package-announce March 2013

package-announce@lists.fedoraproject.org

1 participants
1716 discussions

[SECURITY] Fedora 17 Update: ruby-1.9.3.392-29.fc17
by updates＠fedoraproject.org 05 Mar '13

05 Mar '13

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-3038 2013-02-26 01:54:32 -------------------------------------------------------------------------------- Name : ruby Product : Fedora 17 Version : 1.9.3.392 Release : 29.fc17 URL : http://ruby-lang.org/ Summary : An interpreter of object-oriented scripting language Description : Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. -------------------------------------------------------------------------------- Update Information: The new version 1.9.3 patchlevel 392 is released. A bug was found in the previous ruby that unrestricted entity expansion can lead to a DoS vulnerability in REXML. This new rpm will fix this issue. -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 25 2013 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.392-29 - Update to 1.9.3 p392 - Fix entity expansion DoS vulnerability in REXML (bug 914716) * Mon Feb 11 2013 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.385-28 - Update to 1.9.3 p385 * Sat Jan 19 2013 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.374-27 - Update to 1.9.3 p374 - Fix provided variables in pkgconfig (bug 789532: Vít Ondruch <vondruch(a)redhat.com>) * Fri Jan 18 2013 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.362-26 - Provide non-versioned pkgconfig file (bug 789532) - Use db5 on F-19 (bug 894022) * Wed Jan 16 2013 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.362-25 - Backport fix for the upstream PR7629, save the proc made from the given block (bug 895173) * Wed Jan 2 2013 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.362-24 - Update to 1.9.3.362 * Mon Dec 3 2012 Jaromir Capik <jcapik(a)redhat.com> - 1.9.3.327-23 - Skipping test_parse.rb (fails on ARM at line 787) - http://bugs.ruby-lang.org/issues/6899 * Sun Nov 11 2012 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.327-23 - Skip test_str_crypt (on rawhide) for now (upstream bug 7312) * Sat Nov 10 2012 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.327-22 - Ignore some network related tests * Sat Nov 10 2012 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.327-19 - Update to 1.9.3.327 - Fix Hash-flooding DoS vulnerability on MurmurHash function (CVE-2012-5371) * Sat Oct 13 2012 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.286-18 - Update to 1.9.3 p286 - Don't create files when NUL-containing path name is passed (bug 865940, CVE-2012-4522) * Thu Oct 4 2012 Mamoru Tasaka <mtasaka(a)fedoraproject.org> - 1.9.3.194-17 - Patch from trunk for CVE-2012-4464, CVE-2012-4466 * Thu Sep 6 2012 Vít Ondruch <vondruch(a)redhat.com> - 1.9.3.194-16 - Split documentation into -doc subpackage (rhbz#854418). * Tue Aug 14 2012 Vít Ondruch <vondruch(a)redhat.com> - 1.9.3.194-15 - Revert the dependency of ruby-libs on rubygems (rhbz#845011, rhbz#847482). * Wed Aug 1 2012 Vít Ondruch <vondruch(a)redhat.com> - 1.9.3.194-14 - ruby-libs must require rubygems (rhbz#845011). * Mon Jun 11 2012 Bohuslav Kabrda <bkabrda(a)redhat.com> - 1.9.3.194-13 - Make the bigdecimal gem a runtime dependency of Ruby. * Mon Jun 11 2012 Bohuslav Kabrda <bkabrda(a)redhat.com> - 1.9.3.194-12 - Make symlinks for bigdecimal and io-console gems to ruby stdlib dirs (RHBZ 829209). * Tue May 29 2012 Bohuslav Kabrda <bkabrda(a)redhat.com> - 1.9.3.194-11 - Fix license to contain Public Domain. - macros.ruby now contains unexpanded macros. -------------------------------------------------------------------------------- References: [ 1 ] Bug #914726 - ruby: entity expansion DoS vulnerability in REXML [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=914726 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update ruby' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 17 Update: pspp-0.7.9-5.fc17
by updates＠fedoraproject.org 05 Mar '13

