/
Summary : A Gtk+2 CHM document viewer
Description :
A gtk2 chm document viewer.
It uses chmlib to extract files. It uses gecko to display pages. It supports
displaying multilingual pages due to gecko. It features bookmarks and tabs.
The tabs could be used to jump inside the chm file conveniently. Its UI is
clean and handy, also is well localized. It is actively developed and
maintained. The author of chmsee is Jungle Ji and several other great people.
Hint
* Unlike other chm viewers, chmsee extracts files from chm file, and then read
and display them. The extracted files could be found in $HOME/.chmsee/bookshelf
directory. You can clean those files at any time and there is a special config
option for that.
* The bookmark is related to each file so not all bookmarks will be loaded,
only current file's.
* Try to remove $HOME/.chmsee if you encounter any problem after an upgrade.
--------------------------------------------------------------------------------
Update Information:
Mozilla Firefox is an open source Web browser. Several flaws were found in
the processing of some malformed web content. A web page containing such
malicious content could cause Firefox to crash or, potentially, execute
arbitrary code as the user running Firefox. (CVE-2008-1233, CVE-2008-1235,
CVE-2008-1236, CVE-2008-1237) Several flaws were found in the display of
malformed web content. A web page containing specially-crafted content could,
potentially, trick a Firefox user into surrendering sensitive information.
(CVE-2008-1234, CVE-2008-1238, CVE-2008-1241) All Firefox users should
upgrade to these updated packages, which correct these issues, and are rebuilt
against the update Firefox packages.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 25 2008 Christopher Aillon <caillon(a)redhat.com> - 1.0.0-1.30
- Rebuild against newer gecko
* Tue Mar 4 2008 bbbush <bbbush.yuan(a)gmail.com> - 1.0.0-1.29
- re-add firefox_version
* Fri Feb 8 2008 Christopher Aillon <caillon(a)redhat.com> - 1.0.0-1.28
- Rebuild against newer gecko
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #438721 - CVE-2008-1237 javascript crashes
https://bugzilla.redhat.com/show_bug.cgi?id=438721
[ 2 ] Bug #438713 - CVE-2008-1233 Mozilla products XPCNativeWrapper pollution
https://bugzilla.redhat.com/show_bug.cgi?id=438713
[ 3 ] Bug #438717 - CVE-2008-1235 chrome privilege via wrong principal
https://bugzilla.redhat.com/show_bug.cgi?id=438717
[ 4 ] Bug #438715 - CVE-2008-1234 universal XSS using event handlers
https://bugzilla.redhat.com/show_bug.cgi?id=438715
[ 5 ] Bug #438718 - CVE-2008-1236 browser engine crashes
https://bugzilla.redhat.com/show_bug.cgi?id=438718
[ 6 ] Bug #438724 - CVE-2008-1238 Referrer spoofing bug
https://bugzilla.redhat.com/show_bug.cgi?id=438724
[ 7 ] Bug #438730 - CVE-2008-1241 XUL popup spoofing
https://bugzilla.redhat.com/show_bug.cgi?id=438730
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update chmsee' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------
16 years, 1 month
[SECURITY] Fedora 8 Update: openvrml-0.17.5-4.fc8
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-2682
2008-03-26 16:46:54
--------------------------------------------------------------------------------
Name : openvrml
Product : Fedora 8
Version : 0.17.5
Release : 4.fc8
URL : http://openvrml.org
Summary : VRML/X3D runtime library
Description :
OpenVRML is a VRML/X3D support library, including a runtime and facilities
for reading and displaying VRML and X3D models.
--------------------------------------------------------------------------------
Update Information:
Mozilla Firefox is an open source Web browser. Several flaws were found in
the processing of some malformed web content. A web page containing such
malicious content could cause Firefox to crash or, potentially, execute
arbitrary code as the user running Firefox. (CVE-2008-1233, CVE-2008-1235,
CVE-2008-1236, CVE-2008-1237) Several flaws were found in the display of
malformed web content. A web page containing specially-crafted content could,
potentially, trick a Firefox user into surrendering sensitive information.
(CVE-2008-1234, CVE-2008-1238, CVE-2008-1241) All Firefox users should
upgrade to these updated packages, which correct these issues, and are rebuilt
against the update Firefox packages.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 25 2008 Christopher Aillon <caillon(a)redhat.com> - 0.17.5-4
- Rebuild against newer gecko
* Mon Mar 17 2008 Braden McDaniel <braden(a)endoframe.com> - 0.17.5-3
- Patch for crash in openvrml-xembed (bug 437611).
