From cebbert at redhat.com Tue May 1 16:21:51 2007 From: cebbert at redhat.com (Chuck Ebbert) Date: Tue, 1 May 2007 12:21:51 -0400 Subject: [SECURITY] Fedora Core 6 Update: kernel-2.6.20-1.2948.fc6 Message-ID: <200705011621.l41GLp61016590@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-482 2007-05-01 --------------------------------------------------------------------- Product : Fedora Core 6 Name : kernel Version : 2.6.20 Release : 1.2948.fc6 Summary : The Linux kernel (the core of the Linux operating system) Description : The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. --------------------------------------------------------------------- Update Information: Linux kernel 2.6.20.7 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.7 Previous kernel had most of this update already applied. Linux kernel 2.6.20.8 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.8 Fixes CVE-2007-1861 Linux kernel 2.6.20.9 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.9 Fixes CVE-2007-2242 Linux kernel 2.6.20.10 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.10 Fixes two bugs introduced by the two previous updates. CVE-2007-1861: The netlink protocol has an infinite recursion bug that allows users to cause a kernel crash. CVE-2007-2242: The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers (IPV6_RTHDR_TYPE_0) that create network amplification between two routers. --------------------------------------------------------------------- * Fri Apr 27 2007 Chuck Ebbert 1.2948 - 2.6.20.10 (from mailing list) * Thu Apr 26 2007 Chuck Ebbert 1.2947 - 2.6.20.8 (official) - 2.6.20.9 * Wed Apr 25 2007 Chuck Ebbert 1.2946 - 2.6.20.8 Patch taken from mailing list, not available elsewhere. * Tue Apr 17 2007 Chuck Ebbert 1.2945 - 2.6.20.7 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ 2c313004a95279288302ae50d9edef7bc4f8f4c1 SRPMS/kernel-2.6.20-1.2948.fc6.src.rpm 2c313004a95279288302ae50d9edef7bc4f8f4c1 noarch/kernel-2.6.20-1.2948.fc6.src.rpm 1092530ec19eaedbf88148c4766626ae461ed4d2 ppc/kernel-2.6.20-1.2948.fc6.ppc.rpm 40c7413985a5acc13cd35e918c4c91874f2b3688 ppc/debug/kernel-debuginfo-2.6.20-1.2948.fc6.ppc.rpm bceff13b72b8af0c443edaaefcb3fcb11a5cefb1 ppc/kernel-smp-2.6.20-1.2948.fc6.ppc.rpm da2ed8724dd5cd55655019ddbe24b20d08778ee7 ppc/kernel-headers-2.6.20-1.2948.fc6.ppc.rpm 34b12492ce4580a69c92c276d79fc3d1b6d20822 ppc/debug/kernel-debuginfo-common-2.6.20-1.2948.fc6.ppc.rpm 435ff251353c4757bcbbe97f7b980ad8905f2d8a ppc/kernel-smp-devel-2.6.20-1.2948.fc6.ppc.rpm afde0bf2b099546b9a497aa536bb86be00b91aca ppc/debug/kernel-smp-debuginfo-2.6.20-1.2948.fc6.ppc.rpm 2acaf6f6658b4d4b48fcc4f7a67ca2ca34fc494f ppc/kernel-devel-2.6.20-1.2948.fc6.ppc.rpm fbc27a9ad709b93ad37a3c85ddc2377e04906fb5 ppc/kernel-doc-2.6.20-1.2948.fc6.noarch.rpm 38cf76c6adb2620e237b92e8512c78ccaae130a4 x86_64/debug/kernel-debug-debuginfo-2.6.20-1.2948.fc6.x86_64.rpm cc1d2f7f3e519fd0fabb3c143a382badec1fd5aa x86_64/kernel-kdump-devel-2.6.20-1.2948.fc6.x86_64.rpm 21e0024bb08c429c1717e008e7390bd982813f84 x86_64/kernel-debug-2.6.20-1.2948.fc6.x86_64.rpm 7f6fdb279febb073d66697dfbbfa7d0cd46407dc x86_64/kernel-xen-devel-2.6.20-1.2948.fc6.x86_64.rpm 98ff650b393af47ad3623dce296c4124035ca203 x86_64/debug/kernel-debuginfo-2.6.20-1.2948.fc6.x86_64.rpm 47dfe0bb5050e17b9c6d2b7c3d7b9e21ec1f41d5 x86_64/kernel-kdump-2.6.20-1.2948.fc6.x86_64.rpm 14af63a263e8a736514fa945bfb21cca7a167602 x86_64/kernel-devel-2.6.20-1.2948.fc6.x86_64.rpm ae5272b7f99084fcfcc648dfe8f39fdcd1c66e6a x86_64/kernel-headers-2.6.20-1.2948.fc6.x86_64.rpm a6663f7b7fe404a5cc7989dc638784f41b04df12 x86_64/debug/kernel-xen-debuginfo-2.6.20-1.2948.fc6.x86_64.rpm 8825f3d0fe5c8dbfa6400f3bcea82b0f4190d98b x86_64/debug/kernel-debuginfo-common-2.6.20-1.2948.fc6.x86_64.rpm b09cfbb9e2523960a49033e482fde9e7a3460039 x86_64/kernel-xen-2.6.20-1.2948.fc6.x86_64.rpm 30cea7f04e316599bf28db6bfc01c4dc847daf77 x86_64/kernel-debug-devel-2.6.20-1.2948.fc6.x86_64.rpm 4a4c94bdd6590a71c4228a6b298889ddb268900c x86_64/kernel-2.6.20-1.2948.fc6.x86_64.rpm ac3061d9518237af28c73cdc6f606fd22e2ae361 x86_64/debug/kernel-kdump-debuginfo-2.6.20-1.2948.fc6.x86_64.rpm fbc27a9ad709b93ad37a3c85ddc2377e04906fb5 x86_64/kernel-doc-2.6.20-1.2948.fc6.noarch.rpm e671bf57cd4c654121cb4e79a4f634d9123dd82a i386/kernel-headers-2.6.20-1.2948.fc6.i386.rpm 116dfe99253927d4923a4554402416544d96dac5 i386/debug/kernel-debuginfo-2.6.20-1.2948.fc6.i586.rpm 97037b6e364ab40e9b722eecd66383c24808f103 i386/debug/kernel-debuginfo-common-2.6.20-1.2948.fc6.i586.rpm bda5bf81c2a912d05f2f40bac633ab27987acfe7 i386/kernel-devel-2.6.20-1.2948.fc6.i586.rpm ee459232f4a3b6f6e32bbbca5bfbcd33ab7e4a01 i386/kernel-2.6.20-1.2948.fc6.i586.rpm 0285bb1eefb44431eae28cfda5f91ab77aa2d1c1 i386/kernel-xen-devel-2.6.20-1.2948.fc6.i686.rpm c6f35a973a2d98f6ddc222b3ecfea81bfc4b0b80 i386/kernel-PAE-debug-2.6.20-1.2948.fc6.i686.rpm 946c407ad7a4f376cacc060a73520212474c50f8 i386/kernel-kdump-devel-2.6.20-1.2948.fc6.i686.rpm 787111528dd5ba1ffcebb6e614682b652dbcccf8 i386/debug/kernel-debuginfo-2.6.20-1.2948.fc6.i686.rpm 7a62100b3a673a9707cb6c9fc599da0ffd68511c i386/debug/kernel-PAE-debug-debuginfo-2.6.20-1.2948.fc6.i686.rpm 9906efe64769981c6de95656e7b893dbfe5a22da i386/debug/kernel-debuginfo-common-2.6.20-1.2948.fc6.i686.rpm b31dc44e24c7fdd50c1ccaf82c893697199b4fae i386/debug/kernel-debug-debuginfo-2.6.20-1.2948.fc6.i686.rpm 2df6c5bcf7a9f13e634a61b57ff046b7ed8b7b45 i386/kernel-kdump-2.6.20-1.2948.fc6.i686.rpm 6c1a0c326217b10bfbf580b8cde5b7f0a6b751cc i386/kernel-debug-devel-2.6.20-1.2948.fc6.i686.rpm 952e2426afe2f78e213981ff37d5dba2bf36f826 i386/kernel-PAE-2.6.20-1.2948.fc6.i686.rpm 68cbc78649e1cf3cb4537d07d26234e57f79eccd i386/debug/kernel-xen-debuginfo-2.6.20-1.2948.fc6.i686.rpm 63e77712383b5d082296b5b823c645f3d0961b59 i386/kernel-PAE-devel-2.6.20-1.2948.fc6.i686.rpm 3fff68facae5a5ba1e10715cc9c0106f761d983e i386/kernel-devel-2.6.20-1.2948.fc6.i686.rpm 87a1c37c12d86f9c1ce2b878671d098ec59f8b84 i386/kernel-2.6.20-1.2948.fc6.i686.rpm 409c9674de340e6ae1525c786e53fc83c68237e1 i386/debug/kernel-PAE-debuginfo-2.6.20-1.2948.fc6.i686.rpm 7ad652efa98573d12da256c996f8056cd4c7057f i386/debug/kernel-kdump-debuginfo-2.6.20-1.2948.fc6.i686.rpm 021d4b336ecb30a25fc1463c2df45729b3fa2815 i386/kernel-debug-2.6.20-1.2948.fc6.i686.rpm 8ca0d5f7cb375925ed8236f0f02e642745fc3b9b i386/kernel-PAE-debug-devel-2.6.20-1.2948.fc6.i686.rpm 422b868a55b6a23a4f52df5a92d14af983793712 i386/kernel-xen-2.6.20-1.2948.fc6.i686.rpm fbc27a9ad709b93ad37a3c85ddc2377e04906fb5 i386/kernel-doc-2.6.20-1.2948.fc6.noarch.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From cebbert at redhat.com Tue May 1 16:32:15 2007 From: cebbert at redhat.com (Chuck Ebbert) Date: Tue, 1 May 2007 12:32:15 -0400 Subject: [SECURITY] Fedora Core 5 Update: kernel-2.6.20-1.2316.fc5 Message-ID: <200705011632.l41GWFud021356@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-483 2007-05-01 --------------------------------------------------------------------- Product : Fedora Core 5 Name : kernel Version : 2.6.20 Release : 1.2316.fc5 Summary : The Linux kernel (the core of the Linux operating system) Description : The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. --------------------------------------------------------------------- Update Information: Linux kernel 2.6.20.7 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.7 Previous kernel had most of this update already applied. Linux kernel 2.6.20.8 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.8 Fixes CVE-2007-1861 Linux kernel 2.6.20.9 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.9 Fixes CVE-2007-2242 Linux kernel 2.6.20.10 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.10 Fixes two bugs introduced by the two previous updates. CVE-2007-1861: The netlink protocol has an infinite recursion bug that allows users to cause a kernel crash. CVE-2007-2242: The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers (IPV6_RTHDR_TYPE_0) that create network amplification between two routers. --------------------------------------------------------------------- * Fri Apr 27 2007 Chuck Ebbert 1.2316 - 2.6.20.10 (from mailing list) * Thu Apr 26 2007 Chuck Ebbert 1.2315 - 2.6.20.8 (official) - 2.6.20.9 * Wed Apr 25 2007 Chuck Ebbert 1.2314 - 2.6.20.8 Patch taken from mailing list, not available elsewhere. * Tue Apr 17 2007 Chuck Ebbert 1.2313 - 2.6.20.7 * Tue Apr 10 2007 Chuck Ebbert 1.2312 - 2.6.20.5 - 2.6.20.6 - GFS2 update (1414) - additional bugfixes (1806-1813) * Wed Apr 4 2007 Chuck Ebbert 1.2311 - 2.6.20.5-rc1 plus two fixes for broken -rc1 patches. - additional post 2.6.20.5 patches (1800-1805) * Wed Apr 4 2007 Markus Armbruster - Xen kernel profiling fix is broken, back it out. * Tue Apr 3 2007 Chuck Ebbert 1.2309 - 2.6.20.4 final. - Add Marvell PATA driver. - 1782: Disable PCI MSI and MMCONFIG by default, add options to enable them. - 1413: GFS2 update. * Tue Apr 3 2007 Markus Armbruster - Add PACKET_AUXDATA cmsg (Herbert Xu ) - Xen kernel: >4G guest fix (Steven Rostedt ) fix nosegneg detection (Rik van Riel ) Use swiotlb mask for coherent mappings too (Herbert Xu ) Fix potential grant entry leaks on error (Herbert Xu ) Fix agp on x86_64 under Xen (Stephen C. Tweedie ) netback: Reenable TX queueing and drop pkts after timeout (Herbert Xu ) make ballooning work right (Rik van Riel ) Fix xen swiotlb for b44 module (Stephen C. Tweedie ) Copy shared data before verification (Herbert Xu ) Properly close block frontend on non-existant file (Glauber de Oliveira Costa ) blkback: Fix potential grant entry leaks on error (Rik van Riel ) blkback: Copy shared data before verification (Rik van Riel) netback: Fix wrap to zero in transmit credit scheduler. (Herbert Xu ) fix 2TB overflow in virtual disk driver (Rik van Riel ) blkback: Fix first_sect check. (Rik van Riel ) make netfront device permanent (Glauber de Oliveira Costa ) fix iSCSI root oops on x86_64 xen domU (Rik van Riel ) Avoid touching the watchdog when gone for too long (Glauber de Oliveira Costa ) fix profiling (Rik van Riel ) privcmd: Range-check hypercall index. (Herbert Xu ) Fix spinlock bad magic when removing xennet device (Chris Lalancette ) - Xen hypervisor: Enable Xen booting on machines with > 64G (Chris Lalancette ) fix TLB flushing in shadow pagetable mode (Rik van Riel ) quick fix for Cannot allocate memory (Steven Rostedt ) Register PIT handlers to the correct domain (Herbert Xu ) Replace inappropriate domain_crash_synchronous use (Herbert Xu ) Make HVM hypercall table NR_hypercalls entries big. (Herbert Xu ) >4G guest fix (Steven Rostedt ) emulate PIT channels for vbios support (Stephen C. Tweedie ) Race condition concerning VLAPIC interrupts (Bhavana Nagendra ) emulation for accesses faulting on a page boundary (Stephen C. Tweedie ) oprofile on Intel CORE (Glauber de Oliveira Costa ) make ballooning work right (xen part) (Rik van Riel ) HVM crashes on IA32e SMP (Glauber de Oliveira Costa ) Fix for SMP Xen guest slow boot issue on AMD systems (Bhavana Nagendra ) Fix xen swiotlb for b44 module (xen part) (Stephen C. Tweedie ) upstream patches to make Windows Vista work (Steven Rostedt) AMD-V HVM fix for Windows hibernate (Bhavana Nagendra ) fix vcpu hotplug statistics (Rik van Riel ) xen pae >4GB patch (Don Zickus) AMD-V HVM windows guest boot menu timer issue (Steven Rostedt) * Sun Mar 18 2007 Chuck Ebbert - fixed typo in Xen patch - 2.6.20.4 queue (24 patches) - removed (now in 20.4 queue): 1806: linux-2.6-20_hrtimer_prevent_dos.patch 1807: linux-2.6-20_nfs_getattr_check_isreg.patch 1808: linux-2.6-20_pi_futex_state_locking.patch 1794: linux-2.6-20_ia64_chip_mask.patch (Prarit) * Fri Mar 16 2007 Dave Jones - Add driver for USB EHCI debug cables. * Fri Mar 16 2007 Chuck Ebbert - new version of patch for BZ #232600: 2200: linux-2.6-sata-promise-pata-ports.patch - added: 1800: linux-2.6-20.4-adjust-legacy-ide-resource-setting.patch 1801: linux-2.6-20.4-fix-another-null-deref-in-ipv6.patch 1802: linux-2.6-20.4-fix-rtm_to_ifaddr-error-return.patch 1803: linux-2.6-20.4-netlabel-cipso_std_bug.patch 1804: linux-2.6-20.4-nfnetlink_log-refcounting.patch 1805: linux-2.6-20.4-SCSI-gdth-fix-oops.patch 1806: linux-2.6-20_hrtimer_prevent_dos.patch 1807: linux-2.6-20_nfs_getattr_check_isreg.patch 1808: linux-2.6-20_pi_futex_state_locking.patch * Thu Mar 15 2007 Chuck Ebbert - Added: 206: linux-2.6-20_x86_64_xapic_8_bit_dest.patch * Wed Mar 14 2007 Juan Quintela - make brew happy with new changeset. * Wed Mar 14 2007 Juan Quintela - Enable xen again & update all the xen patches to 2.6.20.2. * Tue Mar 13 2007 Chuck Ebbert - 2.6.20.3 - added 205: linux-2.6-x86_64_edac_update.patch * Sun Mar 11 2007 Chuck Ebbert - 2.6.20.2 - 2.6.20.3-rc1 - removed (now in -stable): 1787: linux-2.6-net_bcm43xx_1GB_DMA_fix.patch 1792: linux-2.6-cardman_buffer_overflow.patch (CVE-2007-0005) 1793: linux-2.6-nf_conntrack_fix_cleanup.patch 1794: linux-2.6-x86_64_survive_no_irq_for_vector.patch - updated linux-2.6-gfs2-update.patch (Steve Whitehouse) - added 1792: linux-2.6-20_git-serio-keyboard.patch 1794: linux-2.6-20_ia64_chip_mask.patch (Prarit) * Wed Mar 7 2007 Chuck Ebbert - 2.6.20.2-rc1 - Additional fixes: 1787: linux-2.6-net_bcm43xx_1GB_DMA_fix.patch 1790: linux-2.6-jfs_fix_deadlock.patch 1791: linux-2.6-git-serio-1e4865f8d469b1.patch 1792: linux-2.6-cardman_buffer_overflow.patch (CVE-2007-0005) 1793: linux-2.6-nf_conntrack_fix_cleanup.patch 1794: linux-2.6-x86_64_survive_no_irq_for_vector.patch * Thu Feb 22 2007 Dave Jones - Drop verbose BUG() debug patch * Tue Feb 20 2007 Dave Jones - restore START_ARRAY ioctl. * Tue Feb 20 2007 Chuck Ebbert - Add patch 2.6.20.1 (CVE-2007-0772) - Bugfixes (including those from Feb 18) (NOTE: These may have been reported on FC6) two patches for "No handler for vector" (BZ #225399) usbnet oops (BZ #228231) hda_intel no sound with si3054 codec (BZ #228879) two iee1394 fixes swiotlb bugfix two raid5/raid6 bugfixes jfs deadlock fix net xfrm audit log oops fix Bcm43xx 30-bit DMA fix (BZ #213556) disable MSI in the forcedeth driver * Sun Feb 18 2007 Chuck Ebbert - add 2.6.20 fixes * Thu Feb 15 2007 Chuck Ebbert - rebase to linux kernel 2.6.20 * Sat Feb 10 2007 Chuck Ebbert - add missing "provides" for debug-devel packages - clean up some other "provides" things - add fixes for RHBZ#211672 (CIFS) and RHBZ#227802 (8139too) * Wed Feb 7 2007 Chuck Ebbert - add missing debug-devel and smp-debug-devel sections * Wed Feb 7 2007 Chuck Ebbert - fix up x86_64 Xen build * Tue Feb 6 2007 Chuck Ebbert - disable Tux - add another GFS2 update - add crypto key collision patch (CVE-2007-0006) * Mon Feb 5 2007 Dave Jones - Reenable Tux. * Mon Feb 5 2007 Chuck Ebbert - 2.6.19.3 - updated mirrors: refer to ftp2.kernel.org until kernel.org problems are fixed * Sun Feb 4 2007 Dave Jones - 2.6.19.3rc1 * Sat Feb 3 2007 Dave Jones - Disable kdump options in non-kdump kernels. * Thu Feb 1 2007 Chuck Ebbert - Added i586 optimized AES and Blowfish modules to the i686 config - Fixed .cvsignore * Wed Jan 31 2007 Markus Armbruster - The previous cset folded the Xen paravirt framebuffer patch into linux-2.6-xen.patch, and commented out the obsoleted patch files. Remove them. * Wed Jan 31 2007 Chuck Ebbert - Update to 2.6.19.2 * Tue Jan 30 2007 Markus Armbruster - Update Xen paravirt framebuffer patch to upstream xen-unstable changeset 13066, less changeset 12680, because that breaks with console=tty console=xvc. Also change default domU console back to /dev/xcv0. This changes the protocol to the one accepted upstream. - Add compatibility with guests running our initial protocol. - Update Xen console major/minor to lanana.org-assigned numbers. * Wed Dec 20 2006 Dave Jones - Update to 2.6.18.6 final (no changes since rc2) - Reenable squashfs (#220293) * Fri Dec 15 2006 Dave Jones - 2.6.18.6rc2 * Wed Dec 13 2006 Dave Jones - squashfs robustness fixes from Phillip Lougher. - lower max CPU count for x86-64 to 64 CPUs. * Thu Dec 7 2006 Juan Quintela - update xen to 2.6.18.5. - Fix bug 211986 on xen eventchn (Glaubert). * Tue Dec 5 2006 Dave Jones - 2.6.18.5 - Disable auto-apic patch, it needs more thought. - Enable sonypi driver for 586 kernels. (#218434) * Tue Nov 21 2006 Juan Quintela - Update xen to 2.6.18.3. * linux-2.6.18-xen changeset: 36186:053cdad40903 * xen-3.0.3-testing changeset: 11774:52ae8dd4bc75 * linux-2.6-xen-3.0.3 changeset: 22949:4281f5246814 * Mon Nov 20 2006 Dave Jones - 2.6.18.3 - Fix CIFS mount failure when domain not specified (#211753) - Avoid null pointer dereference in SATA Promise. (#199142) * Fri Nov 17 2006 Dave Jones - Fix up fallout from disabling utrace. * Fri Nov 17 2006 Juan Quintela - merge xen missing bits from FC6 kernel. * Thu Nov 16 2006 Dave Jones - Fix up error handling in HFS. (MOKB-14-11-2006) * Thu Nov 16 2006 Juan Quintela - Update xen HV to 3.0.3_0 (cset 11774). - Update xen kernel patch to 3.0.3_0: * linux-2.6.18-xen changeset: 36182:c6ef4b521aef * xen-3.0.3-testing changeset: 11774:52ae8dd4bc75 * linux-2.6-xen-3.0.3 changeset: 22949:4281f5246814 * Thu Nov 16 2006 Dave Jones - Fix squashfs corruption bug. (#211237) - Drop experimental utrace from FC5. * Fri Nov 10 2006 Juan Quintela - disable XEN_FRAMEBUFFER & XEN_KEYBOARD. * Fri Nov 10 2006 Dave Jones - Xen grant table operations security fix. - Disable W1 (#195825) * Thu Nov 9 2006 Dave Jones - Change HZ to 1000 for increased accuracy. (Except in Xen, where it stays at 250 for now). - TTY locking fixes. - splice : Must fully check for FIFO - Fix potential NULL dereference in sys_move_pages - ISO9660 __find_get_block_slow() denial of service CVE-2006-5757 - Fix up oops in cramfs when encountering corrupt images. - E1000 suspend/resume fixes. - Set CIFS preferred IO size. (#214607) * Mon Nov 6 2006 Roland McGrath - New utrace patch: fix locking snafu crash on second engine attach. * Sun Nov 5 2006 Dave Jones - Suspend/Resume fixes for forcedeth. (#187653) * Sat Nov 4 2006 Dave Jones - 2.6.18.2 * Thu Nov 2 2006 Dave Jones - Nuke broken lazy execshield xen patch. - Use heuristics to determine whether to enable lapic on i386. * Wed Nov 1 2006 Dave Jones - 2.6.18.2-rc1 * Tue Oct 31 2006 Dave Jones - Fix UFS mounts on x86-64 (#209921) - Fix problem where USB storage isn't seen on reboot. (#212191) * Sun Oct 29 2006 Dave Jones - More ext3 robustness fixes. - Include more verbose BUG() data - x86_64: Fix up C3 timer latency. * Sat Oct 21 2006 Dave Jones - Reenable NCPFS (#211325, #203663) - Netpoll fixes. (#199295) * Fri Oct 20 2006 Dave Jones - Fix autofs creating bad dentries in NFS mount. (#211206, #211207) - Fix softlockup with ips driver. (#196437) - Further exec-shield improvements. - Fix lockup with sky2 driver. (#202203) * Thu Oct 19 2006 Dave Jones - Export copy_4K_page for ppc64 (#211410) - Attempt to fix CIFS bug (#211070) * Wed Oct 18 2006 Dave Jones - Fix up aic7xxx SBLKCTL register handling (#211251) - Disable SECMARK by default. (#211115) - Disable some extra debugging stuff that crept in. - Remove broken VIA quirk that prevented booting on some EPIAs (#211298) * Tue Oct 17 2006 Dave Jones - Silence noisy boot-time messages. (#180606) - Workaround gcc bug with weak symbols (#191458) - Don't let speedstep-smi register on mobile Pentium4 (#204477) * Sat Oct 14 2006 Dave Jones - Fix jbd crash with 1KB block size filesystems. * Sat Oct 14 2006 Dave Jones [2.6.18-1.2200.fc5] - 2.6.18.1 * Tue Oct 10 2006 Dave Jones - DWARF2 unwinder fixes. - Various lockdep fixes. - Sync various other patches from the FC6 kernel. * Sun Oct 1 2006 Dave Jones - Drop the STICKY tag from acpi-cpufreq, it breaks suspend/resume. * Fri Sep 29 2006 Dave Jones - Execshield improvements. (Bart Oldeman) - Disable PM_DEBUG * Thu Sep 28 2006 Roland McGrath - utrace typo fix for x86-64 watchpoints (#207467) * Thu Sep 28 2006 Dave Jones - Fix ISAPNP messages on ppc32. (#207641) * Thu Sep 28 2006 Dave Jones - Another day, another round of lockdep fixes. - Align kernel data segment to page boundary. (#206863) * Thu Sep 28 2006 Steven Whitehouse - New GFS2 patch * Thu Sep 28 2006 Dave Jones - Fix "kernel BUG at fs/buffer.c:2789!" bug * Wed Sep 27 2006 Dave Jones - yet more lockdep fixes. - Fix a problem with XFS & the inode diet patches. - Fix rpc_pipefs umount oops - Enable alternative TCP congestion algorithms. * Tue Sep 26 2006 Dave Jones - Enable serverworks IDE driver for x86-64. - More lockdep fixes. * Mon Sep 25 2006 Jarod Wilson - Make kernel packages own initrd files * Mon Sep 25 2006 John W. Linville - Add periodic work fix for bcm43xx driver * Sat Sep 23 2006 Dave Jones - Disable dgrs driver. * Thu Sep 21 2006 Dave Jones - reiserfs: make sure all dentry refs are released before calling kill_block_super - Fix up some compile warnings * Thu Sep 21 2006 Juan Quintela - re-enable xen. - update xen: * linux-2.6 changeset: 34294:dc1d277d06e0 * linux-2.6-xen-fedora changeset: 36184:47c098fdce14 * xen-unstable changeset: 11540:9837ff37e354 - update xen HV to changeset: 11540:9837ff37e354 - xen HV printf rate limit (rostedt). * Wed Sep 20 2006 Dave Jones - 2.6.18 - i965 AGP suspend support. - AGP x8 fixes. * Tue Sep 19 2006 Juan Quintela - updated xen configs to sync with rawhide ones (don't be afraid, xen0/xenU still around). - xen update. * linux-2.6 changeset: 34228:ea3369ba1e2c * linux-2.6-xen-fedora changeset: 36109:eefcfd07d102 * linux-2.6-xen changeset: 22905:d8ae02f7df05 * xen-unstable changeset: 11460:1ece34466781ec55f41fd29d53f6dafd208ba2fa * Mon Sep 18 2006 Dave Jones - Bring back 586smp - Fix RTC lockdep bug. (Peter Zijlstra) * Mon Sep 18 2006 Juan Quintela - xen HV update (cset 11470:2b8dc69744e3). * Sun Sep 17 2006 Juan Quintela - xen update: * linux-2.6 changeset: 34228:ea3369ba1e2c * linux-2.6-xen-fedora changeset: 36107:47256dbb1583 * linux-2.6-xen changeset: 22905:d8ae02f7df05 * xen-unstable changeset: 11460:1ece34466781ec55f41fd29d53f6dafd208ba2fa * Sun Sep 17 2006 Dave Jones - Rebase to 2.6.18rc7-git2 * Mon Sep 11 2006 Dave Jones [2.6.17-1.2187_FC5] - Add quirk for Samsung mp3 player. (#198128) * Sun Sep 10 2006 Dave Jones - Fix up mismerge in USB storage driver. * Sat Sep 9 2006 Dave Jones - 2.6.17.13 * Fri Sep 8 2006 Dave Jones - 2.6.17.12 * Thu Aug 24 2006 Jarod Wilson - update to 2.6.17.11 * Tue Aug 22 2006 Bill Nottingham - update to 2.6.17.10?? * Tue Aug 15 2006 Juan Quintela - linux-2.6-xen update * linux-2.6.17-xen cset changeset: 29033:e6adb54afb96 * linux-2.6-xen cset 22813:80c2ccf5c330 - s/xen_version/xen_hv_cset/ as Fedora. - update xen hv to cset 11061. * Mon Aug 7 2006 Mike Christie - Drop iscsi update patch. * Mon Aug 7 2006 Dave Jones - 2.6.17.8 * Fri Aug 4 2006 Dave Jones - Fix split lock patch for 64bit. * Fri Aug 4 2006 Dave Jones [2.6.17-1.2171_FC5] - 2.6.17.8rc1 * Wed Aug 2 2006 Dave Jones - Readd patch to allow 460800 baud on 16C950 UARTs * Sat Jul 29 2006 Dave Jones - Silence noisy SCSI ioctl. (#200638) * Fri Jul 28 2006 Dave Jones - 2.6.17.7 * Thu Jul 27 2006 Rik van Riel - reduce hypervisor stack use with -O2, this really fixes bug (#198932) * Tue Jul 25 2006 Rik van Riel - disable debug=y hypervisor build option because of stack overflow (#198932) * Tue Jul 25 2006 Dave Jones - Enable serio_raw (#199387) * Sun Jul 16 2006 Dave Jones - Support up to 4GB in the 586 kernel again. * Sun Jul 16 2006 Dave Jones - 2.6.17.6 * Fri Jul 14 2006 Dave Jones - Reenable SMC NIC driver. * Tue Jul 11 2006 Dave Jones - 2.6.17.4 - Disable split pagetable lock * Sat Jul 8 2006 Juan Quintela - enable CONFIG_CRASH on xen kernels. - enable CONFIG_PCIDEV_BACKEND on xen kernels. - make BLKDEV_FRONTEND a module on xen kernels. - rebase with linux-2.6-xen-fedora 28918. - Update to xen-unstable HV cset 10508. - xen: credit scheduler is the default now. * Wed Jul 5 2006 Dave Jones - Get rid of stack backtrace on panic, which in most cases actually caused a loss of info instead of a gain. * Tue Jul 4 2006 Juan Quintela - new merge with xen upstream. - xen kernel don't require xen userland. - new xen kernel (same as rawhide one) with PAE support. - removed xen0-PAE & xenU-PAE (see xen kernel). * Fri Jun 30 2006 Dave Jones - 2.6.17.3 - 2.6.17.2 - Fix the ALSA list_add bug. * Mon Jun 26 2006 Dave Jones - Enable fake PCI hotplug driver. (#190437) - Enable gameport/joystick on i586 builds. (#196581) * Sat Jun 24 2006 Dave Jones - Enable profiling for 586 kernels. * Fri Jun 23 2006 Dave Jones - Make 'quiet' work again. * Tue Jun 20 2006 Dave Jones [2.6.17-1.2139_FC5] - Rebuild with slab debug off. * Tue Jun 20 2006 Dave Jones [2.6.17-1.2138_FC5] - 2.6.17.1 * Sun Jun 18 2006 Dave Jones - 2.6.17 - Only print info about SMP alternatives on SMP kernels. * Tue Jun 6 2006 Dave Jones [2.6.16-1.2133_FC5] - Add a PPC64 kdump kernel. * Mon Jun 5 2006 Dave Jones [2.6.16-1.2132_FC5] - 2.6.16.20 * Thu Jun 1 2006 Dave Jones - Reenable Xen builds. * Tue May 30 2006 Dave Jones - 2.6.16.19 * Sun May 28 2006 Dave Jones - Fix unresolved symbol. (#193333) * Sat May 27 2006 Dave Jones - Improve list corruption debugging patch. * Fri May 26 2006 Dave Jones - Remove xenU initrd's when kernel is removed. * Fri May 26 2006 Juan Quintela - Remove ARCH=xen reminiscences on spec file --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ 97806c41e24ad5f0841f0b624ee6b4925b2da41f SRPMS/kernel-2.6.20-1.2316.fc5.src.rpm 97806c41e24ad5f0841f0b624ee6b4925b2da41f noarch/kernel-2.6.20-1.2316.fc5.src.rpm c7cb7b3b00c2a2a916aab87cfb6802d34d2752e1 ppc/kernel-2.6.20-1.2316.fc5.ppc.rpm b5fc5ae0fc72b8fb475a0bc2bdb9fb11322fa97c ppc/kernel-devel-2.6.20-1.2316.fc5.ppc.rpm b28e85937f3bc45d98f1d6200e01aa6300537486 ppc/kernel-smp-2.6.20-1.2316.fc5.ppc.rpm a345490da6e648e94b428c3360d6e0f1a5f7cb18 ppc/kernel-smp-devel-2.6.20-1.2316.fc5.ppc.rpm 4e3bafed909be1a18b372d2aa83757730046f472 ppc/debug/kernel-debuginfo-2.6.20-1.2316.fc5.ppc.rpm 27a29cd18f552b542169ff036b84fa12ec56c45b ppc/kernel-doc-2.6.20-1.2316.fc5.noarch.rpm fdf15268b80a1a25d34819f37ecf829c6a0fd9e6 x86_64/kernel-debug-devel-2.6.20-1.2316.fc5.x86_64.rpm 92b3197a0ae0b71cc4f3a9f2c98858dff6aaf0b5 x86_64/kernel-kdump-devel-2.6.20-1.2316.fc5.x86_64.rpm d3f8ca8af1b85fc0477e42b3ba7d7ce4fbd2e38b x86_64/kernel-xen0-devel-2.6.20-1.2316.fc5.x86_64.rpm 54d208f675fd1c59ce5790608f16afb9bc81cb1c x86_64/kernel-xenU-2.6.20-1.2316.fc5.x86_64.rpm 1a6b898df00b1bfd7401d4f2cfe077231af93188 x86_64/kernel-xen-2.6.20-1.2316.fc5.x86_64.rpm 133b18e09ecfab0f2ab24e4ab4bce785226455fe x86_64/kernel-devel-2.6.20-1.2316.fc5.x86_64.rpm 2010ec3eb93b93f768558d2462ccc76644f21339 x86_64/kernel-debug-2.6.20-1.2316.fc5.x86_64.rpm e68335d29bf537fca1dcd9c00f3027047f10410d x86_64/debug/kernel-debuginfo-2.6.20-1.2316.fc5.x86_64.rpm 75e2667d1b274f2a2f2778634337661887c74c57 x86_64/kernel-2.6.20-1.2316.fc5.x86_64.rpm 12cacdc0eac7c3de7c96b97b4c0cfa46a9f98052 x86_64/kernel-xenU-devel-2.6.20-1.2316.fc5.x86_64.rpm ff4abf5bb6e063590ef2322779b6b5abd5ee8ee4 x86_64/kernel-xen0-2.6.20-1.2316.fc5.x86_64.rpm d4e2b09f7d17f9fbaa253f4ffec5b28642ed8a31 x86_64/kernel-kdump-2.6.20-1.2316.fc5.x86_64.rpm 0bdda26baffc137519cd4ff0e53154b0ffe0759f x86_64/kernel-xen-devel-2.6.20-1.2316.fc5.x86_64.rpm 27a29cd18f552b542169ff036b84fa12ec56c45b x86_64/kernel-doc-2.6.20-1.2316.fc5.noarch.rpm 087dfe44e6c1c00522f0c52f5212f6b1bd4bc3d8 i386/debug/kernel-debuginfo-2.6.20-1.2316.fc5.i386.rpm c327360e94f53ed1500312fc3fe113ee7456ac94 i386/kernel-smp-devel-2.6.20-1.2316.fc5.i586.rpm 9e02ae0a69688c8304ab580d820292984e764055 i386/kernel-smp-2.6.20-1.2316.fc5.i586.rpm c54ee4ee85d3febb8a96b4dbd60f885741a55f38 i386/debug/kernel-debuginfo-2.6.20-1.2316.fc5.i586.rpm 26873ae86d70b8c769672679738adb3a9bd4d27e i386/kernel-devel-2.6.20-1.2316.fc5.i586.rpm b4746bd15eb5dde17a877fe420c5b91b29d00606 i386/kernel-2.6.20-1.2316.fc5.i586.rpm 67ffc9911d025a8592e8a4cf27b467873a08c948 i386/kernel-smp-devel-2.6.20-1.2316.fc5.i686.rpm b2d79cdc68e15a8c14f2996e96b26df4ccec0f44 i386/kernel-kdump-devel-2.6.20-1.2316.fc5.i686.rpm 72bdb2687482eae575cb5bddb95f27a719978dc0 i386/kernel-debug-2.6.20-1.2316.fc5.i686.rpm e022d35519b41c33cb3536b8f2eb74b9e2935f8e i386/kernel-xen0-devel-2.6.20-1.2316.fc5.i686.rpm fdaa6763f15cb8b0085f471fb8937360d08de46c i386/kernel-smp-2.6.20-1.2316.fc5.i686.rpm 1257b32ab584fa168b70fd746f543ff973756123 i386/kernel-xenU-2.6.20-1.2316.fc5.i686.rpm 51ca5a5387f5ff567a59ed96e7b06800631f3884 i386/kernel-devel-2.6.20-1.2316.fc5.i686.rpm 0bb9e4b15dbe6c9c01f22c59a686823fb955b010 i386/kernel-xen0-2.6.20-1.2316.fc5.i686.rpm a1e116f30fb24195044fc6be66e00f57fa7cd174 i386/kernel-xen-devel-2.6.20-1.2316.fc5.i686.rpm 78add5c32b9ad93c8edccdc2a0bd416d62d2a3ba i386/kernel-smp-debug-2.6.20-1.2316.fc5.i686.rpm 0002f762cadd14ba589f1219d3b03c94753b50db i386/kernel-kdump-2.6.20-1.2316.fc5.i686.rpm cdf934a5bd256d9a35f7c240777f7c72a31d7825 i386/kernel-2.6.20-1.2316.fc5.i686.rpm 50e3720f58b87d8f0072886f671931490e8400b7 i386/kernel-xenU-devel-2.6.20-1.2316.fc5.i686.rpm 16a0a84ba382102c354a0f2af9400844cc9d3a00 i386/debug/kernel-debuginfo-2.6.20-1.2316.fc5.i686.rpm 66b25e1510bb763ccc83326346914ab6fa61adcd i386/kernel-debug-devel-2.6.20-1.2316.fc5.i686.rpm 1e73476948ecab8fb81e7363fa2207338e3db187 i386/kernel-smp-debug-devel-2.6.20-1.2316.fc5.i686.rpm 5d53b71b8c482ab9489d7af0667121cb5eaf753e i386/kernel-xen-2.6.20-1.2316.fc5.i686.rpm 27a29cd18f552b542169ff036b84fa12ec56c45b i386/kernel-doc-2.6.20-1.2316.fc5.noarch.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From pnasrat at redhat.com Tue May 1 16:42:03 2007 From: pnasrat at redhat.com (Paul Nasrat) Date: Tue, 1 May 2007 12:42:03 -0400 Subject: Fedora Core 6 Update: rpm-4.4.2-33.fc6 Message-ID: <200705011642.l41Gg3NI024843@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-486 2007-05-01 --------------------------------------------------------------------- Product : Fedora Core 6 Name : rpm Version : 4.4.2 Release : 33.fc6 Summary : The RPM package management system. Description : The RPM Package Manager (RPM) is a powerful command line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Each software package consists of an archive of files along with information about the package like its version, a description, etc. --------------------------------------------------------------------- Update Information: This update fixes an issue blocking the Core Extras merge with ppc64 builders. --------------------------------------------------------------------- * Fri Apr 27 2007 Paul Nasrat - 4.4.2-33 - Remove ppc64 inline asm (#233145) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ 90aec0b8a7cf2bac14cc8267ab79286067ba92b1 SRPMS/rpm-4.4.2-33.fc6.src.rpm 90aec0b8a7cf2bac14cc8267ab79286067ba92b1 noarch/rpm-4.4.2-33.fc6.src.rpm 43140399df0642b42a3344b584d09e0710d9fdc5 ppc/rpm-devel-4.4.2-33.fc6.ppc.rpm fa8f201f86aac3d30544f8d00fbed7a94121c02e ppc/rpm-4.4.2-33.fc6.ppc.rpm db7b2179d760b830f3a2c57075872e78dcd5310b ppc/debug/rpm-debuginfo-4.4.2-33.fc6.ppc.rpm 98097902ecc61a56ec081a15175745f6a495afe0 ppc/rpm-build-4.4.2-33.fc6.ppc.rpm d98e99ffc8e8a21559638db9febb3a4e807de72f ppc/rpm-libs-4.4.2-33.fc6.ppc.rpm 4b587b8cd864defd84c6c85e56a6a0814b4b4e46 ppc/popt-1.10.2-33.fc6.ppc.rpm c41c2bc9cc694eaedec5538a1eb6cc8716239faf ppc/rpm-python-4.4.2-33.fc6.ppc.rpm 74dd302ec4eac7dcc3109989ede9e4a14954de80 x86_64/debug/rpm-debuginfo-4.4.2-33.fc6.x86_64.rpm e166cf23eb0eacd6a60a90503d8ac5f26bd82a6e x86_64/rpm-devel-4.4.2-33.fc6.x86_64.rpm 46d7eadca0a9d9825d7bb8415b0a2680851b4778 x86_64/popt-1.10.2-33.fc6.x86_64.rpm ab8f24a17ab2bb5a76ff083600f20c143e1f13e2 x86_64/rpm-python-4.4.2-33.fc6.x86_64.rpm 531c19dfd5cec407bbdfb79b9cf2307d2c375746 x86_64/rpm-4.4.2-33.fc6.x86_64.rpm 3921fa59dcb011f1070c102674fc2cd13d0ecec7 x86_64/rpm-libs-4.4.2-33.fc6.x86_64.rpm 88e0391021cc2614fc6b754f0071da42f983e6a3 x86_64/rpm-build-4.4.2-33.fc6.x86_64.rpm ad67b450e43deba0913b1723dad523afcb850f66 i386/rpm-build-4.4.2-33.fc6.i386.rpm 8751aae179155c55ab70a5b0d5295a6aca07697d i386/rpm-libs-4.4.2-33.fc6.i386.rpm 291f05486b8794f2f0b64e4b6ba66820c26a564c i386/popt-1.10.2-33.fc6.i386.rpm 4bc56736214e92886ee236b7c449ca630af49adf i386/rpm-4.4.2-33.fc6.i386.rpm f2688b574adad33d3c547e57ff32bc7d58741b53 i386/rpm-devel-4.4.2-33.fc6.i386.rpm 466a18ed401de13275b8026eee96b1fa1a576d57 i386/debug/rpm-debuginfo-4.4.2-33.fc6.i386.rpm ab218dd602e0b863c2cd3253a1d9ad883565bfc7 i386/rpm-python-4.4.2-33.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From jjohnstn at redhat.com Tue May 8 02:06:28 2007 From: jjohnstn at redhat.com (Jeff Johnston) Date: Mon, 7 May 2007 22:06:28 -0400 Subject: Fedora Core 6 Update: eclipse-cdt-3.1.2-3.fc6 Message-ID: <200705080206.l4826S6M018599@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-450 2007-05-07 --------------------------------------------------------------------- Product : Fedora Core 6 Name : eclipse-cdt Version : 3.1.2 Release : 3.fc6 Summary : Eclipse C/C++ Development Tools (CDT) plugin Description : The eclipse-cdt package contains Eclipse features and plugins that are useful for C and C++ development. --------------------------------------------------------------------- * Mon Apr 16 2007 Jeff Johnston 3.1.2-3 - Add missing gif to org.eclipse.cdt.make.ui. - Resolves: #236558 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ 1d83b1bd7a7a9b3b1582a58b34165d92b5d8c6bb SRPMS/eclipse-cdt-3.1.2-3.fc6.src.rpm 1d83b1bd7a7a9b3b1582a58b34165d92b5d8c6bb noarch/eclipse-cdt-3.1.2-3.fc6.src.rpm dfa98fdc94f37ed1fece3ef5e7057e795568ae7e ppc/eclipse-cdt-3.1.2-3.fc6.ppc.rpm 270cc86c1eabd72ada97f6965b0d149da4c3339f ppc/debug/eclipse-cdt-debuginfo-3.1.2-3.fc6.ppc.rpm 157569fe98c88fed84bc3a5fc4bcb8d1ea9e5d95 ppc/eclipse-cdt-sdk-3.1.2-3.fc6.ppc.rpm 5382387d428ab8708917c4be5c7a31cfdf19ae84 x86_64/eclipse-cdt-3.1.2-3.fc6.x86_64.rpm 84dd57359df6d25da3378975fea70d2de9f7023b x86_64/debug/eclipse-cdt-debuginfo-3.1.2-3.fc6.x86_64.rpm 8dc689b64b505666dacdd542145e80a4b67e9158 x86_64/eclipse-cdt-sdk-3.1.2-3.fc6.x86_64.rpm 6faad42ed56e2b36495792f540ba9d209545dae7 i386/eclipse-cdt-3.1.2-3.fc6.i386.rpm 5b5421f39a3add9ed1601db0172b750f2c814a09 i386/eclipse-cdt-sdk-3.1.2-3.fc6.i386.rpm 2b8f27924d1e86240611547bf2b83e0d3aee7e01 i386/debug/eclipse-cdt-debuginfo-3.1.2-3.