December 2013 - package-announce - Fedora Mailing-Lists

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-10158 2013-06-06 00:55:27 -------------------------------------------------------------------------------- Name : ykpers Product : Fedora 18 Version : 1.13.0 Release : 1.fc18 URL : http://code.google.com/p/yubikey-personalization/ Summary : Yubikey personalization program Description : Yubico's YubiKey can be re-programmed with a new AES key. This is a library that makes this an easy task. -------------------------------------------------------------------------------- Update Information: Update to 1.13.0: ycfg-json functions, recognize newer firmware -------------------------------------------------------------------------------- ChangeLog: * Mon May 13 2013 - Maxim Burgerhout <wzzrd(a)fedoraproject.org> - 1.13.0-1 - Update to 1.13.0: ycfg-json functions, recognize newer firmware -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update ykpers' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

10 years, 5 months

1
0
0 / 0

[SECURITY] Fedora 19 Update: drupal7-7.24-1.fc19

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-21844 2013-11-23 09:01:59 -------------------------------------------------------------------------------- Name : drupal7 Product : Fedora 19 Version : 7.24 Release : 1.fc19 URL : http://www.drupal.org Summary : An open-source content-management platform Description : Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. -------------------------------------------------------------------------------- Update Information: - Update to upstream 7.24 release for security fixes - Upstream changelog for this release is available at https://drupal.org/drupal-7.24-release-notes - SA-CORE-2013-003 - Drupal core - Multiple vulnerabilities - http://drupal.org/SA-CORE-2013-003 -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 21 2013 Peter Borsa <peter.borsa(a)gmail.com> - 7.24-1 - Update to upstream 7.24 release for security fixes - Upstream changelog for this release is available at https://drupal.org/drupal-7.24-release-notes * Sat Aug 10 2013 Peter Borsa <peter.borsa(a)gmail.com> - 7.23-3 - Fix indentation in drupal7.prov.rpm-lt-4-9-compat file. * Sat Aug 10 2013 Peter Borsa <peter.borsa(a)gmail.com> - 7.23-2 - EL5 prov Python fix, BZ 995734. * Thu Aug 8 2013 Peter Borsa <peter.borsa(a)gmail.com> - 7.23-1 - Update to upstream 7.23 release for bug fixes - Upstream changelog for this release is available at https://drupal.org/drupal-7.23-release-notes * Tue Jul 30 2013 Jon Ciesla <limburgher(a)gmail.com> - 7.22-8 - Add crontabs requires, BZ 989021. * Wed Jul 10 2013 Jon Ciesla <limburgher(a)gmail.com> - 7.22-7 - Typo and EL5 FHS fixes, BZ 979827. * Tue Jun 18 2013 Jon Ciesla <limburgher(a)gmail.com> - 7.22-6 - Add AllowOverride All to drupal7.conf, BZ 905912. * Mon Jun 3 2013 Jon Ciesla <limburgher(a)gmail.com> - 7.22-5 - Add auto-requires, BZ 969593. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1032973 - CVE-2013-6385 CVE-2013-6386 CVE-2013-6387 CVE-2013-6388 CVE-2013-6389 drupal: multiple vulnerabilities corrected in 6.29 and 7.24 (SA-CORE-2013-003) https://bugzilla.redhat.com/show_bug.cgi?id=1032973 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update drupal7' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

