November 2010 - package-announce - Fedora Mailing-Lists

Fedora 14 Update: rubygem-atk-0.90.4-2.fc14

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-16777 2010-10-28 05:03:14 -------------------------------------------------------------------------------- Name : rubygem-atk Product : Fedora 14 Version : 0.90.4 Release : 2.fc14 URL : http://ruby-gnome2.sourceforge.jp/ Summary : Ruby binding of ATK-1.0.x Description : Ruby/ATK is a Ruby binding of ATK-1.0.x or later. -------------------------------------------------------------------------------- Update Information: ruby-gnome2 0.90.4 is released. -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update rubygem-atk' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

13 years, 7 months

1
0
0 / 0

Fedora 14 Update: rubygem-pango-0.90.4-2.fc14

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-16777 2010-10-28 05:03:14 -------------------------------------------------------------------------------- Name : rubygem-pango Product : Fedora 14 Version : 0.90.4 Release : 2.fc14 URL : http://ruby-gnome2.sourceforge.jp/ Summary : Ruby binding of pango-1.x Description : Ruby/Pango is a Ruby binding of pango-1.x. -------------------------------------------------------------------------------- Update Information: ruby-gnome2 0.90.4 is released. -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update rubygem-pango' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

13 years, 7 months

1
0
0 / 0

[SECURITY] Fedora 13 Update: pam-1.1.1-6.fc13

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-17112 2010-11-02 21:39:09 -------------------------------------------------------------------------------- Name : pam Product : Fedora 13 Version : 1.1.1 Release : 6.fc13 URL : http://www.us.kernel.org/pub/linux/libs/pam/index.html Summary : An extensible library which provides authentication for applications Description : PAM (Pluggable Authentication Modules) is a system security tool that allows system administrators to set authentication policy without having to recompile programs that handle authentication. -------------------------------------------------------------------------------- Update Information: This update fixes moderate vulnerabilities in pam_env, pam_namespace, pam_mail, and pam_xauth modules. Default configurations (or configurations generated by authconfig) are not affected by the pam_mail and pam_namespace vulnerabilities. -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 2 2010 Tomas Mraz <tmraz(a)redhat.com> 1.1.1-6 - fix insecure dropping of priviledges in pam_xauth, pam_env, and pam_mail - CVE-2010-3316 (#637898), CVE-2010-3435 (#641335) - fix insecure executing of scripts with user supplied environment variables in pam_namespace - CVE-2010-3853 (#643043) * Thu Jul 15 2010 Tomas Mraz <tmraz(a)redhat.com> 1.1.1-5 - do not overwrite tallylog with empty file on upgrade -------------------------------------------------------------------------------- References: [ 1 ] Bug #637898 - CVE-2010-3316 pam: pam_xauth missing return value checks from setuid() and similar calls https://bugzilla.redhat.com/show_bug.cgi?id=637898 [ 2 ] Bug #641335 - CVE-2010-3435 pam: pam_env and pam_mail accessing users' file with root privileges https://bugzilla.redhat.com/show_bug.cgi?id=641335 [ 3 ] Bug #643043 - CVE-2010-3853 pam: pam_namespace executes namespace.init with service's environment https://bugzilla.redhat.com/show_bug.cgi?id=643043 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update pam' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

13 years, 7 months

1
0
0 / 0

Fedora 14 Update: rubygem-net-sftp-2.0.5-2.fc14

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-16405 2010-10-17 15:39:12 -------------------------------------------------------------------------------- Name : rubygem-net-sftp Product : Fedora 14 Version : 2.0.5 Release : 2.fc14 URL : http://net-ssh.rubyforge.org/sftp Summary : A pure Ruby implementation of the SFTP client protocol Description : A pure Ruby implementation of the SFTP client protocol -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- References: [ 1 ] Bug #642524 - Review Request: rubygem-net-sftp - A pure Ruby implementation of the SFTP client protocol https://bugzilla.redhat.com/show_bug.cgi?id=642524 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update rubygem-net-sftp' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

