[SECURITY] Fedora 19 Update: varnish-3.0.3-5.fc19
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-8338
2013-05-16 16:56:04
--------------------------------------------------------------------------------
Name : varnish
Product : Fedora 19
Version : 3.0.3
Release : 5.fc19
URL : http://www.varnish-cache.org/
Summary : High-performance HTTP accelerator
Description :
This is Varnish Cache, a high-performance HTTP accelerator.
Documentation wiki and additional information about Varnish is
available on the following web site: http://www.varnish-cache.org/
--------------------------------------------------------------------------------
Update Information:
* Added macro _hardened_build to enforce compiling with PIE
* Moved ldconfig in postun script to a shell line
* Corrected some bogus dates in the changelog
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #955156 - varnish package should be built with PIE flags
https://bugzilla.redhat.com/show_bug.cgi?id=955156
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update varnish' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 11 months
[SECURITY] Fedora 19 Update: gypsy-0.9-1.fc19
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-8659
2013-05-20 19:51:34
--------------------------------------------------------------------------------
Name : gypsy
Product : Fedora 19
Version : 0.9
Release : 1.fc19
URL : http://gypsy.freedesktop.org/
Summary : A GPS multiplexing daemon
Description :
Gypsy is a GPS multiplexing daemon which allows multiple clients to
access GPS data from multiple GPS sources concurrently.
--------------------------------------------------------------------------------
Update Information:
* New upstream 0.9 release
* add patch to fix FTBSF due to deprecated g_type_init
* Fix CVE-2011-0523 - read arbitrary files as the root user on behalf of a regular user
* Fix CVE-2011-0524 - buffer overflow in nmea device input handling (code no longer in existence)
* aarch64 support
* Fix segfault
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #674129 - CVE-2011-0523 CVE-2011-0524 gypsy: multiple vulnerabilities
https://bugzilla.redhat.com/show_bug.cgi?id=674129
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update gypsy' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 11 months
[SECURITY] Fedora 19 Update: FlightGear-2.10.0-5.fc19
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-8622
2013-05-19 18:04:51
--------------------------------------------------------------------------------
Name : FlightGear
Product : Fedora 19
Version : 2.10.0
Release : 5.fc19
URL : http://www.flightgear.org/
Summary : The FlightGear Flight Simulator
Description :
The Flight Gear project is working to create a sophisticated flight
simulator framework for the development and pursuit of interesting
flight simulator ideas. We are developing a solid basic sim that can be
expanded and improved upon by anyone interested in contributing
--------------------------------------------------------------------------------
Update Information:
This update adds a fix to an uncontrolled format string vulnerability discovered in the cloud layers handling code.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #958312 - FlightGear: improper handling of format strings
https://bugzilla.redhat.com/show_bug.cgi?id=958312
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update FlightGear' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 11 months
Fedora 19 Update: tig-1.1-1.fc19
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-8644
2013-05-20 19:50:48
--------------------------------------------------------------------------------
Name : tig
Product : Fedora 19
Version : 1.1
Release : 1.fc19
URL : http://jonas.nitro.dk/tig
Summary : Text-mode interface for the git revision control system
Description :
Tig is a repository browser for the git revision control system that
additionally can act as a pager for output from various git commands.
When browsing repositories, it uses the underlying git commands to present the
user with various views, such as summarized revision log and showing the commit
with the log message, diffstat, and the diff.
Using it as a pager, it will display input from stdin and colorize it.
--------------------------------------------------------------------------------
Update Information:
Update to upstream version 1.1.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #734061 - tig-1.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=734061
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update tig' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 11 months
Fedora 19 Update: qtractor-0.5.8-2.fc19
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-8604
2013-05-19 18:04:08
--------------------------------------------------------------------------------
Name : qtractor
Product : Fedora 19
Version : 0.5.8
Release : 2.fc19
URL : http://qtractor.sourceforge.net/
Summary : Audio/MIDI multi-track sequencer
Description :
Qtractor is an Audio/MIDI multi-track sequencer application written in C++
around the Qt4 toolkit using Qt Designer. The initial target platform will be
Linux, where the Jack Audio Connection Kit (JACK) for audio, and the Advanced
Linux Sound Architecture (ALSA) for MIDI, are the main infrastructures to
evolve as a fairly-featured Linux Desktop Audio Workstation GUI, specially
dedicated to the personal home-studio.