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From veillard at redhat.com Tue May 8 02:08:46 2007 From: veillard at redhat.com (Daniel Veillard) Date: Mon, 7 May 2007 22:08:46 -0400 Subject: Fedora Core 6 Update: libxml2-2.6.28-1.fc6 Message-ID: <200705080208.l4828kh9019127@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-459 2007-05-07 --------------------------------------------------------------------- Product : Fedora Core 6 Name : libxml2 Version : 2.6.28 Release : 1.fc6 Summary : Library providing XML and HTML support Description : This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM like representations. In this case one can use the built-in XPath and XPointer implementation to select subnodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to an URI library. --------------------------------------------------------------------- Update Information: Many bug fixes in the upstream release --------------------------------------------------------------------- * Thu Apr 19 2007 Daniel Veillard 2.6.28-1.fc6 - upstream release 2.6.28 see http://xmlsoft.org/news.html - very large amount of bug fixes reported upstream --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ 5105fb560d1f510d191f2e1015c378f0a32b5610 SRPMS/libxml2-2.6.28-1.fc6.src.rpm 5105fb560d1f510d191f2e1015c378f0a32b5610 noarch/libxml2-2.6.28-1.fc6.src.rpm af8dfe1d78612e09ac556323da8e6cd7f72dda2d ppc/libxml2-python-2.6.28-1.fc6.ppc.rpm 877ddf4f2e6ec9cb7e34e3b37e3345bb7bf55ddf ppc/libxml2-devel-2.6.28-1.fc6.ppc.rpm 67317b80e53763c13a32e7406c080644eaebf781 ppc/debug/libxml2-debuginfo-2.6.28-1.fc6.ppc.rpm 1e02e5eb16e6ba841f68d00667f62f15397bbd24 ppc/libxml2-2.6.28-1.fc6.ppc.rpm 6147316507e2031cffa684f4182011b890783c52 x86_64/libxml2-python-2.6.28-1.fc6.x86_64.rpm 8c2c51e3e9e86348e791240be543c8570419e6ba x86_64/libxml2-devel-2.6.28-1.fc6.x86_64.rpm 36d986112fac543b5b40881f357eb981afd1721c x86_64/libxml2-2.6.28-1.fc6.x86_64.rpm 6282def72bc7a0f8468679697e391801c26b828d x86_64/debug/libxml2-debuginfo-2.6.28-1.fc6.x86_64.rpm d5e3c05d0f5d24e69cb8b84d8275532114ee14d3 i386/libxml2-2.6.28-1.fc6.i386.rpm 202c3959aa166bb66b7e12d0acf0ef9e12978ac9 i386/libxml2-python-2.6.28-1.fc6.i386.rpm aad712a79b1ded8fc0655fd953dc08546bea507c i386/debug/libxml2-debuginfo-2.6.28-1.fc6.i386.rpm 08e5d18729a2821a43d46f76b1ec952f2141c3e5 i386/libxml2-devel-2.6.28-1.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From tjanouse at redhat.com Tue May 8 02:21:14 2007 From: tjanouse at redhat.com (Tomas Janousek) Date: Mon, 7 May 2007 22:21:14 -0400 Subject: [SECURITY] Fedora Core 5 Update: dovecot-1.0-0.beta8.4.fc5 Message-ID: <200705080221.l482LE56022915@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-493 2007-05-07 --------------------------------------------------------------------- Product : Fedora Core 5 Name : dovecot Version : 1.0 Release : 0.beta8.4.fc5 Summary : Dovecot Secure imap server Description : Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats. --------------------------------------------------------------------- * Fri Mar 2 2007 Tomas Janousek - 1.0-0.beta8.4.fc5 - a little master login fix (#224925) - fix for CVE-2007-2231 (#238440) * Thu Dec 21 2006 Tomas Janousek - 1.0-0.beta8.3.fc5 - fixed default paths in the example mkcert.sh to match configuration defaults (fixes #183151) - fixed off by one (#216508, CVE-2006-5973) * Thu Jun 8 2006 Petr Rockai - 1.0-0.beta8.2.fc5 - bring FC-5 branch up to date with the rawhide one (bugfixes only) - should fix non-working pop3 in default installation * Thu Jun 8 2006 Petr Rockai - 1.0-0.beta8.2 - put back pop3_uidl_format default that got lost in the beta2->beta7 upgrade (would cause pop3 to not work at all in many situations) * Thu May 4 2006 Petr Rockai - 1.0-0.beta8.1 - upgrade to latest upstream beta release (beta8) - contains a security fix in mbox handling * Thu May 4 2006 Petr Rockai - 1.0-0.beta7.1 - upgrade to latest upstream beta release - fixed BR 173048 * Fri Mar 17 2006 Petr Rockai - 1.0-0.beta2.8 - fix sqlite detection in upstream configure checks, second part of #182240 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ 6e52dcbd8179162049e7a7c52224a43c08f1c74c SRPMS/dovecot-1.0-0.beta8.4.fc5.src.rpm 6e52dcbd8179162049e7a7c52224a43c08f1c74c noarch/dovecot-1.0-0.beta8.4.fc5.src.rpm dd7bcff2a08903b1125cb133ed30562319605e18 ppc/dovecot-1.0-0.beta8.4.fc5.ppc.rpm 8a0cf5ace0b9c03096789901e582acf4848c922f ppc/debug/dovecot-debuginfo-1.0-0.beta8.4.fc5.ppc.rpm d28c4e822d903a4aeb725614bdf9fc8e204cc862 x86_64/dovecot-1.0-0.beta8.4.fc5.x86_64.rpm ab0ae684a68ba5ac7df45dce3079ac17ba9559af x86_64/debug/dovecot-debuginfo-1.0-0.beta8.4.fc5.x86_64.rpm 0c8866820a1f5cbc4702b18c8c213cdb8f635970 i386/dovecot-1.0-0.beta8.4.fc5.i386.rpm 61cd6536ac99799abf6ea3becc02bf0c98e7fc98 i386/debug/dovecot-debuginfo-1.0-0.beta8.4.fc5.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From mmaslano at redhat.com Tue May 8 02:29:20 2007 From: mmaslano at redhat.com (Marcela Maslanova) Date: Mon, 7 May 2007 22:29:20 -0400 Subject: Fedora Core 6 Update: man-pages-fr-2.39-7.fc6 Message-ID: <200705080229.l482TK3F024951@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-496 2007-05-07 --------------------------------------------------------------------- Product : Fedora Core 6 Name : man-pages-fr Version : 2.39 Release : 7.fc6 Summary : French man pages from the Linux Documentation Project Description : Manual pages from the Linux Documentation Project, translated into French. Also includes supplemental pages provided by Dr. Patrick Atlas and Dr. Gerard Delafond. --------------------------------------------------------------------- Update Information: Fix conflict with another package. --------------------------------------------------------------------- * Mon May 7 2007 Marcela Maslanova 2.39-7 - Resolves: #215431 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ 3958bd4c63998c3eea5f98079bd75fb868167079 SRPMS/man-pages-fr-2.39-7.fc6.src.rpm 3958bd4c63998c3eea5f98079bd75fb868167079 noarch/man-pages-fr-2.39-7.fc6.src.rpm a0e95e3c2046d1d3d1ed009536d5937c3c6fe2ed ppc/man-pages-fr-2.39-7.fc6.noarch.rpm a0e95e3c2046d1d3d1ed009536d5937c3c6fe2ed x86_64/man-pages-fr-2.39-7.fc6.noarch.rpm a0e95e3c2046d1d3d1ed009536d5937c3c6fe2ed i386/man-pages-fr-2.39-7.fc6.noarch.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From bkonrath at redhat.com Tue May 8 02:11:07 2007 From: bkonrath at redhat.com (Benjamin Konrath) Date: Mon, 7 May 2007 22:11:07 -0400 Subject: Fedora Core 6 Update: eclipse-3.2.2-5.fc6 Message-ID: <200705080211.l482B799019993@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-488 2007-05-07 --------------------------------------------------------------------- Product : Fedora Core 6 Name : eclipse Version : 3.2.2 Release : 5.fc6 Summary : An open, extensible IDE Description : The Eclipse Platform is designed for building integrated development environments (IDEs) that can be used to create applications as diverse as web sites, embedded Java(tm) programs, C++ programs, and Enterprise JavaBeans(tm). --------------------------------------------------------------------- * Tue May 1 2007 Ben Konrath 3.2.2-5.fc6 - Bug fix in launcher-addplatformtotildeeclipse.patch. - Resolves: #238107. * Mon Apr 30 2007 Ben Konrath 3.2.2-4.fc6 - Add workaround in launcher-addplatformtotildeeclipse.patch for problems caused by bug #238107. - Resolves: #238107. * Fri Apr 27 2007 Ben Konrath 3.2.2-3.fc6 - Fix problem in launcher-addplatformtotildeeclipse.patch. - Resolves: #238107. --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ ac24cf7920b4b1fc50738c6fab0d50beaaf8b385 SRPMS/eclipse-3.2.2-5.fc6.src.rpm ac24cf7920b4b1fc50738c6fab0d50beaaf8b385 noarch/eclipse-3.2.2-5.fc6.src.rpm a6501db02fbc819aa92c64428833ab55cee2beaa ppc/eclipse-platform-sdk-3.2.2-5.fc6.ppc.rpm 6358bfbcea299ff1fec87ee9a9cb85e6208a45a4 ppc/debug/eclipse-debuginfo-3.2.2-5.fc6.ppc.rpm ff341a55be8bacd31e782c266a6dc8ce21eba935 ppc/eclipse-rcp-sdk-3.2.2-5.fc6.ppc.rpm 57c63ce46fa40dd3289326ec4e17e41a32efaca5 ppc/libswt3-gtk2-3.2.2-5.fc6.ppc.rpm 94348db6859984b057cba154b4157d17ac4741d7 ppc/eclipse-ecj-3.2.2-5.fc6.ppc.rpm 8531a0b08c86927c2e811e180561a549d9aad922 ppc/eclipse-pde-runtime-3.2.2-5.fc6.ppc.rpm fff7ffadd46324c1885bf11818329b6e5700b9c4 ppc/eclipse-platform-3.2.2-5.fc6.ppc.rpm 068e22e6e94cf85b8bca646d40158b9415bbb811 ppc/eclipse-jdt-sdk-3.2.2-5.fc6.ppc.rpm 2615bc51d851fa12250817cea990d3fe896f00fb ppc/eclipse-pde-sdk-3.2.2-5.fc6.ppc.rpm c9c3957e135ef7dca48e9e5a573b1dc55ee3558b ppc/eclipse-pde-3.2.2-5.fc6.ppc.rpm e11d70a7c319d13b6fd5df1c1b3bdca29812d953 ppc/eclipse-rcp-3.2.2-5.fc6.ppc.rpm d19ca117be90e897ccc943fe94775f76196d142f ppc/eclipse-jdt-3.2.2-5.fc6.ppc.rpm c4a257ba787dee4dad0d43dd9091b54eea4e69e4 ppc/eclipse-sdk-3.2.2-5.fc6.ppc.rpm fd57722ca6b4afe7051da71380c801d24b56d81e x86_64/eclipse-sdk-3.2.2-5.fc6.x86_64.rpm 51e121d42f1607348bdcffcb01c91399b574ffde x86_64/eclipse-platform-sdk-3.2.2-5.fc6.x86_64.rpm f90c0307b0fcf187218125ec6f6ce419de471835 x86_64/eclipse-pde-3.2.2-5.fc6.x86_64.rpm 16029f185f54844fe83bc32baa94a61e49eab673 x86_64/eclipse-jdt-sdk-3.2.2-5.fc6.x86_64.rpm 0ff40e49a263a9237b11188ab127745cb0d091f0 x86_64/eclipse-pde-runtime-3.2.2-5.fc6.x86_64.rpm e0549bbe615a43f2e46ca632177325af6a827396 x86_64/libswt3-gtk2-3.2.2-5.fc6.x86_64.rpm 4ee9df393ec1ff9ca4b351e3013ba4efaa55d79e x86_64/debug/eclipse-debuginfo-3.2.2-5.fc6.x86_64.rpm ea70840d2e2b875503ad6f265936f1a9157eeb7a x86_64/eclipse-rcp-sdk-3.2.2-5.fc6.x86_64.rpm 877d6ce567aeadc40040a397d30bc8ccd2d360d4 x86_64/eclipse-ecj-3.2.2-5.fc6.x86_64.rpm 74221d95f810742f6826b5f5d55a5d3a11c7b9e5 x86_64/eclipse-rcp-3.2.2-5.fc6.x86_64.rpm eca567e34584c3d44d902116ac941698f51c0ff2 x86_64/eclipse-jdt-3.2.2-5.fc6.x86_64.rpm e2881e9cf3844ee41aeef0d28922ce9d83054791 x86_64/eclipse-platform-3.2.2-5.fc6.x86_64.rpm 1163da911f8330caa5d7c8c8b7230b8b5c8bea69 x86_64/eclipse-pde-sdk-3.2.2-5.fc6.x86_64.rpm fbacd2f0088958052a786d1aa2baea88d71bbaae i386/eclipse-ecj-3.2.2-5.fc6.i386.rpm 4728eb71e08b18ce532f4cfe3217d1d9ef539dbf i386/libswt3-gtk2-3.2.2-5.fc6.i386.rpm 6c73a358e8e5733bec6b93ed4c4200f4be66d364 i386/eclipse-pde-runtime-3.2.2-5.fc6.i386.rpm 772939e2fe8cd9a0d289384eec620d130f1373b2 i386/eclipse-rcp-3.2.2-5.fc6.i386.rpm 535ef2749ea6f43b30c84396f218e86c0d1be54e i386/eclipse-sdk-3.2.2-5.fc6.i386.rpm 10d34454fd44ad871d2986c1e09c8d82687090a2 i386/eclipse-jdt-3.2.2-5.fc6.i386.rpm 8883a0b922ee5bd9c254e0ddac47b6c7bac4413b i386/eclipse-jdt-sdk-3.2.2-5.fc6.i386.rpm e29bca69dbb3bbee52d96192b23ac2f374b99488 i386/eclipse-platform-sdk-3.2.2-5.fc6.i386.rpm cb3d7645753c87658cd618cd4728d04c6e1392de i386/eclipse-pde-sdk-3.2.2-5.fc6.i386.rpm 8f88c8daf7d3df0c5b371f6671473022f8d4bc97 i386/eclipse-platform-3.2.2-5.fc6.i386.rpm 80752c4f94399b3ca81be48e3b19384a084516cb i386/eclipse-rcp-sdk-3.2.2-5.fc6.i386.rpm 499cb37bc279210ab90c2107a3693f80f0dba503 i386/eclipse-pde-3.2.2-5.fc6.i386.rpm 3de6fd5e3ff96b50f9a9596d0841d9bd36c66b38 i386/debug/eclipse-debuginfo-3.2.2-5.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From nphilipp at redhat.com Tue May 8 02:13:34 2007 From: nphilipp at redhat.com (Nils Philippsen) Date: Mon, 7 May 2007 22:13:34 -0400 Subject: [SECURITY] Fedora Core 6 Update: gimp-2.2.14-5.fc6 Message-ID: <200705080213.l482DYqx020579@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-489 2007-05-07 --------------------------------------------------------------------- Product : Fedora Core 6 Name : gimp Version : 2.2.14 Release : 5.fc6 Summary : GNU Image Manipulation Program Description : GIMP (GNU Image Manipulation Program) is a powerful image composition and editing program, which can be extremely useful for creating logos and other graphics for webpages. GIMP has many of the tools and filters you would expect to find in similar commercial offerings, and some interesting extras as well. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. --------------------------------------------------------------------- Update Information: The GIMP package in Fedora includes a helper script /usr/sbin/gimp-plugin-mgr for plugins contained in other packages, for example, xsane-gimp. This script manages symlinks from the GIMP plugin directory (which may change between upgrades) to the actual location of the plugins. A bug has been fixed in this erratum of GIMP that was in all older GIMP packages. The bug concerns the execution order in which the symlinks are installed and removed, causing the symlinks to vanish when the GIMP package is updated. Although this GIMP erratum has the execution order fixed, due to the nature of the problem it will show up once more when updating from an affected version to a fixed version. To add these symlinks back in, run this command, providing the root password when prompted: su -c "/usr/sbin/gimp-plugin-mgr --install '*'" --------------------------------------------------------------------- * Tue May 1 2007 Nils Philippsen - 2:2.2.14-5 - don't let gimp-plugin-mgr --uninstall fail %pre/%preun scriptlets (#238337) * Mon Apr 30 2007 Nils Philippsen - 2:2.2.14-4 - fix plugin symlinks handling better (#238337) * Mon Apr 30 2007 Nils Philippsen - 2:2.2.14-3 - don't erroneously delete symlinks to external plugins when updating (#238337) * Mon Apr 30 2007 Nils Philippsen - 2:2.2.14-2 - avoid buffer overflow in sunras plugin (#238422) * Tue Apr 24 2007 Nils Philippsen - 2:2.2.14-1 - version 2.2.14 Bugs fixed in GIMP 2.2.14 ========================= - avoid crashing on newer versions of the winicon format (bug #352899) - fixed crash in Postscript plug-in (bug #353381) - fixed handling of TABs in the text tool (bug #353132) - fixed bug in Depth Merge plug-in (bug #355219) - fixed bug in GimpDrawablePreview widget (bug #353639) - fixed bug in Line Nove script (bug #357433) - fixed bug in Ripple plug-in (bug #357431) - save locale independent files from Fractal Explorer plug-in (bug #360095) - fixed bug in Super Nova plug-in (bug #340073) - be more robust against broken XCF files (bug #357809) - fixed drawing issues in Image Map plug-in (bug #311621) - fixed smoothing option in Fractal Explorer plug-in (bug #372671) - load channels in the proper order when opening an XCF file (bug #378003) - deal with floating selections in the Burn-In Animation script (bug #384096) - fixed clipping in the GimpPreviewArea widget (bug #392692) - fixed a potential crash in gimp-remote (bug #392111) - work around a file-chooser problem on Windows (bug #398726) - fixed markup of the gimp(1) manual page (bug #401145) - fixed the fix for the right-to-left layout in layers dialog (bug #348347) - fixed PSD save plug-in on 64bit architectures (bug #335130) - added missing dependency in gimpui-2.0.pc file (bug #356394) - fixed a crash in the PSD save plug-in (bug #395385) - improved robustness of transform tool preview code (bug #420595) - improved forward compatibility of XCF loader (bug #316207) - don't crash in the Compressor plug-in if files can't be opened (bug #422444) - fixed sensitivity of input fields in the Lighting plug-in (bug #359833) - don't BuildRequire gimp-print/gutenprint anymore * Mon Mar 26 2007 Nils Philippsen - 2:2.2.13-3 - use gutenprint per default for current development/future distribution versions (Fedora >= 7, RHEL >= 6) * Mon Mar 26 2007 Nils Philippsen - 2:2.2.13-2 - own used directories in gimp-devel (#233794) * Wed Feb 21 2007 Nils Philippsen - s/%redhat/%rhel/g * Wed Feb 7 2007 Nils Philippsen - really change defaults for use of modular X and lcms (#224156) * Thu Feb 1 2007 Nils Philippsen - change defaults for use of modular X and lcms (#224156) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ ba8e7ccb71e74904b304ce6925ceae2e8e336f7d SRPMS/gimp-2.2.14-5.fc6.src.rpm ba8e7ccb71e74904b304ce6925ceae2e8e336f7d noarch/gimp-2.2.14-5.fc6.src.rpm 335e68dd610e71ccab2864bd82a7b1722cea9e4c ppc/gimp-libs-2.2.14-5.fc6.ppc.rpm 1c1c3ba98ced2a5cadd2beb22352596531a952ba ppc/gimp-devel-2.2.14-5.fc6.ppc.rpm a312592041426da6f955243d74a29a45349bcda7 ppc/debug/gimp-debuginfo-2.2.14-5.fc6.ppc.rpm 602522f2ec567dc3320765c94d8bbe60e9c19763 ppc/gimp-2.2.14-5.fc6.ppc.rpm b3c1975cbf82590d5c72d7e414fb9e8d39d95d9d x86_64/debug/gimp-debuginfo-2.2.14-5.fc6.x86_64.rpm 524cf3f71081dbd5e44bb256b6894f8b3a4e587e x86_64/gimp-libs-2.2.14-5.fc6.x86_64.rpm 4d3e6966a32618a6752b36c18c7dd70f4ee747ab x86_64/gimp-devel-2.2.14-5.fc6.x86_64.rpm 226b073305b15ac9b242559a2a48f46ffecda5a1 x86_64/gimp-2.2.14-5.fc6.x86_64.rpm 4780aaccaa51d9bdda6b7e839f66df55e3a1bd16 i386/gimp-devel-2.2.14-5.fc6.i386.rpm a861c10fa4feb6c87dfa058c2f24005933979694 i386/gimp-2.2.14-5.fc6.i386.rpm f97c7df7801ee038fa789db3ccb8abae2908a168 i386/debug/gimp-debuginfo-2.2.14-5.fc6.i386.rpm 3a74780f66699c7705657c02e275dc7ff0396a33 i386/gimp-libs-2.2.14-5.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From nphilipp at redhat.com Tue May 8 02:15:52 2007 From: nphilipp at redhat.com (Nils Philippsen) Date: Mon, 7 May 2007 22:15:52 -0400 Subject: [SECURITY] Fedora Core 5 Update: gimp-2.2.14-5.fc5 Message-ID: <200705080215.l482FqFv021419@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-491 2007-05-07 --------------------------------------------------------------------- Product : Fedora Core 5 Name : gimp Version : 2.2.14 Release : 5.fc5 Summary : GNU Image Manipulation Program Description : GIMP (GNU Image Manipulation Program) is a powerful image composition and editing program, which can be extremely useful for creating logos and other graphics for webpages. GIMP has many of the tools and filters you would expect to find in similar commercial offerings, and some interesting extras as well. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. --------------------------------------------------------------------- Update Information: The GIMP package in Fedora includes a helper script /usr/sbin/gimp-plugin-mgr for plugins contained in other packages, for example, xsane-gimp. This script manages symlinks from the GIMP plugin directory (which may change between upgrades) to the actual location of the plugins. A bug has been fixed in this erratum of GIMP that was in all older GIMP packages. The bug concerns the execution order in which the symlinks are installed and removed, causing the symlinks to vanish when the GIMP package is updated. Although this GIMP erratum has the execution order fixed, due to the nature of the problem it will show up once more when updating from an affected version to a fixed version. To add these symlinks back in, run this command, providing the root password when prompted: su -c "/usr/sbin/gimp-plugin-mgr --install '*'" --------------------------------------------------------------------- * Tue May 1 2007 Nils Philippsen - 2:2.2.14-5 - don't let gimp-plugin-mgr --uninstall fail %pre/%preun scriptlets (#238337) * Mon Apr 30 2007 Nils Philippsen - 2:2.2.14-4 - fix plugin symlinks handling better (#238337) * Mon Apr 30 2007 Nils Philippsen - 2:2.2.14-3 - don't erroneously delete symlinks to external plugins when updating (#238337) * Mon Apr 30 2007 Nils Philippsen - 2:2.2.14-2 - avoid buffer overflow in sunras plugin (#238422) * Tue Apr 24 2007 Nils Philippsen - 2:2.2.14-1 - version 2.2.14 Bugs fixed in GIMP 2.2.14 ========================= - avoid crashing on newer versions of the winicon format (bug #352899) - fixed crash in Postscript plug-in (bug #353381) - fixed handling of TABs in the text tool (bug #353132) - fixed bug in Depth Merge plug-in (bug #355219) - fixed bug in GimpDrawablePreview widget (bug #353639) - fixed bug in Line Nove script (bug #357433) - fixed bug in Ripple plug-in (bug #357431) - save locale independent files from Fractal Explorer plug-in (bug #360095) - fixed bug in Super Nova plug-in (bug #340073) - be more robust against broken XCF files (bug #357809) - fixed drawing issues in Image Map plug-in (bug #311621) - fixed smoothing option in Fractal Explorer plug-in (bug #372671) - load channels in the proper order when opening an XCF file (bug #378003) - deal with floating selections in the Burn-In Animation script (bug #384096) - fixed clipping in the GimpPreviewArea widget (bug #392692) - fixed a potential crash in gimp-remote (bug #392111) - work around a file-chooser problem on Windows (bug #398726) - fixed markup of the gimp(1) manual page (bug #401145) - fixed the fix for the right-to-left layout in layers dialog (bug #348347) - fixed PSD save plug-in on 64bit architectures (bug #335130) - added missing dependency in gimpui-2.0.pc file (bug #356394) - fixed a crash in the PSD save plug-in (bug #395385) - improved robustness of transform tool preview code (bug #420595) - improved forward compatibility of XCF loader (bug #316207) - don't crash in the Compressor plug-in if files can't be opened (bug #422444) - fixed sensitivity of input fields in the Lighting plug-in (bug #359833) - don't BuildRequire gimp-print/gutenprint anymore * Mon Mar 26 2007 Nils Philippsen - 2:2.2.13-3 - use gutenprint per default for current development/future distribution versions (Fedora >= 7, RHEL >= 6) * Mon Mar 26 2007 Nils Philippsen - 2:2.2.13-2 - own used directories in gimp-devel (#233794) * Wed Feb 21 2007 Nils Philippsen - s/%redhat/%rhel/g * Wed Feb 7 2007 Nils Philippsen - really change defaults for use of modular X and lcms (#224156) * Thu Feb 1 2007 Nils Philippsen - change defaults for use of modular X and lcms (#224156) * Fri Aug 25 2006 Nils Philippsen - 2:2.2.13-1 - version 2.2.13 - remove obsolete filename patch * Thu Aug 17 2006 Nils Philippsen - 2:2.2.12-5 - don't barf on empty /etc/gimp/plugins.d (#202808) * Wed Aug 16 2006 Nils Philippsen - 2:2.2.12-4 - revamp scheme for integrating external plugins (#202545) * Wed Aug 2 2006 Nils Philippsen - 2:2.2.12-3 - allow spaces in filenames when saving (#200888, patch by Michael Natterer) * Tue Jul 18 2006 Nils Philippsen - 2:2.2.12-2 - split off libraries into gimp-libs to allow multilib installations - remove pre-release cruft * Wed Jul 12 2006 Jesse Keating - 2:2.2.12-1.1 - rebuild * Mon Jul 10 2006 Nils Philippsen - 2:2.2.12-1 - version 2.2.12 - use %dist/%fedora/%redhat - remove obsolete gcc4, libpng patches - show build options in %prep - require gettext for building * Wed May 31 2006 Nils Philippsen - 2:2.2.11-5 - cope with pygobject2/-devel being split off (#193368) * Tue May 9 2006 Nils Philippsen - 2:2.2.11-4 - don't use long deprecated libpng API (#191027, patch by Manish Singh) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ 729ed6a6ac211cd2b36cac0e0c545ed204d45487 SRPMS/gimp-2.2.14-5.fc5.src.rpm 729ed6a6ac211cd2b36cac0e0c545ed204d45487 noarch/gimp-2.2.14-5.fc5.src.rpm c04e4b7b81019594fefc39ce008e8b372f87683c ppc/gimp-2.2.14-5.fc5.ppc.rpm 3a0d3944f284766c705deba6260b72b2fc5e77e2 ppc/gimp-devel-2.2.14-5.fc5.ppc.rpm 01add798f95e1fa3b2aaf2f9b08b628479c9e53e ppc/gimp-libs-2.2.14-5.fc5.ppc.rpm 573b314dfcb14366113db088bddeb0257f49e03c ppc/debug/gimp-debuginfo-2.2.14-5.fc5.ppc.rpm fc3683a68d956306b02e980e1077769c6c7f1c12 x86_64/gimp-libs-2.2.14-5.fc5.x86_64.rpm 1a48f756d5efb530fbe85af52819db36680b2500 x86_64/debug/gimp-debuginfo-2.2.14-5.fc5.x86_64.rpm 5a542a0a58d94024b07cdeeb9e60777c77c63e97 x86_64/gimp-devel-2.2.14-5.fc5.x86_64.rpm 30fe0315f86289dee30396c7b20f7cec4edb0cf3 x86_64/gimp-2.2.14-5.fc5.x86_64.rpm 82ee257bc06c853e8b3b2921150cd6868895aa21 i386/gimp-devel-2.2.14-5.fc5.i386.rpm 2f6a6e65876342113f8358ed0966634052c2bc0f i386/gimp-libs-2.2.14-5.fc5.i386.rpm 5588880e828c5d4f8c3ea067a827a5dce12a1a55 i386/debug/gimp-debuginfo-2.2.14-5.fc5.i386.rpm c0df533b9d4e03b6a12235ac673c44b516f23eed i386/gimp-2.2.14-5.fc5.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From roland at redhat.com Tue May 8 02:16:46 2007 From: roland at redhat.com (Roland McGrath) Date: Mon, 7 May 2007 22:16:46 -0400 Subject: Fedora Core 6 Update: elfutils-0.127-1.fc6 Message-ID: <200705080216.l482Gkt2021620@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-460 2007-05-07 --------------------------------------------------------------------- Product : Fedora Core 6 Name : elfutils Version : 0.127 Release : 1.fc6 Summary : A collection of utilities and DSOs to handle compiled objects Description : Elfutils is a collection of utilities, including ld (a linker), nm (for listing symbols from object files), size (for listing the section sizes of an object or archive file), strip (for discarding symbols), readelf (to see the raw ELF file structures), and elflint (to check for well-formed ELF files). --------------------------------------------------------------------- Update Information: This update fixes some minor bugs in the libdw and libelf libraries and adds some new functions in libdw. --------------------------------------------------------------------- * Wed Apr 18 2007 Roland McGrath - 0.127-1 - Update to 0.127 - libdw: new function dwarf_getsrcdirs - libdwfl: new functions dwfl_module_addrsym, dwfl_report_begin_add, dwfl_module_address_section --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ e1f73721316ffbf88685034ab98969a43f949163 SRPMS/elfutils-0.127-1.fc6.src.rpm e1f73721316ffbf88685034ab98969a43f949163 noarch/elfutils-0.127-1.fc6.src.rpm c717f130d01048bade522cc01976447983c54dcf ppc/debug/elfutils-debuginfo-0.127-1.fc6.ppc.rpm 3e50a9b482cb1dbbc29fb9c88d2a173b22647bb9 ppc/elfutils-0.127-1.fc6.ppc.rpm fd54680915b070b05992afc65f6bff0b577814df ppc/elfutils-libelf-devel-static-0.127-1.fc6.ppc.rpm fd2eb3c54b4e052bca6f77db5be16d7cb660f0ce ppc/elfutils-devel-0.127-1.fc6.ppc.rpm 8d84b52a732aef65283be983357016d9cf5a84dc ppc/elfutils-libelf-devel-0.127-1.fc6.ppc.rpm 241601ee3f7be9403405c10c1e7a9bbc6f0dc0e9 ppc/elfutils-libelf-0.127-1.fc6.ppc.rpm efa66c9282586a43753fa6a13c2687fbbe6aa985 ppc/elfutils-libs-0.127-1.fc6.ppc.rpm 715b496bb4d385339dd8c89e48b6ff8948277f30 ppc/elfutils-devel-static-0.127-1.fc6.ppc.rpm a0b9fd2e9dc77fc624a41ba813fce93b83361b63 x86_64/debug/elfutils-debuginfo-0.127-1.fc6.x86_64.rpm 3243f5c660843cb6810eb00c541dc06495befed7 x86_64/elfutils-0.127-1.fc6.x86_64.rpm 915e2a73e5dfdcb903def89d704f944f7ded7f68 x86_64/elfutils-devel-0.127-1.fc6.x86_64.rpm 4a11501a9663c484456675e5e09db08a3c81fa7a x86_64/elfutils-libelf-0.127-1.fc6.x86_64.rpm ec243c77bd53d246819bcd1d8c33bedac5083f09 x86_64/elfutils-libs-0.127-1.fc6.x86_64.rpm 40418fc2900a00ceee05673ab0f0f8c314aa1cac x86_64/elfutils-devel-static-0.127-1.fc6.x86_64.rpm bbc355ac4eea085a6630274716a7660f82e49933 x86_64/elfutils-libelf-devel-static-0.127-1.fc6.x86_64.rpm 284db997e8d148613c8099315459c2454db3e08e x86_64/elfutils-libelf-devel-0.127-1.fc6.x86_64.rpm ef9375e4b82057549335782817080557ac647a86 i386/elfutils-devel-static-0.127-1.fc6.i386.rpm ba3899b4b052d9576ce84b63966e3737d5d78748 i386/elfutils-0.127-1.fc6.i386.rpm 1a8682db6fd121dbbadaa169f4a0c81c653ef75b i386/elfutils-devel-0.127-1.fc6.i386.rpm 4d99b222fb90135103f854c649fb955c447e0225 i386/elfutils-libelf-0.127-1.fc6.i386.rpm a8427e97c348efdb838e546ed979d5cf5f9ebd53 i386/debug/elfutils-debuginfo-0.127-1.fc6.i386.rpm 3824d581118a80d5245a88a0a6800dd06b391ca6 i386/elfutils-libelf-devel-static-0.127-1.fc6.i386.rpm 165817f055732258bb9ee9cc6891dddd78e0a351 i386/elfutils-libelf-devel-0.127-1.fc6.i386.rpm e6e849ef2a71a18170859872c9470614550d7f37 i386/elfutils-libs-0.127-1.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From karsten at redhat.com Tue May 8 02:18:30 2007 From: karsten at redhat.com (Karsten Hopp) Date: Mon, 7 May 2007 22:18:30 -0400 Subject: [SECURITY] Fedora Core 6 Update: vim-7.0.235-1.fc6 Message-ID: <200705080218.l482IU41022009@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-492 2007-05-07 --------------------------------------------------------------------- Product : Fedora Core 6 Name : vim Version : 7.0.235 Release : 1.fc6 Summary : The VIM editor Description : VIM (VIsual editor iMproved) is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. --------------------------------------------------------------------- Update Information: This update fixes several issues where opening a malicious file with vim can run an arbitrary command via modeline --------------------------------------------------------------------- * Thu May 3 2007 Karsten Hopp 7.0.235-1 - rebuild for FC-6 * Mon Apr 30 2007 Karsten Hopp 7.0.235-1 - update to patchlevel 235, fixes modeline issues * Tue Apr 17 2007 Karsten Hopp 7.0.224-3 - fix typo in require line (vim-X11 - 2:7.0.224-2.fc7.i386 requires 4) * Mon Apr 16 2007 Karsten Hopp 7.0.224-2 - use more macros - drop BR perl - move license to main doc directory - set vendor to 'fedora' (desktop-file) - don't own man directories - preserve timestamps of non-generated files - run update-desktop-database * Thu Apr 5 2007 Karsten Hopp 7.0.224-1 - vim-X11 provides gvim * Fri Mar 30 2007 Karsten Hopp 7.0.224-1 - patchlevel 224 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ ee8f8842dbf32465e0c88826fc61c2fa592987f9 SRPMS/vim-7.0.235-1.fc6.src.rpm ee8f8842dbf32465e0c88826fc61c2fa592987f9 noarch/vim-7.0.235-1.fc6.src.rpm 844c7446d9830cc7dcff17df894663806b03e8c2 ppc/vim-enhanced-7.0.235-1.fc6.ppc.rpm 11a0b358ba63eb79800ad2070721edfdcd840423 ppc/vim-X11-7.0.235-1.fc6.ppc.rpm 4a221fa84540f2e62e186343462b69e608fd1f35 ppc/vim-common-7.0.235-1.fc6.ppc.rpm 274b5bbaa99f646e81bb59ff15c985f3f40c79e1 ppc/vim-minimal-7.0.235-1.fc6.ppc.rpm 3d6b144ed7a827aab34d04098b5da13a75161a8a ppc/debug/vim-debuginfo-7.0.235-1.fc6.ppc.rpm 1e7dea697bccc50200b1acc73a8dcee7a807ced1 x86_64/debug/vim-debuginfo-7.0.235-1.fc6.x86_64.rpm 8067840792fffbeb2540b5ae26c63117faff31cb x86_64/vim-minimal-7.0.235-1.fc6.x86_64.rpm ad364dc860caf70aa930eccba61e691ff186e8ed x86_64/vim-enhanced-7.0.235-1.fc6.x86_64.rpm ff0e6fa4ce37439b3b20f6de53ade3199ece3f05 x86_64/vim-common-7.0.235-1.fc6.x86_64.rpm 014fe19cdf7cc2fda384e0132801945bc0ef7e2d x86_64/vim-X11-7.0.235-1.fc6.x86_64.rpm e267c82124c78dad73b2b68d336300249a36084d i386/vim-minimal-7.0.235-1.fc6.i386.rpm 64cec05bfa9dcc0f3ce1f31e7cb997207f6a35be i386/vim-common-7.0.235-1.fc6.i386.rpm ea9b3e07b6c8c907bb0a488f54f8329001468065 i386/vim-enhanced-7.0.235-1.fc6.i386.rpm d9b2d1c644a4280197f93d3d430d6eb0b6552156 i386/vim-X11-7.0.235-1.fc6.i386.rpm 51c29643ffd7c1fd24b3425e14edc35f9b46a178 i386/debug/vim-debuginfo-7.0.235-1.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From bnocera at redhat.com Tue May 8 02:22:50 2007 From: bnocera at redhat.com (Bastien Nocera) Date: Mon, 7 May 2007 22:22:50 -0400 Subject: Fedora Core 6 Update: gstreamer-plugins-base-0.10.11-1.fc6 Message-ID: <200705080222.l482MonH023264@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-476 2007-05-07 --------------------------------------------------------------------- Product : Fedora Core 6 Name : gstreamer-plugins-base Version : 0.10.11 Release : 1.fc6 Summary : GStreamer streaming media framework base plug-ins Description : GStreamer is a streaming media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plugin-based architecture means that new data types or processing capabilities can be added simply by installing new plug-ins. This package contains a set of well-maintained base plug-ins. --------------------------------------------------------------------- Update Information: - Fix "Totem crashes if i have a .txt file in the folder of the selected file" (#189643) --------------------------------------------------------------------- * Wed Jan 24 2007 Adam Jackson - Minor spec cleanups (#186550) * Tue Dec 12 2006 Matthias Clasen - 0.10.11-1 - Update to 0.10.11 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ d4795adc19b0b2daf358cd7f45d55a2e1d3e34c5 SRPMS/gstreamer-plugins-base-0.10.11-1.fc6.src.rpm d4795adc19b0b2daf358cd7f45d55a2e1d3e34c5 noarch/gstreamer-plugins-base-0.10.11-1.fc6.src.rpm 6eb0bb047f0cef2b369128c164c6235eabcf1b44 ppc/gstreamer-plugins-base-devel-0.10.11-1.fc6.ppc.rpm d4aad7e6f038aab638255f3da26ab9d8a8e4ac8b ppc/gstreamer-plugins-base-0.10.11-1.fc6.ppc.rpm 4a11b29b6a6a57dfdec407e0069b79245679300a ppc/debug/gstreamer-plugins-base-debuginfo-0.10.11-1.fc6.ppc.rpm a7c678eae88018d9e0b53a08dc10b51f4637225f x86_64/debug/gstreamer-plugins-base-debuginfo-0.10.11-1.fc6.x86_64.rpm e411a1998292b785d4977606c8997b7dede37eb5 x86_64/gstreamer-plugins-base-devel-0.10.11-1.fc6.x86_64.rpm 9ec32927c384977c36d15bde53f1671b397649f8 x86_64/gstreamer-plugins-base-0.10.11-1.fc6.x86_64.rpm 115ec86ca57db142d20955d81b200c797b75836f i386/gstreamer-plugins-base-devel-0.10.11-1.fc6.i386.rpm 2d44a2d5569e0b986dbc7305cb93b504c10bb3d9 i386/debug/gstreamer-plugins-base-debuginfo-0.10.11-1.fc6.i386.rpm 302b1c7bb11da9ca0847f2497354be85d2e21d7d i386/gstreamer-plugins-base-0.10.11-1.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From mbarnes at redhat.com Tue May 8 02:24:19 2007 From: mbarnes at redhat.com (Matthew Barnes) Date: Mon, 7 May 2007 22:24:19 -0400 Subject: [SECURITY] Fedora Core 5 Update: evolution-data-server-1.6.3-4.fc5 Message-ID: <200705080224.l482OJnt023512@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-485 2007-05-07 --------------------------------------------------------------------- Product : Fedora Core 5 Name : evolution-data-server Version : 1.6.3 Release : 4.fc5 Summary : Backend data server for evolution Description : The evolution-data-server package provides a unified backend for programs that work with contacts, tasks, and calendar information. It was originally developed for Evolution (hence the name), but is now used by other packages. --------------------------------------------------------------------- Update Information: This update fixes a security vulnerability in APOP authentication. This only affects POP mail accounts. --------------------------------------------------------------------- * Mon Apr 30 2007 Matthew Barnes - 1.6.3-4.fc5 - Revise patch for RH bug #235290 to not break string freeze. * Tue Apr 24 2007 Matthew Barnes - 1.6.3-3.fc5 - Add patch for RH bug #235290 (APOP authentication vulnerability). * Tue Mar 6 2007 Matthew Barnes - 1.6.3-2.fc5 - Add patch for GNOME bug #301363 (update timezones). * Thu Aug 3 2006 Matthew Barnes - 1.6.3-1.fc5.2 - Remove patches for Gnome.org bug #309079 (rejected upstream). - One of these patches was causing RH bug #167157. - No longer packaging unused patches. * Mon Jul 31 2006 Matthew Barnes - 1.6.3-1.fc5.1 - Update to 1.6.3 - Dynamically link to BDB. - Add Requires for db4 and BuildRequires for db4-devel. - Add missing Requires and BuildRequires from Rawhide. - Clean up spec file, renumber patches. * Tue May 30 2006 Matthew Barnes - 1.6.2-1.fc5.1 - Update to 1.6.2 - Remove evolution-data-server-1.3.5-nspr_fix.patch (fixed upstream). - Update evolution-data-server-1.2.0-validatehelo.patch and rename it to version 1.6.2. --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ 86bc29ee119ba6e33ae29a32bfab68fffab43a8b SRPMS/evolution-data-server-1.6.3-4.fc5.src.rpm 86bc29ee119ba6e33ae29a32bfab68fffab43a8b noarch/evolution-data-server-1.6.3-4.fc5.src.rpm 7800b2b7eb903fd2f0670206a6bea25078b512a5 ppc/evolution-data-server-1.6.3-4.fc5.ppc.rpm 30f8b9392a0ab767176ea15156e83557515499b0 ppc/evolution-data-server-devel-1.6.3-4.fc5.ppc.rpm 305e9d272d535ad6cc33089d897ed67dc20863fb ppc/debug/evolution-data-server-debuginfo-1.6.3-4.fc5.ppc.rpm fab7178ed139f106f4958315c7d38e55dedfb9d3 x86_64/evolution-data-server-1.6.3-4.fc5.x86_64.rpm 919ff414f030ba0d3c111c38c38ddfd5b0ba6024 x86_64/debug/evolution-data-server-debuginfo-1.6.3-4.fc5.x86_64.rpm 7c0c7b5c31967be82ea7fa9ceb92b2a65f057613 x86_64/evolution-data-server-devel-1.6.3-4.fc5.x86_64.rpm 03dd3f009993262c7676770e0d8848f922bb2630 i386/debug/evolution-data-server-debuginfo-1.6.3-4.fc5.i386.rpm ff64383dd1454eb17631d81f0e0d456b0ec8ebf4 i386/evolution-data-server-devel-1.6.3-4.fc5.i386.rpm 78c83b32e29deb2ff764464140b8c8bc4ca2970c i386/evolution-data-server-1.6.3-4.fc5.