13 years, 7 months

1
0
0 / 0

Fedora 14 Update: lua-md5-1.1.2-1.fc14

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-16823 2010-10-28 05:04:55 -------------------------------------------------------------------------------- Name : lua-md5 Product : Fedora 14 Version : 1.1.2 Release : 1.fc14 URL : http://www.keplerproject.org/md5/ Summary : Cryptographic Library for MD5 hashes for Lua Description : MD5 offers basic cryptographic facilities for Lua 5.1: a hash (digest) function, a pair crypt/decrypt based on MD5 and CFB, and a pair crypt/decrypt based on DES with 56-bit keys. -------------------------------------------------------------------------------- Update Information: Initial package import -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- References: [ 1 ] Bug #645183 - Review Request: lua-md5 - Cryptographic Library for MD5 hashes for Lua https://bugzilla.redhat.com/show_bug.cgi?id=645183 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update lua-md5' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

13 years, 7 months

1
0
0 / 0

[SECURITY] Fedora 12 Update: pyftpdlib-0.5.2-1.fc12

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-16731 2010-10-28 05:01:29 -------------------------------------------------------------------------------- Name : pyftpdlib Product : Fedora 12 Version : 0.5.2 Release : 1.fc12 URL : http://code.google.com/p/pyftpdlib/ Summary : Python FTP server library Description : Python FTP server library provides a high-level portable interface to easily write asynchronous FTP servers with Python. Based on asyncore framework pyftpdlib is currently the most complete RFC-959 FTP server implementation available for Python programming language. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 26 2010 Silas Sewell <silas(a)sewell.ch> - 0.5.2-1 - Update to 0.5.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #646169 - CVE-2009-5011 pyftpdlib: Race condition in the FTPHandler class https://bugzilla.redhat.com/show_bug.cgi?id=646169 [ 2 ] Bug #646171 - CVE-2009-5012 pyftpdlib: Ability to list the root directory via an FTP session https://bugzilla.redhat.com/show_bug.cgi?id=646171 [ 3 ] Bug #646174 - CVE-2009-5013 pyftpdlib: DoS (memory consumption) by sending a QUIT command during a data transfer https://bugzilla.redhat.com/show_bug.cgi?id=646174 [ 4 ] Bug #646177 - CVE-2010-3494 pyftpdlib: Race condition in the FTPHandler class in ftpserver.py https://bugzilla.redhat.com/show_bug.cgi?id=646177 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update pyftpdlib' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

13 years, 7 months

1
0
0 / 0

Fedora 12 Update: lua-wsapi-1.3.4-2.fc12

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-16691 2010-10-27 21:15:45 -------------------------------------------------------------------------------- Name : lua-wsapi Product : Fedora 12 Version : 1.3.4 Release : 2.fc12 URL : http://keplerproject.github.com/wsapi/ Summary : Lua Web Server API Description : WSAPI is an API that abstracts the web server from Lua web applications. By coding against WSAPI your application can run on any of the supported servers and interfaces (currently CGI, FastCGI and Xavante, on Windows and UNIX-based systems). WSAPI provides a set of helper libraries that help with request processing and output buffering. You can also write applications that act as filters that provide some kind of service to other applications, such as authentication, file uploads, request isolation, or multiplexing. WSAPI's main influence is Ruby's Rack framework, but it was also influenced by Python's WSGI (PEP 333). It's not a direct clone of either of them, though, and tries to follow standard Lua idioms. -------------------------------------------------------------------------------- Update Information: Initial package import -------------------------------------------------------------------------------- References: [ 1 ] Bug #645184 - Review Request: lua-wsapi - Lua Web Server API https://bugzilla.redhat.com/show_bug.cgi?id=645184 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update lua-wsapi' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

