December 2014 - package-announce - Fedora Mailing-Lists

Fedora 20 Update: pki-core-10.1.2-4.fc20

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2014-15401 2014-11-19 15:13:18 -------------------------------------------------------------------------------- Name : pki-core Product : Fedora 20 Version : 10.1.2 Release : 4.fc20 URL : http://pki.fedoraproject.org/ Summary : Certificate System - PKI Core Components Description : ================================== || ABOUT "CERTIFICATE SYSTEM" || ================================== Certificate System (CS) is an enterprise software system designed to manage enterprise Public Key Infrastructure (PKI) deployments. PKI Core contains ALL top-level java-based Tomcat PKI components: * pki-symkey * pki-base * pki-tools * pki-server * pki-ca * pki-kra * pki-ocsp * pki-tks * pki-tps-tomcat * pki-javadoc which comprise the following corresponding PKI subsystems: * Certificate Authority (CA) * Data Recovery Manager (DRM) * Online Certificate Status Protocol (OCSP) Manager * Token Key Service (TKS) * Token Processing Service (TPS) For deployment purposes, PKI Core contains fundamental packages required by BOTH native-based Apache AND java-based Tomcat Certificate System instances consisting of the following components: * pki-tools Additionally, PKI Core contains the following fundamental packages required ONLY by ALL java-based Tomcat Certificate System instances: * pki-symkey * pki-base * pki-tools * pki-server PKI Core also includes the following components: * pki-javadoc Finally, if Certificate System is being deployed as an individual or set of standalone rather than embedded server(s)/service(s), it is strongly recommended (though not explicitly required) to include at least one PKI Theme package: * dogtag-pki-theme (Dogtag Certificate System deployments) * dogtag-pki-server-theme * redhat-pki-server-theme (Red Hat Certificate System deployments) * redhat-pki-server-theme * customized pki theme (Customized Certificate System deployments) * <customized>-pki-server-theme NOTE: As a convenience for standalone deployments, top-level meta packages may be provided which bind a particular theme to these certificate server packages. -------------------------------------------------------------------------------- Update Information: Bugzilla Bug #1151147 - issuerDN encoding correction -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 18 2014 Endi S. Dewata <edewata(a)redhat.com> 10.1.2-4 - Bugzilla Bug #1151147 - issuerDN encoding correction - Bumped release number to match RHEL * Fri Sep 19 2014 Matthew Harmsen <mharmsen(a)redhat.com> 10.1.2-2 - Bugzilla Bug #1108303 - Rebase pki-core to 10.1 (RHEL) - Bugzilla Bug #1117073 - pki-core ppc64le is missing from ExcludeArch line of spec file (RHEL) - Bumped required runtime version of tomcat >= 7.0.54 (RHEL) - Changed buildtime requirement from 'resteasy-base-jackson-provider >= 3.0.6-1' to 'resteasy-base-jettison-provider >= 3.0.6-1' (RHEL) - Added version number of '>= 3.0.6-1' to runtime requirements for all 'resteasy-base' packages (RHEL) * Thu Sep 18 2014 Ade Lee <alee(a)redhat.com> 10.1.2-1 - Backport fix for ticket 499 - Bump version to ensure migration scripts are run * Thu Sep 11 2014 Matthew Harmsen <mharmsen(a)redhat.com> 10.1.1-2 - Add missing 'jakarta-commons-httpclient' build and runtime requirement - Exclude the 'ppcle' and 'ppc64le' platforms from being built on RHEL platforms - Update 'resteasy-base' requirements on RHEL platforms - Suppress pylint on RHEL platforms * Fri Mar 21 2014 Matthew Harmsen <mharmsen(a)redhat.com> 10.1.1-1 - PKI TRAC Ticket #840 - pkispawn requires policycoreutils-python (mharmsen) - Bugzilla Bug #1057959 - pkispawn requires policycoreutils-python (mharmsen) - PKI TRAC Ticket #868 - REST API get certs links missing segment (alee, mharmsen) - PKI TRAC Ticket #869 - f19 ipa-server-install fails at step 6/22 of cert sys install - systemctl start pki-tomcatd.target fails (mharmsen) - PKI TRAC Ticket #816 - pki-tomcat cannot be started after installation of ipa replica with ca (alee, cfu, edewata, mharmsen) - Updated version number. * Wed Jan 29 2014 Matthew Harmsen <mharmsen(a)redhat.com> 10.1.0-2 - Bugzilla Bug #1057959 - pkispawn requires policycoreutils-python - TRAC Ticket #840 - pkispawn requires policycoreutils-python -------------------------------------------------------------------------------- References: [ 1 ] Bug #1151147 - External CA install does not work with CA certificates signed by Microsoft Certificate Services https://bugzilla.redhat.com/show_bug.cgi?id=1151147 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update pki-core' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