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From mbarnes at redhat.com Tue May 8 02:24:43 2007 From: mbarnes at redhat.com (Matthew Barnes) Date: Mon, 7 May 2007 22:24:43 -0400 Subject: [SECURITY] Fedora Core 6 Update: evolution-data-server-1.8.3-6.fc6 Message-ID: <200705080224.l482OhTe023567@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-484 2007-05-07 --------------------------------------------------------------------- Product : Fedora Core 6 Name : evolution-data-server Version : 1.8.3 Release : 6.fc6 Summary : Backend data server for Evolution Description : The evolution-data-server package provides a unified backend for programs that work with contacts, tasks, and calendar information. It was originally developed for Evolution (hence the name), but is now used by other packages. --------------------------------------------------------------------- Update Information: This update fixes a security vulnerability in APOP authentication. This only affects POP mail accounts. --------------------------------------------------------------------- * Mon Apr 30 2007 Matthew Barnes - 1.8.3-6.fc6 - Revise patch for RH bug #235290 to not break string freeze. * Tue Apr 24 2007 Matthew Barnes - 1.8.3-5.fc6 - Add patch for RH bug #235290 (APOP authentication vulnerability). --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ a4fec398ad6e36c04adc6db264b19587f11fe062 SRPMS/evolution-data-server-1.8.3-6.fc6.src.rpm a4fec398ad6e36c04adc6db264b19587f11fe062 noarch/evolution-data-server-1.8.3-6.fc6.src.rpm 0ddeb616d33d2ec503d99100843398c4230f97d9 ppc/evolution-data-server-1.8.3-6.fc6.ppc.rpm 14bd0fc568d275836df54b32a32853c05032a711 ppc/debug/evolution-data-server-debuginfo-1.8.3-6.fc6.ppc.rpm 0f9eefa8853dbdb03c5f9fca096b80376cd6e650 ppc/evolution-data-server-devel-1.8.3-6.fc6.ppc.rpm 117d78875939bf9aba27ca461195ef6bc9da9f06 x86_64/evolution-data-server-1.8.3-6.fc6.x86_64.rpm 85a7c24179c9df5383e305e9e2848028b0f8ca07 x86_64/evolution-data-server-devel-1.8.3-6.fc6.x86_64.rpm abd09339cf2b950cb4700eafc636f44fe93c3a35 x86_64/debug/evolution-data-server-debuginfo-1.8.3-6.fc6.x86_64.rpm f66889ddecf8ee036cac006dbb947c2005995d52 i386/evolution-data-server-devel-1.8.3-6.fc6.i386.rpm c71211822de68554b152b15b9d293dca589b5122 i386/evolution-data-server-1.8.3-6.fc6.i386.rpm 8524ac26ece7f70625352408ca63f366b6711726 i386/debug/evolution-data-server-debuginfo-1.8.3-6.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From tsmetana at redhat.com Tue May 8 02:26:10 2007 From: tsmetana at redhat.com (Tomas Smetana) Date: Mon, 7 May 2007 22:26:10 -0400 Subject: Fedora Core 6 Update: smartmontools-5.37-1.1.fc6 Message-ID: <200705080226.l482QAdW024169@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-474 2007-05-07 --------------------------------------------------------------------- Product : Fedora Core 6 Name : smartmontools Version : 5.37 Release : 1.1.fc6 Summary : Tools for monitoring SMART capable hard disks Description : The smartmontools package contains two utility programs (smartctl and smartd) to control and monitor storage systems using the Self- Monitoring, Analysis and Reporting Technology System (SMART) built into most modern ATA and SCSI hard disks. In many cases, these utilities will provide advanced warning of disk degradation and failure. --------------------------------------------------------------------- * Thu Apr 26 2007 Tomas Smetana - 1:5.37-1.1 - fix wrong version in changelog - rebuild * Wed Apr 25 2007 Tomas Smetana - 1:5.37-1 - new upstream version (#237399) - return correct value from init script (#237531) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ 3eab7040380945f9a8856490091f28646a37a2b2 SRPMS/smartmontools-5.37-1.1.fc6.src.rpm 3eab7040380945f9a8856490091f28646a37a2b2 noarch/smartmontools-5.37-1.1.fc6.src.rpm 1816eada8d106819261b3990aec01e3818bb49f0 ppc/smartmontools-5.37-1.1.fc6.ppc.rpm 99f730e868c2ab0d413d8ae19f6879cc7d25e01e ppc/debug/smartmontools-debuginfo-5.37-1.1.fc6.ppc.rpm bca7c24c0f701da10d0420c28f4134e303b4ec4d x86_64/debug/smartmontools-debuginfo-5.37-1.1.fc6.x86_64.rpm 2052783a6898465d5d4ad779b8a6b00bc686e590 x86_64/smartmontools-5.37-1.1.fc6.x86_64.rpm b473b14cf6ec91947a1255d6c40f2173c44d7910 i386/debug/smartmontools-debuginfo-5.37-1.1.fc6.i386.rpm e81ef226155e94629c8225dc9d805fede4ce1610 i386/smartmontools-5.37-1.1.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From dwalsh at redhat.com Tue May 8 02:27:41 2007 From: dwalsh at redhat.com (Daniel Walsh) Date: Mon, 7 May 2007 22:27:41 -0400 Subject: Fedora Core 6 Update: policycoreutils-1.34.1-9.fc6 Message-ID: <200705080227.l482RfTZ024549@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-479 2007-05-07 --------------------------------------------------------------------- Product : Fedora Core 6 Name : policycoreutils Version : 1.34.1 Release : 9.fc6 Summary : SELinux policy core utilities. Description : Security-enhanced Linux is a feature of the Linux?? kernel and a number of utilities with enhanced security functionality designed to add mandatory access controls to Linux. The Security-enhanced Linux kernel contains new architectural components originally developed to improve the security of the Flask operating system. These architectural components provide general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement??, Role-based Access Control, and Multi-level Security. policycoreutils contains the policy core utilities that are required for basic operation of a SELinux system. These utilities include load_policy to load policies, setfiles to label filesystems, newrole to switch roles, and run_init to run /etc/init.d scripts in the proper context. --------------------------------------------------------------------- * Fri Apr 27 2007 Dan Walsh 1.34.1-9 - Fixes for polgengui --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ ff20aeae619057e7d99002beaf9893cc7ccff7c0 SRPMS/policycoreutils-1.34.1-9.fc6.src.rpm ff20aeae619057e7d99002beaf9893cc7ccff7c0 noarch/policycoreutils-1.34.1-9.fc6.src.rpm 0a14d6e1b909df188364d3f212653d8eb89e0ac8 ppc/policycoreutils-1.34.1-9.fc6.ppc.rpm e8597e99b551323a8245b9b63d241d1dd61ee568 ppc/debug/policycoreutils-debuginfo-1.34.1-9.fc6.ppc.rpm 7644cfff3d041283de3e8a10505fd8e2787f1b62 ppc/policycoreutils-gui-1.34.1-9.fc6.ppc.rpm 886456c408bc73769a077f2c67228d832b2fe6f5 ppc/policycoreutils-newrole-1.34.1-9.fc6.ppc.rpm be031e236ef6e51b1c9a1f94e804e155e2957071 x86_64/policycoreutils-gui-1.34.1-9.fc6.x86_64.rpm c1af4d4b6742178eb1a2e200a3e220e0772dd3a6 x86_64/policycoreutils-1.34.1-9.fc6.x86_64.rpm 4cdcdcf51ac4698c36d9fc73dec107587693724f x86_64/debug/policycoreutils-debuginfo-1.34.1-9.fc6.x86_64.rpm 57e8c716e48ca05095b6895a85cd75507ee763a7 x86_64/policycoreutils-newrole-1.34.1-9.fc6.x86_64.rpm 971b3266358783306e64e3804dfad44dc7c143ef i386/policycoreutils-gui-1.34.1-9.fc6.i386.rpm 5d008960407c29e0d17d897ef536c767a8d84bb8 i386/debug/policycoreutils-debuginfo-1.34.1-9.fc6.i386.rpm 0f304d7c50fb8e5f5fba4fab5b5b186e3913034e i386/policycoreutils-1.34.1-9.fc6.i386.rpm f5e00c003622cca0a6f0e37943f072928f99680d i386/policycoreutils-newrole-1.34.1-9.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From twaugh at redhat.com Mon May 14 17:03:31 2007 From: twaugh at redhat.com (Tim Waugh) Date: Mon, 14 May 2007 13:03:31 -0400 Subject: Fedora Core 6 Update: foomatic-3.0.2-39.5.fc6 Message-ID: <200705141703.l4EH3VCQ011465@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-446 2007-05-14 --------------------------------------------------------------------- Product : Fedora Core 6 Name : foomatic Version : 3.0.2 Release : 39.5.fc6 Summary : Foomatic printer database. Description : Foomatic is a comprehensive, spooler-independent database of printers, printer drivers, and driver descriptions. It contains utilities to generate driver description files and printer queues for CUPS, LPD, LPRng, and PDQ using the database. There is also the possibility to read the PJL options out of PJL-capable laser printers and take them into account at the driver description file generation. There are spooler-independent command line interfaces to manipulate queues (foomatic-configure) and to print files/manipulate jobs (foomatic printjob). The site http://www.linuxprinting.org/ is based on this database. --------------------------------------------------------------------- Update Information: Bug fix update. --------------------------------------------------------------------- * Mon Apr 16 2007 Tim Waugh 3.0.2-39.5 - Fixed %prep (bug #208851). --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ b7ecc2d3c7673f7a9d628a423f1439ae380bfc32 SRPMS/foomatic-3.0.2-39.5.fc6.src.rpm b7ecc2d3c7673f7a9d628a423f1439ae380bfc32 noarch/foomatic-3.0.2-39.5.fc6.src.rpm 1fa520b66e6c533c5b9cb6300b0413db189946f3 ppc/debug/foomatic-debuginfo-3.0.2-39.5.fc6.ppc.rpm 3b584eadc445cd2fb7e2575d99a1a81433bb306a ppc/foomatic-3.0.2-39.5.fc6.ppc.rpm 074544e2e02d627d1c40416a9fab50aa0496696f x86_64/debug/foomatic-debuginfo-3.0.2-39.5.fc6.x86_64.rpm fc7d65e94f697ad99fec722c73f98617a68ce96a x86_64/foomatic-3.0.2-39.5.fc6.x86_64.rpm 9f0d50b2890456a0b0768364f3ce5f5ce0b26b01 i386/foomatic-3.0.2-39.5.fc6.i386.rpm e2a151052e3346ba08c07c9d435b43827a3053c0 i386/debug/foomatic-debuginfo-3.0.2-39.5.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From twoerner at redhat.com Mon May 14 17:05:44 2007 From: twoerner at redhat.com (Thomas Woerner) Date: Mon, 14 May 2007 13:05:44 -0400 Subject: Fedora Core 5 Update: SDL-1.2.9-6 Message-ID: <200705141705.l4EH5iW8012521@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-498 2007-05-14 --------------------------------------------------------------------- Product : Fedora Core 5 Name : SDL Version : 1.2.9 Release : 6 Summary : A cross-platform multimedia library. Description : Simple DirectMedia Layer (SDL) is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. --------------------------------------------------------------------- * Mon May 7 2007 Thomas Woerner 1.2.9-6 - added missing (build) requires for GL and GLU --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ 5ee8a976a6b85e553b120961e17386fcefefbe62 SRPMS/SDL-1.2.9-6.src.rpm 5ee8a976a6b85e553b120961e17386fcefefbe62 noarch/SDL-1.2.9-6.src.rpm 1891144654095a2d41781cd9c9c980bad6fd24fe ppc/SDL-1.2.9-6.ppc.rpm 4aaeba9dd971fb354f374bb8dae91cc8596f5981 ppc/debug/SDL-debuginfo-1.2.9-6.ppc.rpm 69d383159e77e45658e5bb05fe12f1484eeb64e4 ppc/SDL-devel-1.2.9-6.ppc.rpm 2d6f2bbb4ae90627e5c5eaa442662d6ca7f5a981 x86_64/debug/SDL-debuginfo-1.2.9-6.x86_64.rpm db6295a959108281b99935a14434ebe5d083b310 x86_64/SDL-1.2.9-6.x86_64.rpm 7a0dd84a45472992fef07488225b4f39b9c11d92 x86_64/SDL-devel-1.2.9-6.x86_64.rpm b3130d46b013400f3882df0c6eb9e57afaf82b19 i386/SDL-devel-1.2.9-6.i386.rpm 2dd38a584ff78909758a2920c79e20953c2c0715 i386/debug/SDL-debuginfo-1.2.9-6.i386.rpm 6dfef7401ab7f684271f39b7088df5df9c2f050a i386/SDL-1.2.9-6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From twoerner at redhat.com Mon May 14 17:06:05 2007 From: twoerner at redhat.com (Thomas Woerner) Date: Mon, 14 May 2007 13:06:05 -0400 Subject: [SECURITY] Fedora Core 6 Update: freeradius-1.1.3-2.fc6 Message-ID: <200705141706.l4EH65Uv012634@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-499 2007-05-14 --------------------------------------------------------------------- Product : Fedora Core 6 Name : freeradius Version : 1.1.3 Release : 2.fc6 Summary : High-performance and highly configurable free RADIUS server. Description : The FreeRADIUS Server Project is a high performance and highly configurable GPL'd free RADIUS server. The server is similar in some respects to Livingston's 2.0 server. While FreeRADIUS started as a variant of the Cistron RADIUS server, they don't share a lot in common any more. It now has many more features than Cistron or Livingston, and is much more configurable. FreeRADIUS is an Internet authentication daemon, which implements the RADIUS protocol, as defined in RFC 2865 (and others). It allows Network Access Servers (NAS boxes) to perform authentication for dial-up users. There are also RADIUS clients available for Web servers, firewalls, Unix logins, and more. Using RADIUS allows authentication and authorization for a network to be centralized, and minimizes the amount of re-configuration which has to be done when adding or deleting new users. --------------------------------------------------------------------- * Wed May 9 2007 Thomas Woerner 1.1.3-2.fc6 - fixed CVE-2007-2028: EAP-TTLS denial of service Resolves: rhbz#236248 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ b87ac2c3b9a0d2f81b0e0e175d7101ec63b1bb52 SRPMS/freeradius-1.1.3-2.fc6.src.rpm b87ac2c3b9a0d2f81b0e0e175d7101ec63b1bb52 noarch/freeradius-1.1.3-2.fc6.src.rpm 47be4294154bd87144c4773578d2e0052f29b878 ppc/freeradius-unixODBC-1.1.3-2.fc6.ppc.rpm b6ee3f5de204018e0ac5cd39494b11e6991a5aa1 ppc/freeradius-postgresql-1.1.3-2.fc6.ppc.rpm 7ef80da9c6deff16c248925e49e025ac5ba41b11 ppc/freeradius-1.1.3-2.fc6.ppc.rpm 77b469194a0dbd4d8887c3d096c339cdf2000268 ppc/debug/freeradius-debuginfo-1.1.3-2.fc6.ppc.rpm 5db96b453840969eec62965ef3e76413b8167722 ppc/freeradius-mysql-1.1.3-2.fc6.ppc.rpm 806e235238f224f34862266163ddfd788b6fc583 x86_64/freeradius-postgresql-1.1.3-2.fc6.x86_64.rpm 9e843478ff4462219f561e4c60623d92d167774c x86_64/debug/freeradius-debuginfo-1.1.3-2.fc6.x86_64.rpm 93709eae31be07b2aa6954083d4c8cf970332be8 x86_64/freeradius-1.1.3-2.fc6.x86_64.rpm f49c756c55611e4abe61e5ed67418ad36108e588 x86_64/freeradius-unixODBC-1.1.3-2.fc6.x86_64.rpm 8dbd144559ff0cbe1383d3ed8faba7ab696a3877 x86_64/freeradius-mysql-1.1.3-2.fc6.x86_64.rpm 5536a3e6767c7d1cba2b4175505ee7effb25e56e i386/freeradius-1.1.3-2.fc6.i386.rpm 1e23a511f1c8890b7628f9ebbcecee115ff72f20 i386/debug/freeradius-debuginfo-1.1.3-2.fc6.i386.rpm d54f5a38febba939593ced790efc141a0a17f186 i386/freeradius-mysql-1.1.3-2.fc6.i386.rpm f977db80845dd6d854518b170c1b7ce342b96a10 i386/freeradius-postgresql-1.1.3-2.fc6.i386.rpm 2440622a196e0b6a50d6d625e8525046850f30e2 i386/freeradius-unixODBC-1.1.3-2.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From stransky at redhat.com Mon May 14 17:07:44 2007 From: stransky at redhat.com (Martin Stransky) Date: Mon, 14 May 2007 13:07:44 -0400 Subject: Fedora Core 6 Update: firefox-1.5.0.10-6.fc6 Message-ID: <200705141707.l4EH7iRQ013140@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-500 2007-05-14 --------------------------------------------------------------------- Product : Fedora Core 6 Name : firefox Version : 1.5.0.10 Release : 6.fc6 Summary : Mozilla Firefox Web browser. Description : Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. --------------------------------------------------------------------- * Thu May 10 2007 Martin Stransky 1.5.0.10-6 - Fixed epiphany crash (rhbz#238770, mozbz#379550) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ 74d9ba48afc95786d3cc8f7be0f38dc2017f7161 SRPMS/firefox-1.5.0.10-6.fc6.src.rpm 74d9ba48afc95786d3cc8f7be0f38dc2017f7161 noarch/firefox-1.5.0.10-6.fc6.src.rpm b1ed0dc4d481d2f70b2fba9cd08235cbc23b2f9a ppc/firefox-devel-1.5.0.10-6.fc6.ppc.rpm 9adfd244e4e6c5d89e2cbf8d4214353072793e7c ppc/firefox-1.5.0.10-6.fc6.ppc.rpm c904a362c57c2a1f6e6e768403260dabf397f71e ppc/debug/firefox-debuginfo-1.5.0.10-6.fc6.ppc.rpm 85e9ab3493c204aefd2d018bcb00155f2bac530e x86_64/firefox-devel-1.5.0.10-6.fc6.x86_64.rpm 1c16bcefa13c18ab0a5969969ed3aa024efaa87e x86_64/firefox-1.5.0.10-6.fc6.x86_64.rpm 6ed46c06768cd4baae4c055691364b73d02f63f3 x86_64/debug/firefox-debuginfo-1.5.0.10-6.fc6.x86_64.rpm 7534c84020730f2c0a5f13a55d43763972e3cbb6 i386/firefox-devel-1.5.0.10-6.fc6.i386.rpm 74158b64c8274793a3d4c2486ece1f73211b4d8d i386/firefox-1.5.0.10-6.fc6.i386.rpm 94de18cc289e8b712aa7348872ac33f08ec3b34a i386/debug/firefox-debuginfo-1.5.0.10-6.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From steved at redhat.com Mon May 14 17:10:16 2007 From: steved at redhat.com (Steve Dickson) Date: Mon, 14 May 2007 13:10:16 -0400 Subject: Fedora Core 6 Update: ypbind-1.19-7.fc6 Message-ID: <200705141710.l4EHAG8n014255@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-502 2007-05-14 --------------------------------------------------------------------- Product : Fedora Core 6 Name : ypbind Version : 1.19 Release : 7.fc6 Summary : The NIS daemon which binds NIS clients to an NIS domain. Description : The Network Information Service (NIS) is a system that provides network information (login names, passwords, home directories, group information) to all of the machines on a network. NIS can allow users to log in on any machine on the network, as long as the machine has the NIS client programs running and the user's password is recorded in the NIS passwd database. NIS was formerly known as Sun Yellow Pages (YP). This package provides the ypbind daemon. The ypbind daemon binds NIS clients to an NIS domain. Ypbind must be running on any machines running NIS client programs. Install the ypbind package on any machines running NIS client programs (included in the yp-tools package). If you need an NIS server, you also need to install the ypserv package to a machine on your network. --------------------------------------------------------------------- * Thu May 10 2007 Steve Dickson - 3:1.19-7 - Fixed typo in init script (bz 233459) - Changed init script to look in /etc/yp.conf for the domain name when not already set. (bz 113386) - Reworked init script to eliminate unreasonable hangs when ypbind cannot bind to nis server. (bz 112770) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ edf96ff70124bc298410e9a78765c52980c41fca SRPMS/ypbind-1.19-7.fc6.src.rpm edf96ff70124bc298410e9a78765c52980c41fca noarch/ypbind-1.19-7.fc6.src.rpm f11e14972581815d45cdebeae306e92a511015c0 ppc/ypbind-1.19-7.fc6.ppc.rpm 7e0ee1f6617d079b2ae9e0f206d03936f05bcb44 ppc/debug/ypbind-debuginfo-1.19-7.fc6.ppc.rpm 5dff74fa28901082e152823433f725f6c14b8437 x86_64/debug/ypbind-debuginfo-1.19-7.fc6.x86_64.rpm fa2c3e612e6e176d24c44dcd60ed80eed5d03ff5 x86_64/ypbind-1.19-7.fc6.x86_64.rpm 4e4584b7229459b7096f136ff15eb1fc31a3ec46 i386/debug/ypbind-debuginfo-1.19-7.fc6.i386.rpm 3cf3340966420d922887491f9fedf4c877d867f4 i386/ypbind-1.19-7.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From jorton at redhat.com Mon May 14 17:11:53 2007 From: jorton at redhat.com (Joe Orton) Date: Mon, 14 May 2007 13:11:53 -0400 Subject: [SECURITY] Fedora Core 6 Update: php-5.1.6-3.6.fc6 Message-ID: <200705141711.l4EHBrAk014829@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-503 2007-05-14 --------------------------------------------------------------------- Product : Fedora Core 6 Name : php Version : 5.1.6 Release : 3.6.fc6 Summary : The PHP HTML-embedded scripting language. (PHP: Hypertext Preprocessor) Description : PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The php package contains the module which adds support for the PHP language to Apache HTTP Server. --------------------------------------------------------------------- Update Information: This update fixes a number of security issues in PHP. A heap buffer overflow flaw was found in the PHP 'xmlrpc' extension. A PHP script which implements an XML-RPC server using this extension could allow a remote attacker to execute arbitrary code as the 'apache' user. Note that this flaw does not affect PHP applications using the pure-PHP XML_RPC class provided in /usr/share/pear. (CVE-2007-1864) A flaw was found in the PHP 'ftp' extension. If a PHP script used this extension to provide access to a private FTP server, and passed untrusted script input directly to any function provided by this extension, a remote attacker would be able to send arbitrary FTP commands to the server. (CVE-2007-2509) A buffer overflow flaw was found in the PHP 'soap' extension, regarding the handling of an HTTP redirect response when using the SOAP client provided by this extension with an untrusted SOAP server. No mechanism to trigger this flaw remotely is known. (CVE-2007-2510) --------------------------------------------------------------------- * Wed May 9 2007 Joe Orton 5.1.6-3.6.fc6 - add security fixes for CVE-2007-1864, CVE-2007-2509, CVE-2007-2510 (#235016) - add README.FastCGI to -cli subpackage (#236555) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ 025c738382f6f1ede22904ae13bd532bd1d4883a SRPMS/php-5.1.6-3.6.fc6.src.rpm 025c738382f6f1ede22904ae13bd532bd1d4883a noarch/php-5.1.6-3.6.fc6.src.rpm 6639a47dfd79e3953a4cc141b0c82ddc2b0714eb ppc/php-mysql-5.1.6-3.6.fc6.ppc.rpm 5daffc576883dfaa66e902b2a360175899b8f8c0 ppc/php-common-5.1.6-3.6.fc6.ppc.rpm 275cc10496aeb272100b89952268002e118a76b5 ppc/php-dba-5.1.6-3.6.fc6.ppc.rpm 0a47a09be3b0be8f693f807400d0a74ffa89c2a0 ppc/php-mbstring-5.1.6-3.6.fc6.ppc.rpm 7d62260422678e595c226e31d02f06bdb87a507f ppc/php-odbc-5.1.6-3.6.fc6.ppc.rpm 7906fabf744a8d9477aaa8dc3a6ca02eeb5c2ef6 ppc/php-xml-5.1.6-3.6.fc6.ppc.rpm 1ebc07839be9a2cdd04cedbdd927a295e674eee3 ppc/php-ldap-5.1.6-3.6.fc6.ppc.rpm aff32372a66f1b6cd24471df378ca16c10728f7a ppc/php-pdo-5.1.6-3.6.fc6.ppc.rpm 0dd91b0c21b9fa4fd0cb2f3b8cbb6c4fe96704a2 ppc/php-cli-5.1.6-3.6.fc6.ppc.rpm fa90930a9c67a3756acb2f7dfad43b0c75e5c37d ppc/php-bcmath-5.1.6-3.6.fc6.ppc.rpm 5d85b54f9c0c29b1afce18a3230161b3c749b7c3 ppc/php-xmlrpc-5.1.6-3.6.fc6.ppc.rpm e17cc525e2febe8aff7f00fd012c4552c9af2338 ppc/php-soap-5.1.6-3.6.fc6.ppc.rpm d2c3b18f00437f63220afcf3cddcccda79e43a92 ppc/php-ncurses-5.1.6-3.6.fc6.ppc.rpm 78bcd56e059cf23112c484ce0a7295cd9ce8c2df ppc/php-imap-5.1.6-3.6.fc6.ppc.rpm 83502b3ee4ec92d9071653713d53b574bd483673 ppc/php-pgsql-5.1.6-3.6.fc6.ppc.rpm b4486a2d7f429602bf62df9ae3be431ce4cf2993 ppc/php-gd-5.1.6-3.6.fc6.ppc.rpm ab27e14e22be9f60aa5a6c12d26764b6f5576b40 ppc/php-5.1.6-3.6.fc6.ppc.rpm 365b2eff5d76472fd8fc0377439516cbda9b2c0b ppc/debug/php-debuginfo-5.1.6-3.6.fc6.ppc.rpm 646ec0be7c5dbf36f3e98a5f71d88134d08f6a4f ppc/php-devel-5.1.6-3.6.fc6.ppc.rpm 000dfbe6c080ce0ca757e05b8384b1439da0bdf7 ppc/php-snmp-5.1.6-3.6.fc6.ppc.rpm 99fa48c00b8957848f0be19a740128287ad28a9a x86_64/php-mysql-5.1.6-3.6.fc6.x86_64.rpm e51d0f7620a3a077680637bff72151efbda7fc7d x86_64/php-pdo-5.1.6-3.6.fc6.x86_64.rpm 3d94b55e57d3884303090384319a2b2a6dbb87f5 x86_64/php-imap-5.1.6-3.6.fc6.x86_64.rpm eaa5dc9566c805672076f7ee99eda7527a2fa81d x86_64/php-devel-5.1.6-3.6.fc6.x86_64.rpm e868c68203474032791eef1ec60efc355c8a35dc x86_64/php-pgsql-5.1.6-3.6.fc6.x86_64.rpm 5ee65d504fbfe508bae88e1cd5d53ca2e861dc79 x86_64/php-odbc-5.1.6-3.6.fc6.x86_64.rpm 86b255e7ba2860728b36b02f519f70528c61ee67 x86_64/debug/php-debuginfo-5.1.6-3.6.fc6.x86_64.rpm 17956ed917566a550c31eb99e868f40cda2742b7 x86_64/php-gd-5.1.6-3.6.fc6.x86_64.rpm 79341e6bc0b70c2b2d417c5ba69589d521f8cc82 x86_64/php-soap-5.1.6-3.6.fc6.x86_64.rpm 05c0f6da52c9d79d716cccf62d5f0c32877119b9 x86_64/php-cli-5.1.6-3.6.fc6.x86_64.rpm b1968843b5906ee7c87db88cd5e5687dd0f6954c x86_64/php-dba-5.1.6-3.6.fc6.x86_64.rpm 5e067abee811e071f627d9e817defdf87d4fac24 x86_64/php-bcmath-5.1.6-3.6.fc6.x86_64.rpm c407ba010219e485ac08b1641b4fa3e670b2be86 x86_64/php-xmlrpc-5.1.6-3.6.fc6.x86_64.rpm 7d85318b2fc4bcc80f59292ddad5c84952c335a9 x86_64/php-ncurses-5.1.6-3.6.fc6.x86_64.rpm a195364ed05efdd090c630fe9c31b5512e60723b x86_64/php-snmp-5.1.6-3.6.fc6.x86_64.rpm 1b1b505ceed75bc1088eb543b976e4b741c06c53 x86_64/php-ldap-5.1.6-3.6.fc6.x86_64.rpm 0ae538a20ab854d6939d5c866ef461357b3ea429 x86_64/php-mbstring-5.1.6-3.6.fc6.x86_64.rpm dd98183718043e8954ea0caf5824874d9f565452 x86_64/php-common-5.1.6-3.6.fc6.x86_64.rpm db87c758dec5768839d24929666e3002ec402ed2 x86_64/php-5.1.6-3.6.fc6.x86_64.rpm d1bcdfdc4829dad5fbd5e368fd5e2c3f4bac924a x86_64/php-xml-5.1.6-3.6.fc6.x86_64.rpm 4221bd8ad5f9eeb919cbcab8610b683ccc267652 i386/php-imap-5.1.6-3.6.fc6.i386.rpm 28e43258ea27104ece07f406f150fe12b4cc5d25 i386/php-snmp-5.1.6-3.6.fc6.i386.rpm edc8329aebf6f3a21228d336b63e36310b2a3216 i386/php-common-5.1.6-3.6.fc6.i386.rpm 43cee34fd3796f235f7592e2e18fb58520c15a5d i386/php-xmlrpc-5.1.6-3.6.fc6.i386.rpm e7bef5c9d67f4dfafd4f546ac0c3da81a6310958 i386/php-xml-5.1.6-3.6.fc6.i386.rpm 3030d7c005509f9c26ad8904bc38ed0ea462204c i386/php-mysql-5.1.6-3.6.fc6.i386.rpm 6a70f36a5405691931fe47284055b32638b38025 i386/php-dba-5.1.6-3.6.fc6.i386.rpm f862dfd87d4c093973c84adc0c657e843c310889 i386/php-ncurses-5.1.6-3.6.fc6.i386.rpm 2de47b3f6ff2de50ce15d7906fc8295127305f1f i386/php-gd-5.1.6-3.6.fc6.i386.rpm 24739795c8f6f8711550e3596228eb4ffa8447b9 i386/php-devel-5.1.6-3.6.fc6.i386.rpm 32f0edfc011a12f43bf1f0e0f5c43a921df36a48 i386/php-5.1.6-3.6.fc6.i386.rpm 9e78d97bb36a1ad342b7e50fdff57350571e53a6 i386/php-mbstring-5.1.6-3.6.fc6.i386.rpm 95ee47c8ddd4e320a0271cd4036caf5befbefc1b i386/php-odbc-5.1.6-3.6.fc6.i386.rpm 96459f3dbc08507e742f7549d9c79ffd9f68802c i386/php-pgsql-5.1.6-3.6.fc6.i386.rpm b9b5b88f4e0f1f383152e92609d291a7f889362c i386/php-cli-5.1.6-3.6.fc6.i386.rpm 16d1d49c871f501c7ab94dea03abfb2a7b3a2d44 i386/php-bcmath-5.1.6-3.6.fc6.i386.rpm 4272095a7a88337ad1bd99f2fc513c9dea2fbc5a i386/php-pdo-5.1.6-3.6.fc6.i386.rpm fc84a09cd9fd46ea308b35f2c429d4b950f767c6 i386/debug/php-debuginfo-5.1.6-3.6.fc6.i386.rpm e89eff0339fb72a8a44f2aaa917739a3002d3c3b i386/php-ldap-5.1.6-3.6.fc6.i386.rpm 32770eea8b45127aab2bcb7d9941666622e35800 i386/php-soap-5.1.6-3.6.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From tsmetana at redhat.com Mon May 14 17:13:34 2007 From: tsmetana at redhat.com (Tomas Smetana) Date: Mon, 14 May 2007 13:13:34 -0400 Subject: Fedora Core 5 Update: procps-3.2.7-2.fc5 Message-ID: <200705141713.l4EHDY1k015310@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-494 2007-05-14 --------------------------------------------------------------------- Product : Fedora Core 5 Name : procps Version : 3.2.7 Release : 2.fc5 Summary : System and process monitoring utilities. Description : The procps package contains a set of system utilities that provide system information. Procps includes ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch and pdwx. The ps command displays a snapshot of running processes. The top command provides a repetitive update of the statuses of running processes. The free command displays the amounts of free and used memory on your system. The skill command sends a terminate command (or another specified signal) to a specified set of processes. The snice command is used to change the scheduling priority of specified processes. The tload command prints a graph of the current system load average to a specified tty. The uptime command displays the current time, how long the system has been running, how many users are logged on, and system load averages for the past one, five, and fifteen minutes. The w command displays a list of the users who are currently logged on and what they are running. The watch program watches a running program. The vmstat command displays virtual memory statistics about processes, memory, paging, block I/O, traps, and CPU activity. The pwdx command reports the current working directory of a process or processes. --------------------------------------------------------------------- * Fri May 4 2007 Tomas Smetana 3.2.7-2 - fix #208217 - ps does not accept '+' in sort specifier * Mon Apr 30 2007 Tomas Smetana 3.2.7-1 - new upstream version - remove unused patches * Mon Jul 10 2006 Karel Zak 3.2.6-3.5 - fix bugs in cpu steal time patch --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ 5013ede4a194d0f8e1d429ee63e6475f3d0e39c4 SRPMS/procps-3.2.7-2.fc5.src.rpm 5013ede4a194d0f8e1d429ee63e6475f3d0e39c4 noarch/procps-3.2.7-2.fc5.src.rpm 3b71a7afa822707f9b1c92f2e31e5fa58ce2104a ppc/debug/procps-debuginfo-3.2.7-2.fc5.ppc.rpm 8c1ee88a4a70287649cdf9ca65e00bcfe9664e50 ppc/procps-3.2.7-2.fc5.ppc.rpm 28fbc478992cbac65b98e9684abcce298ce4a126 x86_64/procps-3.2.7-2.fc5.x86_64.rpm d3f037f861a9f5927ad7d7cdb37559fb208fe2a2 x86_64/debug/procps-debuginfo-3.2.7-2.fc5.x86_64.rpm 832cca909a918f87cfb85a49e3ea3ef5d5fb7458 i386/debug/procps-debuginfo-3.2.7-2.fc5.i386.rpm f0c71f1077b7d84a54f703a0093fecb60378ccec i386/procps-3.2.7-2.fc5.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From tsmetana at redhat.com Mon May 14 17:13:55 2007 From: tsmetana at redhat.com (Tomas Smetana) Date: Mon, 14 May 2007 13:13:55 -0400 Subject: Fedora Core 6 Update: procps-3.2.7-10.fc6 Message-ID: <200705141713.l4EHDt25015479@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-495 2007-05-14 --------------------------------------------------------------------- Product : Fedora Core 6 Name : procps Version : 3.2.7 Release : 10.fc6 Summary : System and process monitoring utilities. Description : The procps package contains a set of system utilities that provide system information. Procps includes ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch and pdwx. The ps command displays a snapshot of running processes. The top command provides a repetitive update of the statuses of running processes. The free command displays the amounts of free and used memory on your system. The skill command sends a terminate command (or another specified signal) to a specified set of processes. The snice command is used to change the scheduling priority of specified processes. The tload command prints a graph of the current system load average to a specified tty. The uptime command displays the current time, how long the system has been running, how many users are logged on, and system load averages for the past one, five, and fifteen minutes. The w command displays a list of the users who are currently logged on and what they are running. The watch program watches a running program. The vmstat command displays virtual memory statistics about processes, memory, paging, block I/O, traps, and CPU activity. The pwdx command reports the current working directory of a process or processes. --------------------------------------------------------------------- * Fri May 4 2007 Tomas Smetana 3.2.7-10 - fix #208217 - ps does not accept '+' in sort specifier * Thu Apr 26 2007 Tomas Smetana 3.2.7-9 - fix #183029 - watch ignores multibyte characters - fix #222251 - STIME column can jitter - fix array overflow in sysctl --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ acc7b0eacaeb1eadbe1a4a98f5bd5ad169070e65 SRPMS/procps-3.2.7-10.fc6.src.rpm acc7b0eacaeb1eadbe1a4a98f5bd5ad169070e65 noarch/procps-3.2.7-10.fc6.src.rpm e8bb90bd1f1405aa8be4100513244c128a1a69ba ppc/procps-3.2.7-10.fc6.ppc.rpm 4f106f4535bc7cea155323b6b68afbc4e98c8227 ppc/debug/procps-debuginfo-3.2.7-10.fc6.ppc.rpm a78fd773e07509dd3f71669fe65b4244ec23cfb0 x86_64/procps-3.2.7-10.fc6.x86_64.rpm 4dd6397b6a8fbe26a5294e20930d4b52f87fb8da x86_64/debug/procps-debuginfo-3.2.7-10.fc6.x86_64.rpm dde4d542fab2fc97a4ee01af0314b89ddd84ece2 i386/debug/procps-debuginfo-3.2.7-10.fc6.i386.rpm 0837ecd9bdb8731a70cfbc7bdaef3e92cde84ec5 i386/procps-3.2.7-10.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From jsafrane at redhat.com Mon May 14 17:15:25 2007 From: jsafrane at redhat.com (Jan Safranek) Date: Mon, 14 May 2007 13:15:25 -0400 Subject: Fedora Core 6 Update: openldap-2.3.30-2.fc6 Message-ID: <200705141715.l4EHFPJ5016255@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-467 2007-05-14 --------------------------------------------------------------------- Product : Fedora Core 6 Name : openldap Version : 2.3.30 Release : 2.fc6 Summary : The configuration files, libraries, and documentation for OpenLDAP Description : OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. LDAP is a set of protocols for accessing directory services (usually phone book style information, but other information is possible) over the Internet, similar to the way DNS (Domain Name System) information is propagated over the Internet. The openldap package contains configuration files, libraries, and documentation for OpenLDAP. --------------------------------------------------------------------- * Mon Apr 23 2007 Jan Safranek 2.3.30-2.fc6 - Finally fix the upgrade logic, so that upgrades from 2.3.30 to newer versions will work. Note that upgrades *to* 2.3.30 will have to be done carefully, because the half of the upgrade logic in the 2.3.27-4 rpms is broken, and will mess up the upgrade. (bz#230959) - slapadd during package update is now quiet (bz#224581) - use _localstatedir instead of var/ during build (bz#220970) - bind-libbind-devel removed from BuildRequires (bz#216851) - slaptest is now quiet during service ldap start, if there is no error/warning (bz#143697) * Tue Nov 28 2006 Jay Fenlason 2.3.30-1.fc6.1 - Fix the upgrade logic, so that upgrades from 2.3.30 to newer versions won't leave junk in /var/lib/ldap if it was empty, and correctly generates/uses the upgrade.ldif file otherwise. Note that upgrades *to* 2.3.30 will have to be done carefully, because the half of the upgrade logic in the 2.3.27-4 rpms is broken, and will mess up the upgrade. - Add more database file types to check for in ldap.init * Thu Nov 16 2006 Jay Fenlason 2.3.30-1.fc6 - New upstream version (bz#211045, bz#209496, bz#205827) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ fc05acfb81623e41633548b7d9c8448dc4850e53 SRPMS/openldap-2.3.30-2.fc6.src.rpm fc05acfb81623e41633548b7d9c8448dc4850e53 noarch/openldap-2.3.30-2.fc6.src.rpm aa7b6953ac8ca5ede2ab3d09b4c566a44d8addc2 ppc/openldap-devel-2.3.30-2.fc6.ppc.rpm f4273c867f64f1d606816a07b09d3f1202570c2d ppc/openldap-servers-2.3.30-2.fc6.ppc.rpm d56ca39a5ca9082769bf480946a36f3b9ece4c39 ppc/openldap-2.3.30-2.fc6.ppc.rpm ce2af8714fd8fd2e002cf7c293d64a751b20782a ppc/compat-openldap-2.3.30_2.2.29-2.fc6.ppc.rpm cd1d49df491b667b9090dbd79f0ecf308c26ab90 ppc/debug/openldap-debuginfo-2.3.30-2.fc6.ppc.rpm 8c3d0fc136ec44b00347504dd8ebb5d30dd3fc7e ppc/openldap-servers-sql-2.3.30-2.fc6.ppc.rpm f4631beb324ac47cba9d1516e75e1e1871d9113d ppc/openldap-clients-2.3.30-2.fc6.ppc.rpm 0e7678821eddced0e83766c3a286959b2822f811 x86_64/openldap-2.3.30-2.fc6.x86_64.rpm b47c31d8b3518b79635f83af5eaed5cea455cc3a x86_64/openldap-clients-2.3.30-2.fc6.x86_64.rpm db707d2b4bbfd3accec598cc725db510f072c656 x86_64/openldap-servers-sql-2.3.30-2.fc6.x86_64.rpm 7ad0b9e1e15fd1a5e91aa8b82136dd4e8ecc2897 x86_64/compat-openldap-2.3.30_2.2.29-2.fc6.x86_64.rpm 6da0226dc658454205e8c01919484654f5b92e47 x86_64/debug/openldap-debuginfo-2.3.30-2.fc6.x86_64.rpm a88328e919803526dcc3f52f4eaf3761b1e3b065 x86_64/openldap-devel-2.3.30-2.fc6.x86_64.rpm cd2b5e128ca948cf4570ba64ed2fafeebd50edd7 x86_64/openldap-servers-2.3.30-2.fc6.x86_64.rpm 2d074c07987e54fa7c6bf1323d25ef4dadaba8d0 i386/openldap-2.3.30-2.fc6.i386.rpm 3b61697606f700f2adb02487f0d00ee0ab27b861 i386/openldap-servers-sql-2.3.30-2.fc6.i386.rpm 1c3e2ba65cd4c700a62aebe865a772a2e99edd83 i386/debug/openldap-debuginfo-2.3.30-2.fc6.i386.rpm 2303ec11374a0e2c7a6b5d3635fe9738be474b23 i386/compat-openldap-2.3.30_2.2.29-2.fc6.i386.rpm 4ca60270b66bc423c47e28424bf2765d7cece2c8 i386/openldap-servers-2.3.30-2.fc6.i386.rpm 2c828c7b1a7ffb18ca03948f5792a332cd2df122 i386/openldap-devel-2.3.30-2.fc6.i386.rpm 97615e6fbc9f8bf5f93d12755cce2c163310fbcb i386/openldap-clients-2.3.30-2.