--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-15950
2011-11-15 23:42:05
--------------------------------------------------------------------------------
Name : R-biomaRt
Product : Fedora 15
Version : 2.10.0
Release : 1.fc15
URL : http://www.bioconductor.org/packages/release/bioc/html/biomaRt.html
Summary : R Interface to BioMart databases
Description :
In recent years a wealth of biological data has become available in public
data repositories. Easy access to these valuable data resources and firm
integration with data analysis is needed for comprehensive bioinformatics data
analysis. biomaRt provides an interface to a growing collection of databases
implementing the BioMart software suite (http://www.biomart.org). The package
enables retrieval of large amounts of data in a uniform way without the need
to know the underlying database schemas or write complex SQL queries. Examples
of BioMart databases are Ensembl, COSMIC, Uniprot, HGNC, Gramene, Wormbase and
dbSNP mapped to Ensembl. These major databases give biomaRt users direct
access to a diverse set of data and enable a wide range of powerful online
queries from gene annotation to database mining.
--------------------------------------------------------------------------------
Update Information:
Update R to 2.14.0. This required a mass rebuild of R components.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #751003 - New version of R 2.14.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=751003
[ 2 ] Bug #753188 - Review Request: R-rtracklayer - R interface to genome browsers and their annotation tracks
https://bugzilla.redhat.com/show_bug.cgi?id=753188
[ 3 ] Bug #753181 - Review Request: R-RCurl - General network (HTTP/FTP) client interface for R
https://bugzilla.redhat.com/show_bug.cgi?id=753181
[ 4 ] Bug #753182 - Review Request: R-biomaRt - R Interface to BioMart databases
https://bugzilla.redhat.com/show_bug.cgi?id=753182
[ 5 ] Bug #753185 - Review Request: R-Rcompression - R Package for in-memory compression
https://bugzilla.redhat.com/show_bug.cgi?id=753185
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update R-biomaRt' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-15950
2011-11-15 23:42:05
--------------------------------------------------------------------------------
Name : R-GenomicFeatures
Product : Fedora 15
Version : 1.6.1
Release : 1.fc15
URL : http://bioconductor.org/packages/2.9/bioc/html/GenomicFeatures.html
Summary : Tools for making and manipulating transcript centric annotations
Description :
A set of tools and methods for making and manipulating transcript centric
annotations. With these tools the user can easily download the genomic
locations of the transcripts, exons and cds of a given organism, from either
the UCSC Genome Browser or a BioMart database (more sources will be supported
in the future). This information is then stored in a local database that
keeps track of the relationship between transcripts, exons, cds and genes.
Flexible methods are provided for extracting the desired features in a
convenient format.
--------------------------------------------------------------------------------
Update Information:
Update R to 2.14.0. This required a mass rebuild of R components.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 9 2011 Tom Callaway <spot(a)fedoraproject.org> - 1.6.1-1
- update to 1.6.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #751003 - New version of R 2.14.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=751003
[ 2 ] Bug #753188 - Review Request: R-rtracklayer - R interface to genome browsers and their annotation tracks
https://bugzilla.redhat.com/show_bug.cgi?id=753188
[ 3 ] Bug #753181 - Review Request: R-RCurl - General network (HTTP/FTP) client interface for R
https://bugzilla.redhat.com/show_bug.cgi?id=753181
[ 4 ] Bug #753182 - Review Request: R-biomaRt - R Interface to BioMart databases
https://bugzilla.redhat.com/show_bug.cgi?id=753182
[ 5 ] Bug #753185 - Review Request: R-Rcompression - R Package for in-memory compression
https://bugzilla.redhat.com/show_bug.cgi?id=753185
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update R-GenomicFeatures' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-15933
2011-11-15 23:41:10
--------------------------------------------------------------------------------
Name : ReviewBoard
Product : Fedora 15
Version : 1.5.7
Release : 1.fc15
URL : http://www.review-board.org
Summary : Web-based code review tool
Description :
Review Board is a powerful web-based code review tool that offers
developers an easy way to handle code reviews. It scales well from small
projects to large companies and offers a variety of tools to take much
of the stress and time out of the code review process.
