From colin at fedoraproject.org Wed Mar 2 05:25:44 2005 From: colin at fedoraproject.org (Colin Charles) Date: Wed, 02 Mar 2005 13:25:44 +0800 Subject: Minutes from the Fedora Extras Steering Committee - 24/02/2005 Message-ID: <1109741144.5676.595.camel@arena.soho.bytebot.net> Fedora Extras Steering Committee Attendees: Attendance: =========== Greg DeKoenigsberg (chair) Warren Togami Jeremy Katz Elliot Lee Jesse Keating Seth Vidal Tom 'Spot' Callaway Michael Schwendt Colin Charles Regrets: ======== Plenty, as meeting announcement went out <12 hours before meeting Actions: ======== ACTION: Greg has created a schedule, its publically available - http://fedoraproject.org/wiki/FedoraExtrasSchedule ACTION: Elliot has created an accounts system, and its almost ready - https://admin.fedora.redhat.com/accounts/ ACTION: /cvs/fedora is available to hold infrastructure and project related stuff at cvs.fedora.redhat.com ACTION: Seth, working alongside Icon, did a mockup for the Fedora Package web site: http://www.phy.duke.edu/~icon/work/test/package.html New Actions: ============ ACTION: Elliot will place website into CVS when the accounts system is ready ACTION: Warren will revive fedora-buildsys-list ACTION: Seth will handle the build system stuff, alongside Thomas and Gafton ACTION: Jesse and Tom will handle video for FUDCon. Tom has the task of editing them, after Jesse uploads them ACTION: Web team (headed by Greg, with minions like Seth, Elliot, Dave, Colin, etc...) to look at revamping fedora.redhat.com ACTION: Warren to revamp fedora.us. Make it clear that Fedora Extras for >FC3 is to be found elsewhere ACTION: Greg to look at legal aspects of linking to external sites (like a forum); looking at contributory infringement and removal of advertisements ACTION: Branch Fedora Extras, taken care by Elliot/Gafton ACTION: Rebuild Extras for FC4 test 1. We shall wait for GCC4 to hit Core. Seth will handle x86/x86_64 builds. For PPC, we should be asking dwmw2 ACTION: Colin to create Fedora Traffic, the successor to Fedora News Updates. ACTION: Gafton to fix the CVS remove script ACTION: Bugzilla for Legacy components to be taken on by Dave and Jesse Discussion ========== - Getting Matthias Saou on the committee was brought up - Indiana University Linux Fest and Fedora participation, headed up by Jesse - De-facto Core Technical Committee: Notting, Gafton, Sopwith, Jeremy - Fedora Extras trademark. Policy is, everything that applies to "Fedora" in general applies to "Fedora Extras." Review the guidelines at fedora.redhat.com, and if they are disagreeable, propose changes through the Legal Tracker - fedora-lit at redhat.com -- Colin Charles, {colin,byte}@fedoraproject.org http://www.bytebot.net/ "First they ignore you, then they laugh at you, then they fight you, then you win." -- Mohandas Gandhi From veillard at redhat.com Wed Mar 2 18:05:51 2005 From: veillard at redhat.com (Daniel Veillard) Date: Wed, 2 Mar 2005 13:05:51 -0500 Subject: Fedora Core 3 Update: gamin-0.0.25-1.FC3 Message-ID: <20050302180551.GT27064@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-187 2005-03-02 --------------------------------------------------------------------- Product : Fedora Core 3 Name : gamin Version : 0.0.25 Release : 1.FC3 Summary : Library providing the FAM File Alteration Monitor API Description : This C library provides an API and ABI compatible file alteration monitor mechanism compatible with FAM but not dependent on a system wide daemon. --------------------------------------------------------------------- Update Information: This release fixes some problems with gamin-0.0.24 especially for temporary storage like USB keys. --------------------------------------------------------------------- * Tue Mar 1 2005 Daniel Veillard 0.0.25-1.FC3 - Fix a configure problem reported by Martin Schlemmer - Fix the /media/* and /mnt/* mount blocking problems from 0.0.24 e.g. #142637 - Fix the monitoring of directory using poll and not kernel --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 2985a58c00dda9f7f209f058c87e4f2b SRPMS/gamin-0.0.25-1.FC3.src.rpm 32149a5d1e7c77450a7212846230a521 x86_64/gamin-0.0.25-1.FC3.x86_64.rpm 4e49052d561be1b58e8a16ad5bf2ef16 x86_64/gamin-devel-0.0.25-1.FC3.x86_64.rpm 3b545a1e37d045285372673f84a874e4 x86_64/gamin-python-0.0.25-1.FC3.x86_64.rpm b94b242380f77cc2213f14cc5282332a x86_64/debug/gamin-debuginfo-0.0.25-1.FC3.x86_64.rpm 16fad34088365fa4d4af9d73baab91d7 x86_64/gamin-0.0.25-1.FC3.i386.rpm 16fad34088365fa4d4af9d73baab91d7 i386/gamin-0.0.25-1.FC3.i386.rpm 27692f65bba77efbfee31e2b70da1290 i386/gamin-devel-0.0.25-1.FC3.i386.rpm 6bbf123957bff49f5fe34dd6189e7c29 i386/gamin-python-0.0.25-1.FC3.i386.rpm 59cdadd1927fe6c0680964b497c90a23 i386/debug/gamin-debuginfo-0.0.25-1.FC3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- Daniel -- Daniel Veillard | Red Hat Desktop team http://redhat.com/ veillard at redhat.com | libxml GNOME XML XSLT toolkit http://xmlsoft.org/ http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/ From rstrode at redhat.com Thu Mar 3 16:21:00 2005 From: rstrode at redhat.com (Ray Strode) Date: Thu, 03 Mar 2005 11:21:00 -0500 Subject: [SECURITY] Fedora Core 3 Update: HelixPlayer-1.0.3-3.fc3 Message-ID: <1109866860.5383.2.camel@localhost.localdomain> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-188 2005-03-03 --------------------------------------------------------------------- Product : Fedora Core 3 Name : HelixPlayer Version : 1.0.3 Release : 3.fc3 Summary : Open source media player based on the Helix framework Description : The Helix Player 1.0 is an open-source media player built in the Helix Community for consumers. Built using GTK, it plays open source formats, like Ogg Vorbis and Theora using the powerful Helix DNA Client Media Engine. --------------------------------------------------------------------- Update Information: Updated HelixPlayer packages that fixes two buffer overflow issues are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. A stack based buffer overflow bug was found in HelixPlayer's Synchronized Multimedia Integration Language (SMIL) file processor. An attacker could create a specially crafted SMIL file which would execute arbitrary code when opened by a user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0455 to this issue. A buffer overflow bug was found in the way HelixPlayer decodes WAV files. An attacker could create a specially crafted WAV file which could execute arbitrary code when opened by a user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0611 to this issue. All users of HelixPlayer are advised to upgrade to this updated package, which contains HelixPlayer 1.0.3 which is not vulnerable to these issues. --------------------------------------------------------------------- * Thu Mar 3 2005 Ray Strode 1:1.0.3-3.fc3 - Actually update to 1.0.3 * Thu Mar 3 2005 Ray Strode 1:1.0.3-2.fc3 - Update to 1.0.3 to fix 150098 and 150103. - Add some execshield foo to stop some execstack regressions - Add libogg-devel build req to tame compiler --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 6b65dacea8b1502caa8c98d0076f1d6e SRPMS/HelixPlayer-1.0.3-3.fc3.src.rpm c385ef4c8ef6ee53ac7c784bb8fd7b58 x86_64/HelixPlayer-1.0.3-3.fc3.i386.rpm c385ef4c8ef6ee53ac7c784bb8fd7b58 i386/HelixPlayer-1.0.3-3.fc3.i386.rpm f8d4f9ae8b90ba0e506b83b1e8c0636f i386/debug/HelixPlayer-debuginfo-1.0.3-3.fc3.i 386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From jakub at redhat.com Thu Mar 3 22:48:26 2005 From: jakub at redhat.com (Jakub Jelinek) Date: Thu, 3 Mar 2005 17:48:26 -0500 Subject: Fedora Core 3 Update: tzdata-2005f-1.fc3 Message-ID: <20050303224826.GC853@devserv.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-189 2005-03-03 --------------------------------------------------------------------- Product : Fedora Core 3 Name : tzdata Version : 2005f Release : 1.fc3 Summary : Timezone data Description : This package contains data files with rules for various timezones around the world. --------------------------------------------------------------------- * Tue Mar 1 2005 Jakub Jelinek 2005f-1.fc3 - 2005f - more updates for Israel, updates for Azerbaijan --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ a07273a4bf0adf7e47b834d46fcd9c57 SRPMS/tzdata-2005f-1.fc3.src.rpm 085b5652b4e2ccf74b80858d174534e2 x86_64/tzdata-2005f-1.fc3.noarch.rpm 085b5652b4e2ccf74b80858d174534e2 i386/tzdata-2005f-1.fc3.noarch.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From jakub at redhat.com Thu Mar 3 22:49:09 2005 From: jakub at redhat.com (Jakub Jelinek) Date: Thu, 3 Mar 2005 17:49:09 -0500 Subject: Fedora Core 2 Update: tzdata-2005f-1.fc2 Message-ID: <20050303224908.GD853@devserv.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-190 2005-03-03 --------------------------------------------------------------------- Product : Fedora Core 2 Name : tzdata Version : 2005f Release : 1.fc2 Summary : Timezone data Description : This package contains data files with rules for various timezones around the world. --------------------------------------------------------------------- * Tue Mar 1 2005 Jakub Jelinek 2005f-1.fc2 - 2005f - more updates for Israel, updates for Azerbaijan --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ 36ddd78b68eebab6de163ca23edf026e SRPMS/tzdata-2005f-1.fc2.src.rpm d3283574363a753202cf517bc9e26cad x86_64/tzdata-2005f-1.fc2.noarch.rpm d3283574363a753202cf517bc9e26cad i386/tzdata-2005f-1.fc2.noarch.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From davej at redhat.com Thu Mar 3 23:49:31 2005 From: davej at redhat.com (Dave Jones) Date: Thu, 3 Mar 2005 18:49:31 -0500 Subject: Fedora Core 2 Update: kernel-2.6.10-1.770_FC2 Message-ID: <200503032349.j23NnVkl006082@devserv.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-183 2005-03-03 --------------------------------------------------------------------- Product : Fedora Core 2 Name : kernel Version : 2.6.10 Release : 1.770_FC2 Summary : The Linux kernel (the core of the Linux operating system) Description : The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. --------------------------------------------------------------------- * Thu Feb 24 2005 Dave Jones - Use old scheme first when probing USB. (#145273) * Wed Feb 23 2005 Dave Jones - Try as you may, there's no escape from crap SCSI hardware. (#149402) * Mon Feb 21 2005 Dave Jones - Disable some experimental USB EHCI features. * Tue Feb 15 2005 Dave Jones - Fix bio leak in md layer. --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ ee6f1056b377e7bded2531f705c18cb8 SRPMS/kernel-2.6.10-1.770_FC2.src.rpm 48379015be4a89c1a5e415068026b8e1 x86_64/kernel-2.6.10-1.770_FC2.x86_64.rpm ab86178d0a26e64065188a0eefcd0af7 x86_64/kernel-smp-2.6.10-1.770_FC2.x86_64.rpm b823ef93a0b67870be3cf50adba3c186 x86_64/debug/kernel-debuginfo-2.6.10-1.770_FC2.x86_64.rpm c83e41a17be7e4eeb99aa960863a1709 x86_64/kernel-sourcecode-2.6.10-1.770_FC2.noarch.rpm be48a93c6122281922ef36b768b22a7e x86_64/kernel-doc-2.6.10-1.770_FC2.noarch.rpm 4a4d138347b28552ecdb74e173a277c2 i386/kernel-2.6.10-1.770_FC2.i586.rpm 7a29cc52a30992d0ffbffed8b04b7b0b i386/kernel-smp-2.6.10-1.770_FC2.i586.rpm 43593f42213984f264e692589882dad5 i386/debug/kernel-debuginfo-2.6.10-1.770_FC2.i586.rpm 075ca976deefb4eab4396fa12eac785b i386/kernel-2.6.10-1.770_FC2.i686.rpm a132b6cce932d28770fbccbee1dcc7c5 i386/kernel-smp-2.6.10-1.770_FC2.i686.rpm e9bc89d87d5f94ff3d8f3487296d3302 i386/debug/kernel-debuginfo-2.6.10-1.770_FC2.i686.rpm c83e41a17be7e4eeb99aa960863a1709 i386/kernel-sourcecode-2.6.10-1.770_FC2.noarch.rpm be48a93c6122281922ef36b768b22a7e i386/kernel-doc-2.6.10-1.770_FC2.noarch.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From davej at redhat.com Thu Mar 3 23:49:34 2005 From: davej at redhat.com (Dave Jones) Date: Thu, 3 Mar 2005 18:49:34 -0500 Subject: Fedora Core 3 Update: kernel-2.6.10-1.770_FC3 Message-ID: <200503032349.j23NnYbT006106@devserv.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-184 2005-03-03 --------------------------------------------------------------------- Product : Fedora Core 3 Name : kernel Version : 2.6.10 Release : 1.770_FC3 Summary : The Linux kernel (the core of the Linux operating system) Description : The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. --------------------------------------------------------------------- * Thu Feb 24 2005 Dave Jones - Use old scheme first when probing USB. (#145273) * Wed Feb 23 2005 Dave Jones - Try as you may, there's no escape from crap SCSI hardware. (#149402) * Mon Feb 21 2005 Dave Jones - Disable some experimental USB EHCI features. * Tue Feb 15 2005 Dave Jones - Fix bio leak in md layer. --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 68ca4a22863bd64e4249ba418f51ed15 SRPMS/kernel-2.6.10-1.770_FC3.src.rpm 89127ba97acf9df9eddff19858f46013 x86_64/kernel-2.6.10-1.770_FC3.x86_64.rpm a87a643283a880017ee952ad939d12c9 x86_64/kernel-smp-2.6.10-1.770_FC3.x86_64.rpm 2fb91335c27579a4843a30c992ffa669 x86_64/debug/kernel-debuginfo-2.6.10-1.770_FC3.x86_64.rpm ca7f602f85fdac23896ca746e6d3b459 x86_64/kernel-doc-2.6.10-1.770_FC3.noarch.rpm f5306cd3f998b117ee4b99db9e6eb224 i386/kernel-2.6.10-1.770_FC3.i586.rpm 8f0d1d558fd379c55931bfacd8c035ba i386/kernel-smp-2.6.10-1.770_FC3.i586.rpm 08fa4e6243d2130f8a18435c551de579 i386/debug/kernel-debuginfo-2.6.10-1.770_FC3.i586.rpm d3082894a2ea387cd566c5e0e3dc9535 i386/kernel-2.6.10-1.770_FC3.i686.rpm 343b0d5d8f4e56ac24371aeecd5b2777 i386/kernel-smp-2.6.10-1.770_FC3.i686.rpm d87ecd98f4d2d0c963c6629e7642a6a0 i386/debug/kernel-debuginfo-2.6.10-1.770_FC3.i686.rpm ca7f602f85fdac23896ca746e6d3b459 i386/kernel-doc-2.6.10-1.770_FC3.noarch.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From aoliva at redhat.com Fri Mar 4 07:56:13 2005 From: aoliva at redhat.com (Alexandre Oliva) Date: Fri, 4 Mar 2005 02:56:13 -0500 Subject: Fedora Core 3 Update: libtool-1.5.6-4.FC3.1 Message-ID: <200503040756.j247uDjd001554@porkchop.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-179 2005-03-04 --------------------------------------------------------------------- Product : Fedora Core 3 Name : libtool Version : 1.5.6 Release : 4.FC3.1 Summary : The GNU libtool, which simplifies the use of shared libraries. Description : The libtool package contains the GNU libtool, a set of shell scripts which automatically configure UNIX and UNIX-like architectures to generically build shared libraries. Libtool provides a consistent, portable interface which simplifies the process of using shared libraries. If you are developing programs which will use shared libraries, you should install libtool. --------------------------------------------------------------------- Update Information: Libtool is a program used by many other programs to create static and dynamic libraries using a portable interface. Libtool is generally configured as part of every package that uses it. At that time, it collects information about the compiler being used. When the libtool package itself is built, it performs such configuration and installs a script named /usr/bin/libtool that holds configuration information about the compiler as of the time the script was created. For purposes of creating C++ libraries or programs, the configuration information collected by libtool includes pathnames of object files that g++ normally links in implicitly. Should their location change because of a compiler version upgrade, the information stored in the previously-build libtool script becomes incorrect, and the script has to be rebuilt. There was a compiler upgrade during the development cycle of Fedora Core 3, and the libtool package was not rebuilt afterwards. Users that intend to use the pre-installed libtool script to create C++ libraries or programs should upgrade to these updated packages, which resolve this issue. --------------------------------------------------------------------- * Fri Feb 25 2005 Alexandre Oliva - 1.5.6-4.FC3.1 - add dependency on gcc version; /usr/bin/libtool hardcodes paths into gcc's internal directories. Avoids resurfacing of BZ#140977. --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ f5c949eb4d718b3f19b45406e3608a72 SRPMS/libtool-1.5.6-4.FC3.1.src.rpm d9b797e2b19c71c46e95471787331739 x86_64/libtool-1.5.6-4.FC3.1.x86_64.rpm 9c50ae04b9d7b1c4569056e9792f78c2 x86_64/libtool-libs-1.5.6-4.FC3.1.x86_64.rpm 026324ed9876a918ec4d5dec58067a29 x86_64/debug/libtool-debuginfo-1.5.6-4.FC3.1.x86_64.rpm f54609c4b48c7ac8592538d5ecceb89a x86_64/libtool-libs-1.5.6-4.FC3.1.i386.rpm 79be618996d5048c735d861c136c13e7 i386/libtool-1.5.6-4.FC3.1.i386.rpm f54609c4b48c7ac8592538d5ecceb89a i386/libtool-libs-1.5.6-4.FC3.1.i386.rpm 28b1b0c463693662f480f17a6ca4c804 i386/debug/libtool-debuginfo-1.5.6-4.FC3.1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From caillon at redhat.com Fri Mar 4 17:57:31 2005 From: caillon at redhat.com (Christopher Aillon) Date: Fri, 04 Mar 2005 12:57:31 -0500 Subject: Fedora Core 3 Update: firefox-1.0.1-1.3.2 Message-ID: <4228A18B.7060204@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-192 2005-03-04 --------------------------------------------------------------------- Product : Fedora Core 3 Name : firefox Version : 1.0.1 Release : 1.3.2 Summary : Mozilla Firefox Web browser. Description : Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. --------------------------------------------------------------------- Update Information: Some users may experience spacing issues in textareas. This update resolves those issues, updating to the latest version of the pango selection patch. Note: other users have experienced issues with italic font rendering on certain fonts. This update does not resolve that. A future update will be issued to correct that issue. See bugzilla 150041 for further details. --------------------------------------------------------------------- * Wed Mar 2 2005 Christopher Aillon 0:1.0.1-1.3.2 - Remerge firefox-1.0-pango-selection.patch --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 790b845358894dd0183c4c8f9ec5b3d8 SRPMS/firefox-1.0.1-1.3.2.src.rpm ded7cef9ab0bd7a4bf7e02e67f630171 x86_64/firefox-1.0.1-1.3.2.x86_64.rpm fffc69c0c9be09e40ca13bb42c44d6ac x86_64/debug/firefox-debuginfo-1.0.1-1.3.2.x86_64.rpm 61433b3aabb70aa2d864eecbc4761b64 i386/firefox-1.0.1-1.3.2.i386.rpm dcc25d0ac5f59a9748785a0ca5197634 i386/debug/firefox-debuginfo-1.0.1-1.3.2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From notting at redhat.com Fri Mar 4 23:07:08 2005 From: notting at redhat.com (Bill Nottingham) Date: Fri, 4 Mar 2005 18:07:08 -0500 Subject: Fedora Core 2 Update: ipsec-tools-0.5-0.fc2 Message-ID: <20050304230708.GD12341@nostromo.