Fedora 18 Update: ykpers-1.13.0-1.fc18
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-10158
2013-06-06 00:55:27
--------------------------------------------------------------------------------
Name : ykpers
Product : Fedora 18
Version : 1.13.0
Release : 1.fc18
URL : http://code.google.com/p/yubikey-personalization/
Summary : Yubikey personalization program
Description :
Yubico's YubiKey can be re-programmed with a new AES key. This is a library
that makes this an easy task.
--------------------------------------------------------------------------------
Update Information:
Update to 1.13.0: ycfg-json functions, recognize newer firmware
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 13 2013 - Maxim Burgerhout <wzzrd(a)fedoraproject.org> - 1.13.0-1
- Update to 1.13.0: ycfg-json functions, recognize newer firmware
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update ykpers' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 5 months
[SECURITY] Fedora 19 Update: drupal7-7.24-1.fc19
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-21844
2013-11-23 09:01:59
--------------------------------------------------------------------------------
Name : drupal7
Product : Fedora 19
Version : 7.24
Release : 1.fc19
URL : http://www.drupal.org
Summary : An open-source content-management platform
Description :
Equipped with a powerful blend of features, Drupal is a Content Management
System written in PHP that can support a variety of websites ranging from
personal weblogs to large community-driven websites. Drupal is highly
configurable, skinnable, and secure.
--------------------------------------------------------------------------------
Update Information:
- Update to upstream 7.24 release for security fixes
- Upstream changelog for this release is available at https://drupal.org/drupal-7.24-release-notes
- SA-CORE-2013-003 - Drupal core - Multiple vulnerabilities - http://drupal.org/SA-CORE-2013-003
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 21 2013 Peter Borsa <peter.borsa(a)gmail.com> - 7.24-1
- Update to upstream 7.24 release for security fixes
- Upstream changelog for this release is available at https://drupal.org/drupal-7.24-release-notes
* Sat Aug 10 2013 Peter Borsa <peter.borsa(a)gmail.com> - 7.23-3
- Fix indentation in drupal7.prov.rpm-lt-4-9-compat file.
* Sat Aug 10 2013 Peter Borsa <peter.borsa(a)gmail.com> - 7.23-2
- EL5 prov Python fix, BZ 995734.
* Thu Aug 8 2013 Peter Borsa <peter.borsa(a)gmail.com> - 7.23-1
- Update to upstream 7.23 release for bug fixes
- Upstream changelog for this release is available at https://drupal.org/drupal-7.23-release-notes
* Tue Jul 30 2013 Jon Ciesla <limburgher(a)gmail.com> - 7.22-8
- Add crontabs requires, BZ 989021.
* Wed Jul 10 2013 Jon Ciesla <limburgher(a)gmail.com> - 7.22-7
- Typo and EL5 FHS fixes, BZ 979827.
* Tue Jun 18 2013 Jon Ciesla <limburgher(a)gmail.com> - 7.22-6
- Add AllowOverride All to drupal7.conf, BZ 905912.
* Mon Jun 3 2013 Jon Ciesla <limburgher(a)gmail.com> - 7.22-5
- Add auto-requires, BZ 969593.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1032973 - CVE-2013-6385 CVE-2013-6386 CVE-2013-6387 CVE-2013-6388 CVE-2013-6389 drupal: multiple vulnerabilities corrected in 6.29 and 7.24 (SA-CORE-2013-003)
https://bugzilla.redhat.com/show_bug.cgi?id=1032973
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update drupal7' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 5 months
[SECURITY] Fedora 19 Update: nginx-1.4.4-1.fc19
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-21826
2013-11-23 09:01:23
--------------------------------------------------------------------------------
Name : nginx
Product : Fedora 19
Version : 1.4.4
Release : 1.fc19
URL : http://nginx.org/
Summary : A high performance web server and reverse proxy server
Description :
Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and
IMAP protocols, with a strong focus on high concurrency, performance and low
memory usage.
