--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-5414
2014-04-21 06:00:57
--------------------------------------------------------------------------------
Name : bugzilla
Product : Fedora 19
Version : 4.2.9
Release : 1.fc19
URL : http://www.bugzilla.org/
Summary : Bug tracking system
Description :
Bugzilla is a popular bug tracking system used by multiple open source projects
It requires a database engine installed - either MySQL, PostgreSQL or Oracle.
Without one of these database engines (local or remote), Bugzilla will not work
- see the Release Notes for details.
--------------------------------------------------------------------------------
Update Information:
Previous versions of bugzilla had the following security issues:
* The login form had no CSRF protection, meaning that an attacker could force the victim to log in using the attacker's credentials.
* Dangerous control characters can be inserted into Bugzilla, notably into bug comments, which can then be used to execute local commands.
The first issue has the CVE number CVE-2014-1517. Please see http://www.bugzilla.org/security/4.0.11/ for all the gory details.
Both issues were fixed in 4.2.8 but it introduced a regression in bug commenting that was fixed in 4.2.9.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 19 2014 Emmanuel Seyman <emmanuel(a)seyman.fr> - 4.2.9-1
- Update to 4.2.9 (regression fix for 4.2.8 which was a security update)
- Drop backported patches
* Sun Jan 19 2014 Emmanuel Seyman <emmanuel(a)seyman.fr> - 4.2.7-3
- Fix the comparison of module versions (#1044854)
- Really honor the PROJECT environment variable (#911943)
* Fri Nov 15 2013 Emmanuel Seyman <emmanuel(a)seyman.fr> - 4.2.7-2
- Add patch to cache bz_locations() (bmo #843457)
- Fix constants patch to honor the PROJECT environment variable (#911943)
* Thu Oct 17 2013 Emmanuel Seyman <emmanuel(a)seyman.fr> - 4.2.7-1
- Update to 4.2.7 (security updates)
- Patch bugzilla to write compiled templates under /var (#949130)
* Sun Aug 4 2013 Emmanuel Seyman <emmanuel(a)seyman.fr> - 4.2.6-2
- Change apache conf to enable access to all machines
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update bugzilla' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-5644
2014-04-26 06:36:35
--------------------------------------------------------------------------------
Name : xorg-x11-drv-synaptics
Product : Fedora 20
Version : 1.7.4
Release : 9.fc20
URL : http://www.x.org
Summary : Xorg X11 Synaptics touchpad input driver
Description :
This is the Synaptics touchpad driver for the X.Org X server. The following
touchpad models are supported:
* Synaptics
* appletouch (Post February 2005 and October 2005 Apple Aluminium Powerbooks)
* Elantech (EeePC)
* bcm5974 (Macbook Air (Jan 2008), Macbook Pro Penryn (Feb 2008), iPhone
(2007), iPod Touch (2008)
Note that support for appletouch, elantech and bcm5974 requires the respective
kernel module.
A touchpad by default operates in compatibility mode by emulating a standard
mouse. However, by using a dedicated driver, more advanced features of the
touchpad become available.
Features:
* Movement with adjustable, non-linear acceleration and speed.
* Button events through short touching of the touchpad ("tapping").
* Double-Button events through double short touching of the touchpad.
* Dragging through short touching and holding down the finger on the
touchpad.
* Middle and right button events on the upper and lower corner of the
touchpad.
* Vertical scrolling (button four and five events) through moving the
finger on the right side of the touchpad.
* The up/down button sends button four/five events.
* Horizontal scrolling (button six and seven events) through moving the
finger on the lower side of the touchpad.
* The multi-buttons send button four/five events, and six/seven events for
horizontal scrolling.
* Adjustable finger detection.
Multifinger taps: two finger for middle button and three finger for
right button events. (Needs hardware support. Not all models implement
this feature.)
* Run-time configuration using shared memory. This means you can change
parameter settings without restarting the X server.
