The following builds have been pushed to Fedora 8 updates-testing
gyachi-1.1.60-1.fc8
libcdaudio-0.99.12p2-11.fc8
lighttpd-1.4.20-6.fc8
p7zip-4.61-1.fc8
selinux-policy-3.0.8-128.fc8
ssmtp-2.61-11.8.fc8
yum-cron-0.8.3-1.fc8
Details about builds:
================================================================================
gyachi-1.1.60-1.fc8 (FEDORA-2008-11840)
A Yahoo! chat client with Webcam and voice support
--------------------------------------------------------------------------------
Update Information:
update from upstream. Fix spec file Obsoletes incorporate upstream
fixes/enhancements.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 22 2008 Gregory D Hosler <ghosler(a)users.sourceforge.net> - 1.1.60.1
- Fixed plugin obsoletes.
- Fixed wrong obsoletes names for xmms and photo album plugin
- Fixed rpmlint noise for changelog and removed mix of space and tabs on SRPM
* Fri Nov 28 2008 Gregory D Hosler <ghosler(a)users.sourceforge.net> - 1.1.59.6
- Added Obsoletes for previous versions of modules no longer being built.
--------------------------------------------------------------------------------
================================================================================
libcdaudio-0.99.12p2-11.fc8 (FEDORA-2008-11841)
Control operation of a CD-ROM when playing audio CDs
--------------------------------------------------------------------------------
Update Information:
This update fixes a potential buffer overflow caused by large amount of CDDB
replies (CVE-2005-0706).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #470552 - CVE-2005-0706 grip,libcdaudio: buffer overflow caused by large
amount of CDDB replies
https://bugzilla.redhat.com/show_bug.cgi?id=470552
--------------------------------------------------------------------------------
================================================================================
lighttpd-1.4.20-6.fc8 (FEDORA-2008-11831)
Lightning fast webserver with light system requirements
--------------------------------------------------------------------------------
Update Information:
This update fixes some moderate security issues and includes a few enhancements.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 24 2008 Matthias Saou <
http://freshrpms.net/> 1.4.20-6
- Partially revert last change by creating a "spawn-fastcgi" symlink, so that
nothing breaks currently (especially for EL).
- Install empty poweredby image on RHEL since the symlink's target is missing.
- Split spawn-fcgi off in its own sub-package, have fastcgi package require it
to provide backwards compatibility.
* Mon Dec 22 2008 Matthias Saou <
http://freshrpms.net/> 1.4.20-3
- Rename spawn-fastcgi to lighttpd-spawn-fastcgi to avoid clash with other
packages providing it for their own needs (#472749). It's not used as-is
by lighttpd, so it shouldn't be a problem... at worst, some custom scripts
will need to be updated.
* Mon Dec 22 2008 Matthias Saou <
http://freshrpms.net/> 1.4.20-2
- Include conf.d/*.conf configuration snippets (#444953).
- Mark the default index.html in order to not loose changes upon upgrade if it
was edited or replaced with a different file (#438564).
- Include patch to add the INIT INFO block to the init script (#246973).
* Mon Oct 13 2008 Matthias Saou <
http://freshrpms.net/> 1.4.20-1
- Update to 1.4.20 final.
* Mon Sep 22 2008 Matthias Saou <
http://freshrpms.net/> 1.4.20-0.1.r2303
- Update to 1.4.20 r2303 pre-release.
* Mon Sep 22 2008 Matthias Saou <
http://freshrpms.net/> 1.4.19-5
- Include memory leak patch (changeset #2305 from ticket #1774).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #465751 - CVE-2008-4359 lighttpd: bypass of rewrite/redirect rules using
encoded urls
https://bugzilla.redhat.com/show_bug.cgi?id=465751
[ 2 ] Bug #464637 - CVE-2008-4298 lighttpd: memory leak http_request_parse() in
request.c
https://bugzilla.redhat.com/show_bug.cgi?id=464637
[ 3 ] Bug #465752 - CVE-2008-4360 lighttpd: mod_userdir information disclosure on
case-insensitve filesystems
https://bugzilla.redhat.com/show_bug.cgi?id=465752
--------------------------------------------------------------------------------
================================================================================
p7zip-4.61-1.fc8 (FEDORA-2008-11891)
Very high compression ratio file archiver
--------------------------------------------------------------------------------
Update Information:
This update addresses some moderate archiver flaws discovered in p7zip versions
earlier than 4.57.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 23 2008 Matthias Saou <
http://freshrpms.net/> 4.61-1
- Update to 4.61.
- Update norar patch.
- Use asm for x86 too (nasm).
* Wed Jun 18 2008 Matthias Saou <
http://freshrpms.net/> 4.58-1
- Update to 4.58.
- Update norar patch.
- Update install patch.
* Tue Feb 19 2008 Fedora Release Engineering <rel-eng(a)fedoraproject.org>
- Autorebuild for GCC 4.3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #438410 - p7zip: Archive Formats Issues
https://bugzilla.redhat.com/show_bug.cgi?id=438410
--------------------------------------------------------------------------------
================================================================================
selinux-policy-3.0.8-128.fc8 (FEDORA-2008-11865)
SELinux policy configuration
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 9 2008 Dan Walsh <dwalsh(a)redhat.com> 3.0.8-128
- Allow NetworkManager to read polkit lib files
--------------------------------------------------------------------------------
================================================================================
ssmtp-2.61-11.8.fc8 (FEDORA-2008-11851)
Extremely simple MTA to get mail off the system to a Mailhub
--------------------------------------------------------------------------------
Update Information:
- integrate patch adding support for aliases; initial version received from Tako
Schotanus - README and the man page now reflect that aliases are expanded and
used This is the last officially supported update for F-8. Further support
will only be visible in CVS and/or via my
fedorapeople.org homepage.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 26 2008 Manuel "lonely wolf" Wolfshant
<wolfy(a)nobugconsulting.ro> 2.61-11.8
- integrate patch adding support for aliases; initial version received from Tako
Schotanus <tako(a)codejive.org>, who adapted it from "eatnumber1"
- README and the man page now reflect that aliases are expanded and used
--------------------------------------------------------------------------------
================================================================================
yum-cron-0.8.3-1.fc8 (FEDORA-2008-11890)
Files needed to run yum updates as a cron job
--------------------------------------------------------------------------------
Update Information:
- Change writes to YUMTMP to be appends to work around selinux policy oddness in
bug 431588 - this requires the added policycoreutils dependancy
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 14 2008 Alec Habig <ahabig(a)umn.edu> - 0.8.3-1
- Change writes to YUMTMP to be appends to work around selinux policy
oddness in bug 431588
- this requires the added policycoreutils dependancy
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #431588 - selinux denial messages from yum-cron updates
https://bugzilla.redhat.com/show_bug.cgi?id=431588
--------------------------------------------------------------------------------