Fedora Core 4 Test Update: selinux-policy-targeted-1.25.4-10.1
by Daniel J Walsh
---------------------------------------------------------------------
Fedora Test Update Notification
FEDORA-2005-854
2005-09-07
---------------------------------------------------------------------
Product : Fedora Core 4
Name : selinux-policy-targeted
Version : 1.25.4
Release : 10.1
Summary : SELinux targeted policy configuration
Description :
Security-enhanced Linux is a patch of the Linux® kernel and a number
of utilities with enhanced security functionality designed to add
mandatory access controls to Linux. The Security-enhanced Linux
kernel contains new architectural components originally developed to
improve the security of the Flask operating system. These
architectural components provide general support for the enforcement
of many kinds of mandatory access control policies, including those
based on the concepts of Type Enforcement®, Role-based Access
Control, and Multi-level Security.
This package contains the SELinux example policy configuration along
with the Flask configuration information and the application
configuration files.
---------------------------------------------------------------------
* Wed Sep 7 2005 Dan Walsh <dwalsh(a)redhat.com> 1.25.4-10.1
- Fix roundup policy
- Fixes for bluetooth
- Change can_resolv to allow tcp_socket name_connect to dns port.
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/testing/4/
5bd5326c959b84434191b6ba13c4e321 SRPMS/selinux-policy-targeted-1.25.4-10.1.src.rpm
b3248151e5f191e914312fa0f59b8549 x86_64/selinux-policy-targeted-1.25.4-10.1.noarch.rpm
c30145a5fdab01caa1b959f783e164da x86_64/selinux-policy-targeted-sources-1.25.4-10.1.noarch.rpm
b3248151e5f191e914312fa0f59b8549 i386/selinux-policy-targeted-1.25.4-10.1.noarch.rpm
c30145a5fdab01caa1b959f783e164da i386/selinux-policy-targeted-sources-1.25.4-10.1.noarch.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command. You may
need to edit your up2date channels configuration. Within
/etc/sysconfig/rhn/sources enable the following line:
yum updates-testing http://download.fedora.redhat.com/pub/fedora/linux/core/updates/testing/4...
---------------------------------------------------------------------
18 years, 7 months
Re: First boot problem from rawhide
by Luya Tshimbalanga
>Boy, did you pick a good time to do a rawhide install! :-)
The gri-gri gave me a very bad answer. :p
>Seriously, try to find a mirror that still has kernel-2.6.13-1.1535_FC5 available. kernel-2.6.13-1.1538_FC5 is now avaiable, but I have not tried to reboot into it yet. I suspect the snapshot might influence its bootability.
Isn't it simple to wait for the update instead? I did network install for rawhide but I have no idea
how to install a second kernel.
lUYA
--
_______________________________________________
Get your free email from http://mymail.jp.popstarmail.org
18 years, 7 months
rawhide report: 20050906 changes
by Build System
Updated Packages:
bluez-libs-2.20-1
-----------------
* Mon Sep 05 2005 David Woodhouse <dwmw2(a)redhat.com> 2.20-1
- Update to bluez-libs 2.20
bluez-utils-2.20-1
------------------
* Mon Sep 05 2005 David Woodhouse <dwmw2(a)redhat.com> 2.20-1
- Update to bluez-utils 2.20
e2fsprogs-1.37-5
----------------
* Mon Sep 05 2005 Karel Zak <kzak(a)redhat.com> - 1.37-5
- fix swsuspend partition detection (#165863)
- fix revalidate from ext2 to ext3 (#162927)
- fix vfat without magic detection (#161873)
elfutils-0.115-1
----------------
* Mon Sep 05 2005 Roland McGrath <roland(a)redhat.com> - 0.115-1
- update to 0.115
- New program eu-strings.
- libdw: New function dwarf_getscopes_die.
- libelf: speed-ups of non-mmap reading.