9 years, 4 months

1
0
0 / 0

Fedora 19 Update: php-solarium-3.3.0-1.fc19

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2014-15462 2014-11-20 22:03:21 -------------------------------------------------------------------------------- Name : php-solarium Product : Fedora 19 Version : 3.3.0 Release : 1.fc19 URL : http://www.solarium-project.org/ Summary : Solarium PHP Solr client library Description : Solarium is a PHP Solr client library that accurately model Solr concepts. Where many other Solr libraries only handle the communication with Solr, Solarium also relieves you of handling all the complex Solr query parameters using a well documented API. Documentation: http://wiki.solarium-project.org/ -------------------------------------------------------------------------------- Update Information: See https://github.com/basdenooijer/solarium/issues/294 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update php-solarium' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

9 years, 4 months

1
0
0 / 0

Fedora 20 Update: python-pyroute2-0.3.2-1.fc20

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2014-15481 2014-11-20 22:04:15 -------------------------------------------------------------------------------- Name : python-pyroute2 Product : Fedora 20 Version : 0.3.2 Release : 1.fc20 URL : https://github.com/svinota/pyroute2 Summary : Pure Python netlink library Description : PyRoute2 provides several levels of API to work with Netlink protocols, such as Generic Netlink, RTNL, TaskStats, NFNetlink, IPQ. -------------------------------------------------------------------------------- Update Information: Update to 0.3.2 -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 18 2014 Peter V. Saveliev <peter(a)svinota.eu> 0.3.2-1 - Update to 0.3.2 * Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.2.7-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Tue Mar 18 2014 Jiri Pirko <jpirko(a)redhat.com> - 0.2.7-1 - Update to 0.2.7 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update python-pyroute2' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

9 years, 4 months

1
0
0 / 0

Fedora 20 Update: gettext-0.18.3.2-3.fc20

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2014-14790 2014-11-13 16:46:13 -------------------------------------------------------------------------------- Name : gettext Product : Fedora 20 Version : 0.18.3.2 Release : 3.fc20 URL : http://www.gnu.org/software/gettext/ Summary : GNU libraries and utilities for producing multi-lingual messages Description : The GNU gettext package provides a set of tools and documentation for producing multi-lingual messages in programs. Tools include a set of conventions about how programs should be written to support message catalogs, a directory and file naming organization for the message catalogs, a runtime library which supports the retrieval of translated messages, and stand-alone programs for handling the translatable and the already translated strings. Gettext provides an easy to use library and tools for creating, using, and modifying natural language catalogs and is a powerful and simple method for internationalizing programs. -------------------------------------------------------------------------------- Update Information: add missing autoconf dependency to -devel, for autopoint -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 13 2014 Daiki Ueno <dueno(a)redhat.com> - 0.18.3.2-3 - add autoconf requirement to -devel for autopoint (#1161554) * Fri Oct 10 2014 Daiki Ueno <dueno(a)redhat.com> - 0.18.3.2-2 - apply patch to avoid autopoint infinite recursion (#1151238) * Tue Jan 7 2014 Daiki Ueno <dueno(a)redhat.com> - 0.18.3.2-1 - update to 0.18.3.2 release - apply patch to suppress -Wformat-security warnings in gnulib-tests -------------------------------------------------------------------------------- References: [ 1 ] Bug #1161554 - gettext-devel provides autopoint which requires autoconf but no rpm dependency is present https://bugzilla.redhat.com/show_bug.cgi?id=1161554 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update gettext' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