* Fri Feb 8 2008 Christopher Aillon <caillon(a)redhat.com> - 0.17.5-2
- Rebuild against newer gecko
* Tue Feb 5 2008 Braden McDaniel <braden(a)endoframe.com> - 0.17.5-1
- Updated to 0.17.5.
- Added --enable-gecko-rpath.
* Sat Jan 26 2008 Braden McDaniel <braden(a)endoframe.com> - 0.17.4-1
- Updated to 0.17.4.
* Thu Jan 17 2008 Braden McDaniel <braden(a)endoframe.com> - 0.17.3-1
- Updated to 0.17.3.
* Wed Jan 9 2008 Braden McDaniel <braden(a)endoframe.com> - 0.17.2-1
- Updated to 0.17.2.
* Sun Jan 6 2008 Braden McDaniel <braden(a)endoframe.com> - 0.17.1-1
- Updated to 0.17.1.
* Wed Dec 19 2007 Braden McDaniel <braden(a)endoframe.com> - 0.17.0-2
- Removed %check. The "browser" test fails on ppc due to what looks
like a probable compiler bug.
* Wed Dec 19 2007 Braden McDaniel <braden(a)endoframe.com> - 0.17.0-1
- Updated to 0.17.0
- Changed license to LGPLv3+/GPLv3+ per OpenVRML 0.17.0 change.
* Tue Nov 27 2007 Braden McDaniel <braden(a)endoframe.com> - 0.16.7-2
- Updated gecko-libs dependency to 1.8.1.10.
* Thu Nov 15 2007 Braden McDaniel <braden(a)endoframe.com> - 0.16.7-1
- Updated to 0.16.7.
- Changed build prerequisite from firefox-devel to gecko-devel.
- Changed openvrml-xembed to require gecko-libs instead of firefox.
* Fri Nov 9 2007 Braden McDaniel <braden(a)endoframe.com> - 0.16.6-8
- Backed out inadvertent change.
* Fri Nov 9 2007 Braden McDaniel <braden(a)endoframe.com> - 0.16.6-7
- Updated firefox dependency to 2.0.0.9.
* Fri Oct 26 2007 Braden McDaniel <braden(a)endoframe.com>
- Updated license tags to LGPLv2+, GPLv2+.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #438721 - CVE-2008-1237 javascript crashes
https://bugzilla.redhat.com/show_bug.cgi?id=438721
[ 2 ] Bug #438713 - CVE-2008-1233 Mozilla products XPCNativeWrapper pollution
https://bugzilla.redhat.com/show_bug.cgi?id=438713
[ 3 ] Bug #438717 - CVE-2008-1235 chrome privilege via wrong principal
https://bugzilla.redhat.com/show_bug.cgi?id=438717
[ 4 ] Bug #438715 - CVE-2008-1234 universal XSS using event handlers
https://bugzilla.redhat.com/show_bug.cgi?id=438715
[ 5 ] Bug #438718 - CVE-2008-1236 browser engine crashes
https://bugzilla.redhat.com/show_bug.cgi?id=438718
[ 6 ] Bug #438724 - CVE-2008-1238 Referrer spoofing bug
https://bugzilla.redhat.com/show_bug.cgi?id=438724
[ 7 ] Bug #438730 - CVE-2008-1241 XUL popup spoofing
https://bugzilla.redhat.com/show_bug.cgi?id=438730
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update openvrml' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------
16 years, 1 month
[SECURITY] Fedora 8 Update: gnome-web-photo-0.3-9.fc8
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-2682
2008-03-26 16:46:54
--------------------------------------------------------------------------------
Name : gnome-web-photo
Product : Fedora 8
Version : 0.3
Release : 9.fc8
URL : http://ftp.gnome.org/pub/GNOME/sources/gnome-web-photo/0.3/
Summary : HTML pages thumbnailer
Description :
gnome-web-photo contains a thumbnailer that will be used by GNOME applications,
including the file manager, to generate screenshots of web pages.
--------------------------------------------------------------------------------
Update Information:
Mozilla Firefox is an open source Web browser. Several flaws were found in
the processing of some malformed web content. A web page containing such
malicious content could cause Firefox to crash or, potentially, execute
arbitrary code as the user running Firefox. (CVE-2008-1233, CVE-2008-1235,
CVE-2008-1236, CVE-2008-1237) Several flaws were found in the display of
malformed web content. A web page containing specially-crafted content could,
potentially, trick a Firefox user into surrendering sensitive information.