--------------------------------------------------------------------------------
Update Information:
- Add topbuttons quirk for Thinkpad Edge E341 (#1089689)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 22 2014 Hans de Goede <hdegoede(a)redhat.com> - 1.7.4-9
- Add topbuttons quirk for Thinkpad Edge E341 (#1089689)
* Fri Apr 18 2014 Hans de Goede <hdegoede(a)redhat.com> - 1.7.4-8
- Add L540 to 70-touchpad-quirks.rules as touchpad_softbutton_top (#1088588)
* Mon Apr 14 2014 Hans de Goede <hdegoede(a)redhat.com> - 1.7.4-7
- Fix 3 finger clicking on clickpads (#1086218)
- Add T431 to 70-touchpad-quirks.rules as touchpad_softbutton_top (#1085582)
- Switch to using relative coordinates for the top softbutton area (#1085697)
* Wed Apr 9 2014 Peter Hutterer <peter.hutterer(a)redhat.com> 1.7.4-6
- Add L440 and X1 Carbon tags/config
* Wed Apr 2 2014 Peter Hutterer <peter.hutterer(a)redhat.com> 1.7.4-5
- Update the various top softbutton ranges and use a udev quirk to tag them
* Thu Mar 27 2014 Peter Hutterer <peter.hutterer(a)redhat.com> 1.7.4-4
- Add patches to support the T440 series laptops
* Mon Mar 24 2014 Peter Hutterer <peter.hutterer(a)redhat.com> 1.7.4-3
- Fix stuck touch points when receving SYN_DROPPED events (#877464)
* Fri Mar 21 2014 Peter Hutterer <peter.hutterer(a)redhat.com> 1.7.4-2
- Unset ClickPad for Cypress touchpads, they do everything in firmware, we
can't compete with that. (fdo bug 76341 and 70819)
* Wed Mar 12 2014 Peter Hutterer <peter.hutterer(a)redhat.com> 1.7.4-1
- synaptics 1.7.4
* Fri Dec 13 2013 Peter Hutterer <peter.hutterer(a)redhat.com> 1.7.1-6
- Match for T440s and move the softbuttons to the top of the touchpad
(#1035469)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1089689 - only a part of the touchpard area working
https://bugzilla.redhat.com/show_bug.cgi?id=1089689
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update xorg-x11-drv-synaptics' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-4992
2014-04-14 21:54:42
--------------------------------------------------------------------------------
Name : lcgdm
Product : Fedora 19
Version : 1.8.8
Release : 4.fc19
URL : http://glite.web.cern.ch/glite/
Summary : LHC Computing Grid Data Management
Description :
The lcgdm package provides the LCG Data Management components: the LFC
(LCG File Catalog) and the DPM (Disk Pool Manager).
--------------------------------------------------------------------------------
Update Information:
Patches for dpm-listspaces
Backported patch for GLOBUS_THREAD_MODEL
Update for new upstream release 1.8.8
Update for new upstream release 1.8.8
Backported patch for GLOBUS_THREAD_MODEL
Update for new upstream release 1.8.8
Update for new upstream release 1.8.8
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 9 2014 Alejandro Alvarez <aalvarez(a)cern.ch> - 1.8.8-4
- Patch: LCGDM-1380 and LCGDM-1386
* Fri Mar 28 2014 Alejandro Alvarez <aalvarez(a)cern.ch> - 1.8.8-3
- Patch: dpm-drain: needs GLOBUS_THREAD_MODEL set
* Fri Mar 14 2014 Alejandro Alvarez <aalvarez(a)cern.ch> - 1.8.8-2
- Upstream provided a wrong tag by mistake. Rebuild with the new code
* Wed Mar 12 2014 Alejandro Alvarez <aalvarez(a)cern.ch> - 1.8.8-1
- Update for new upstream release
* Fri Aug 30 2013 Alejandro Alvarez <aalvarez(a)cern.ch> 1.8.7-4
- Introduce systemd-rpm macros
* Wed Jul 10 2013 Alejandro Alvarez <aalvarez(a)cern.ch> 1.8.7-3
- Update for new upstream release
- Fixed bogus dates
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update lcgdm' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-5188
2014-04-15 12:16:14
--------------------------------------------------------------------------------
Name : python-bloom
Product : Fedora 20
Version : 0.5.4
Release : 1.fc20
URL : http://www.ros.org/wiki/bloom
Summary : Bloom is a release automation tool
Description :
Bloom provides tools for releasing software on top of a git repository
and leverages tools and patterns from git-buildpackage. Additionally,
bloom leverages meta and build information from catkin
(https://github.com/ros/catkin) to automate release branching and the
generation of platform specific source packages, like debian's src-debs.
--------------------------------------------------------------------------------
Update Information:
New package
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1084865 - Review Request: python-bloom - Bloom is a release automation tool for catkin packages
https://bugzilla.redhat.com/show_bug.cgi?id=1084865
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update python-bloom' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-5581
2014-04-25 02:59:06
--------------------------------------------------------------------------------
Name : open-vm-tools
Product : Fedora 20
Version : 9.4.0
Release : 9.fc20
URL : http://open-vm-tools.sourceforge.net/
Summary : Open Virtual Machine Tools for virtual machines hosted on VMware
Description :
The open-vm-tools project is an open source implementation of VMware Tools. It
is a suite of open source virtualization utilities and drivers to improve the
functionality, user experience and administration of VMware virtual machines.