9 years, 4 months

1
0
0 / 0

Fedora 20 Update: libdigidocpp-3.9.0.1237-2.fc20

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2014-15492 2014-11-20 22:04:42 -------------------------------------------------------------------------------- Name : libdigidocpp Product : Fedora 20 Version : 3.9.0.1237 Release : 2.fc20 URL : http://www.ria.ee Summary : Library for creating and validating BDoc and DDoc containers Description : libdigidocpp is a C++ library for reading, validating, and creating BDoc and DDoc containers. These file formats are widespread in Estonia where they are used for storing legally binding digital signatures. -------------------------------------------------------------------------------- Update Information: Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- ChangeLog: * Sun Aug 17 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 3.9.0.1237-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Thu Jul 3 2014 Mihkel Vain <mihkel(a)fedoraproject.org> - 3.9.0.1237-1 - New upstream release - Create a separate sub-package for docs * Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 3.8.0.1208-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Sun May 18 2014 Mihkel Vain <mihkel(a)fedoraproject.org> - 3.8.0.1208-3 - Fix typo: ppython-digidoc -> python-digidoc * Wed Apr 30 2014 Mihkel Vain <mihkel(a)fedoraproject.org> - 3.8.0.1208-2 - Use cmake macro - Obsolete old subpackages * Thu Apr 24 2014 Mihkel Vain <mihkel(a)fedoraproject.org> - 3.8.0.1208-1 - First package based on new source code from RIA -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update libdigidocpp' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

9 years, 4 months

1
0
0 / 0

[SECURITY] Fedora 20 Update: erlang-R16B-03.9.fc20

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2014-15394 2014-11-19 15:12:56 -------------------------------------------------------------------------------- Name : erlang Product : Fedora 20 Version : R16B Release : 03.9.fc20 URL : http://www.erlang.org Summary : General-purpose programming language and runtime environment Description : Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. -------------------------------------------------------------------------------- Update Information: * Fixed CVE-2014-1693 (backported fix from ver. 17.x.x, see patch no. 17) * Trimmed dependency chain -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 17 2014 Peter Lemenkov <lemenkov(a)gmail.com> - R16B-03.9 - Fixed CVE-2014-1693 (backported fix from ver. 17.x.x, see patch no. 17) * Tue Nov 11 2014 Peter Lemenkov <lemenkov(a)gmail.com> - R16B-03.8 - Trimmed dependency chain - Cleaned up spec-file * Wed Jun 11 2014 Peter Lemenkov <lemenkov(a)gmail.com> - R16B-03.7 - Added missing template for epmd@.socket * Fri Jun 6 2014 Peter Lemenkov <lemenkov(a)gmail.com> - R16B-03.6 - Add configurable EPMD socket unit - Change EPMD service's type from simple to notify * Wed Apr 2 2014 Peter Lemenkov <lemenkov(a)gmail.com> - R16B-03.5 - Improve EPMD service * Fri Mar 28 2014 Peter Lemenkov <lemenkov(a)gmail.com> - R16B-03.4 - Create group and user for EPMD * Thu Mar 27 2014 Peter Lemenkov <lemenkov(a)gmail.com> - R16B-03.3 - Ver. R16B03-1 (Bugfix release) - Enabled systemd support in EPMD * Fri Feb 7 2014 Sam Kottler <skottler(a)fedoraproject.org> - R16B-03.2 - Fix macro usage for EPEL7 build and added need_bootstrap * Tue Dec 24 2013 Peter Lemenkov <lemenkov(a)gmail.com> - R16B-03.1 - Ver. R16B03 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1059331 - CVE-2014-1693 erlang-inets: command injection flaw in FTP module https://bugzilla.redhat.com/show_bug.cgi?id=1059331 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update erlang' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