13 years, 7 months

1
0
0 / 0

Fedora 14 Update: sugar-0.90.3-2.fc14

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-17086 2010-11-02 21:38:15 -------------------------------------------------------------------------------- Name : sugar Product : Fedora 14 Version : 0.90.3 Release : 2.fc14 URL : http://sugarlabs.org/ Summary : Constructionist learning platform Description : Sugar provides simple yet powerful means of engaging young children in the world of learning that is opened up by computers and the Internet. With Sugar, even the youngest learner will quickly become proficient in using the computer as a tool to engage in authentic problem-solving. Sugar promotes sharing, collaborative learning, and reflection, developing skills that help them in all aspects of life. Sugar is also the learning environment for the One Laptop Per Child project. See http://www.laptop.org for more information on this project. -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 1 2010 Peter Robinson <pbrobinson(a)gmail.com> - 0.90.3-2 - add gnome-keyring-pam as dep to fix prompt -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update sugar' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

13 years, 7 months

1
0
0 / 0

Fedora 13 Update: policycoreutils-2.0.83-33.1.fc13

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-17059 2010-11-01 20:15:34 -------------------------------------------------------------------------------- Name : policycoreutils Product : Fedora 13 Version : 2.0.83 Release : 33.1.fc13 URL : http://www.selinuxproject.org Summary : SELinux policy core utilities Description : Security-enhanced Linux is a feature of the Linux® kernel and a number of utilities with enhanced security functionality designed to add mandatory access controls to Linux. The Security-enhanced Linux kernel contains new architectural components originally developed to improve the security of the Flask operating system. These architectural components provide general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement®, Role-based Access Control, and Multi-level Security. policycoreutils contains the policy core utilities that are required for basic operation of a SELinux system. These utilities include load_policy to load policies, setfiles to label filesystems, newrole to switch roles, and run_init to run /etc/init.d scripts in the proper context. -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 1 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-33.1 - Fix setools require line * Fri Oct 29 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-33 - Move /etc/pam.d/newrole in to polcicycoreutils-newrole - Additiona capability checking in sepolgen * Mon Oct 18 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-31 - Fix sandbox handling of files with spaces in them * Mon Sep 27 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-30 - Catch TypeError exception on sandbox processing -I files * Thu Sep 23 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-29 - Fix semanage man page * Mon Sep 13 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-28 - Add seremote, to allow the execution of command inside the sandbox from outside the sandbox. * Mon Sep 13 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-27 - Fix sandbox copyfile when copying a dir with a socket, print error * Fri Sep 10 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-26 - Stop polgengui from crashing if selinux policy is not installed * Thu Sep 9 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-25 - Fix bug preventing sandbox from using -l * Tue Sep 7 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-24 - Eliminate quotes fro desktop files * Mon Aug 30 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-23 - Add -w windowsize patch from Christoph A. * Mon Aug 30 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-22 - Update po * Wed Aug 25 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-21 - Update po * Tue Aug 24 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-20 - Tighten down seunshare to create /tmp dir with sticky bit and MS_NODEV | MS_NOSUID | MS_NOEXEC; - Remove setsid on seunshare so ^c on sandbox will cause apps to exit - Add dbus-launch --exit-with-session so all processes launched within the sandbox exit with the sandbox - Clean up error handling so error will get sent back to sandbox tool * Mon Aug 23 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-19 - Fix translation handling in file context page of system-config-selinux * Fri Aug 13 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-18 - Fix sandbox error handling * Fri Aug 13 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-17 - Apply patch to restorecond from Chris Adams, which will cause restorecond - to watch first user that logs in. * Thu Aug 12 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-16 - Add COPYING file to doc dir * Thu Aug 5 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-15 - Update po and translations Resolves: #610473 * Thu Aug 5 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-14 - More fixes for polgen tools * Thu Aug 5 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-13 - Remove requirement to run selinux-polgen as root * Thu Aug 5 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-12 - Update po and translations - Fix gui policy generation tools * Wed Aug 4 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-11 - Update po and translations * Sat Jul 31 2010 David Malcolm <dmalcolm(a)redhat.com> - 2.0.83-10 - rebuild against python 2.7 * Wed Jul 28 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-9 - Update selinux-polgengui to sepolgen policy generation * Wed Jul 28 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-8 - Fix invalid free in seunshare and fix man page * Tue Jul 27 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-7 - Update translations * Mon Jul 26 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-6 - Fix sandbox man page * Wed Jul 21 2010 David Malcolm <dmalcolm(a)redhat.com> - 2.0.83-5 - Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild * Tue Jul 20 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-4 - Add translations for menus - Fixup man page from Russell Coker * Tue Jun 15 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-3 - Change python scripts to use -s flag - Update po * Tue Jun 15 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.83-1 - Update to upstream * Add sandbox support from Dan Walsh with modifications from Steve Lawrence. * Tue Jun 15 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-31 - Fix sepolgen code generation Resolve: #603001 * Tue Jun 8 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-30 - Add cgroup support for sandbox * Mon Jun 7 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-29 - Allow creation of /var/cache/DOMAIN from sepolgen * Thu Jun 3 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-28 - Fix sandbox init script - Add dbus-launch to sandbox -X Resolve: #599599 * Thu Jun 3 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-27 - Move genhomedircon.8 to same package as genhomedircon - Fix sandbox to pass unit test Resolves: #595796 * Wed Jun 2 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-26 - Fix listing of booleans from audit2allow * Wed Jun 2 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-25 - Fix audit2allow to output if the current policy has avc - Update translations - Fix icon * Thu May 27 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-24 - Man page fixes - sandbox fixes - Move seunshare to base package * Fri May 21 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-23 - Fix seunshare translations - Fix seunshare to work on all arches - Fix icon for system-config-selinux Resolves: #595276 * Fri May 21 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-22 - Fix can_exec definition in sepolgen * Fri May 21 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-21 - Add man page for seunshare and genhomedircon Resolves: #594303 - Fix node management via semanage * Wed May 19 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-20 - Fixes from upstream for sandbox command Resolves: #580938 * Thu May 13 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-18 - Fix sandbox error handling on copyfile - Fix desktop files * Tue May 11 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-17 - Fix policy tool to have correct name in menus - Fix seunshare to handle /tmp being in ~/home - Fix saving of altered files - Update translations * Tue May 4 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-15 - Allow audit2allow to specify alternative policy file for analysis * Mon May 3 2010 Dan Walsh <dwalsh(a)redhat.com> 2.0.82-14 - Update po - Fix sepolgen --no_attrs Resolves: #588280 -------------------------------------------------------------------------------- References: [ 1 ] Bug #552556 - policycoreutils-python should require setools-libs-python https://bugzilla.redhat.com/show_bug.cgi?id=552556 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update policycoreutils' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

13 years, 7 months

1
0
0 / 0

Fedora 14 Update: kdelibs-4.5.2-8.fc14

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-17224 2010-11-03 20:29:48 -------------------------------------------------------------------------------- Name : kdelibs Product : Fedora 14 Version : 4.5.2 Release : 8.fc14 URL : http://www.kde.org/ Summary : KDE Libraries Description : Libraries for KDE 4. -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 2 2010 Rex Dieter <rdieter(a)fedoraproject.org> - 4.5.2-8 - kshareddatacache fix for zime shifts, just in time for DST (kde#253795) * Fri Oct 15 2010 Rex Dieter <rdieter(a)fedoraproject.org> - 4.5.2-7 - backport configChanged() for wallpaper * Fri Oct 15 2010 Rex Dieter <rdieter(a)fedoraproject.org> - 4.5.2-6 - kio/krun patch so kde services can open urls directly too -------------------------------------------------------------------------------- References: [ 1 ] Bug #649016 - Plasma cache corruption, crashing on login https://bugzilla.redhat.com/show_bug.cgi?id=649016 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update kdelibs' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

13 years, 7 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

package-announce November 2010