--------------------------------------------------------------------------------
Update Information:
This minor update fixes a bug in installing the desktop fle
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #964364 - Error in file "/usr/share/applications/qtractor.desktop"
https://bugzilla.redhat.com/show_bug.cgi?id=964364
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update qtractor' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 11 months
Fedora 19 Update: units-2.01-3.fc19
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-8675
2013-05-20 19:52:10
--------------------------------------------------------------------------------
Name : units
Product : Fedora 19
Version : 2.01
Release : 3.fc19
URL : http://www.gnu.org/software/units/units.html
Summary : A utility for converting amounts from one unit to another
Description :
Units converts an amount from one unit to another, or tells you what
mathematical operation you need to perform to convert from one unit to
another. The units program can handle multiplicative scale changes as
well as conversions such as Fahrenheit to Celsius.
--------------------------------------------------------------------------------
Update Information:
- provide a man page for units_cur as a symlink to units.1
- mention the --check-verbose option in units.1 man page
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update units' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 11 months
Fedora 19 Update: glusterfs-3.4.0-0.5.beta2.fc19
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-9087
2013-05-24 19:30:30
--------------------------------------------------------------------------------
Name : glusterfs
Product : Fedora 19
Version : 3.4.0
Release : 0.5.beta2.fc19
URL : http://www.gluster.org//docs/index.php/GlusterFS
Summary : Cluster File System
Description :
GlusterFS is a clustered file-system capable of scaling to several
petabytes. It aggregates various storage bricks over Infiniband RDMA
or TCP/IP interconnect into one large parallel network file
system. GlusterFS is one of the most sophisticated file systems in
terms of features and extensibility. It borrows a powerful concept
called Translators from GNU Hurd kernel. Much of the code in GlusterFS
is in user space and easily manageable.
This package includes the glusterfs binary, the glusterfsd daemon and the
gluster command line, libglusterfs and glusterfs translator modules common to
both GlusterFS server and client framework.
--------------------------------------------------------------------------------
Update Information:
glusterfs-3.4.0-05.beta2 for oVirt/vdsm in f19
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update glusterfs' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 11 months
[SECURITY] Fedora 19 Update: python-backports-ssl_match_hostname-3.2-0.3.a3.fc19
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-8746
2013-05-21 17:00:55
--------------------------------------------------------------------------------
Name : python-backports-ssl_match_hostname
Product : Fedora 19
Version : 3.2
Release : 0.3.a3.fc19
URL : https://bitbucket.org/brandon/backports.ssl_match_hostname
Summary : The ssl.match_hostname() function from Python 3.2
Description :
The Secure Sockets layer is only actually secure if you check the hostname in
the certificate returned by the server to which you are connecting, and verify
that it matches to hostname that you are trying to reach.
But the matching logic, defined in RFC2818, can be a bit tricky to implement on
your own. So the ssl package in the Standard Library of Python 3.2 now includes
a match_hostname() function for performing this check instead of requiring
every application to implement the check separately.
This backport brings match_hostname() to users of earlier versions of Python.
The actual code inside comes verbatim from Python 3.2.
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2013-2098 -- Denial of Service with SSL certificates which have specially crafted wildcard patterns.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #963186 - python-backports-ssl_match_hostname: Denial of service when matching certificate with many '*' wildcard characters
https://bugzilla.redhat.com/show_bug.cgi?id=963186
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update python-backports-ssl_match_hostname' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 11 months
Fedora 19 Update: harfbuzz-0.9.17-1.fc19
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-8771
2013-05-21 17:02:52
--------------------------------------------------------------------------------
Name : harfbuzz
Product : Fedora 19
Version : 0.9.17
Release : 1.fc19
URL : http://freedesktop.org/wiki/Software/HarfBuzz
Summary : Text shaping library
Description :
HarfBuzz is an implementation of the OpenType Layout engine.
--------------------------------------------------------------------------------
Update Information:
New upstream release:-Fix regression with Arabic mark positioning / width-zeroing
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update harfbuzz' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 11 months
Fedora 19 Update: milter-greylist-4.5.1-1.fc19
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-8778
2013-05-21 17:03:16
--------------------------------------------------------------------------------
Name : milter-greylist
Product : Fedora 19
Version : 4.5.1
Release : 1.fc19
URL : http://hcpnet.free.fr/milter-greylist/
Summary : Milter for greylisting, the next step in the spam control war
Description :
Greylisting is a new method of blocking significant amounts of spam at
the mailserver level, but without resorting to heavyweight statistical
analysis or other heuristical (and error-prone) approaches. Consequently,
implementations are fairly lightweight, and may even decrease network
traffic and processor load on your mailserver.
This package provides a greylist filter for sendmail's milter API.
--------------------------------------------------------------------------------
Update Information:
Current upstream maintenance release.
In this release, the systemd sub-package has been merged back into the main package, and support for other init systems has been dropped.
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update milter-greylist' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 11 months