9 years, 4 months

1
0
0 / 0

[SECURITY] Fedora 20 Update: curl-7.32.0-16.fc20

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2014-15706 2014-11-25 14:37:56 -------------------------------------------------------------------------------- Name : curl Product : Fedora 20 Version : 7.32.0 Release : 16.fc20 URL : http://curl.haxx.se/ Summary : A utility for getting files from remote servers (FTP, HTTP, and others) Description : curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+password authentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer resume, proxy tunneling and a busload of other useful tricks. -------------------------------------------------------------------------------- Update Information: - allow to use TLS 1.1 and TLS 1.2 (#1153814) - disable libcurl-level downgrade to SSLv3 (#1166567) - low-speed-limit: avoid timeout flood (#1166239) - fix handling of CURLOPT_COPYPOSTFIELDS in curl_easy_duphandle (CVE-2014-3707) -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 24 2014 Kamil Dudka <kdudka(a)redhat.com> 7.32.0-16 - allow to use TLS 1.1 and TLS 1.2 (#1153814) - disable libcurl-level downgrade to SSLv3 (#1166567) - low-speed-limit: avoid timeout flood (#1166239) * Wed Nov 5 2014 Kamil Dudka <kdudka(a)redhat.com> 7.32.0-15 - fix handling of CURLOPT_COPYPOSTFIELDS in curl_easy_duphandle (CVE-2014-3707) * Tue Oct 21 2014 Kamil Dudka <kdudka(a)redhat.com> 7.32.0-14 - fix a connection failure when FTPS handle is reused * Wed Sep 10 2014 Kamil Dudka <kdudka(a)redhat.com> 7.32.0-13 - use only full matches for hosts used as IP address in cookies (CVE-2014-3613) - reject incoming cookies set for top level domains (CVE-2014-3620) * Wed Jul 30 2014 Kamil Dudka <kdudka(a)redhat.com> 7.32.0-12 - fix endless loop with GSSAPI proxy auth (patches by David Woodhouse, #1118751) * Mon Jun 2 2014 Kamil Dudka <kdudka(a)redhat.com> 7.32.0-11 - acknowledge the --no-sessionid/CURLOPT_SSL_SESSIONID_CACHE option (#1098711) * Sat May 10 2014 Kamil Dudka <kdudka(a)redhat.com> 7.32.0-10 - extend URL parser to support IPv6 zone identifiers (#680996) - auth failure on duplicated 'WWW-Authenticate: Negotiate' header (#1093348) * Fri Apr 25 2014 Kamil Dudka <kdudka(a)redhat.com> 7.32.0-9 - nss: implement non-blocking SSL handshake * Wed Mar 26 2014 Kamil Dudka <kdudka(a)redhat.com> 7.32.0-8 - fix connection re-use when using different log-in credentials (CVE-2014-0138) * Mon Mar 17 2014 Paul Howarth <paul(a)city-fan.org> 7.32.0-7 - add all perl build requirements for the test suite, in a portable way * Wed Mar 5 2014 Kamil Dudka <kdudka(a)redhat.com> 7.32.0-6 - avoid spurious failure of test1086 on s390(x) koji builders (#1072273) * Tue Feb 25 2014 Kamil Dudka <kdudka(a)redhat.com> 7.32.0-5 - refresh expired cookie in test172 from upstream test-suite (#1068967) - use proxy name in error messages when proxy is used (#1066484) * Fri Jan 31 2014 Kamil Dudka <kdudka(a)redhat.com> 7.32.0-4 - re-use of wrong HTTP NTLM connection in libcurl (CVE-2014-0015) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1154941 - CVE-2014-3707 curl: incorrect handle duplication after COPYPOSTFIELDS https://bugzilla.redhat.com/show_bug.cgi?id=1154941 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update curl' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