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-193 2005-03-04 --------------------------------------------------------------------- Product : Fedora Core 2 Name : ipsec-tools Version : 0.5 Release : 0.fc2 Summary : Tools for configuring and using IPSEC Description : This is the IPsec-Tools package. You need this package in order to really use the IPsec functionality in the linux-2.5+ kernels. This package builds: - setkey, a program to directly manipulate policies and SAs - racoon, an IKEv1 keying daemon --------------------------------------------------------------------- Update Information: This updates ipsec-tools to 0.5, which correctly generates forward policies so that tunnels work on current kernels. --------------------------------------------------------------------- * Wed Feb 23 2005 Bill Nottingham 0.5-0.fc2 - update to 0.5 * Thu Nov 4 2004 Bill Nottingham 0.3.3-2 - don't use new 0.3.3 handling of stdin in setkey; it breaks the format (#138105) * Mon Sep 27 2004 Bill Nottingham 0.3.3-1 - update to 0.3.3 (#122211) * Sun Aug 8 2004 Alan Cox 0.2.5-6 - fix buildreqs (Steve Grubb) * Mon Jun 28 2004 Nalin Dahyabhai 0.2.5-5 - rebuild --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ f651f0ca46518f04e8ad5fbebbd113a5 SRPMS/ipsec-tools-0.5-0.fc2.src.rpm 5d9c0f57c1f16988f09cb7df0393a2db x86_64/ipsec-tools-0.5-0.fc2.x86_64.rpm 1db0dfba4673d60463da526445742378 x86_64/debug/ipsec-tools-debuginfo-0.5-0.fc2.x86_64.rpm 594c3b9ca0a8f455076bf2e7e9a1ebab i386/ipsec-tools-0.5-0.fc2.i386.rpm 45399b0fa5a2488762b620d499deb8e8 i386/debug/ipsec-tools-debuginfo-0.5-0.fc2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From notting at redhat.com Fri Mar 4 23:07:21 2005 From: notting at redhat.com (Bill Nottingham) Date: Fri, 4 Mar 2005 18:07:21 -0500 Subject: Fedora Core 3 Update: ipsec-tools-0.5-0.fc3 Message-ID: <20050304230721.GE12341@nostromo.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-194 2005-03-04 --------------------------------------------------------------------- Product : Fedora Core 3 Name : ipsec-tools Version : 0.5 Release : 0.fc3 Summary : Tools for configuring and using IPSEC Description : This is the IPsec-Tools package. You need this package in order to really use the IPsec functionality in the linux-2.5+ kernels. This package builds: - setkey, a program to directly manipulate policies and SAs - racoon, an IKEv1 keying daemon --------------------------------------------------------------------- Update Information: This updates ipsec-tools to 0.5, which correctly generates forward policies so that tunnels work on current kernels. --------------------------------------------------------------------- * Wed Feb 23 2005 Bill Nottingham 0.5-0.fc3 - update to 0.5 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ ef869cec31a68228434dedb60967a2b5 SRPMS/ipsec-tools-0.5-0.fc3.src.rpm 0c2e6b0ec9f58d8381bf1cb33fe4c64a x86_64/ipsec-tools-0.5-0.fc3.x86_64.rpm 754003d548c4332ba793250c8892dbcd x86_64/debug/ipsec-tools-debuginfo-0.5-0.fc3.x86_64.rpm 93ce05f0e1f634a560a010dc320dfd6b i386/ipsec-tools-0.5-0.fc3.i386.rpm 5e5bd2b96ad3e51c2b5601033cdc54d5 i386/debug/ipsec-tools-debuginfo-0.5-0.fc3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From mauelshagen at redhat.com Mon Mar 7 15:58:28 2005 From: mauelshagen at redhat.com (Heinz Mauelshagen) Date: Mon, 7 Mar 2005 16:58:28 +0100 Subject: Fedora Core 3 Update: dmraid-1.0.0.rc6-1_FC3 Message-ID: <20050307155828.GA32390@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-195 2005-03-07 --------------------------------------------------------------------- Product : Fedora Core 3 Name : dmraid Version : 1.0.0.rc6 Release : 1_FC3 Summary : device-mapper RAID tool Description : This is the ATARAID support tool for Linux 2.6. You need this package in order to activate ATARAID sets on Linux 2.6. --------------------------------------------------------------------- Update Information: This updates dmraid to 1.0.0.rc6, which includes support for VIA ATARAID sets. --------------------------------------------------------------------- * Tue Mar 01 2005 Heinz Mauelshagen 1.0.0.rc6 - added VIA metadata format handler - added RAID10 to lsi metadata format handler - "dmraid -rD": file device size into {devicename}_{formatname}.size - "dmraid -tay": pretty print multi-line tables ala "dmsetup table" - "dmraid -l": display supported RAID levels + manual update --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 8c3ce3a786149bae6441d17e8d8a07a1 x86_64/dmraid-1.0.0.rc6-1_FC3.i386.rpm 8c3ce3a786149bae6441d17e8d8a07a1 i386/dmraid-1.0.0.rc6-1_FC3.i386.rpm 3b396578ce48c4d3628e4135bd6594e8 i386/debug/dmraid-debuginfo-1.0.0.rc6-1_FC3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From dwalsh at redhat.com Mon Mar 7 19:08:18 2005 From: dwalsh at redhat.com (Daniel J Walsh) Date: Mon, 07 Mar 2005 14:08:18 -0500 Subject: Fedora Core 3 Update: selinux-policy-targeted-1.17.30-2.85 Message-ID: <422CA6A2.5030109@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-181 2005-03-07 --------------------------------------------------------------------- Product : Fedora Core 3 Name : selinux-policy-targeted Version : 1.17.30 Release : 2.85 Summary : SELinux targeted policy configuration Description : Security-enhanced Linux is a patch of the Linux? kernel and a number of utilities with enhanced security functionality designed to add mandatory access controls to Linux. The Security-enhanced Linux kernel contains new architectural components originally developed to improve the security of the Flask operating system. These architectural components provide general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement?, Role-based Access Control, and Multi-level Security. This package contains the SELinux example policy configuration along with the Flask configuration information and the application configuration files. --------------------------------------------------------------------- * Fri Feb 25 2005 Dan Walsh 1.17.30-2.85 - more fixes for postfix in squirrelmail --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 11a8084faf9679eabfd00dd4eb3b4944 SRPMS/selinux-policy-targeted-1.17.30-2.85.src.rpm a514fca81379ba633d08bfc122c42a64 x86_64/selinux-policy-targeted-1.17.30-2.85.noarch.rpm 3bee86a15c5c1ec05c7cc7937281f63e x86_64/selinux-policy-targeted-sources-1.17.30-2.85.noarch.rpm a514fca81379ba633d08bfc122c42a64 i386/selinux-policy-targeted-1.17.30-2.85.noarch.rpm 3bee86a15c5c1ec05c7cc7937281f63e i386/selinux-policy-targeted-sources-1.17.30-2.85.noarch.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From notting at redhat.com Mon Mar 7 21:02:56 2005 From: notting at redhat.com (Bill Nottingham) Date: Mon, 7 Mar 2005 16:02:56 -0500 Subject: Fedora Core 2 Update: ipsec-tools-0.5-1.fc2 Message-ID: <20050307210256.GA8227@nostromo.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-193 2005-03-07 --------------------------------------------------------------------- Product : Fedora Core 2 Name : ipsec-tools Version : 0.5 Release : 1.fc2 Summary : Tools for configuring and using IPSEC Description : This is the IPsec-Tools package. You need this package in order to really use the IPsec functionality in the linux-2.5+ kernels. This package builds: - setkey, a program to directly manipulate policies and SAs - racoon, an IKEv1 keying daemon --------------------------------------------------------------------- Update Information: This update fixes some packaging errors: - the /var/racoon directory is shipped, for use with the admin port - racoon correctly looks for its config file in /etc/racoon now --------------------------------------------------------------------- * Mon Mar 7 2005 Bill Nottingham 0.5-1.fc2 - package /var/racoon for the admin socket, fix sysconfdir () --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ 64479bfd4672874334359821c748a705 SRPMS/ipsec-tools-0.5-1.fc2.src.rpm 1a2d9c167632da6e90e6905d7f823a09 x86_64/ipsec-tools-0.5-1.fc2.x86_64.rpm 1746a277436878ed7e80bab8c08de191 x86_64/debug/ipsec-tools-debuginfo-0.5-1.fc2.x86_64.rpm 535c124872f73dd790dd1ac8e2b8c153 i386/ipsec-tools-0.5-1.fc2.i386.rpm 6307216a058e64ce74b20d89fba19333 i386/debug/ipsec-tools-debuginfo-0.5-1.fc2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From notting at redhat.com Mon Mar 7 21:03:07 2005 From: notting at redhat.com (Bill Nottingham) Date: Mon, 7 Mar 2005 16:03:07 -0500 Subject: Fedora Core 3 Update: ipsec-tools-0.5-1.fc3 Message-ID: <20050307210307.GB8227@nostromo.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-194 2005-03-07 --------------------------------------------------------------------- Product : Fedora Core 3 Name : ipsec-tools Version : 0.5 Release : 1.fc3 Summary : Tools for configuring and using IPSEC Description : This is the IPsec-Tools package. You need this package in order to really use the IPsec functionality in the linux-2.5+ kernels. This package builds: - setkey, a program to directly manipulate policies and SAs - racoon, an IKEv1 keying daemon --------------------------------------------------------------------- Update Information: This update fixes some packaging errors: - the /var/racoon directory is shipped, for use with the admin port - racoon correctly looks for its config file in /etc/racoon now --------------------------------------------------------------------- * Mon Mar 7 2005 Bill Nottingham 0.5-1.fc3 - package /var/racoon for the admin socket, fix sysconfdir () --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ b4c7b3acd6887aa589370436a088c19f SRPMS/ipsec-tools-0.5-1.fc3.src.rpm ee9c6706a9c27e087baa2f85f0199ab3 x86_64/ipsec-tools-0.5-1.fc3.x86_64.rpm 1b3d7868e6869e4350835b09817cda15 x86_64/debug/ipsec-tools-debuginfo-0.5-1.fc3.x86_64.rpm 2e1a0b94e3e346de018849bd6ac6b3b5 i386/ipsec-tools-0.5-1.fc3.i386.rpm db77200714d338df58f8b86bec45943c i386/debug/ipsec-tools-debuginfo-0.5-1.fc3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From wtogami at redhat.com Tue Mar 8 00:36:57 2005 From: wtogami at redhat.com (Warren Togami) Date: Mon, 07 Mar 2005 14:36:57 -1000 Subject: Fedora Core 2 Update: gaim-1.1.4-1.FC2 Message-ID: <422CF3A9.90601@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-196 2005-03-07 --------------------------------------------------------------------- Product : Fedora Core 2 Name : gaim Version : 1.1.4 Release : 1.FC2 Summary : A Gtk+ based multiprotocol instant messaging client Description : Gaim allows you to talk to anyone using a variety of messaging protocols, including AIM (Oscar and TOC), ICQ, IRC, Yahoo!, MSN Messenger, Jabber, Gadu-Gadu, Napster, and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add an account using the account editor. Gaim supports many common features of other clients, as well as many unique features, such as perl scripting and C plugins. Gaim is NOT affiliated with or endorsed by America Online, Inc., Microsoft Corporation, or Yahoo! Inc. or other messaging service providers. --------------------------------------------------------------------- Update Information: This fixes the crash in the Gadu Gadu protocol, and makes Yahoo file transfer and buddy icons work for the more common non-proxy case. Unfortunately this probably breaks the less common proxy case. --------------------------------------------------------------------- * Sun Mar 6 2005 Warren Togami 1:1.1.4-1.FC2 - FC2 * Sun Mar 6 2005 Warren Togami 1:1.1.4-4 - 144: POSIX functions became macros, build fix (#150429) - 145: Fix non-proxy yahoo file transfer - 146: Fix non-proxy yahoo buddy icons * Fri Mar 4 2005 Warren Togami 1:1.1.4-3 - 143: Gadu Gadu protocol crash fix (#149984) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ d9b0cf30e708be85e833aa087cee724c SRPMS/gaim-1.1.4-1.FC2.src.rpm efad2c2c83cac2683b376bcd7222c41c x86_64/gaim-1.1.4-1.FC2.x86_64.rpm c2737cd6345b07f734abd8a3b3a0f0d3 x86_64/debug/gaim-debuginfo-1.1.4-1.FC2.x86_64.rpm ff7440a6c40f4d2cb3b62b3a3e39949f i386/gaim-1.1.4-1.FC2.i386.rpm d861d9bef4af186f6fe8c4552ffe8ab6 i386/debug/gaim-debuginfo-1.1.4-1.FC2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From wtogami at redhat.com Tue Mar 8 00:37:03 2005 From: wtogami at redhat.com (Warren Togami) Date: Mon, 07 Mar 2005 14:37:03 -1000 Subject: Fedora Core 3 Update: gaim-1.1.4-1.FC3 Message-ID: <422CF3AF.8030607@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-197 2005-03-07 --------------------------------------------------------------------- Product : Fedora Core 3 Name : gaim Version : 1.1.4 Release : 1.FC3 Summary : A Gtk+ based multiprotocol instant messaging client Description : Gaim allows you to talk to anyone using a variety of messaging protocols, including AIM (Oscar and TOC), ICQ, IRC, Yahoo!, MSN Messenger, Jabber, Gadu-Gadu, Napster, and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add an account using the account editor. Gaim supports many common features of other clients, as well as many unique features, such as perl scripting and C plugins. Gaim is NOT affiliated with or endorsed by America Online, Inc., Microsoft Corporation, or Yahoo! Inc. or other messaging service providers. --------------------------------------------------------------------- Update Information: This fixes the crash in the Gadu Gadu protocol, and makes Yahoo file transfer and buddy icons work for the more common non-proxy case. Unfortunately this probably breaks the less common proxy case. --------------------------------------------------------------------- * Sun Mar 6 2005 Warren Togami 1:1.1.4-1.FC3 - FC3 * Sun Mar 6 2005 Warren Togami 1:1.1.4-4 - 144: POSIX functions became macros, build fix (#150429) - 145: Fix non-proxy yahoo file transfer - 146: Fix non-proxy yahoo buddy icons * Fri Mar 4 2005 Warren Togami 1:1.1.4-3 - 143: Gadu Gadu protocol crash fix (#149984) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ bd00902ba044a6ab2f1503b241cec6a6 SRPMS/gaim-1.1.4-1.FC3.src.rpm c528da719ce938e777509ab05bf94b01 x86_64/gaim-1.1.4-1.FC3.x86_64.rpm 5e9b5c885c78957d30e2ab8d73249066 x86_64/debug/gaim-debuginfo-1.1.4-1.FC3.x86_64.rpm a0f1003e8b9c85735e94ab47c58b3420 i386/gaim-1.1.4-1.FC3.i386.rpm 236e270935e2f49614937d274fd28e48 i386/debug/gaim-debuginfo-1.1.4-1.FC3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From mpg at redhat.com Tue Mar 8 17:25:28 2005 From: mpg at redhat.com (Marco Pesenti Gritti) Date: Tue, 8 Mar 2005 12:25:28 -0500 Subject: Fedora Core 2 Update: libexif-0.5.12-2.2 Message-ID: <200503081725.j28HPSns007329@devserv.