- Implement --enable-gcov option for configure.
epiphany-1.8.0-1
----------------
* Mon Sep 05 2005 Christopher Aillon <caillon(a)redhat.com> - 1.8.0-1
- Update to 1.8.0
findutils-1:4.2.25-2
--------------------
* Mon Sep 05 2005 Tim Waugh <twaugh(a)redhat.com> 1:4.2.25-2
- 4.2.25.
foomatic-3.0.2-25
-----------------
* Mon Sep 05 2005 Tim Waugh <twaugh(a)redhat.com> 3.0.2-25
- Add IEEE 1284 ID for HP LaserJet 4200 (bug #166638).
- Add IEEE 1284 ID for HP LaserJet 5000 (bug #167154).
kdebase-6:3.4.2-4
-----------------
* Mon Sep 05 2005 Than Ngo <than(a)redhat.com> 6:3.4.2-4
- apply patch to fix local root vulnerability in kcheckpass CAN-2005-2494, #166997
- apply upstream patch to fix kinfocenter opengl DRI/GLX crash
* Thu Aug 18 2005 Than Ngo <than(a)redhat.com> 6:3.4.2-3
- update config files
kdegraphics-7:3.4.2-3
---------------------
* Mon Sep 05 2005 Than Ngo <than(a)redhat.com> 7:3.4.2-3
- backport CVS patch to fix kpdf crash when trying to
expand sub-bookmarks in the bookmark tree #167390
kernel-2.6.13-1.1538_FC5
------------------------
* Mon Sep 05 2005 Dave Jones <davej(a)redhat.com>
- 2.6.13-git5
mtr-2:0.69-4
------------
* Mon Sep 05 2005 Phil Knirsch <pknirsch(a)redhat.com> 2:0.69-4
- Made the output, especially for reports much more readable (#147865)
- Fixed --address option (#162029)
nano-1.3.8-1
------------
* Mon Sep 05 2005 David Woodhouse <dwmw2(a)redhat.com> 1.3.8-1
- 1.3.8
* Wed Mar 02 2005 David Woodhouse <dwmw2(a)redhat.com> 1.3.5-0.20050302
- Update to post-1.3.5 CVS tree to get UTF-8 support.
* Wed Aug 04 2004 David Woodhouse <dwmw2(a)redhat.com> 1.2.4-1
- 1.2.4
perl-3:5.8.7-0.3.fc5
--------------------
* Mon Sep 05 2005 Warren Togami <wtogami(a)redhat.com> - 3:5.8.7-0.3
- convert docs to UTF-8 (#140871)
slang-1.4.9-19
--------------
* Mon Sep 05 2005 Petr Raszyk <praszyk(a)redhat.com> - 1.4.9-19
- One line in the patch 'slang-utf8-acs.ptach' commented out (#138445).
slib-3a1-3
----------
squid-7:2.5.STABLE10-4
----------------------
* Mon Sep 05 2005 Martin Stransky <stransky(a)redhat.com> 7:2.5.STABLE10-4
- Three upstream patches for #167414
- Spanish and Greek messages
- patch for -D_FORTIFY_SOURCE=2
util-linux-2.13-0.3.pre2
------------------------
* Fri Sep 02 2005 Karel Zak <kzak(a)redhat.com> 2.13-0.3.pre2
- fix #166923 - hwclock will not run on a non audit-enabled kernel
- fix #159410 - mkswap(8) claims max swap area size is 2 GB
- fix #165863 - swsusp swaps should be reinitialized
- change /var/log/lastlog perms to 0644
wget-1.10.1-5
-------------
* Mon Sep 05 2005 Karsten Hopp <karsten(a)redhat.de> 1.10.1-5
- update
- drop patches which are already in the upstream sources
Broken deps for i386
----------------------------------------------------------
valgrind-callgrind - 0.9.11-1.i386 requires valgrind = 1:2.4.0
systemtap - 0.3-2.i386 requires libdw.so.1(ELFUTILS_0.114)
lvm2-cluster - 2.01.09-5.0.i386 requires libgulm.so.1.0
Broken deps for ppc
----------------------------------------------------------
lvm2-cluster - 2.01.09-5.0.ppc requires libgulm.so.1.0
Broken deps for s390x
----------------------------------------------------------
initscripts - 8.12-3.s390x requires kernel >= 0:2.6.12
lvm2 - 2.01.14-1.0.s390x requires kernel >= 0:2.6
prelink - 0.3.5-2.s390x requires kernel >= 0:2.4.10
Broken deps for x86_64
----------------------------------------------------------
systemtap - 0.3-2.x86_64 requires libdw.so.1(ELFUTILS_0.114)(64bit)
