--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-3038
2013-02-26 01:54:32
--------------------------------------------------------------------------------
Name : ruby
Product : Fedora 17
Version : 1.9.3.392
Release : 29.fc17
URL : http://ruby-lang.org/
Summary : An interpreter of object-oriented scripting language
Description :
Ruby is the interpreted scripting language for quick and easy
object-oriented programming. It has many features to process text
files and to do system management tasks (as in Perl). It is simple,
straight-forward, and extensible.
--------------------------------------------------------------------------------
Update Information:
The new version 1.9.3 patchlevel 392 is released.
A bug was found in the previous ruby that unrestricted entity expansion can lead to a DoS vulnerability in REXML. This new rpm will fix this issue.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 25 2013 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.392-29
- Update to 1.9.3 p392
- Fix entity expansion DoS vulnerability in REXML (bug 914716)
* Mon Feb 11 2013 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.385-28
- Update to 1.9.3 p385
* Sat Jan 19 2013 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.374-27
- Update to 1.9.3 p374
- Fix provided variables in pkgconfig (bug 789532:
Vít Ondruch <vondruch(a)redhat.com>)
* Fri Jan 18 2013 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.362-26
- Provide non-versioned pkgconfig file (bug 789532)
- Use db5 on F-19 (bug 894022)
* Wed Jan 16 2013 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.362-25
- Backport fix for the upstream PR7629, save the proc made from the given block
(bug 895173)
* Wed Jan 2 2013 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.362-24
- Update to 1.9.3.362
* Mon Dec 3 2012 Jaromir Capik <jcapik(a)redhat.com> - 1.9.3.327-23
- Skipping test_parse.rb (fails on ARM at line 787)
- http://bugs.ruby-lang.org/issues/6899
* Sun Nov 11 2012 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.327-23
- Skip test_str_crypt (on rawhide) for now (upstream bug 7312)
* Sat Nov 10 2012 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.327-22
- Ignore some network related tests
* Sat Nov 10 2012 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.327-19
- Update to 1.9.3.327
- Fix Hash-flooding DoS vulnerability on MurmurHash function
(CVE-2012-5371)
* Sat Oct 13 2012 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.286-18
- Update to 1.9.3 p286
- Don't create files when NUL-containing path name is passed
(bug 865940, CVE-2012-4522)
* Thu Oct 4 2012 Mamoru Tasaka <mtasaka(a)fedoraproject.org> - 1.9.3.194-17
- Patch from trunk for CVE-2012-4464, CVE-2012-4466
* Thu Sep 6 2012 Vít Ondruch <vondruch(a)redhat.com> - 1.9.3.194-16
- Split documentation into -doc subpackage (rhbz#854418).
* Tue Aug 14 2012 Vít Ondruch <vondruch(a)redhat.com> - 1.9.3.194-15
- Revert the dependency of ruby-libs on rubygems (rhbz#845011, rhbz#847482).
* Wed Aug 1 2012 Vít Ondruch <vondruch(a)redhat.com> - 1.9.3.194-14
- ruby-libs must require rubygems (rhbz#845011).
* Mon Jun 11 2012 Bohuslav Kabrda <bkabrda(a)redhat.com> - 1.9.3.194-13
- Make the bigdecimal gem a runtime dependency of Ruby.
* Mon Jun 11 2012 Bohuslav Kabrda <bkabrda(a)redhat.com> - 1.9.3.194-12
- Make symlinks for bigdecimal and io-console gems to ruby stdlib dirs (RHBZ 829209).
* Tue May 29 2012 Bohuslav Kabrda <bkabrda(a)redhat.com> - 1.9.3.194-11
- Fix license to contain Public Domain.
- macros.ruby now contains unexpanded macros.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #914726 - ruby: entity expansion DoS vulnerability in REXML [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=914726
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update ruby' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-3010
2013-02-26 01:53:15
--------------------------------------------------------------------------------
Name : pspp
Product : Fedora 17
Version : 0.7.9
Release : 5.fc17
URL : http://www.gnu.org/software/pspp/
Summary : A program for statistical analysis of sampled data
Description :
PSPP is a program for statistical analysis of sampled data. It
interprets commands in the SPSS language and produces tabular
output in ASCII, PostScript, or HTML format.
PSPP development is ongoing. It already supports a large subset
of SPSS's transformation language. Its statistical procedure
support is currently limited, but growing.
