[SECURITY] Fedora 13 Update: libmspack-0.2-0.1.20100723alpha.fc13
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-14722
2010-09-15 04:54:14
--------------------------------------------------------------------------------
Name : libmspack
Product : Fedora 13
Version : 0.2
Release : 0.1.20100723alpha.fc13
URL : http://www.cabextract.org.uk/libmspack/
Summary : Library for CAB and related files compression and decompression
Description :
The purpose of libmspack is to provide both compression and decompression of
some loosely related file formats used by Microsoft.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 30 2010 Dan Horák <dan[at]danny.cz> - 0.2-0.1.20100723alpha
- updated to 0.2alpha released 2010/07/23
- merged the doc subpackage with devel
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #620450 - CVE-2010-2800 cabextract: Infinite loop in MS-ZIP and Quantum decoders
https://bugzilla.redhat.com/show_bug.cgi?id=620450
[ 2 ] Bug #620454 - CVE-2010-2801 cabextract: Integer wrap-around (crash) by processing certain *.cab files in test archive mode
https://bugzilla.redhat.com/show_bug.cgi?id=620454
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update libmspack' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 8 months
Fedora 13 Update: cricscore-applet-1.1.0.3-2.fc13
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-15044
2010-09-21 00:58:40
--------------------------------------------------------------------------------
Name : cricscore-applet
Product : Fedora 13
Version : 1.1.0.3
Release : 2.fc13
URL : https://sourceforge.net/projects/cricscoreapplet/
Summary : A cricket score applet for GNOME
Description :
cricscore-applet brings cricket score to your GNOME panel.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #592064 - cricscore-applet-debuginfo is empty
https://bugzilla.redhat.com/show_bug.cgi?id=592064
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update cricscore-applet' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 8 months
Fedora 13 Update: Miro-3.0.3-2.fc13
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-15023
2010-09-21 00:58:01
--------------------------------------------------------------------------------
Name : Miro
Product : Fedora 13
Version : 3.0.3
Release : 2.fc13
URL : http://www.getmiro.com/
Summary : Internet TV Player
Description :
Miro is a free HD video player. It offers over 6,000 free internet TV
shows and video podcasts, and has a simple interface designed for
fullscreen HD video. It downloads most videos, allowing users to take
their shows with them.
--------------------------------------------------------------------------------
Update Information:
Miro now gracefully exits when erroneously started without an available display
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 20 2010 Michel Salim <salimma(a)fedoraproject.org> - 3.0.3-2
- Catch exception when started without a valid DISPLAY (# 633999)
* Sun Aug 29 2010 Alex Lancaster <alexlan[AT]fedoraproject org> - 3.0.3-1
- Update to upstream 3.0.3. Potentially fixes a whole slew of bugs
including YouTube downloads not working
(http://bugzilla.pculture.org/show_bug.cgi?id=14084)
* Wed Jul 21 2010 David Malcolm <dmalcolm(a)redhat.com> - 3.0.2-2
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
* Thu Jun 3 2010 Michel Salim <salimma(a)fedoraproject.org> - 3.0.2-1
- Update to 3.0.2
* Wed May 5 2010 Michel Salim <salimma(a)fedoraproject.org> - 3.0.1-1
- Update to 3.0.1
* Mon Apr 12 2010 Martin Stransky <stransky(a)redhat.com> - 3.0-2
- Updated gecko dependency
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #633999 - [abrt] Miro-3.0.2-1.fc13: __init__.py:52:_init:RuntimeError: could not open display
https://bugzilla.redhat.com/show_bug.cgi?id=633999
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update Miro' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 8 months
[SECURITY] Fedora 12 Update: sudo-1.7.4p4-2.fc12
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-14996
2010-09-21 00:56:56
--------------------------------------------------------------------------------
Name : sudo
Product : Fedora 12
Version : 1.7.4p4
Release : 2.fc12
URL : http://www.courtesan.com/sudo/
Summary : Allows restricted root access for specified users
Description :
Sudo (superuser do) allows a system administrator to give certain
users (or groups of users) the ability to run some (or all) commands
as root while logging all commands and arguments. Sudo operates on a
per-command basis. It is not a replacement for the shell. Features
include: the ability to restrict what commands a user may run on a
per-host basis, copious logging of each command (providing a clear
audit trail of who did what), a configurable timeout of the sudo
command, and the ability to use the same configuration file (sudoers)
on many different machines.