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-199 2005-03-08 --------------------------------------------------------------------- Product : Fedora Core 2 Name : libexif Version : 0.5.12 Release : 2.2 Summary : libexif is a library for extracting extra information from image files Description : Most digital cameras produce EXIF files, which are JPEG files with extra tags that contain information about the image. The EXIF library allows you to parse an EXIF file and read the data from those tags. --------------------------------------------------------------------- * Tue Mar 8 2005 Marco Pesenti Gritti - Add patch for CAN-2005-0664. Fix bug #150503 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ 92f3ad6ab7d70746bc1f52608b54f20e SRPMS/libexif-0.5.12-2.2.src.rpm fe4b151aa957c085781ea711550ff402 x86_64/libexif-0.5.12-2.2.x86_64.rpm dfb43c44ea7ca79f8e944eeb89dae601 x86_64/libexif-devel-0.5.12-2.2.x86_64.rpm 1a69f07ef46c8fdba4a001090425303d x86_64/debug/libexif-debuginfo-0.5.12-2.2.x86_64.rpm 3257905d070154fd25031f892be55be6 i386/libexif-0.5.12-2.2.i386.rpm 2134c66ed705fdfd0fd6ec497d3cdd37 i386/libexif-devel-0.5.12-2.2.i386.rpm 6cb5b79ef4ce64e847a1d337cfbd3843 i386/debug/libexif-debuginfo-0.5.12-2.2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From mpg at redhat.com Tue Mar 8 17:25:33 2005 From: mpg at redhat.com (Marco Pesenti Gritti) Date: Tue, 8 Mar 2005 12:25:33 -0500 Subject: Fedora Core 3 Update: libexif-0.5.12-3.1 Message-ID: <200503081725.j28HPX3M007370@devserv.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-200 2005-03-08 --------------------------------------------------------------------- Product : Fedora Core 3 Name : libexif Version : 0.5.12 Release : 3.1 Summary : libexif is a library for extracting extra information from image files Description : Most digital cameras produce EXIF files, which are JPEG files with extra tags that contain information about the image. The EXIF library allows you to parse an EXIF file and read the data from those tags. --------------------------------------------------------------------- * Tue Mar 8 2005 Marco Pesenti Gritti - Add patch for CAN-2005-0664. Fix bug #150503 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 60baed01f627f7dd2f4b7c21b39c6543 SRPMS/libexif-0.5.12-3.1.src.rpm 5e5a525dec0a4a98862825fa0653470e x86_64/libexif-0.5.12-3.1.x86_64.rpm 38ce8d0cd1c87300162d1bb79bd45626 x86_64/libexif-devel-0.5.12-3.1.x86_64.rpm cf53d319eb3cbdd779d781166e006734 x86_64/debug/libexif-debuginfo-0.5.12-3.1.x86_64.rpm 11b0bf7e507c62d23377a4635ad676d4 x86_64/libexif-0.5.12-3.1.i386.rpm 11b0bf7e507c62d23377a4635ad676d4 i386/libexif-0.5.12-3.1.i386.rpm 92329fa7fdb0dcc2b8918d25304698e9 i386/libexif-devel-0.5.12-3.1.i386.rpm c157991204424da4accd7806a25da7da i386/debug/libexif-debuginfo-0.5.12-3.1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From nphilipp at redhat.com Tue Mar 8 17:50:20 2005 From: nphilipp at redhat.com (Nils Philippsen) Date: Tue, 08 Mar 2005 18:50:20 +0100 Subject: Fedora Core 3 Update: gimp-2.2.4-0.fc3.1 Message-ID: <1110304221.14945.48.camel@wombat.tiptoe.de> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-164 2005-03-08 --------------------------------------------------------------------- Product : Fedora Core 3 Name : gimp Version : 2.2.4 Release : 0.fc3.1 Summary : The GNU Image Manipulation Program Description : The GIMP (GNU Image Manipulation Program) is a powerful image composition and editing program, which can be extremely useful for creating logos and other graphics for webpages. The GIMP has many of the tools and filters you would expect to find in similar commercial offerings, and some interesting extras as well. The GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. The GIMP includes a scripting facility, but many of the included scripts rely on fonts that we cannot distribute. The GIMP FTP site has a package of fonts that you can install by yourself, which includes all the fonts needed to run the included scripts. Some of the fonts have unusual licensing requirements; all the licenses are documented in the package. Get ftp://ftp.gimp.org/pub/gimp/fonts/freefonts-0.10.tar.gz and ftp://ftp.gimp.org/pub/gimp/fonts/sharefonts-0.10.tar.gz if you are so inclined. Alternatively, choose fonts which exist on your system before running the scripts. --------------------------------------------------------------------- * Wed Feb 23 2005 Nils Philippsen - version 2.2.4 - require newer versions of gtk2 (#143840), glib2 and pango --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ d253a2a6593964cee7880fc9ddc5bf0e SRPMS/gimp-2.2.4-0.fc3.1.src.rpm 9db9ba5397350ea3fc304a9f38be8d0f x86_64/gimp-2.2.4-0.fc3.1.x86_64.rpm ea817560c41bc64774e7287f841706f1 x86_64/gimp-devel-2.2.4-0.fc3.1.x86_64.rpm b715146cdf390fd976742e05cc0786b4 x86_64/debug/gimp-debuginfo-2.2.4-0.fc3.1.x86_64.rpm 5b9b9fa574f562b10d58555d01018103 i386/gimp-2.2.4-0.fc3.1.i386.rpm 228814351303b209f77afb2f44ce556b i386/gimp-devel-2.2.4-0.fc3.1.i386.rpm c90996afe9cba7549b1fb4367c08292e i386/debug/gimp-debuginfo-2.2.4-0.fc3.1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- -- Nils Philippsen / Red Hat / nphilipp at redhat.com "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -- B. Franklin, 1759 PGP fingerprint: C4A8 9474 5C4C ADE3 2B8F 656D 47D8 9B65 6951 3011 From katzj at redhat.com Tue Mar 8 23:57:34 2005 From: katzj at redhat.com (Jeremy Katz) Date: Tue, 08 Mar 2005 18:57:34 -0500 Subject: Subject: Fedora Core 3 Update: yum-2.2.0-0.fc3 Message-ID: <1110326255.25477.12.camel@bree.local.net> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-104 2005-03-08 --------------------------------------------------------------------- Product : Fedora Core 3 Name : yum Version : 2.2.0 Release : 0.fc3 Summary : RPM installer/updater Description : Yum is a utility that can check for and automatically download and install updated RPM packages. Dependencies are obtained and downloaded automatically prompting the user as necessary. --------------------------------------------------------------------- Update Information: New yum release fixes multiple small bugs. Changes include: * Improved output formatting * Display amount of data to be downloaded * Enable regets * Add automatic gpg key retrieval. See 'gpgkey' in yum.conf(5) * Improved handling of mirror lists for disabled repositories * Miscellaneous speedups * Man page fixes * Fixes for usage behind proxies * Multilib bugfixes --------------------------------------------------------------------- * Mon Feb 21 2005 Jeremy Katz - 2.2.0-0.fc3 - update to 2.2.0 * Tue Feb 1 2005 Jeremy Katz - 2.1.13-0.fc3 - update to 2.1.13 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 0f8d050ffd9590be972ac7b12e37515d SRPMS/yum-2.2.0-0.fc3.src.rpm 48d0ee133fa611a47caa8252c81d6d8c x86_64/yum-2.2.0-0.fc3.noarch.rpm 48d0ee133fa611a47caa8252c81d6d8c i386/yum-2.2.0-0.fc3.noarch.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From notting at redhat.com Thu Mar 10 00:17:57 2005 From: notting at redhat.com (Bill Nottingham) Date: Wed, 9 Mar 2005 19:17:57 -0500 Subject: [SECURITY] Fedora Core 3 Update: grip-3.2.0-4 Message-ID: <20050310001757.GA15888@nostromo.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-203 2005-03-09 --------------------------------------------------------------------- Product : Fedora Core 3 Name : grip Version : 3.2.0 Release : 4 Summary : A front-end for CD rippers and Ogg Vorbis encoders. Description : Grip is a GTK+ based front-end for CD rippers (such as cdparanoia and cdda2wav) and Ogg Vorbis encoders. Grip allows you to rip entire tracks or just a section of a track. Grip supports the CDDB protocol for accessing track information on disc database servers. --------------------------------------------------------------------- Update Information: This fixes a buffer overflow when the CDDB server returns more than 16 matches. --------------------------------------------------------------------- * Wed Mar 9 2005 Bill Nottingham 3.2.0-4 - add patch to fix overflow when there are too many CDDB matches --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ f078fec4a06112503c8f06bd222aaa40 SRPMS/grip-3.2.0-4.src.rpm 430dd9fa6d880e8b59a6819e6aab1c9b x86_64/grip-3.2.0-4.x86_64.rpm 7b14cf30b120d2d194a17f92fc41a78a x86_64/debug/grip-debuginfo-3.2.0-4.x86_64.rpm caf07496566e30d76779ea36210efeee i386/grip-3.2.0-4.i386.rpm ae1ac272d781c126b27d2378af2a5f1a i386/debug/grip-debuginfo-3.2.0-4.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From notting at redhat.com Thu Mar 10 00:18:16 2005 From: notting at redhat.com (Bill Nottingham) Date: Wed, 9 Mar 2005 19:18:16 -0500 Subject: [SECURITY] Fedora Core 2 Update: grip-3.2.0-3.fc2 Message-ID: <20050310001816.GB15888@nostromo.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-202 2005-03-09 --------------------------------------------------------------------- Product : Fedora Core 2 Name : grip Version : 3.2.0 Release : 3.fc2 Summary : A front-end for CD rippers and Ogg Vorbis encoders. Description : Grip is a GTK+ based front-end for CD rippers (such as cdparanoia and cdda2wav) and Ogg Vorbis encoders. Grip allows you to rip entire tracks or just a section of a track. Grip supports the CDDB protocol for accessing track information on disc database servers. --------------------------------------------------------------------- Update Information: This fixes a buffer overflow when the CDDB server returns more than 16 matches. --------------------------------------------------------------------- * Wed Mar 9 2005 Bill Nottingham 3.2.0-3.fc2 - add patch to fix overflow when there are too many CDDB matches * Fri Oct 8 2004 Bill Nottingham 3.2.0-3 - add a passel of buildreqs (#135045) * Wed Jul 28 2004 Adrian Havill 3.2.0-2 - rebuilt - add vte-devel to BuildRequires * Sun Jun 20 2004 Karsten Hopp 3.2.0-1 - update to latest stable version - remove obsolete locking and cdparanoia patches * Tue Jun 15 2004 Elliot Lee - rebuilt --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ c5c34b3b3b297be7ece95e59dc7c31ce SRPMS/grip-3.2.0-3.fc2.src.rpm 668467205016befb3793a75557a92878 x86_64/grip-3.2.0-3.fc2.x86_64.rpm 79927efa8e6eb9c877f5c933951e1ca2 x86_64/debug/grip-debuginfo-3.2.0-3.fc2.x86_64.rpm 57f3ffa668a0283b27e43255d20ae6d4 i386/grip-3.2.0-3.fc2.i386.rpm 3dbd12ec9d02d4f4b5a7d5bfe68a89bc i386/debug/grip-debuginfo-3.2.0-3.fc2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From nphilipp at redhat.com Fri Mar 11 19:38:17 2005 From: nphilipp at redhat.com (Nils Philippsen) Date: Fri, 11 Mar 2005 20:38:17 +0100 Subject: Fedora Core 3 Update: hwbrowser-0.20-0.fc3.1 Message-ID: <1110569898.16573.3.camel@gibraltar.stuttgart.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-205 2005-03-11 --------------------------------------------------------------------- Product : Fedora Core 3 Name : hwbrowser Version : 0.20 Release : 0.fc3.1 Summary : A hardware browser. Description : A browser for your current hardware configuration. --------------------------------------------------------------------- * Mon Feb 7 2005 Nils Philippsen 0.20-1 - fix deprecation warnings (#147268) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 3fa89686a4a5eb85c2fefa16e79d91f3 SRPMS/hwbrowser-0.20-0.fc3.1.src.rpm 1d826c983a29a92c35f376604a61ac92 x86_64/hwbrowser-0.20-0.fc3.1.noarch.rpm 1d826c983a29a92c35f376604a61ac92 i386/hwbrowser-0.20-0.fc3.1.noarch.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- -- Nils Philippsen / Red Hat / nphilipp at redhat.com "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -- B. Franklin, 1759 PGP fingerprint: C4A8 9474 5C4C ADE3 2B8F 656D 47D8 9B65 6951 3011 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From jvdias at redhat.com Fri Mar 11 21:03:48 2005 From: jvdias at redhat.com (Jason Vas Dias) Date: Fri, 11 Mar 2005 16:03:48 -0500 Subject: Fedora Core 3 Update: at-3.1.8-68_FC3 Message-ID: <200503112103.j2BL3m0L006277@jvdsibm.boston.redhat.com> Subject: Fedora Core 3 Update: at-3.1.8-68_FC3 --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-208 2005-03-11 --------------------------------------------------------------------- Product : Fedora Core 3 Name : at Version : 3.1.8 Release : 68_FC3 Summary : Job spooling tools. Description : At and batch read commands from standard input or from a specified file. At allows you to specify that a command will be run at a particular time. Batch will execute commands when the system load levels drop to a particular level. Both commands use /bin/sh. You should install the at package if you need a utility for time-oriented job control. Note: If it is a recurring job that will need to be repeated at the same time every day/week, etc. you should use crontab instead. --------------------------------------------------------------------- Update Information: o Added check in at(1) to verify if atd PAM authentication will succeed; Job submission will be denied if atd PAM authentication fails. o Fixed PAM authentication in atd (bug 150131). --------------------------------------------------------------------- * Tue Mar 8 2005 Jason Vas Dias 3.1.8-68 - Put PAM authentication check in 'check_permissions()', so - user can know when using at(1) if PAM permission is denied. * Tue Mar 8 2005 Jason Vas Dias 3.1.8-67 - better fix for bug 150131: change DAEMON_USERNAME and - DAEMON_GROUPNAME to 'root' . * Mon Mar 7 2005 Jason Vas Dias 3.1.8-66 - fix bug 150131: atd should not relinquish root privilege if - doing su(1) equivalent with PAM . * Tue Jan 25 2005 Jason Vas Dias 3.1.8-64 - bugs 5160/146132: add PAM authentication control to atd * Tue Oct 5 2004 Jason Vas Dias 3.1.8-60 - fix bug 131510: no_export env. var. blacklisting should not - remove 'SHELL' when only 'SHELLOPTS' is blacklisted. - at(1) man-page should not say 'commands are run with /bin/sh' - and should explain usage of SHELL environement variable and - details of blacklisted variables. * Tue Sep 28 2004 Rik van Riel 3.1.8-58 - fix typo in man page, bug 112303 - (regenerated at-3.1.8-man-timespec-path.patch with fix) * Tue Aug 3 2004 Jason Vas Dias - fixed bug 125634 - made usage() agree with manpage * Thu Jul 29 2004 Jason Vas Dias - Added POSIX.2 -t option for RFE 127485 * Thu Jul 29 2004 Jason Vas Dias - Had to disable the 'make test' for the build BEFORE - any changes were made (building on FC2 - perl issue?) - test.pl generates these 'errors' for what looks like - valid output to me: - $ ./test.pl 2>&1 | egrep -v '(^ok$)|(time_only)' - 1..3656 - not ok - 'Monday - 1 month': 'Fri Jul 2 18:29:00 2004' =? 'Sat Jul 3 18:29:00 2004' - not ok - 'Monday - 10 months': 'Thu Oct 2 18:29:00 2003' =? 'Fri Oct 3 18:29:00 2003' - not ok - 'next week - 1 month': 'Mon Jul 5 18:29:00 2004' =? 'Tue Jul 6 18:29:00 2004' - not ok - 'next week - 10 months': 'Sun Oct 5 18:29:00 2003' =? 'Mon Oct 6 18:29:00 2003' - will investigate and fix for next release. * Tue Jun 15 2004 Elliot Lee - rebuilt * Wed May 12 2004 Thomas Woerner - 3.1.8-54 - fixed pie patch: at is pie, now - added build requires for libselinux-devel * Tue May 4 2004 Dan Walsh - 3.1.8-53 - Add fileentrypoint check * Thu Apr 15 2004 Dan Walsh - 3.1.8-52 - Fix SELinux patch * Mon Feb 23 2004 Tim Waugh - Use ':' instead of '.' as separator for chown. * Fri Feb 13 2004 Elliot Lee - 3.1.8-50 - rebuilt * Tue Dec 9 2003 Jens Petersen - 3.1.8-49 - replace at-3.1.8-SHELL-91233.patch by at-3.1.8-SHELL-111386.patch which now executes $SHELL directly in the at shell script after all the variables have been setup with /bin/sh (#91233) [suggested by G??ran Uddeborg] - this changelog is now in utf-8 * Fri Nov 7 2003 Jens Petersen - 3.1.8-48 - add at-3.1.8-pie.patch to build atd as pie (#108415) [Ulrich Drepper] * Fri Oct 31 2003 Dan Walsh - 3.1.8-47.sel * Fri Jun 20 2003 Jens Petersen - 3.1.8-46 - add at-3.1.8-atrun.8-typo-97697.patch to fix typo in atrun.8 (#97697) - update at.1 description of shell behaviour (#91233) * Tue Jun 17 2003 Jens Petersen - 3.1.8-45 - make the job shell default to SHELL instead of "/bin/sh" (#91233) * Wed Jun 4 2003 Elliot Lee - 3.1.8-44 - rebuilt * Tue Jun 3 2003 Jens Petersen - 3.1.8-43 - Replace redundant at-3.1.7-paths.patch by at-3.1.8-man-timespec-path.patch to fix timespec path * Tue Jun 3 2003 Jens Petersen - 3.1.8-41 - update source to at_3.1.8-11 from debian upstream - update source url - at-debian.patch no longer needed - at-3.1.7-paths.patch: the patch to "at.1.in" no longer needed - replace at-3.1.8-lexer.patch with at-3.1.8-11-lexer-parser.diff - at-3.1.8-dst.patch no longer needed - at-3.1.8-lsbdoc.patch no longer needed - at-3.1.8-o_excl.patch no longer needed - bump release number - at-3.1.8-test.patch: move out test.pl to a separate source file - apply at-3.1.8-test-fix.patch to it and drop patch - at-3.1.8-shell.patch: drop (#22216,#91233) - run "make test" after building - add "--without check" rpmbuild option - fix autoconf comment to point to right patch - use _sysconfdir, _sbindir, _bindir, and _localstatedir * Wed Jan 22 2003 Tim Powers 3.1.8-33 - rebuilt * Wed Nov 27 2002 Tim Powers 3.1.8-32 - remove unpackaged files from the buildroot * Thu Jul 25 2002 Bill Huang - Fixed delaying job execution and missing starting jobs..