(CVE-2008-1234, CVE-2008-1238, CVE-2008-1241) All Firefox users should
upgrade to these updated packages, which correct these issues, and are rebuilt
against the update Firefox packages.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 25 2008 Christopher Aillon <caillon(a)redhat.com> - 0.3-9
- Rebuild against newer gecko
* Fri Feb 8 2008 Christopher Aillon <caillon(a)redhat.com> - 0.3-8
- Rebuild against newer gecko
* Tue Nov 27 2007 Christopher Aillon <caillon(a)redhat.com> - 0.3-7
- Rebuild against newer gecko
* Tue Nov 6 2007 - Martin Stransky <stransky(a)redhat.com> - 0.3-6
- Rebuild for new Gecko
* Thu Oct 25 2007 - Bastien Nocera <bnocera(a)redhat.com> - 0.3-5
- Rebuild for new Gecko, tighten dependencies
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #438721 - CVE-2008-1237 javascript crashes
https://bugzilla.redhat.com/show_bug.cgi?id=438721
[ 2 ] Bug #438713 - CVE-2008-1233 Mozilla products XPCNativeWrapper pollution
https://bugzilla.redhat.com/show_bug.cgi?id=438713
[ 3 ] Bug #438717 - CVE-2008-1235 chrome privilege via wrong principal
https://bugzilla.redhat.com/show_bug.cgi?id=438717
[ 4 ] Bug #438715 - CVE-2008-1234 universal XSS using event handlers
https://bugzilla.redhat.com/show_bug.cgi?id=438715
[ 5 ] Bug #438718 - CVE-2008-1236 browser engine crashes
https://bugzilla.redhat.com/show_bug.cgi?id=438718
[ 6 ] Bug #438724 - CVE-2008-1238 Referrer spoofing bug
https://bugzilla.redhat.com/show_bug.cgi?id=438724
[ 7 ] Bug #438730 - CVE-2008-1241 XUL popup spoofing
https://bugzilla.redhat.com/show_bug.cgi?id=438730
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update gnome-web-photo' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------
16 years, 1 month
[SECURITY] Fedora 8 Update: devhelp-0.16.1-6.fc8
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-2682
2008-03-26 16:46:54
--------------------------------------------------------------------------------
Name : devhelp
Product : Fedora 8
Version : 0.16.1
Release : 6.fc8
URL : http://developer.imendio.com/projects/devhelp
Summary : API document browser
Description :
An API document browser for GNOME 2.
--------------------------------------------------------------------------------
Update Information:
Mozilla Firefox is an open source Web browser. Several flaws were found in
the processing of some malformed web content. A web page containing such
malicious content could cause Firefox to crash or, potentially, execute
arbitrary code as the user running Firefox. (CVE-2008-1233, CVE-2008-1235,
CVE-2008-1236, CVE-2008-1237) Several flaws were found in the display of
malformed web content. A web page containing specially-crafted content could,
potentially, trick a Firefox user into surrendering sensitive information.
(CVE-2008-1234, CVE-2008-1238, CVE-2008-1241) All Firefox users should
upgrade to these updated packages, which correct these issues, and are rebuilt
against the update Firefox packages.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 25 2008 Christopher Aillon <caillon(a)redhat.com> - 0.16.1-6
- Rebuild against newer gecko
* Fri Feb 8 2008 Christopher Aillon <caillon(a)redhat.com> - 0.16.1-5
- Rebuild against newer gecko
* Tue Nov 27 2007 Christopher Aillon <caillon(a)redhat.com> - 0.16.1-4
- Rebuild against newer gecko
* Mon Nov 5 2007 Martin Stransky <stransky(a)redhat.com> - 0.16.1-3.fc8
- rebuild against new firefox
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #438721 - CVE-2008-1237 javascript crashes
https://bugzilla.redhat.com/show_bug.cgi?id=438721
[ 2 ] Bug #438713 - CVE-2008-1233 Mozilla products XPCNativeWrapper pollution
https://bugzilla.redhat.com/show_bug.cgi?id=438713
[ 3 ] Bug #438717 - CVE-2008-1235 chrome privilege via wrong principal
https://bugzilla.redhat.com/show_bug.cgi?id=438717
[ 4 ] Bug #438715 - CVE-2008-1234 universal XSS using event handlers
https://bugzilla.redhat.com/show_bug.cgi?id=438715
[ 5 ] Bug #438718 - CVE-2008-1236 browser engine crashes
https://bugzilla.redhat.com/show_bug.cgi?id=438718
[ 6 ] Bug #438724 - CVE-2008-1238 Referrer spoofing bug
https://bugzilla.redhat.com/show_bug.cgi?id=438724
[ 7 ] Bug #438730 - CVE-2008-1241 XUL popup spoofing
https://bugzilla.redhat.com/show_bug.cgi?id=438730
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update devhelp' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------
16 years, 1 month