--------------------------------------------------------------------------------
Update Information:
- New upstream security release 1.5.7
- Security Fixes:
- A script injection vulnerability was discovered in the commenting system. This affected the diff viewer and screenshot pages, and allowed a commenter to break the page and execute JavaScript
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 15 2011 Stephen Gallagher <sgallagh(a)redhat.com> - 1.5.7-1
- New upstream security release 1.5.7
- Security Fixes:
- A script injection vulnerability was discovered in the commenting system.
This affected the diff viewer and screenshot pages, and allowed a
commenter to break the page and execute JavaScript
* Mon Aug 22 2011 Stephen Gallagher <sgallagh(a)redhat.com> - 1.5.6-1
- New upstream release 1.5.6
- http://www.reviewboard.org/docs/releasenotes/dev/reviewboard/1.5.6/
- New Features:
- The PATH environment variable is now shown in the error when patch.exe
can't be found, in order to help figure out where it needs to go
- rb-site more clearly informs that an existing database with valid
permissions is needed for installation
- rb-site now lists recommendations for different services, and lists
options that aren’t officially supported
- Tabs in the diff viewer are now marked up, allowing custom stylesheets to
display them differently. By default, they don’t look any different
- Added Fedora Hosted to the hosting provider options
- Editing a field and then canceling it on a review request now prompts for
confirmation before discarding the new text
- Control-S now saves the current text in review request fields
- We now support storing lots of text in the Description and Testing Done
fields on MySQL
- Performance Improvements:
- Review Board now requires Pygments 1.4 or higher. Older installations
running older versions of Pygments should get a performance increase when
rendering diffs
- Bug Fixes:
- Using Review Board with wsgi without mod_python installed on the system no
longer prevents Review Board from breaking
- Screenshot draft captions are now always displayed correctly. Previously,
only the main caption would display, making them appear blank on new
uploads
- Changing screenshot draft captions now invalidates the cache, allowing
them to be seen when reloading the page
- When sending an e-mail, we no longer crash if the sender has no e-mail
address
- Caching really long files or diffs now works more consistently.
Previously, it was possible for the data to not be stored correctly
- Fixed a date range calculation sometimes causing the log viewer to fail on
the first of the month
- Failing to load the Review Board News feed in the administration UI due to
a proxy will no longer cause an HTTP 500 error to display
- Invalid bug tracker URLs (those containing more than one %s, for example)
in the administration UI no longer breaks review requests
- The Mercurial support no longer overrides the SSH client configuration if
one is already provided
- The recaptcha_client dependency has been renamed to recaptcha-client. Both
technically work, but the former is more correct and makes packaging
easier
- Fixed a few occasional errors that could show up on the dashboard under
certain conditions
* Fri Jun 17 2011 Stephen Gallagher <sgallagh(a)redhat.com> - 1.5.5-2
- Resolves: rhbz#598463 - rb-site suggest that I use an unsafe temporary
- directory
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #754130 - CVE-2011-4312 ReviewBoard: XSS in the commenting system (diff viewer and screenshot pages) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=754130
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update ReviewBoard' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-15815
2011-11-12 03:06:10
--------------------------------------------------------------------------------
Name : tomcat
Product : Fedora 16
Version : 7.0.22
Release : 2.fc16
URL : http://tomcat.apache.org/
Summary : Apache Servlet/JSP Engine, RI for Servlet 3.0/JSP 2.2 API
Description :
Tomcat is the servlet container that is used in the official Reference
Implementation for the Java Servlet and JavaServer Pages technologies.
The Java Servlet and JavaServer Pages specifications are developed by
Sun under the Java Community Process.
Tomcat is developed in an open and participatory environment and
released under the Apache Software License version 2.0. Tomcat is intended
to be a collaboration of the best-of-breed developers from around the world.