10 years, 5 months

1
0
0 / 0

[SECURITY] Fedora 19 Update: nginx-1.4.4-1.fc19

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-21826 2013-11-23 09:01:23 -------------------------------------------------------------------------------- Name : nginx Product : Fedora 19 Version : 1.4.4 Release : 1.fc19 URL : http://nginx.org/ Summary : A high performance web server and reverse proxy server Description : Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage. -------------------------------------------------------------------------------- Update Information: - Update to the latest version - Upstream changelog can be found at http://nginx.org/en/CHANGES-1.4 - Security fix BZ 1032267 -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 20 2013 Peter Borsa <peter.borsa(a)gmail.com> - 1:1.4.4-1 - Update to upstream release 1.4.4 - Security fix BZ 1032267 * Sun Nov 3 2013 Jamie Nguyen <jamielinux(a)fedoraproject.org> - 1:1.4.3-1 - update to upstream release 1.4.3 * Fri Aug 9 2013 Jonathan Steffan <jsteffan(a)fedoraproject.org> - 1:1.4.2-3 - Add in conditionals to build for non-systemd targets * Sat Aug 3 2013 Petr Pisar <ppisar(a)redhat.com> - 1:1.4.2-2 - Perl 5.18 rebuild * Fri Jul 19 2013 Jamie Nguyen <jamielinux(a)fedoraproject.org> - 1:1.4.2-1 - update to upstream release 1.4.2 * Wed Jul 17 2013 Petr Pisar <ppisar(a)redhat.com> - 1:1.4.1-3 - Perl 5.18 rebuild * Tue Jun 11 2013 Remi Collet <rcollet(a)redhat.com> - 1:1.4.1-2 - rebuild for new GD 2.1.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1032266 - CVE-2013-4547 nginx: security restriction bypass flaw due to whitespace parsing https://bugzilla.redhat.com/show_bug.cgi?id=1032266 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update nginx' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

10 years, 5 months

1
0
0 / 0

Fedora 19 Update: anki-2.0.18-1.fc19

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-21879 2013-11-23 09:03:12 -------------------------------------------------------------------------------- Name : anki Product : Fedora 19 Version : 2.0.18 Release : 1.fc19 URL : http://ankisrs.net/ Summary : Flashcard program for using space repetition learning Description : Anki is a program designed to help you remember facts (such as words and phrases in a foreign language) as easily, quickly and efficiently as possible. Anki is based on a theory called spaced repetition. -------------------------------------------------------------------------------- Update Information: Update to new bugfix upstream release 2.0.18. Minor bug fixes Please see http://www.ankisrs.net/docs/changes.html for details. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 20 2013 Christian Krause <chkr(a)fedoraproject.org> - 2.0.18-1 - Update to new upstream version 2.0.18 (BZ 1027704) * Fri Nov 1 2013 Christian Krause <chkr(a)fedoraproject.org> - 2.0.16-1 - Update to new upstream version 2.0.16 * Fri Oct 11 2013 Christian Krause <chkr(a)fedoraproject.org> - 2.0.13-1 - Update to new upstream version 2.0.13 * Sun Aug 4 2013 Christian Krause <chkr(a)fedoraproject.org> - 2.0.12-1 - Update to new upstream version 2.0.12 (BZ 989901) - Install docs to %{_pkgdocdir} (BZ 991962) - Install additional LICENSE file * Mon Jun 24 2013 Christian Krause <chkr(a)fedoraproject.org> - 2.0.11-1 - Update to new upstream version 2.0.11 (BZ 973523) * Mon Jun 3 2013 Christian Krause <chkr(a)fedoraproject.org> - 2.0.9-1 - Update to new upstream version 2.0.9 (BZ 970052) - Remove patch (issue was fixed upstream) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1027704 - anki-2.0.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=1027704 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update anki' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

10 years, 5 months

1
0
0 / 0

Fedora 19 Update: php-pecl-yaml-1.1.1-1.fc19

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-21860 2013-11-23 09:02:32 -------------------------------------------------------------------------------- Name : php-pecl-yaml Product : Fedora 19 Version : 1.1.1 Release : 1.fc19 URL : http://code.google.com/p/php-yaml/ Summary : Support for YAML 1.1 serialization using the LibYAML library Description : The YAML PHP Extension provides a wrapper to the LibYAML library. It gives the user the ability to parse YAML document streams into PHP constructs and emit PHP constructs as valid YAML 1.1 documents. -------------------------------------------------------------------------------- Update Information: This update to the YAML extension contains a number of bug fixes (including several crashers), and adds an implementation of yaml_emit_file() that was mistakenly never enabled. The full Changelog can be viewed here: http://pecl.php.net/package-changelog.php?package=yaml&release=1.1.1 -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 20 2013 Theodore Lee <theo148(a)gmail.com> - 1.1.1-1 - Update to upstream 1.1.1 release * Sun Aug 4 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.1.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update php-pecl-yaml' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