valgrind-callgrind - 0.9.11-1.i386 requires valgrind = 1:2.4.0
lvm2-cluster - 2.01.09-5.0.x86_64 requires libgulm.so.1.0()(64bit)
Broken deps for ppc64
----------------------------------------------------------
evolution-data-server - 1.0.4-3.ppc64 requires libgnutls.so.11()(64bit)
evolution-data-server - 1.0.4-3.ppc64 requires libsoup-2.2.so.7()(64bit)
system-config-keyboard - 1.2.6-2.noarch requires pyxf86config
evolution-webcal - 1.0.10-1.ppc64 requires libsoup-2.2.so.7()(64bit)
lvm2-cluster - 2.01.09-5.0.ppc64 requires libgulm.so.1.0()(64bit)
firstboot - 1.3.45-1.noarch requires system-config-display
system-config-mouse - 1.2.11-1.noarch requires pyxf86config
ppc64-utils - 0.7-9.ppc64 requires yaboot
Broken deps for s390
----------------------------------------------------------
prelink - 0.3.5-2.s390 requires kernel >= 0:2.4.10
initscripts - 8.12-3.s390 requires kernel >= 0:2.6.12
lvm2 - 2.01.14-1.0.s390 requires kernel >= 0:2.6
18 years, 7 months
First boot problem from rawhide
by Luya Tshimbalanga
In addition to dual boot with Windows XP and Fedora Core 4,
I have succesfully installed rawhide version using network
installation via FC4 Disk1.
The problem occurs when I start to boot rawhide and it
stucks on swap like:
INIT 5: Id1: swapped to fast. disabled for 5 minutes. n
Has anyone faced a similar issue?
--
_______________________________________________
Get your free email from http://mymail.jp.popstarmail.org
18 years, 7 months
Dependency problem in the yum update FC3->FC4 chain
by Michael Wiktowy
Greetings all,
I recently did a yum upgrade from FC3->FC4 (FC4 gets rid of a ton of
little annoyances that I had in FC3, BTW! Good work!)
I know that this is not an "officially supported" upgrade path but it is
a good way to test the integrity of dependencies and it did work ...
eventually.
I tried to be smart about it and update just yum first after installing
the fedora-release with a "yum update yum" (which consequently brings in
all the new yum dependencies and the packages that rely on those, &c,
&c.) This made sense to me since a new updater should handle the rest of
the upgrade better than the old one ... or so I thought. Apparently I
was too smart for my own good.
Due to a dependency problem, a new libxml2 didn't get pulled in, a
required python module didn't get loaded and yum wouldn't run anymore.
It wasn't until that moment that I realized how much I had grown to
depend on yum's excellent dependency resolution. It is kind of a PITA to
track down what I needed manually. But I did (with the help of google
and a previous bugzilla entry guiding me to run the yummain python
script directly to get the debug info directly rather than it getting
gobbled up in the wrapper. Forcing the new libxml2 in did the trick and
a simple "yum upgrade" did the trick after that.
Ironically enough, had I just left well enough alone and did a simple
"yum update" to get everything at once, everything would have worked out
fine.
All of that to ask the following ...
Is it worth it for me to track down the exact place where this
dependency problem occurs and give details in a bugzilla report? Or is
it going to be met with a "This method of upgrading is not supported ...
use anaconda next time, you crazy git! ->RESOLVED(Luser error)"? Is {the
ability to cleanly yum between releases} and {the yum upgrade path be
"officially supported"} future goals for the Fedora Project?