--------------------------------------------------------------------------------
Update Information:
- reset $HOME when the `-i' option is used
- update to new upstream version
- sudo now uses /var/db/sudo for timestamps
- new command available: sudoreplay
- use native audit support
- corrected license field value: BSD -> ISC
- added env_keep += HOME (see rhbz#614025) for backwards compatibility
- added Defaults !visiblepw
- fixes CVE-2010-2956
- use_pty option can be used to avoid the issue reported in #479145
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 20 2010 Daniel Kopecek <dkopecek(a)redhat.com> - 1.7.4p4-2
- added patch for #635250
* Wed Sep 8 2010 Daniel Kopecek <dkopecek(a)redhat.com> - 1.7.4p4-1
- update to new upstream version
- sudo now uses /var/db/sudo for timestamps
- new command available: sudoreplay
- use native audit support
- corrected license field value: BSD -> ISC
- added env_keep += HOME (see rhbz#614025) for
backwards compatibility
- added Defaults !visiblepw
* Wed Jun 2 2010 Daniel Kopecek <dkopecek(a)redhat.com> - 1.7.2p6-2
- added patch that fixes insufficient environment sanitization issue (#598154)
* Wed Apr 14 2010 Daniel Kopecek <dkopecek(a)redhat.com> - 1.7.2p6-1
- update to new upstream version
- merged .audit and .libaudit patch
- added sudoers.ldap.5* to files
* Mon Mar 1 2010 Daniel Kopecek <dkopecek(a)redhat.com> - 1.7.2p5-1
- update to new upstream version
* Tue Feb 16 2010 Daniel Kopecek <dkopecek(a)redhat.com> - 1.7.2p2-4
- fixed no valid sudoers sources found (#558875)
- audit related Makefile.in and configure.in corrections
- added --with-audit configure option
- removed call to libtoolize
* Wed Feb 10 2010 Daniel Kopecek <dkopecek(a)redhat.com> - 1.7.2p2-3
- fixed segfault when #include directive is used in cycles (#561336)
* Wed Feb 10 2010 Ville Skyttä <ville.skytta(a)iki.fi> - 1.7.2p2-3
- Add /etc/sudoers.d dir and use it in default config (#551470).
- Drop *.pod man page duplicates from docs.
* Thu Jan 7 2010 Daniel Kopecek <dkopecek(a)redhat.com> - 1.7.2p2-2
- commented out unused aliases in sudoers to make visudo happy (#550239)
* Thu Jan 7 2010 Daniel Kopecek <dkopecek(a)redhat.com> - 1.7.2p2-1
- new upstream version 1.7.2p2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #628628 - CVE-2010-2956 sudo: incorrect handling of RunAs specification with both user and group lists
https://bugzilla.redhat.com/show_bug.cgi?id=628628
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update sudo' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 8 months
Fedora 13 Update: dbmail-2.2.17-1.fc13
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-14653
2010-09-15 04:51:52
--------------------------------------------------------------------------------
Name : dbmail
Product : Fedora 13
Version : 2.2.17
Release : 1.fc13
URL : http://www.dbmail.org
Summary : A database backed mail storage system
Description :
Dbmail is the name of a group of programs that enable the possiblilty of
storing and retrieving mail messages from a database.
Currently dbmail supports the following database backends:
MySQL
PostgreSQL
SQLite
Please see /usr/share/doc/dbmail-*/README.fedora for specific information on
installation and configuration in Fedora.
--------------------------------------------------------------------------------
Update Information:
# 0000857: [General] using bind=* will crash on accept
# 0000851: [IMAP daemon] Slow IMAP results and high CPU usage when message_idnr is very big
--------------------------------------------------------------------------------
ChangeLog:
* Sun Sep 12 2010 Bernard Johnson <bjohnson(a)symetrix.com> - 2.2.17-1
- v 2.2.17
- drop unneeded patches
* Sun Aug 8 2010 Bernard Johnson <bjohnson(a)symetrix.com> - 2.2.16-1
- v 2.2.16
- drop unneeded patches
- spurious-imap-whitepatch patch
- backport IMAP-ID patch
- update asciidocs patch
- imap append-speedup patch
- inverse pop3 list patch
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update dbmail' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 8 months
Fedora 13 Update: sendmail-8.14.4-5.fc13
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-14651
2010-09-15 04:51:48
--------------------------------------------------------------------------------
Name : sendmail
Product : Fedora 13
Version : 8.14.4
Release : 5.fc13
URL : http://www.sendmail.org/
Summary : A widely used Mail Transport Agent (MTA)
Description :
The Sendmail program is a very widely used Mail Transport Agent (MTA).
MTAs send mail from one machine to another. Sendmail is not a client
program, which you use to read your email. Sendmail is a
behind-the-scenes program which actually moves your email over
networks or the Internet to where you want it to go.
If you ever need to reconfigure Sendmail, you will also need to have
the sendmail-cf package installed. If you need documentation on
Sendmail, you can install the sendmail-doc package.
--------------------------------------------------------------------------------
Update Information:
This is an update that fixes problem with sasldb access through auxprop.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 14 2010 Jaroslav Škarvada <jskarvad(a)redhat.com> - 8.14.4-5
- rebuilt with db4-4.8.30 (#633269)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #633269 - SMTP AUTH is not working with pwcheck_method: auxprop and auxprop_plugin: sasldb
https://bugzilla.redhat.com/show_bug.cgi?id=633269
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update sendmail' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 8 months
Fedora 13 Update: qlandkartegt-0.19.1-1.fc13
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-14663
2010-09-15 04:52:21
--------------------------------------------------------------------------------
Name : qlandkartegt
Product : Fedora 13
Version : 0.19.1
Release : 1.fc13
URL : http://www.qlandkarte.org/
Summary : GPS device mapping tool
Description :
QLandkarte GT is the ultimate outdoor aficionado's tool for GPS maps in
GeoTiff format as well as Garmin's img vector map format. Additional it is
the PC side frontend to QLandkarte M, a moving map application for mobile
devices. And it fills the gap Garmin leaves in refusing to support Linux.