This package contains only the core user-space programs and libraries of
open-vm-tools.
--------------------------------------------------------------------------------
Update Information:
Moved 'vm-support' script to /usr/bin. Removed unnecessary dependency on 'dbus'. Added notification to VMware platform when open-vm-tools gets uninstalled.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 23 2014 Ravindra Kumar <ravindrakumar(a)vmware.com> - 9.4.0-9
- Removed unnecessary package dependency on 'dbus'
- Moved 'vm-support' script to /usr/bin
- Added a call to 'tools.set.version' RPC to inform VMware
platform when open-vm-tools has been uninstalled
* Wed Mar 26 2014 Ravindra Kumar <ravindrakumar(a)vmware.com> - 9.4.0-8
- Add missing package dependency on 'which' (BZ#1045709)
* Tue Mar 25 2014 Ravindra Kumar <ravindrakumar(a)vmware.com> - 9.4.0-7
- Add -D_DEFAULT_SOURCE to suppress warning as suggested in
https://sourceware.org/bugzilla/show_bug.cgi?id=16632
* Fri Mar 21 2014 Ravindra Kumar <ravindrakumar(a)vmware.com> - 9.4.0-6
- Add missing package dependencies (BZ#1045709, BZ#1077320)
* Tue Feb 18 2014 Igor Gnatenko <i.gnatenko.brain(a)gmail.com> - 9.4.0-5
- Fix FTBFS g_info redefine (RHBZ #1063847)
* Fri Feb 14 2014 David Tardon <dtardon(a)redhat.com> - 9.4.0-4
- rebuild for new ICU
* Tue Feb 11 2014 Richard W.M. Jones <rjones(a)redhat.com> - 9.4.0-3
- Only build on x86-64 for RHEL 7 (RHBZ#1054608).
* Wed Dec 4 2013 Richard W.M. Jones <rjones(a)redhat.com> - 9.4.0-2
- Rebuild for procps SONAME bump.
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update open-vm-tools' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-4904
2014-04-09 00:04:22
--------------------------------------------------------------------------------
Name : xorg-x11-drv-wacom
Product : Fedora 19
Version : 0.23.0
Release : 5.fc19
URL : http://www.x.org
Summary : Xorg X11 wacom input driver
Description :
X.Org X11 wacom input driver for Wacom tablets.
--------------------------------------------------------------------------------
Update Information:
Use custom wacom inputattach tool
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 19 2014 Peter Hutterer <peter.hutterer(a)redhat.com> 0.23.0-5
- Use custom wacom inputattach tool (#1046912)
* Mon Jan 20 2014 Peter Hutterer <peter.hutterer(a)redhat.com> 0.23.0-4
- Match N-Trig DuoSense (#1031343)
* Fri Jan 17 2014 Peter Hutterer <peter.hutterer(a)redhat.com> 0.23.0-3
- Let systemd restart inputattach when it exits (i.e. after suspend)
(#1046912)
- Fix the description to avoid superfluous quotes
* Mon Dec 9 2013 Peter Hutterer <peter.hutterer(a)redhat.com> 0.23.0-2
- Use systemd for starting inputattach
* Sat Sep 28 2013 Peter Hutterer <peter.hutterer(a)redhat.com> 0.23.0-1
- wacom 0.23.0
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.22.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Fri Jul 12 2013 Peter Hutterer <peter.hutterer(a)redhat.com> - 0.22.0-2
- Fix changelog - 'percent signs in specfile changelog should be escaped'
* Thu Jul 11 2013 Peter Hutterer <peter.hutterer(a)redhat.com> 0.22.0-1
- wacom 0.22.0
* Wed Jun 26 2013 Peter Hutterer <peter.hutterer(a)redhat.com> 0.21.99.1-2
- This time with the right tarball
* Wed Jun 26 2013 Peter Hutterer <peter.hutterer(a)redhat.com> 0.21.99.1-1
- wacom 0.21.99.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1084728 - Updating Xorg X11 wacom input driver breaks Laptop's (WACf004) stylus/eraser tablet pen
https://bugzilla.redhat.com/show_bug.cgi?id=1084728
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update xorg-x11-drv-wacom' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-5343
2014-04-18 14:25:35
--------------------------------------------------------------------------------
Name : perl-Class-Forward
Product : Fedora 20
Version : 0.100006
Release : 2.fc20
URL : http://search.cpan.org/dist/Class-Forward/
Summary : Namespace Dispatch and Resolution
Description :
Class::Forward is designed to resolve Perl namespaces from shorthand (which
is simply a file-path-like specification). Class::Forward can also be used
to dispatch method calls using said shorthand. See the included exported
functions for examples on how this can be used.