(bug#69595) (Thanks Bujor D Silaghi for his patch.) * Fri Jul 19 2002 Bill Huang - Fixed cleaning atq and multiple atd daemon.(bug#67414) (Thanks Bujor D Silaghi for his patch.) * Fri Jul 19 2002 Bill Huang - Fixed error message output in atd.c * Fri Jun 21 2002 Tim Powers - automated rebuild * Mon May 27 2002 Bill Huang - Rebuild for Milan * Thu May 23 2002 Tim Powers - automated rebuild * Fri Feb 1 2002 Bernhard Rosenkraenzer 3.1.8-25 - Require smtpdaemon rather than sendmail - postfix works just as well. * Thu Jan 31 2002 Bill Nottingham 3.1.8-24 - rebuild in new env. * Thu Jan 17 2002 Trond Eivind Glomsr??d 3.1.8-23 - s/Copyright/License/ * Mon Jan 14 2002 Adrian Havill 3.1.8-21 - fix man page (#51253) - fix env prop problem (#49491) - .SEQ should not be executable (#52626) - beefed up file creation perms against symlink exploits (O_EXCL) * Thu Aug 2 2001 Crutcher Dunnavant 3.1.8-20 - updated patch update, still bug #46546 * Wed Jul 18 2001 Crutcher Dunnavant - applied enrico.scholz at informatik.tu-chemnitz.de's change to the env patch to - address bug #46546 * Mon Jun 25 2001 Crutcher Dunnavant - changed atd.init to start at 95, stop at 5, closing #15915 - applied mailto:wp at supermedia.pl's environment patch * Sun Jun 24 2001 Elliot Lee - Bump release + rebuild. * Wed Apr 4 2001 Crutcher Dunnavant - much love to David Kilzer - who nailed UTC, Leap year, DST, and some other edge cases down - he also wrote a test harness in perl - bug #28448 * Fri Feb 2 2001 Trond Eivind Glomsr??d - i18nize initscript * Tue Dec 12 2000 Bill Nottingham - fix documentation of which shell commands will be run with (#22216) * Wed Aug 23 2000 Crutcher Dunnavant - Well, we will likely never really close the UTC issues, - because of 1) fractional timezones, and 2) daylight savigns time. - but there is a slight tweak to the handling of dst in the UTC patch. * Wed Aug 23 2000 Crutcher Dunnavant - fixed bug #15685 - which had at miscaluclating UTC times. * Sat Jul 15 2000 Bill Nottingham - move initscript back * Wed Jul 12 2000 Prospector - automatic rebuild * Thu Jul 6 2000 Bill Nottingham - prereq /etc/init.d * Sat Jul 1 2000 Nalin Dahyabhai - fix syntax error in init script * Tue Jun 27 2000 Preston Brown - don't prereq, only require initscripts * Mon Jun 26 2000 Preston Brown - move init script - add condrestart directive - fix post/preun/postun scripts - prereq initscripts >= 5.20 * Sat Jun 17 2000 Bill Nottingham - fix verify of /var/spool/at/.SEQ (#12262) * Mon Jun 12 2000 Nalin Dahyabhai - fix status checking and syntax error in init script * Fri Jun 9 2000 Bill Nottingham - fix for long usernames (#11321) - add some bugfixes from debian * Mon May 8 2000 Bernhard Rosenkraenzer - 3.1.8 * Wed Mar 1 2000 Bill Nottingham - fix a couple of more typos, null-terminate some strings * Thu Feb 10 2000 Bill Nottingham - fix many-years-old typo in atd.c * Thu Feb 3 2000 Bill Nottingham - handle compressed man pages * Mon Aug 16 1999 Bill Nottingham - initscript munging, build as non-root user * Sun Jun 13 1999 Jeff Johnson - correct perms for /var/spool/at after defattr. * Mon May 24 1999 Jeff Johnson - reset SIGCHLD before exec (#3016). * Sun Mar 21 1999 Cristian Gafton - auto rebuild in the new build environment (release 8) * Thu Mar 18 1999 Cristian Gafton - fix handling the 12:00 time * Wed Jan 13 1999 Bill Nottingham - configure fix for arm * Wed Jan 6 1999 Cristian Gafton - build for glibc 2.1 * Tue May 5 1998 Prospector System - translations modified for de, fr, tr * Wed Apr 22 1998 Michael K. Johnson - enhanced initscript * Sun Nov 9 1997 Michael K. Johnson - learned to spell * Wed Oct 22 1997 Michael K. Johnson - updated to at version 3.1.7 - updated lock and sequence file handling with %ghost - Use chkconfig and atd, now conflicts with old crontabs packages * Thu Jun 19 1997 Erik Troan - built against glibc --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 6298f4951df74da90f772aea459eac49 SRPMS/at-3.1.8-68_FC3.src.rpm c22b420912cd79ddec719b0fedc9ba87 x86_64/at-3.1.8-68_FC3.x86_64.rpm 90d0fe3286862af9bcf222040083077e x86_64/debug/at-debuginfo-3.1.8-68_FC3.x86_64.rpm 024298e264411999e41bc47a268f2a7d i386/at-3.1.8-68_FC3.i386.rpm 2ebb87cb03de380e44f0d10ea69e223b i386/debug/at-debuginfo-3.1.8-68_FC3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From jvdias at redhat.com Fri Mar 11 21:04:32 2005 From: jvdias at redhat.com (Jason Vas Dias) Date: Fri, 11 Mar 2005 16:04:32 -0500 Subject: Fedora Core 3 Update: bind-9.2.5-1 Message-ID: <200503112104.j2BL4W4V006290@jvdsibm.boston.redhat.com> Subject: Fedora Core 3 Update: bind-9.2.5-1 --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-208 2005-03-11 --------------------------------------------------------------------- Product : Fedora Core 3 Name : bind Version : 9.2.5 Release : 1 Summary : The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server. Description : BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. --------------------------------------------------------------------- Update Information: o Upgraded to ISC BIND 9.2.5 (final release) o Added libbind man-pages (see 'man libbind-resolver', 'man libbind-irs.conf') o Fixed libbind h_errno handling (bug 150288) --------------------------------------------------------------------- * Fri Mar 11 2005 Jason Vas Dias - 24:9.2.5-1 - Upgrade to ISC BIND 9.3.1 (final release) released today. * Wed Mar 9 2005 Jason Vas Dias - 24:9.2.5-1 - fix bug 150288: h_errno not being accessed / set correctly in libbind - add libbind man-pages from bind-8.4.6 * Tue Mar 1 2005 Nalin Dahyabhai - 24:9.2.5-1 - configure with --with-pic to get PIC libraries * Thu Feb 24 2005 Jason Vas Dias - 22:9.2.5rc1-1 - Upgrade to ISC BIND 9.2.5rc1 in FC3 - fix bug 149572: dup of 147824 / 147073 / 145664 * Sun Feb 20 2005 Jason Vas Dias - 22:9.3.1rc1-2 - fix bug 149183: don't use getifaddrs() . * Wed Feb 16 2005 Jason Vas Dias - 22:9.3.1rc1-1 - Upgrade to 9.3.1rc1 - Add Simplified Database Backend (SDB) sub-package ( bind-sdb ) - add named_sdb - ldap + pgsql + dir database backend support with - 'ENABLE_SDB' named.sysconfig option - Add BIND resolver library & includes sub-package ( libbind-devel) - fix bug 147824 / 147073 / 145664: ENABLE_ZONE_WRITE in named.init - fix bug 146084 : shutup restorecon * Tue Jan 11 2005 Jason Vas Dias - 22:9.3.0-2 - Fix bug 143438: named.init will now make correct ownership of $ROOTDIR/var/named - based on 'named_write_master_zones' SELinux boolean. - Fix bug 143744: dig & nsupdate IPv6 timeout (dup of 140528) * Mon Nov 29 2004 Jason Vas Dias - 9.3.0-1 - Upgrade BIND to 9.3.0 in Rawhide / FC4 (bugs 134529, 133654...) * Mon Nov 29 2004 Jason Vas Dias - 20:9.2.4-4 - Fix bugs 140528 and 141113: - 2 second timeouts when IPv6 not configured and root nameserver's - AAAA addresses are queried * Mon Oct 18 2004 Jason Vas Dias - 20:9.2.4-2 - Fix bug 136243: bind-chroot %post must run restorecon -R /var/named/chroot - Fix bug 135175: named.init must return non-zero if named is not run - Fix bug 134060: bind-chroot %post must use mktemp, not /tmp/named - Fix bug 133423: bind-chroot %files entries should have been %dirs * Thu Sep 23 2004 Jason Vas Dias - 20:9.2.4-1 - BIND 9.2.4 (final release) released - source code actually - identical to 9.2.4rc8, with only version number change. * Mon Sep 20 2004 Jason Vas Dias - 10:9.2.4rc8-14 - Upgrade to upstream bind-9.2.4rc8 . - Progress: Finally! Hooray! ISC bind now distributes: - o named.conf(5) and nslookup(8) manpages - 'bind-manpages.bz2' source can now disappear - (could this have something to do with ISC bug I raised about this?) - o 'deprecation_msg' global has vanished - bind-9.2.3rc3-deprecation_msg_shut_up.diff.bz2 can disappear * Mon Sep 20 2004 Jason Vas Dias - 10:9.2.4rc8-14 - Fix bug 106572/132385: copy /etc/localtime to chroot on start * Fri Sep 10 2004 Jason Vas Dias - 10:9.2.4rc7-12_EL3 - Fix bug 132303: if ROOTDIR line was replaced after upgrade from - bind-chroot-9.2.2-21, restart named * Wed Sep 8 2004 Jason Vas Dias - 10:9.2.4rc7-11_EL3 - Fix bug 131803: replace ROOTDIR line removed by broken - bind-chroot 9.2.2-21's '%postun'; added %triggerpostun for bind-chroot * Tue Sep 7 2004 Jason Vas Dias - 10:9.2.4rc7-10_EL3 - Fix bugs 130121 & 130981 for RHEL-3 * Mon Aug 30 2004 Jason Vas Dias - 10:9.2.4rc7-10 - Fix bug 130121: add '%ghost' entries for files included in previous - bind-chroot & not in current - ie. named.conf, rndc.key, dev/* - - that RPM removed after upgrade . * Thu Aug 26 2004 Jason Vas Dias - Fix bug 130981: add '-t' option to named-checkconf invocation in - named.init if chroot installed. * Wed Aug 25 2004 Jason Vas Dias - Remove resolver(5) manpage now in man-pages (bug 130792); - Don't create /dev/ entries in bind-chroot if already there (bug 127556); - fix bind-devel Requires (bug 130919) - Set default location for dumpdb & stats files to /var/named/data * Tue Aug 24 2004 Jason Vas Dias - Fix devel Requires for bug 130738 & fix version * Tue Aug 24 2004 Jason Vas Dias - Fix errors on clean install if named group does not exist - (bug 130777) * Thu Aug 19 2004 Jason Vas Dias - Upgrade to bind-9.2.4rc7; applied initscript fix - for bug 102035. * Mon Aug 9 2004 Jason Vas Dias - Fixed bug 129289: bind-chroot install / deinstall - on install, existing config files 'safe_replace'd - with links to chroot copies; on uninstall, moved back. * Fri Aug 6 2004 Jason Vas Dias - Fixed bug 129258: "${prefix}/var/tmp" typo in spec * Wed Jul 28 2004 Jason Vas Dias - Fixed bug 127124 : 'Requires: kernel >= 2.4' - causes problems with Linux VServers * Tue Jul 27 2004 Jason Vas Dias - Fixed bug 127555 : chroot tar missing var/named/slaves * Fri Jul 16 2004 Jason Vas Dias - Upgraded to ISC version 9.2.4rc6 * Fri Jul 16 2004 Jason Vas Dias - Fixed named.init generation of error messages on - 'service named stop' and 'service named reload' - as per bug 127775 * Wed Jun 23 2004 Daniel Walsh 9.2.3-19 - Bump for rhel 3.0 U3 * Wed Jun 23 2004 Daniel Walsh 9.2.3-18 - remove disable-linux-caps * Wed Jun 16 2004 Daniel Walsh 9.2.3-17 - Update RHEL3 to latest bind * Tue Jun 15 2004 Elliot Lee - rebuilt * Tue Jun 8 2004 Daniel Walsh 9.2.3-15 - Remove device files from chroot, Named uses the system one * Fri Mar 26 2004 Daniel Walsh 9.2.3-14 - Move RFC to devel package * Fri Mar 26 2004 Daniel Walsh 9.2.3-13 - Fix location of restorecon * Thu Mar 25 2004 Daniel Walsh 9.2.3-12 - Tighten security on config files. Should be owned by root * Thu Mar 25 2004 Daniel Walsh 9.2.3-11 - Update key patch to include conf-keygen * Tue Mar 23 2004 Daniel Walsh 9.2.3-10 - fix chroot to only happen once. - fix init script to do kill insteall of killall * Mon Mar 15 2004 Daniel Walsh 9.2.3-9 - Add fix for SELinux security context * Tue Mar 2 2004 Elliot Lee - rebuilt * Sat Feb 28 2004 Florian La Roche - run ldconfig for libs subrpm * Mon Feb 23 2004 Tim Waugh - Use ':' instead of '.' as separator for chown. * Tue Feb 17 2004 Daniel Walsh 9.2.3-7 - Add COPYRIGHT * Fri Feb 13 2004 Elliot Lee - rebuilt * Tue Dec 30 2003 Daniel Walsh 9.2.3-5 - Add defattr to libs * Mon Dec 29 2003 Daniel Walsh 9.2.3-4 - Break out library package * Mon Dec 22 2003 Daniel Walsh 9.2.3-3 - Fix condrestart * Wed Nov 12 2003 Daniel Walsh 9.2.3-2 - Move libisc and libdns to bind from bind-util * Tue Nov 11 2003 Daniel Walsh 9.2.3-1 - Move to 9.2.3 * Mon Oct 27 2003 Daniel Walsh 9.2.2.P3-10 - Add PIE support * Fri Oct 17 2003 Daniel Walsh 9.2.2.P3-9 - Add /var/named/slaves directory * Sun Oct 12 2003 Florian La Roche - do not link against libnsl, not needed for Linux * Wed Oct 8 2003 Daniel Walsh 9.2.2.P3-6 - Fix local time in log file * Tue Oct 7 2003 Daniel Walsh 9.2.2.P3-5 - Try again * Mon Oct 6 2003 Daniel Walsh 9.2.2.P3-4 - Fix handling of chroot -/dev/random * Thu Oct 2 2003 Daniel Walsh 9.2.2.P3-3 - Stop hammering stuff on update of chroot environment * Mon Sep 29 2003 Daniel Walsh 9.2.2.P3-2 - Fix chroot directory to grab all subdirectories * Wed Sep 24 2003 Daniel Walsh 9.2.2.P3-1 - New patch to support for "delegation-only" * Wed Sep 17 2003 Daniel Walsh 9.2.2-23 - patch support for "delegation-only" * Wed Jul 30 2003 Daniel Walsh 9.2.2-22 - Update to build on RHL * Wed Jul 30 2003 Daniel Walsh 9.2.2-21 - Install libraries as exec so debug info will be pulled * Sat Jul 19 2003 Daniel Walsh 9.2.2-20 - Remove BSDCOMPAT (BZ 99454) * Tue Jul 15 2003 Daniel Walsh 9.2.2-19 - Update to build on RHL * Tue Jul 15 2003 Daniel Walsh 9.2.2-18 - Change protections on /var/named and /var/chroot/named * Tue Jun 17 2003 Daniel Walsh 9.2.2-17 - Update to build on RHL * Tue Jun 17 2003 Daniel Walsh 9.2.2-16 - Update to build on RHEL * Wed Jun 4 2003 Elliot Lee - rebuilt * Tue Apr 22 2003 Daniel Walsh 9.2.2-14 - Update to build on RHEL * Tue Apr 22 2003 Daniel Walsh 9.2.2-13 - Fix config description of named.conf in chroot - Change named.init script to check for existence of /etc/sysconfig/network * Fri Apr 18 2003 Daniel Walsh 9.2.2-12 - Update to build on RHEL * Fri Apr 18 2003 Daniel Walsh 9.2.2-11 - Update to build on RHEL * Fri Apr 18 2003 Daniel Walsh 9.2.2-10 - Fix echo OK on starting/stopping service * Fri Mar 28 2003 Daniel Walsh 9.2.2-9 - Update to build on RHEL * Fri Mar 28 2003 Daniel Walsh 9.2.2-8 - Fix echo on startup * Tue Mar 25 2003 Daniel Walsh 9.2.2-7 - Fix problems with chroot environment - Eliminate posix threads * Mon Mar 24 2003 Daniel Walsh 9.2.2-6 - Fix build problems * Fri Mar 14 2003 Daniel Walsh 9.2.2-5 - Fix build on beehive * Thu Mar 13 2003 Daniel Walsh 9.2.2-4 - build bind-chroot kit * Tue Mar 11 2003 Daniel Walsh 9.2.2-3 - Change configure to use proper threads model * Fri Mar 7 2003 Daniel Walsh 9.2.2-2 - update to 9.2.2 * Tue Mar 4 2003 Daniel Walsh 9.2.2-1 - update to 9.2.2 * Fri Jan 24 2003 Daniel Walsh 9.2.1-16 - Put a sleep in restart to make sure stop completes * Wed Jan 22 2003 Tim Powers - rebuilt * Tue Jan 7 2003 Daniel Walsh 9.2.1-14 - Separate /etc/rndc.key to separate file * Tue Jan 7 2003 Nalin Dahyabhai 9.2.1-13 - Use openssl's pkgconfig data, if available, at build-time. * Mon Jan 6 2003 Daniel Walsh 9.2.1-12 - Fix log rotate to use service named reload - Change service named reload to give success/failure message [73770] - Fix File checking [75710] - Begin change to automatically run in CHROOT environment * Tue Dec 24 2002 Daniel Walsh 9.2.1-10 - Fix startup script to work like all others. * Mon Dec 16 2002 Daniel Walsh 9.2.1-9 - Fix configure to build on x86_64 platforms * Wed Aug 7 2002 Karsten Hopp - fix #70583, doesn't build on IA64 * Tue Jul 30 2002 Karsten Hopp 9.2.1-8 - bind-utils shouldn't require bind * Mon Jul 22 2002 Karsten Hopp 9.2.1-7 - fix name of pidfine in logrotate script (#68842) - fix owner of logfile in logrotate script (#41391) - fix nslookup and named.conf man pages (output on stderr) (#63553, #63560, #63561, #54889, #57457) - add rfc1912 (#50005) - gzip all rfc's - fix typo in keygen.c (#54870) - added missing manpages (#64065) - shutdown named properly with rndc stop (#62492) - /sbin/nologin instead of /bin/false (#68607) - move nsupdate to bind-utils (where the manpage already was) (#66209, #66381) - don't kill initscript when rndc fails (reload) (#58750) * Mon Jun 24 2002 Bernhard Rosenkraenzer 9.2.1-5 - Fix #65975 * Fri Jun 21 2002 Tim Powers - automated rebuild * Thu May 23 2002 Tim Powers - automated rebuild * Thu May 9 2002 Bernhard Rosenkraenzer 9.2.1-2 - Move libisccc, lib isccfg and liblwres from bind-utils to bind, they're not required if you aren't running a nameserver. * Fri May 3 2002 Florian La Roche - update to 9.2.1 release * Thu Mar 14 2002 Bernhard Rosenkraenzer 9.2.0-8 - Merge 30+ bug fixes from 9.2.1rc1 code * Mon Mar 11 2002 Bernhard Rosenkraenzer 9.2.0-7 - Don't exit if /etc/named.conf doesn't exist if we're running chroot (#60868) - Revert Elliot's changes, we do require specific glibc/glibc-kernheaders versions or bug #58335 will be back. "It compiles, therefore it works" isn't always true. * Thu Feb 28 2002 Elliot Lee 9.2.0-6 - Fix BuildRequires (we don't need specific glibc/glibc-kernheaders versions). - Use _smp_mflags * Wed Feb 20 2002 Bernhard Rosenkraenzer 9.2.0-4 - rebuild, require recent autoconf, automake (#58335) * Fri Jan 25 2002 Tim Powers - rebuild against new libssl * Wed Jan 9 2002 Tim Powers - automated rebuild * Tue Nov 27 2001 Bernhard Rosenkraenzer 9.2.0-1 - 9.2.0 * Thu Nov 22 2001 Bernhard Rosenkraenzer 9.2.0-0.rc10.2 - 9.2.0rc10 * Mon Nov 5 2001 Bernhard