9 years, 4 months

1
0
0 / 0

Fedora 19 Update: quiterss-0.17.1-1.fc19

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2014-15406 2014-11-19 15:13:39 -------------------------------------------------------------------------------- Name : quiterss Product : Fedora 19 Version : 0.17.1 Release : 1.fc19 URL : http://code.google.com/p/quite-rss/ Summary : RSS/Atom aggregator Description : Qt-based RSS/Atom aggregator. -------------------------------------------------------------------------------- Update Information: Version bump -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 18 2014 TI_Eugene <ti.eugene(a)gmail.com> - 0.17.1-1 - Version bump * Tue Sep 23 2014 TI_Eugene <ti.eugene(a)gmail.com> - 0.17.0-1 - Version bump * Sun Aug 17 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.16.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Mon Jul 21 2014 TI_Eugene <ti.eugene(a)gmail.com> - 0.16.1-1 - Version bump * Fri Jun 13 2014 TI_Eugene <ti.eugene(a)gmail.com> - 0.16.0-1 - Version bump * Sun Jun 8 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.15.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Sat Apr 19 2014 TI_Eugene <ti.eugene(a)gmail.com> - 0.15.4-1 - Version bump * Thu Mar 20 2014 TI_Eugene <ti.eugene(a)gmail.com> - 0.15.2-1 - Version bump * Fri Jan 31 2014 TI_Eugene <ti.eugene(a)gmail.com> - 0.14.3-1 - Version bump * Fri Jan 3 2014 TI_Eugene <ti.eugene(a)gmail.com> - 0.14.2-1 - Version bump * Sun Dec 8 2013 TI_Eugene <ti.eugene(a)gmail.com> - 0.14.1-1 - Version bump - phonon-devel BR added * Sat Nov 16 2013 TI_Eugene <ti.eugene(a)gmail.com> - 0.14.0-1 - Version bump * Sat Aug 31 2013 TI_Eugene <ti.eugene(a)gmail.com> - 0.13.3-1 - Version bump * Wed Jul 31 2013 TI_Eugene <ti.eugene(a)gmail.com> - 0.13.2-1 - Version bump * Mon Jul 1 2013 TI_Eugene <ti.eugene(a)gmail.com> - 0.13.1-1 - Version bump -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update quiterss' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

9 years, 4 months

1
0
0 / 0

Fedora 19 Update: python-fedmsg-genacls-0.4-1.fc19

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2014-14781 2014-11-12 01:27:11 -------------------------------------------------------------------------------- Name : python-fedmsg-genacls Product : Fedora 19 Version : 0.4 Release : 1.fc19 URL : http://pypi.python.org/pypi/fedmsg_genacls Summary : A fedmsg consumer that sets gitosis acls in response to pkgdb messages Description : An example of using fedmsg to monitor pkgdb for messages, but delaying action for a few seconds to accumulate messages and avoid pile-up. -------------------------------------------------------------------------------- Update Information: Respond appropriately to more triggers. -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update python-fedmsg-genacls' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