/Mike
18 years, 7 months
crazy hackers and logwatch
by Justin Conover
Is it stupid when someone is trying to get on your box, leaves the ip
and has a website on that ip ;-)
sshd:
Authentication Failures:
root (200.89.15.72): 59 Time(s)
unknown (200.89.15.72): 42 Time(s)
adm (200.89.15.72): 2 Time(s)
apache (200.89.15.72): 1 Time(s)
mysql (200.89.15.72): 1 Time(s)
nobody (200.89.15.72): 1 Time(s)
operator (200.89.15.72): 1 Time(s)
18 years, 7 months
rawhide report: 20050905 changes
by Build System
Updated Packages:
authconfig-5.0.1-1
------------------
* Mon Sep 05 2005 Tomas Mraz <tmraz(a)redhat.com> - 5.0.1-1
- fixed a few errors catched by pychecker
htdig-3:3.2.0b6-6
-----------------
* Mon Sep 05 2005 Phil Knirsch <pknirsch(a)redhat.com> 3:3.2.0b6-6
- Fixed missing $opts in rundig command (#130528)
kernel-2.6.13-1.1536_FC5
------------------------
libxml2-2.6.21-2
----------------
* Sun Sep 04 2005 Daniel Veillard <veillard(a)redhat.com>
- upstream release 2.6.21 see http://xmlsoft.org/news.html
* Thu Jan 02 2003 Daniel Veillard <veillard(a)redhat.com>
- integrated drv_libxml2 xml.sax driver from Stéphane Bidoul
- provides the new XmlTextReader interfaces based on C# XML APIs
* Wed Oct 23 2002 Daniel Veillard <veillard(a)redhat.com>
- revamped the spec file, cleaned up some rpm building problems
libxslt-1.1.15-1
----------------
* Mon Sep 05 2005 Daniel Veillard <veillard(a)redhat.com>
- upstream release 1.1.15 see http://xmlsoft.org/XSLT/news.html
* Sun Nov 02 2003 Daniel Veillard <veillard(a)redhat.com>
- cleanup, removal of the deprecated breakpoint library and
automated libxml2 dependancy level in the generated spec file.
* Wed Oct 23 2002 Daniel Veillard <veillard(a)redhat.com>
- revamped the spec file, cleaned up some rpm building problems
poppler-0.4.2-1
---------------
* Sun Sep 04 2005 Kristian HÞgsberg <krh(a)redhat.com> - 0.4.2-1
- Update to 0.4.2 and disable splash backend so we don't build it.
Broken deps for i386
----------------------------------------------------------
valgrind-callgrind - 0.9.11-1.i386 requires valgrind = 1:2.4.0
lvm2-cluster - 2.01.09-5.0.i386 requires libgulm.so.1.0
Broken deps for s390
----------------------------------------------------------
initscripts - 8.12-3.s390 requires kernel >= 0:2.6.12
prelink - 0.3.5-2.s390 requires kernel >= 0:2.4.10
lvm2 - 2.01.14-1.0.s390 requires kernel >= 0:2.6
Broken deps for x86_64
----------------------------------------------------------
lvm2-cluster - 2.01.09-5.0.x86_64 requires libgulm.so.1.0()(64bit)
valgrind-callgrind - 0.9.11-1.i386 requires valgrind = 1:2.4.0
Broken deps for ppc
----------------------------------------------------------
lvm2-cluster - 2.01.09-5.0.ppc requires libgulm.so.1.0
Broken deps for ppc64
----------------------------------------------------------
system-config-mouse - 1.2.11-1.noarch requires pyxf86config
evolution-data-server - 1.0.4-3.ppc64 requires libgnutls.so.11()(64bit)
evolution-data-server - 1.0.4-3.ppc64 requires libsoup-2.2.so.7()(64bit)
ppc64-utils - 0.7-9.ppc64 requires yaboot
system-config-keyboard - 1.2.6-2.noarch requires pyxf86config
lvm2-cluster - 2.01.09-5.0.ppc64 requires libgulm.so.1.0()(64bit)
evolution-webcal - 1.0.10-1.ppc64 requires libsoup-2.2.so.7()(64bit)
firstboot - 1.3.45-1.noarch requires system-config-display
18 years, 7 months
kernel 1532 fails
by glenn
Kernel 2.6.13-1.1532_FC5 fails to boot on my AMD 2000+.