--------------------------------------------------------------------------------
Update Information:
- Fixed FTBFS in Rawhide / Fedora 19 (see rhbz #914398)
- Added provides(gnulib) (see rhbz #821785)
- Added accidentally removed pspp docs (see rhbz #822610)
--------------------------------------------------------------------------------
ChangeLog:
* Sun Feb 24 2013 Peter Lemenkov <lemenkov(a)gmail.com> - 0.7.9-5
- Fixed FTBFS in Rawhide / Fedora 19 (see rhbz #914398)
- Added provides(gnulib) (see rhbz #821785)
- Added accidentally removed pspp docs (see rhbz #822610)
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.7.9-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.7.9-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Thu Apr 19 2012 Peter Lemenkov <lemenkov(a)gmail.com> - 0.7.9-2
- Drop useless patch
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #821785 - pspp: Gnulib bundled but no bundled(gnulib) provides
https://bugzilla.redhat.com/show_bug.cgi?id=821785
[ 2 ] Bug #822610 - error "URI ‘file:///usr/share/doc/pspp/pspp.xml not found"
https://bugzilla.redhat.com/show_bug.cgi?id=822610
[ 3 ] Bug #914398 - pspp: FTBFS in rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=914398
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update pspp' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-3472
2013-03-05 22:38:54
--------------------------------------------------------------------------------
Name : libunwind
Product : Fedora 18
Version : 1.0.1
Release : 5.fc18
URL : http://savannah.nongnu.org/projects/libunwind
Summary : An unwinding library
Description :
Libunwind provides a C ABI to determine the call-chain of a program.
This version of libunwind is targetted for the ia64 platform.
--------------------------------------------------------------------------------
Update Information:
Adding pkgconfig files for libunwind.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 4 2013 Kyle McMartin <kmcmarti(a)redhat.com> - 1.0.1-5
- Add backported patch from Peter Hutterer to add pkgconfig files for
libunwind. (rhbz#917402)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #917402 - Please provide pkgconfig file
https://bugzilla.redhat.com/show_bug.cgi?id=917402
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update libunwind' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-3065
2013-02-26 01:55:48
--------------------------------------------------------------------------------
Name : ovirt-guest-agent
Product : Fedora 18
Version : 1.0.6
Release : 6.fc18
URL : http://wiki.ovirt.org/wiki/Category:Ovirt_guest_agent
Summary : The oVirt Guest Agent
Description :
This is the oVirt management agent running inside the guest. The agent
interfaces with the oVirt manager, supplying heart-beat info as well as
run-time data from within the guest itself. The agent also accepts
control commands to be run executed within the OS (like: shutdown and
restart).
--------------------------------------------------------------------------------
Update Information:
Use %{_datadir}/ovirt-guest-agent as home directory of the guest agent to allow polyinstantiation with PAM.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update ovirt-guest-agent' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-3033
2013-02-26 01:54:19
--------------------------------------------------------------------------------
Name : mate-netspeed
Product : Fedora 17
Version : 1.5.1
Release : 1.fc17
URL : http://www.mate-desktop.org
Summary : MATE netspeed
Description :
MATE netspeed is an applet that shows how much
traffic occurs on a specified network device.
--------------------------------------------------------------------------------
Update Information:
latest upstream release
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update mate-netspeed' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-3020
2013-02-26 01:53:43
--------------------------------------------------------------------------------
Name : doxygen
Product : Fedora 18
Version : 1.8.3.1
Release : 2.fc18
URL : http://www.stack.nl/~dimitri/doxygen/index.html
Summary : A documentation system for C/C++
Description :
Doxygen can generate an online class browser (in HTML) and/or a
reference manual (in LaTeX) from a set of documented source files. The
documentation is extracted directly from the sources. Doxygen can
also be configured to extract the code structure from undocumented
source files.
--------------------------------------------------------------------------------
Update Information:
1.8.3.1 fixes several bugs, for more information please see http://www.stack.nl/~dimitri/doxygen/changelog.html
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1:1.8.3.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Tue Jan 22 2013 Than Ngo <than(a)redhat.com> - 1.8.3.1-1
- 1.8.3.1
- fedora/rhel condition
* Tue Jan 8 2013 Rex Dieter <rdieter(a)fedoraproject.org> - 1:1.8.3-3
- -latex subpkg (#892288)
- .spec cleanup
* Thu Jan 3 2013 Rex Dieter <rdieter(a)fedoraproject.org> - 1:1.8.3-2
- doxygen is missing dependencies for texlive update (#891452)
- doxywizard: tighten dep on main pkg
* Wed Jan 2 2013 Than Ngo <than(a)redhat.com> - 1:1.8.3-1
- 1.8.3
* Mon Aug 13 2012 Than Ngo <than(a)redhat.com> - 1:1.8.2-1
- 1.8.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #905523 - Doxygen 1.8.3 can't parse comments beginning with a line of slashes
https://bugzilla.redhat.com/show_bug.cgi?id=905523
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update doxygen' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-3037
2013-02-26 01:54:30
--------------------------------------------------------------------------------
Name : ruby
Product : Fedora 18
Version : 1.9.3.392
Release : 29.fc18
URL : http://ruby-lang.org/
Summary : An interpreter of object-oriented scripting language
Description :
Ruby is the interpreted scripting language for quick and easy
object-oriented programming. It has many features to process text
files and to do system management tasks (as in Perl). It is simple,
straight-forward, and extensible.
--------------------------------------------------------------------------------
Update Information:
The new version 1.9.3 patchlevel 392 is released.