10 years, 5 months

1
0
0 / 0

[SECURITY] Fedora 19 Update: mediawiki-1.21.3-1.fc19

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-21856 2013-11-23 09:02:25 -------------------------------------------------------------------------------- Name : mediawiki Product : Fedora 19 Version : 1.21.3 Release : 1.fc19 URL : http://www.mediawiki.org/ Summary : A wiki engine Description : MediaWiki is the software used for Wikipedia and the other Wikimedia Foundation websites. Compared to other wikis, it has an excellent range of features and support for high-traffic websites using multiple servers This package supports wiki farms. Read the instructions for creating wiki instances under /usr/share/doc/mediawiki-1.21.3/README.RPM. Remember to remove the config dir after completing the configuration. -------------------------------------------------------------------------------- Update Information: * Kevin Israel (Wikipedia user PleaseStand) identified and reported two vectors for injecting Javascript in CSS that bypassed MediaWiki's blacklist (CVE-2013-4567, CVE-2013-4568). <https://bugzilla.wikimedia.org/show_bug.cgi?id=55332> * Internal review while debugging a site issue discovered that MediaWiki and the CentralNotice extension were incorrectly setting cache headers when a user was autocreated, causing the user's session cookies to be cached, and returned to other users (CVE-2013-4572). <https://bugzilla.wikimedia.org/show_bug.cgi?id=53032> Additionally, the following extensions have been updated to fix security issues: * CleanChanges: MediaWiki steward Teles reported that revision-deleted IP's are not correctly hidden when this extension is used (CVE-2013-4569). <https://bugzilla.wikimedia.org/show_bug.cgi?id=54294> * ZeroRatedMobileAccess: Tomasz Chlebowski reported an XSS vulnerability (CVE-2013-4573). <https://bugzilla.wikimedia.org/show_bug.cgi?id=55991> * CentralAuth: MediaWiki developer Platonides reported a login CSRF in CentralAuth (CVE-2012-5394). <https://bugzilla.wikimedia.org/show_bug.cgi?id=40747> -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 19 2013 Michael Cronenworth <mike(a)cchtml.com> - 1.21.3-1 - New upstream release. * Sat Oct 5 2013 Michael Cronenworth <mike(a)cchtml.com> - 1.21.2-2 - Packaging fixes. (#1006110, #1007377) * Thu Sep 5 2013 Michael Cronenworth <mike(a)cchtml.com> - 1.21.2-1 - New upstream release. * Sat Jul 27 2013 Michael Cronenworth <mike(a)cchtml.com> - 1.21.1-4 - Update mw-createinstance * Wed Jul 10 2013 Michael Cronenworth <mike(a)cchtml.com> - 1.21.1-3 - Fix Obsoletes * Tue Jul 9 2013 Michael Cronenworth <mike(a)cchtml.com> - 1.21.1-2 - Provide/Obsolete now included extensions (#967811) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1030987 - CVE-2013-4567 CVE-2013-4568 CVE-2013-4572 mediawiki: security releases 1.21.3, 1.20.8, and 1.19.9 https://bugzilla.redhat.com/show_bug.cgi?id=1030987 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update mediawiki' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

10 years, 5 months

1
0
0 / 0

Fedora 19 Update: rubygem-thinking-sphinx-3.0.6-2.fc19

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-21864 2013-11-23 09:02:42 -------------------------------------------------------------------------------- Name : rubygem-thinking-sphinx Product : Fedora 19 Version : 3.0.6 Release : 2.fc19 URL : http://pat.github.io/thinking-sphinx/ Summary : A smart wrapper over Sphinx for ActiveRecord Description : An intelligent layer for ActiveRecord (via Rails and Sinatra) for the Sphinx full-text search tool. -------------------------------------------------------------------------------- Update Information: First Fedora release. Thinking-Sphinx is an intelligent layer for ActiveRecord (via Rails and Sinatra) for the Sphinx full-text search tool. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1027407 - Review Request: rubygem-thinking-sphinx - A smart wrapper over Sphinx for ActiveRecord https://bugzilla.redhat.com/show_bug.cgi?id=1027407 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update rubygem-thinking-sphinx' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