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From jsafrane at redhat.com Mon May 14 17:17:19 2007 From: jsafrane at redhat.com (Jan Safranek) Date: Mon, 14 May 2007 13:17:19 -0400 Subject: Fedora Core 5 Update: openldap-2.3.30-2.fc5 Message-ID: <200705141717.l4EHHJ7g017048@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-468 2007-05-14 --------------------------------------------------------------------- Product : Fedora Core 5 Name : openldap Version : 2.3.30 Release : 2.fc5 Summary : The configuration files, libraries, and documentation for OpenLDAP Description : OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. LDAP is a set of protocols for accessing directory services (usually phone book style information, but other information is possible) over the Internet, similar to the way DNS (Domain Name System) information is propagated over the Internet. The openldap package contains configuration files, libraries, and documentation for OpenLDAP. --------------------------------------------------------------------- * Mon Apr 23 2007 Jan Safranek 2.3.30-2.fc5 - Finally fix the upgrade logic, so that upgrades from 2.3.30 to newer versions will work. Note that upgrades *to* 2.3.30 will have to be done carefully, because the half of the upgrade logic in the 2.3.27-4 rpms is broken, and will mess up the upgrade. (bz#230959) - slapadd during package update is now quiet (bz#224581) - use _localstatedir instead of var/ during build (bz#220970) - bind-libbind-devel removed from BuildRequires (bz#216851) - slaptest is now quiet during service ldap start, if there is no error/warning (bz#143697) * Fri Nov 17 2006 Jay Fenlason 2.3.30-1.fc5 - New upstream release - Backport fixes from rawhide for bz#185821: adding slapd_multimaster to the configure options bz#190383: openldap 2.3 packages contain the administrator's guide for 2.2 bz#204593: service ldap fails after having added entries to ldap bz#199322: RFE: perform cleanup in ldap.init bz#211045: permissions of ldapi socket need to be world-writable bz#209496: openldap-server syncrepl failure bug bz#205827: CVE-2006-4600 openldap improper selfwrite access - Include the gethostbyname_r patch - include the correct guide.html (bz#190383) - Fix the upgrade logic, so that upgrades from 2.3.30 to newer versions won't leave junk in /var/lib/ldap if it was empty, and correctly generates/uses the upgrade.ldif file otherwise. Note that upgrades *to* 2.3.30 will have to be done carefully, because the half of the upgrade logic in the 2.3.19-4 rpms is broken, and will mess up the upgrade. --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ 65cbba12d0d751c60e4daa1ee44edb62bd1cd24c SRPMS/openldap-2.3.30-2.fc5.src.rpm 65cbba12d0d751c60e4daa1ee44edb62bd1cd24c noarch/openldap-2.3.30-2.fc5.src.rpm 772ec3779a66f86784b0d46db6c1f07bd33a5c7a ppc/openldap-clients-2.3.30-2.fc5.ppc.rpm 1e57d493fdd3568a51d615b7b0cfdef544e54b51 ppc/compat-openldap-2.3.30_2.2.29-2.fc5.ppc.rpm 67d75d3580c897703f4ed0acaede2d596e19287d ppc/openldap-servers-2.3.30-2.fc5.ppc.rpm 363b85eb19fc4e8a0e1828b7bf4f7aa4fb480da2 ppc/openldap-2.3.30-2.fc5.ppc.rpm 33d0a33abcb4f0c0dfd809d80a89c105c3a75e6a ppc/openldap-servers-sql-2.3.30-2.fc5.ppc.rpm 69263793a7f7f62b066a049a05b9647a498c60b4 ppc/debug/openldap-debuginfo-2.3.30-2.fc5.ppc.rpm 1fdd89579d022bc508ba7e4998b4470014c4b3ba ppc/openldap-devel-2.3.30-2.fc5.ppc.rpm cefd268f6fb6aa98fc932e8a32333671058f5f1f x86_64/openldap-servers-sql-2.3.30-2.fc5.x86_64.rpm e30772d319201ea190868b2729a90cfe8a765252 x86_64/openldap-devel-2.3.30-2.fc5.x86_64.rpm 4ecf829f2075f3fb6d9aa6bcd8495b1c8fc71fa2 x86_64/openldap-2.3.30-2.fc5.x86_64.rpm 52f69135ddea2a6facec91b02828118fe1b5195e x86_64/openldap-clients-2.3.30-2.fc5.x86_64.rpm 59e05dd062dd2c99d2efaaeea945b4e2c0ebe3ee x86_64/openldap-servers-2.3.30-2.fc5.x86_64.rpm 4561d63391eda7c678b07b578453f33a4da4f3cb x86_64/compat-openldap-2.3.30_2.2.29-2.fc5.x86_64.rpm 53c72d484715a4e0b2f3ec7edcc5a2abf9a2fdf6 x86_64/debug/openldap-debuginfo-2.3.30-2.fc5.x86_64.rpm 8ada0087312e36a9597a60b0abed348de3370ee7 i386/compat-openldap-2.3.30_2.2.29-2.fc5.i386.rpm 8721c722d72ad4dad1f00f3a2fde35490fafe0cb i386/openldap-devel-2.3.30-2.fc5.i386.rpm d4cb07eb41903f7cae4bc2f69cc3ea52db949ceb i386/debug/openldap-debuginfo-2.3.30-2.fc5.i386.rpm 26130433cc9ce0d32f79018081ebe463474e43e8 i386/openldap-servers-2.3.30-2.fc5.i386.rpm 413de8d4859a4ad5ad6d9d7275537670b606223d i386/openldap-clients-2.3.30-2.fc5.i386.rpm 0b2d92815546eeb61d266f4008eb9b3c11fdd418 i386/openldap-2.3.30-2.fc5.i386.rpm be283d8706cef4552facd49d5c994153a60532cf i386/openldap-servers-sql-2.3.30-2.fc5.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From tsmetana at redhat.com Mon May 14 17:17:50 2007 From: tsmetana at redhat.com (Tomas Smetana) Date: Mon, 14 May 2007 13:17:50 -0400 Subject: Fedora Core 6 Update: logrotate-3.7.4-13.fc6 Message-ID: <200705141717.l4EHHo8v017196@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-504 2007-05-14 --------------------------------------------------------------------- Product : Fedora Core 6 Name : logrotate Version : 3.7.4 Release : 13.fc6 Summary : Rotates, compresses, removes and mails system log files Description : The logrotate utility is designed to simplify the administration of log files on a system which generates a lot of log files. Logrotate allows for the automatic rotation compression, removal and mailing of log files. Logrotate can be set to handle a log file daily, weekly, monthly or when the log file gets to a certain size. Normally, logrotate runs as a daily cron job. Install the logrotate package if you need a utility to deal with the log files on your system. --------------------------------------------------------------------- * Mon May 14 2007 Tomas Smetana 3.7.4-13 - ignore *.cfsaved files by default (#223476) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ 06d527bddefcef471abc715af7227f9d16d336e2 SRPMS/logrotate-3.7.4-13.fc6.src.rpm 06d527bddefcef471abc715af7227f9d16d336e2 noarch/logrotate-3.7.4-13.fc6.src.rpm 8a9f92ddacb22a475c7a2e531bd552b24e2ab8a4 ppc/logrotate-3.7.4-13.fc6.ppc.rpm ae18ceffd92b4ba1554ab7944d8ce7c842155226 ppc/debug/logrotate-debuginfo-3.7.4-13.fc6.ppc.rpm 0d6e6cd092e594b18fc95959fd0db07f60648b07 x86_64/logrotate-3.7.4-13.fc6.x86_64.rpm eb96390d81980d6de555091c1ed64118021aa969 x86_64/debug/logrotate-debuginfo-3.7.4-13.fc6.x86_64.rpm 4ecf2d0faf1b96f4c487eb6ed1f04fe0f969f520 i386/logrotate-3.7.4-13.fc6.i386.rpm cbd0a355c5a653cbdd11ce0ba1bab4ab5c8c1238 i386/debug/logrotate-debuginfo-3.7.4-13.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From mbacovsk at redhat.com Mon May 14 17:19:18 2007 From: mbacovsk at redhat.com (Martin Bacovsky) Date: Mon, 14 May 2007 13:19:18 -0400 Subject: [SECURITY] Fedora Core 6 Update: squirrelmail-1.4.10a-1.fc6 Message-ID: <200705141719.l4EHJIL9017540@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-505 2007-05-14 --------------------------------------------------------------------- Product : Fedora Core 6 Name : squirrelmail Version : 1.4.10a Release : 1.fc6 Summary : SquirrelMail webmail client Description : SquirrelMail is a basic webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no Javascript) for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install. --------------------------------------------------------------------- Update Information: Upgrade to new upstream squirrelmail-1.4.10a. This update also fixes CVE-2007-1262 and CVE-2006-6142 --------------------------------------------------------------------- * Fri May 11 2007 Martin Bacovsky - 1.4.10a-1 - upgrade to new upstream 1.4.10a - resolves: #239704: CVE-2007-1262 squirrelmail cross-site scripting flaw - resolves: #218297: CVE-2006-6142 Three XSS issues in SquirrelMail --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ 6f715a5dffd1c076ee42c5914621542b4ce82233 SRPMS/squirrelmail-1.4.10a-1.fc6.src.rpm 6f715a5dffd1c076ee42c5914621542b4ce82233 noarch/squirrelmail-1.4.10a-1.fc6.src.rpm 5965e3a06471b702e8fe4a47c509c315fa6a42c1 ppc/squirrelmail-1.4.10a-1.fc6.noarch.rpm 5965e3a06471b702e8fe4a47c509c315fa6a42c1 x86_64/squirrelmail-1.4.10a-1.fc6.noarch.rpm 5965e3a06471b702e8fe4a47c509c315fa6a42c1 i386/squirrelmail-1.4.10a-1.fc6.noarch.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From ssorce at redhat.com Mon May 14 17:21:19 2007 From: ssorce at redhat.com (Simo Sorce) Date: Mon, 14 May 2007 13:21:19 -0400 Subject: [SECURITY] Fedora Core 5 Update: samba-3.0.24-5.fc5 Message-ID: <200705141721.l4EHLJW7018518@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-506 2007-05-14 --------------------------------------------------------------------- Product : Fedora Core 5 Name : samba Version : 3.0.24 Release : 5.fc5 Summary : The Samba SMB server. Description : Samba is the suite of programs by which a lot of PC-related machines share files, printers, and other information (such as lists of available files and printers). The Windows NT, OS/2, and Linux operating systems support this natively, and add-on packages can enable the same thing for DOS, Windows, VMS, UNIX of all kinds, MVS, and more. This package provides an SMB server that can be used to provide network services to SMB (sometimes called "Lan Manager") clients. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need the NetBEUI (Microsoft Raw NetBIOS frame) protocol. --------------------------------------------------------------------- Update Information: This release of Samba fixes some Serious security bugs: - CVE-2007-2444 - CVE-2007-2446 - CVE-2007-2447 Official upstream announcements here: http://www.samba.org/samba/security/CVE-2007-2444.html http://www.samba.org/samba/security/CVE-2007-2446.html http://www.samba.org/samba/security/CVE-2007-2447.html --------------------------------------------------------------------- * Mon May 14 2007 Simo Sorce 3.0.24-5.fc5 - Security fixes for CVE-2007-2444 CVE-2007-2446 CVE-2007-2447 * Thu Apr 5 2007 Simo Sorce 3.0.24-4.fc5 - sync up patches from the rawhide packages * Wed Mar 28 2007 Simo Sorce 3.0.24-3.fc5 - add patch for bug 176649 * Mon Mar 26 2007 Simo Sorce - remove patch for bug 106483 as it introduces a new bug that prevents the use of a credentials file with the smbclient tar command * Fri Mar 23 2007 Simo Sorce 3.0.24-2.fc5 - fix log rotate script to no kill -HUP samba daemons * Fri Mar 23 2007 Simo Sorce 3.0.24-2.fc5 - A newer cups lib introduced new symbols now we depend on, adjust dependencies to require the latest cups-libs package. * Wed Feb 7 2007 Jay Fenlason 3.0.24-1.fc5 - New upstream release - Update the -man patch to work with 3.0.24 - This release fixes CVE-2007-0452 Samba smbd denial of service * Tue Sep 26 2006 Jay Fenlason 3.0.23c-1.fc5 - Include the newer smb.init that includes the configtest option - Upgrade to 3.0.23c, obsoleting the -samr_alias patch. * Wed Aug 9 2006 Jay Fenlason 3.0.23b-1.fc5 - New upstream release, fixing some annoying bugs. * Mon Jul 24 2006 Jay Fenlason 3.0.23a-1.fc5.1 - Fix the -logfiles patch to close bz#199607 Samba compiled with wrong log path. bz#199206 smb.conf has incorrect log file path * Mon Jul 24 2006 Jay Fenlason 3.0.23a-1.fc5 - Upgrade to new upstream 3.0.23a - include upstream samr_alias patch * Wed Jul 12 2006 Jay Fenlason 3.0.23-1.fc5 - Upgrade to 3.0.23 to close bz#197836 CVE-2006-3403 Samba denial of service - include related spec file, filter-requires-samba.sh and patch changes from rawhide. - include the fixed smb.init file from rawhide, closing bz#182560 Wrong retval for initscript when smbd is dead --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ 7863d7676375e34a4ec654ca2f8c75a7f20b2a69 SRPMS/samba-3.0.24-5.fc5.src.rpm 7863d7676375e34a4ec654ca2f8c75a7f20b2a69 noarch/samba-3.0.24-5.fc5.src.rpm 1db6b849abd55b7fe2673ad44bc1c2c622ac5653 ppc/samba-common-3.0.24-5.fc5.ppc.rpm 279cf8da0b9d8addbbb0c7bb85e486a585b4aa40 ppc/samba-swat-3.0.24-5.fc5.ppc.rpm 8f37d7ab9e8e342ef55f092d3d2bc5156f53c79d ppc/samba-client-3.0.24-5.fc5.ppc.rpm 5e9d4f7a56e9e848a66d152010eaec3ab5effe96 ppc/samba-3.0.24-5.fc5.ppc.rpm 1b72c4bd70e0544bd8ef12d11e38c531c5a264c0 ppc/debug/samba-debuginfo-3.0.24-5.fc5.ppc.rpm 3a689565ba1d6b4085265fcef5437572ceff609e x86_64/debug/samba-debuginfo-3.0.24-5.fc5.x86_64.rpm 9df353905246559fb108377c1d3ddd42ce720b8f x86_64/samba-common-3.0.24-5.fc5.x86_64.rpm 106746400b2dcb73aef2144e6cdfb8d392f3c3f4 x86_64/samba-swat-3.0.24-5.fc5.x86_64.rpm 8c2a533b52e006f42e2607cbbd315bb1743a77f6 x86_64/samba-client-3.0.24-5.fc5.x86_64.rpm c80d2b934a23a3e0697e29a323b100337d7df851 x86_64/samba-3.0.24-5.fc5.x86_64.rpm ea9579c77fd3ec61fa3a9ae3c1a6d993a23ae79f i386/samba-client-3.0.24-5.fc5.i386.rpm dd15ab53deb35f7e939cbb5de9b4776cb6ca5d3d i386/samba-common-3.0.24-5.fc5.i386.rpm f6f8a043b8b915b01c54d4c3c7e1053b939877af i386/debug/samba-debuginfo-3.0.24-5.fc5.i386.rpm e0be2decc1c44265f5bc42fe41bc5d369d569041 i386/samba-3.0.24-5.fc5.i386.rpm e64f8fc609d7ef302a599366f585f5b1535bfaa8 i386/samba-swat-3.0.24-5.fc5.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From ssorce at redhat.com Mon May 14 17:22:17 2007 From: ssorce at redhat.com (Simo Sorce) Date: Mon, 14 May 2007 13:22:17 -0400 Subject: [SECURITY] Fedora Core 6 Update: samba-3.0.24-5.fc6 Message-ID: <200705141722.l4EHMHLJ018827@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-507 2007-05-14 --------------------------------------------------------------------- Product : Fedora Core 6 Name : samba Version : 3.0.24 Release : 5.fc6 Summary : The Samba SMB server. Description : Samba is the suite of programs by which a lot of PC-related machines share files, printers, and other information (such as lists of available files and printers). The Windows NT, OS/2, and Linux operating systems support this natively, and add-on packages can enable the same thing for DOS, Windows, VMS, UNIX of all kinds, MVS, and more. This package provides an SMB server that can be used to provide network services to SMB (sometimes called "Lan Manager") clients. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need the NetBEUI (Microsoft Raw NetBIOS frame) protocol. --------------------------------------------------------------------- Update Information: This release of Samba fixes some Serious security bugs: - CVE-2007-2444 - CVE-2007-2446 - CVE-2007-2447 Official upstream announcements here: http://www.samba.org/samba/security/CVE-2007-2444.html http://www.samba.org/samba/security/CVE-2007-2446.html http://www.samba.org/samba/security/CVE-2007-2447.html --------------------------------------------------------------------- * Mon May 14 2007 Simo Sorce 3.0.24-5.fc6 - Security fixes for CVE-2007-2444 CVE-2007-2446 CVE-2007-2447 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ bc75db2a499fe79973da7e91cb60eb93cc3998b5 SRPMS/samba-3.0.24-5.fc6.src.rpm bc75db2a499fe79973da7e91cb60eb93cc3998b5 noarch/samba-3.0.24-5.fc6.src.rpm 9f4c245cc72780dae747e0a5a77ab4a8b83be1d6 ppc/samba-3.0.24-5.fc6.ppc.rpm 33b2336c26326d9561615027342d6770ba2f96cb ppc/samba-common-3.0.24-5.fc6.ppc.rpm 8f74f83ba3ed151a313d297c458eb479d421b545 ppc/debug/samba-debuginfo-3.0.24-5.fc6.ppc.rpm e64acacf6968299aa3a47e2514d2c6e3e68c25c4 ppc/samba-swat-3.0.24-5.fc6.ppc.rpm f970336b989e47102e75342018015d0bbad1e1eb ppc/samba-client-3.0.24-5.fc6.ppc.rpm 5ad2e5522528d750df96ca9233ad996ea15f2bef x86_64/debug/samba-debuginfo-3.0.24-5.fc6.x86_64.rpm 6c52d37a44e5d57c43f27c4d92c42dcadcc0e786 x86_64/samba-client-3.0.24-5.fc6.x86_64.rpm ad121ded33dcda91fc5a02e3498a937407952e02 x86_64/samba-common-3.0.24-5.fc6.x86_64.rpm 4011cb0f02ee91574902e545406ae1633a424b16 x86_64/samba-3.0.24-5.fc6.x86_64.rpm 8118155862f3bfd042b0a07fb78c8140aa65761d x86_64/samba-swat-3.0.24-5.fc6.x86_64.rpm 31342dceeb5dd735af22addb25b9393b665ab81a i386/samba-3.0.24-5.fc6.i386.rpm 3cd8779e3967dc443b8a5f6dcb3613f31e1520bb i386/samba-common-3.0.24-5.fc6.i386.rpm 0a35da5e3fd8453670aa46f073604762c14a61d8 i386/samba-swat-3.0.24-5.fc6.i386.rpm 79418e3227389b4442ebde3a5ce12f37be018e31 i386/samba-client-3.0.24-5.fc6.i386.rpm 460ccc61bf05d1c0dbca7a3f92fde7f9b44b8735 i386/debug/samba-debuginfo-3.0.24-5.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From steved at redhat.com Tue May 15 16:27:48 2007 From: steved at redhat.com (Steve Dickson) Date: Tue, 15 May 2007 12:27:48 -0400 Subject: Fedora Core 6 Update: nfs-utils-1.0.10-10.fc6 Message-ID: <200705151627.l4FGRmEP012696@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-510 2007-05-15 --------------------------------------------------------------------- Product : Fedora Core 6 Name : nfs-utils Version : 1.0.10 Release : 10.fc6 Summary : NFS utlilities and supporting clients and daemons for the kernel NFS server. Description : The nfs-utils package provides a daemon for the kernel NFS server and related tools, which provides a much higher level of performance than the traditional Linux NFS server used by most users. This package also contains the showmount program. Showmount queries the mount daemon on a remote host for information about the NFS (Network File System) server on the remote host. For example, showmount can display the clients which are mounted on that host. This package also contains the mount.nfs and umount.nfs program. --------------------------------------------------------------------- Update Information: - Added the -o nordirplus mount option (bz 220451) - Disabled the FSCache patch since its no longer supported in FC6 - Eliminate timeout on nfsd shutdowns (bz 222001) - Eliminate memory leak in mountd (bz 239536) - Make sure statd uses correct uid/gid by chowning the /var/lib/nfs/statd with the rpcuser id. (bz 235216) - Correct some sanity checking in rpc.nfsd. (bz 220887) - Have mountd hold open etab file to force inode number to change (bz 236823) - Create a /etc/sysconfig/nfs with all the possible init script variables (bz 234543) - Changed nfs initscript to exit with correct value (bz 221874) --------------------------------------------------------------------- * Tue May 15 2007 Steve Dickson 1.0.10-10 - Added the -o nordirplus mount option (bz 220451) - Disabled the FSCache patch since its no longer supported in FC6 * Thu May 10 2007 Steve Dickson 1.0.10-9 - Eliminate timeout on nfsd shutdowns (bz 222001) - Eliminate memory leak in mountd (bz 239536) - Make sure statd uses correct uid/gid by chowning the /var/lib/nfs/statd with the rpcuser id. (bz 235216) - Correct some sanity checking in rpc.nfsd. (bz 220887) - Have mountd hold open etab file to force inode number to change (bz 236823) - Create a /etc/sysconfig/nfs with all the possible init script variables (bz 234543) - Changed nfs initscript to exit with correct value (bz 221874) * Fri Mar 16 2007 Steve Dickson 1.0.10-8 - Stop mount from wasting reserve ports (bz 230969) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ 3442f25c5c1f630751f8256faccfaf9e477c3859 SRPMS/nfs-utils-1.0.10-10.fc6.src.rpm 3442f25c5c1f630751f8256faccfaf9e477c3859 noarch/nfs-utils-1.0.10-10.fc6.src.rpm b6a784661cfb52141c519a3aadd574628ed3ceaa ppc/debug/nfs-utils-debuginfo-1.0.10-10.fc6.ppc.rpm 511bfd6366227625072b699644db78ddf3a3a32a ppc/nfs-utils-1.0.10-10.fc6.ppc.rpm cb9ecc74d6408b3ce2410e7842e96102d0d7a02f x86_64/nfs-utils-1.0.10-10.fc6.x86_64.rpm 4714771ae1d8c0f3ab084908a7066ec2dc4993f0 x86_64/debug/nfs-utils-debuginfo-1.0.10-10.fc6.x86_64.rpm 0c6696dc35badc7938b812bfb9b5117eb30d051c i386/debug/nfs-utils-debuginfo-1.0.10-10.fc6.i386.rpm 16a30b3e5739600bdda13dc104226782ce2b2e05 i386/nfs-utils-1.0.10-10.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From stransky at redhat.com Mon May 21 22:25:17 2007 From: stransky at redhat.com (Martin Stransky) Date: Mon, 21 May 2007 18:25:17 -0400 Subject: Fedora Core 6 Update: alsa-utils-1.0.14-0.2.rc1.fc6 Message-ID: <200705212225.l4LMPHel014859@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-511 2007-05-21 --------------------------------------------------------------------- Product : Fedora Core 6 Name : alsa-utils Version : 1.0.14 Release : 0.2.rc1.fc6 Summary : Advanced Linux Sound Architecture (ALSA) utilities Description : This package contains command line utilities for the Advanced Linux Sound Architecture (ALSA). --------------------------------------------------------------------- * Wed May 16 2007 Martin Stransky 1.0.14-0.2.rc1 - added fix for #235635 (unmute channels on MacBook, thanks to Jussi Eloranta) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ 3ecd1c9b47245c3f5b9a1da3cc9f855fa482ac91 SRPMS/alsa-utils-1.0.14-0.2.rc1.fc6.src.rpm 3ecd1c9b47245c3f5b9a1da3cc9f855fa482ac91 noarch/alsa-utils-1.0.14-0.2.rc1.fc6.src.rpm e0ac8b1c0df909286bcd4ef6f8e4bc35fdc31991 ppc/alsa-utils-1.0.14-0.2.rc1.fc6.ppc.rpm 5e91809e7a3b7ccaed201ca27e466a02ef2b2c75 ppc/debug/alsa-utils-debuginfo-1.0.14-0.2.rc1.fc6.ppc.rpm 65a5149f16ce741734d0544c19738802b90116f7 x86_64/alsa-utils-1.0.14-0.2.rc1.fc6.x86_64.rpm e90f95b92b2ca50e27bb636bb80853d77196719d x86_64/debug/alsa-utils-debuginfo-1.0.14-0.2.rc1.fc6.x86_64.rpm ad1156bc857cf379f03ef129f31ab67ee899278e i386/alsa-utils-1.0.14-0.2.rc1.fc6.i386.rpm 42ac8cb4eaf509329c99971821856339e5af0ac4 i386/debug/alsa-utils-debuginfo-1.0.14-0.2.rc1.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From jsafrane at redhat.com Mon May 21 22:26:50 2007 From: jsafrane at redhat.com (Jan Safranek) Date: Mon, 21 May 2007 18:26:50 -0400 Subject: Fedora Core 6 Update: xinetd-2.3.14-9.fc6 Message-ID: <200705212226.l4LMQo71015371@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-512 2007-05-21 --------------------------------------------------------------------- Product : Fedora Core 6 Name : xinetd Version : 2.3.14 Release : 9.fc6 Summary : A secure replacement for inetd. Description : Xinetd is a secure replacement for inetd, the Internet services daemon. Xinetd provides access control for all services based on the address of the remote host and/or on time of access and can prevent denial-of-access attacks. Xinetd provides extensive logging, has no limit on the number of server arguments, and lets you bind specific services to specific IP addresses on your host machine. Each service has its own specific configuration file for Xinetd; the files are located in the /etc/xinetd.d directory. --------------------------------------------------------------------- * Thu May 17 2007 Jan Safranek - 2:2.3.14-9 - service xinitd status returns correct value (#232887) - use ssize_t instead of int (#211776) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ 7c1694d61fcb56a1aaf1ab82ac8c60c27f3efc93 SRPMS/xinetd-2.3.14-9.fc6.src.rpm 7c1694d61fcb56a1aaf1ab82ac8c60c27f3efc93 noarch/xinetd-2.3.14-9.fc6.src.rpm f8c32bcd1acf281a7f5cd2a27882b052f0aedace ppc/xinetd-2.3.14-9.fc6.ppc.rpm 10705b6efd73db3f763f534fa76bd24a9e2d9083 ppc/debug/xinetd-debuginfo-2.3.14-9.fc6.ppc.rpm 0e7dd5dfb701d6e58cb3d2bc53bf6559f1830b67 x86_64/xinetd-2.3.14-9.fc6.x86_64.rpm 02d52a3442da101a0f95d3f6ae16b0d8e361dec8 x86_64/debug/xinetd-debuginfo-2.3.14-9.fc6.x86_64.rpm 7e234bf0fca36f01995c86635c023af1667663d8 i386/debug/xinetd-debuginfo-2.3.14-9.fc6.i386.rpm 46acd7f4453b49bf97f0a21759afc03f3128e682 i386/xinetd-2.3.14-9.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From vivekl at redhat.com Mon May 21 22:37:07 2007 From: vivekl at redhat.com (Vivek Lakshmanan) Date: Mon, 21 May 2007 18:37:07 -0400 Subject: Fedora Core 6 Update: tomcat5-5.5.23-0jpp.2.fc6 Message-ID: <200705212237.l4LMb7de018548@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-514 2007-05-21 --------------------------------------------------------------------- Product : Fedora Core 6 Name : tomcat5 Version : 5.5.23 Release : 0jpp.2.fc6 Summary : Apache Servlet/JSP Engine, RI for Servlet 2.4/JSP 2.0 API Description : Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. We invite you to participate in this open development project. To learn more about getting involved, click here. --------------------------------------------------------------------- Update Information: Several security issues were reported to be fixed in releases prior to 5.5.23 (http://tomcat.apache.org/security-5.html) Tomcat was found to accept multiple content-length headers in a request. This could allow attackers to poison a web-cache, bypass web application firewall protection, or conduct cross-site scripting attacks. (CVE-2005-2090) Tomcat permitted various characters as path delimiters. If Tomcat was used behind certain proxies and configured to only proxy some contexts, an attacker could construct an HTTP request to work around the context restriction and potentially access non-proxied content. (CVE-2007-0450) The implict-objects.jsp file distributed in the examples webapp displayed a number of unfiltered header values. If the JSP examples were accessible, this flaw could allow a remote attacker to perform cross-site scripting attacks. (CVE-2006-7195) Users should upgrade to these erratum packages which contain an update to Tomcat that resolves these issues. Updated jakarta-commons-modeler packages are also included which correct a bug when used with Tomcat 5.5.23. --------------------------------------------------------------------- * Tue May 8 2007 Vivek Lakshmanan - 0:5.5.23-0jpp.2 - Rebuild - Add catalina.out to the rpm and set explicit permissions; tomcat ownership - Resolves: bug 237088 * Mon Apr 23 2007 Vivek Lakshmanan - 0:5.5.23-0jpp.1 - Resolves: bug 237088 - Merge 0:5.5.17-8jpp.2 with sources/patches from 5.5.23 - Build against jakarta-commons-modeler 1.1 with MODELER-15 patch * Thu Jan 18 2007 Rafael Schloming - 0:5.5.17-8jpp.2 - Changed PreReq to Requires(pre) * Wed Oct 4 2006 Fernando Nasser 0:5.5.17-8jpp.1 - Merge with upstream * Wed Oct 4 2006 Permaine Cheung 0:5.5.17-8jpp - Fix condrestart in init script and location of init script in the spec file. * Mon Oct 2 2006 Permaine Cheung 0:5.5.17-7jpp - Add the new config file, and add the CONNECTOR_PORT variable in it. * Mon Oct 2 2006 Permaine Cheung 0:5.5.17-6jpp - Add the ability to start multiple instances of tomcat on the same machine. --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ 4cca27a62b490d4bf7bf7260953cdda3fe7b9632 SRPMS/tomcat5-5.5.23-0jpp.2.fc6.src.rpm 4cca27a62b490d4bf7bf7260953cdda3fe7b9632 noarch/tomcat5-5.5.23-0jpp.2.fc6.src.rpm fa28a89b09743ddcbb66a3c4e3d93ddee0e61f80 ppc/tomcat5-webapps-5.5.23-0jpp.2.fc6.ppc.rpm babc63085ca6d10b9d8929c182d32284d087882a ppc/debug/tomcat5-debuginfo-5.5.23-0jpp.2.fc6.ppc.rpm 59294e81a221af65ef7aa1e6dc482896f05bf2da ppc/tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.2.fc6.ppc.rpm 626197a35ffb3d02153b84aa237309008ed67e1f ppc/tomcat5-servlet-2.4-api-5.5.23-0jpp.2.fc6.ppc.rpm 5f3a626c616d94886d89e61e3bf58891748c92d7 ppc/tomcat5-admin-webapps-5.5.23-0jpp.2.fc6.ppc.rpm 4ae8d9162d6bd4df4adbfc89de8ed436027d8072 ppc/tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.2.fc6.ppc.rpm a033072d572483f5a01585330a487d72fdc9d454 ppc/tomcat5-5.5.23-0jpp.2.fc6.ppc.rpm 5c94bb64a50ce805f67ca754d03c324d3ee9c191 ppc/tomcat5-common-lib-5.5.23-0jpp.2.fc6.ppc.rpm cfde40d1adeaca9bd3e0c8f7724d8cac6746e66a ppc/tomcat5-jsp-2.0-api-5.5.23-0jpp.2.fc6.ppc.rpm 9714969cd5a2e095aa98a3241e106e942f718c78 ppc/tomcat5-jasper-5.5.23-0jpp.2.fc6.ppc.rpm f83be623d67da74aa707dc9c2cd8e404fd9ab388 ppc/tomcat5-server-lib-5.5.23-0jpp.2.fc6.ppc.rpm 204e54dc778e70928bf0b3f9da4ad4eac7eb645a ppc/tomcat5-jasper-javadoc-5.5.23-0jpp.2.fc6.ppc.rpm 06be1666b690dbdd52f91128e0b3ba91adccedc1 x86_64/tomcat5-5.5.23-0jpp.2.fc6.x86_64.rpm 842bf589d1e6734fb192dd934486153d44a6ef43 x86_64/tomcat5-admin-webapps-5.5.23-0jpp.2.fc6.x86_64.rpm 3976f5f7b0e59976a13ac56d39ebf9c666e1ba8f x86_64/debug/tomcat5-debuginfo-5.5.23-0jpp.2.fc6.x86_64.rpm 2b57e22fce9d78a248218aa4c7b33132796a8640 x86_64/tomcat5-server-lib-5.5.23-0jpp.2.fc6.x86_64.rpm 95896ca7579076120463d0beb1cc613254292796 x86_64/tomcat5-common-lib-5.5.23-0jpp.2.fc6.x86_64.rpm 0085f20c161c502511dfd25233747b302d5a7521 x86_64/tomcat5-jasper-javadoc-5.5.23-0jpp.2.fc6.x86_64.rpm 6d30e6f4c472916dd262c0056192ed880abcbb45 x86_64/tomcat5-jsp-2.0-api-5.5.23-0jpp.2.fc6.x86_64.rpm 89d644b14afa349fffe4d24d6a37416b5ac45e11 x86_64/tomcat5-servlet-2.4-api-5.5.23-0jpp.2.fc6.x86_64.rpm 7e6ad962c2c3915442a81ea71939e0004e917678 x86_64/tomcat5-webapps-5.5.23-0jpp.2.fc6.x86_64.rpm 4ff870f0ee9d6d23a7f2abf1883700270efefbb8 x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.2.fc6.x86_64.rpm f71f1eca6dd73bc4e02664d12e846fb4e3aa3b03 x86_64/tomcat5-jasper-5.5.23-0jpp.2.fc6.x86_64.rpm 7a2a66f27f119ae7de932733930375b751c1bc6f x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.2.fc6.x86_64.rpm 29b88174aaf36c0bab7fd70973aacfed1502a471 i386/tomcat5-common-lib-5.5.23-0jpp.2.fc6.i386.rpm 6bd22d9f96ada74ef5402fb613da90a670024115 i386/tomcat5-5.5.23-0jpp.2.fc6.i386.rpm 2d0f392b9c90f05524d30ffaf0b138d5d5adb7ea i386/tomcat5-webapps-5.5.23-0jpp.2.fc6.i386.rpm 2dca87727af3ddfaf28cf673f30ca4dc445189d5 i386/tomcat5-jasper-5.5.23-0jpp.2.fc6.i386.rpm bba9784fb0f9d1754b4299d68ebfb35a2c760691 i386/tomcat5-jsp-2.0-api-5.5.23-0jpp.2.fc6.i386.rpm adb7176bd20f5cd86f024f166c6c052441ffc096 i386/debug/tomcat5-debuginfo-5.5.23-0jpp.2.fc6.i386.rpm f225deb128e8efde1996eb85b60fc42d1da5fb5c i386/tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.2.fc6.i386.rpm 76338c98164ff4eb037c740c48c8c529228e3281 i386/tomcat5-jasper-javadoc-5.5.23-0jpp.2.fc6.i386.rpm 4cdb79d010d57caa239a46d4347b63156bcf49cb i386/tomcat5-server-lib-5.5.23-0jpp.2.fc6.i386.rpm b0420a7cd4d585cded56c51b04f3af437fc4c338 i386/tomcat5-servlet-2.4-api-5.5.23-0jpp.2.fc6.i386.rpm 9ab2e7349e93b75bd26963ce34acb83786e551bd i386/tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.2.fc6.i386.rpm 2cca945073dc983aa08d9f4d2964fb4f575eb5b8 i386/tomcat5-admin-webapps-5.5.23-0jpp.2.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From vivekl at redhat.com Mon May 21 22:37:09 2007 From: vivekl at redhat.com (Vivek Lakshmanan) Date: Mon, 21 May 2007 18:37:09 -0400 Subject: Fedora Core 6 Update: jakarta-commons-modeler-1.1-8jpp.2.fc6 Message-ID: <200705212237.l4LMb9FE018570@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-514 2007-05-21 --------------------------------------------------------------------- Product : Fedora Core 6 Name : jakarta-commons-modeler Version : 1.1 Release : 8jpp.2.fc6 Summary : Jakarta Commons Modeler Package Description : The Modeler project shall create and maintain a set of Java classes to provide the facilities described in the preceeding section, plus unit tests and small examples of using these facilities to instrument Java classes with Model MBean support. --------------------------------------------------------------------- Update Information: Several security issues were reported to be fixed in releases prior to 5.5.23 (http://tomcat.apache.org/security-5.html) Tomcat was found to accept multiple content-length headers in a request. This could allow attackers to poison a web-cache, bypass web application firewall protection, or conduct cross-site scripting attacks. (CVE-2005-2090) Tomcat permitted various characters as path delimiters. If Tomcat was used behind certain proxies and configured to only proxy some contexts, an attacker could construct an HTTP request to work around the context restriction and potentially access non-proxied content. (CVE-2007-0450) The implict-objects.jsp file distributed in the examples webapp displayed a number of unfiltered header values. If the JSP examples were accessible, this flaw could allow a remote attacker to perform cross-site scripting attacks. (CVE-2006-7195) Users should upgrade to these erratum packages which contain an update to Tomcat that resolves these issues. Updated jakarta-commons-modeler packages are also included which correct a bug when used with Tomcat 5.5.23. --------------------------------------------------------------------- * Sun Apr 29 2007 Vivek Lakshmanan - 0:1.1-8jpp.2 - Add patch to fix jira task: MODELER-15 to allow tomcat5 5.5.23 to build against j-c-modeler - Resolves: bug 237704 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ dad1218b669850e79dbd5d467c95ed95301b8d34 SRPMS/jakarta-commons-modeler-1.1-8jpp.2.fc6.src.rpm dad1218b669850e79dbd5d467c95ed95301b8d34 noarch/jakarta-commons-modeler-1.1-8jpp.2.fc6.src.rpm 8dd80a01e127b5d40d732ce2e75c5c04e2000421 ppc/jakarta-commons-modeler-javadoc-1.1-8jpp.2.fc6.ppc.rpm dd1ab4ed4a18518210a3609441d3c337a2dd5a69 ppc/debug/jakarta-commons-modeler-debuginfo-1.1-8jpp.2.fc6.ppc.rpm 7f4b54c6922fb76248bafd205e14119183ea99df ppc/jakarta-commons-modeler-1.1-8jpp.2.fc6.ppc.rpm 2a629ca2249b3012627ce9cea4ef89eee957f82a x86_64/jakarta-commons-modeler-javadoc-1.1-8jpp.2.fc6.x86_64.rpm c397048d0562227811fb735b49acb0bda2c68511 x86_64/debug/jakarta-commons-modeler-debuginfo-1.1-8jpp.2.fc6.x86_64.rpm 2aa455ba7eb7d52799a3c0d93dab468cefa96c9e x86_64/jakarta-commons-modeler-1.1-8jpp.2.fc6.x86_64.rpm ba5a53f53d214e199394ea50cdf2306b049e9085 i386/debug/jakarta-commons-modeler-debuginfo-1.1-8jpp.2.fc6.i386.rpm 501ec172627d91dbcabb7134d3b5b3c10f256e06 i386/jakarta-commons-modeler-javadoc-1.1-8jpp.2.fc6.i386.rpm faee0b25204c51e08dd19930cf2c81880ce9bc23 i386/jakarta-commons-modeler-1.1-8jpp.2.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From mmaslano at redhat.com Mon May 21 22:38:44 2007 From: mmaslano at redhat.com (Marcela Maslanova) Date: Mon, 21 May 2007 18:38:44 -0400 Subject: Fedora Core 6 Update: screen-4.0.3-3.fc6 Message-ID: <200705212238.l4LMciqX018781@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-515 2007-05-21 --------------------------------------------------------------------- Product : Fedora Core 6 Name : screen Version : 4.0.3 Release : 3.fc6 Summary : A screen manager that supports multiple logins on one terminal Description : The screen utility allows you to have multiple logins on just one terminal. Screen is useful for users who telnet into a machine or are connected via a dumb terminal, but want to use more than just one login. Install the screen package if you need a screen manager that can support multiple logins on one terminal. --------------------------------------------------------------------- Update Information: Revert key bindings back to default. --------------------------------------------------------------------- --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ 3a34cc1768c3f154a9bbef5f3826e830dfb1ec6d SRPMS/screen-4.0.3-3.fc6.src.rpm 3a34cc1768c3f154a9bbef5f3826e830dfb1ec6d noarch/screen-4.0.3-3.fc6.src.rpm d34bbc6cb142ec0cf990a468f0326a069cc253d6 ppc/debug/screen-debuginfo-4.0.3-3.fc6.ppc.rpm 5fd3d908e63581dfcc0d84128719205385b654a8 ppc/screen-4.0.3-3.fc6.ppc.rpm 2b64004dc8a596047b9a5a8b5fcd287697f82fce x86_64/debug/screen-debuginfo-4.0.3-3.fc6.x86_64.rpm 305fe1a1760635156ccb6d63fef702d515fcbc63 x86_64/screen-4.0.3-3.fc6.x86_64.rpm 3fb821a0baf0ab86e11d17e052d6866091d54722 i386/screen-4.0.3-3.fc6.i386.rpm d027ffdad8cce9b4e45cc55443123aa1f9d49d4e i386/debug/screen-debuginfo-4.0.3-3.