--------------------------------------------------------------------------------
Update Information:
- Update to the latest version
- Upstream changelog can be found at http://nginx.org/en/CHANGES-1.4
- Security fix BZ 1032267
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 20 2013 Peter Borsa <peter.borsa(a)gmail.com> - 1:1.4.4-1
- Update to upstream release 1.4.4
- Security fix BZ 1032267
* Sun Nov 3 2013 Jamie Nguyen <jamielinux(a)fedoraproject.org> - 1:1.4.3-1
- update to upstream release 1.4.3
* Fri Aug 9 2013 Jonathan Steffan <jsteffan(a)fedoraproject.org> - 1:1.4.2-3
- Add in conditionals to build for non-systemd targets
* Sat Aug 3 2013 Petr Pisar <ppisar(a)redhat.com> - 1:1.4.2-2
- Perl 5.18 rebuild
* Fri Jul 19 2013 Jamie Nguyen <jamielinux(a)fedoraproject.org> - 1:1.4.2-1
- update to upstream release 1.4.2
* Wed Jul 17 2013 Petr Pisar <ppisar(a)redhat.com> - 1:1.4.1-3
- Perl 5.18 rebuild
* Tue Jun 11 2013 Remi Collet <rcollet(a)redhat.com> - 1:1.4.1-2
- rebuild for new GD 2.1.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1032266 - CVE-2013-4547 nginx: security restriction bypass flaw due to whitespace parsing
https://bugzilla.redhat.com/show_bug.cgi?id=1032266
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update nginx' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 5 months
Fedora 19 Update: anki-2.0.18-1.fc19
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-21879
2013-11-23 09:03:12
--------------------------------------------------------------------------------
Name : anki
Product : Fedora 19
Version : 2.0.18
Release : 1.fc19
URL : http://ankisrs.net/
Summary : Flashcard program for using space repetition learning
Description :
Anki is a program designed to help you remember facts (such as words
and phrases in a foreign language) as easily, quickly and efficiently
as possible. Anki is based on a theory called spaced repetition.
--------------------------------------------------------------------------------
Update Information:
Update to new bugfix upstream release 2.0.18.
Minor bug fixes
Please see http://www.ankisrs.net/docs/changes.html for details.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 20 2013 Christian Krause <chkr(a)fedoraproject.org> - 2.0.18-1
- Update to new upstream version 2.0.18 (BZ 1027704)
* Fri Nov 1 2013 Christian Krause <chkr(a)fedoraproject.org> - 2.0.16-1
- Update to new upstream version 2.0.16
* Fri Oct 11 2013 Christian Krause <chkr(a)fedoraproject.org> - 2.0.13-1
- Update to new upstream version 2.0.13
* Sun Aug 4 2013 Christian Krause <chkr(a)fedoraproject.org> - 2.0.12-1
- Update to new upstream version 2.0.12 (BZ 989901)
- Install docs to %{_pkgdocdir} (BZ 991962)
- Install additional LICENSE file
* Mon Jun 24 2013 Christian Krause <chkr(a)fedoraproject.org> - 2.0.11-1
- Update to new upstream version 2.0.11 (BZ 973523)
* Mon Jun 3 2013 Christian Krause <chkr(a)fedoraproject.org> - 2.0.9-1
- Update to new upstream version 2.0.9 (BZ 970052)
- Remove patch (issue was fixed upstream)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1027704 - anki-2.0.18 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1027704
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update anki' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 5 months
Fedora 19 Update: php-pecl-yaml-1.1.1-1.fc19
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-21860
2013-11-23 09:02:32
--------------------------------------------------------------------------------
Name : php-pecl-yaml
Product : Fedora 19
Version : 1.1.1
Release : 1.fc19
URL : http://code.google.com/p/php-yaml/
Summary : Support for YAML 1.1 serialization using the LibYAML library
Description :
The YAML PHP Extension provides a wrapper to the LibYAML library. It gives the
user the ability to parse YAML document streams into PHP constructs and emit PHP
constructs as valid YAML 1.1 documents.
