Fedora 14 Update: rubygem-atk-0.90.4-2.fc14
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-16777
2010-10-28 05:03:14
--------------------------------------------------------------------------------
Name : rubygem-atk
Product : Fedora 14
Version : 0.90.4
Release : 2.fc14
URL : http://ruby-gnome2.sourceforge.jp/
Summary : Ruby binding of ATK-1.0.x
Description :
Ruby/ATK is a Ruby binding of ATK-1.0.x or later.
--------------------------------------------------------------------------------
Update Information:
ruby-gnome2 0.90.4 is released.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update rubygem-atk' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 7 months
Fedora 14 Update: rubygem-pango-0.90.4-2.fc14
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-16777
2010-10-28 05:03:14
--------------------------------------------------------------------------------
Name : rubygem-pango
Product : Fedora 14
Version : 0.90.4
Release : 2.fc14
URL : http://ruby-gnome2.sourceforge.jp/
Summary : Ruby binding of pango-1.x
Description :
Ruby/Pango is a Ruby binding of pango-1.x.
--------------------------------------------------------------------------------
Update Information:
ruby-gnome2 0.90.4 is released.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update rubygem-pango' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 7 months
[SECURITY] Fedora 13 Update: pam-1.1.1-6.fc13
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-17112
2010-11-02 21:39:09
--------------------------------------------------------------------------------
Name : pam
Product : Fedora 13
Version : 1.1.1
Release : 6.fc13
URL : http://www.us.kernel.org/pub/linux/libs/pam/index.html
Summary : An extensible library which provides authentication for applications
Description :
PAM (Pluggable Authentication Modules) is a system security tool that
allows system administrators to set authentication policy without
having to recompile programs that handle authentication.
--------------------------------------------------------------------------------
Update Information:
This update fixes moderate vulnerabilities in pam_env, pam_namespace, pam_mail, and pam_xauth modules. Default configurations (or configurations generated by authconfig) are not affected by the pam_mail and pam_namespace vulnerabilities.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 2 2010 Tomas Mraz <tmraz(a)redhat.com> 1.1.1-6
- fix insecure dropping of priviledges in pam_xauth, pam_env,
and pam_mail - CVE-2010-3316 (#637898), CVE-2010-3435 (#641335)
- fix insecure executing of scripts with user supplied environment
variables in pam_namespace - CVE-2010-3853 (#643043)
* Thu Jul 15 2010 Tomas Mraz <tmraz(a)redhat.com> 1.1.1-5
- do not overwrite tallylog with empty file on upgrade
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #637898 - CVE-2010-3316 pam: pam_xauth missing return value checks from setuid() and similar calls
https://bugzilla.redhat.com/show_bug.cgi?id=637898
[ 2 ] Bug #641335 - CVE-2010-3435 pam: pam_env and pam_mail accessing users' file with root privileges
https://bugzilla.redhat.com/show_bug.cgi?id=641335
[ 3 ] Bug #643043 - CVE-2010-3853 pam: pam_namespace executes namespace.init with service's environment
https://bugzilla.redhat.com/show_bug.cgi?id=643043
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update pam' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 7 months
Fedora 14 Update: rubygem-net-sftp-2.0.5-2.fc14
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-16405
2010-10-17 15:39:12
--------------------------------------------------------------------------------
Name : rubygem-net-sftp
Product : Fedora 14
Version : 2.0.5
Release : 2.fc14
URL : http://net-ssh.rubyforge.org/sftp
Summary : A pure Ruby implementation of the SFTP client protocol
Description :
A pure Ruby implementation of the SFTP client protocol
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #642524 - Review Request: rubygem-net-sftp - A pure Ruby implementation of the SFTP client protocol
https://bugzilla.redhat.com/show_bug.cgi?id=642524
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update rubygem-net-sftp' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 7 months
Fedora 14 Update: lua-md5-1.1.2-1.fc14
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-16823
2010-10-28 05:04:55
--------------------------------------------------------------------------------
Name : lua-md5
Product : Fedora 14
Version : 1.1.2
Release : 1.fc14
URL : http://www.keplerproject.org/md5/
Summary : Cryptographic Library for MD5 hashes for Lua
Description :
MD5 offers basic cryptographic facilities for Lua 5.1: a hash (digest)
function, a pair crypt/decrypt based on MD5 and CFB, and a pair crypt/decrypt
based on DES with 56-bit keys.