--------------------------------------------------------------------------------
Update Information:
- Move tomcat-juli.jar to lib package
- Drop %%update_maven_depmap as in tomcat6
- Provide native systemd unit file ported from tomcat6
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 11 2011 Ivan Afonichev <ivan.afonichev(a)gmail.com> 0:7.0.22-2
- Move tomcat-juli.jar to lib package
- Drop %update_maven_depmap as in tomcat6
- Provide native systemd unit file ported from tomcat6
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #752571 - Packaging Juli logging jar under tomcat-lib
https://bugzilla.redhat.com/show_bug.cgi?id=752571
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update tomcat' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-16009
2011-11-17 22:46:04
--------------------------------------------------------------------------------
Name : allegro
Product : Fedora 16
Version : 4.4.2
Release : 2.fc16
URL : http://alleg.sourceforge.net/
Summary : A game programming library
Description :
Allegro is a cross-platform library intended for use in computer games
and other types of multimedia programming.
--------------------------------------------------------------------------------
Update Information:
Fix pre/post dependencies for non ix86 arches including x86_64 and ARM
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 15 2011 Peter Robinson <pbrobinson(a)fedoraproject.org> 4.4.2-2
- Make pre/post dependencies for all non i686 arches sane
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update allegro' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-16129
2011-11-19 05:17:23
--------------------------------------------------------------------------------
Name : mcelog
Product : Fedora 16
Version : 1.0
Release : 0.3.6e4e2a00.fc16
URL : https://github.com/andikleen/mcelog.git
Summary : Tool to translate x86-64 CPU Machine Check Exception data.
Description :
mcelog is a utility that collects and decodes Machine Check Exception data
on x86-32 and x86-64 systems. It can be run either as a daemon, or by cron.
--------------------------------------------------------------------------------
Update Information:
- Updated sources to deal with various warning issues [701083] [704302]
- Update URL for new location of Andi's mcelog tree
- Update n-v-r to include latest git hash
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 17 2011 Prarit Bhargava <prarit(a)redhat.com> 2:1.0-0.3.6e4e2a00
- Updated sources to deal with various warning issues [701083] [704302]
- Update URL for new location of Andi's mcelog tree
- Update n-v-r to include latest git hash
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update mcelog' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-15839
2011-11-13 04:38:51
--------------------------------------------------------------------------------
Name : libsocialweb
Product : Fedora 15
Version : 0.25.20
Release : 1.fc15
URL : http://www.gnome.org/
Summary : A social network data aggregator
Description :
libsocialweb is a social data server which fetches data from the "social web",
such as your friend's blog posts and photos, upcoming events, recently played
tracks, and pending eBay* auctions. It also provides a service to update
your status on web services which support it, such as MySpace* and Twitter*.
--------------------------------------------------------------------------------
Update Information:
CVE-2011-4129
A security flaw was found in the way the libsocialweb, a social network data aggregator, performed its initialization when this service start was initiated by the dbus daemon. Due to a deficiency in a way the libsocialweb service was initialized, an untrusted (non-SSL) network connection has been opened to remote Twitter service servers without explicit approval of the user, running the libsocialweb service on the local host. A remote attacker could use this flaw to conduct various MITM attacks and potentially alter integrity of the user account in question.
* libsocialweb: The views will try and fetch content from the web service even if they aren't configured.
