June 2016 - package-announce - Fedora Mailing-Lists

[SECURITY] Fedora 23 Update: squidGuard-1.4-26.fc23

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-f8a01aa629 2016-06-30 14:54:20.833449 -------------------------------------------------------------------------------- Name : squidGuard Product : Fedora 23 Version : 1.4 Release : 26.fc23 URL : http://www.squidguard.org/ Summary : Filter, redirector and access controller plugin for squid Description : squidGuard can be used to - limit the web access for some users to a list of accepted/well known web servers and/or URLs only. - block access to some listed or blacklisted web servers and/or URLs for some users. - block access to URLs matching a list of regular expressions or words for some users. - enforce the use of domainnames/prohibit the use of IP address in URLs. - redirect blocked URLs to an "intelligent" CGI based info page. - redirect unregistered user to a registration form. - redirect popular downloads like Netscape, MSIE etc. to local copies. - redirect banners to an empty GIF. - have different access rules based on time of day, day of the week, date etc. - have different rules for different user groups. - and much more.. Neither squidGuard nor Squid can be used to - filter/censor/edit text inside documents - filter/censor/edit embeded scripting languages like JavaScript or VBscript inside HTML -------------------------------------------------------------------------------- Update Information: Unit file fix. ---- http://www.squidguard.org/Downloads/Patches/1.4/Readme.Patch-20150201 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1177012 - ExecStop syntax error in squidGuard.service https://bugzilla.redhat.com/show_bug.cgi?id=1177012 [ 2 ] Bug #1323211 - "squidGuard" doesn't guard - no errormessages when failing https://bugzilla.redhat.com/show_bug.cgi?id=1323211 [ 3 ] Bug #1348459 - CVE-2015-8936 squidGuard: Reflected cross site scripting vulnerability in squidGuard.cgi [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1348459 [ 4 ] Bug #1253636 - error: squidGuard:7 error verifying olddir path /var/log/squidGuard/old: No such file or directory https://bugzilla.redhat.com/show_bug.cgi?id=1253636 [ 5 ] Bug #1253633 - /var/log/squidGuard permissions https://bugzilla.redhat.com/show_bug.cgi?id=1253633 [ 6 ] Bug #1348458 - CVE-2015-8936 squidGuard: Reflected cross site scripting vulnerability in squidGuard.cgi [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1348458 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update squidGuard' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

7 years, 9 months

1
0
0 / 0

Fedora 23 Update: gnome-chemistry-utils-0.14.12-3.fc23

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-591e1730be 2016-06-30 14:54:20.833367 -------------------------------------------------------------------------------- Name : gnome-chemistry-utils Product : Fedora 23 Version : 0.14.12 Release : 3.fc23 URL : http://www.nongnu.org/gchemutils/ Summary : A set of chemical utilities Description : This is a meta-package for applications in the GNOME Chemistry Utils suite: * A 3D molecular structure viewer (GChem3D). * A Chemical calculator (GChemCalc). * A 2D structure editor (GChemPaint). * A periodic table of the elements application (GChemTable). * A crystalline structure editor (GCrystal). * A spectra viewer (GSpectrum). -------------------------------------------------------------------------------- Update Information: This is an update to the latest upstream releases of gnumeric and goffice: * http://gnumeric.org/announcements/1.12/gnumeric-1.12.30.html -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update gnome-chemistry-utils' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

7 years, 9 months

1
0
0 / 0

Fedora 23 Update: goffice-0.10.30-1.fc23

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-591e1730be 2016-06-30 14:54:20.833367 -------------------------------------------------------------------------------- Name : goffice Product : Fedora 23 Version : 0.10.30 Release : 1.fc23 URL : http://projects.gnome.org/gnumeric/index.shtml Summary : G Office support libraries Description : Support libraries for gnome office -------------------------------------------------------------------------------- Update Information: This is an update to the latest upstream releases of gnumeric and goffice: * http://gnumeric.org/announcements/1.12/gnumeric-1.12.30.html -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update goffice' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

7 years, 9 months

1
0
0 / 0

Fedora 23 Update: gnumeric-1.12.30-1.fc23

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-591e1730be 2016-06-30 14:54:20.833367 -------------------------------------------------------------------------------- Name : gnumeric Product : Fedora 23 Version : 1.12.30 Release : 1.fc23 URL : http://projects.gnome.org/gnumeric/ Summary : Spreadsheet program for GNOME Description : Gnumeric is a spreadsheet program for the GNOME GUI desktop environment. -------------------------------------------------------------------------------- Update Information: This is an update to the latest upstream releases of gnumeric and goffice: * http://gnumeric.org/announcements/1.12/gnumeric-1.12.30.html -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update gnumeric' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

7 years, 9 months

1
0
0 / 0

Fedora 23 Update: dyninst-9.0.3-3.fc23

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-5118ab44aa 2016-06-30 14:54:20.833306 -------------------------------------------------------------------------------- Name : dyninst Product : Fedora 23 Version : 9.0.3 Release : 3.fc23 URL : http://www.dyninst.org Summary : An API for Run-time Code Generation Description : Dyninst is an Application Program Interface (API) to permit the insertion of code into a running program. The API also permits changing or removing subroutine calls from the application program. Run-time code changes are useful to support a variety of applications including debugging, performance monitoring, and to support composing applications out of existing packages. The goal of this API is to provide a machine independent interface to permit the creation of tools and applications that use run-time code patching. -------------------------------------------------------------------------------- Update Information: Use static TLS for libdyninstAPI_RT.so -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update dyninst' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