--------------------------------------------------------------------------------
Update Information:
This update to the YAML extension contains a number of bug fixes (including several crashers), and adds an implementation of yaml_emit_file() that was mistakenly never enabled. The full Changelog can be viewed here: http://pecl.php.net/package-changelog.php?package=yaml&release=1.1.1
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 20 2013 Theodore Lee <theo148(a)gmail.com> - 1.1.1-1
- Update to upstream 1.1.1 release
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.1.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update php-pecl-yaml' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 5 months
[SECURITY] Fedora 19 Update: mediawiki-1.21.3-1.fc19
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-21856
2013-11-23 09:02:25
--------------------------------------------------------------------------------
Name : mediawiki
Product : Fedora 19
Version : 1.21.3
Release : 1.fc19
URL : http://www.mediawiki.org/
Summary : A wiki engine
Description :
MediaWiki is the software used for Wikipedia and the other Wikimedia
Foundation websites. Compared to other wikis, it has an excellent
range of features and support for high-traffic websites using multiple
servers
This package supports wiki farms. Read the instructions for creating wiki
instances under /usr/share/doc/mediawiki-1.21.3/README.RPM.
Remember to remove the config dir after completing the configuration.
--------------------------------------------------------------------------------
Update Information:
* Kevin Israel (Wikipedia user PleaseStand) identified and reported two vectors for injecting Javascript in CSS that bypassed MediaWiki's blacklist (CVE-2013-4567, CVE-2013-4568).
<https://bugzilla.wikimedia.org/show_bug.cgi?id=55332>
* Internal review while debugging a site issue discovered that MediaWiki and the CentralNotice extension were incorrectly setting cache headers when a user was autocreated, causing the user's session cookies to be cached, and returned to other users (CVE-2013-4572).
<https://bugzilla.wikimedia.org/show_bug.cgi?id=53032>
Additionally, the following extensions have been updated to fix security issues:
* CleanChanges: MediaWiki steward Teles reported that revision-deleted IP's are not correctly hidden when this extension is used (CVE-2013-4569).
<https://bugzilla.wikimedia.org/show_bug.cgi?id=54294>
* ZeroRatedMobileAccess: Tomasz Chlebowski reported an XSS vulnerability (CVE-2013-4573).
<https://bugzilla.wikimedia.org/show_bug.cgi?id=55991>
* CentralAuth: MediaWiki developer Platonides reported a login CSRF in CentralAuth (CVE-2012-5394).
<https://bugzilla.wikimedia.org/show_bug.cgi?id=40747>
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 19 2013 Michael Cronenworth <mike(a)cchtml.com> - 1.21.3-1
- New upstream release.
* Sat Oct 5 2013 Michael Cronenworth <mike(a)cchtml.com> - 1.21.2-2
- Packaging fixes. (#1006110, #1007377)
* Thu Sep 5 2013 Michael Cronenworth <mike(a)cchtml.com> - 1.21.2-1
- New upstream release.
* Sat Jul 27 2013 Michael Cronenworth <mike(a)cchtml.com> - 1.21.1-4
- Update mw-createinstance
* Wed Jul 10 2013 Michael Cronenworth <mike(a)cchtml.com> - 1.21.1-3
- Fix Obsoletes
* Tue Jul 9 2013 Michael Cronenworth <mike(a)cchtml.com> - 1.21.1-2
- Provide/Obsolete now included extensions (#967811)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1030987 - CVE-2013-4567 CVE-2013-4568 CVE-2013-4572 mediawiki: security releases 1.21.3, 1.20.8, and 1.19.9
https://bugzilla.redhat.com/show_bug.cgi?id=1030987
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update mediawiki' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 5 months
Fedora 19 Update: rubygem-thinking-sphinx-3.0.6-2.fc19
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-21864
2013-11-23 09:02:42
--------------------------------------------------------------------------------
Name : rubygem-thinking-sphinx
Product : Fedora 19
Version : 3.0.6
Release : 2.fc19
URL : http://pat.github.io/thinking-sphinx/
Summary : A smart wrapper over Sphinx for ActiveRecord
Description :
An intelligent layer for ActiveRecord (via Rails and Sinatra) for the Sphinx
full-text search tool.