A bug was found in the previous ruby that unrestricted entity expansion can lead to a DoS vulnerability in REXML. This new rpm will fix this issue.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 25 2013 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.392-29
- Update to 1.9.3 p392
- Fix entity expansion DoS vulnerability in REXML (bug 914716)
* Mon Feb 11 2013 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.385-28
- Update to 1.9.3 p385
* Sat Jan 19 2013 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.374-27
- Update to 1.9.3 p374
- Fix provided variables in pkgconfig (bug 789532:
Vít Ondruch <vondruch(a)redhat.com>)
* Fri Jan 18 2013 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.362-26
- Provide non-versioned pkgconfig file (bug 789532)
- Use db5 on F-19 (bug 894022)
* Wed Jan 16 2013 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.362-25
- Backport fix for the upstream PR7629, save the proc made from the given block
(bug 895173)
* Wed Jan 2 2013 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.362-24
- Update to 1.9.3.362
* Mon Dec 3 2012 Jaromir Capik <jcapik(a)redhat.com> - 1.9.3.327-23
- Skipping test_parse.rb (fails on ARM at line 787)
- http://bugs.ruby-lang.org/issues/6899
* Sun Nov 11 2012 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.9.3.327-23
- Skip test_str_crypt (on rawhide) for now (upstream bug 7312)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #914726 - ruby: entity expansion DoS vulnerability in REXML [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=914726
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update ruby' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-3063
2013-02-26 01:55:43
--------------------------------------------------------------------------------
Name : perl-Test-Strict
Product : Fedora 18
Version : 0.20
Release : 1.fc18
URL : http://search.cpan.org/dist/Test-Strict
Summary : Check syntax, presence of use strict/warnings, and test coverage
Description :
"Test::Strict" lets you check the syntax, presence of "use strict;" and
"use warnings;" in your perl code. It reports its results in standard
"Test::Simple" fashion.
--------------------------------------------------------------------------------
Update Information:
Test::Strict 0.20 introduces support for new modules implicitly enabling strictures.
Fix internal test suite.
Don't enable strictures for Moose[^\w:]+.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 25 2013 Petr Šabata <contyk(a)redhat.com> - 0.20-1
- 0.20 bump, detect even more modules
* Thu Feb 21 2013 Petr Pisar <ppisar(a)redhat.com> - 0.19-1
- 0.19 bump
* Mon Feb 18 2013 Petr Šabata <contyk(a)redhat.com> - 0.18-1
- 0.18 bump, Moose::Autobox doesn't enable strictures
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.17-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Thu Jan 3 2013 Petr Šabata <contyk(a)redhat.com> - 0.17-1
- 0.17 bump
- Modernize the spec a bit
- Remove unused build dependencies
- Update source URL
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #915236 - perl-Test-Strict-0.20 is available
https://bugzilla.redhat.com/show_bug.cgi?id=915236
[ 2 ] Bug #913428 - perl-Test-Strict-0.19 is available
https://bugzilla.redhat.com/show_bug.cgi?id=913428
[ 3 ] Bug #912095 - perl-Test-Strict-0.18 is available
https://bugzilla.redhat.com/show_bug.cgi?id=912095
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update perl-Test-Strict' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-3042
2013-02-26 01:54:44
--------------------------------------------------------------------------------
Name : mpc
Product : Fedora 17
Version : 0.22
Release : 4.fc17
URL : http://mpd.wikia.com/wiki/Client:Mpc
Summary : Command-line client for MPD
Description :
A client for MPD, the Music Player Daemon. mpc connects to a MPD running
on a machine via a network.
--------------------------------------------------------------------------------
Update Information:
Install bash completion in the correct place
--------------------------------------------------------------------------------
ChangeLog:
* Sun Feb 24 2013 Jamie Nguyen <jamielinux(a)fedoraproject.org> - 0.22-4
- install bash completion in the correct place and remove the
triggerin/triggerun scriptlets
- include the example scripts in libexecdir
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.22-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Fri Jul 20 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.22-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update mpc' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-3052
2013-02-26 01:55:12
--------------------------------------------------------------------------------
Name : rubygem-json
Product : Fedora 18
Version : 1.6.8
Release : 1.fc18
URL : http://json.rubyforge.org
Summary : A JSON implementation in Ruby
Description :
This is a implementation of the JSON specification according
to RFC 4627 in Ruby.
You can think of it as a low fat alternative to XML,
if you want to store data to disk or transmit it over
a network rather than use a verbose markup language.
--------------------------------------------------------------------------------
Update Information:
A security flaw was discovered on the previous json that there is a denial of service and unsafe object creation vulnerability. This vulnerability has been assigned the CVE identifier CVE-2013-0269.
This new rpm will fix this issue.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 25 2013 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.6.8-1
- Update to 1.6.8
- Security fix for JSON create_additions default value
(CVS-2013-0269)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #910313 - CVE-2013-0269 rubygem-json: Denial of Service and SQL Injection [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=910313
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update rubygem-json' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------