--------------------------------------------------------------------------------
Update Information:
Initial package import
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #645183 - Review Request: lua-md5 - Cryptographic Library for MD5 hashes for Lua
https://bugzilla.redhat.com/show_bug.cgi?id=645183
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update lua-md5' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 7 months
[SECURITY] Fedora 12 Update: pyftpdlib-0.5.2-1.fc12
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-16731
2010-10-28 05:01:29
--------------------------------------------------------------------------------
Name : pyftpdlib
Product : Fedora 12
Version : 0.5.2
Release : 1.fc12
URL : http://code.google.com/p/pyftpdlib/
Summary : Python FTP server library
Description :
Python FTP server library provides a high-level portable interface to easily
write asynchronous FTP servers with Python. Based on asyncore framework
pyftpdlib is currently the most complete RFC-959 FTP server implementation
available for Python programming language.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Oct 26 2010 Silas Sewell <silas(a)sewell.ch> - 0.5.2-1
- Update to 0.5.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #646169 - CVE-2009-5011 pyftpdlib: Race condition in the FTPHandler class
https://bugzilla.redhat.com/show_bug.cgi?id=646169
[ 2 ] Bug #646171 - CVE-2009-5012 pyftpdlib: Ability to list the root directory via an FTP session
https://bugzilla.redhat.com/show_bug.cgi?id=646171
[ 3 ] Bug #646174 - CVE-2009-5013 pyftpdlib: DoS (memory consumption) by sending a QUIT command during a data transfer
https://bugzilla.redhat.com/show_bug.cgi?id=646174
[ 4 ] Bug #646177 - CVE-2010-3494 pyftpdlib: Race condition in the FTPHandler class in ftpserver.py
https://bugzilla.redhat.com/show_bug.cgi?id=646177
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update pyftpdlib' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 7 months
Fedora 12 Update: lua-wsapi-1.3.4-2.fc12
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-16691
2010-10-27 21:15:45
--------------------------------------------------------------------------------
Name : lua-wsapi
Product : Fedora 12
Version : 1.3.4
Release : 2.fc12
URL : http://keplerproject.github.com/wsapi/
Summary : Lua Web Server API
Description :
WSAPI is an API that abstracts the web server from Lua web applications. By
coding against WSAPI your application can run on any of the supported servers
and interfaces (currently CGI, FastCGI and Xavante, on Windows and UNIX-based
systems).
WSAPI provides a set of helper libraries that help with request processing
and output buffering. You can also write applications that act as filters that
provide some kind of service to other applications, such as authentication,
file uploads, request isolation, or multiplexing.
WSAPI's main influence is Ruby's Rack framework, but it was also influenced by
Python's WSGI (PEP 333). It's not a direct clone of either of them, though,
and tries to follow standard Lua idioms.
--------------------------------------------------------------------------------
Update Information:
Initial package import
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #645184 - Review Request: lua-wsapi - Lua Web Server API
https://bugzilla.redhat.com/show_bug.cgi?id=645184
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update lua-wsapi' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 7 months
Fedora 14 Update: sugar-0.90.3-2.fc14
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-17086
2010-11-02 21:38:15
--------------------------------------------------------------------------------
Name : sugar
Product : Fedora 14
Version : 0.90.3
Release : 2.fc14
URL : http://sugarlabs.org/
Summary : Constructionist learning platform
Description :
Sugar provides simple yet powerful means of engaging young children in the
world of learning that is opened up by computers and the Internet. With Sugar,
even the youngest learner will quickly become proficient in using the
computer as a tool to engage in authentic problem-solving. Sugar promotes
sharing, collaborative learning, and reflection, developing skills that help
them in all aspects of life.
Sugar is also the learning environment for the One Laptop Per Child project.
See http://www.laptop.org for more information on this project.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 1 2010 Peter Robinson <pbrobinson(a)gmail.com> - 0.90.3-2
- add gnome-keyring-pam as dep to fix prompt
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update sugar' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 7 months
Fedora 13 Update: policycoreutils-2.0.83-33.1.fc13
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-17059
2010-11-01 20:15:34
--------------------------------------------------------------------------------
Name : policycoreutils
Product : Fedora 13
Version : 2.0.83
Release : 33.1.fc13
URL : http://www.selinuxproject.org
Summary : SELinux policy core utilities
Description :
Security-enhanced Linux is a feature of the Linux® kernel and a number
of utilities with enhanced security functionality designed to add
mandatory access controls to Linux. The Security-enhanced Linux
kernel contains new architectural components originally developed to
improve the security of the Flask operating system. These
architectural components provide general support for the enforcement
of many kinds of mandatory access control policies, including those
based on the concepts of Type Enforcement®, Role-based Access
Control, and Multi-level Security.
policycoreutils contains the policy core utilities that are required
for basic operation of a SELinux system. These utilities include
load_policy to load policies, setfiles to label filesystems, newrole
to switch roles, and run_init to run /etc/init.d scripts in the proper
context.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 1 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-33.1
- Fix setools require line
* Fri Oct 29 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-33
- Move /etc/pam.d/newrole in to polcicycoreutils-newrole
- Additiona capability checking in sepolgen
* Mon Oct 18 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-31
- Fix sandbox handling of files with spaces in them
* Mon Sep 27 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-30
- Catch TypeError exception on sandbox processing -I files
* Thu Sep 23 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-29
- Fix semanage man page
* Mon Sep 13 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-28
- Add seremote, to allow the execution of command inside the sandbox from outside the sandbox.
* Mon Sep 13 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-27
- Fix sandbox copyfile when copying a dir with a socket, print error
* Fri Sep 10 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-26
- Stop polgengui from crashing if selinux policy is not installed
* Thu Sep 9 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-25
- Fix bug preventing sandbox from using -l
* Tue Sep 7 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-24
- Eliminate quotes fro desktop files
* Mon Aug 30 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-23
- Add -w windowsize patch from Christoph A.