The system tries to change to runlevel 5 and then gets the complaint
ID 1 respawn too fast
ID 2 respawn too fast
:
ID 6 respawn too fast
No more processes to spawn
and then hangs at that level. Version 1530 does not have this issue.
Glenn
18 years, 7 months
[SECURITY] Fedora Core 4 Test Update: httpd-2.0.54-10.2
by Joe Orton
---------------------------------------------------------------------
Fedora Test Update Notification
FEDORA-2005-849
2005-09-06
---------------------------------------------------------------------
Product : Fedora Core 4
Name : httpd
Version : 2.0.54
Release : 10.2
Summary : Apache HTTP Server
Description :
The Apache HTTP Server is a powerful, full-featured, efficient, and
freely-available Web server. The Apache HTTP Server is also the
most popular Web server on the Internet.
---------------------------------------------------------------------
Update Information:
This update includes two security fixes. An issue was
discovered in mod_ssl where "SSLVerifyClient require" would
not be honoured in location context if the virtual host had
"SSLVerifyClient optional" configured (CAN-2005-2700). An
issue was discovered in memory consumption of the byterange
filter for dynamic resources such as PHP or CGI script
(CAN-2005-2728).
---------------------------------------------------------------------
* Fri Sep 2 2005 Joe Orton <jorton(a)redhat.com> 2.0.54-10.2
- mod_ssl: add security fix for SSLVerifyClient (#167196, CVE CAN-2005-2700)
- add security fix for byterange filter DoS (#167104, CVE CAN-2005-2728)
- add fix for dummy connection handling (#167425)
- mod_ldap/mod_auth_ldap: add fixes from 2.0.x branch (upstream #34209 etc)
- mod_ssl: add fix for handling non-blocking reads
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/testing/4/
88c9dc7a948a62cea2ffb13277910a01 SRPMS/httpd-2.0.54-10.2.src.rpm
478988ab42a03029c8699c291fa1009d ppc/httpd-2.0.54-10.2.ppc.rpm
306609575dd281ae33dd27da4691a08b ppc/httpd-devel-2.0.54-10.2.ppc.rpm
c742ad0767f3364b4e396ceed05a7b19 ppc/httpd-manual-2.0.54-10.2.ppc.rpm
c1d1e573fa195b0c2eda8101839b6182 ppc/mod_ssl-2.0.54-10.2.ppc.rpm
6bd85e61482f620a29f3667594486047 ppc/debug/httpd-debuginfo-2.0.54-10.2.ppc.rpm
d3f930f3c97aa01bd770f8720b3b178b x86_64/httpd-2.0.54-10.2.x86_64.rpm
703c9f70e8f3613f7bc1c0c6ce082c82 x86_64/httpd-devel-2.0.54-10.2.x86_64.rpm
09cee26eb56dda9027c6e55fac27db4b x86_64/httpd-manual-2.0.54-10.2.x86_64.rpm
30f6ab1c98f37834d4c4013884edc1e7 x86_64/mod_ssl-2.0.54-10.2.x86_64.rpm
d0feb8092ec5074e607536d892598d49 x86_64/debug/httpd-debuginfo-2.0.54-10.2.x86_64.rpm
25ec9c57a593ca361c7242d95b69b951 i386/httpd-2.0.54-10.2.i386.rpm
523575a926b3d6d94b62f82529c1a711 i386/httpd-devel-2.0.54-10.2.i386.rpm
c9a91011459628b797bcad0baff99bf1 i386/httpd-manual-2.0.54-10.2.i386.rpm
829ca7551f4395544a98a486387cf594 i386/mod_ssl-2.0.54-10.2.i386.rpm
5da6482d85a80644b94434080cc9d22c i386/debug/httpd-debuginfo-2.0.54-10.2.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command. You may
need to edit your up2date channels configuration. Within
/etc/sysconfig/rhn/sources enable the following line:
yum updates-testing http://download.fedora.redhat.com/pub/fedora/linux/core/updates/testing/4...
---------------------------------------------------------------------
18 years, 7 months