Rosenkraenzer 9.2.0-0.rc8.2 - Fix up rndc.conf (#55574) * Thu Oct 25 2001 Bernhard Rosenkraenzer 9.2.0-0.rc8.1 - rc8 - Enforce --enable-threads * Mon Oct 22 2001 Bernhard Rosenkraenzer 9.2.0-0.rc7.1 - 9.2.0rc7 - Use rndc status for "service named status", it's supposed to actually work in 9.2.x. * Wed Oct 3 2001 Bernhard Rosenkraenzer 9.2.0-0.rc5.1 - 9.2.0rc5 - Fix rpm --rebuild with ancient libtool versions (#53938, #54257) * Tue Sep 25 2001 Bernhard Rosenkraenzer 9.2.0-0.rc4.1 - 9.2.0rc4 * Fri Sep 14 2001 Bernhard Rosenkraenzer 9.2.0-0.rc3.1 - 9.2.0rc3 - remove ttl patch, I don't think we need this for 8.0. - remove dig.1.bz2 from the bind8-manpages tar file, 9.2 has a new dig man page - add lwres* man pages to -devel * Mon Sep 3 2001 Bernhard Rosenkraenzer 9.1.3-4 - Make sure /etc/rndc.conf isn't world-readable even after the %post script inserted a random key (#53009) * Thu Jul 19 2001 Bernhard Rosenkraenzer 9.1.3-3 - Add build dependencies (#49368) - Make sure running service named start several times doesn't create useless processes (#47596) - Work around the named parent process returning 0 even if the config file is broken (it's parsed later by the child processes) (#45484) * Mon Jul 16 2001 Bernhard Rosenkraenzer 9.1.3-2 - Don't use rndc status, it's not yet implemented (#48839) * Sun Jul 8 2001 Florian La Roche - update to 9.1.3 release * Tue Jul 3 2001 Bernhard Rosenkraenzer 9.1.3-0.rc3.1 - Fix up rndc configuration and improve security (#46586) * Tue Jun 26 2001 Bernhard Rosenkraenzer 9.1.3-0.rc2.2 - Sync with caching-nameserver-7.1-6 * Mon Jun 25 2001 Bernhard Rosenkraenzer 9.1.3-0.rc2.1 - Update to rc2 * Fri Jun 1 2001 Bernhard Rosenkraenzer 9.1.3-0.rc1.3 - Remove resolv.conf(5) man page, it's now in man-pages * Thu May 31 2001 Bernhard Rosenkraenzer 9.1.3-0.rc1.2 - Add named.conf man page from bind 8.x (outdated, but better than nothing, - Rename the rndc key (#42895) - Add dnssec* man pages * Mon May 28 2001 Bernhard Rosenkraenzer 9.1.3-0.rc1.1 - 9.1.3rc1 - s/Copyright/License/ * Mon May 7 2001 Bernhard Rosenkraenzer 9.1.2-1 - 9.1.2 final. No changes between 9.1.2-0.rc1.1 and this one, except for the version number, though. * Thu May 3 2001 Bernhard Rosenkraenzer 9.1.2-0.rc1.1 - 9.1.2rc1 * Thu Mar 29 2001 Bernhard Rosenkraenzer 9.1.1-1 - 9.1.1 * Thu Mar 15 2001 Bernhard Rosenkraenzer 9.1.0-10 - Merge fixes from 9.1.1rc5 * Sun Mar 11 2001 Bernhard Rosenkraenzer 9.1.0-9 - Work around bind 8 -> bind 9 migration problem when using buggy zone files: accept zones without a TTL, but spew out a big fat warning. (#31393) * Thu Mar 8 2001 Bernhard Rosenkraenzer - Add fixes from rc4 * Fri Mar 2 2001 Nalin Dahyabhai - rebuild in new environment * Thu Mar 1 2001 Bernhard Rosenkraenzer - killall -HUP named if rndc reload fails (#30113) * Tue Feb 27 2001 Bernhard Rosenkraenzer - Merge some fixes from 9.1.1rc3 * Tue Feb 20 2001 Bernhard Rosenkraenzer - Don't use the standard rndc key from the documentation, instead, create a random one at installation time (#26358) - Make /etc/rndc.conf readable by user named only, it contains secret keys * Tue Feb 20 2001 Bernhard Rosenkraenzer - 9.1.1 probably won't be out in time, revert to 9.1.0 and apply fixes from 9.1.1rc2 - bind requires bind-utils (#28317) * Tue Feb 13 2001 Bernhard Rosenkraenzer - Update to rc2, fixes 2 more bugs - Fix build with glibc >= 2.2.1-7 * Thu Feb 8 2001 Bernhard Rosenkraenzer - Update to 9.1.1rc1; fixes 17 bugs (14 of them affecting us; 1 was fixed in a Red Hat patch already, 2 others are portability improvements) * Wed Feb 7 2001 Bernhard Rosenkraenzer - Remove initscripts 5.54 requirement (#26489) * Mon Jan 29 2001 Bernhard Rosenkraenzer - Add named-checkconf, named-checkzone (#25170) * Mon Jan 29 2001 Trond Eivind Glomsr?d - use echo, not gprintf * Wed Jan 24 2001 Bernhard Rosenkraenzer - Fix problems with $GENERATE Patch from Daniel Roesen Bug #24890 * Thu Jan 18 2001 Bernhard Rosenkraenzer - 9.1.0 final * Sat Jan 13 2001 Bernhard Rosenkraenzer - 9.1.0rc1 - i18nify init script - bzip2 source to save space * Thu Jan 11 2001 Bernhard Rosenkraenzer - Fix %postun script * Tue Jan 9 2001 Bernhard Rosenkraenzer - 9.1.0b3 * Mon Jan 8 2001 Bernhard Rosenkraenzer - Add named.conf man page from bind8 (#23503) * Sun Jan 7 2001 Bernhard Rosenkraenzer - Make /etc/rndc.conf and /etc/sysconfig/named noreplace - Make devel require bind = %{version} rather than just bind * Sun Jan 7 2001 Bernhard Rosenkraenzer - Fix init script for real * Sat Jan 6 2001 Bernhard Rosenkraenzer - Fix init script when ROOTDIR is not set * Thu Jan 4 2001 Bernhard Rosenkraenzer - Add hooks for setting up named to run chroot (RFE #23246) - Fix up requirements * Fri Dec 29 2000 Bernhard Rosenkraenzer - 9.1.0b2 * Wed Dec 20 2000 Bernhard Rosenkraenzer - Move run files to /var/run/named/ - /var/run isn't writable by the user we're running as. (Bug #20665) * Tue Dec 19 2000 Bernhard Rosenkraenzer - Fix reverse lookups (#22272) - Run ldconfig in %post utils * Tue Dec 12 2000 Karsten Hopp - fixed logrotate script (wrong path to kill) - include header files in -devel package - bugzilla #22049, #19147, 21606 * Fri Dec 8 2000 Bernhard Rosenkraenzer - 9.1.0b1 (9.1.0 is in our timeframe and less buggy) * Mon Nov 13 2000 Bernhard Rosenkraenzer - 9.0.1 * Mon Oct 30 2000 Bernhard Rosenkraenzer - Fix initscript (Bug #19956) - Add sample rndc.conf (Bug #19956) - Fix build with tar 1.13.18 * Tue Oct 10 2000 Bernhard Rosenkraenzer - Add some missing man pages (taken from bind8) (Bug #18794) * Sun Sep 17 2000 Bernhard Rosenkraenzer - 9.0.0 final * Wed Aug 30 2000 Bernhard Rosenkraenzer - rc5 - fix up nslookup * Thu Aug 24 2000 Bernhard Rosenkraenzer - rc4 * Thu Jul 13 2000 Bernhard Rosenkraenzer - 9.0.0rc1 * Wed Jul 12 2000 Prospector - automatic rebuild * Sun Jul 9 2000 Florian La Roche - add "exit 0" for uninstall case * Fri Jul 7 2000 Florian La Roche - add prereq init.d and cleanup install section * Fri Jun 30 2000 Trond Eivind Glomsr?d - fix the init script * Wed Jun 28 2000 Nalin Dahyabhai - make libbind.a and nslookup.help readable again by setting INSTALL_LIB to "" * Mon Jun 26 2000 Bernhard Rosenkr?nzer - Fix up the initscript (Bug #13033) - Fix build with current glibc (Bug #12755) - /etc/rc.d/init.d -> /etc/init.d - use %{_mandir} rather than /usr/share/man * Mon Jun 19 2000 Bill Nottingham - fix conflict with man-pages - remove compatibilty chkconfig links - initscript munging * Wed Jun 14 2000 Nalin Dahyabhai - modify logrotate setup to use PID file - temporarily disable optimization by unsetting $RPM_OPT_FLAGS at build-time - actually bump the release this time * Sun Jun 4 2000 Bernhard Rosenkraenzer - FHS compliance * Mon Apr 17 2000 Nalin Dahyabhai - clean up restart patch * Mon Apr 10 2000 Nalin Dahyabhai - provide /var/named (fix for bugs #9847, #10205) - preserve args when restarted via ndc(8) (bug #10227) - make resolv.conf(5) a link to resolver(5) (bug #10245) - fix SYSTYPE bug in all makefiles - move creation of named user from %post into %pre * Mon Feb 28 2000 Bernhard Rosenkr?nzer - Fix TTL (patch from ISC, Bug #9820) * Wed Feb 16 2000 Bernhard Rosenkr?nzer - fix typo in spec (it's %post, without a leading blank) introduced in -6 - change SYSTYPE to linux * Fri Feb 11 2000 Bill Nottingham - pick a standard < 100 uid/gid for named * Fri Feb 4 2000 Elliot Lee - Pass named a '-u named' parameter by default, and add/remove user. * Thu Feb 3 2000 Bernhard Rosenkraenzer - fix host mx bug (Bug #9021) * Mon Jan 31 2000 Cristian Gafton - rebuild to fix dependencies - man pages are compressed * Wed Jan 19 2000 Bernhard Rosenkraenzer - It's /usr/bin/killall, not /usr/sbin/killall (Bug #8063) * Mon Jan 17 2000 Bernhard Rosenkraenzer - Fix up location of named-bootconf.pl and make it executable (Bug #8028) - bind-devel requires bind * Mon Nov 15 1999 Bernhard Rosenkraenzer - update to 8.2.2-P5 * Wed Nov 10 1999 Bill Nottingham - update to 8.2.2-P3 * Tue Oct 12 1999 Cristian Gafton - add patch to stop a cache only server from complaining about lame servers on every request. * Fri Sep 24 1999 Preston Brown - use real stop and start in named.init for restart, not ndc restart, it has problems when named has changed during a package update... (# 4890) * Fri Sep 10 1999 Bill Nottingham - chkconfig --del in %preun, not %postun * Mon Aug 16 1999 Bill Nottingham - initscript munging * Mon Jul 26 1999 Bill Nottingham - fix installed chkconfig links to match init file * Sat Jul 3 1999 Jeff Johnson - conflict with new (in man-1.24) man pages (#3876,#3877). * Tue Jun 29 1999 Bill Nottingham - fix named.logrotate (wrong %SOURCE) * Fri Jun 25 1999 Jeff Johnson - update to 8.2.1. - add named.logrotate (#3571). - hack around egcs-1.1.2 -m486 bug (#3413, #3485). - vet file list. * Fri Jun 18 1999 Bill Nottingham - don't run by default * Sun May 30 1999 Jeff Johnson - nslookup fixes (#2463). - missing files (#3152). * Sat May 1 1999 Stepan Kasal - nslookup patched: to count numRecords properly to fix subsequent calls to ls -d to parse "view" and "finger" commands properly the view hack updated for bind-8 (using sed) * Wed Mar 31 1999 Bill Nottingham - add ISC patch - add quick hack to make host not crash - add more docs * Fri Mar 26 1999 Cristian Gafton - add probing information in the init file to keep linuxconf happy - dont strip libbind * Sun Mar 21 1999 Cristian Gafton - auto rebuild in the new build environment (release 3) * Wed Mar 17 1999 Preston Brown - removed 'done' output at named shutdown. * Tue Mar 16 1999 Cristian Gafton - version 8.2 * Wed Dec 30 1998 Cristian Gafton - patch to use the __FDS_BITS macro - build for glibc 2.1 * Wed Sep 23 1998 Jeff Johnson - change named.restart to /usr/sbin/ndc restart * Sat Sep 19 1998 Jeff Johnson - install man pages correctly. - change K10named to K45named. * Wed Aug 12 1998 Jeff Johnson - don't start if /etc/named.conf doesn't exist. * Sat Aug 8 1998 Jeff Johnson - autmagically create /etc/named.conf from /etc/named.boot in %post - remove echo in %post * Wed Jun 10 1998 Jeff Johnson - merge in 5.1 mods * Sun Apr 12 1998 Manuel J. Galan - Several essential modifications to build and install correctly. - Modified 'ndc' to avoid deprecated use of '-' * Mon Dec 22 1997 Scott Lampert - Used buildroot - patched bin/named/ns_udp.c to use for include on Redhat 5.0 instead of --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 2930216991905d75b41a88e48cd81106 SRPMS/bind-9.2.5-1.src.rpm d9569c1c525f410e933af983bd12b725 x86_64/bind-9.2.5-1.x86_64.rpm e7682cd161c6d1632719a6adbd5b9238 x86_64/bind-libs-9.2.5-1.x86_64.rpm 37b4b7c2ef69ca6736253502229db86b x86_64/bind-utils-9.2.5-1.x86_64.rpm e29451d8d21de57b414b612b40de54d1 x86_64/bind-devel-9.2.5-1.x86_64.rpm a4a15746b25afc479b8abff9293b2a82 x86_64/bind-libbind-devel-9.2.5-1.x86_64.rpm 8008039e23f42be6916fbd35e3424cce x86_64/bind-chroot-9.2.5-1.x86_64.rpm 1b4cda25b8f2fb313255d90750af040d x86_64/bind-sdb-9.2.5-1.x86_64.rpm 7535b3a2b6404a4937ae6befbe6de20a x86_64/debug/bind-debuginfo-9.2.5-1.x86_64.rpm 7c38d0f00383846638730fd9e47098fe x86_64/bind-libs-9.2.5-1.i386.rpm def0467f7f6d51f2ab4011ce5ec8d3fb i386/bind-9.2.5-1.i386.rpm 7c38d0f00383846638730fd9e47098fe i386/bind-libs-9.2.5-1.i386.rpm 933b08abe8299f8f60aa371dfe7f349f i386/bind-utils-9.2.5-1.i386.rpm 6971be48498737292782885778835b55 i386/bind-devel-9.2.5-1.i386.rpm 94f3082310bdf8c064072fca9061a549 i386/bind-libbind-devel-9.2.5-1.i386.rpm 1ddce0720de6e76d195ae6e91af4045a i386/bind-chroot-9.2.5-1.i386.rpm b154cd70449824c584c8f394198b5035 i386/bind-sdb-9.2.5-1.i386.rpm 7e5d3a8bdb8b7741c904721fc66c8ded i386/debug/bind-debuginfo-9.2.5-1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From dcbw at redhat.com Sat Mar 12 15:42:31 2005 From: dcbw at redhat.com (Dan Williams) Date: Sat, 12 Mar 2005 10:42:31 -0500 (EST) Subject: Fedora Core 2 Update: openoffice.org-1.1.3-9.4.0.fc2 Message-ID: --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-206 2005-03-12 --------------------------------------------------------------------- Product : Fedora Core 2 Name : openoffice.org Version : 1.1.3 Release : 9.4.0.fc2 Summary : OpenOffice.org comprehensive office suite. Description : OpenOffice.org is an Open Source, community-developed, multi-platform office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticated and flexible, OpenOffice.org also works transparently with a variety of file formats, including Microsoft Office. Usage: Simply type "ooffice" to run OpenOffice.org or select the requested component (Writer, Calc, Draw, Impress, etc.) from your desktop menu. The ooffice wrapper script will install a few files in the user's home, if necessary. The OpenOffice.org team hopes you enjoy working with OpenOffice.org! Note: Non-.vor templates covered under the GPL license. --------------------------------------------------------------------- Update Information: This update makes the Fedora Core 2 version of OpenOffice.org equivalent to the version in Fedora Core 3. Some notable fixes: o Inclusion of Tamil and Gujarati translations o Fixes for Indic glyph layout o Work better with IIIMF international input methods o Work around #124374# (spell checking out-of-memory crash) o Some Japanese glyph layout fixes Full changes list is in the RPM changelog. --------------------------------------------------------------------- * Thu Mar 3 2005 Dan Williams - 1.1.3-9 - #rh139032# OO Writer crashes when enabling automatic hyphenation in Polish document * Wed Mar 2 2005 Dan Williams - 1.1.3-8 - Ensure that wrapper scripts have correct permissions * Mon Feb 28 2005 Dan Williams - 1.1.3-7 - #rh146431# OOcalc: Printouts cut off at bottom of page when "fit printout to number of pages" used - #rh147257# Can't edit sequence of dates - #rh146883# Fill Series behavior broken in Calc - #rh144440# New auto-fill doesn't work right for date formatted cells - #rh126701# Incorrect Instructions in Help file for managing fonts - #rh140171# Auto Pilot Forms reports missing files - #rh146758# Cannot unhide rows in calc * Sat Feb 12 2005 Dan Williams - 1.1.3-6 - Revert _another_ Novell patch that caused individual programs not to launch * Sat Feb 5 2005 Dan Williams - 1.1.3-5 - Disable Evo2 connector on FC4 builds until we can get it ported to Evo 2.2 * Tue Feb 1 2005 Dan Williams - 1.1.3-4 - #rh146328# Fix printer discovery * Tue Feb 1 2005 Dan Williams - 1.1.3-3 - #rh146580# Dump upstream Novell patch that shifts rows on paste in Calc * Fri Jan 21 2005 Dan Williams - 1.1.3-2 - Update to latest ooo-build. - NOTE: there may still be some i18n text-entry bugs when using IIIMF input modules. * Thu Jan 6 2005 Dan Williams - 1.1.3-1 - Update to OpenOffice.org 1.1.3, latest ooo-build * Sun Dec 12 2004 Dan Williams - 1.1.2-18 - #rh137854# Japanese document from Windows is heavily broken (Pass #2, much better fix this time around) - #rh129719# Upstream indic translations need to be incorporated into OOo packages (Work around translation bugs, most Gujarati UI strings should be native now) * Tue Dec 7 2004 Dan Williams - 1.1.2-17 - #rh123018# .xls files don't open under recent documents - #rh124877# [Portuguese] Tools -> Options get confused - #rh129719# Upstream indic translations need to be incorporated into OOo packages (Untranslated strings are now English, not German) - #rh134021# oocalc not able to use the fontset for different languages - #rh137012# Bengali does not have fallback fonts (Caolan) - #rh138056# [OOo] unable to fallback to tamil, punjabi, gujarati font - Better Input Method behavior * Mon Dec 6 2004 Dan Williams - 1.1.2-16 - Fix RH9 builds by adding patch for db4 4.0 (Peter Backlund) - Split out the direct OOo patches rather than having them be patches against /dev/null - #rh140041# opening multiple files fails (Caolan) - #rh138649# Tamil characters have spacing problem (overlapping glyphs) - #rh137954# Openoffice UI broken in indic locales - #rh137522# [OOo] sends two right and left arrow to OOo apps - Trim dictionary list to work around #rh124374# for the time being * Wed Nov 24 2004 Dan Williams - 1.1.2-14 - #rh129719# Upstream indic translations need to be incorporated into OOo packages (Fix transex3 to not screw up the merges) - #rh136990# Backspace fails after IIIMF input - Sort and prune duplicate entries from dictionary.lst file * Tue Nov 23 2004 Dan Williams - 1.1.2-13 - #rh109628# Font 'Symbol' not displayed correctly (Caolan) - #rh129719# Upstream indic translations need to be incorporated into OOo packages (Actually merge the translations this time) - Accomodate gcc 3.2.3 on gcc 3.4 systems (ie, RHEL4) * Mon Nov 22 2004 Dan Williams - 1.1.2-12 - #rh129719# (partial) Incorporate updated Gujarati translation, Add ta_IN translation - Rebuild