05 Mar '13

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-3010 2013-02-26 01:53:15 -------------------------------------------------------------------------------- Name : pspp Product : Fedora 17 Version : 0.7.9 Release : 5.fc17 URL : http://www.gnu.org/software/pspp/ Summary : A program for statistical analysis of sampled data Description : PSPP is a program for statistical analysis of sampled data. It interprets commands in the SPSS language and produces tabular output in ASCII, PostScript, or HTML format. PSPP development is ongoing. It already supports a large subset of SPSS's transformation language. Its statistical procedure support is currently limited, but growing. -------------------------------------------------------------------------------- Update Information: - Fixed FTBFS in Rawhide / Fedora 19 (see rhbz #914398) - Added provides(gnulib) (see rhbz #821785) - Added accidentally removed pspp docs (see rhbz #822610) -------------------------------------------------------------------------------- ChangeLog: * Sun Feb 24 2013 Peter Lemenkov <lemenkov(a)gmail.com> - 0.7.9-5 - Fixed FTBFS in Rawhide / Fedora 19 (see rhbz #914398) - Added provides(gnulib) (see rhbz #821785) - Added accidentally removed pspp docs (see rhbz #822610) * Thu Feb 14 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.7.9-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Sat Jul 21 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.7.9-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Thu Apr 19 2012 Peter Lemenkov <lemenkov(a)gmail.com> - 0.7.9-2 - Drop useless patch -------------------------------------------------------------------------------- References: [ 1 ] Bug #821785 - pspp: Gnulib bundled but no bundled(gnulib) provides https://bugzilla.redhat.com/show_bug.cgi?id=821785 [ 2 ] Bug #822610 - error "URI ‘file:///usr/share/doc/pspp/pspp.xml not found" https://bugzilla.redhat.com/show_bug.cgi?id=822610 [ 3 ] Bug #914398 - pspp: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=914398 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update pspp' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 18 Update: libunwind-1.0.1-5.fc18
by updates＠fedoraproject.org 05 Mar '13

05 Mar '13

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-3472 2013-03-05 22:38:54 -------------------------------------------------------------------------------- Name : libunwind Product : Fedora 18 Version : 1.0.1 Release : 5.fc18 URL : http://savannah.nongnu.org/projects/libunwind Summary : An unwinding library Description : Libunwind provides a C ABI to determine the call-chain of a program. This version of libunwind is targetted for the ia64 platform. -------------------------------------------------------------------------------- Update Information: Adding pkgconfig files for libunwind. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 4 2013 Kyle McMartin <kmcmarti(a)redhat.com> - 1.0.1-5 - Add backported patch from Peter Hutterer to add pkgconfig files for libunwind. (rhbz#917402) -------------------------------------------------------------------------------- References: [ 1 ] Bug #917402 - Please provide pkgconfig file https://bugzilla.redhat.com/show_bug.cgi?id=917402 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update libunwind' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 18 Update: ovirt-guest-agent-1.0.6-6.fc18
by updates＠fedoraproject.org 05 Mar '13

05 Mar '13

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-3065 2013-02-26 01:55:48 -------------------------------------------------------------------------------- Name : ovirt-guest-agent Product : Fedora 18 Version : 1.0.6 Release : 6.fc18 URL : http://wiki.ovirt.org/wiki/Category:Ovirt_guest_agent Summary : The oVirt Guest Agent Description : This is the oVirt management agent running inside the guest. The agent interfaces with the oVirt manager, supplying heart-beat info as well as run-time data from within the guest itself. The agent also accepts control commands to be run executed within the OS (like: shutdown and restart). -------------------------------------------------------------------------------- Update Information: Use %{_datadir}/ovirt-guest-agent as home directory of the guest agent to allow polyinstantiation with PAM. -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update ovirt-guest-agent' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 17 Update: mate-netspeed-1.5.1-1.fc17
by updates＠fedoraproject.org 05 Mar '13