9 years, 4 months

1
0
0 / 0

[SECURITY] Fedora 20 Update: phpMyAdmin-4.2.12-1.fc20

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2014-15538 2014-11-22 11:35:10 -------------------------------------------------------------------------------- Name : phpMyAdmin Product : Fedora 20 Version : 4.2.12 Release : 1.fc20 URL : http://www.phpmyadmin.net/ Summary : Handle the administration of MySQL over the World Wide Web Description : phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface (managing databases, tables, fields, relations, indexes, users, permissions), while you still have the ability to directly execute any SQL statement. Features include an intuitive web interface, support for most MySQL features (browse and drop databases, tables, views, fields and indexes, create, copy, drop, rename and alter databases, tables, fields and indexes, maintenance server, databases and tables, with proposals on server configuration, execute, edit and bookmark any SQL-statement, even batch-queries, manage MySQL users and privileges, manage stored procedures and triggers), import data from CSV and SQL, export data to various formats: CSV, SQL, XML, PDF, OpenDocument Text and Spreadsheet, Word, Excel, LATEX and others, administering multiple servers, creating PDF graphics of your database layout, creating complex queries using Query-by-example (QBE), searching globally in a database or a subset of it, transforming stored data into any format using a set of predefined functions, like displaying BLOB-data as image or download-link and much more... -------------------------------------------------------------------------------- Update Information: phpMyAdmin 4.2.12.0 (2014-11-20) ================================ - Blank/white page when JavaScript disabled - Multi row actions cause full page reloads - ReferenceError: targeurl is not defined - Incorrect text/icon display in Tracking report - Recordset return from procedure display nothing - Edit dialog for routines is too long for smaller displays - JavaScript error after moving a column - Issue with long comments on table columns - Input field unnecessarily selected on focus - Exporting selected rows exports all rows of the query - No insert statement produced in SQL export for queries with alias - Field disabled when internal relations used - [security] XSS through exception stack - [security] Path traversal can lead to leakage of line count - [security] XSS vulnerability in table print view - [security] XSS vulnerability in zoom search page - [security] Path traversal in file inclusion of GIS factory - [security] XSS in multi submit - [security] XSS through pma_fontsize cookie -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 20 2014 Robert Scheck <robert(a)fedoraproject.org> 4.2.12-1 - Upgrade to 4.2.12 (#1166397) * Sat Nov 1 2014 Robert Scheck <robert(a)fedoraproject.org> 4.2.11-1 - Upgrade to 4.2.11 (#1159524) * Wed Oct 22 2014 Robert Scheck <robert(a)fedoraproject.org> 4.2.10.1-1 - Upgrade to 4.2.10.1 (#1155272, #1155362) * Mon Oct 13 2014 Robert Scheck <robert(a)fedoraproject.org> 4.2.10-1 - Upgrade to 4.2.10 (#1152115) * Sat Oct 4 2014 Remi Collet <remi(a)fedoraproject.org> 4.2.9.1-2 - provide nginx configuration (Fedora >= 21) - fix license handling * Thu Oct 2 2014 Robert Scheck <robert(a)fedoraproject.org> 4.2.9.1-1 - Upgrade to 4.2.9.1 (#1148664) * Sun Sep 21 2014 Robert Scheck <robert(a)fedoraproject.org> 4.2.9-1 - Upgrade to 4.2.9 - Set default charset for Apache explicitly * Wed Sep 17 2014 Robert Scheck <robert(a)fedoraproject.org> 4.2.8.1-2 - Move rm(1) calls from %install to %prep (#1121355 #c10) * Tue Sep 16 2014 Robert Scheck <robert(a)fedoraproject.org> 4.2.8.1-1 - Upgrade to 4.2.8.1 (#1141635) * Mon Sep 1 2014 Robert Scheck <robert(a)fedoraproject.org> 4.2.8-1 - Upgrade to 4.2.8 * Mon Aug 18 2014 Robert Scheck <robert(a)fedoraproject.org> 4.2.7.1-1 - Upgrade to 4.2.7.1 (#1130865, #1130866, #1131104) * Thu Jul 31 2014 Robert Scheck <robert(a)fedoraproject.org> 4.2.7-1 - Upgrade to 4.2.7 * Sat Jul 19 2014 Robert Scheck <robert(a)fedoraproject.org> 4.2.6-1 - Upgrade to 4.2.6 (#548260, #959946, #989660, #989668, #993613 and #1000261, #1067713, #1110877, #1117600, #1117601) - Switch from HTTP- to cookie-based authentication (for php-fpm) * Sat Jun 7 2014 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 3.5.8.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Thu Dec 12 2013 Ville Skyttä <ville.skytta(a)iki.fi> - 3.5.8.2-2 - Fix paths to changelog and license when doc dir is unversioned (#994036). - Fix source URL, use xz compressed tarball. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1166619 - CVE-2014-8958 phpMyAdmin: Multiple XSS vulnerabilities (PMASA-2014-13) https://bugzilla.redhat.com/show_bug.cgi?id=1166619 [ 2 ] Bug #1166626 - CVE-2014-8959 phpMyAdmin: Local file inclusion vulnerability (PMASA-2014-14) https://bugzilla.redhat.com/show_bug.cgi?id=1166626 [ 3 ] Bug #1166634 - CVE-2014-8960 phpMyAdmin: XSS vulnerability in error reporting functionality (PMASA-2014-15) https://bugzilla.redhat.com/show_bug.cgi?id=1166634 [ 4 ] Bug #1166637 - CVE-2014-8961 phpMyAdmin: leakage of line count of an arbitrary file (PMASA-2014-16) https://bugzilla.redhat.com/show_bug.cgi?id=1166637 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update phpMyAdmin' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

9 years, 4 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

package-announce December 2014