Fedora EPEL 4 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Sat Oct 10 20:26:50 UTC 2009
The following builds have been pushed to Fedora EPEL 4 updates-testing
Django-1.1.1-1.el4
python-guppy-0.1.9-1.el4
tcl-mysqltcl-3.05-6.el4
Details about builds:
================================================================================
Django-1.1.1-1.el4 (FEDORA-EPEL-2009-0617)
A high-level Python Web framework
--------------------------------------------------------------------------------
Update Information:
http://www.djangoproject.com/weblog/2009/oct/09/security/ Description of
vulnerability ============================ Django's forms library included
field types which perform regular-expression-based validation of email addresses
and URLs. Certain addresses/URLs could trigger a pathological performance case
in this regular expression, resulting in the server process/thread becoming
unresponsive, and consuming excessive CPU over an extended period of time. If
deliberately triggered, this could result in an effective denial-of-service
attack.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 9 2009 Steve 'Ashcrow' Milner <stevem at gnulinux.net> - 1.1.1-1
- Update to fix http://www.djangoproject.com/weblog/2009/oct/09/security/
- Django-ignore-pyo-bz-495046.patch no longer needed.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #528246 - Django's forms DOS in 1.1/1.0
https://bugzilla.redhat.com/show_bug.cgi?id=528246
--------------------------------------------------------------------------------
================================================================================
python-guppy-0.1.9-1.el4 (FEDORA-EPEL-2009-0624)
A Python Programming Environment
--------------------------------------------------------------------------------
Update Information:
Initial package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #526238 - Review Request: python-guppy - A Python Programming Environment
https://bugzilla.redhat.com/show_bug.cgi?id=526238
--------------------------------------------------------------------------------
================================================================================
tcl-mysqltcl-3.05-6.el4 (FEDORA-EPEL-2009-0618)
MySQL interface for Tcl
--------------------------------------------------------------------------------
Update Information:
New package: tcl-mysqltcl - MySQL interface for Tcl This package is an
extension to the Tool Command Language (Tcl) that provides high-level access to
a MySQL database server.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #466047 - Review Request: tcl-mysqltcl - MySQL interface for Tcl
https://bugzilla.redhat.com/show_bug.cgi?id=466047
--------------------------------------------------------------------------------
More information about the epel-devel-list
mailing list