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From mlichvar at redhat.com Mon May 21 22:41:14 2007 From: mlichvar at redhat.com (Miroslav Lichvar) Date: Mon, 21 May 2007 18:41:14 -0400 Subject: Fedora Core 6 Update: minicom-2.2-1.fc6 Message-ID: <200705212241.l4LMfEqB019681@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-490 2007-05-21 --------------------------------------------------------------------- Product : Fedora Core 6 Name : minicom Version : 2.2 Release : 1.fc6 Summary : A text-based modem control and terminal emulation program. Description : Minicom is a simple text-based modem control and terminal emulation program somewhat similar to MSDOS Telix. Minicom includes a dialing directory, full ANSI and VT100 emulation, an (external) scripting language, and other features. --------------------------------------------------------------------- * Wed May 2 2007 Miroslav Lichvar 2.2-1 - update to 2.2 (#237906) - handle filenames with spaces (#98655) - add requires for lrzsz - spec cleanup --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ dd99effad19c16201b3a24e71b1197f937ed2f35 SRPMS/minicom-2.2-1.fc6.src.rpm dd99effad19c16201b3a24e71b1197f937ed2f35 noarch/minicom-2.2-1.fc6.src.rpm 1a177f75d9252e7480030953f5bc823c5d1514a1 ppc/minicom-2.2-1.fc6.ppc.rpm 09612825938f5b8f21c47f6062e906fa62f00621 ppc/debug/minicom-debuginfo-2.2-1.fc6.ppc.rpm f8549d742173d1394e1cda6bdaf4ae3f4d322956 x86_64/debug/minicom-debuginfo-2.2-1.fc6.x86_64.rpm 19a7d8467e4cfdf8860dd52c1a80ca16ca31b884 x86_64/minicom-2.2-1.fc6.x86_64.rpm 76b00b52faa8b5bc382368959b4a1abd79e47b6d i386/debug/minicom-debuginfo-2.2-1.fc6.i386.rpm 2505a3a94441afa5218bc33136784c15b211a06f i386/minicom-2.2-1.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From twoerner at redhat.com Mon May 21 22:42:47 2007 From: twoerner at redhat.com (Thomas Woerner) Date: Mon, 21 May 2007 18:42:47 -0400 Subject: Fedora Core 5 Update: SDL-1.2.9-6.1 Message-ID: <200705212242.l4LMglpR020166@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-517 2007-05-21 --------------------------------------------------------------------- Product : Fedora Core 5 Name : SDL Version : 1.2.9 Release : 6.1 Summary : A cross-platform multimedia library. Description : Simple DirectMedia Layer (SDL) is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. --------------------------------------------------------------------- * Mon May 21 2007 Thomas Woerner 1.2.9-6.1 - added missing libXt-devel (rhbz#240199) * Mon May 7 2007 Thomas Woerner 1.2.9-6 - added missing (build) requires for GL and GLU --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ c84f90447a97a72a6f536081a6adc78bcfe6ef31 SRPMS/SDL-1.2.9-6.1.src.rpm c84f90447a97a72a6f536081a6adc78bcfe6ef31 noarch/SDL-1.2.9-6.1.src.rpm 5f1bf5b5744796baba99aba00c2c630cb23d28eb ppc/SDL-devel-1.2.9-6.1.ppc.rpm 3c9092cdf960b5fc6d7ae2a934d506fae05ff7b6 ppc/SDL-1.2.9-6.1.ppc.rpm 83a27bd32815d040c932a49cecd2be5766e89e7a ppc/debug/SDL-debuginfo-1.2.9-6.1.ppc.rpm 5f710ec2216e5572bbad6127ea528ad65d487793 x86_64/SDL-1.2.9-6.1.x86_64.rpm 892c5a9e701f521b159b2ebe0bdb881e612869b0 x86_64/SDL-devel-1.2.9-6.1.x86_64.rpm b0a824b1ce4240a178958bd0750d98cee7f3ced2 x86_64/debug/SDL-debuginfo-1.2.9-6.1.x86_64.rpm 117e240827e9e68fe3229df5d0abdd1b372ff651 i386/SDL-devel-1.2.9-6.1.i386.rpm 4d83231b24950be2a6c700d1d4e9facebaef5f58 i386/debug/SDL-debuginfo-1.2.9-6.1.i386.rpm 43c1ec35cc2751d4d476d3ce9f012ef60056d6f0 i386/SDL-1.2.9-6.1.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From twaugh at redhat.com Mon May 21 22:43:13 2007 From: twaugh at redhat.com (Tim Waugh) Date: Mon, 21 May 2007 18:43:13 -0400 Subject: Fedora Core 6 Update: hal-cups-utils-0.6.9-1.fc6 Message-ID: <200705212243.l4LMhDik020272@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-470 2007-05-21 --------------------------------------------------------------------- Product : Fedora Core 6 Name : hal-cups-utils Version : 0.6.9 Release : 1.fc6 Summary : Halified CUPS utilities Description : Halified utilities for CUPS: - hal_lpadmin - hal CUPS backend --------------------------------------------------------------------- Update Information: Now uses 'usb:' URIs if possible when adding printers. The hal backend now retries when the device is not yet connected. --------------------------------------------------------------------- * Thu May 3 2007 Tim Waugh 0.6.9-1 - 0.6.9: - Reverted hal backend printer state management and paper-out detection for the moment. * Thu Apr 26 2007 Tim Waugh 0.6.8-1 - 0.6.8: - Several hal backend fixes (retry when device not connected, printer state management, paper-out detection). - Small hal_lpadmin fix for traceback. * Wed Apr 25 2007 Tim Waugh 0.6.7-1 - 0.6.7: - Use usb: URI scheme when possible (bug #236720). - Prevent a traceback in hal_lpadmin (bug #232733). --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ 4021334bd3387803ee6ab430ee29a990e973a5f9 SRPMS/hal-cups-utils-0.6.9-1.fc6.src.rpm 4021334bd3387803ee6ab430ee29a990e973a5f9 noarch/hal-cups-utils-0.6.9-1.fc6.src.rpm e0b74d241f634b66d00667d13187c36c997884b5 ppc/hal-cups-utils-0.6.9-1.fc6.ppc.rpm ead8e072a181b6c82579982cc6651dda7b8f1391 ppc/debug/hal-cups-utils-debuginfo-0.6.9-1.fc6.ppc.rpm c09c6ef2c849fc8e0b1df6c0376393d61f49654b x86_64/debug/hal-cups-utils-debuginfo-0.6.9-1.fc6.x86_64.rpm be5cf9870eba8724530f09882f0266f806f71b98 x86_64/hal-cups-utils-0.6.9-1.fc6.x86_64.rpm b8712b1c62b192d460cf6ba989fba01615f810b4 i386/debug/hal-cups-utils-debuginfo-0.6.9-1.fc6.i386.rpm 67f2e7b28ad19f146c9268349a3b672bc151a449 i386/hal-cups-utils-0.6.9-1.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From twaugh at redhat.com Mon May 21 22:44:48 2007 From: twaugh at redhat.com (Tim Waugh) Date: Mon, 21 May 2007 18:44:48 -0400 Subject: Fedora Core 6 Update: cups-1.2.10-7.fc6 Message-ID: <200705212244.l4LMimtu020683@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-497 2007-05-21 --------------------------------------------------------------------- Product : Fedora Core 6 Name : cups Version : 1.2.10 Release : 7.fc6 Summary : Common Unix Printing System Description : The Common UNIX Printing System provides a portable printing layer for UNIX?? operating systems. It has been developed by Easy Software Products to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces. --------------------------------------------------------------------- Update Information: This package contains a fix for printing PDFs that have been rotated, more robust server settings handling, paper-out detection for the usb backend, and a small D-BUS QueueChanged signal fix. --------------------------------------------------------------------- * Mon May 21 2007 Tim Waugh 1:1.2.10-7 - Fixed _cupsAdminSetServerSettings() sharing/shared handling (bug #238057). * Wed May 9 2007 Tim Waugh 1:1.2.10-6 - Applied fix for rotated PDFs (bug #236753, STR #2348). * Wed Apr 25 2007 Tim Waugh 1:1.2.10-5 - Until bug #236736 is fixed, work around the kernel usblp driver's quirks so that we can detect paper-out conditions. * Wed Apr 4 2007 Tim Waugh 1:1.2.10-4 - Send D-BUS QueueChanged signal on printer state changes. --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ 855c3a48fe37c573a7112acf80b39614c1fd7746 SRPMS/cups-1.2.10-7.fc6.src.rpm 855c3a48fe37c573a7112acf80b39614c1fd7746 noarch/cups-1.2.10-7.fc6.src.rpm 5ef8586caac99822e8a04656fbd6c508bb875acd ppc/cups-1.2.10-7.fc6.ppc.rpm 7ba743b523061eb7b76bf3d8054a6e9d553c5df7 ppc/debug/cups-debuginfo-1.2.10-7.fc6.ppc.rpm 0c03395ecc9f8175800d34a0c2149bea5d185947 ppc/cups-devel-1.2.10-7.fc6.ppc.rpm 466ef385087c7cb2a19671ab803dab4682363019 ppc/cups-lpd-1.2.10-7.fc6.ppc.rpm 36ba4c4069f32a17ea75c2c28d7c4da746d4b395 ppc/cups-libs-1.2.10-7.fc6.ppc.rpm 4a6058f7831f9702570717ec63db42161a75c5d3 x86_64/cups-lpd-1.2.10-7.fc6.x86_64.rpm 6051f20c42c0b56c7a203401273891305d848dd5 x86_64/cups-libs-1.2.10-7.fc6.x86_64.rpm d08b17e259f4fcd00364d499f6e00a2035cd8d99 x86_64/cups-1.2.10-7.fc6.x86_64.rpm 87a3dd52aef1988cfd79c43403f194f759377c2a x86_64/debug/cups-debuginfo-1.2.10-7.fc6.x86_64.rpm 6a5c2a28ee7025e2ece224e029410a75b68fc8e8 x86_64/cups-devel-1.2.10-7.fc6.x86_64.rpm 9595484581897bfa3e1f681a1e84401c3b7379e7 i386/cups-lpd-1.2.10-7.fc6.i386.rpm 093eabbd87f5fe3d0b04aac6e481295c332fe4e1 i386/debug/cups-debuginfo-1.2.10-7.fc6.i386.rpm 8b4feaac562ffaac8d53d4b9085477fe7303bba4 i386/cups-libs-1.2.10-7.fc6.i386.rpm c18a7cabf20d5726c1a20574503a34cdbf1cf423 i386/cups-devel-1.2.10-7.fc6.i386.rpm c191320cb33ca65c300fd07a8402c095dadddfb9 i386/cups-1.2.10-7.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From ssorce at redhat.com Mon May 21 22:46:37 2007 From: ssorce at redhat.com (Simo Sorce) Date: Mon, 21 May 2007 18:46:37 -0400 Subject: Fedora Core 5 Update: samba-3.0.24-6.fc5 Message-ID: <200705212246.l4LMkbLs021256@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-518 2007-05-21 --------------------------------------------------------------------- Product : Fedora Core 5 Name : samba Version : 3.0.24 Release : 6.fc5 Summary : The Samba SMB server. Description : Samba is the suite of programs by which a lot of PC-related machines share files, printers, and other information (such as lists of available files and printers). The Windows NT, OS/2, and Linux operating systems support this natively, and add-on packages can enable the same thing for DOS, Windows, VMS, UNIX of all kinds, MVS, and more. This package provides an SMB server that can be used to provide network services to SMB (sometimes called "Lan Manager") clients. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need the NetBEUI (Microsoft Raw NetBIOS frame) protocol. --------------------------------------------------------------------- Update Information: fix nmbd segfault in some rare conditions fix a bug introduced with CVE-2007-2444 in some configurations --------------------------------------------------------------------- * Mon May 14 2007 Simo Sorce 3.0.24-5.fc5 - Security fixes for CVE-2007-2444 CVE-2007-2446 CVE-2007-2447 * Thu Apr 5 2007 Simo Sorce 3.0.24-4.fc5 - sync up patches from the rawhide packages * Wed Mar 28 2007 Simo Sorce 3.0.24-3.fc5 - add patch for bug 176649 * Mon Mar 26 2007 Simo Sorce - remove patch for bug 106483 as it introduces a new bug that prevents the use of a credentials file with the smbclient tar command * Fri Mar 23 2007 Simo Sorce 3.0.24-2.fc5 - fix log rotate script to no kill -HUP samba daemons * Fri Mar 23 2007 Simo Sorce 3.0.24-2.fc5 - A newer cups lib introduced new symbols now we depend on, adjust dependencies to require the latest cups-libs package. * Wed Feb 7 2007 Jay Fenlason 3.0.24-1.fc5 - New upstream release - Update the -man patch to work with 3.0.24 - This release fixes CVE-2007-0452 Samba smbd denial of service * Tue Sep 26 2006 Jay Fenlason 3.0.23c-1.fc5 - Include the newer smb.init that includes the configtest option - Upgrade to 3.0.23c, obsoleting the -samr_alias patch. * Wed Aug 9 2006 Jay Fenlason 3.0.23b-1.fc5 - New upstream release, fixing some annoying bugs. * Mon Jul 24 2006 Jay Fenlason 3.0.23a-1.fc5.1 - Fix the -logfiles patch to close bz#199607 Samba compiled with wrong log path. bz#199206 smb.conf has incorrect log file path * Mon Jul 24 2006 Jay Fenlason 3.0.23a-1.fc5 - Upgrade to new upstream 3.0.23a - include upstream samr_alias patch * Wed Jul 12 2006 Jay Fenlason 3.0.23-1.fc5 - Upgrade to 3.0.23 to close bz#197836 CVE-2006-3403 Samba denial of service - include related spec file, filter-requires-samba.sh and patch changes from rawhide. - include the fixed smb.init file from rawhide, closing bz#182560 Wrong retval for initscript when smbd is dead --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ 6704bcbc47eb55597b640203bab5b256f3062b8f SRPMS/samba-3.0.24-6.fc5.src.rpm 6704bcbc47eb55597b640203bab5b256f3062b8f noarch/samba-3.0.24-6.fc5.src.rpm 00b81bec80eed9f4a92227932e314eb3df959c8c ppc/samba-swat-3.0.24-6.fc5.ppc.rpm 368996dd3e5a7abca8d98d01ce5fdc32cbc9582d ppc/samba-client-3.0.24-6.fc5.ppc.rpm f003d53c2e32d0ecf0a6a41840539c826a425f2c ppc/samba-3.0.24-6.fc5.ppc.rpm d6cdd1d7433bab6d20f7f3dc5eb47e0da3623e59 ppc/debug/samba-debuginfo-3.0.24-6.fc5.ppc.rpm d70e87806698bce75d0c6da56f0b04fd15b1ee8f ppc/samba-common-3.0.24-6.fc5.ppc.rpm 697ec1cc2eb40be411bb915a7db91794daccfb6d x86_64/samba-client-3.0.24-6.fc5.x86_64.rpm f537cdc189279d7d1378166eb64862eb108ddb05 x86_64/samba-swat-3.0.24-6.fc5.x86_64.rpm 39cf4decf09fba6f10743c481789f42ed380e252 x86_64/debug/samba-debuginfo-3.0.24-6.fc5.x86_64.rpm b78078da73fd02e56985dd70f45c5313d878e274 x86_64/samba-3.0.24-6.fc5.x86_64.rpm ce8adb47b5fafe122cfe7172d4ca172b7e8d68a0 x86_64/samba-common-3.0.24-6.fc5.x86_64.rpm a6bc99ea6b01dbf92342abb3aaf1216d5b8ea4fb i386/debug/samba-debuginfo-3.0.24-6.fc5.i386.rpm 05b20dbdfcd000cf4ce517a2edceb20d70ceb2b1 i386/samba-common-3.0.24-6.fc5.i386.rpm 6fd4dad1d19c2e4525c6596b6acb38765c75d85c i386/samba-3.0.24-6.fc5.i386.rpm eb146c18f1558a6698d5086872b531242c3f8a06 i386/samba-client-3.0.24-6.fc5.i386.rpm c41afa33c3b2f5aa85ee0168203457932d0355b6 i386/samba-swat-3.0.24-6.fc5.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From dwalsh at redhat.com Thu May 24 05:04:01 2007 From: dwalsh at redhat.com (Daniel Walsh) Date: Thu, 24 May 2007 01:04:01 -0400 Subject: Fedora Core 6 Update: selinux-policy-2.4.6-69.fc6 Message-ID: <200705240504.l4O5417O016180@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-508 2007-05-24 --------------------------------------------------------------------- Product : Fedora Core 6 Name : selinux-policy Version : 2.4.6 Release : 69.fc6 Summary : SELinux policy configuration Description : SELinux Reference Policy - modular. --------------------------------------------------------------------- * Fri May 4 2007 Dan Walsh 2.4.6-69 - Fix vlc libraries to be textrel_shlib_t * Thu May 3 2007 Dan Walsh 2.4.6-68 - Cleanup handling of audit messages * Mon Apr 30 2007 Dan Walsh 2.4.6-67 - Allow logging into the console on s390 Resolves: #237703 - Additional avc's caused by change in unix_update Resolves: #236316 * Mon Apr 30 2007 Dan Walsh 2.4.6-64 - Add fail2ban policy --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ 111ee365f2cd649b5f463a0cbd9615887395fbf1 SRPMS/selinux-policy-2.4.6-69.fc6.src.rpm 111ee365f2cd649b5f463a0cbd9615887395fbf1 noarch/selinux-policy-2.4.6-69.fc6.src.rpm 2fd3d38a1cbf684addf6d7aebd84e85d291d1b93 ppc/selinux-policy-devel-2.4.6-69.fc6.noarch.rpm 423594a74ae55b312e78c5b7b46650f226ccec22 ppc/selinux-policy-2.4.6-69.fc6.noarch.rpm 33eae9bd5bc57afc716764221f05b81bcdf8b71f ppc/selinux-policy-targeted-2.4.6-69.fc6.noarch.rpm 8cf3209c18af1904d1fe630e93be05bb8b0a54f4 ppc/selinux-policy-mls-2.4.6-69.fc6.noarch.rpm 645c0416b4f7f2aeab10982ab14af417726ba956 ppc/selinux-policy-strict-2.4.6-69.fc6.noarch.rpm 2fd3d38a1cbf684addf6d7aebd84e85d291d1b93 x86_64/selinux-policy-devel-2.4.6-69.fc6.noarch.rpm 423594a74ae55b312e78c5b7b46650f226ccec22 x86_64/selinux-policy-2.4.6-69.fc6.noarch.rpm 33eae9bd5bc57afc716764221f05b81bcdf8b71f x86_64/selinux-policy-targeted-2.4.6-69.fc6.noarch.rpm 8cf3209c18af1904d1fe630e93be05bb8b0a54f4 x86_64/selinux-policy-mls-2.4.6-69.fc6.noarch.rpm 645c0416b4f7f2aeab10982ab14af417726ba956 x86_64/selinux-policy-strict-2.4.6-69.fc6.noarch.rpm 2fd3d38a1cbf684addf6d7aebd84e85d291d1b93 i386/selinux-policy-devel-2.4.6-69.fc6.noarch.rpm 423594a74ae55b312e78c5b7b46650f226ccec22 i386/selinux-policy-2.4.6-69.fc6.noarch.rpm 33eae9bd5bc57afc716764221f05b81bcdf8b71f i386/selinux-policy-targeted-2.4.6-69.fc6.noarch.rpm 8cf3209c18af1904d1fe630e93be05bb8b0a54f4 i386/selinux-policy-mls-2.4.6-69.fc6.noarch.rpm 645c0416b4f7f2aeab10982ab14af417726ba956 i386/selinux-policy-strict-2.4.6-69.fc6.noarch.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From steved at redhat.com Thu May 24 05:05:35 2007 From: steved at redhat.com (Steve Dickson) Date: Thu, 24 May 2007 01:05:35 -0400 Subject: Fedora Core 6 Update: nfs-utils-1.0.10-12.fc6 Message-ID: <200705240505.l4O55Z8e016914@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-520 2007-05-24 --------------------------------------------------------------------- Product : Fedora Core 6 Name : nfs-utils Version : 1.0.10 Release : 12.fc6 Summary : NFS utlilities and supporting clients and daemons for the kernel NFS server. Description : The nfs-utils package provides a daemon for the kernel NFS server and related tools, which provides a much higher level of performance than the traditional Linux NFS server used by most users. This package also contains the showmount program. Showmount queries the mount daemon on a remote host for information about the NFS (Network File System) server on the remote host. For example, showmount can display the clients which are mounted on that host. This package also contains the mount.nfs and umount.nfs program. --------------------------------------------------------------------- Update Information: - Stopped /etc/sysconfig/nfs from being overwritten on updates (bz 234543) --------------------------------------------------------------------- * Tue May 22 2007 Steve Dickson 1.0.10-12 - Stopped /etc/sysconfig/nfs from being overwritten on updates (bz 234543) * Wed May 16 2007 Steve Dickson 1.0.10-11 - Make sure the condrestarts exit with a zero value (240225) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ af14c284cc3b6ed7e4eeae468eccc7e6c7d2126d SRPMS/nfs-utils-1.0.10-12.fc6.src.rpm af14c284cc3b6ed7e4eeae468eccc7e6c7d2126d noarch/nfs-utils-1.0.10-12.fc6.src.rpm 4f4f457b36e1c033d3b90a0db3dcae3bba440871 ppc/nfs-utils-1.0.10-12.fc6.ppc.rpm a7bcfdaa16f2c4e8fb5bad038adbb2cdb2e1f37e ppc/debug/nfs-utils-debuginfo-1.0.10-12.fc6.ppc.rpm df61f7380bbaa041b3992657991862a7a6d40467 x86_64/nfs-utils-1.0.10-12.fc6.x86_64.rpm c6afbbbb2f95d1f50513c7bb0ec0596baaee2b1c x86_64/debug/nfs-utils-debuginfo-1.0.10-12.fc6.x86_64.rpm b65eccc4beb3887fa9c2117b541b34964848d3e2 i386/debug/nfs-utils-debuginfo-1.0.10-12.fc6.i386.rpm c5d1446c87dee141579feae021fdcb3b6b4e5bc4 i386/nfs-utils-1.0.10-12.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From atkac at redhat.com Thu May 24 05:21:46 2007 From: atkac at redhat.com (Adam Tkac) Date: Thu, 24 May 2007 01:21:46 -0400 Subject: Fedora Core 6 Update: bind-9.3.4-5.fc6 Message-ID: <200705240521.l4O5Lk3O020396@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-524 2007-05-24 --------------------------------------------------------------------- Product : Fedora Core 6 Name : bind Version : 9.3.4 Release : 5.fc6 Summary : The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server. Description : BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. --------------------------------------------------------------------- Update Information: - ldap backend has been rewriten to latest ldap API - fixed bind-chroot-admin dynamic dns handling --------------------------------------------------------------------- * Tue May 22 2007 Adam Tkac 31:9.3.4-5.fc7 - fixed bind-chroot-admin dynamic DNS handling (#239149) - rewrited ldap backend patch to latest API (#239802) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ 2a16d8e0d5727535a7b9a2b788bee34436f48bb2 SRPMS/bind-9.3.4-5.fc6.src.rpm 2a16d8e0d5727535a7b9a2b788bee34436f48bb2 noarch/bind-9.3.4-5.fc6.src.rpm 274ca5315420e2a429d7a02113d7aae50a6f2d5d ppc/bind-libbind-devel-9.3.4-5.fc6.ppc.rpm d496b7dbe3a5672310875d48c1b73456b41ef668 ppc/caching-nameserver-9.3.4-5.fc6.ppc.rpm c69d75d72d1ddc37767a076b89e5909a2c8824ea ppc/bind-devel-9.3.4-5.fc6.ppc.rpm 0ff9300e0ec31aaa2fc817f09483a9e578353810 ppc/bind-libs-9.3.4-5.fc6.ppc.rpm 183013d20a0df7809182d42f2bbfad4830b7a5c0 ppc/bind-chroot-9.3.4-5.fc6.ppc.rpm d8afd9e48f0fb039661aee362c64b52636483a09 ppc/bind-9.3.4-5.fc6.ppc.rpm 5ba25ef4ce2f7ab2007d588b577e1d98ef46fb33 ppc/bind-utils-9.3.4-5.fc6.ppc.rpm a5ea26ca77387fbd8d8e14799b93f3713df98c29 ppc/debug/bind-debuginfo-9.3.4-5.fc6.ppc.rpm 52d1afd5e8cb09b6d42f6770f1f9b72c3ad31a08 ppc/bind-sdb-9.3.4-5.fc6.ppc.rpm 1f44b95309bda131795ab5c4cccbe830148245a2 x86_64/bind-chroot-9.3.4-5.fc6.x86_64.rpm 911dc725fde80cbf60fe7042c2ccec99a2c73777 x86_64/bind-libs-9.3.4-5.fc6.x86_64.rpm 534546f75c839afc7ed0f5c3b21a18697ea36f37 x86_64/bind-utils-9.3.4-5.fc6.x86_64.rpm 051e51701ce8642eee594065738c0047c77aa0b0 x86_64/debug/bind-debuginfo-9.3.4-5.fc6.x86_64.rpm c58e0c4621e9639edc01d124079c0fb788cbcf32 x86_64/bind-libbind-devel-9.3.4-5.fc6.x86_64.rpm 18602b6ff1aa560a5230716f5de6339dccaf1e7b x86_64/bind-devel-9.3.4-5.fc6.x86_64.rpm e6aa0cfd263b4c0913cb98f1551152b096832ece x86_64/caching-nameserver-9.3.4-5.fc6.x86_64.rpm e9a5e78fca97a322b6b3aad05198133b4010e687 x86_64/bind-sdb-9.3.4-5.fc6.x86_64.rpm d741b5a3a161e028a58e8b0903208c030886f0c5 x86_64/bind-9.3.4-5.fc6.x86_64.rpm b477c9075f03876168a25652a63ff46b8bc18eb6 i386/bind-sdb-9.3.4-5.fc6.i386.rpm 3e3cf9a2072270e0284ff013da3eaadaef87c6fa i386/caching-nameserver-9.3.4-5.fc6.i386.rpm a6e1e9ff765672f89cdf3f56a9aa637eaf969e98 i386/bind-libbind-devel-9.3.4-5.fc6.i386.rpm 6dada12b7fea701e5a470282a02a40f4883eccdc i386/bind-libs-9.3.4-5.fc6.i386.rpm 7db0551c3694da0675441aab324edc32da1b097a i386/bind-9.3.4-5.fc6.i386.rpm 2c7a6425b102a5d94aff490a52ca671ea7d93370 i386/bind-devel-9.3.4-5.fc6.i386.rpm 8536d995489379a690a953d3266ebf93031ac915 i386/bind-utils-9.3.4-5.fc6.i386.rpm 83cf31e03e6092c5999dd055d642dd710caea187 i386/debug/bind-debuginfo-9.3.4-5.fc6.i386.rpm 6838192e25c98fc80a3bfdf5c936d42f4bde44c5 i386/bind-chroot-9.3.4-5.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From jorton at redhat.com Thu May 24 05:24:12 2007 From: jorton at redhat.com (Joe Orton) Date: Thu, 24 May 2007 01:24:12 -0400 Subject: [SECURITY] Fedora Core 5 Update: php-5.1.6-1.6 Message-ID: <200705240524.l4O5OCbW020783@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-526 2007-05-24 --------------------------------------------------------------------- Product : Fedora Core 5 Name : php Version : 5.1.6 Release : 1.6 Summary : The PHP HTML-embedded scripting language. (PHP: Hypertext Preprocessor) Description : PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The mod_php module enables the Apache Web server to understand and process the embedded PHP language in Web pages. --------------------------------------------------------------------- Update Information: This update fixes a number of security issues in PHP. A heap buffer overflow flaw was found in the PHP 'xmlrpc' extension. A PHP script which implements an XML-RPC server using this extension could allow a remote attacker to execute arbitrary code as the 'apache' user. Note that this flaw does not affect PHP applications using the pure-PHP XML_RPC class provided in /usr/share/pear. (CVE-2007-1864) A flaw was found in the PHP 'ftp' extension. If a PHP script used this extension to provide access to a private FTP server, and passed untrusted script input directly to any function provided by this extension, a remote attacker would be able to send arbitrary FTP commands to the server. (CVE-2007-2509) A buffer overflow flaw was found in the PHP 'soap' extension, regarding the handling of an HTTP redirect response when using the SOAP client provided by this extension with an untrusted SOAP server. No mechanism to trigger this flaw remotely is known. (CVE-2007-2510) --------------------------------------------------------------------- * Wed May 9 2007 Joe Orton 5.1.6-1.6 - add security fixes for CVE-2007-1864, CVE-2007-2509, CVE-2007-2510 (#235016) * Thu Apr 5 2007 Joe Orton 5.1.6-1.5 - add security fixes for CVE-2007-0455, CVE-2007-1001, CVE-2007-1285, CVE-2007-1583, CVE-2007-1718 (#235364) * Fri Feb 23 2007 Joe Orton 5.1.6-1.4 - fix pdo-abi provide * Tue Feb 20 2007 Joe Orton 5.1.6-1.3 - add security fixes for: CVE-2007-0906, CVE-2007-0907, CVE-2007-0908, CVE-2007-0909, CVE-2007-0910, CVE-2007-0988 (#228011) * Fri Nov 3 2006 Joe Orton 5.1.6-1.2 - add security fix for CVE-2006-5465 (#213732) * Fri Oct 6 2006 Joe Orton 5.1.6-1.1 - update to 5.1.6 (#201767, #204995) - add fix for upstream #38801 - add security fix for CVE-2006-4812 - drop Obsoletes for mod_php (#194590) - add php-pdo-abi versioning (#193202) - move php{-config,ize} man pages to -devel (#199382) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ 82efb63b8164c8640948b7abd9dd527fce07e95f SRPMS/php-5.1.6-1.6.src.rpm 82efb63b8164c8640948b7abd9dd527fce07e95f noarch/php-5.1.6-1.6.src.rpm a5710ca823e349ced47b30c798e7c5e22fcbd9ea ppc/php-5.1.6-1.6.ppc.rpm 20b84a9539622a416aea0b8a313772ce8a977769 ppc/php-xmlrpc-5.1.6-1.6.ppc.rpm e28986afd4df27ca1e3f82205d86ad59219c5cef ppc/php-mbstring-5.1.6-1.6.ppc.rpm e2c2f324e67330ee82db26ab205932be5cbf890c ppc/php-bcmath-5.1.6-1.6.ppc.rpm e0a686e0cf557f4686c403925b351dee3c3e3894 ppc/php-ldap-5.1.6-1.6.ppc.rpm 9126717490cb8fa5d44e97b9b720b39df55b5375 ppc/debug/php-debuginfo-5.1.6-1.6.ppc.rpm 23772d91b23207ac50160c4c5a910940b9c36d94 ppc/php-gd-5.1.6-1.6.ppc.rpm 58f9717ab0932be1acf262e46d4aab5f8776c99a ppc/php-soap-5.1.6-1.6.ppc.rpm ad40644efbe40306e4edb261ddb33e0f801550e0 ppc/php-ncurses-5.1.6-1.6.ppc.rpm 83aebbaaf9f69bee988cc37f69e88e40d31866a8 ppc/php-pgsql-5.1.6-1.6.ppc.rpm 02541d25b1b4ff0dca2adf7add84cfd59893e6b2 ppc/php-dba-5.1.6-1.6.ppc.rpm 23f9f51eba68f4df51e844f7b3eb04a351db5f82 ppc/php-snmp-5.1.6-1.6.ppc.rpm 53b3b1c89ef1a7904a2ff2c3d54ae9c1cdb164c6 ppc/php-xml-5.1.6-1.6.ppc.rpm f66f442cbc97bf07b5c2eaf1b510f957c528618a ppc/php-mysql-5.1.6-1.6.ppc.rpm 2594340c25cb5422c8daf015df5d80fe166be393 ppc/php-imap-5.1.6-1.6.ppc.rpm 5de3d50a1bb5f96da59520671dcd5bc3e7adc8a9 ppc/php-pdo-5.1.6-1.6.ppc.rpm daa6530e8fdf1431d3a56d1b391fa239769254af ppc/php-odbc-5.1.6-1.6.ppc.rpm 1f32c323282745d508da99931ccdfd8cec678161 ppc/php-devel-5.1.6-1.6.ppc.rpm 038c637938d291995ec10953f537f7aa7af28495 x86_64/php-pgsql-5.1.6-1.6.x86_64.rpm a15a40b309061b87750e0616aa75a22bb50dfdf7 x86_64/php-bcmath-5.1.6-1.6.x86_64.rpm 91d24f6c318e68a4c64e21ecddcb3c28f54839cd x86_64/php-ncurses-5.1.6-1.6.x86_64.rpm e229637107f4c8d52b6518e32148b47156a9dbaf x86_64/debug/php-debuginfo-5.1.6-1.6.x86_64.rpm af25cf8a33e6dae1d55e1a200619c09b2d485ccb x86_64/php-5.1.6-1.6.x86_64.rpm 64ee9228dedb5edf8320815e153b430d55e6ac88 x86_64/php-ldap-5.1.6-1.6.x86_64.rpm 64ef3804b62d761b2fb1f03305d9c1d81cfd1547 x86_64/php-soap-5.1.6-1.6.x86_64.rpm 970d5e920fd5251d9370fc0d750eefcbf668c699 x86_64/php-dba-5.1.6-1.6.x86_64.rpm 929168d9a3e145ed5c9c6d9f8ea73363a1036fdd x86_64/php-gd-5.1.6-1.6.x86_64.rpm 80102cd57264aad342473eca104d18dee4171bea x86_64/php-devel-5.1.6-1.6.x86_64.rpm 43a1f33efd279bb3a7c132d5b4c4fe1353669fc7 x86_64/php-imap-5.1.6-1.6.x86_64.rpm 8ba73e3e2aa7b2a06e0648edbf6ca49b2a39acab x86_64/php-xml-5.1.6-1.6.x86_64.rpm 55518e43298156315ea24b3df1e1f278a84ffa36 x86_64/php-mysql-5.1.6-1.6.x86_64.rpm 758e21693582f484f45034e4208ed061f166cba0 x86_64/php-xmlrpc-5.1.6-1.6.x86_64.rpm 957963dbddf499ce0e6fd0d937337b21dd66740c x86_64/php-pdo-5.1.6-1.6.x86_64.rpm c6d1bdeed6e9f74ffce92897384dd73485f6c7a7 x86_64/php-mbstring-5.1.6-1.6.x86_64.rpm a65b9f21a7ba170fc17134e201bdc7ee63962421 x86_64/php-snmp-5.1.6-1.6.x86_64.rpm e9b8a31712be7342c2f6e439740772a7e60f3d33 x86_64/php-odbc-5.1.6-1.6.x86_64.rpm a9a0c8b5ce548824285a1341464090dba3d551e5 i386/php-xml-5.1.6-1.6.i386.rpm 04266f1d89faf9049f5f26a53305458bd7b4486e i386/php-pdo-5.1.6-1.6.i386.rpm e01a54b838910252e2120dd76b5087acc7056bed i386/php-imap-5.1.6-1.6.i386.rpm adb9805f47c01e568011ae2cbc0e2e97de2edbe4 i386/php-xmlrpc-5.1.6-1.6.i386.rpm c5ec295f6be39e238ca1e56af1310b859784e24f i386/php-bcmath-5.1.6-1.6.i386.rpm e026fa792ff7c9947b332108b8f604742e3e9fc2 i386/debug/php-debuginfo-5.1.6-1.6.i386.rpm 2c6b6afda734d05797a8edb41f23619743d65b0a i386/php-dba-5.1.6-1.6.i386.rpm 16c8db332d6baa10cd869e3fc13fb73a69544e8a i386/php-5.1.6-1.6.i386.rpm 88034a31f5ed88981a41e69d9f8d0bce53052d3d i386/php-ncurses-5.1.6-1.6.i386.rpm 1d7d8705e3b57e3a0125192afcf2c5b0554616c5 i386/php-devel-5.1.6-1.6.i386.rpm 662415d12d3b5ad06da97e4eee738611edbd4a80 i386/php-mbstring-5.1.6-1.6.i386.rpm 8734486e4d593c31d03e8d50cca3187bd5cee1c4 i386/php-odbc-5.1.6-1.6.i386.rpm d6e5c4ddba272f8eb9b1c3b246792238f76c380e i386/php-gd-5.1.6-1.6.i386.rpm 436a33efb954dd69d4cf1fad76397e7cd0963952 i386/php-pgsql-5.1.6-1.6.i386.rpm a5fcd1d00a7a0f765b7fcd9ff7417274c49ee071 i386/php-mysql-5.1.6-1.6.i386.rpm c7534ef580a5eae406ac3cd7f5fb0eb610e3b1f2 i386/php-snmp-5.1.6-1.6.i386.rpm 40adab182711178dfff70c0c75a92d1b92104965 i386/php-ldap-5.1.6-1.6.i386.rpm 7ffcac7e33e1a691f4e72ac7c8d64e9885b03e6f i386/php-soap-5.1.6-1.6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From tgl at redhat.com Thu May 24 05:25:09 2007 From: tgl at redhat.com (Tom Lane) Date: Thu, 24 May 2007 01:25:09 -0400 Subject: [SECURITY] Fedora Core 5 Update: libpng-1.2.8-3.fc5 Message-ID: <200705240525.l4O5P9cF021227@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-528 2007-05-24 --------------------------------------------------------------------- Product : Fedora Core 5 Name : libpng Version : 1.2.8 Release : 3.fc5 Summary : A library of functions for manipulating PNG image format files. Description : The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng should be installed if you need to manipulate PNG format image files. --------------------------------------------------------------------- * Wed May 23 2007 Tom Lane 2:1.2.8-3 - Add patch to fix CVE-2006-5793 Related: #215405 - Add patch to fix CVE-2007-2445 Related: #239542 - Require pkgconfig in the -devel subpackage Resolves: #217903 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ 43313a4aa1a0f3bd6123bdd6d10c74dac4c0f971 SRPMS/libpng-1.2.8-3.fc5.src.rpm 43313a4aa1a0f3bd6123bdd6d10c74dac4c0f971 noarch/libpng-1.2.8-3.fc5.src.rpm 8f971f98ba3ec5bb23d37648790bfe5d969f4f9f ppc/debug/libpng-debuginfo-1.2.8-3.fc5.ppc.rpm 3c8a7d86940cfa67385020adbb443bbe947cee5d ppc/libpng-devel-1.2.8-3.fc5.ppc.rpm d652d258676e6ba568886453dbcd17fcd59c82de ppc/libpng-1.2.8-3.fc5.ppc.rpm 38a61a110d2b9a43dc9084dfe28505bfc0ed7f11 x86_64/libpng-1.2.8-3.fc5.x86_64.rpm 349a992443fa18699816aba08888f731a2cfb9f5 x86_64/libpng-devel-1.2.8-3.fc5.x86_64.rpm 0a94b85e17fd05f7cc8a78180f21fb4d5619f2d9 x86_64/debug/libpng-debuginfo-1.2.8-3.fc5.x86_64.rpm 8cd6bf80c0bf84707f692bf98f27b79dd320fcb6 i386/libpng-devel-1.2.8-3.fc5.i386.rpm aac487ce0e3b87d0fe532b915212fd36e5d73b49 i386/debug/libpng-debuginfo-1.2.8-3.fc5.i386.rpm e08b6bcc57d7afdb3ba35bdbe11e502b5bc596d4 i386/libpng-1.2.8-3.fc5.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From tgl at redhat.com Thu May 24 05:25:31 2007 From: tgl at redhat.com (Tom Lane) Date: Thu, 24 May 2007 01:25:31 -0400 Subject: [SECURITY] Fedora Core 6 Update: libpng-1.2.10-9.fc6 Message-ID: <200705240525.l4O5PVAs021305@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-529 2007-05-24 --------------------------------------------------------------------- Product : Fedora Core 6 Name : libpng Version : 1.2.10 Release : 9.fc6 Summary : A library of functions for manipulating PNG image format files Description : The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng should be installed if you need to manipulate PNG format image files. --------------------------------------------------------------------- * Wed May 23 2007 Tom Lane 2:1.2.10-9 - Add patch to fix CVE-2006-5793 Related: #215405 - Add patch to fix CVE-2007-2445 Related: #239542 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ 34fada9e91ca73d6becb9a401125e0bb70861568 SRPMS/libpng-1.2.10-9.fc6.src.rpm 34fada9e91ca73d6becb9a401125e0bb70861568 noarch/libpng-1.2.10-9.fc6.src.rpm 3146e179f64145312801df7bc4a2c799c9fc60d4 ppc/debug/libpng-debuginfo-1.2.10-9.fc6.ppc.rpm d23c50d2216b498baadd0c26173ab61e3975f620 ppc/libpng-1.2.10-9.fc6.ppc.rpm 358b6a6519773839725dd7b26a3d89543c927165 ppc/libpng-devel-1.2.10-9.fc6.ppc.rpm f1624428116ca1fe02e0d59e3d27dc1ecfcffb0e x86_64/libpng-devel-1.2.10-9.fc6.x86_64.rpm 1dad10a249295a62ae5ead11d5b67c345717a428 x86_64/libpng-1.2.10-9.fc6.x86_64.rpm 7f7da096b28dae824fdfdb8b27dad4f5087ecd56 x86_64/debug/libpng-debuginfo-1.2.10-9.fc6.x86_64.rpm 1e0bdeeaf5124ce62c00dd5813a585e037da2500 i386/libpng-devel-1.2.10-9.fc6.i386.rpm d38f59aabda59b586c2944a9020ba15d51a74060 i386/libpng-1.2.10-9.fc6.i386.rpm cd9e0d94d20fc0cc151fcd5232735e8c8d970f66 i386/debug/libpng-debuginfo-1.2.10-9.