to pick up new db4 in FC4 - Link to our .desktop files rather than copying them, so that we can immediately pick up changes rather than having to rebuild --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ a373ad69d3fc1666874d1ab77314f2c7 SRPMS/openoffice.org-1.1.3-9.4.0.fc2.src.rpm 349f4943f0a02c621ae1a65c4d6fc1c1 x86_64/openoffice.org-1.1.3-9.4.0.fc2.i386.rpm 1f641de227766cce6d22cf31f32c11f9 x86_64/openoffice.org-libs-1.1.3-9.4.0.fc2.i386.rpm c14139352236e96c97e2d281df7a470e x86_64/openoffice.org-i18n-1.1.3-9.4.0.fc2.i386.rpm 349f4943f0a02c621ae1a65c4d6fc1c1 i386/openoffice.org-1.1.3-9.4.0.fc2.i386.rpm 1f641de227766cce6d22cf31f32c11f9 i386/openoffice.org-libs-1.1.3-9.4.0.fc2.i386.rpm c14139352236e96c97e2d281df7a470e i386/openoffice.org-i18n-1.1.3-9.4.0.fc2.i386.rpm 592b8defaa8a0bcb4a7c42d00e335ef8 i386/openoffice.org-kde-1.1.3-9.4.0.fc2.i386.rpm 5402a80592a760b12ba5a56dd8d38c3f i386/debug/openoffice.org-debuginfo-1.1.3-9.4.0.fc2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From dcbw at redhat.com Sat Mar 12 15:43:39 2005 From: dcbw at redhat.com (Dan Williams) Date: Sat, 12 Mar 2005 10:43:39 -0500 (EST) Subject: Fedora Core 3 Update: openoffice.org-1.1.3-9.5.0.fc3 Message-ID: --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-207 2005-03-12 --------------------------------------------------------------------- Product : Fedora Core 3 Name : openoffice.org Version : 1.1.3 Release : 9.5.0.fc3 Summary : OpenOffice.org comprehensive office suite. Description : OpenOffice.org is an Open Source, community-developed, multi-platform office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticated and flexible, OpenOffice.org also works transparently with a variety of file formats, including Microsoft Office. Usage: Simply type "ooffice" to run OpenOffice.org or select the requested component (Writer, Calc, Draw, Impress, etc.) from your desktop menu. The ooffice wrapper script will install a few files in the user's home, if necessary. The OpenOffice.org team hopes you enjoy working with OpenOffice.org! Note: Non-.vor templates covered under the GPL license. --------------------------------------------------------------------- Update Information: Some notable fixes since 6.5.fc3: - #rh139032# OO Writer crashes when enabling automatic hyphenation in Polish document - #rh146431# OOcalc: Printouts cut off at bottom of page when "fit printout to number of pages" used - #rh147257# Can't edit sequence of dates - #rh146883# Fill Series behavior broken in Calc - #rh144440# New auto-fill doesn't work right for date formatted cells - #rh126701# Incorrect Instructions in Help file for managing fonts - #rh140171# Auto Pilot Forms reports missing files - #rh146758# Cannot unhide rows in calc --------------------------------------------------------------------- * Thu Mar 3 2005 Dan Williams - 1.1.3-9 - #rh139032# OO Writer crashes when enabling automatic hyphenation in Polish document * Wed Mar 2 2005 Dan Williams - 1.1.3-8 - Ensure that wrapper scripts have correct permissions * Mon Feb 28 2005 Dan Williams - 1.1.3-7 - #rh146431# OOcalc: Printouts cut off at bottom of page when "fit printout to number of pages" used - #rh147257# Can't edit sequence of dates - #rh146883# Fill Series behavior broken in Calc - #rh144440# New auto-fill doesn't work right for date formatted cells - #rh126701# Incorrect Instructions in Help file for managing fonts - #rh140171# Auto Pilot Forms reports missing files - #rh146758# Cannot unhide rows in calc --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ a3f80289046eefdd03bbff792389e1ec SRPMS/openoffice.org-1.1.3-9.5.0.fc3.src.rpm 6fdae704c985d8b9725af39715e47865 x86_64/openoffice.org-1.1.3-9.5.0.fc3.i386.rpm 9b6421a908d15f59b155abbae889a3b7 x86_64/openoffice.org-libs-1.1.3-9.5.0.fc3.i386.rpm ab16a7ecfd029543e51dbb82f61cb932 x86_64/openoffice.org-i18n-1.1.3-9.5.0.fc3.i386.rpm 6fdae704c985d8b9725af39715e47865 i386/openoffice.org-1.1.3-9.5.0.fc3.i386.rpm 9b6421a908d15f59b155abbae889a3b7 i386/openoffice.org-libs-1.1.3-9.5.0.fc3.i386.rpm ab16a7ecfd029543e51dbb82f61cb932 i386/openoffice.org-i18n-1.1.3-9.5.0.fc3.i386.rpm 35764843873f972e3a3024b04ac68723 i386/openoffice.org-kde-1.1.3-9.5.0.fc3.i386.rpm 5989e35e1a3dfc9c6c6327e00493c25b i386/debug/openoffice.org-debuginfo-1.1.3-9.5.0.fc3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From dcbw at redhat.com Sat Mar 12 15:52:20 2005 From: dcbw at redhat.com (Dan Williams) Date: Sat, 12 Mar 2005 10:52:20 -0500 (EST) Subject: Fedora Core 3 Update: NetworkManager-0.3.4-1.1.0.fc3 Message-ID: --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-210 2005-03-12 --------------------------------------------------------------------- Product : Fedora Core 3 Name : NetworkManager Version : 0.3.4 Release : 1.1.0.fc3 Summary : Network link manager and user applications Description : NetworkManager attempts to keep an active network connection available at all times. It is intended only for the desktop use-case, and is not intended for usage on servers. The point of NetworkManager is to make networking configuration and setup as painless and automatic as possible. If using DHCP, NetworkManager is _intended_ to replace default routes, obtain IP addresses from a DHCP server, and change nameservers whenever it sees fit. --------------------------------------------------------------------- Update Information: Many fixes. Check the changelog for details. --------------------------------------------------------------------- * Mon Feb 28 2005 Dan Williams 0.3.4-1 - zh_TW translation - Ensure that we restart nscd when changing connections - Fix DHCP renew & rebind operations - Fix themes changes for applet - Make applet update wireless networks incrementally instead of all at once * Fri Feb 18 2005 Dan Williams 0.3.3-1.cvs20050218 - Applet HIG & display fixes * Mon Feb 14 2005 Dan Williams 0.3.3-2.cvs20050214.x.1 - Fix free of invalid pointer for multiple search domains * Mon Feb 14 2005 Dan Williams 0.3.3-2.cvs20050214 - Never automatically choose a device that doesn't support carrier detection - Add right-click menu to applet, can now "Pause/Resume" scanning through it - Fix DHCP Renew/Rebind timeouts - Fix frequency cycling problem on some cards, even when scanning was off - Play better with IPv6 - Don't send kernel version in DHCP packets, and ensure DHCP packets are at least 300 bytes in length to work around broken router - New DHCP options D-BUS API by Dan Reed - Handle multiple domain search options in DHCP responses * Wed Feb 2 2005 Dan Williams 0.3.3-1.cvs20050202 - Display wireless network name in applet tooltip - Hopefully fix double-default-route problem - Write out valid resolv.conf when we exit - Make multi-domain search options work - Rework signal strength code to be WEXT conformant, if strength is still wierd then its 95% surely a driver problem - Fix annoying instances of suddenly dropping and reactivating a wireless device (Cisco cards were worst offenders here) - Fix some instances of NetworkManager not remembering your WEP key - Fix some races between NetworkManager and NetworkManagerInfo where NetworkManager wouldn't recognize changes in the allowed list - Don't shove Ad-Hoc Access Point MAC addresses into GConf * Tue Jan 25 2005 Dan Williams 0.3.3-1.cvs20050125 - Play nice with dbus 0.23 - Update our list of Allowed Wireless Networks more quickly * Mon Jan 24 2005 Dan Williams 0.3.3-1.cvs20050124 - Update to latest CVS - Make sure we start as late as possible so that we ensure dbus & HAL are already around - Fix race in initial device activation * Mon Jan 24 2005 Than Ngo 0.3.3-1.cvs20050112.4 - rebuilt against new wireless tool --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 5e245c0944196f17532b26a9eda2ddef SRPMS/NetworkManager-0.3.4-1.1.0.fc3.src.rpm f6573f26a4aca51938cf86cb67256e14 x86_64/NetworkManager-0.3.4-1.1.0.fc3.x86_64.rpm 2ac88e596ffac1fdf6580007facd164d x86_64/NetworkManager-gnome-0.3.4-1.1.0.fc3.x86_64.rpm 9e4051f9064d77e59c07f61cb5a8b0d2 x86_64/NetworkManager-devel-0.3.4-1.1.0.fc3.x86_64.rpm a50245dc5f1163cb506efcd3c746cd5d x86_64/NetworkManager-glib-0.3.4-1.1.0.fc3.x86_64.rpm fc26f74fe52ce581ee505287613c3b42 x86_64/debug/NetworkManager-debuginfo-0.3.4-1.1.0.fc3.x86_64.rpm d47b316db22729abbb3e67be4b91fa33 i386/NetworkManager-0.3.4-1.1.0.fc3.i386.rpm 7e40d919cabf1227d370256bab8a1467 i386/NetworkManager-gnome-0.3.4-1.1.0.fc3.i386.rpm b1639e9113ec43151e0757be4eaac0ec i386/NetworkManager-devel-0.3.4-1.1.0.fc3.i386.rpm b64803c3e32f433052696fb2fa240bdd i386/NetworkManager-glib-0.3.4-1.1.0.fc3.i386.rpm 78bd11e66dee2fca467df2c7bdac6933 i386/debug/NetworkManager-debuginfo-0.3.4-1.1.0.fc3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From jvdias at redhat.com Sat Mar 12 19:51:54 2005 From: jvdias at redhat.com (Jason Vas Dias) Date: Sat, 12 Mar 2005 14:51:54 -0500 Subject: Fedora Core 3 Update: at-3.1.8-68_FC3 Message-ID: <200503121951.j2CJpsBT002798@jvdsibm.boston.redhat.com> Subject: Fedora Core 3 Update: at-3.1.8-68_FC3 --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-209 2005-03-12 --------------------------------------------------------------------- Product : Fedora Core 3 Name : at Version : 3.1.8 Release : 68_FC3 Summary : Job spooling tools. Description : At and batch read commands from standard input or from a specified file. At allows you to specify that a command will be run at a particular time. Batch will execute commands when the system load levels drop to a particular level. Both commands use /bin/sh. You should install the at package if you need a utility for time-oriented job control. Note: If it is a recurring job that will need to be repeated at the same time every day/week, etc. you should use crontab instead. --------------------------------------------------------------------- Update Information: o Added check in at(1) to verify if atd PAM authentication will succeed; Job submission will be denied if atd PAM authentication fails. o Fixed PAM authentication in atd (bug 150131). NOTE: the previous advisory for atd-3.1.8-68_FC3 had the wrong advisory ID (FEDORA-2005-208) which was for bind-9.2.5-1_FC3 . Hence this advisory is being re-sent with the correct advisory id: FEDORA-2005-209 --------------------------------------------------------------------- * Tue Mar 8 2005 Jason Vas Dias 3.1.8-68 - Put PAM authentication check in 'check_permissions()', so - user can know when using at(1) if PAM permission is denied. * Tue Mar 8 2005 Jason Vas Dias 3.1.8-67 - better fix for bug 150131: change DAEMON_USERNAME and - DAEMON_GROUPNAME to 'root' . * Mon Mar 7 2005 Jason Vas Dias 3.1.8-66 - fix bug 150131: atd should not relinquish root privilege if - doing su(1) equivalent with PAM . * Tue Jan 25 2005 Jason Vas Dias 3.1.8-64 - bugs 5160/146132: add PAM authentication control to atd * Tue Oct 5 2004 Jason Vas Dias 3.1.8-60 - fix bug 131510: no_export env. var. blacklisting should not - remove 'SHELL' when only 'SHELLOPTS' is blacklisted. - at(1) man-page should not say 'commands are run with /bin/sh' - and should explain usage of SHELL environement variable and - details of blacklisted variables. * Tue Sep 28 2004 Rik van Riel 3.1.8-58 - fix typo in man page, bug 112303 - (regenerated at-3.1.8-man-timespec-path.patch with fix) * Tue Aug 3 2004 Jason Vas Dias - fixed bug 125634 - made usage() agree with manpage * Thu Jul 29 2004 Jason Vas Dias - Added POSIX.2 -t option for RFE 127485 * Thu Jul 29 2004 Jason Vas Dias - Had to disable the 'make test' for the build BEFORE - any changes were made (building on FC2 - perl issue?) - test.pl generates these 'errors' for what looks like - valid output to me: - $ ./test.pl 2>&1 | egrep -v '(^ok$)|(time_only)' - 1..3656 - not ok - 'Monday - 1 month': 'Fri Jul 2 18:29:00 2004' =? 'Sat Jul 3 18:29:00 2004' - not ok - 'Monday - 10 months': 'Thu Oct 2 18:29:00 2003' =? 'Fri Oct 3 18:29:00 2003' - not ok - 'next week - 1 month': 'Mon Jul 5 18:29:00 2004' =? 'Tue Jul 6 18:29:00 2004' - not ok - 'next week - 10 months': 'Sun Oct 5 18:29:00 2003' =? 'Mon Oct 6 18:29:00 2003' - will investigate and fix for next release. * Tue Jun 15 2004 Elliot Lee - rebuilt * Wed May 12 2004 Thomas Woerner - 3.1.8-54 - fixed pie patch: at is pie, now - added build requires for libselinux-devel * Tue May 4 2004 Dan Walsh - 3.1.8-53 - Add fileentrypoint check * Thu Apr 15 2004 Dan Walsh - 3.1.8-52 - Fix SELinux patch * Mon Feb 23 2004 Tim Waugh - Use ':' instead of '.' as separator for chown. * Fri Feb 13 2004 Elliot Lee - 3.1.8-50 - rebuilt * Tue Dec 9 2003 Jens Petersen - 3.1.8-49 - replace at-3.1.8-SHELL-91233.patch by at-3.1.8-SHELL-111386.patch which now executes $SHELL directly in the at shell script after all the variables have been setup with /bin/sh (#91233) [suggested by G??ran Uddeborg] - this changelog is now in utf-8 * Fri Nov 7 2003 Jens Petersen - 3.1.8-48 - add at-3.1.8-pie.patch to build atd as pie (#108415) [Ulrich Drepper] * Fri Oct 31 2003 Dan Walsh - 3.1.8-47.sel * Fri Jun 20 2003 Jens Petersen - 3.1.8-46 - add at-3.1.8-atrun.8-typo-97697.patch to fix typo in atrun.8 (#97697) - update at.1 description of shell behaviour (#91233) * Tue Jun 17 2003 Jens Petersen - 3.1.8-45 - make the job shell default to SHELL instead of "/bin/sh" (#91233) * Wed Jun 4 2003 Elliot Lee - 3.1.8-44 - rebuilt * Tue Jun 3 2003 Jens Petersen - 3.1.8-43 - Replace redundant at-3.1.7-paths.patch by at-3.1.8-man-timespec-path.patch to fix timespec path * Tue Jun 3 2003 Jens Petersen - 3.1.8-41 - update source to at_3.1.8-11 from debian upstream - update source url - at-debian.patch no longer needed - at-3.1.7-paths.patch: the patch to "at.1.in" no longer needed - replace at-3.1.8-lexer.patch with at-3.1.8-11-lexer-parser.diff - at-3.1.8-dst.patch no longer needed - at-3.1.8-lsbdoc.patch no longer needed - at-3.1.8-o_excl.patch no longer needed - bump release number - at-3.1.8-test.patch: move out test.pl to a separate source file - apply at-3.1.8-test-fix.patch to it and drop patch - at-3.1.8-shell.patch: drop (#22216,#91233) - run "make test" after building - add "--without check" rpmbuild option - fix autoconf comment to point to right patch - use _sysconfdir, _sbindir, _bindir, and _localstatedir * Wed Jan 22 2003 Tim Powers 3.1.8-33 - rebuilt * Wed Nov 27 2002 Tim Powers 3.1.8-32 - remove unpackaged files from the buildroot * Thu Jul 25 2002 Bill Huang - Fixed delaying job execution and missing starting jobs..(bug#69595) (Thanks Bujor D Silaghi for his patch.) * Fri Jul 19 2002 Bill Huang - Fixed cleaning atq and multiple atd daemon.