* rest: enforce that the SSL certificate is valid
--------------------------------------------------------------------------------
ChangeLog:
* Sat Nov 12 2011 Peter Robinson <pbrobinson(a)fedoraproject.org> 0.25.20-1
- update to 0.25.20. Fixes CVE-2011-4129, RHBZ 752022
* Mon Jul 4 2011 Bastien Nocera <bnocera(a)redhat.com> 0.25.19-1
- Update to 0.25.19
* Wed Jun 15 2011 Peter Robinson <pbrobinson(a)fedoraproject.org> 0.25.18-1
- Update to 0.25.18
* Sun May 22 2011 Peter Robinson <pbrobinson(a)fedoraproject.org> 0.25.17-1
- Update to 0.25.17
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #752022 - CVE-2011-4129 libsocialweb: Untrusted connection to Twitter without user's approval upon service start via dbus
https://bugzilla.redhat.com/show_bug.cgi?id=752022
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update libsocialweb' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-15839
2011-11-13 04:38:51
--------------------------------------------------------------------------------
Name : rest
Product : Fedora 15
Version : 0.7.12
Release : 1.fc15
URL : http://www.gnome.org
Summary : A library for access to RESTful web services
Description :
This library was designed to make it easier to access web services that
claim to be "RESTful". A RESTful service should have urls that represent
remote objects, which methods can then be called on. The majority of services
don't actually adhere to this strict definition. Instead, their RESTful end
point usually has an API that is just simpler to use compared to other types
of APIs they may support (XML-RPC, for instance). It is this kind of API that
this library is attempting to support.
--------------------------------------------------------------------------------
Update Information:
CVE-2011-4129
A security flaw was found in the way the libsocialweb, a social network data aggregator, performed its initialization when this service start was initiated by the dbus daemon. Due to a deficiency in a way the libsocialweb service was initialized, an untrusted (non-SSL) network connection has been opened to remote Twitter service servers without explicit approval of the user, running the libsocialweb service on the local host. A remote attacker could use this flaw to conduct various MITM attacks and potentially alter integrity of the user account in question.
* libsocialweb: The views will try and fetch content from the web service even if they aren't configured.
* rest: enforce that the SSL certificate is valid
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 10 2011 Peter Robinson <pbrobinson(a)fedoraproject.org> 0.7.12-1
- Release 0.7.12. Fixes CVE-2011-4129 RHBZ 752022
* Fri Oct 28 2011 Peter Robinson <pbrobinson(a)fedoraproject.org> 0.7.11-1
- Release 0.7.11
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #752022 - CVE-2011-4129 libsocialweb: Untrusted connection to Twitter without user's approval upon service start via dbus
https://bugzilla.redhat.com/show_bug.cgi?id=752022
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update rest' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-16185
2011-11-20 23:36:09
--------------------------------------------------------------------------------
Name : groovy
Product : Fedora 16
Version : 1.8.4
Release : 1.fc16
URL : http://groovy.codehaus.org/
Summary : Dynamic language for the Java Platform
Description :
Groovy is an agile and dynamic language for the Java Virtual Machine,
built upon Java with features inspired by languages like Python, Ruby and
Smalltalk. It seamlessly integrates with all existing Java objects and
libraries and compiles straight to Java bytecode so you can use it anywhere
you can use Java.
--------------------------------------------------------------------------------
Update Information:
Update to recent upstream version which fixes some bugs and includes some enhancements. Further information could be found:
http://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10242&version=17…
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 20 2011 Johannes Lips <hannes(a)fedoraproject.org> - 1.8.4-1
- Update to 1.8.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #753111 - groovy-1.8.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=753111
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update groovy' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-16027
2011-11-17 22:47:08
--------------------------------------------------------------------------------
Name : python-flask
Product : Fedora 15
Version : 0.6.1
Release : 3.fc15
URL : http://flask.pocoo.org/
Summary : A micro-framework for Python based on Werkzeug, Jinja 2 and good intentions
Description :
Flask is called a “micro-framework” because the idea to keep the core
simple but extensible. There is no database abstraction layer, no form
validation or anything else where different libraries already exist
that can handle that. However Flask knows the concept of extensions
that can add this functionality into your application as if it was
implemented in Flask itself. There are currently extensions for object
relational mappers, form validation, upload handling, various open
authentication technologies and more.
--------------------------------------------------------------------------------
Update Information:
Fixes bug regarding ownership of easy-install.pth
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 16 2011 Dan Young <dyoung(a)mesd.k12.or.us> - 0.6.1-3
- don't own easy-install.pth
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #752706 - python-flask breaks locally installed eggs by containing bogus easy-install.pth
https://bugzilla.redhat.com/show_bug.cgi?id=752706
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update python-flask' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------