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From cebbert at redhat.com Wed May 30 18:07:06 2007 From: cebbert at redhat.com (Chuck Ebbert) Date: Wed, 30 May 2007 14:07:06 -0400 Subject: Fedora Core 6 Update: kernel-2.6.20-1.2952.fc6 Message-ID: <200705301807.l4UI76Ds021004@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-513 2007-05-30 --------------------------------------------------------------------- Product : Fedora Core 6 Name : kernel Version : 2.6.20 Release : 1.2952.fc6 Summary : The Linux kernel (the core of the Linux operating system) Description : The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. --------------------------------------------------------------------- Update Information: Update to kernel 2.6.20.11: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.11 Xen bug fixes, solving many instability problems on i386. Additional kernel patches, including GFS2 -- see changelog. --------------------------------------------------------------------- * Wed May 16 2007 Chuck Ebbert 1.2952 - GFS2 update - additional patches v4l tuner patch (bz 234509) ps/2 mouse detection (bz 223606) block bounce fix for some legacy drivers quickcam audio was broken x86_64 GART aperture range checking hda audio STAC codec resume fix hda audio init fix * Wed May 16 2007 Chuck Ebbert 1.2951 - BZ #227533: remove hyphens from kernel versions in RPM provides * Tue May 15 2007 Eduardo Habkost 1.2950 - Xen kernel: added patch to initialize pda properly on smp_prepare_cpus() * Mon May 14 2007 Eduardo Habkost - Xen kernel: added patch from Stephen C. Tweedie. Fix crashes and hangs, by making critical_fixup_table correct. Probably fix bugs: * Sat May 5 2007 Chuck Ebbert 1.2949 - 2.6.20.10 (official) - 2.6.20.11 - Additional fixes (1830 - 1837) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ b0c85f11f403236247c78424259c0b0edcbcba6e SRPMS/kernel-2.6.20-1.2952.fc6.src.rpm b0c85f11f403236247c78424259c0b0edcbcba6e noarch/kernel-2.6.20-1.2952.fc6.src.rpm 057ccf087abe4bc078304326d624b67027712127 ppc/kernel-devel-2.6.20-1.2952.fc6.ppc.rpm 2b1a991c32068a05b800a43b3098c0d1599fa520 ppc/debug/kernel-debuginfo-2.6.20-1.2952.fc6.ppc.rpm 96621c8d86bebec4d201873823567be0c0885cfd ppc/kernel-headers-2.6.20-1.2952.fc6.ppc.rpm 7eb0ab89a0f2a20055a55c307d2c0193f13a56a0 ppc/kernel-2.6.20-1.2952.fc6.ppc.rpm 287358f5b44aeb06a4d335f97a7367534fd7bbfe ppc/kernel-smp-2.6.20-1.2952.fc6.ppc.rpm 9be2b122099e45ed360397d9f42fe3ddfff0635c ppc/debug/kernel-smp-debuginfo-2.6.20-1.2952.fc6.ppc.rpm 65314e92e1ab4160d49d5fddc84357db9752bf63 ppc/debug/kernel-debuginfo-common-2.6.20-1.2952.fc6.ppc.rpm 2b9a9e24c9cbe242899d7fd8dec7f48ae5758566 ppc/kernel-smp-devel-2.6.20-1.2952.fc6.ppc.rpm 3aea55221bccadbc07140e53795b29d2f6c7c0c5 ppc/kernel-doc-2.6.20-1.2952.fc6.noarch.rpm 3a966f1da27d15244c25bf1b424ddad3d4dffd2f x86_64/kernel-xen-2.6.20-1.2952.fc6.x86_64.rpm e3a032a1606336dd5087fb8fb8df4605a9fa4660 x86_64/kernel-kdump-devel-2.6.20-1.2952.fc6.x86_64.rpm b2979baf702504c01a5195b693d2c5cca5553956 x86_64/kernel-devel-2.6.20-1.2952.fc6.x86_64.rpm be339f0ec0d98224d4ab0f3c380169000c3fe063 x86_64/debug/kernel-debuginfo-2.6.20-1.2952.fc6.x86_64.rpm 05eef6a3991fce64c77493bdccdf1aa43d2e3505 x86_64/kernel-headers-2.6.20-1.2952.fc6.x86_64.rpm 3a1dc76b24c3e36ce75e75d5147c9340bfeb48eb x86_64/kernel-kdump-2.6.20-1.2952.fc6.x86_64.rpm d8a4ac6412c3e93ffc22da8c045ab0a8fff07f6f x86_64/debug/kernel-debug-debuginfo-2.6.20-1.2952.fc6.x86_64.rpm 96ffd14bf6a5ca09a78ad5c48f6810a9b8b44237 x86_64/kernel-debug-2.6.20-1.2952.fc6.x86_64.rpm 6fc9f5876d964eb325f0a11abc1e3705115009a6 x86_64/kernel-debug-devel-2.6.20-1.2952.fc6.x86_64.rpm 1c094f31445b9846e26b16c8055b3c3090ebe8ee x86_64/kernel-xen-devel-2.6.20-1.2952.fc6.x86_64.rpm 51aaec7bba65a606c6c7a413442c8b37ff0fbf76 x86_64/debug/kernel-kdump-debuginfo-2.6.20-1.2952.fc6.x86_64.rpm 226afc075694287d9e2f3dc4857a091377c7c66e x86_64/debug/kernel-xen-debuginfo-2.6.20-1.2952.fc6.x86_64.rpm 727603cda1c3465f6ad9afe3fb9e06cf3896acfd x86_64/debug/kernel-debuginfo-common-2.6.20-1.2952.fc6.x86_64.rpm 4709eec3b71f71a0f10ac0f1c599310f06596011 x86_64/kernel-2.6.20-1.2952.fc6.x86_64.rpm 3aea55221bccadbc07140e53795b29d2f6c7c0c5 x86_64/kernel-doc-2.6.20-1.2952.fc6.noarch.rpm e8f73a4652247528186124268a0178ec987e6586 i386/kernel-headers-2.6.20-1.2952.fc6.i386.rpm 53151bab250ca1ca1c1a4113c45b5d807ba2b7f0 i386/kernel-devel-2.6.20-1.2952.fc6.i586.rpm df935eee4322804cb41d525e7f64f4dd796839fd i386/kernel-2.6.20-1.2952.fc6.i586.rpm 1bd562ff837f65257dd6c3633fb6d3f5561e1fe8 i386/debug/kernel-debuginfo-common-2.6.20-1.2952.fc6.i586.rpm a4d0e9993de3e3b506ae93d9938ef7a6f7712f7e i386/debug/kernel-debuginfo-2.6.20-1.2952.fc6.i586.rpm f6d55b79535a72df4943071ae11b6c5862b48eb7 i386/kernel-debug-devel-2.6.20-1.2952.fc6.i686.rpm 083e256e512ae5a41dae2010e11aa4f7f0633c05 i386/debug/kernel-PAE-debuginfo-2.6.20-1.2952.fc6.i686.rpm 709e70e6f6e0f9bb49b264280296a66b03bddb5a i386/kernel-2.6.20-1.2952.fc6.i686.rpm 343263322cdb7b804599e9ca34c893dd4711af9d i386/kernel-debug-2.6.20-1.2952.fc6.i686.rpm f91c37ff8a75a3128c12293475b6f02c61366bfd i386/kernel-devel-2.6.20-1.2952.fc6.i686.rpm 258c1b6431add2180df5ec5b026686393ccd80bf i386/kernel-PAE-2.6.20-1.2952.fc6.i686.rpm 0502c99f66090e7c3dff6096ee8dd7f773395a8e i386/debug/kernel-xen-debuginfo-2.6.20-1.2952.fc6.i686.rpm 6468f39e1eebd9c10ccc15d7e5f43ab0ab8659b9 i386/kernel-xen-2.6.20-1.2952.fc6.i686.rpm f9edbd9762f32c21b7d04798952c02a721d0efe5 i386/kernel-PAE-devel-2.6.20-1.2952.fc6.i686.rpm 178dbcd0f66352384f4979316943a1111e79c5b4 i386/debug/kernel-debuginfo-2.6.20-1.2952.fc6.i686.rpm da5b609950b1af8e8e951f3f79da411bb7623ddd i386/debug/kernel-debuginfo-common-2.6.20-1.2952.fc6.i686.rpm d1a8c536360b1fc5c6a47d3c3161e171134c4f7b i386/debug/kernel-PAE-debug-debuginfo-2.6.20-1.2952.fc6.i686.rpm 51969b84f5bfebd5be2582e9febdf324ebca32d1 i386/kernel-xen-devel-2.6.20-1.2952.fc6.i686.rpm 4a1dabfe9c5ee7c03729811576d5e9dfe4e946f2 i386/kernel-PAE-debug-devel-2.6.20-1.2952.fc6.i686.rpm f30be86ec6080249e1cbb393360fad26dd5034e8 i386/kernel-kdump-2.6.20-1.2952.fc6.i686.rpm fa5f21e3d174350d43229fe9656f1b808ccb05b3 i386/debug/kernel-debug-debuginfo-2.6.20-1.2952.fc6.i686.rpm 18f51ff8c8722fd6f435c9c537cff4f3e2d8bed2 i386/debug/kernel-kdump-debuginfo-2.6.20-1.2952.fc6.i686.rpm a7786bbfaef00d2b3f772a5b03229179ba369f26 i386/kernel-kdump-devel-2.6.20-1.2952.fc6.i686.rpm 92f24e5a05acf9626b386add58eeaf72a3f7c61a i386/kernel-PAE-debug-2.6.20-1.2952.fc6.i686.rpm 3aea55221bccadbc07140e53795b29d2f6c7c0c5 i386/kernel-doc-2.6.20-1.2952.fc6.noarch.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From rvokal at redhat.com Wed May 30 18:13:26 2007 From: rvokal at redhat.com (Radek Vokal) Date: Wed, 30 May 2007 14:13:26 -0400 Subject: Fedora Core 6 Update: net-tools-1.60-76.fc6 Message-ID: <200705301813.l4UIDQ54023923@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-530 2007-05-30 --------------------------------------------------------------------- Product : Fedora Core 6 Name : net-tools Version : 1.60 Release : 76.fc6 Summary : Basic networking tools. Description : The net-tools package contains basic networking tools, including ifconfig, netstat, route, and others. --------------------------------------------------------------------- Update Information: Updated SELinux support --------------------------------------------------------------------- * Tue May 22 2007 Radek Vok??l - 1.60-76 - updated SELinux patch by * Wed Oct 4 2006 Radek Vokal - 1.60-75 - fix nameif crash for 16char long interface names (#209120) * Mon Oct 2 2006 Radek Vokal - 1.60-74 - fix -I option for nestat, works as -I=eth0 again. - add dist tag --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ c2b8ddd6aad84efc19b1f951212030a644ee8763 SRPMS/net-tools-1.60-76.fc6.src.rpm c2b8ddd6aad84efc19b1f951212030a644ee8763 noarch/net-tools-1.60-76.fc6.src.rpm cac1bf1d1fcec398430b76ba877f84f4e9b01e60 ppc/net-tools-1.60-76.fc6.ppc.rpm 4a56b60dbe8b06016527bccf71b7ec0aa6d15c76 ppc/debug/net-tools-debuginfo-1.60-76.fc6.ppc.rpm 62109f9b0786c8de3b27590a5b535bdee0f80e08 x86_64/debug/net-tools-debuginfo-1.60-76.fc6.x86_64.rpm 81dc1ada85edc6f75fe8c9ce86a54437c53c2c58 x86_64/net-tools-1.60-76.fc6.x86_64.rpm 00465ff1b0efc9993db40d9c829437c537562a7c i386/debug/net-tools-debuginfo-1.60-76.fc6.i386.rpm 5dd265f37912d8f2945ab4c1202a82d9d3bf418f i386/net-tools-1.60-76.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From atkac at redhat.com Wed May 30 18:15:15 2007 From: atkac at redhat.com (Adam Tkac) Date: Wed, 30 May 2007 14:15:15 -0400 Subject: Fedora Core 6 Update: bind-9.3.4-6.fc6 Message-ID: <200705301815.l4UIFFf3025013@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-531 2007-05-30 --------------------------------------------------------------------- Product : Fedora Core 6 Name : bind Version : 9.3.4 Release : 6.fc6 Summary : The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server. Description : BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. --------------------------------------------------------------------- Update Information: - start using deprecated ldap API because new-api patch didn't work (lack of documentation) (#239802) - fix minor bug in bind-chroot-admin script (#241103) --------------------------------------------------------------------- * Thu May 24 2007 Adam Tkac 31:9.3.4-6.fc7 - take back ldap-api patch because it doesn't works correctly and start using deprecated ldap API - fix minor bug in bind-chroot-admin (#241103) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ cc1c71a78b73605d0effd34e6c1dad8947ab4048 SRPMS/bind-9.3.4-6.fc6.src.rpm cc1c71a78b73605d0effd34e6c1dad8947ab4048 noarch/bind-9.3.4-6.fc6.src.rpm 130b42aad4e384f155d8c7f33627f6dd9ef6a748 ppc/bind-utils-9.3.4-6.fc6.ppc.rpm 4f1007760f115bc0debb3a14938697488bbc1b2b ppc/bind-libs-9.3.4-6.fc6.ppc.rpm e4568217d7f3a78cd4019a0d5dc382dcfb751eee ppc/bind-devel-9.3.4-6.fc6.ppc.rpm 8c09caf80c9f87221c1f23f6e25dc75d183fa9f2 ppc/bind-libbind-devel-9.3.4-6.fc6.ppc.rpm 64106dde53183f579ad006c479a49b8422f57c84 ppc/bind-chroot-9.3.4-6.fc6.ppc.rpm 708d29466ddc413a38029542a32804133c7410ee ppc/debug/bind-debuginfo-9.3.4-6.fc6.ppc.rpm 9dcb26bf180352cac6607294ff8a596d674ecf63 ppc/bind-9.3.4-6.fc6.ppc.rpm 753526181cd5663575cda49eafe686e88685ef4b ppc/caching-nameserver-9.3.4-6.fc6.ppc.rpm c30029be2e6a861a731c38ba8d49bfcd8e3ef240 ppc/bind-sdb-9.3.4-6.fc6.ppc.rpm 6e14c73de8bd56488cafeda797a25e3d81f5e1e5 x86_64/bind-libs-9.3.4-6.fc6.x86_64.rpm 12b3449991cabbab58bdb9850ca9998a59540941 x86_64/caching-nameserver-9.3.4-6.fc6.x86_64.rpm 0de5328d671c344c076f74b0a28d3238d54b0809 x86_64/debug/bind-debuginfo-9.3.4-6.fc6.x86_64.rpm 6a20b77e9ad0c1cb62c9c4433342b974924b6f34 x86_64/bind-9.3.4-6.fc6.x86_64.rpm 626bdd64554e38f3692b4079b4252a18f9685e08 x86_64/bind-libbind-devel-9.3.4-6.fc6.x86_64.rpm 83c2b326a8e75dcf117a6ef87b0988efabfb9098 x86_64/bind-utils-9.3.4-6.fc6.x86_64.rpm 1bda092f5acbb572f7a1f4ef6a9fd6a3113859a5 x86_64/bind-chroot-9.3.4-6.fc6.x86_64.rpm 15a8a6019a45a956979fade469c752b749058e9c x86_64/bind-devel-9.3.4-6.fc6.x86_64.rpm 842be8fd95b9125d3f3fe22c432e4499d8db87de x86_64/bind-sdb-9.3.4-6.fc6.x86_64.rpm 26244e13bc46b4ff7ef8662b64035b6bff8e052a i386/caching-nameserver-9.3.4-6.fc6.i386.rpm 71649bc8367fd8d94bf21a9fa03083849967222f i386/bind-9.3.4-6.fc6.i386.rpm 076022d1df19f75365bd28e5f511b40619e98894 i386/bind-libbind-devel-9.3.4-6.fc6.i386.rpm 1b52d63a2f491949b3894fa31e3a24ce9a77b3ac i386/bind-chroot-9.3.4-6.fc6.i386.rpm ea9739557bf4a67ab63a8e5cc6de03fe9c83f6f8 i386/debug/bind-debuginfo-9.3.4-6.fc6.i386.rpm 99c285a9524a4084a99317b9025387a21875533d i386/bind-sdb-9.3.4-6.fc6.i386.rpm 79f7a8be1a8ca5de4b584a8bc4a53d46a90fe731 i386/bind-devel-9.3.4-6.fc6.i386.rpm b555cb4262cacd29f7109cee525251b4623acb8a i386/bind-libs-9.3.4-6.fc6.i386.rpm 4e10ee5055fbb45c171553a667926abb9fa8f065 i386/bind-utils-9.3.4-6.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From nhorman at redhat.com Wed May 30 18:17:01 2007 From: nhorman at redhat.com (Neil Horman) Date: Wed, 30 May 2007 14:17:01 -0400 Subject: Fedora Core 5 Update: irqbalance-0.55-4.fc5 Message-ID: <200705301817.l4UIH1m7025623@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-532 2007-05-30 --------------------------------------------------------------------- Product : Fedora Core 5 Name : irqbalance Version : 0.55 Release : 4.fc5 Summary : IRQ balancing daemon. Description : irqbalance is a daemon that evenly distributes IRQ load across multiple CPUs for enhanced performance. --------------------------------------------------------------------- * Fri May 25 2007 Neil Horman - 0.55-4 - Import devel irqbalance to FC-5 * Thu May 17 2007 Neil Horman - 0.55-3 - Adding FOLLOW_ISOLCPUS option (bz 237885) * Tue Dec 12 2006 Neil Horman - 0.55-2 - Fixing typos in spec file (bz 219301) * Tue Dec 12 2006 Neil Horman - 0.55-1 - Updating to version 0.55 * Mon Dec 11 2006 Neil Horman - 0.54-1 - Update irqbalance to new version released at www.irqbalance.org * Wed Nov 15 2006 Neil Horman - 1.13-8 - Add ability to set default affinity mask (bz 211148) * Wed Nov 8 2006 Neil Horman - 1.13-7 - fix up irqbalance to detect multicore (not ht) (bz 211183) * Thu Nov 2 2006 Neil Horman - 1.13-6 - bumping up MAX_INTERRUPTS to support xen kernels - rediffing patch1 and patch3 to remove fuzz * Tue Oct 17 2006 Neil Horman - 1.13-5 - Making oneshot mean oneshot always (bz 211178) * Wed Sep 13 2006 Peter Jones - 1.13-4 - Fix subsystem locking * Fri Aug 18 2006 Jesse Keating - 1.13-2 - rebuilt with latest binutils to pick up 64K -z commonpagesize on ppc* (#203001) - Remove hack to use cvs checkin ID as release as it doesn't follow packaging guidelines * Tue Aug 1 2006 Neil Horman - Change license to GPL in version 0.13 * Sat Jul 29 2006 Dave Jones - identify a bunch more classes. * Fri Jul 14 2006 Jesse Keating - rebuild * Tue Jul 11 2006 Dave Jones - Further lazy rebalancing tweaks. --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ 8504c0738001b48ab33baa7b1ca6c97dcf619fd0 SRPMS/irqbalance-0.55-4.fc5.src.rpm 8504c0738001b48ab33baa7b1ca6c97dcf619fd0 noarch/irqbalance-0.55-4.fc5.src.rpm 085b180acc627e51a0ae176037d1627f06f52ea7 ppc/debug/irqbalance-debuginfo-0.55-4.fc5.ppc.rpm 7908f91af8d42ed3bdcb196a0adc1b4a4aa175d0 ppc/irqbalance-0.55-4.fc5.ppc.rpm 51e6257e33bc3e0b7cb3ebda92c6442da27d5a38 x86_64/irqbalance-0.55-4.fc5.x86_64.rpm dcefaf9cd627d7d04138f1b3357589cfe53c4fbe x86_64/debug/irqbalance-debuginfo-0.55-4.fc5.x86_64.rpm 189373edc74832b1f9c32d6741e53f2f089224e8 i386/debug/irqbalance-debuginfo-0.55-4.fc5.i386.rpm 833a2f0f5e06bf55b40326979852e7c6729f6f17 i386/irqbalance-0.55-4.fc5.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From mbarabas at redhat.com Wed May 30 18:18:26 2007 From: mbarabas at redhat.com (Maros Barabas) Date: Wed, 30 May 2007 14:18:26 -0400 Subject: Fedora Core 6 Update: lftp-3.5.9-0.fc6 Message-ID: <200705301818.l4UIIQlH026116@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-431 2007-05-30 --------------------------------------------------------------------- Product : Fedora Core 6 Name : lftp Version : 3.5.9 Release : 0.fc6 Summary : A sophisticated file transfer program Description : LFTP is a sophisticated ftp/http file transfer program. Like bash, it has job control and uses the readline library for input. It has bookmarks, built-in mirroring, and can transfer several files in parallel. It is designed with reliability in mind. --------------------------------------------------------------------- Update Information: Upgrade to new version from upstream --------------------------------------------------------------------- * Wed Apr 4 2007 Maros Barabas - 3.5.9 - Upgrade to 3.5.9 from upstream - Resolves #211483 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ a725aba393ab92f6cb0fd18b02ebccbf8632d477 SRPMS/lftp-3.5.9-0.fc6.src.rpm a725aba393ab92f6cb0fd18b02ebccbf8632d477 noarch/lftp-3.5.9-0.fc6.src.rpm c25df92f242c0ef1f6044d9ada1469d36b1073f0 ppc/lftp-3.5.9-0.fc6.ppc.rpm 15a5d1bce86d1907b3d7a2626c42dec3a48945fd ppc/debug/lftp-debuginfo-3.5.9-0.fc6.ppc.rpm 3c669839da6a902a2539266c9023156335499ef8 x86_64/lftp-3.5.9-0.fc6.x86_64.rpm 6b0c942684c77b01b69d951bb5ded718dae703b8 x86_64/debug/lftp-debuginfo-3.5.9-0.fc6.x86_64.rpm b28bd3a2b3c1fc7838cda3e2326b79523a2b8e6b i386/debug/lftp-debuginfo-3.5.9-0.fc6.i386.rpm 168377ae4cce12fddfbe25bee78ce88914a37816 i386/lftp-3.5.9-0.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From mbacovsk at redhat.com Wed May 30 18:20:20 2007 From: mbacovsk at redhat.com (Martin Bacovsky) Date: Wed, 30 May 2007 14:20:20 -0400 Subject: Fedora Core 6 Update: squid-2.6.STABLE13-1.fc6 Message-ID: <200705301820.l4UIKKxJ027224@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-535 2007-05-30 --------------------------------------------------------------------- Product : Fedora Core 6 Name : squid Version : 2.6.STABLE13 Release : 1.fc6 Summary : The Squid proxy caching server. Description : Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. --------------------------------------------------------------------- Update Information: upgrade to new upstream squid-2.6.STABLE13 --------------------------------------------------------------------- * Mon May 14 2007 Martin Bacovsky - 7:2.6.STABLE13-1 - update to the latest upsteram --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ a62ea818c8e08c0fd3f11592d1b5448352153089 SRPMS/squid-2.6.STABLE13-1.fc6.src.rpm a62ea818c8e08c0fd3f11592d1b5448352153089 noarch/squid-2.6.STABLE13-1.fc6.src.rpm cc7fb89d5795f4b6bddfee76e47ffa9bf492ba89 ppc/debug/squid-debuginfo-2.6.STABLE13-1.fc6.ppc.rpm 02a9605527ec02dea674df4580c5213ff178f33b ppc/squid-2.6.STABLE13-1.fc6.ppc.rpm 7dccc55a3385368b6123312fdeef2c0d73d936dd x86_64/debug/squid-debuginfo-2.6.STABLE13-1.fc6.x86_64.rpm 3844880d11b8c23a27e91b21e3fbce188d7cc5ea x86_64/squid-2.6.STABLE13-1.fc6.x86_64.rpm 1454921f9dddeb8cdc331251e100140cd9a5b0a3 i386/debug/squid-debuginfo-2.6.STABLE13-1.fc6.i386.rpm 153f1bdf1e47a5e58ab95f27f3aef6b646fed131 i386/squid-2.6.STABLE13-1.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From mbarabas at redhat.com Wed May 30 18:22:08 2007 From: mbarabas at redhat.com (Maros Barabas) Date: Wed, 30 May 2007 14:22:08 -0400 Subject: Fedora Core 6 Update: vsftpd-2.0.5-10.fc6 Message-ID: <200705301822.l4UIM8wt028117@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-536 2007-05-30 --------------------------------------------------------------------- Product : Fedora Core 6 Name : vsftpd Version : 2.0.5 Release : 10.fc6 Summary : vsftpd - Very Secure Ftp Daemon Description : vsftpd is a Very Secure FTP daemon. It was written completely from scratch. --------------------------------------------------------------------- * Mon May 28 2007 Maros Barabas - 2.0.5-10 - fix incorrect use str_stat function - Resolves #206810 * Fri Jan 19 2007 Maros Barabas - 2.0.5-9 - add lost patch: don't die when no user config file is present - Resolves #166986 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ f0e4a80897d548e21c5bd1640181ec3f13cfc8be SRPMS/vsftpd-2.0.5-10.fc6.src.rpm f0e4a80897d548e21c5bd1640181ec3f13cfc8be noarch/vsftpd-2.0.5-10.fc6.src.rpm b1a030a981323e9a40a1f0ecee3308be7531b492 ppc/vsftpd-2.0.5-10.fc6.ppc.rpm 6e41761fc0dd7b9732d58f2a1cae7bf0fef639f3 ppc/debug/vsftpd-debuginfo-2.0.5-10.fc6.ppc.rpm 74f13e419055a28fd4fd081df695198607f25d92 x86_64/vsftpd-2.0.5-10.fc6.x86_64.rpm b8cc7222299ddb0557803184403193c6307b45b8 x86_64/debug/vsftpd-debuginfo-2.0.5-10.fc6.x86_64.rpm 283f21ae0e3649c5df2c690dbf6203d7e4cd5334 i386/debug/vsftpd-debuginfo-2.0.5-10.fc6.i386.rpm 85555eb02e1f798fb1574e1d27f46742af7ccddc i386/vsftpd-2.0.5-10.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From stransky at redhat.com Wed May 30 18:23:51 2007 From: stransky at redhat.com (Martin Stransky) Date: Wed, 30 May 2007 14:23:51 -0400 Subject: Fedora Core 6 Update: system-config-soundcard-2.0.6-6.fc6 Message-ID: <200705301823.l4UINpsD028637@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-537 2007-05-30 --------------------------------------------------------------------- Product : Fedora Core 6 Name : system-config-soundcard Version : 2.0.6 Release : 6.fc6 Summary : A graphical interface for detecting and configuring soundcards Description : system-config-soundcard is a graphical user interface that detects and configures the soundcard(s) on the system. --------------------------------------------------------------------- * Mon May 28 2007 Martin Stransky - 2.0.6-6 - update the no-vendor fix (#237709) - added a hack for USB devices (#232217) - disabled fix for (#227778) * Mon May 21 2007 Jeremy Katz - 2.0.6-5 - fix case of no vendor being able to be found in the hal tree (#237709) * Wed Apr 11 2007 Martin Stransky 2.0.6-4 - fixed #227778 - Firstboot soundcard screen 'too wide' with long name - fixed device and initial soundcard configuration - fixed modprobe.conf parser * Wed Mar 28 2007 Jeremy Katz - 2.0.6-3 - sox doesn't get used anymore; don't require it * Tue Jan 23 2007 Martin Stransky 2.0.6-2 - fixed #223915 - system-config-soundcard does not start * Thu Dec 21 2006 Martin Stransky 2.0.6-1 - translation update * Thu Dec 7 2006 Martin Stransky 2.0.5-3 - removed unused code (#218389) - hide tabs if only one sound device is detected (#208411) * Fri Dec 1 2006 Adam Jackson 2.0.5-2 - Bump to fix 6 to 7 upgrades. --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ 70387ab82ff650f1a6d1c10acc7256ad6c9fb4e5 SRPMS/system-config-soundcard-2.0.6-6.fc6.src.rpm 70387ab82ff650f1a6d1c10acc7256ad6c9fb4e5 noarch/system-config-soundcard-2.0.6-6.fc6.src.rpm 3ad95141fc801966a7a9b1596a91f428b9cbb4ef ppc/system-config-soundcard-2.0.6-6.fc6.noarch.rpm 3ad95141fc801966a7a9b1596a91f428b9cbb4ef x86_64/system-config-soundcard-2.0.6-6.fc6.noarch.rpm 3ad95141fc801966a7a9b1596a91f428b9cbb4ef i386/system-config-soundcard-2.0.6-6.fc6.noarch.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From mlichvar at redhat.com Wed May 30 18:26:17 2007 From: mlichvar at redhat.com (Miroslav Lichvar) Date: Wed, 30 May 2007 14:26:17 -0400 Subject: [SECURITY] Fedora Core 6 Update: mutt-1.4.2.3-1.fc6 Message-ID: <200705301826.l4UIQH73029965@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-539 2007-05-30 --------------------------------------------------------------------- Product : Fedora Core 6 Name : mutt Version : 1.4.2.3 Release : 1.fc6 Summary : A text mode mail user agent. Description : Mutt is a text-mode mail user agent. Mutt supports color, threading, arbitrary key remapping, and a lot of customization. You should install mutt if you have used it in the past and you prefer it, or if you are new to mail programs and have not decided which one you are going to use. --------------------------------------------------------------------- Update Information: This update fixes two security issues: The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. (CVE-2007-1558) Buffer overflow in Mutt 1.4.2 might allow local users to execute arbitrary code via "&" characters in the GECOS field, which triggers the overflow during alias expansion. (CVE-2007-2683) --------------------------------------------------------------------- * Mon May 28 2007 Miroslav Lichvar 5:1.4.2.3-1.fc6 - update to 1.4.2.3 (CVE-2007-2683, CVE-2007-1558) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ 95da57dc6d80ba28f234be812fdb04f23422d7e0 SRPMS/mutt-1.4.2.3-1.fc6.src.rpm 95da57dc6d80ba28f234be812fdb04f23422d7e0 noarch/mutt-1.4.2.3-1.fc6.src.rpm 1a88871576ce0a8d9d2c20173232eaf068089171 ppc/debug/mutt-debuginfo-1.4.2.3-1.fc6.ppc.rpm 4f2ff83e7734b6e8b562377af69cd28e8097a9a5 ppc/mutt-1.4.2.3-1.fc6.ppc.rpm 1c6db27e945e767cdca7b2b8cf16b19ffad97751 x86_64/debug/mutt-debuginfo-1.4.2.3-1.fc6.x86_64.rpm fd4c35d9244dbbb6ecadee874f231e3a6eb22ba5 x86_64/mutt-1.4.2.3-1.fc6.x86_64.rpm e071da29cd7d4cc14a8ecbeec6a93ec985da65de i386/debug/mutt-debuginfo-1.4.2.3-1.fc6.i386.rpm 2911156283af56769a72e478297dd2919074a6ae i386/mutt-1.4.2.3-1.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From mlichvar at redhat.com Wed May 30 18:27:54 2007 From: mlichvar at redhat.com (Miroslav Lichvar) Date: Wed, 30 May 2007 14:27:54 -0400 Subject: [SECURITY] Fedora Core 5 Update: mutt-1.4.2.1-8.fc5 Message-ID: <200705301827.l4UIRsKt030632@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-540 2007-05-30 --------------------------------------------------------------------- Product : Fedora Core 5 Name : mutt Version : 1.4.2.1 Release : 8.fc5 Summary : A text mode mail user agent. Description : Mutt is a text-mode mail user agent. Mutt supports color, threading, arbitrary key remapping, and a lot of customization. You should install mutt if you have used it in the past and you prefer it, or if you are new to mail programs and have not decided which one you are going to use. --------------------------------------------------------------------- Update Information: This update fixes two security issues: The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. (CVE-2007-1558) Buffer overflow in Mutt 1.4.2 might allow local users to execute arbitrary code via "&" characters in the GECOS field, which triggers the overflow during alias expansion. (CVE-2007-2683) --------------------------------------------------------------------- * Mon May 28 2007 Miroslav Lichvar 5:1.4.2.1-8.fc5 - validate msgid in APOP authentication (CVE-2007-1558) - fix overflow in gecos field handling (CVE-2007-2683) * Tue Oct 24 2006 Miroslav Lichvar 5:1.4.2.1-7.fc5 - fix insecure temp file creation on NFS (#211085, CVE-2006-5297) * Thu Jun 29 2006 Miroslav Lichvar 5:1.4.2.1-6.3.fc5 - fix a buffer overflow when processing IMAP namespace (#197152, CVE-2006-3242) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ 829bced13a1026fcc26c161386732e07b7334808 SRPMS/mutt-1.4.2.1-8.fc5.src.rpm 829bced13a1026fcc26c161386732e07b7334808 noarch/mutt-1.4.2.1-8.fc5.src.rpm 37ccd07e00e3029df4b0a6861e9ab990778cd527 ppc/mutt-1.4.2.1-8.fc5.ppc.rpm 6cac8e87786bcf6925c99314ce4b9d5bb0886e63 ppc/debug/mutt-debuginfo-1.4.2.1-8.fc5.ppc.rpm f27e2f4eb28efdbb7259318d8e3e3b4a25093d0d x86_64/debug/mutt-debuginfo-1.4.2.1-8.fc5.x86_64.rpm 0fd6fbf7cbf974394661316d2cc114b4fbe74e6a x86_64/mutt-1.4.2.1-8.fc5.x86_64.rpm 5838b7ac7ec9482525a6f10a2a8229ce24b0ced3 i386/mutt-1.4.2.1-8.fc5.i386.rpm ed22bb478f1330eb23f20ad2ff4e1f0887942836 i386/debug/mutt-debuginfo-1.4.2.1-8.fc5.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From dwalsh at redhat.com Wed May 30 18:28:18 2007 From: dwalsh at redhat.com (Daniel Walsh) Date: Wed, 30 May 2007 14:28:18 -0400 Subject: Fedora Core 6 Update: selinux-policy-2.4.6-72.fc6 Message-ID: <200705301828.l4UISIvT030823@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-521 2007-05-30 --------------------------------------------------------------------- Product : Fedora Core 6 Name : selinux-policy Version : 2.4.6 Release : 72.fc6 Summary : SELinux policy configuration Description : SELinux Reference Policy - modular. --------------------------------------------------------------------- * Tue May 22 2007 Dan Walsh 2.4.6-72 - Allow prelink sys_resource, Add transition rule to allow apps to run java in different context * Tue May 15 2007 Dan Walsh 2.4.6-71 - Allow netlable to read etc and work with init terminals - Change file context to have all of policy at SystemLow Resolves: #239079 * Tue May 15 2007 Dan Walsh 2.4.6-70 - Back out Useradd change Resolves: #239079 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ a6fc37d72471c63a2904802bd4838b64e38e0501 SRPMS/selinux-policy-2.4.6-72.fc6.src.rpm a6fc37d72471c63a2904802bd4838b64e38e0501 noarch/selinux-policy-2.4.6-72.fc6.src.rpm 9e12309cab113f0098a1ca5262de17447a4fea11 ppc/selinux-policy-devel-2.4.6-72.fc6.noarch.rpm b7da53f4fbc09eb04ba1226150d04742403f73ee ppc/selinux-policy-strict-2.4.6-72.fc6.noarch.rpm a2474c3427791b2c60413c0e112bd7742a62cdb5 ppc/selinux-policy-2.4.6-72.fc6.noarch.rpm 25fa1be39a96ae31d1c9ea835a290de77e65ffee ppc/selinux-policy-mls-2.4.6-72.fc6.noarch.rpm c0c04bedf95eb33da9fcedf75d80988713a66ea1 ppc/selinux-policy-targeted-2.4.6-72.fc6.noarch.rpm 9e12309cab113f0098a1ca5262de17447a4fea11 x86_64/selinux-policy-devel-2.4.6-72.fc6.noarch.rpm b7da53f4fbc09eb04ba1226150d04742403f73ee x86_64/selinux-policy-strict-2.4.6-72.fc6.noarch.rpm a2474c3427791b2c60413c0e112bd7742a62cdb5 x86_64/selinux-policy-2.4.6-72.fc6.noarch.rpm 25fa1be39a96ae31d1c9ea835a290de77e65ffee x86_64/selinux-policy-mls-2.4.6-72.fc6.noarch.rpm c0c04bedf95eb33da9fcedf75d80988713a66ea1 x86_64/selinux-policy-targeted-2.4.6-72.fc6.noarch.rpm 9e12309cab113f0098a1ca5262de17447a4fea11 i386/selinux-policy-devel-2.4.6-72.fc6.noarch.rpm b7da53f4fbc09eb04ba1226150d04742403f73ee i386/selinux-policy-strict-2.4.6-72.fc6.noarch.rpm a2474c3427791b2c60413c0e112bd7742a62cdb5 i386/selinux-policy-2.4.6-72.fc6.noarch.rpm 25fa1be39a96ae31d1c9ea835a290de77e65ffee i386/selinux-policy-mls-2.4.6-72.fc6.noarch.rpm c0c04bedf95eb33da9fcedf75d80988713a66ea1 i386/selinux-policy-targeted-2.4.6-72.fc6.noarch.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From varekova at redhat.com Wed May 30 18:30:44 2007 From: varekova at redhat.com (Ivana Varekova) Date: Wed, 30 May 2007 14:30:44 -0400 Subject: Fedora Core 5 Update: gd-2.0.33-8.fc5 Message-ID: <200705301830.l4UIUigO032183@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-542 2007-05-30 --------------------------------------------------------------------- Product : Fedora Core 5 Name : gd Version : 2.0.33 Release : 8.fc5 Summary : A graphics library for quick creation of PNG or JPEG images Description : The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the formats accepted for inline images by most browsers. Note that gd is not a paint program. --------------------------------------------------------------------- * Tue May 29 2007 Ivana Varekova - 2.0.33-8 - fix cve-2006-2906 gd denial of service - fix another problem with infinite loop * Mon Jan 29 2007 Ivana Varekova - 2.0.33-7 - Resolves: #224610 CVE-2007-0455 gd buffer overrun --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ 6b6913abf63dbe1427a74ec40230c7b3038f7b8a SRPMS/gd-2.0.33-8.fc5.src.rpm 6b6913abf63dbe1427a74ec40230c7b3038f7b8a noarch/gd-2.0.33-8.fc5.src.rpm cbf58c55faddb3081ad36c0cdf03a0abccd7dbc1 ppc/gd-progs-2.0.33-8.fc5.ppc.rpm 7f27cd7a11c467640a6d72820f4e68ea095ec560 ppc/debug/gd-debuginfo-2.0.33-8.fc5.ppc.rpm 0176f3168a9f601b535dc276e89f3638aeaa418d ppc/gd-devel-2.0.33-8.fc5.ppc.rpm 557e7412ba095b6d55dfb1a20be6377a6ed34ac4 ppc/gd-2.0.33-8.fc5.ppc.rpm 423226e418b794f2e79906e0cfd86f7466a71e55 x86_64/debug/gd-debuginfo-2.0.33-8.fc5.x86_64.rpm b0af6b6d01cf5e94aa0a22e7a4b1e23bcff0bf6e x86_64/gd-progs-2.0.33-8.fc5.x86_64.rpm 4ebb7685e0fbe86e366e630e8fd4cf17927f7d57 x86_64/gd-devel-2.0.33-8.fc5.x86_64.rpm 03938284027e173dc5a73a254752fa8ccb7c88cb x86_64/gd-2.0.33-8.fc5.x86_64.rpm 46160b0afad3edf2f85133016305e750404371dd i386/gd-progs-2.0.33-8.fc5.i386.rpm d4af84f4c9f250cc443cce09812e49fa85950cf1 i386/gd-2.0.33-8.fc5.i386.rpm 5cf3ca2cba896980ca67d65e7684cd7c7943f269 i386/debug/gd-debuginfo-2.0.33-8.fc5.i386.rpm 607e47e7f0a5bb969282904968b1b5fc81c71468 i386/gd-devel-2.0.33-8.fc5.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From caillon at redhat.com Thu May 31 13:01:28 2007 From: caillon at redhat.com (Christopher Aillon) Date: Thu, 31 May 2007 09:01:28 -0400 Subject: [SECURITY] Fedora Core 6 Update: firefox-1.5.0.12-1.fc6 Message-ID: <200705311301.l4VD1S3r003784@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-549 2007-05-31 --------------------------------------------------------------------- Product : Fedora Core 6 Name : firefox Version : 1.5.0.12 Release : 1.fc6 Summary : Mozilla Firefox Web browser. Description : Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. --------------------------------------------------------------------- Update Information: Updated firefox packages that fix several security bugs are now available Fedora Core 6. This update has been rated as having critical security impact by the Fedora Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox processed certain malformed JavaScript code. A web page containing malicious JavaScript code could cause Firefox to crash or potentially execute arbitrary code as the user running Firefox. (CVE-2007-2867, CVE-2007-2868) A flaw was found in the way Firefox handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user's firewall. (CVE-2007-1562) Several denial of service flaws were found in the way Firefox handled certain form and cookie data. A malicious web site that is able to set arbitrary form and cookie data could prevent Firefox from functioning properly. (CVE-2007-1362, CVE-2007-2869) A flaw was found in the way Firefox handled the addEventListener JavaScript method. A malicious web site could use this method to access or modify sensitive data from another web site. (CVE-2007-2870) A flaw was found in the way Firefox displayed certain web content. A malicious web page could generate content that would overlay user interface elements such as the hostname and security indicators, tricking users into thinking they are visiting a different site. (CVE-2007-2871) Users of Firefox are advised to upgrade to these erratum packages, which contain Firefox version 1.5.0.12 that corrects these issues. --------------------------------------------------------------------- * Wed May 30 2007 Christopher Aillon 1.5.0.12-1 - Update to 1.5.0.12 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ f20bee9997965a6902a26caf0e3c9f18e96f482a SRPMS/firefox-1.5.0.12-1.fc6.src.rpm f20bee9997965a6902a26caf0e3c9f18e96f482a noarch/firefox-1.5.0.12-1.fc6.src.rpm a0e7febfb4264f5a0e2a475ac6cdb9371275cbd4 ppc/firefox-devel-1.5.0.12-1.fc6.ppc.rpm a30ccee95490f6513e559d19994488db50933075 ppc/firefox-1.5.0.12-1.fc6.ppc.rpm e90ca6294a76270b8b1b930ce51d894b67f949eb ppc/debug/firefox-debuginfo-1.5.0.12-1.fc6.ppc.rpm 5452ff82e9fbf62cad4ece460ef9415bd47728e0 x86_64/debug/firefox-debuginfo-1.5.0.12-1.fc6.x86_64.rpm 81fc5a70cc7f0591f7ec90eb0f8cf41cf03cfb4a x86_64/firefox-1.5.0.12-1.fc6.x86_64.rpm 1cce48d2a466f257411cdd421c855eb80fefcdfd x86_64/firefox-devel-1.5.0.12-1.fc6.x86_64.rpm deff2b2abdac9925db3f0402075195322b884454 i386/firefox-1.5.0.12-1.fc6.i386.rpm 50f2730f492818d4fc34868710c1cb728cbd35ad i386/firefox-devel-1.5.0.12-1.fc6.i386.rpm 1abeeac266763742539dcd0a1582e62b97b86645 i386/debug/firefox-debuginfo-1.5.0.12-1.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From caillon at redhat.com Thu May 31 13:01:30 2007 From: caillon at redhat.com (Christopher Aillon) Date: Thu, 31 May 2007 09:01:30 -0400 Subject: [SECURITY] Fedora Core 6 Update: epiphany-2.16.3-5.fc6 Message-ID: <200705311301.l4VD1U7Y003796@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-549 2007-05-31 --------------------------------------------------------------------- Product : Fedora Core 6 Name : epiphany Version : 2.16.3 Release : 5.fc6 Summary : GNOME web browser based on the Mozilla rendering engine Description : epiphany is a simple GNOME web browser based on the Mozilla rendering engine --------------------------------------------------------------------- Update Information: Updated firefox packages that fix several security bugs are now available Fedora Core 6. This update has been rated as having critical security impact by the Fedora Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox processed certain malformed JavaScript code. A web page containing malicious JavaScript code could cause Firefox to crash or potentially execute arbitrary code as the user running Firefox. (CVE-2007-2867, CVE-2007-2868) A flaw was found in the way Firefox handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user's firewall. (CVE-2007-1562) Several denial of service flaws were found in the way Firefox handled certain form and cookie data. A malicious web site that is able to set arbitrary form and cookie data could prevent Firefox from functioning properly. (CVE-2007-1362, CVE-2007-2869) A flaw was found in the way Firefox handled the addEventListener JavaScript method. A malicious web site could use this method to access or modify sensitive data from another web site. (CVE-2007-2870) A flaw was found in the way Firefox displayed certain web content. A malicious web page could generate content that would overlay user interface elements such as the hostname and security indicators, tricking users into thinking they are visiting a different site. (CVE-2007-2871) Users of Firefox are advised to upgrade to these erratum packages, which contain Firefox version 1.5.0.12 that corrects these issues. --------------------------------------------------------------------- * Wed May 30 2007 Christopher Aillon - 2.16.3-5 - Rebuild against newer gecko --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ aa4435691aa3ba097882fd8339b04c013491133c SRPMS/epiphany-2.16.3-5.fc6.src.rpm aa4435691aa3ba097882fd8339b04c013491133c noarch/epiphany-2.16.3-5.fc6.src.rpm 2d8bfe1ba6ebd4aa76209052205533b49bdf8940 ppc/debug/epiphany-debuginfo-2.16.3-5.fc6.ppc.rpm 582bf1f86d2d6cb6a788754e5d427c3a1a9088db ppc/epiphany-devel-2.16.3-5.fc6.ppc.rpm e8aa0c3669df4fd32bbd50b813c51efe993f14de ppc/epiphany-2.16.3-5.fc6.ppc.rpm 2d2a83b04cef0d0a09e9957e5738879b900444e7 x86_64/epiphany-2.16.3-5.fc6.x86_64.rpm f9257ff00618d8948833e8c6e65dce78e0f2bd7b x86_64/debug/epiphany-debuginfo-2.16.3-5.fc6.x86_64.rpm 44a079cb54147663974ff07b0203b64fd1d846f0 x86_64/epiphany-devel-2.16.3-5.fc6.x86_64.rpm 85b1ac98e202445ccd459704870151f22d0d070e i386/debug/epiphany-debuginfo-2.16.3-5.fc6.i386.rpm 951da666d5351ae947c79e4011eda23d758102b3 i386/epiphany-2.16.3-5.fc6.i386.rpm 005633dfb7189b75428921ba12ea752af5b01044 i386/epiphany-devel-2.16.3-5.