--------------------------------------------------------------------------------
Update Information:
Class::Forward is designed to resolve Perl namespaces from shorthand (which
is simply a file-path-like specification). Class::Forward can also be used
to dispatch method calls using said shorthand. See the included exported
functions for examples on how this can be used.
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update perl-Class-Forward' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-5565
2014-04-25 02:58:30
--------------------------------------------------------------------------------
Name : tog-pegasus
Product : Fedora 20
Version : 2.12.1
Release : 13.fc20
URL : http://www.openpegasus.org
Summary : OpenPegasus WBEM Services for Linux
Description :
OpenPegasus WBEM Services for Linux enables management solutions that deliver
increased control of enterprise resources. WBEM is a platform and resource
independent DMTF standard that defines a common information model and
communication protocol for monitoring and controlling resources from diverse
sources.
--------------------------------------------------------------------------------
Update Information:
Add Linkage.h and CIMListener.h to -devel because of lmiwbem
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 23 2014 Vitezslav Crhonek <vcrhonek(a)redhat.com> - 2:2.12.1-13
- Add install Linkage.h and CIMListener.h to -devel because of lmiwbem
(CIMListener class)
* Thu Jan 30 2014 Vitezslav Crhonek <vcrhonek(a)redhat.com> - 2:2.12.1-12
- Add Platform_LINUX_XSCALE_GNU.h to -devel because of lmiwbem on arm
* Thu Jan 9 2014 Vitezslav Crhonek <vcrhonek(a)redhat.com> - 2:2.12.1-11
- Allow unprivileged users to subscribe to indications
Resolves: #1049314
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update tog-pegasus' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-5337
2014-04-18 14:25:20
--------------------------------------------------------------------------------
Name : stunnel
Product : Fedora 19
Version : 5.01
Release : 1.fc19
URL : http://www.stunnel.org/
Summary : An SSL-encrypting socket wrapper
Description :
Stunnel is a socket wrapper which can provide SSL (Secure Sockets
Layer) support to ordinary applications. For example, it can be used
in conjunction with imapd to create an SSL secure IMAP server.
--------------------------------------------------------------------------------
Update Information:
New upstream release with following important changes:
Supports OpenSSL DLLs 1.0.1g.
Fixes to take care of OpenSSL's TLS heartbeat read overrun (CVE-2014-0160).
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 17 2014 Avesh Agarwal <avagarwa(a)redhat.com> - 5.01-1
- New upstream realease 5.01
- Supports OpenSSL DLLs 1.0.1g.
- Fixes to take care of OpenSSL,s TLS heartbeat
read overrun (CVE-2014-0160).
* Fri Mar 7 2014 Avesh Agarwal <avagarwa(a)redhat.com> - 5.00-1
- New upstream realease 5.00
- Updated local patches.
- Fix for CVE-2014-0016
- Fixed changelog date errors
- Fixes rhbz #1006819
* Mon Aug 5 2013 Avesh Agarwal <avagarwa(a)redhat.com> - 4.56-3
- Ftp mirrors for NA does not work, so changing source code
URLs to the correct ones.
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 4.56-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Mon Apr 1 2013 Avesh Agarwal <avagarwa(a)redhat.com> - 4.56-1
- New upstream realease 4.56.
- Updated local patches.
- Fixed upstream URL in spec file.
- Sourced URL of sha256 hash file in spec file.
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update stunnel' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-3824
2014-03-15 13:21:17
--------------------------------------------------------------------------------
Name : dmlite-plugins-s3
Product : Fedora 20
Version : 0.5.1
Release : 3.fc20
URL : https://svnweb.cern.ch/trac/lcgdm
Summary : S3 plugin for dmlite
Description :
This package provides the S3 plugin for dmlite. It provides access
to data stored in a S3 cloud provider from the DPM namespace.
--------------------------------------------------------------------------------
Update Information:
Push 0.6.2 on fedora/EPEL
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 12 2014 Adrien Devresse <adevress at cern.ch> - 0.5.1-3
- Release 0.5.1 for dmlite 0.6.2 synchronization
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update dmlite-plugins-s3' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------