* Mon Aug 30 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-22
- Update po
* Wed Aug 25 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-21
- Update po
* Tue Aug 24 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-20
- Tighten down seunshare to create /tmp dir with sticky bit and MS_NODEV | MS_NOSUID | MS_NOEXEC;
- Remove setsid on seunshare so ^c on sandbox will cause apps to exit
- Add dbus-launch --exit-with-session so all processes launched within the sandbox exit with the sandbox
- Clean up error handling so error will get sent back to sandbox tool
* Mon Aug 23 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-19
- Fix translation handling in file context page of system-config-selinux
* Fri Aug 13 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-18
- Fix sandbox error handling
* Fri Aug 13 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-17
- Apply patch to restorecond from Chris Adams, which will cause restorecond
- to watch first user that logs in.
* Thu Aug 12 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-16
- Add COPYING file to doc dir
* Thu Aug 5 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-15
- Update po and translations
Resolves: #610473
* Thu Aug 5 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-14
- More fixes for polgen tools
* Thu Aug 5 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-13
- Remove requirement to run selinux-polgen as root
* Thu Aug 5 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-12
- Update po and translations
- Fix gui policy generation tools
* Wed Aug 4 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-11
- Update po and translations
* Sat Jul 31 2010 David Malcolm <dmalcolm(a)redhat.com> - 2.0.83-10
- rebuild against python 2.7
* Wed Jul 28 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-9
- Update selinux-polgengui to sepolgen policy generation
* Wed Jul 28 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-8
- Fix invalid free in seunshare and fix man page
* Tue Jul 27 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-7
- Update translations
* Mon Jul 26 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-6
- Fix sandbox man page
* Wed Jul 21 2010 David Malcolm <dmalcolm(a)redhat.com> - 2.0.83-5
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
* Tue Jul 20 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-4
- Add translations for menus
- Fixup man page from Russell Coker
* Tue Jun 15 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-3
- Change python scripts to use -s flag
- Update po
* Tue Jun 15 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-1
- Update to upstream
* Add sandbox support from Dan Walsh with modifications from Steve Lawrence.
* Tue Jun 15 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-31
- Fix sepolgen code generation
Resolve: #603001
* Tue Jun 8 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-30
- Add cgroup support for sandbox
* Mon Jun 7 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-29
- Allow creation of /var/cache/DOMAIN from sepolgen
* Thu Jun 3 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-28
- Fix sandbox init script
- Add dbus-launch to sandbox -X
Resolve: #599599
* Thu Jun 3 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-27
- Move genhomedircon.8 to same package as genhomedircon
- Fix sandbox to pass unit test
Resolves: #595796
* Wed Jun 2 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-26
- Fix listing of booleans from audit2allow
* Wed Jun 2 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-25
- Fix audit2allow to output if the current policy has avc
- Update translations
- Fix icon
* Thu May 27 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-24
- Man page fixes
- sandbox fixes
- Move seunshare to base package
* Fri May 21 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-23
- Fix seunshare translations
- Fix seunshare to work on all arches
- Fix icon for system-config-selinux
Resolves: #595276
* Fri May 21 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-22
- Fix can_exec definition in sepolgen
* Fri May 21 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-21
- Add man page for seunshare and genhomedircon
Resolves: #594303
- Fix node management via semanage
* Wed May 19 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-20
- Fixes from upstream for sandbox command
Resolves: #580938
* Thu May 13 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-18
- Fix sandbox error handling on copyfile
- Fix desktop files
* Tue May 11 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-17
- Fix policy tool to have correct name in menus
- Fix seunshare to handle /tmp being in ~/home
- Fix saving of altered files
- Update translations
* Tue May 4 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-15
- Allow audit2allow to specify alternative policy file for analysis
* Mon May 3 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-14
- Update po
- Fix sepolgen --no_attrs
Resolves: #588280
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #552556 - policycoreutils-python should require setools-libs-python
https://bugzilla.redhat.com/show_bug.cgi?id=552556
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update policycoreutils' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 7 months
Fedora 14 Update: kdelibs-4.5.2-8.fc14
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-17224
2010-11-03 20:29:48
--------------------------------------------------------------------------------
Name : kdelibs
Product : Fedora 14
Version : 4.5.2
Release : 8.fc14
URL : http://www.kde.org/
Summary : KDE Libraries
Description :
Libraries for KDE 4.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 2 2010 Rex Dieter <rdieter(a)fedoraproject.org> - 4.5.2-8
- kshareddatacache fix for zime shifts, just in time for DST (kde#253795)
* Fri Oct 15 2010 Rex Dieter <rdieter(a)fedoraproject.org> - 4.5.2-7
- backport configChanged() for wallpaper
* Fri Oct 15 2010 Rex Dieter <rdieter(a)fedoraproject.org> - 4.5.2-6
- kio/krun patch so kde services can open urls directly too
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #649016 - Plasma cache corruption, crashing on login
https://bugzilla.redhat.com/show_bug.cgi?id=649016
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update kdelibs' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 7 months