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From caillon at redhat.com Thu May 31 13:01:32 2007 From: caillon at redhat.com (Christopher Aillon) Date: Thu, 31 May 2007 09:01:32 -0400 Subject: [SECURITY] Fedora Core 6 Update: devhelp-0.12-11.fc6 Message-ID: <200705311301.l4VD1WFc003813@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-549 2007-05-31 --------------------------------------------------------------------- Product : Fedora Core 6 Name : devhelp Version : 0.12 Release : 11.fc6 Summary : API document browser Description : An API document browser for GNOME 2. --------------------------------------------------------------------- Update Information: Updated firefox packages that fix several security bugs are now available Fedora Core 6. This update has been rated as having critical security impact by the Fedora Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox processed certain malformed JavaScript code. A web page containing malicious JavaScript code could cause Firefox to crash or potentially execute arbitrary code as the user running Firefox. (CVE-2007-2867, CVE-2007-2868) A flaw was found in the way Firefox handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user's firewall. (CVE-2007-1562) Several denial of service flaws were found in the way Firefox handled certain form and cookie data. A malicious web site that is able to set arbitrary form and cookie data could prevent Firefox from functioning properly. (CVE-2007-1362, CVE-2007-2869) A flaw was found in the way Firefox handled the addEventListener JavaScript method. A malicious web site could use this method to access or modify sensitive data from another web site. (CVE-2007-2870) A flaw was found in the way Firefox displayed certain web content. A malicious web page could generate content that would overlay user interface elements such as the hostname and security indicators, tricking users into thinking they are visiting a different site. (CVE-2007-2871) Users of Firefox are advised to upgrade to these erratum packages, which contain Firefox version 1.5.0.12 that corrects these issues. --------------------------------------------------------------------- * Wed May 30 2007 Christopher Aillon - 0.12.6-11 - Rebuild against newer gecko --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ 70ee7c32894c1158b59884de8742100bef138f65 SRPMS/devhelp-0.12-11.fc6.src.rpm 70ee7c32894c1158b59884de8742100bef138f65 noarch/devhelp-0.12-11.fc6.src.rpm 71e9a2f02c5fc326cd5accd7b20436c6c0ab3f2b ppc/devhelp-0.12-11.fc6.ppc.rpm 415d12d0b3657037ecae354231a1a61cf5ee0b2b ppc/devhelp-devel-0.12-11.fc6.ppc.rpm 08bc2b4b49242ba0419e3abe7238ec8e69bf5193 ppc/debug/devhelp-debuginfo-0.12-11.fc6.ppc.rpm 79ac552cf2c77ad0912f97b7743a6f06c7abe171 x86_64/devhelp-devel-0.12-11.fc6.x86_64.rpm 61271faad2305391c547cdb0476e710a4163abdd x86_64/devhelp-0.12-11.fc6.x86_64.rpm c1f70c85c528c5f6d318be91b8de0eb79b9c2bfd x86_64/debug/devhelp-debuginfo-0.12-11.fc6.x86_64.rpm 7b01b121ed65b54193d679662502cb67b3a69f16 i386/devhelp-devel-0.12-11.fc6.i386.rpm 87d50aabfbc55eb72ded243ddb8cc58bf32a4049 i386/debug/devhelp-debuginfo-0.12-11.fc6.i386.rpm bbe06fac18abeb2df42bdf1ad28b5226720df419 i386/devhelp-0.12-11.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From caillon at redhat.com Thu May 31 13:01:33 2007 From: caillon at redhat.com (Christopher Aillon) Date: Thu, 31 May 2007 09:01:33 -0400 Subject: [SECURITY] Fedora Core 6 Update: yelp-2.16.0-13.fc6 Message-ID: <200705311301.l4VD1XMB003829@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-549 2007-05-31 --------------------------------------------------------------------- Product : Fedora Core 6 Name : yelp Version : 2.16.0 Release : 13.fc6 Summary : A system documentation reader from the Gnome project Description : Yelp is the Gnome 2 help/documentation browser. It is designed to help you browse all the documentation on your system in one central tool. --------------------------------------------------------------------- Update Information: Updated firefox packages that fix several security bugs are now available Fedora Core 6. This update has been rated as having critical security impact by the Fedora Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox processed certain malformed JavaScript code. A web page containing malicious JavaScript code could cause Firefox to crash or potentially execute arbitrary code as the user running Firefox. (CVE-2007-2867, CVE-2007-2868) A flaw was found in the way Firefox handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user's firewall. (CVE-2007-1562) Several denial of service flaws were found in the way Firefox handled certain form and cookie data. A malicious web site that is able to set arbitrary form and cookie data could prevent Firefox from functioning properly. (CVE-2007-1362, CVE-2007-2869) A flaw was found in the way Firefox handled the addEventListener JavaScript method. A malicious web site could use this method to access or modify sensitive data from another web site. (CVE-2007-2870) A flaw was found in the way Firefox displayed certain web content. A malicious web page could generate content that would overlay user interface elements such as the hostname and security indicators, tricking users into thinking they are visiting a different site. (CVE-2007-2871) Users of Firefox are advised to upgrade to these erratum packages, which contain Firefox version 1.5.0.12 that corrects these issues. --------------------------------------------------------------------- * Wed May 30 2007 Christopher Aillon - 2.16.0-13 - Rebuild against newer gecko --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ f180b68f4c5970753df93402214121a63f429aeb SRPMS/yelp-2.16.0-13.fc6.src.rpm f180b68f4c5970753df93402214121a63f429aeb noarch/yelp-2.16.0-13.fc6.src.rpm 51a2f81c7e8e0ec06934f37bfc87d11640b77ead ppc/debug/yelp-debuginfo-2.16.0-13.fc6.ppc.rpm 1779f3eb0565252531055330a3954b22016b202d ppc/yelp-2.16.0-13.fc6.ppc.rpm 59d1165fe5704217a8965c7b863b9a3933d03c53 x86_64/debug/yelp-debuginfo-2.16.0-13.fc6.x86_64.rpm 8c54a35cdabaae9ba415c5a588daf94cc54f1050 x86_64/yelp-2.16.0-13.fc6.x86_64.rpm adfc02cecf94414ff1219855e878a753bcdef44f i386/debug/yelp-debuginfo-2.16.0-13.fc6.i386.rpm 690097b89973a5e2221c1911a66c9583c7e25b78 i386/yelp-2.16.0-13.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From caillon at redhat.com Thu May 31 13:03:59 2007 From: caillon at redhat.com (Christopher Aillon) Date: Thu, 31 May 2007 09:03:59 -0400 Subject: [SECURITY] Fedora Core 6 Update: thunderbird-1.5.0.12-1.fc6 Message-ID: <200705311303.l4VD3xVL004726@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-550 2007-05-31 --------------------------------------------------------------------- Product : Fedora Core 6 Name : thunderbird Version : 1.5.0.12 Release : 1.fc6 Summary : Mozilla Thunderbird mail/newsgroup client Description : Mozilla Thunderbird is a standalone mail and newsgroup client. --------------------------------------------------------------------- Update Information: Updated thunderbird packages that fix several security bugs are now available for Fedora Core. This update has been rated as having critical security impact by the Fedora Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the way Thunderbird processed certain malformed JavaScript code. A web page containing malicious JavaScript code could cause Thunderbird to crash or potentially execute arbitrary code as the user running Thunderbird. (CVE-2007-2867, CVE-2007-2868) Several denial of service flaws were found in the way Thunderbird handled certain form and cookie data. A malicious web site that is able to set arbitrary form and cookie data could prevent Thunderbird from functioning properly. (CVE-2007-1362, CVE-2007-2869) A flaw was found in the way Thunderbird processed certain APOP authentication requests. By sending certain responses when Thunderbird attempted to authenticate against an APOP server, a remote attacker could potentially acquire certain portions of a user's authentication credentials. (CVE-2007-1558) A flaw was found in the way Thunderbird displayed certain web content. A malicious web page could generate content which could overlay user interface elements such as the hostname and security indicators, tricking users into thinking they are visiting a different site. (CVE-2007-2871) Users of Thunderbird are advised to apply this update, which contains Thunderbird version 1.5.0.12 that corrects these issues. --------------------------------------------------------------------- * Wed May 30 2007 Christopher Aillon 1.5.0.12-1 - Update to 1.5.0.12 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ b2bc6b0b1873b30decc11855918c76642e0519c5 SRPMS/thunderbird-1.5.0.12-1.fc6.src.rpm b2bc6b0b1873b30decc11855918c76642e0519c5 noarch/thunderbird-1.5.0.12-1.fc6.src.rpm 319cb9203c2c79699043204a8a110e402f783d7a ppc/debug/thunderbird-debuginfo-1.5.0.12-1.fc6.ppc.rpm d026f2c02fae7bb3d554bb3d4ce8e412ae8f32ec ppc/thunderbird-1.5.0.12-1.fc6.ppc.rpm fddac5a083a0319c39ba81f18d43422682079a91 x86_64/thunderbird-1.5.0.12-1.fc6.x86_64.rpm ea9caab8666767718ae24cb44943dd5097e6f7b2 x86_64/debug/thunderbird-debuginfo-1.5.0.12-1.fc6.x86_64.rpm 1eafd155c1d1013e137c0b948a06210145269f16 i386/thunderbird-1.5.0.12-1.fc6.i386.rpm 07bf8d163e7592a8adc9ee29a972b8f02bcb8f8b i386/debug/thunderbird-debuginfo-1.5.0.12-1.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From caillon at redhat.com Thu May 31 13:06:32 2007 From: caillon at redhat.com (Christopher Aillon) Date: Thu, 31 May 2007 09:06:32 -0400 Subject: [SECURITY] Fedora Core 5 Update: thunderbird-1.5.0.12-1.fc5 Message-ID: <200705311306.l4VD6Wvp005650@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-551 2007-05-31 --------------------------------------------------------------------- Product : Fedora Core 5 Name : thunderbird Version : 1.5.0.12 Release : 1.fc5 Summary : Mozilla Thunderbird mail/newsgroup client Description : Mozilla Thunderbird is a standalone mail and newsgroup client. --------------------------------------------------------------------- Update Information: Updated thunderbird packages that fix several security bugs are now available for Fedora Core. This update has been rated as having critical security impact by the Fedora Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the way Thunderbird processed certain malformed JavaScript code. A web page containing malicious JavaScript code could cause Thunderbird to crash or potentially execute arbitrary code as the user running Thunderbird. (CVE-2007-2867, CVE-2007-2868) Several denial of service flaws were found in the way Thunderbird handled certain form and cookie data. A malicious web site that is able to set arbitrary form and cookie data could prevent Thunderbird from functioning properly. (CVE-2007-1362, CVE-2007-2869) A flaw was found in the way Thunderbird processed certain APOP authentication requests. By sending certain responses when Thunderbird attempted to authenticate against an APOP server, a remote attacker could potentially acquire certain portions of a user's authentication credentials. (CVE-2007-1558) A flaw was found in the way Thunderbird displayed certain web content. A malicious web page could generate content which could overlay user interface elements such as the hostname and security indicators, tricking users into thinking they are visiting a different site. (CVE-2007-2871) Users of Thunderbird are advised to apply this update, which contains Thunderbird version 1.5.0.12 that corrects these issues. --------------------------------------------------------------------- * Wed May 30 2007 Christopher Aillon 1.5.0.12-1 - Update to 1.5.0.12 * Thu Mar 1 2007 Martin Stransky 1.5.0.10-1 - Update to 1.5.0.10 * Tue Dec 19 2006 Matthias Clasen 1.5.0.9-2 - Add a Requires: launchmail (#219884) * Tue Dec 19 2006 Christopher Aillon 1.5.0.9-1 - Update to 1.5.0.9 - Take firefox's pango fixes - Don't offer to import...nothing. * Tue Nov 7 2006 Christopher Aillon 1.5.0.8-1 - Update to 1.5.0.8 - Allow choosing of download directory - Take the user to the correct directory from the Download Manager. - Patch to add support for printing via pango from Behdad. * Sun Oct 8 2006 Christopher Aillon - 1.5.0.7-4 - Default to use of system colors * Wed Oct 4 2006 Christopher Aillon - 1.5.0.7-3 - Bring the invisible character to parity with GTK+ * Wed Sep 27 2006 Christopher Aillon - 1.5.0.7-2 - Fix crash when changing gtk key theme - Prevent UI freezes while changing GNOME theme - Remove verbiage about pango; no longer required by upstream. * Wed Sep 13 2006 Christopher Aillon - 1.5.0.7-1 - Update to 1.5.0.7 * Thu Sep 7 2006 Christopher Aillon - 1.5.0.5-8 - Shuffle order of the install phase around * Thu Sep 7 2006 Christopher Aillon - 1.5.0.5-7 - Let there be art for Alt+Tab again - s/tbdir/mozappdir/g * Wed Sep 6 2006 Christopher Aillon - 1.5.0.5-6 - Fix for cursor position in editor widgets by tagoh and behdad (#198759) * Tue Sep 5 2006 Christopher Aillon - 1.5.0.5-5 - Update nopangoxft.patch - Fix rendering of MathML thanks to Behdad Esfahbod. - Update start page text to reflect the MathML fixes. - Enable pango by default on all locales - Build using -rpath - Re-enable GCC visibility * Thu Aug 3 2006 Kai Engert - 1.5.0.5-4 - Fix a build failure in mailnews mime code. * Tue Aug 1 2006 Matthias Clasen - 1.5.0.5-3 - Rebuild * Thu Jul 27 2006 Christopher Aillon - 1.5.0.5-2 - Update to 1.5.0.5 * Wed Jul 12 2006 Jesse Keating - 1.5.0.4-2.1 - rebuild * Mon Jun 12 2006 Kai Engert - 1.5.0.4-2 - Update to 1.5.0.4 - Fix desktop-file-utils requires --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ 9d6bcf40d81d9d0f281ff9e934ccde1636a82ad2 SRPMS/thunderbird-1.5.0.12-1.fc5.src.rpm 9d6bcf40d81d9d0f281ff9e934ccde1636a82ad2 noarch/thunderbird-1.5.0.12-1.fc5.src.rpm ae8c17a9b856514272d3ad2c55a329717e9cb72b ppc/debug/thunderbird-debuginfo-1.5.0.12-1.fc5.ppc.rpm 005323944a0e7ff4a66361b59746228ab5f5a161 ppc/thunderbird-1.5.0.12-1.fc5.ppc.rpm c29fb2dff816698d248fe2138cd4455bb9c1cb85 x86_64/debug/thunderbird-debuginfo-1.5.0.12-1.fc5.x86_64.rpm 3a1694d8866f0a4ddf6c06eec6b528f4e4dde4b9 x86_64/thunderbird-1.5.0.12-1.fc5.x86_64.rpm 8bb7e372c859690a4f8ca6a4f8944ee3d20d5c96 i386/debug/thunderbird-debuginfo-1.5.0.12-1.fc5.i386.rpm d1baff4693caacf1896eebf6c06551a58293a886 i386/thunderbird-1.5.0.12-1.fc5.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From caillon at redhat.com Thu May 31 13:07:33 2007 From: caillon at redhat.com (Christopher Aillon) Date: Thu, 31 May 2007 09:07:33 -0400 Subject: [SECURITY] Fedora Core 5 Update: seamonkey-1.0.9-1.fc5 Message-ID: <200705311307.l4VD7XcO006048@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-552 2007-05-31 --------------------------------------------------------------------- Product : Fedora Core 5 Name : seamonkey Version : 1.0.9 Release : 1.fc5 Summary : Web browser and mail reader Description : SeaMonkey (former Mozilla) is an open-source web browser, designed for standards compliance, performance and portability. --------------------------------------------------------------------- Update Information: Updated seamonkey packages that fix several security bugs are now available for Fedora Core 5. This update has been rated as having critical security impact by the Fedora Security Response Team. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the way SeaMonkey processed certain malformed JavaScript code. A web page containing malicious JavaScript code could cause SeaMonkey to crash or potentially execute arbitrary code as the user running SeaMonkey. (CVE-2007-2867, CVE-2007-2868) A flaw was found in the way SeaMonkey handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user's firewall. (CVE-2007-1562) Several denial of service flaws were found in the way SeaMonkey handled certain form and cookie data. A malicious web site that is able to set arbitrary form and cookie data could prevent SeaMonkey from functioning properly. (CVE-2007-1362, CVE-2007-2869) A flaw was found in the way SeaMonkey processed certain APOP authentication requests. By sending certain responses when SeaMonkey attempted to authenticate against an APOP server, a remote attacker could potentially acquire certain portions of a user's authentication credentials. (CVE-2007-1558) A flaw was found in the way SeaMonkey handled the addEventListener JavaScript method. A malicious web site could use this method to access or modify sensitive data from another web site. (CVE-2007-2870) A flaw was found in the way SeaMonkey displayed certain web content. A malicious web page could generate content that would overlay user interface elements such as the hostname and security indicators, tricking users into thinking they are visiting a different site. (CVE-2007-2871) Users of SeaMonkey are advised to upgrade to these erratum packages, which contain SeaMonkey version 1.0.9 that corrects these issues. --------------------------------------------------------------------- * Wed May 30 2007 Christopher Aillon 1.0.9-1 - Update to 1.0.9 * Thu Feb 15 2007 Martin Stransky 1.0.8-0.5.1 - Update to 1.0.8 * Thu Jan 18 2007 Martin Stransky 1.0.7-0.6.0.1 - created a link in /usr/bin/seamonkey - fixed mozilla-rebuild-databases.pl script, was called in %post with an incorrect path - fixed mozilla-config script - added a configuration from former extras seamonkey (#223848) * Thu Jan 4 2007 Martin Stransky 1.0.7-0.6 - Release bump * Thu Dec 21 2006 Martin Stransky 1.0.7-0.1 - Update to 1.0.7 * Tue Dec 19 2006 Martin Stransky 1.0.6-0.3 - added dependencies on nspr-devel,nss-devel to seamonkey-devel package * Thu Dec 14 2006 Martin Stransky 1.0.6-0.2.fc6 - added ppc64 to arches * Fri Nov 10 2006 Martin Stransky 1.0.6-0.1.fc6 - moved to core - replaced nspr/nss with packages from core * Sun Nov 5 2006 Christopher Aillon 1.0.6-0.1.el4 - Update to 1.0.6 (RC) * Mon Sep 11 2006 Christopher Aillon 1.0.5-0.1.el4 - Update to 1.0.5 * Wed Jul 26 2006 Christopher Aillon 1.0.3-0.el4.1 - Update to 1.0.3 * Wed Jun 28 2006 Warren Togami 1.0.2-0.1.0.EL4 - Prevent obsolete script from replacing mozilla-xremote-client (#192639) - 1.0.2 security fixes - remove unused patches * Mon May 22 2006 Christopher Aillon 1.0.1-0.1.3.EL4 - Fix the -devel packages and pkg-config files * Fri May 19 2006 Christopher Aillon 1.0.1-0.1.2.EL4 - Import some fixes from the RHEL3 package * Fri May 12 2006 Christopher Aillon 1.0.1-0.1.1.EL4 - Initial Seamonkey RPM --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ d097d329fcc14226207e03feb051fd178654c518 SRPMS/seamonkey-1.0.9-1.fc5.src.rpm d097d329fcc14226207e03feb051fd178654c518 noarch/seamonkey-1.0.9-1.fc5.src.rpm af3c13a62a5c719f2ef9e3a571ee73fd9dfcf84f ppc/seamonkey-1.0.9-1.fc5.ppc.rpm ecd0cc46cab09c1b0deb64a5822a39ae37c9fc25 ppc/debug/seamonkey-debuginfo-1.0.9-1.fc5.ppc.rpm 5b0f2481d2f21ca022642d02b311fce60a73e8f9 ppc/seamonkey-js-debugger-1.0.9-1.fc5.ppc.rpm f65231af0064b2b110ffbe8b97c631189f6be467 ppc/seamonkey-mail-1.0.9-1.fc5.ppc.rpm 2e38ac784a687d95ca55ad21f0a38e8b70f61add ppc/seamonkey-dom-inspector-1.0.9-1.fc5.ppc.rpm c1a3f8acfd8f153096816d1fbe38a1d14d72e81d ppc/seamonkey-devel-1.0.9-1.fc5.ppc.rpm 547fe1520b3759f449472963b8edbc9e8bafb948 ppc/seamonkey-chat-1.0.9-1.fc5.ppc.rpm 99c14431b09e82a17d10547c7e20fa89f79f64be x86_64/seamonkey-dom-inspector-1.0.9-1.fc5.x86_64.rpm 34866fb6795fca53e30344457bdbb2088fcb2587 x86_64/seamonkey-devel-1.0.9-1.fc5.x86_64.rpm e608060c3863ce2f2bf166a8e5ee1908bb2db6b7 x86_64/seamonkey-js-debugger-1.0.9-1.fc5.x86_64.rpm 9d41cdfb0694dd6fa5c13aa8cbc8cba20f411478 x86_64/seamonkey-1.0.9-1.fc5.x86_64.rpm ee27045e12188268010b7d5f7738b6e3fd2c439b x86_64/seamonkey-chat-1.0.9-1.fc5.x86_64.rpm fd58a33d9ae701661fa499e157bbfbc5e74c6a4e x86_64/seamonkey-mail-1.0.9-1.fc5.x86_64.rpm c2c281e8818145761d9dc90fb1cdbd099499e016 x86_64/debug/seamonkey-debuginfo-1.0.9-1.fc5.x86_64.rpm 026cfd55c1a74b8172df78af632a67e77e8a1ed3 i386/seamonkey-devel-1.0.9-1.fc5.i386.rpm 1bf11eaae35d4e525bded75d4499beeaae67cfd1 i386/seamonkey-dom-inspector-1.0.9-1.fc5.i386.rpm fd557a8d93ef82c3ec079eba84a898264c8890c3 i386/debug/seamonkey-debuginfo-1.0.9-1.fc5.i386.rpm 64f814f2239657dbd777fe1e7e6cdc084e299844 i386/seamonkey-js-debugger-1.0.9-1.fc5.i386.rpm aa8011ceba48b69177d57459037a965d6c16d9fb i386/seamonkey-mail-1.0.9-1.fc5.i386.rpm e61f1037c452166539953ab4109547a3f689a233 i386/seamonkey-1.0.9-1.fc5.i386.rpm 143488a2691b79878ad25250a0314e7377875f03 i386/seamonkey-chat-1.0.9-1.fc5.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From caillon at redhat.com Thu May 31 13:07:34 2007 From: caillon at redhat.com (Christopher Aillon) Date: Thu, 31 May 2007 09:07:34 -0400 Subject: [SECURITY] Fedora Core 5 Update: devhelp-0.11-7.fc5 Message-ID: <200705311307.l4VD7Y0a006051@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-552 2007-05-31 --------------------------------------------------------------------- Product : Fedora Core 5 Name : devhelp Version : 0.11 Release : 7.fc5 Summary : API document browser Description : An API document browser for GNOME 2. --------------------------------------------------------------------- Update Information: Updated seamonkey packages that fix several security bugs are now available for Fedora Core 5. This update has been rated as having critical security impact by the Fedora Security Response Team. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the way SeaMonkey processed certain malformed JavaScript code. A web page containing malicious JavaScript code could cause SeaMonkey to crash or potentially execute arbitrary code as the user running SeaMonkey. (CVE-2007-2867, CVE-2007-2868) A flaw was found in the way SeaMonkey handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user's firewall. (CVE-2007-1562) Several denial of service flaws were found in the way SeaMonkey handled certain form and cookie data. A malicious web site that is able to set arbitrary form and cookie data could prevent SeaMonkey from functioning properly. (CVE-2007-1362, CVE-2007-2869) A flaw was found in the way SeaMonkey processed certain APOP authentication requests. By sending certain responses when SeaMonkey attempted to authenticate against an APOP server, a remote attacker could potentially acquire certain portions of a user's authentication credentials. (CVE-2007-1558) A flaw was found in the way SeaMonkey handled the addEventListener JavaScript method. A malicious web site could use this method to access or modify sensitive data from another web site. (CVE-2007-2870) A flaw was found in the way SeaMonkey displayed certain web content. A malicious web page could generate content that would overlay user interface elements such as the hostname and security indicators, tricking users into thinking they are visiting a different site. (CVE-2007-2871) Users of SeaMonkey are advised to upgrade to these erratum packages, which contain SeaMonkey version 1.0.9 that corrects these issues. --------------------------------------------------------------------- * Wed May 30 2007 Christopher Aillon - 0.11-7 - Rebuild against newer gecko * Fri Feb 16 2007 Martin Stransky - 0.11-6 - Rebuild against seamonkey * Fri Dec 22 2006 Martin Stransky - 0.11-5 - Rebuild against seamonkey * Mon Nov 13 2006 Martin Stransky - 0.11-4 - Rebuild against seamonkey --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ f58d165919787c95a4d1c29508a3b077892acdca SRPMS/devhelp-0.11-7.fc5.src.rpm f58d165919787c95a4d1c29508a3b077892acdca noarch/devhelp-0.11-7.fc5.src.rpm e6cb0149b4755d5c70e7ce0a9f4d4779145818b2 ppc/devhelp-0.11-7.fc5.ppc.rpm 06df40639fdf5c32993b6d5dd7b5e2445d341eed ppc/debug/devhelp-debuginfo-0.11-7.fc5.ppc.rpm ff2fdf05eab52a1512521fce2297c282a8399d25 ppc/devhelp-devel-0.11-7.fc5.ppc.rpm ba0c3b7c0be5c75bbe609223e20145ecd5350c52 x86_64/devhelp-0.11-7.fc5.x86_64.rpm 40398e866c19be545c9d6152ad672871067d625c x86_64/devhelp-devel-0.11-7.fc5.x86_64.rpm 84e8ecd0fab8d411860474b33b7579001cf262d9 x86_64/debug/devhelp-debuginfo-0.11-7.fc5.x86_64.rpm 7fc0547752d8ee962951089c3b0b17bb9992e2a5 i386/devhelp-0.11-7.fc5.i386.rpm ee139d6591e82e4a9653e2d8c07d83c6108aa793 i386/devhelp-devel-0.11-7.fc5.i386.rpm 1db82ae33c625d53b1869dae24f9d35acf8120a7 i386/debug/devhelp-debuginfo-0.11-7.fc5.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From caillon at redhat.com Thu May 31 13:07:37 2007 From: caillon at redhat.com (Christopher Aillon) Date: Thu, 31 May 2007 09:07:37 -0400 Subject: [SECURITY] Fedora Core 5 Update: yelp-2.14.3-5.fc5 Message-ID: <200705311307.l4VD7bJ7006057@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-552 2007-05-31 --------------------------------------------------------------------- Product : Fedora Core 5 Name : yelp Version : 2.14.3 Release : 5.fc5 Summary : A system documentation reader from the Gnome project. Description : Yelp is the Gnome 2 help/documentation browser. It is designed to help you browse all the documentation on your system in one central tool. --------------------------------------------------------------------- Update Information: Updated seamonkey packages that fix several security bugs are now available for Fedora Core 5. This update has been rated as having critical security impact by the Fedora Security Response Team. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the way SeaMonkey processed certain malformed JavaScript code. A web page containing malicious JavaScript code could cause SeaMonkey to crash or potentially execute arbitrary code as the user running SeaMonkey. (CVE-2007-2867, CVE-2007-2868) A flaw was found in the way SeaMonkey handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user's firewall. (CVE-2007-1562) Several denial of service flaws were found in the way SeaMonkey handled certain form and cookie data. A malicious web site that is able to set arbitrary form and cookie data could prevent SeaMonkey from functioning properly. (CVE-2007-1362, CVE-2007-2869) A flaw was found in the way SeaMonkey processed certain APOP authentication requests. By sending certain responses when SeaMonkey attempted to authenticate against an APOP server, a remote attacker could potentially acquire certain portions of a user's authentication credentials. (CVE-2007-1558) A flaw was found in the way SeaMonkey handled the addEventListener JavaScript method. A malicious web site could use this method to access or modify sensitive data from another web site. (CVE-2007-2870) A flaw was found in the way SeaMonkey displayed certain web content. A malicious web page could generate content that would overlay user interface elements such as the hostname and security indicators, tricking users into thinking they are visiting a different site. (CVE-2007-2871) Users of SeaMonkey are advised to upgrade to these erratum packages, which contain SeaMonkey version 1.0.9 that corrects these issues. --------------------------------------------------------------------- * Wed May 30 2007 Christopher Aillon - 2.14.3-5 - Rebuild against newer gecko * Fri Feb 16 2007 Martin Stransky - 2.14.3-4 - Rebuild against seamonkey * Fri Dec 22 2006 Martin Stransky - 2.14.3-3 - Rebuild against seamonkey * Tue Nov 14 2006 Martin Stransky - 2.14.3-2 - Rebuild against seamonkey * Wed Aug 2 2006 Matthias Clasen - 2.14.3-1.fc5 - Update to 2.14.3 * Mon May 29 2006 Matthias Clasen - 2.14.2-1 - Update to 2.14.2 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ 659f3e85741e0096c3418e70783499ebf613bd4a SRPMS/yelp-2.14.3-5.fc5.src.rpm 659f3e85741e0096c3418e70783499ebf613bd4a noarch/yelp-2.14.3-5.fc5.src.rpm 7806f1e8309e66d8c8ecf1582290cb39f3aa0df0 ppc/debug/yelp-debuginfo-2.14.3-5.fc5.ppc.rpm 55a38a9eeea586e772c20ba2e43b93b320d09701 ppc/yelp-2.14.3-5.fc5.ppc.rpm c87fa850ed060a2d85ecee53e6bdf103b0224a13 x86_64/debug/yelp-debuginfo-2.14.3-5.fc5.x86_64.rpm 8b7595fbe8f268e375356db470fc49c1e839605a x86_64/yelp-2.14.3-5.fc5.x86_64.rpm 9cc69fd5cdbe93cfdea12e59df097d26467aaffe i386/yelp-2.14.3-5.fc5.i386.rpm 28775ca8c38fb9741a8efe5c94c18b4ae1d3dc07 i386/debug/yelp-debuginfo-2.14.3-5.fc5.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From caillon at redhat.com Thu May 31 13:07:40 2007 From: caillon at redhat.com (Christopher Aillon) Date: Thu, 31 May 2007 09:07:40 -0400 Subject: [SECURITY] Fedora Core 5 Update: epiphany-2.14.3-6.fc5 Message-ID: <200705311307.l4VD7es5006075@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-552 2007-05-31 --------------------------------------------------------------------- Product : Fedora Core 5 Name : epiphany Version : 2.14.3 Release : 6.fc5 Summary : GNOME web browser based on the Mozilla rendering engine Description : epiphany is a simple GNOME web browser based on the Mozilla rendering engine --------------------------------------------------------------------- Update Information: Updated seamonkey packages that fix several security bugs are now available for Fedora Core 5. This update has been rated as having critical security impact by the Fedora Security Response Team. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the way SeaMonkey processed certain malformed JavaScript code. A web page containing malicious JavaScript code could cause SeaMonkey to crash or potentially execute arbitrary code as the user running SeaMonkey. (CVE-2007-2867, CVE-2007-2868) A flaw was found in the way SeaMonkey handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user's firewall. (CVE-2007-1562) Several denial of service flaws were found in the way SeaMonkey handled certain form and cookie data. A malicious web site that is able to set arbitrary form and cookie data could prevent SeaMonkey from functioning properly. (CVE-2007-1362, CVE-2007-2869) A flaw was found in the way SeaMonkey processed certain APOP authentication requests. By sending certain responses when SeaMonkey attempted to authenticate against an APOP server, a remote attacker could potentially acquire certain portions of a user's authentication credentials. (CVE-2007-1558) A flaw was found in the way SeaMonkey handled the addEventListener JavaScript method. A malicious web site could use this method to access or modify sensitive data from another web site. (CVE-2007-2870) A flaw was found in the way SeaMonkey displayed certain web content. A malicious web page could generate content that would overlay user interface elements such as the hostname and security indicators, tricking users into thinking they are visiting a different site. (CVE-2007-2871) Users of SeaMonkey are advised to upgrade to these erratum packages, which contain SeaMonkey version 1.0.9 that corrects these issues. --------------------------------------------------------------------- * Wed May 30 2007 Christopher Aillon - 2.14.3-6 - Rebuild * Wed May 30 2007 Christopher Aillon - 2.14.3-5 - Rebuild against newer gecko * Fri Feb 16 2007 Martin Stransky - 2.14.3-4 - Rebuild against seamonkey * Fri Dec 22 2006 Martin Stransky - 2.14.3-3 - Rebuild against seamonkey * Mon Nov 13 2006 Martin Stransky - 2.14.3-2 - Rebuild against seamonkey * Wed Aug 2 2006 Matthias Clasen - 2.14.3-1.fc5 - Update to 2.14.3 * Mon May 29 2006 Matthias Clasen - 2.14.2.1-1.fc5.1 - Update to 2.14.2.1 * Sun May 28 2006 Matthias Clasen - 2.14.2-1.fc5.1 - Update to 2.14.2 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ 94e424f06c19e031e3109a8eb60e4b06a21150e1 SRPMS/epiphany-2.14.3-6.fc5.src.rpm 94e424f06c19e031e3109a8eb60e4b06a21150e1 noarch/epiphany-2.14.3-6.fc5.src.rpm cb00b48656ebce8c804da1e435a15a2d0d07b6c8 ppc/epiphany-devel-2.14.3-6.fc5.ppc.rpm 3be5508ee511b4d3a76db1cb3cb9c65906fb178d ppc/debug/epiphany-debuginfo-2.14.3-6.fc5.ppc.rpm 8f746eb98b829762540f84bfde2599673c78f244 ppc/epiphany-2.14.3-6.fc5.ppc.rpm 748204683e71dd180486e7a2e66fd2b780739aeb x86_64/epiphany-2.14.3-6.fc5.x86_64.rpm b5addc6b7fbc5cd7db3ffd3bc8eb2ce4efdc4ca1 x86_64/debug/epiphany-debuginfo-2.14.3-6.fc5.x86_64.rpm fc517c37d0e8819689d09f24bc04e9e61c5fd144 x86_64/epiphany-devel-2.14.3-6.fc5.x86_64.rpm e267e1f20bcbbece8041628eb3ac303ec4b64215 i386/epiphany-devel-2.14.3-6.fc5.i386.rpm 0f5b95ac2b08cc945b6efae6b815fdd2167bef6e i386/epiphany-2.14.3-6.fc5.i386.rpm c5479884c86dc5cbf5e4b55839f4b24a20714dda i386/debug/epiphany-debuginfo-2.14.3-6.fc5.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From caillon at redhat.com Thu May 31 13:09:23 2007 From: caillon at redhat.com (Christopher Aillon) Date: Thu, 31 May 2007 09:09:23 -0400 Subject: [SECURITY] Fedora Core 5 Update: firefox-1.5.0.12-1.fc5 Message-ID: <200705311309.l4VD9NJu006661@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-554 2007-05-31 --------------------------------------------------------------------- Product : Fedora Core 5 Name : firefox Version : 1.5.0.12 Release : 1.fc5 Summary : Mozilla Firefox Web browser. Description : Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. --------------------------------------------------------------------- Update Information: Updated firefox packages that fix several security bugs are now available for Fedora Core 5. This update has been rated as having critical security impact by the Fedora Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox processed certain malformed JavaScript code. A web page containing malicious JavaScript code could cause Firefox to crash or potentially execute arbitrary code as the user running Firefox. (CVE-2007-2867, CVE-2007-2868) A flaw was found in the way Firefox handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user's firewall. (CVE-2007-1562) Several denial of service flaws were found in the way Firefox handled certain form and cookie data. A malicious web site that is able to set arbitrary form and cookie data could prevent Firefox from functioning properly. (CVE-2007-1362, CVE-2007-2869) A flaw was found in the way Firefox handled the addEventListener JavaScript method. A malicious web site could use this method to access or modify sensitive data from another web site. (CVE-2007-2870) A flaw was found in the way Firefox displayed certain web content. A malicious web page could generate content that would overlay user interface elements such as the hostname and security indicators, tricking users into thinking they are visiting a different site. (CVE-2007-2871) Users of Firefox are advised to upgrade to these erratum packages, which contain Firefox version 1.5.0.12 that corrects these issues. --------------------------------------------------------------------- * Wed May 30 2007 Christopher Aillon 1.5.0.12-1 - Update to 1.5.0.12 * Thu Feb 22 2007 Martin Stransky - 1.5.0.10-1 - Update to 1.5.0.10 * Wed Dec 20 2006 Christopher Aillon - 1.5.0.9-1 - Update to 1.5.0.9 * Tue Nov 7 2006 Christopher Aillon - 1.5.0.8-1 - Update to 1.5.0.8 - Fix up a few items in the download manager - Use the bullet character for password fields. - Add pango printing patch from Behdad. * Wed Sep 13 2006 Christopher Aillon - 1.5.0.7-1 - Update to 1.5.0.7 - Bring in pango patches from rawhide to fix MathML and cursor positioning * Tue Aug 8 2006 Jesse Keating - 1.5.0.6-2 - Use dist tag - rebuild * Thu Aug 3 2006 Kai Engert - 1.5.0.6-1.1.fc5 - Update to 1.5.0.6 * Thu Jul 27 2006 Christopher Aillon - 1.5.0.5-1.1.fc5 - Update to 1.5.0.5 * Wed Jun 14 2006 Kai Engert - 1.5.0.4-1.2.fc5 - Force "gmake -j1" on ppc ppc64 s390 s390x * Mon Jun 12 2006 Kai Engert - 1.5.0.4-1.1.fc5 - Firefox 1.5.0.4 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ a83e5361e463ea25f96f4b084e670fe337a3ca97 SRPMS/firefox-1.5.0.12-1.fc5.src.rpm a83e5361e463ea25f96f4b084e670fe337a3ca97 noarch/firefox-1.5.0.12-1.fc5.src.rpm 7b9fe30496f3867231c09d3762661dcb654ba7aa ppc/debug/firefox-debuginfo-1.5.0.12-1.fc5.ppc.rpm 7c16f90f7496ef7f1e8d25db6f8c34642bb7e950 ppc/firefox-1.5.0.12-1.fc5.ppc.rpm b859e8dfd781d2cbe9c291b9ab884b851aadeae3 x86_64/debug/firefox-debuginfo-1.5.0.12-1.fc5.x86_64.rpm dca05f5c9941dc93cc9d269f5101e6608f71cca7 x86_64/firefox-1.5.0.12-1.fc5.x86_64.rpm 39ca095c35a32b1a9f312945f28b53b8e87cd959 i386/firefox-1.5.0.12-1.fc5.i386.rpm ad1190d8d8b26817e343073f834d1ba5dd8b21f7 i386/debug/firefox-debuginfo-1.5.0.12-1.fc5.