QLandkarte GT is the proof that writing portable applications for Unix,
Windows and OSX is feasible with a minimum of overhead. No excuses!
QLandkarte GT does replace the original QLandkarte with a much more
flexible architecture. It's not limited to a map format or device. Thus
if you think your Magellan GPS or other should be supported, join the team.
Additionally it is a front end to the GDAL tools, to make georeferencing
scanned maps feasible for the normal user. Compared to similar tools like
QGis, it's target users are more on the consumer side than on the scientific
one. QLandkarte GT might not let you select every possible feature of the
GDAL tools, but it will simplify their use to the demands of most users.
--------------------------------------------------------------------------------
Update Information:
update to 0.19.1 with these changes:
- Export raster maps to KMZ
- Export raster maps as Garmin Custom Map tiles
- Make folder system of geo database a bit more flexible
- Optimize geo database access and fix many glitches.
- Some tiles on OSM maps are not selectable
- Fix glitches in track profile/ edit/ toolview interaction
- Enhance guideline and snap algorithm for drawing distance polylines
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 13 2010 Dan Horák <dan[at]danny.cz> 0.19.1-1
- update to 0.19.1
* Mon Aug 16 2010 Dan Horák <dan[at]danny.cz> 0.19.0-1
- update to 0.19.0
* Sun Jul 4 2010 Dan Horák <dan[at]danny.cz> 0.18.4-1
- update to 0.18.4
* Sun Jul 4 2010 Dan Horák <dan[at]danny.cz> 0.18.3-2
- newer garmindev is needed
* Sat Jul 3 2010 Dan Horák <dan[at]danny.cz> 0.18.3-1
- update to 0.18.3
- dropped the gtkstyle hack
* Wed May 12 2010 Dan Horák <dan[at]danny.cz> 0.18.2-1
- update to 0.18.2
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update qlandkartegt' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 8 months
Fedora 13 Update: mozc-0.13.464.102-0.1.20100910svn.fc13
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-14688
2010-09-15 04:53:08
--------------------------------------------------------------------------------
Name : mozc
Product : Fedora 13
Version : 0.13.464.102
Release : 0.1.20100910svn.fc13
URL : http://code.google.com/p/mozc
Summary : Opensourced Google Japanese Input
Description :
Mozc is a Japanese Input Method Editor (IME) designed for
multi-platform such as Chromium OS, Windows, Mac and Linux.
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update mozc' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 8 months
Fedora 12 Update: dbmail-2.2.17-1.fc12
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-14657
2010-09-15 04:52:09
--------------------------------------------------------------------------------
Name : dbmail
Product : Fedora 12
Version : 2.2.17
Release : 1.fc12
URL : http://www.dbmail.org
Summary : A database backed mail storage system
Description :
Dbmail is the name of a group of programs that enable the possiblilty of
storing and retrieving mail messages from a database.
Currently dbmail supports the following database backends:
MySQL
PostgreSQL
SQLite
Please see /usr/share/doc/dbmail-*/README.fedora for specific information on
installation and configuration in Fedora.
--------------------------------------------------------------------------------
Update Information:
# 0000857: [General] using bind=* will crash on accept
# 0000851: [IMAP daemon] Slow IMAP results and high CPU usage when message_idnr is very big
--------------------------------------------------------------------------------
ChangeLog:
* Sun Sep 12 2010 Bernard Johnson <bjohnson(a)symetrix.com> - 2.2.17-1
- v 2.2.17
- drop unneeded patches
* Sun Aug 8 2010 Bernard Johnson <bjohnson(a)symetrix.com> - 2.2.16-1
- v 2.2.16
- drop unneeded patches
- spurious-imap-whitepatch patch
- backport IMAP-ID patch
- update asciidocs patch
- imap append-speedup patch
- inverse pop3 list patch
* Fri Apr 16 2010 Bernard Johnson <bjohnson(a)symetrix.com> - 2.2.15-2
- clip to zero patch
- query regression patch
- stack smash patch
- long running iquery patch
* Sun Feb 14 2010 Bernard Johnson <bjohnson(a)symetrix.com> - 2.2.15-1
- v 2.2.15
- remove patches upstreamed
- patches for EL5 to remove new md5 implementation
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update dbmail' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 8 months
Fedora 13 Update: ghc-Boolean-0.0.1-1.fc13
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-14881
2010-09-17 18:03:18
--------------------------------------------------------------------------------
Name : ghc-Boolean
Product : Fedora 13
Version : 0.0.1
Release : 1.fc13
URL : http://hackage.haskell.org/package/Boolean
Summary : Generalized booleans
Description :
Some classes for generalized boolean operations.
This package provides the shared library.
--------------------------------------------------------------------------------
Update Information:
Some classes for generalized boolean operations.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #630213 - Review Request: ghc-Boolean - Generalized booleans
https://bugzilla.redhat.com/show_bug.cgi?id=630213
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update ghc-Boolean' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 8 months