(bug#67414) (Thanks Bujor D Silaghi for his patch.) * Fri Jul 19 2002 Bill Huang - Fixed error message output in atd.c * Fri Jun 21 2002 Tim Powers - automated rebuild * Mon May 27 2002 Bill Huang - Rebuild for Milan * Thu May 23 2002 Tim Powers - automated rebuild * Fri Feb 1 2002 Bernhard Rosenkraenzer 3.1.8-25 - Require smtpdaemon rather than sendmail - postfix works just as well. * Thu Jan 31 2002 Bill Nottingham 3.1.8-24 - rebuild in new env. * Thu Jan 17 2002 Trond Eivind Glomsr??d 3.1.8-23 - s/Copyright/License/ * Mon Jan 14 2002 Adrian Havill 3.1.8-21 - fix man page (#51253) - fix env prop problem (#49491) - .SEQ should not be executable (#52626) - beefed up file creation perms against symlink exploits (O_EXCL) * Thu Aug 2 2001 Crutcher Dunnavant 3.1.8-20 - updated patch update, still bug #46546 * Wed Jul 18 2001 Crutcher Dunnavant - applied enrico.scholz at informatik.tu-chemnitz.de's change to the env patch to - address bug #46546 * Mon Jun 25 2001 Crutcher Dunnavant - changed atd.init to start at 95, stop at 5, closing #15915 - applied mailto:wp at supermedia.pl's environment patch * Sun Jun 24 2001 Elliot Lee - Bump release + rebuild. * Wed Apr 4 2001 Crutcher Dunnavant - much love to David Kilzer - who nailed UTC, Leap year, DST, and some other edge cases down - he also wrote a test harness in perl - bug #28448 * Fri Feb 2 2001 Trond Eivind Glomsr??d - i18nize initscript * Tue Dec 12 2000 Bill Nottingham - fix documentation of which shell commands will be run with (#22216) * Wed Aug 23 2000 Crutcher Dunnavant - Well, we will likely never really close the UTC issues, - because of 1) fractional timezones, and 2) daylight savigns time. - but there is a slight tweak to the handling of dst in the UTC patch. * Wed Aug 23 2000 Crutcher Dunnavant - fixed bug #15685 - which had at miscaluclating UTC times. * Sat Jul 15 2000 Bill Nottingham - move initscript back * Wed Jul 12 2000 Prospector - automatic rebuild * Thu Jul 6 2000 Bill Nottingham - prereq /etc/init.d * Sat Jul 1 2000 Nalin Dahyabhai - fix syntax error in init script * Tue Jun 27 2000 Preston Brown - don't prereq, only require initscripts * Mon Jun 26 2000 Preston Brown - move init script - add condrestart directive - fix post/preun/postun scripts - prereq initscripts >= 5.20 * Sat Jun 17 2000 Bill Nottingham - fix verify of /var/spool/at/.SEQ (#12262) * Mon Jun 12 2000 Nalin Dahyabhai - fix status checking and syntax error in init script * Fri Jun 9 2000 Bill Nottingham - fix for long usernames (#11321) - add some bugfixes from debian * Mon May 8 2000 Bernhard Rosenkraenzer - 3.1.8 * Wed Mar 1 2000 Bill Nottingham - fix a couple of more typos, null-terminate some strings * Thu Feb 10 2000 Bill Nottingham - fix many-years-old typo in atd.c * Thu Feb 3 2000 Bill Nottingham - handle compressed man pages * Mon Aug 16 1999 Bill Nottingham - initscript munging, build as non-root user * Sun Jun 13 1999 Jeff Johnson - correct perms for /var/spool/at after defattr. * Mon May 24 1999 Jeff Johnson - reset SIGCHLD before exec (#3016). * Sun Mar 21 1999 Cristian Gafton - auto rebuild in the new build environment (release 8) * Thu Mar 18 1999 Cristian Gafton - fix handling the 12:00 time * Wed Jan 13 1999 Bill Nottingham - configure fix for arm * Wed Jan 6 1999 Cristian Gafton - build for glibc 2.1 * Tue May 5 1998 Prospector System - translations modified for de, fr, tr * Wed Apr 22 1998 Michael K. Johnson - enhanced initscript * Sun Nov 9 1997 Michael K. Johnson - learned to spell * Wed Oct 22 1997 Michael K. Johnson - updated to at version 3.1.7 - updated lock and sequence file handling with %ghost - Use chkconfig and atd, now conflicts with old crontabs packages * Thu Jun 19 1997 Erik Troan - built against glibc --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 6298f4951df74da90f772aea459eac49 SRPMS/at-3.1.8-68_FC3.src.rpm c22b420912cd79ddec719b0fedc9ba87 x86_64/at-3.1.8-68_FC3.x86_64.rpm 90d0fe3286862af9bcf222040083077e x86_64/debug/at-debuginfo-3.1.8-68_FC3.x86_64.rpm 024298e264411999e41bc47a268f2a7d i386/at-3.1.8-68_FC3.i386.rpm 2ebb87cb03de380e44f0d10ea69e223b i386/debug/at-debuginfo-3.1.8-68_FC3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From notting at redhat.com Mon Mar 14 19:13:02 2005 From: notting at redhat.com (Bill Nottingham) Date: Mon, 14 Mar 2005 14:13:02 -0500 Subject: [SECURITY] Fedora Core 2 Update: ipsec-tools-0.5-2.fc2 Message-ID: <20050314191302.GB8615@nostromo.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-216 2005-03-14 --------------------------------------------------------------------- Product : Fedora Core 2 Name : ipsec-tools Version : 0.5 Release : 2.fc2 Summary : Tools for configuring and using IPSEC Description : This is the IPsec-Tools package. You need this package in order to really use the IPsec functionality in the linux-2.5+ kernels. This package builds: - setkey, a program to directly manipulate policies and SAs - racoon, an IKEv1 keying daemon --------------------------------------------------------------------- Update Information: This update fixes a potential DoS in parsing ISAKMP headers in racoon. (CAN-2005-0398) --------------------------------------------------------------------- * Mon Mar 14 2005 Bill Nottingham 0.5-2.fc2 - add patch for DoS (CAN-2005-0398, #145532) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ 5a1446934df359d868931abad0b5dece SRPMS/ipsec-tools-0.5-2.fc2.src.rpm 67f5a539b09d1f4949769c262c67bbfb x86_64/ipsec-tools-0.5-2.fc2.x86_64.rpm b2d3477b282501b7b2df9e204e72068a x86_64/debug/ipsec-tools-debuginfo-0.5-2.fc2.x86_64.rpm f5be8728e35ba990bc9e062af461f73f i386/ipsec-tools-0.5-2.fc2.i386.rpm d1e193c3fddc51c003fc49fbdd051e3e i386/debug/ipsec-tools-debuginfo-0.5-2.fc2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From notting at redhat.com Mon Mar 14 19:13:19 2005 From: notting at redhat.com (Bill Nottingham) Date: Mon, 14 Mar 2005 14:13:19 -0500 Subject: [SECURITY] Fedora Core 3 Update: ipsec-tools-0.5-2.fc3 Message-ID: <20050314191319.GC8615@nostromo.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-217 2005-03-14 --------------------------------------------------------------------- Product : Fedora Core 3 Name : ipsec-tools Version : 0.5 Release : 2.fc3 Summary : Tools for configuring and using IPSEC Description : This is the IPsec-Tools package. You need this package in order to really use the IPsec functionality in the linux-2.5+ kernels. This package builds: - setkey, a program to directly manipulate policies and SAs - racoon, an IKEv1 keying daemon --------------------------------------------------------------------- Update Information: This update fixes a potential DoS in parsing ISAKMP headers in racoon. (CAN-2005-0398) --------------------------------------------------------------------- * Mon Mar 14 2005 Bill Nottingham 0.5-2.fc3 - add patch for DoS (CAN-2005-0398, #145532) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 2b5881b2f3c2dcdd4c9f4bf7e14efe68 SRPMS/ipsec-tools-0.5-2.fc3.src.rpm ac173c36008610697e43fe539ff5e194 x86_64/ipsec-tools-0.5-2.fc3.x86_64.rpm c479f8ded101d4874ff42f204e30b81c x86_64/debug/ipsec-tools-debuginfo-0.5-2.fc3.x86_64.rpm 4cfee74ead434d62b8bb62ea7f58e655 i386/ipsec-tools-0.5-2.fc3.i386.rpm 7767289c05a4a4072b50169e2b920ef5 i386/debug/ipsec-tools-debuginfo-0.5-2.fc3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From tagoh at redhat.com Tue Mar 15 10:49:49 2005 From: tagoh at redhat.com (Akira TAGOH) Date: Tue, 15 Mar 2005 19:49:49 +0900 (JST) Subject: [SECURITY] Fedora Core 3 Update: sylpheed-1.0.3-0.FC3 Message-ID: <20050315.194949.2399045504806929211.tagoh@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-211 2005-03-15 --------------------------------------------------------------------- Product : Fedora Core 3 Name : sylpheed Version : 1.0.3 Release : 0.FC3 Summary : A GTK+ based, lightweight, and fast email client. Description : This program is an X based fast email client which has features like: o user-friendly and intuitive interface o integrated NetNews client (partially implemented) o ability of keyboard-only operation o Mew/Wanderlust-like key bind o multipart MIME o unlimited multiple account handling o message queueing o assortment function o XML-based address book See /usr/share/doc/sylpheed*/README for more information. --------------------------------------------------------------------- * Tue Mar 15 2005 Akira TAGOH - 1.0.3-0.FC3 - New upstream release. - contains the possible buffer overflow issue. (#150688) CAN-2005-0667 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 48093884a36c117c747f5e624ed0eb6d SRPMS/sylpheed-1.0.3-0.FC3.src.rpm e868442d5ab54b25b683fd5afec235b1 x86_64/sylpheed-1.0.3-0.FC3.x86_64.rpm 266c2c7849d5d96b680bcf53136a1928 x86_64/debug/sylpheed-debuginfo-1.0.3-0.FC3.x86_64.rpm 9b5981537fd0273b74faf25f0b15d073 i386/debug/sylpheed-debuginfo-1.0.3-0.FC3.i386.rpm 81e4d2b21d6289f1a4319163029478c7 i386/sylpheed-1.0.3-0.FC3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From than at redhat.com Tue Mar 15 11:54:15 2005 From: than at redhat.com (Than Ngo) Date: Tue, 15 Mar 2005 12:54:15 +0100 Subject: Fedora Core 3 Update: koffice-1.3.5-0.FC3.2 Message-ID: <4236CCE7.70408@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-214 2005-03-15 --------------------------------------------------------------------- Product : Fedora Core 3 Name : koffice Version : 1.3.5 Release : 0.FC3.2 Summary : A set of office applications for KDE. Description : The koffice package contains the KOffice office-type applications for the K Desktop Environment (KDE) GUI desktop. KOffice contains KWord, a word processor; KSpread, a spreadsheet; KPresenter, for presentations; and KChart, a diagram generator. --------------------------------------------------------------------- * Fri Mar 11 2005 Than Ngo 4:1.3.5-0.FC3.2 - fix dead key problem #150489 - place KThesaurus in Accessories #90137 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ f1539901eaab74de1691255ff7fd3b78 SRPMS/koffice-1.3.5-0.FC3.2.src.rpm 0dcfa950569cb0007eb84b11f8bb6886 x86_64/koffice-1.3.5-0.FC3.2.x86_64.rpm b6c46c24b16a3e62bf11e7c23b768d90 x86_64/koffice-devel-1.3.5-0.FC3.2.x86_64.rpm 58a7ad27beec0daceb1d9360f06dfaff x86_64/koffice-i18n-1.3.5-0.FC3.2.x86_64.rpm bb78ea0f2a74c0a18e1526524272f01b x86_64/debug/koffice-debuginfo-1.3.5-0.FC3.2.x86_64.rpm b95f18b3cf4adad494127bcdc6e766fc i386/koffice-1.3.5-0.FC3.2.i386.rpm 7b2460187cd9b1f852bdedfbca712eb1 i386/koffice-devel-1.3.5-0.FC3.2.i386.rpm fb851ef026b8dfce6e5d37a90c8688d9 i386/koffice-i18n-1.3.5-0.FC3.2.i386.rpm 128c1cc53d056364315db50fe674768f i386/debug/koffice-debuginfo-1.3.5-0.FC3.2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From than at redhat.com Tue Mar 15 11:55:22 2005 From: than at redhat.com (Than Ngo) Date: Tue, 15 Mar 2005 12:55:22 +0100 Subject: Fedora Core 3 Update: qt-3.3.4-0.fc3.0 Message-ID: <4236CD2A.6080406@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-215 2005-03-15 --------------------------------------------------------------------- Product : Fedora Core 3 Name : qt Version : 3.3.4 Release : 0.fc3.0 Summary : The shared library for the Qt GUI toolkit. Description : Qt is a GUI software toolkit which simplifies the task of writing and maintaining GUI (Graphical User Interface) applications for the X Window System. Qt is written in C++ and is fully object-oriented. This package contains the shared library needed to run qt applications, as well as the README files for qt. --------------------------------------------------------------------- * Wed Mar 9 2005 Than Ngo 1:3.3.4-0.fc3.0 - 3.3.4 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ d4db8cca1b3c5f63a42122f6ffd92999 SRPMS/qt-3.3.4-0.fc3.0.src.rpm 94de77b35fac817edd92a7ae8950d251 x86_64/qt-3.3.4-0.fc3.0.x86_64.rpm 0d12ea737037540aa4550f34565eef17 x86_64/qt-config-3.3.4-0.fc3.0.x86_64.rpm baa268b01d02167d2f304c9e7b7ac0e0 x86_64/qt-devel-3.3.4-0.fc3.0.x86_64.rpm 1d82744bcdab12018549d2de04fb281c x86_64/qt-ODBC-3.3.4-0.fc3.0.x86_64.rpm 1b2603fa5756e845ed49ddb7be204a48 x86_64/qt-MySQL-3.3.4-0.fc3.0.x86_64.rpm 9964a647aa068acc8c3d453bf8251e79 x86_64/qt-PostgreSQL-3.3.4-0.fc3.0.x86_64.rpm 800d2bf12f15acf1ad9a91c4604b681e x86_64/qt-designer-3.3.4-0.fc3.0.x86_64.rpm 8561d666b7dfccd1080e9da394c15de8 x86_64/debug/qt-debuginfo-3.3.4-0.fc3.0.x86_64.rpm eec1bc3c2e16c6795cd669b610515513 x86_64/qt-3.3.4-0.fc3.0.i386.rpm eec1bc3c2e16c6795cd669b610515513 i386/qt-3.3.4-0.fc3.0.i386.rpm a59da31e5c485bbedd1b1d1a9f7f949e i386/qt-config-3.3.4-0.fc3.0.i386.rpm c2899b72ff2744b53d11eb165660c5b0 i386/qt-devel-3.3.4-0.fc3.0.i386.rpm b8ccc9be931b6a4f1ee2dcafd4b4a8ba i386/qt-ODBC-3.3.4-0.fc3.0.i386.rpm 8263a77fd7a9ee4377cee90eb9bf17b4 i386/qt-MySQL-3.3.4-0.fc3.0.i386.rpm dbfb1d685a37bc7567356896d0850adf i386/qt-PostgreSQL-3.3.4-0.fc3.0.i386.rpm b3ee499f7fb864fbf728c49d1cc221e4 i386/qt-designer-3.3.4-0.fc3.0.i386.rpm 15ddcd2bbdcda4684f5dc44f70668123 i386/debug/qt-debuginfo-3.3.4-0.fc3.0.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From sopwith at redhat.com Tue Mar 15 17:49:59 2005 From: sopwith at redhat.com (Elliot Lee) Date: Tue, 15 Mar 2005 12:49:59 -0500 (EST) Subject: Announcing Fedora Core 4 test1 Message-ID: It's time for the first test release in the Fedora Core 4 development cycle. FC4test1 is available for i386, x86_64, and (for the first time) PPC/PPC64! You can download it via BitTorrent from http://torrent.linux.duke.edu/ (recommended) or via HTTP/FTP from http://download.fedora.redhat.com/pub/fedora/linux/core/test/3.90/ or any of the fine Fedora mirrors listed at http://fedora.redhat.com/download/mirrors.html Notable features of FC4test1 include: . gcc 4.0 as the primary system compiler . GNOME 2.10.0 Beta 2 included . The Eclipse IDE included along with some featured plugins . A solid foundation of Java packages for developers (ant, gcj, tomcat, struts, more classpath stuff) and the ability to possibly run Java apps through gij. . Lots of package updates . Started movement of packages to Fedora Extras . Did I mention PowerPC support? That said, this IS a test release, and I guarantee that there will be bugs that will be annoying. Your help is needed to find and report those bugs in bugzilla (http://bugzilla.redhat.com/bugzilla/). Please also try updating packages from the development tree, to see if the bugs are already fixed there. Questions? Comments? Rotten tomatoes? Send them my way! -- Elliot From mclasen at redhat.com Tue Mar 15 20:44:11 2005 From: mclasen at redhat.com (Matthias Clasen) Date: Tue, 15 Mar 2005 15:44:11 -0500 Subject: Fedora Core 3 Update: ImageMagick-6.0.7.1-5.fc3 Message-ID: <1110919451.5714.51.camel@golem.boston.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-221 2005-03-15 --------------------------------------------------------------------- Product : Fedora Core 3 Name : ImageMagick Version : 6.0.7.1 Release : 5.fc3 Summary : An X application for displaying and manipulating images. Description : ImageMagick(TM) is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work in the original format or a different one. ImageMagick also includes command line programs for creating animated or transparent .gifs, creating composite images, creating thumbnail images, and more. ImageMagick is one of your choices if you need a program to manipulate and dis play images. If you want to develop your own applications which use ImageMagick code or APIs, you need to install ImageMagick-devel as well. --------------------------------------------------------------------- Update Information: The updated packages fix a bug which could cause segfaults when writing TIFF images to the standard output. --------------------------------------------------------------------- * Fri Mar 11 2005 Matthias Clasen - 6.0.7.1-5.fc3 - Make writing tiff to stdout work. * Tue Nov 23 2004 Jonathan Blandford - 6.0.7.1-4.1 - buffer overflow in ImageMagick's EXIF parser, CAN-2004-0981 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 639ebfb8335fd48a128189793f9f8574 SRPMS/ImageMagick-6.0.7.1-5.fc3.src.rpm 2c76c4007d9aecf1de9ada82b241d026 x86_64/ImageMagick-6.0.7.1-5.fc3.x86_64.rpm 5eeaf49a9f1b35c6681cc9c71749eab3 x86_64/ImageMagick- devel-6.0.7.1-5.fc3.x86_64.rpm 27f4b3ace89e2a10fb4d1e10f7ddb5e2 x86_64/ImageMagick- perl-6.0.7.1-5.fc3.x86_64.rpm d61a0a23b96776a4c37aa0e5cfeeee3f x86_64/ImageMagick-c+ +-6.0.7.1-5.fc3.x86_64.rpm b71232a0c0efec0000dbc85fc6a3a07a x86_64/ImageMagick-c++- devel-6.0.7.1-5.fc3.x86_64.rpm 21feb8f46c9a78bc2b95f8ea5f729046 x86_64/debug/ImageMagick- debuginfo-6.0.7.1-5.fc3.x86_64.rpm 8e5bced31488e81c6e6303f908851891 x86_64/ImageMagick-6.0.7.1-5.fc3.i386.rpm 40038a7a475d0ebec894172e05b870c4 x86_64/ImageMagick-c+ +-6.0.7.1-5.fc3.i386.rpm 8e5bced31488e81c6e6303f908851891 i386/ImageMagick-6.0.7.1-5.fc3.i386.rpm 377eaa945c95636108a4525548b8bb63 i386/ImageMagick- devel-6.0.7.1-5.fc3.i386.rpm 6c1f53ef2f9d83f099db56977d6387b3 i386/ImageMagick- perl-6.0.7.1-5.fc3.i386.rpm 40038a7a475d0ebec894172e05b870c4 i386/ImageMagick-c+ +-6.0.7.1-5.fc3.i386.rpm 20406dd1a81f466094e73965512377c6 i386/ImageMagick-c++- devel-6.0.7.1-5.fc3.i386.rpm 7e4f863d98bb8cc84da56c3e977ebcac i386/debug/ImageMagick- debuginfo-6.0.7.1-5.fc3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From rvokal at redhat.com Wed Mar 16 07:16:24 2005 From: rvokal at redhat.com (Radek Vokal) Date: Wed, 16 Mar 2005 02:16:24 -0500 Subject: Fedora Core 3 Update: ethereal-0.10.10-1.FC3.1 Message-ID: <200503160716.j2G7GOcX013137@porkchop.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-212 2005-03-16 --------------------------------------------------------------------- Product : Fedora Core 3 Name : ethereal Version : 0.10.10 Release : 1.FC3.1 Summary : Network traffic analyzer Description : Ethereal is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for ethereal. A graphical user interface is packaged separately to GTK+ package. --------------------------------------------------------------------- * Mon Mar 14 2005 Radek Vokal 0.10.10-1.FC3.1 - new release, fixes three security and stability-related issues (#150706) - a buffer overflow in the Etheric dissector. (CAN-2005-0704) - the GPRS-LLC dissector could crash if the "ignore cipher bit" option was enabled. (CAN-2005-0705) - a buffer overflow in the 3GPP2 A11 dissector (CAN-2005-0699) - a buffer overflow in the IAPP dissector. - a bug in the JXTA dissector could make Ethereal crash. - a bug in the sFlow dissector could make Ethereal crash. --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 1126176a3dd5188ad2f3ee809ccc0a47 SRPMS/ethereal-0.10.10-1.FC3.1.src.rpm 9e99494874fc7f6a15049518bc9d19de x86_64/ethereal-0.10.10-1.FC3.1.x86_64.rpm 756c718b259de399aee4367be6a01e3e x86_64/ethereal-gnome-0.10.10-1.FC3.1.x86_64.rpm af48dd6d29f649baf1824f7b56c39a09 x86_64/debug/ethereal-debuginfo-0.10.10-1.FC3.1.x86_64.rpm b5842f3904bf5f8410e3339a84e05e99 i386/ethereal-0.10.10-1.FC3.1.i386.rpm fdd98d6e39b2ae05662087f3d39dc086 i386/ethereal-gnome-0.10.10-1.FC3.1.i386.rpm b794e631c2a959d0b6a3b7a35236e016 i386/debug/ethereal-debuginfo-0.10.10-1.FC3.1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From rvokal at redhat.com Wed Mar 16 07:17:23 2005 From: rvokal at redhat.com (Radek Vokal) Date: Wed, 16 Mar 2005 02:17:23 -0500 Subject: Fedora Core 2 Update: ethereal-0.10.10-1.FC2.1 Message-ID: <200503160717.j2G7HNJP013923@porkchop.