10 years, 5 months

1
0
0 / 0

[SECURITY] Fedora 19 Update: mingw-curl-7.33.0-1.fc19

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-21887 2013-11-23 09:03:27 -------------------------------------------------------------------------------- Name : mingw-curl Product : Fedora 19 Version : 7.33.0 Release : 1.fc19 URL : http://curl.haxx.se/ Summary : MinGW Windows port of curl and libcurl Description : cURL is a tool for getting files from HTTP, FTP, FILE, LDAP, LDAPS, DICT, TELNET and TFTP servers, using any of the supported protocols. cURL is designed to work without user interaction or any kind of interactivity. cURL offers many useful capabilities, like proxy support, user authentication, FTP upload, HTTP post, and file transfer resume. This is the MinGW cross-compiled Windows library. -------------------------------------------------------------------------------- Update Information: * Update to 7.33.0 * Fixes CVE-2013-4545, RHBZ #1031429 -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 20 2013 Erik van Pienbroek <epienbro(a)fedoraproject.org> - 7.33.0-1 - Update to 7.33.0 - Fixes CVE-2013-4545, RHBZ #1031429 * Sat Sep 7 2013 Erik van Pienbroek <epienbro(a)fedoraproject.org> - 7.32.0-1 - Update to 7.32.0 * Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 7.31.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Sat Jul 13 2013 Erik van Pienbroek <epienbro(a)fedoraproject.org> - 7.31.0-1 - Update to 7.31.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1031429 - CVE-2013-4545 mingw-curl: curl: TLS/SSL certificate name check disabled with peer verification [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1031429 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update mingw-curl' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

10 years, 5 months

1
0
0 / 0

Fedora 19 Update: starcal-2.2.5-1.fc19

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-21934 2013-11-24 02:49:03 -------------------------------------------------------------------------------- Name : starcal Product : Fedora 19 Version : 2.2.5 Release : 1.fc19 URL : http://sourceforge.net/projects/starcal/ Summary : A full-featured international calendar written in Python Description : StarCalendar is a full-featured international calendar written in Python, with both PyGTK and PyQt interfaces, that supports Jalai(Iranian), Hijri(Islamic), and Indian National calendars, as well as common English(Gregorian) calendar -------------------------------------------------------------------------------- Update Information: Update starcal to version 2.2.5. -------------------------------------------------------------------------------- ChangeLog: * Sat Nov 23 2013 Hedayat Vatankhah <hedayat.fwd+rpmchlog(a)gmail.com> - 2.2.5-1 - Update to 2.2.5 upstream version * Sun Aug 4 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 2.1.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Sun Jul 21 2013 Hedayat Vatankhah <hedayat.fwd+rpmchlog(a)gmail.com> - 2.2.1-1 - Update to new upstream version 2.2.1 - Update the extension to work with gnome shell 3.8 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update starcal' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

10 years, 5 months

1
0
0 / 0

Fedora 19 Update: rubygem-creole-0.5.0-3.fc19

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-21877 2013-11-23 09:03:08 -------------------------------------------------------------------------------- Name : rubygem-creole Product : Fedora 19 Version : 0.5.0 Release : 3.fc19 URL : https://github.com/minad/creole Summary : Lightweight markup language Description : Creole is a lightweight markup language (http://wikicreole.org/). -------------------------------------------------------------------------------- Update Information: First Fedora release. Creole is a lightweight markup language. See http://wikicreole.org for more information. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1027521 - Review Request: rubygem-creole - Lightweight markup language https://bugzilla.redhat.com/show_bug.cgi?id=1027521 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update rubygem-creole' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

10 years, 5 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

package-announce December 2013