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From kzak at redhat.com Thu May 31 13:11:06 2007 From: kzak at redhat.com (Karel Zak) Date: Thu, 31 May 2007 09:11:06 -0400 Subject: Fedora Core 6 Update: elinks-0.11.1-5.2 Message-ID: <200705311311.l4VDB6Nl007864@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-556 2007-05-31 --------------------------------------------------------------------- Product : Fedora Core 6 Name : elinks Version : 0.11.1 Release : 5.2 Summary : A text-mode Web browser. Description : Links is a text-based Web browser. Links does not display any images, but it does support frames, tables and most other HTML tags. Links' advantage over graphical browsers is its speed--Links starts and exits quickly and swiftly displays Web pages. --------------------------------------------------------------------- * Thu May 31 2007 Karel Zak 0.11.1-5.2 - fix #235411: CVE-2007-2027 elinks tries to load .po files from a non-absolute path --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ 6104f49aebe4525f8090cb16cb6e14bd61e8ecdd SRPMS/elinks-0.11.1-5.2.src.rpm 6104f49aebe4525f8090cb16cb6e14bd61e8ecdd noarch/elinks-0.11.1-5.2.src.rpm 585d68236c44ba7f76cc0ef684d743abeaaa084c ppc/debug/elinks-debuginfo-0.11.1-5.2.ppc.rpm 6dfe83fd1a9c8211426f6d4067dee0d8aae22af8 ppc/elinks-0.11.1-5.2.ppc.rpm 8958098a182088ca02fee40bd4ef3b6f24347d03 x86_64/debug/elinks-debuginfo-0.11.1-5.2.x86_64.rpm 5d35d130ce10ccb855ec59e1ed5693e9403b2342 x86_64/elinks-0.11.1-5.2.x86_64.rpm ee0cc27f7a97ca8c57ba6dfde359d6c2a9c68fe1 i386/debug/elinks-debuginfo-0.11.1-5.2.i386.rpm f191b18fe2e01ad36b7e152481ec2b1437293cfa i386/elinks-0.11.1-5.2.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From tsmetana at redhat.com Thu May 31 13:12:41 2007 From: tsmetana at redhat.com (Tomas Smetana) Date: Thu, 31 May 2007 09:12:41 -0400 Subject: [SECURITY] Fedora Core 5 Update: lha-1.14i-20 Message-ID: <200705311312.l4VDCfKZ008574@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-557 2007-05-31 --------------------------------------------------------------------- Product : Fedora Core 5 Name : lha Version : 1.14i Release : 20 Summary : An archiving and compression utility for LHarc format archives. Description : LHA is an archiving and compression utility for LHarc format archives. LHA is mostly used in the DOS world, but can be used under Linux to extract DOS files from LHA archives. Install the lha package if you need to extract DOS files from LHA archives. --------------------------------------------------------------------- * Thu May 31 2007 Tomas Smetana - 1.14i-20 - fix #220596 CVE-2006-4335/7/8 multiple vulnerabilities in lha --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ f77c3f3784791ebef153250183a94e7435c3910a SRPMS/lha-1.14i-20.src.rpm f77c3f3784791ebef153250183a94e7435c3910a noarch/lha-1.14i-20.src.rpm 60f14246eab34d230adc929a7d405a86b05b82fb ppc/lha-1.14i-20.ppc.rpm df778e5163b234a85ec836be5f5f39a70fa5850c ppc/debug/lha-debuginfo-1.14i-20.ppc.rpm 74e9229fd6cef8687e50d0c5eeb1b9dbaae0bc40 x86_64/debug/lha-debuginfo-1.14i-20.x86_64.rpm 28b18e042aaeee1d5e4c9625e0bb8b6339da35ff x86_64/lha-1.14i-20.x86_64.rpm 79d0dbcac14f359d693300c8d417a8c6162aa214 i386/debug/lha-debuginfo-1.14i-20.i386.rpm 2c067e9c2f6e150259bd40c25b954399fc08307f i386/lha-1.14i-20.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From tsmetana at redhat.com Thu May 31 13:13:06 2007 From: tsmetana at redhat.com (Tomas Smetana) Date: Thu, 31 May 2007 09:13:06 -0400 Subject: Fedora Core 6 Update: logrotate-3.7.4-14.fc6 Message-ID: <200705311313.l4VDD6GX008765@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-558 2007-05-31 --------------------------------------------------------------------- Product : Fedora Core 6 Name : logrotate Version : 3.7.4 Release : 14.fc6 Summary : Rotates, compresses, removes and mails system log files Description : The logrotate utility is designed to simplify the administration of log files on a system which generates a lot of log files. Logrotate allows for the automatic rotation compression, removal and mailing of log files. Logrotate can be set to handle a log file daily, weekly, monthly or when the log file gets to a certain size. Normally, logrotate runs as a daily cron job. Install the logrotate package if you need a utility to deal with the log files on your system. --------------------------------------------------------------------- * Thu May 31 2007 Tomas Smetana 3.7.4-14 - fix ignoring pre/postrotate script arguments (related #241766) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ fdf1c2f4f02eafadda01165f8755df372dd6f942 SRPMS/logrotate-3.7.4-14.fc6.src.rpm fdf1c2f4f02eafadda01165f8755df372dd6f942 noarch/logrotate-3.7.4-14.fc6.src.rpm f9963c82bad708b940316f1f8003272feaaef7ff ppc/logrotate-3.7.4-14.fc6.ppc.rpm 47c574309ea9c4f8a02ee8386016d4d822bcea37 ppc/debug/logrotate-debuginfo-3.7.4-14.fc6.ppc.rpm c61003ddb03d30ba7ceb7766bb92a1b2d042e527 x86_64/logrotate-3.7.4-14.fc6.x86_64.rpm c5bff1661fcc378e3eaef45d03e04ce3b41a5c53 x86_64/debug/logrotate-debuginfo-3.7.4-14.fc6.x86_64.rpm db8b88ed962a273199ad5564dabba95b0df62589 i386/logrotate-3.7.4-14.fc6.i386.rpm fd741372ee7edcbddb0f0273d1541896cf363745 i386/debug/logrotate-debuginfo-3.7.4-14.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From tsmetana at redhat.com Thu May 31 13:14:39 2007 From: tsmetana at redhat.com (Tomas Smetana) Date: Thu, 31 May 2007 09:14:39 -0400 Subject: Fedora Core 5 Update: logrotate-3.7.3-3.fc5 Message-ID: <200705311314.l4VDEde4009153@int-mx1.corp.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-559 2007-05-31 --------------------------------------------------------------------- Product : Fedora Core 5 Name : logrotate Version : 3.7.3 Release : 3.fc5 Summary : Rotates, compresses, removes and mails system log files. Description : The logrotate utility is designed to simplify the administration of log files on a system which generates a lot of log files. Logrotate allows for the automatic rotation compression, removal and mailing of log files. Logrotate can be set to handle a log file daily, weekly, monthly or when the log file gets to a certain size. Normally, logrotate runs as a daily cron job. Install the logrotate package if you need a utility to deal with the log files on your system. --------------------------------------------------------------------- * Thu May 31 2007 Tomas Smetana 3.7.3-3 - fix ignoring pre/postrotate arguments (related #241766) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ 2cda703c4917f407b9360386dae08c8cd02dd379 SRPMS/logrotate-3.7.3-3.fc5.src.rpm 2cda703c4917f407b9360386dae08c8cd02dd379 noarch/logrotate-3.7.3-3.fc5.src.rpm 31d01cdf0b2b9357fc108f40080a95b0eb4288cf ppc/logrotate-3.7.3-3.fc5.ppc.rpm 753e6749f3dc8131e50d578111ecd51e5967c42b ppc/debug/logrotate-debuginfo-3.7.3-3.fc5.ppc.rpm 73d1520f2c66a2c6b10fdccad82fbc036da47d7c x86_64/debug/logrotate-debuginfo-3.7.3-3.fc5.x86_64.rpm 1dec558d459c541c6297bfe18b583f64310fbc57 x86_64/logrotate-3.7.3-3.fc5.x86_64.rpm d2141363c5c53ec8e81c006ed051d73066ec4aa1 i386/logrotate-3.7.3-3.fc5.i386.rpm fe6f899c79b7c2e92b7961a169f454af4ee9ea0d i386/debug/logrotate-debuginfo-3.7.3-3.fc5.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- From updates at fedoraproject.org Thu May 31 18:07:48 2007 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Thu, 31 May 2007 11:07:48 -0700 Subject: [SECURITY] Fedora 7 Update: mutt-1.5.14-4.fc7 Message-ID: <200705311808.l4VI87BV003129@bastion.fedora.phx.redhat.com> -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-0001 None -------------------------------------------------------------------------------- Name : mutt Product : Fedora 7 Version : 1.5.14 Release : 4.fc7 Summary : A text mode mail user agent Description : Mutt is a text-mode mail user agent. Mutt supports color, threading, arbitrary key remapping, and a lot of customization. You should install mutt if you have used it in the past and you prefer it, or if you are new to mail programs and have not decided which one you are going to use. -------------------------------------------------------------------------------- Update Information: This update fixes two security issues: The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. (CVE-2007-1558) Buffer overflow in Mutt 1.4.2 might allow local users to execute arbitrary code via "&" characters in the GECOS field, which triggers the overflow during alias expansion. (CVE-2007-2683) -------------------------------------------------------------------------------- ChangeLog: * Thu May 31 2007 Miroslav Lichvar 5:1.5.14-4 - validate msgid in APOP authentication (CVE-2007-1558) - fix overflow in gecos field handling (CVE-2007-2683) -------------------------------------------------------------------------------- References: CVE-2007-2683 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2683 CVE-2007-1558 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558 -------------------------------------------------------------------------------- Updated packages: 0d77cc0f649490abd9f9f5647e4e2913e00159d8 mutt-1.5.14-4.fc7.ppc64.rpm d785c471a51d451659879c46f658c0092464408b mutt-debuginfo-1.5.14-4.fc7.ppc64.rpm 89497641c382a999a84f9104dd313bf07b7e716b mutt-debuginfo-1.5.14-4.fc7.i386.rpm 001d473a42444ca1fa6199fdbff01d830553a2f5 mutt-1.5.14-4.fc7.i386.rpm 114cf3b1e8b53f083d8aa1b35f3aa2721fbdeb17 mutt-1.5.14-4.fc7.x86_64.rpm cbf04dc13dbb231be3a364531067b1a5a826e69d mutt-debuginfo-1.5.14-4.fc7.x86_64.rpm 2726b125f4f05053507b4efee16a689b37e6dea6 mutt-1.5.14-4.fc7.ppc.rpm 616e62c1e6b402709285d54dbefc03da034fbe67 mutt-debuginfo-1.5.14-4.fc7.ppc.rpm 240746a7009d04df72e45d3b29999fc11f0a320f mutt-1.5.14-4.fc7.src.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://docs.fedoraproject.org/yum/. -------------------------------------------------------------------------------- From updates at fedoraproject.org Thu May 31 18:07:50 2007 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Thu, 31 May 2007 11:07:50 -0700 Subject: [SECURITY] Fedora 7 Update: libpng10-1.0.26-1.fc7.1 Message-ID: <200705311808.l4VI8AkW003146@bastion.fedora.phx.redhat.com> -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-0001 None -------------------------------------------------------------------------------- Name : libpng10 Product : Fedora 7 Version : 1.0.26 Release : 1.fc7.1 Summary : Old version of libpng, needed to run old binaries Description : The libpng10 package contains an old version of libpng, a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. This package is needed if you want to run binaries that were linked dynamically with libpng 1.0.x. -------------------------------------------------------------------------------- Update Information: The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service (application crash) via a grayscale PNG image with a bad tRNS chunk CRC value. This update to libpng 1.0.26 resolves this problem. -------------------------------------------------------------------------------- ChangeLog: * Sun May 20 2007 Paul Howarth 1.0.26-1 - update to 1.0.26 to address DoS issue (#240398, CVE-2007-2445) - update soname patch - libpng.txt now has a versioned filename -------------------------------------------------------------------------------- References: Bug #240398 - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240398 CVE-2007-2445 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2445 -------------------------------------------------------------------------------- Updated packages: e9d0f41b57d69f1e6586e0b503ef9b6ccc3e5e9a libpng10-devel-1.0.26-1.fc7.1.ppc64.rpm 2ef256533015c24e8f118d522545ed18a8643ed9 libpng10-1.0.26-1.fc7.1.ppc64.rpm 35238b6de27fb1400b6843fb26dd6d4acc27cc33 libpng10-debuginfo-1.0.26-1.fc7.1.ppc64.rpm 0a3e2caac921bdd85bca761ee19cd17172e130b0 libpng10-1.0.26-1.fc7.1.i386.rpm 58be28d63413aff84fcf3e36ffeb8884e751cca8 libpng10-devel-1.0.26-1.fc7.1.i386.rpm 6b9e214bf674647fa3ccd46983d82c000f822708 libpng10-debuginfo-1.0.26-1.fc7.1.i386.rpm 35f6ec7b1b873d8c303ca519b60d68fda09b08c9 libpng10-1.0.26-1.fc7.1.x86_64.rpm c0a5ee9564b9c3aaf59aa5c55f0532c3484e0b05 libpng10-devel-1.0.26-1.fc7.1.x86_64.rpm 27f21433ba444324e108340c79b41952358e7a5d libpng10-debuginfo-1.0.26-1.fc7.1.x86_64.rpm 925fde948bb53bb0c7bd531bb954ad85a925c941 libpng10-1.0.26-1.fc7.1.ppc.rpm a9d7f273e7adff68cc418b68d6c666574deaef8b libpng10-debuginfo-1.0.26-1.fc7.1.ppc.rpm 5896b5ca2aba2dee876323315f56fc3057079c76 libpng10-devel-1.0.26-1.fc7.1.ppc.rpm d10cc045eb953333e8b60bb54984b815b0c088ec libpng10-1.0.26-1.fc7.1.src.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://docs.fedoraproject.org/yum/. -------------------------------------------------------------------------------- From updates at fedoraproject.org Thu May 31 18:07:53 2007 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Thu, 31 May 2007 11:07:53 -0700 Subject: [SECURITY] Fedora 7 Update: jasper-1.900.1-2.fc7 Message-ID: <200705311808.l4VI8AkY003146@bastion.fedora.phx.redhat.com> -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-0001 None -------------------------------------------------------------------------------- Name : jasper Product : Fedora 7 Version : 1.900.1 Release : 2.fc7 Summary : Implementation of the JPEG-2000 standard, Part 1 Description : This package contains an implementation of the image compression standard JPEG-2000, Part 1. It consists of tools for conversion to and from the JP2 and JPC formats. -------------------------------------------------------------------------------- Update Information: This update addresses an issue where the jpc_qcx_getcompparms function in jpc/jpc_cs.c could allow remote user-assisted attackers to cause a denial of service (crash) and possibly corrupt the heap via malformed image files. -------------------------------------------------------------------------------- ChangeLog: * Wed May 23 2007 Rex Dieter 1.900.1-2 - CVE-2007-2721 (#240397) -------------------------------------------------------------------------------- References: Bug #240397 - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240397 CVE-2007-2721 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2721 -------------------------------------------------------------------------------- Updated packages: d1ad33ddc37ab768ed6680048be8d6ff298c5193 jasper-debuginfo-1.900.1-2.fc7.ppc64.rpm 487a2d7359e9bda009d1cb90e12d9a94b4bb8455 jasper-devel-1.900.1-2.fc7.ppc64.rpm b848fcedda02f79acc2ad2a50d058ee43a274651 jasper-1.900.1-2.fc7.ppc64.rpm 3efe94050c58f766413f0c8981e33d9b49ed7a83 jasper-devel-1.900.1-2.fc7.i386.rpm 7dbffd09354793d414153b58525d50edc63efe9f jasper-1.900.1-2.fc7.i386.rpm 8800f678c0f0e59617b5406026f9ea024c74d59a jasper-debuginfo-1.900.1-2.fc7.i386.rpm e062a97af5434d7f6fdc43ae78468b810e79363a jasper-debuginfo-1.900.1-2.fc7.x86_64.rpm 661da74b51d29d66f1aa9e7a0cab5e9d00e387f2 jasper-devel-1.900.1-2.fc7.x86_64.rpm 28b3c4972e4fe4ff559508f275baf44afa737fe3 jasper-1.900.1-2.fc7.x86_64.rpm 2fd896cac056c8213ccc8316645357bfbe31fefa jasper-debuginfo-1.900.1-2.fc7.ppc.rpm 379381c938132c783da4f20fd32fcd67d6c02f81 jasper-1.900.1-2.fc7.ppc.rpm 24c1f280a11268e0297a2440898bf5e4637dfcea jasper-devel-1.900.1-2.fc7.ppc.rpm b51f9c6f957de49b24964c90f3da385d6379164a jasper-1.900.1-2.fc7.src.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://docs.fedoraproject.org/yum/. -------------------------------------------------------------------------------- From updates at fedoraproject.org Thu May 31 18:07:55 2007 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Thu, 31 May 2007 11:07:55 -0700 Subject: [SECURITY] Fedora 7 Update: libexif-0.6.15-1.fc7 Message-ID: <200705311808.l4VI8Aka003146@bastion.fedora.phx.redhat.com> -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-0001 None -------------------------------------------------------------------------------- Name : libexif Product : Fedora 7 Version : 0.6.15 Release : 1.fc7 Summary : Library for extracting extra information from image files Description : Most digital cameras produce EXIF files, which are JPEG files with extra tags that contain information about the image. The EXIF library allows you to parse an EXIF file and read the data from those tags. -------------------------------------------------------------------------------- Update Information: This update to the latest upstream release fixes a number of bugs, among them a possible integer overflow in the exif_data_load_data_entry function (CVE-2007-2645), which allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted EXIF data. -------------------------------------------------------------------------------- ChangeLog: * Wed May 30 2007 Matthias Clasen - 0.6.15-1 - Update to 0.6.15 - Drop obsolete patch * Thu May 24 2007 Matthias Clasen - 0.6.13-4 - Add patch for CVE-2007-2645. -------------------------------------------------------------------------------- References: CVE-2007-2645 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2645 -------------------------------------------------------------------------------- Updated packages: 259b0a93b4e96c33c24a75a6d0b312120ac530bf libexif-devel-0.6.15-1.fc7.ppc64.rpm 1e2453c2ca793bcda0729db3cd45b1fa18c21685 libexif-debuginfo-0.6.15-1.fc7.ppc64.rpm 66ed02a08e52eab0d06d120e521ca23ff33679f3 libexif-0.6.15-1.fc7.ppc64.rpm 13c1a5cd5a17155825bf0d77584086fd87f6810a libexif-debuginfo-0.6.15-1.fc7.i386.rpm 052b7d7fdfefbf2c5e18a1b31f2256e00d61d622 libexif-devel-0.6.15-1.fc7.i386.rpm 0494958fb4278f7c859bfa23afaf0eed6e47ed1b libexif-0.6.15-1.fc7.i386.rpm 2fcd5d419e690eff68a9845e9a51d81665ed82d4 libexif-debuginfo-0.6.15-1.fc7.x86_64.rpm b8904b86c20a7dbc39d9d58164c0258789469c6c libexif-0.6.15-1.fc7.x86_64.rpm 8d8657eb0e463125bea71b1b97d8c6613e73ffd0 libexif-devel-0.6.15-1.fc7.x86_64.rpm a5e9d7f1d81bb295a13f30681f7eac8b517b47e1 libexif-0.6.15-1.fc7.ppc.rpm e47125d9b3919724edffb544101305c3dd8e2a4c libexif-debuginfo-0.6.15-1.fc7.ppc.rpm fe35d26972c90154cb285534be03bebba4be315b libexif-devel-0.6.15-1.fc7.ppc.rpm 500a6a4fda130d4fe4025d6f64feddd29ebac275 libexif-0.6.15-1.fc7.src.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://docs.fedoraproject.org/yum/. -------------------------------------------------------------------------------- From updates at fedoraproject.org Thu May 31 18:07:57 2007 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Thu, 31 May 2007 11:07:57 -0700 Subject: Fedora 7 Update: libwnck-2.18.2-1.fc7 Message-ID: <200705311808.l4VI8Akc003146@bastion.fedora.phx.redhat.com> -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-0001 None -------------------------------------------------------------------------------- Name : libwnck Product : Fedora 7 Version : 2.18.2 Release : 1.fc7 Summary : Window Navigator Construction Kit Description : libwnck (pronounced "libwink") is used to implement pagers, tasklists, and other such things. It allows applications to monitor information about open windows, workspaces, their names/icons, and so forth. -------------------------------------------------------------------------------- Update Information: The latest stable upstream release of libwnck includes a number of crash fixes and other bug fixes. -------------------------------------------------------------------------------- ChangeLog: * Mon May 28 2007 Matthias Clasen - 2.18.2-1 - Update to 2.18.2 - Drop upstreamed patches -------------------------------------------------------------------------------- Updated packages: 0e73d452c0de110ca09fb82e1eb89293179a40f1 libwnck-debuginfo-2.18.2-1.fc7.ppc64.rpm 520a71a428b68fec3c3af0106e943860eceec282 libwnck-2.18.2-1.fc7.ppc64.rpm 7c014033291d3074fc64d67875ddd40f9c89176f libwnck-devel-2.18.2-1.fc7.ppc64.rpm 0a10e058d33bcda64e72ddea554dc509d952e744 libwnck-debuginfo-2.18.2-1.fc7.i386.rpm 913c3637878ce6da586a6feaddd14a8ea0e60106 libwnck-devel-2.18.2-1.fc7.i386.rpm e8d866fd325ce25c68986b2b2051dde4a9207afb libwnck-2.18.2-1.fc7.i386.rpm e3a6847637b2fd12bcf41ea768c6f9ed139cfaae libwnck-2.18.2-1.fc7.x86_64.rpm c72b206ee92ad2c50fe0083b1bbf701a90d3f512 libwnck-debuginfo-2.18.2-1.fc7.x86_64.rpm 8ea6ae1ffeeda7dc32c2755d01b373c8cd9740f4 libwnck-devel-2.18.2-1.fc7.x86_64.rpm 8e7da8e7c1dc53d025ddac70e37dc2e60f5ce041 libwnck-debuginfo-2.18.2-1.fc7.ppc.rpm 5987de33b0de6b10eb6329474fd14538d067760c libwnck-devel-2.18.2-1.fc7.ppc.rpm 170eb7e07d43c1573c8767dbf8a54e3059c317a9 libwnck-2.18.2-1.fc7.ppc.rpm b600c20409f1f32b5fb6741cc3ee5a3d52a152db libwnck-2.18.2-1.fc7.src.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://docs.fedoraproject.org/yum/. -------------------------------------------------------------------------------- From updates at fedoraproject.org Thu May 31 18:07:59 2007 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Thu, 31 May 2007 11:07:59 -0700 Subject: [SECURITY] Fedora 7 Update: devhelp-0.13-8.fc7 Message-ID: <200705311808.l4VI8Ake003146@bastion.fedora.phx.redhat.com> -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-0001 None -------------------------------------------------------------------------------- Name : devhelp Product : Fedora 7 Version : 0.13 Release : 8.fc7 Summary : API document browser Description : An API document browser for GNOME 2. -------------------------------------------------------------------------------- Update Information: Updated firefox packages that fix several security bugs are now available for Fedora Core 7. Users of devhelp are advised to upgrade to these erratum packages, which contain an update to devhelp built against the updated Firefox packages. -------------------------------------------------------------------------------- ChangeLog: * Fri May 25 2007 Christopher Aillon - 0.13-8 - Rebuild against newer gecko * Mon Apr 23 2007 Matthew Barnes - 0.13-7.fc7 - Add patch for RH bug #230837 (initialize GThread). * Sat Apr 21 2007 Matthias Clasen - 0.13-6 - Don't install INSTALL -------------------------------------------------------------------------------- References: Bug #241840 - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=241840 CVE-2007-1362 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1362 CVE-2007-1562 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1562 CVE-2007-2867 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2867 CVE-2007-2868 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2868 CVE-2007-2869 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2869 CVE-2007-2870 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2870 CVE-2007-2871 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2871 -------------------------------------------------------------------------------- Updated packages: 91a53f3fe54e8d503ea3433365d5c26235760f88 devhelp-debuginfo-0.13-8.fc7.ppc64.rpm a29a72c4b76a87d4f3aaf77e52307c69f704f1ed devhelp-0.13-8.fc7.ppc64.rpm c53690fedaa531a34c14d7d01630b74d73d4c2af devhelp-devel-0.13-8.fc7.ppc64.rpm e5c238c8be2236309520357e896e8802145c4b26 devhelp-devel-0.13-8.fc7.i386.rpm 5d79adb83863162b092505698ae250b955399eea devhelp-debuginfo-0.13-8.fc7.i386.rpm c0503a60e69761b93d1156e7333e2a997ae66de5 devhelp-0.13-8.fc7.i386.rpm ad11114ebb65ed22f3fb46928efc6b299018f4bd devhelp-debuginfo-0.13-8.fc7.x86_64.rpm 57c958b93ef4a50e948cca500a15f591429e6c1b devhelp-0.13-8.fc7.x86_64.rpm 617036342307c38840df6451fb2b969d8b25c327 devhelp-devel-0.13-8.fc7.x86_64.rpm 22e25a50508563b4a24896fc9b6eea6c3be8d41a devhelp-debuginfo-0.13-8.fc7.ppc.rpm 34281868c706f177c998135bf4896b35d568875f devhelp-0.13-8.fc7.ppc.rpm 8c8dbb68850b5bdbf3c5fca0ae559e1d376413ab devhelp-devel-0.13-8.fc7.ppc.rpm 42ae7a4b8f9cf3a8f9c62317060c71c36cf3ac21 devhelp-0.13-8.fc7.src.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://docs.fedoraproject.org/yum/. -------------------------------------------------------------------------------- From updates at fedoraproject.org Thu May 31 18:08:08 2007 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Thu, 31 May 2007 11:08:08 -0700 Subject: [SECURITY] Fedora 7 Update: firefox-2.0.0.4-1.fc7 Message-ID: <200705311808.l4VI8Lpo003174@bastion.fedora.phx.redhat.com> -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-0001 None -------------------------------------------------------------------------------- Name : firefox Product : Fedora 7 Version : 2.0.0.4 Release : 1.fc7 Summary : Mozilla Firefox Web browser. Description : Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. -------------------------------------------------------------------------------- Update Information: Updated firefox packages that fix several security bugs are now available for Fedora Core 7. This update has been rated as having critical security impact by the Fedora Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox processed certain malformed JavaScript code. A web page containing malicious JavaScript code could cause Firefox to crash or potentially execute arbitrary code as the user running Firefox. (CVE-2007-2867, CVE-2007-2868) A flaw was found in the way Firefox handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user's firewall. (CVE-2007-1562) Several denial of service flaws were found in the way Firefox handled certain form and cookie data. A malicious web site that is able to set arbitrary form and cookie data could prevent Firefox from functioning properly. (CVE-2007-1362, CVE-2007-2869) A flaw was found in the way Firefox handled the addEventListener JavaScript method. A malicious web site could use this method to access or modify sensitive data from another web site. (CVE-2007-2870) A flaw was found in the way Firefox displayed certain web content. A malicious web page could generate content that would overlay user interface elements such as the hostname and security indicators, tricking users into thinking they are visiting a different site. (CVE-2007-2871) Users of Firefox are advised to upgrade to these erratum packages, which contain Firefox version 2.0.0.4 that corrects these issues. -------------------------------------------------------------------------------- ChangeLog: * Wed May 30 2007 Christopher Aillon 2.0.0.4-1 - Final version * Wed May 23 2007 Christopher Aillon 2.0.0.4-0.rc3 - Update to 2.0.0.4 RC3 -------------------------------------------------------------------------------- References: Bug #241840 - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=241840 CVE-2007-1362 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1362 CVE-2007-1562 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1562 CVE-2007-2867 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2867 CVE-2007-2868 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2868 CVE-2007-2869 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2869 CVE-2007-2870 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2870 CVE-2007-2871 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2871 -------------------------------------------------------------------------------- Updated packages: 18c29736efa5d1b4727e4cd202f5e0155e897a53 firefox-debuginfo-2.0.0.4-1.fc7.ppc64.rpm bc29016cee75b9f7fc5b9cb07a1122c37021bd62 firefox-devel-2.0.0.4-1.fc7.ppc64.rpm 42aa46f5b3fbfd5ba298a404b8a7fba1246b8c20 firefox-2.0.0.4-1.fc7.ppc64.rpm 9f4cd34855dfca83f5b4125b6ea3ca396643732e firefox-debuginfo-2.0.0.4-1.fc7.i386.rpm 5fcf42599604c2fe48c575a07ecb78990ac96e25 firefox-2.0.0.4-1.fc7.i386.rpm 76ac8b455fa63a690544f43146f4f249afbfe5a4 firefox-devel-2.0.0.4-1.fc7.i386.rpm 6ac169395f65e5a17430b1c6a4a3a32dbd1aae91 firefox-2.0.0.4-1.fc7.x86_64.rpm e83da4ee0c5f2ed01494f6169f3e4f8b4d1631c6 firefox-devel-2.0.0.4-1.fc7.x86_64.rpm c06b4a2604549fad7af51b4c128d7835780c6273 firefox-debuginfo-2.0.0.4-1.fc7.x86_64.rpm bc4610a1b5c90849b85ca5bed576eef1bf2b5530 firefox-debuginfo-2.0.0.4-1.fc7.ppc.rpm 94f0b1d0431054d16e7f67be994e26cdd48a2e0b firefox-2.0.0.4-1.fc7.ppc.rpm edae97c5880043e1aad745594d5fdd2eb650666c firefox-devel-2.0.0.4-1.fc7.ppc.rpm 17f2bfe4b2792faa84f9e46d6e88e8e240eb342b firefox-2.0.0.4-1.fc7.src.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://docs.fedoraproject.org/yum/. -------------------------------------------------------------------------------- From updates at fedoraproject.org Thu May 31 18:08:10 2007 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Thu, 31 May 2007 11:08:10 -0700 Subject: [SECURITY] Fedora 7 Update: yelp-2.18.1-4.fc7 Message-ID: <200705311808.l4VI8Lpq003174@bastion.fedora.phx.redhat.com> -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-0001 None -------------------------------------------------------------------------------- Name : yelp Product : Fedora 7 Version : 2.18.1 Release : 4.fc7 Summary : A system documentation reader from the Gnome project Description : Yelp is the Gnome 2 help/documentation browser. It is designed to help you browse all the documentation on your system in one central tool. -------------------------------------------------------------------------------- Update Information: Updated firefox packages that fix several security bugs are now available for Fedora Core 7. Users of yelp are advised to upgrade to these erratum packages which contain a version of yelp built against a firefox version not vulnerable to these flaws. -------------------------------------------------------------------------------- ChangeLog: * Fri May 25 2007 Christopher Aillon - 2.18.1-4 - Rebuild against newer gecko * Wed Apr 18 2007 Matthias Clasen - 2.18.1-3 - Improve the man parser a bit - Fix another crash in the info parser -------------------------------------------------------------------------------- References: Bug #241840 - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=241840 CVE-2007-1362 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1362 CVE-2007-1562 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1562 CVE-2007-2867 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2867 CVE-2007-2868 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2868 CVE-2007-2869 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2869 CVE-2007-2870 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2870 CVE-2007-2871 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2871 -------------------------------------------------------------------------------- Updated packages: 05e450069be7cc5ac641b42d265af462db22186c yelp-2.18.1-4.fc7.ppc64.rpm cde1de195d50486fc5c5806ccc97ff1b96cbf0d2 yelp-debuginfo-2.18.1-4.fc7.ppc64.rpm 451ffa765a529d35bb115d8ef1a43d2f658a8b45 yelp-debuginfo-2.18.1-4.fc7.i386.rpm 1abd2f3a64b4817f609afaf8d1cd5ff07e8dd63d yelp-2.18.1-4.fc7.i386.rpm c2f65348200174327b87e6c5a0b023af0e5d43a5 yelp-2.18.1-4.fc7.x86_64.rpm 3f5aedbb58d814e6995176cf0d8fad7883a2a5b5 yelp-debuginfo-2.18.1-4.fc7.x86_64.rpm 03a853f4bde421107411f19e83a07075fbdc1c46 yelp-debuginfo-2.18.1-4.fc7.ppc.rpm 269a84ddcb64088d7d92d3fcbd3dd5f14ceabd99 yelp-2.18.1-4.fc7.ppc.rpm 81315fa5248e5d89d43040d236b5ff2647180fcf yelp-2.18.1-4.fc7.src.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://docs.fedoraproject.org/yum/. -------------------------------------------------------------------------------- From updates at fedoraproject.org Thu May 31 18:08:01 2007 From: updates at fedoraproject.org (updates at fedoraproject.org) Date: Thu, 31 May 2007 11:08:01 -0700 Subject: [SECURITY] Fedora 7 Update: epiphany-2.18.1-3.fc7 Message-ID: <200705311808.l4VI8Lpm003174@bastion.fedora.phx.redhat.com> -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-0001 None -------------------------------------------------------------------------------- Name : epiphany Product : Fedora 7 Version : 2.18.1 Release : 3.fc7 Summary : GNOME web browser based on the Mozilla rendering engine Description : epiphany is a simple GNOME web browser based on the Mozilla rendering engine. -------------------------------------------------------------------------------- Update Information: Updated firefox packages that fix several security bugs are now available for Fedora Core 7. Users of epiphany are advised to upgrade to these erratum packages which have been rebuilt against a patched firefox which is not vulnerable to these issues. -------------------------------------------------------------------------------- ChangeLog: * Thu May 24 2007 Christopher Aillon 2.18.1-3 - Rebuild against newer gecko -------------------------------------------------------------------------------- References: Bug #241840 - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=241840 CVE-2007-1362 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1362 CVE-2007-1562 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1562 CVE-2007-2867 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2867 CVE-2007-2868 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2868 CVE-2007-2869 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2869 CVE-2007-2870 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2870 CVE-2007-2871 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2871 -------------------------------------------------------------------------------- Updated packages: 3a3535aef522d5ebd1447c77c16bb366b5e9ac3a epiphany-2.18.1-3.fc7.ppc64.rpm 449177707a2b77bd4ee6e389203e664724e69e1a epiphany-devel-2.18.1-3.fc7.ppc64.rpm b7a81e7fd3e79998a5c445c816601ad46a18b520 epiphany-debuginfo-2.18.1-3.fc7.ppc64.rpm 67a9a4685720029ced46086eeb0803ffde36f6a4 epiphany-devel-2.18.1-3.fc7.i386.rpm a794dfc51f01d836b72c3d82a270c35f2f52a5ca epiphany-debuginfo-2.18.1-3.fc7.i386.rpm 543a1b553dda90e32df875d1bb0b105b36310867 epiphany-2.18.1-3.fc7.i386.rpm 615cd99f5769fbbca6418898beb4fb415c5fda6d epiphany-2.18.1-3.fc7.x86_64.rpm caa5d06889571a2a66e00fd6f4d2aa6c5273b257 epiphany-devel-2.18.1-3.fc7.x86_64.rpm 24c3bdbc240d9e2de2741f3bcd89609502991196 epiphany-debuginfo-2.18.1-3.fc7.x86_64.rpm ca8430ff7ebceb6966fe09605399dd81f5582215 epiphany-debuginfo-2.18.1-3.fc7.ppc.rpm 784c42e0914bfb727dfa479134efc01fdd5a0c35 epiphany-2.18.1-3.fc7.ppc.rpm faa9755a48e5d2dd544262f5d5e8b7cf35465f29 epiphany-devel-2.18.1-3.fc7.ppc.rpm b6f24159f3b63148d4a258ed7f612cbb93a34541 epiphany-2.18.1-3.fc7.src.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://docs.fedoraproject.org/yum/. --------------------------------------------------------------------------------