05 Mar '13

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-3033 2013-02-26 01:54:19 -------------------------------------------------------------------------------- Name : mate-netspeed Product : Fedora 17 Version : 1.5.1 Release : 1.fc17 URL : http://www.mate-desktop.org Summary : MATE netspeed Description : MATE netspeed is an applet that shows how much traffic occurs on a specified network device. -------------------------------------------------------------------------------- Update Information: latest upstream release -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update mate-netspeed' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 18 Update: doxygen-1.8.3.1-2.fc18
by updates＠fedoraproject.org 05 Mar '13

05 Mar '13

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-3020 2013-02-26 01:53:43 -------------------------------------------------------------------------------- Name : doxygen Product : Fedora 18 Version : 1.8.3.1 Release : 2.fc18 URL : http://www.stack.nl/~dimitri/doxygen/index.html Summary : A documentation system for C/C++ Description : Doxygen can generate an online class browser (in HTML) and/or a reference manual (in LaTeX) from a set of documented source files. The documentation is extracted directly from the sources. Doxygen can also be configured to extract the code structure from undocumented source files. -------------------------------------------------------------------------------- Update Information: 1.8.3.1 fixes several bugs, for more information please see http://www.stack.nl/~dimitri/doxygen/changelog.html -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 13 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1:1.8.3.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Tue Jan 22 2013 Than Ngo <than(a)redhat.com> - 1.8.3.1-1 - 1.8.3.1 - fedora/rhel condition * Tue Jan 8 2013 Rex Dieter <rdieter(a)fedoraproject.org> - 1:1.8.3-3 - -latex subpkg (#892288) - .spec cleanup * Thu Jan 3 2013 Rex Dieter <rdieter(a)fedoraproject.org> - 1:1.8.3-2 - doxygen is missing dependencies for texlive update (#891452) - doxywizard: tighten dep on main pkg * Wed Jan 2 2013 Than Ngo <than(a)redhat.com> - 1:1.8.3-1 - 1.8.3 * Mon Aug 13 2012 Than Ngo <than(a)redhat.com> - 1:1.8.2-1 - 1.8.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #905523 - Doxygen 1.8.3 can't parse comments beginning with a line of slashes https://bugzilla.redhat.com/show_bug.cgi?id=905523 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update doxygen' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

[SECURITY] Fedora 18 Update: ruby-1.9.3.392-29.fc18
by updates＠fedoraproject.org 05 Mar '13

05 Mar '13

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-3037 2013-02-26 01:54:30 -------------------------------------------------------------------------------- Name : ruby Product : Fedora 18 Version : 1.9.3.392 Release : 29.fc18 URL : http://ruby-lang.org/ Summary : An interpreter of object-oriented scripting language Description : Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. -------------------------------------------------------------------------------- Update Information: The new version 1.9.3 patchlevel 392 is released. A bug was found in the previous ruby that unrestricted entity expansion can lead to a DoS vulnerability in REXML. This new rpm will fix this issue. -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 25 2013 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.392-29 - Update to 1.9.3 p392 - Fix entity expansion DoS vulnerability in REXML (bug 914716) * Mon Feb 11 2013 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.385-28 - Update to 1.9.3 p385 * Sat Jan 19 2013 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.374-27 - Update to 1.9.3 p374 - Fix provided variables in pkgconfig (bug 789532: Vít Ondruch <vondruch(a)redhat.com>) * Fri Jan 18 2013 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.362-26 - Provide non-versioned pkgconfig file (bug 789532) - Use db5 on F-19 (bug 894022) * Wed Jan 16 2013 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.362-25 - Backport fix for the upstream PR7629, save the proc made from the given block (bug 895173) * Wed Jan 2 2013 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.362-24 - Update to 1.9.3.362 * Mon Dec 3 2012 Jaromir Capik <jcapik(a)redhat.com> - 1.9.3.327-23 - Skipping test_parse.rb (fails on ARM at line 787) - http://bugs.ruby-lang.org/issues/6899 * Sun Nov 11 2012 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.327-23 - Skip test_str_crypt (on rawhide) for now (upstream bug 7312) -------------------------------------------------------------------------------- References: [ 1 ] Bug #914726 - ruby: entity expansion DoS vulnerability in REXML [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=914726 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update ruby' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 18 Update: perl-Test-Strict-0.20-1.fc18
by updates＠fedoraproject.org 05 Mar '13