7 years, 9 months

1
0
0 / 0

[SECURITY] Fedora 23 Update: python-django-horizon-2015.1.4-1.fc23

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-e538b11379 2016-06-30 14:54:20.833240 -------------------------------------------------------------------------------- Name : python-django-horizon Product : Fedora 23 Version : 2015.1.4 Release : 1.fc23 URL : http://horizon.openstack.org/ Summary : Django application for talking to Openstack Description : Horizon is a Django application for providing Openstack UI components. It allows performing site administrator (viewing account resource usage, configuring users, accounts, quotas, flavors, etc.) and end user operations (start/stop/delete instances, create/restore snapshots, view instance VNC console, etc.) -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-4428, rebase to 2015.1.4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1343982 - CVE-2016-4428 python-django-horizon: XSS in client side template https://bugzilla.redhat.com/show_bug.cgi?id=1343982 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update python-django-horizon' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

7 years, 9 months

1
0
0 / 0

[SECURITY] Fedora 23 Update: wordpress-4.5.3-1.fc23

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-a5e392ef01 2016-06-30 14:54:20.833183 -------------------------------------------------------------------------------- Name : wordpress Product : Fedora 23 Version : 4.5.3 Release : 1.fc23 URL : http://www.wordpress.org Summary : Blog tool and publishing platform Description : Wordpress is an online publishing / weblog package that makes it very easy, almost trivial, to get information out to people on the web. Important information in /usr/share/doc/wordpress/README.fedora -------------------------------------------------------------------------------- Update Information: See upstream announcement [WordPress 4.5.3 Maintenance and Security Release](ttps://wordpress.org/news/2016/06/wordpress-4-5-3/) Packaging changes: - provide nginx configuration (fedora) - drop mandatory dependency on httpd (suggested) #1336091 - protect php files in uploads directory -------------------------------------------------------------------------------- References: [ 1 ] Bug #1349323 - CVE-2016-5832 CVE-2016-5833 CVE-2016-5834 CVE-2016-5835 CVE-2016-5836 CVE-2016-5837 CVE-2016-5838 CVE-2016-5839 wordpress: 4.5.3 Security Release https://bugzilla.redhat.com/show_bug.cgi?id=1349323 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update wordpress' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

7 years, 9 months

1
0
0 / 0

Fedora 23 Update: rubygem-github-linguist-4.8.7-1.fc23

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-633d8c7555 2016-06-30 14:54:20.833124 -------------------------------------------------------------------------------- Name : rubygem-github-linguist Product : Fedora 23 Version : 4.8.7 Release : 1.fc23 URL : https://github.com/github/linguist Summary : GitHub Language detection Description : Library to detect blob languages, highlight code, ignore binary files, suppress generated files in diffs, and generate language breakdown graphs. -------------------------------------------------------------------------------- Update Information: New upstream release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1348747 - rubygem-github-linguist-v4.8.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1348747 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update rubygem-github-linguist' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

7 years, 9 months

1
0
0 / 0

Fedora 23 Update: ghex-3.18.2-1.fc23

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-aaad375aa8 2016-06-30 14:54:20.833039 -------------------------------------------------------------------------------- Name : ghex Product : Fedora 23 Version : 3.18.2 Release : 1.fc23 URL : http://ftp.gnome.org/pub/GNOME/sources/ghex/ Summary : Binary editor for GNOME Description : GHex can load raw data from binary files and display them for editing in the traditional hex editor view. The display is split in two columns, with hexadecimal values in one column and the ASCII representation in the other. A useful tool for working with raw data. -------------------------------------------------------------------------------- Update Information: ghex 3.18.2 release with translation updates. -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update ghex' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

7 years, 9 months

1
0
0 / 0

[SECURITY] Fedora 23 Update: struts-1.3.10-18.fc23

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-21bd6a33af 2016-06-30 14:54:20.832965 -------------------------------------------------------------------------------- Name : struts Product : Fedora 23 Version : 1.3.10 Release : 18.fc23 URL : http://struts.apache.org/ Summary : Web application framework Description : Welcome to the Struts Framework! The goal of this project is to provide an open source framework useful in building web applications with Java Servlet and JavaServer Pages (JSP) technology. Struts encourages application architectures based on the Model-View-Controller (MVC) design paradigm, colloquially known as Model 2 in discussions on various servlet and JSP related mailing lists. Struts includes the following primary areas of functionality: A controller servlet that dispatches requests to appropriate Action classes provided by the application developer. JSP custom tag libraries, and associated support in the controller servlet, that assists developers in creating interactive form-based applications. Utility classes to support XML parsing, automatic population of JavaBeans properties based on the Java reflection APIs, and internationalization of prompts and messages. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-1181, CVE-2016-1182 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1343538 - CVE-2016-1181 struts: Vulnerability in ActionForm allows unintended remote operations against components on server memory https://bugzilla.redhat.com/show_bug.cgi?id=1343538 [ 2 ] Bug #1343540 - CVE-2016-1182 struts: Improper input validation in Validator https://bugzilla.redhat.com/show_bug.cgi?id=1343540 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update struts' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

7 years, 9 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

package-announce June 2016