--------------------------------------------------------------------------------
Update Information:
First Fedora release. Thinking-Sphinx is an intelligent layer for ActiveRecord (via Rails and Sinatra) for the Sphinx full-text search tool.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1027407 - Review Request: rubygem-thinking-sphinx - A smart wrapper over Sphinx for ActiveRecord
https://bugzilla.redhat.com/show_bug.cgi?id=1027407
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update rubygem-thinking-sphinx' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 5 months
[SECURITY] Fedora 19 Update: mingw-curl-7.33.0-1.fc19
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-21887
2013-11-23 09:03:27
--------------------------------------------------------------------------------
Name : mingw-curl
Product : Fedora 19
Version : 7.33.0
Release : 1.fc19
URL : http://curl.haxx.se/
Summary : MinGW Windows port of curl and libcurl
Description :
cURL is a tool for getting files from HTTP, FTP, FILE, LDAP, LDAPS,
DICT, TELNET and TFTP servers, using any of the supported protocols.
cURL is designed to work without user interaction or any kind of
interactivity. cURL offers many useful capabilities, like proxy
support, user authentication, FTP upload, HTTP post, and file transfer
resume.
This is the MinGW cross-compiled Windows library.
--------------------------------------------------------------------------------
Update Information:
* Update to 7.33.0
* Fixes CVE-2013-4545, RHBZ #1031429
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 20 2013 Erik van Pienbroek <epienbro(a)fedoraproject.org> - 7.33.0-1
- Update to 7.33.0
- Fixes CVE-2013-4545, RHBZ #1031429
* Sat Sep 7 2013 Erik van Pienbroek <epienbro(a)fedoraproject.org> - 7.32.0-1
- Update to 7.32.0
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 7.31.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Sat Jul 13 2013 Erik van Pienbroek <epienbro(a)fedoraproject.org> - 7.31.0-1
- Update to 7.31.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1031429 - CVE-2013-4545 mingw-curl: curl: TLS/SSL certificate name check disabled with peer verification [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1031429
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update mingw-curl' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 5 months
Fedora 19 Update: starcal-2.2.5-1.fc19
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-21934
2013-11-24 02:49:03
--------------------------------------------------------------------------------
Name : starcal
Product : Fedora 19
Version : 2.2.5
Release : 1.fc19
URL : http://sourceforge.net/projects/starcal/
Summary : A full-featured international calendar written in Python
Description :
StarCalendar is a full-featured international calendar written in Python,
with both PyGTK and PyQt interfaces, that supports Jalai(Iranian),
Hijri(Islamic), and Indian National calendars, as well as common
English(Gregorian) calendar
--------------------------------------------------------------------------------
Update Information:
Update starcal to version 2.2.5.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Nov 23 2013 Hedayat Vatankhah <hedayat.fwd+rpmchlog(a)gmail.com> - 2.2.5-1
- Update to 2.2.5 upstream version
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 2.1.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Sun Jul 21 2013 Hedayat Vatankhah <hedayat.fwd+rpmchlog(a)gmail.com> - 2.2.1-1
- Update to new upstream version 2.2.1
- Update the extension to work with gnome shell 3.8
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update starcal' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 5 months
Fedora 19 Update: rubygem-creole-0.5.0-3.fc19
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-21877
2013-11-23 09:03:08
--------------------------------------------------------------------------------
Name : rubygem-creole
Product : Fedora 19
Version : 0.5.0
Release : 3.fc19
URL : https://github.com/minad/creole
Summary : Lightweight markup language
Description :
Creole is a lightweight markup language (http://wikicreole.org/).
--------------------------------------------------------------------------------
Update Information:
First Fedora release. Creole is a lightweight markup language. See http://wikicreole.org for more information.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1027521 - Review Request: rubygem-creole - Lightweight markup language
https://bugzilla.redhat.com/show_bug.cgi?id=1027521
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update rubygem-creole' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 5 months