05 Mar '13

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-3063 2013-02-26 01:55:43 -------------------------------------------------------------------------------- Name : perl-Test-Strict Product : Fedora 18 Version : 0.20 Release : 1.fc18 URL : http://search.cpan.org/dist/Test-Strict Summary : Check syntax, presence of use strict/warnings, and test coverage Description : "Test::Strict" lets you check the syntax, presence of "use strict;" and "use warnings;" in your perl code. It reports its results in standard "Test::Simple" fashion. -------------------------------------------------------------------------------- Update Information: Test::Strict 0.20 introduces support for new modules implicitly enabling strictures. Fix internal test suite. Don't enable strictures for Moose[^\w:]+. -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 25 2013 Petr Šabata <contyk(a)redhat.com> - 0.20-1 - 0.20 bump, detect even more modules * Thu Feb 21 2013 Petr Pisar <ppisar(a)redhat.com> - 0.19-1 - 0.19 bump * Mon Feb 18 2013 Petr Šabata <contyk(a)redhat.com> - 0.18-1 - 0.18 bump, Moose::Autobox doesn't enable strictures * Thu Feb 14 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.17-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Thu Jan 3 2013 Petr Šabata <contyk(a)redhat.com> - 0.17-1 - 0.17 bump - Modernize the spec a bit - Remove unused build dependencies - Update source URL -------------------------------------------------------------------------------- References: [ 1 ] Bug #915236 - perl-Test-Strict-0.20 is available https://bugzilla.redhat.com/show_bug.cgi?id=915236 [ 2 ] Bug #913428 - perl-Test-Strict-0.19 is available https://bugzilla.redhat.com/show_bug.cgi?id=913428 [ 3 ] Bug #912095 - perl-Test-Strict-0.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=912095 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update perl-Test-Strict' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 17 Update: mpc-0.22-4.fc17
by updates＠fedoraproject.org 05 Mar '13

05 Mar '13

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-3042 2013-02-26 01:54:44 -------------------------------------------------------------------------------- Name : mpc Product : Fedora 17 Version : 0.22 Release : 4.fc17 URL : http://mpd.wikia.com/wiki/Client:Mpc Summary : Command-line client for MPD Description : A client for MPD, the Music Player Daemon. mpc connects to a MPD running on a machine via a network. -------------------------------------------------------------------------------- Update Information: Install bash completion in the correct place -------------------------------------------------------------------------------- ChangeLog: * Sun Feb 24 2013 Jamie Nguyen <jamielinux(a)fedoraproject.org> - 0.22-4 - install bash completion in the correct place and remove the triggerin/triggerun scriptlets - include the example scripts in libexecdir * Thu Feb 14 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.22-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Fri Jul 20 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.22-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update mpc' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

[SECURITY] Fedora 18 Update: rubygem-json-1.6.8-1.fc18
by updates＠fedoraproject.org 05 Mar '13

05 Mar '13

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-3052 2013-02-26 01:55:12 -------------------------------------------------------------------------------- Name : rubygem-json Product : Fedora 18 Version : 1.6.8 Release : 1.fc18 URL : http://json.rubyforge.org Summary : A JSON implementation in Ruby Description : This is a implementation of the JSON specification according to RFC 4627 in Ruby. You can think of it as a low fat alternative to XML, if you want to store data to disk or transmit it over a network rather than use a verbose markup language. -------------------------------------------------------------------------------- Update Information: A security flaw was discovered on the previous json that there is a denial of service and unsafe object creation vulnerability. This vulnerability has been assigned the CVE identifier CVE-2013-0269. This new rpm will fix this issue. -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 25 2013 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.6.8-1 - Update to 1.6.8 - Security fix for JSON create_additions default value (CVS-2013-0269) -------------------------------------------------------------------------------- References: [ 1 ] Bug #910313 - CVE-2013-0269 rubygem-json: Denial of Service and SQL Injection [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=910313 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update rubygem-json' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

package-announce March 2013