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-213 2005-03-16 --------------------------------------------------------------------- Product : Fedora Core 2 Name : ethereal Version : 0.10.10 Release : 1.FC2.1 Summary : Network traffic analyzer Description : Ethereal is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for ethereal. A graphical user interface is packaged separately to GTK+ package. --------------------------------------------------------------------- * Mon Mar 14 2005 Radek Vokal 0.10.10-1.FC2.1 - new release, fixes three security and stability-related issues (#150706) - a buffer overflow in the Etheric dissector. (CAN-2005-0704) - the GPRS-LLC dissector could crash if the "ignore cipher bit" option was enabled. (CAN-2005-0705) - a buffer overflow in the 3GPP2 A11 dissector (CAN-2005-0699) - a buffer overflow in the IAPP dissector. - a bug in the JXTA dissector could make Ethereal crash. - a bug in the sFlow dissector could make Ethereal crash. --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ 0336d92c41ebbbaac648794e6b83820e SRPMS/ethereal-0.10.10-1.FC2.1.src.rpm 969599a21da89ec9935ba00c623a430f x86_64/ethereal-0.10.10-1.FC2.1.x86_64.rpm 587b7afcc47f0f6a024174c71f713245 x86_64/ethereal-gnome-0.10.10-1.FC2.1.x86_64.rpm d396f9d8738e026b69347ffda79e6ced x86_64/debug/ethereal-debuginfo-0.10.10-1.FC2.1.x86_64.rpm 43546658df1a4fe2938bdffec22dbb7a i386/ethereal-0.10.10-1.FC2.1.i386.rpm f33ef0aeba1176044999fc19dbe47bef i386/ethereal-gnome-0.10.10-1.FC2.1.i386.rpm bb94f6811def74a32934c97bf73e5ac7 i386/debug/ethereal-debuginfo-0.10.10-1.FC2.1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From nphilipp at redhat.com Wed Mar 16 09:31:14 2005 From: nphilipp at redhat.com (Nils Philippsen) Date: Wed, 16 Mar 2005 10:31:14 +0100 Subject: Fedora Core 3 Update: system-config-samba-1.2.28-0.fc3.1 Message-ID: <1110965474.12106.0.camel@wombat.tiptoe.de> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-219 2005-03-16 --------------------------------------------------------------------- Product : Fedora Core 3 Name : system-config-samba Version : 1.2.28 Release : 0.fc3.1 Summary : Samba server configuration tool Description : system-config-samba is a graphical user interface for creating, modifying, and deleting samba shares. --------------------------------------------------------------------- * Tue Mar 15 2005 Nils Philippsen - 1.2.28-0.fc3.1 - fix dialog when share name is missing (#135119) again * Wed Mar 9 2005 Nils Philippsen - 1.2.27-1 - let users configure whether a share is browsable ("visible") or not ("hidden") * Wed Feb 16 2005 Nils Philippsen - use UIManager when possible to avoid deprecation warnings (#134367, #143678) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 7f9f2f61fc167dcbef183260f657a59c SRPMS/system-config-samba-1.2.28-0.fc3.1.src.rpm e2e125e912a3ae4b34328e019c849cd8 x86_64/system-config-samba-1.2.28-0.fc3.1.noarch.rpm e2e125e912a3ae4b34328e019c849cd8 i386/system-config-samba-1.2.28-0.fc3.1.noarch.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- -- Nils Philippsen / Red Hat / nphilipp at redhat.com "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -- B. Franklin, 1759 PGP fingerprint: C4A8 9474 5C4C ADE3 2B8F 656D 47D8 9B65 6951 3011 From than at redhat.com Wed Mar 16 10:07:03 2005 From: than at redhat.com (Than Ngo) Date: Wed, 16 Mar 2005 11:07:03 +0100 Subject: Fedora Core 3 Update: kdenetwork-3.3.1-3 Message-ID: <42380547.6000202@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-220 2005-03-16 --------------------------------------------------------------------- Product : Fedora Core 3 Name : kdenetwork Version : 3.3.1 Release : 3 Summary : K Desktop Environment - Network Applications Description : Networking applications for the K Desktop Environment. --------------------------------------------------------------------- * Tue Mar 15 2005 Than Ngo 7:3.3.1-3 - CVS backport includes fixes: - Kopete fails to store passwords in kde wallet rh#145692 - kopete chat window doesn't use focus stealing policy kde#87416 - increased max length of callback number - crash when we remove the temporary group from the contact list * Fri Oct 15 2004 Than Ngo 7:3.3.1-2 - fix desktop files --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ a1359acf7a6d112490124e44054c4b5e SRPMS/kdenetwork-3.3.1-3.src.rpm ed4ec18d2ac2d638aae602b3ed9ebab2 x86_64/kdenetwork-3.3.1-3.x86_64.rpm b1957239bc79a81ed460094bd9cac4b4 x86_64/kdenetwork-devel-3.3.1-3.x86_64.rpm 5d5f40859ccdb6f15f568dd191d4a8ac x86_64/kdenetwork-nowlistening-3.3.1-3.x86_64.rpm 300048502c592e52447e76ba2d3408e6 x86_64/debug/kdenetwork-debuginfo-3.3.1-3.x86_64.rpm f173410464d00e6abf4b343d035b4097 i386/kdenetwork-3.3.1-3.i386.rpm 28b76afae254348ac74389f3ac1c7a3e i386/kdenetwork-devel-3.3.1-3.i386.rpm 7a9ded80209ccf666a476f645f9264be i386/kdenetwork-nowlistening-3.3.1-3.i386.rpm 07aaedd9e2c5e743e3a4e4a993dea1a9 i386/debug/kdenetwork-debuginfo-3.3.1-3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From harald at redhat.com Wed Mar 16 11:01:32 2005 From: harald at redhat.com (Harald Hoyer) Date: Wed, 16 Mar 2005 12:01:32 +0100 Subject: Fedora Core 3 Update: udev-039-10.FC3.7 Message-ID: <4238120C.4050206@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-198 2005-03-16 --------------------------------------------------------------------- Product : Fedora Core 3 Name : udev Version : 039 Release : 10.FC3.7 Summary : A userspace implementation of devfs Description : udev is a implementation of devfs in userspace using sysfs and /sbin/hotplug. It requires a 2.6 kernel to run properly. --------------------------------------------------------------------- Update Information: Fixed DRI permissions and SCSI hotplug replay in start_udev. --------------------------------------------------------------------- * Tue Mar 8 2005 Harald Hoyer - 039-10.FC3.7 - renamed dvb to dvb0 - fixed #150533 - set dri permissions to 0666 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 64031c8c5cb68c6875c54ba42d103008 SRPMS/udev-039-10.FC3.7.src.rpm 6b1b009a66803460c83a4204fd648b10 x86_64/udev-039-10.FC3.7.x86_64.rpm b5f56c44598fda087db7947f79ac1d1f x86_64/debug/udev-debuginfo-039-10.FC3.7.x86_64.rpm 1b109416c5d5509152aa8c54b6d18041 i386/udev-039-10.FC3.7.i386.rpm 846486c1bec1e996b77a0365b1ee6309 i386/debug/udev-debuginfo-039-10.FC3.7.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From sopwith at redhat.com Wed Mar 16 17:28:00 2005 From: sopwith at redhat.com (Elliot Lee) Date: Wed, 16 Mar 2005 12:28:00 -0500 Subject: Fedora Project Mailing Lists reminder Message-ID: This is a reminder of the mailing lists for the Fedora Project, and the purpose of each list. You can view this information at http://fedora.redhat.com/participate/communicate/ When you're using these mailing lists, please take the time to choose the one that is most appropriate to your post. If you don't know the right mailing list to use for a question or discussion, please contact me. This will help you get the best possible answer for your question, and keep other list subscribers happy! Mailing Lists Mailing lists are email addresses which send email to all users subscribed to the mailing list. Sending an email to a mailing list reaches all users interested in discussing a specific topic and users available to help other users with the topic. The following mailing lists are available. To subscribe, send email to -request at redhat.com (replace with the desired mailing list name such as fedora-list) with the word subscribe in the subject. fedora-announce-list - Announcements of changes and events. To stay aware of news, subscribe to this list. fedora-list - For users of releases. If you want help with a problem installing or using , this is the list for you. fedora-test-list - For testers of test releases. If you would like to discuss experiences using TEST releases, this is the list for you. fedora-devel-list - For developers, developers, developers. If you are interested in helping create releases, this is the list for you. fedora-extras-list - For users and developers of Fedora Extras fedora-docs-list - For participants of the docs project fedora-desktop-list - For discussions about desktop issues such as user interfaces, artwork, and usability fedora-config-list - For discussions about the development of configuration tools fedora-tools-list - For discussions about the toolchain (gcc, gdb, etc...) within Fedora fedora-devel-java-list - For discussions about Java-related Fedora development fedora-patches-list - For submitting patches to Fedora maintainers, and used in line with BugWeek fedora-legacy-announce - For announcements about the Fedora Legacy Project fedora-legacy-list - For discussions about the Fedora Legacy Project fedora-selinux-list - For discussions about the Fedora SELinux Project fedora-marketing-list - For discussions about marketing and expanding the Fedora user base fedora-de-list - For discussions about Fedora in the German language fedora-es-list - For discussions about Fedora in the Spanish language fedora-ja-list - For discussions about Fedora in the Japanese language fedora-i18n-list - For discussions about the internationalization of Fedora Core fedora-trans-list - For discussions about translating the software and documentation associated with the Fedora Project German: fedora-trans-de French: fedora-trans-fr Spanish: fedora-trans-es Italian: fedora-trans-it Brazilian Portuguese: fedora-trans-pt_br Japanese: fedora-trans-ja Korean: fedora-trans-ko Simplified Chinese: fedora-trans-zh_cn Traditional Chinese: fedora-trans-zh_tw From tagoh at redhat.com Thu Mar 17 12:50:14 2005 From: tagoh at redhat.com (Akira TAGOH) Date: Thu, 17 Mar 2005 21:50:14 +0900 (JST) Subject: [SECURITY] Fedora Core 2 Update: sylpheed-1.0.3-0.FC2 Message-ID: <20050317.215014.4601535692268084344.tagoh@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-224 2005-03-17 --------------------------------------------------------------------- Product : Fedora Core 2 Name : sylpheed Version : 1.0.3 Release : 0.FC2 Summary : A GTK+ based, lightweight, and fast email client. Description : This program is an X based fast email client which has features like: o user-friendly and intuitive interface o integrated NetNews client (partially implemented) o ability of keyboard-only operation o Mew/Wanderlust-like key bind o multipart MIME o unlimited multiple account handling o message queueing o assortment function o XML-based address book See /usr/share/doc/sylpheed*/README for more information. --------------------------------------------------------------------- * Thu Mar 17 2005 Akira TAGOH - 1.0.3-0.FC2 - New upstream release. - contains the possible buffer overflow issue. CAN-2005-0667 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ 0d7bc4aae5534e5c71bd8b2698671199 SRPMS/sylpheed-1.0.3-0.FC2.src.rpm ef2dd75105573cc2b75930bc75f87589 x86_64/sylpheed-1.0.3-0.FC2.x86_64.rpm f1499bdc774a0ff9c02d581c2be56f5b x86_64/debug/sylpheed-debuginfo-1.0.3-0.FC2.x86_64.rpm 6f556b79639287449cfd9d066a58b8b4 i386/debug/sylpheed-debuginfo-1.0.3-0.FC2.i386.rpm 4dcfa1c2873479d9499ff882abe65c10 i386/sylpheed-1.0.3-0.FC2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From dmalcolm at redhat.com Thu Mar 17 18:36:08 2005 From: dmalcolm at redhat.com (David Malcolm) Date: Thu, 17 Mar 2005 13:36:08 -0500 Subject: Fedora Core 3 Update: libgal2-2.2.5-1 Message-ID: <200503171836.j2HIa8gF010955@porkchop.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-161 2005-03-17 --------------------------------------------------------------------- Product : Fedora Core 3 Name : libgal2 Version : 2.2.5 Release : 1 Summary : The GNOME Application Library Description : A collection of GNOME widgets and utility functions. --------------------------------------------------------------------- Update Information: - focus focus chaining (JP) - fix category focus handling (Hao Sheng) - Updated translations: gu (Ankit Patel) it (Luca Ferretti, Alessio Frusciante) --------------------------------------------------------------------- * Mon Feb 21 2005 David Malcolm - 2:2.2.5-1 - Update from 2.2.3 to 2.2.5 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 2bfd432ab951eab699c967737f5b7d15 SRPMS/libgal2-2.2.5-1.src.rpm b5d89d2e69c6e67df7dae8d9fa96d707 x86_64/libgal2-2.2.5-1.x86_64.rpm 6279f1b19244c08ada14b1af3eeb6266 x86_64/libgal2-devel-2.2.5-1.x86_64.rpm 9f7bb3f5cf185e86d48696f17d991ad6 x86_64/debug/libgal2-debuginfo-2.2.5-1.x86_64.rpm 1b1ec6436abff34ef1578c56f457d13d x86_64/libgal2-2.2.5-1.i386.rpm 1b1ec6436abff34ef1578c56f457d13d i386/libgal2-2.2.5-1.i386.rpm d21b48bcf943edef9d768f92a884b6be i386/libgal2-devel-2.2.5-1.i386.rpm f6037bd952c44910a012bf8773deb5d2 i386/debug/libgal2-debuginfo-2.2.5-1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From dmalcolm at redhat.com Thu Mar 17 18:39:06 2005 From: dmalcolm at redhat.com (David Malcolm) Date: Thu, 17 Mar 2005 13:39:06 -0500 Subject: Fedora Core 3 Update: libsoup-2.2.2-1.FC3 Message-ID: <200503171839.j2HId6fx012098@porkchop.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-162 2005-03-17 --------------------------------------------------------------------- Product : Fedora Core 3 Name : libsoup Version : 2.2.2 Release : 1.FC3 Summary : Soup, an HTTP library implementation Description : Libsoup is an HTTP library implementation in C. It was originally part of a SOAP (Simple Object Access Protocol) implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications. This enables GNOME applications to access HTTP servers on the network in a completely asynchronous fashion, very similar to the Gtk+ programming model (a synchronous operation mode is also supported for those who want it). --------------------------------------------------------------------- Update Information: Changes in libsoup from 2.2.1 to 2.2.2: * The SSL validation fix from 2.2.1 [64414] is now completely fixed. (Part of the fix didn't actually make it into 2.2.1) * HTTPS certificate validation now works when using an HTTP proxy. [68583] * HTTP proxy code deals better with proxies that try to make the user do HTML-form-based authentication. [68531] * 64-bit fixes for NTLM auth code. [70323, from Michael Zucchi] --------------------------------------------------------------------- * Mon Feb 21 2005 David Malcolm - 2.2.2-1.FC3 - update from 2.2.1 to 2.2.2 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ fb73de21f6132a8e400fc7e898ecc0ec SRPMS/libsoup-2.2.2-1.FC3.src.rpm 21c68360fc0a8dbfc04fb460f513a2fb x86_64/libsoup-2.2.2-1.FC3.x86_64.rpm 4a2058515b6a418f0b74d8f0b2f497ad x86_64/libsoup-devel-2.2.2-1.FC3.x86_64.rpm 4f53720e5385fbf232eadd44d2e06935 x86_64/debug/libsoup-debuginfo-2.2.2-1.FC3.x86_64.rpm 65821624199289f1e0fec03b4a4c476f x86_64/libsoup-2.2.2-1.FC3.i386.rpm 65821624199289f1e0fec03b4a4c476f i386/libsoup-2.2.2-1.FC3.i386.rpm 6d06bc53927ef018b27394d88cb29705 i386/libsoup-devel-2.2.2-1.FC3.i386.rpm e7b565743ce4e9784e4e475b1f89a268 i386/debug/libsoup-debuginfo-2.2.2-1.FC3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From dmalcolm at redhat.com Thu Mar 17 18:41:45 2005 From: dmalcolm at redhat.com (David Malcolm) Date: Thu, 17 Mar 2005 13:41:45 -0500 Subject: Fedora Core 3 Update: evolution-data-server-1.0.4-3 Message-ID: <200503171841.j2HIfj1w014560@porkchop.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-163 2005-03-17 --------------------------------------------------------------------- Product : Fedora Core 3 Name : evolution-data-server Version : 1.0.4 Release : 3 Summary : Backend data server for evolution Description : The evolution-data-server package provides a unified backend for programs that work with contacts, tasks, and calendar information. It was originally developed for Evolution (hence the name), but is now used by other packages. --------------------------------------------------------------------- Update Information: Evolution Data Server 1.0.4, 2005-02-14 ---------------------------------------- Bugzilla bugs fixed (see http://bugzilla.ximian.com/show_bug.cgi): * Address Book #64298 - G/W failure to authenticate (Siva) #67541 - LDAP password not to be remembered (Siva) #66854 - Some strings are missed to translation (Rodney) #71116 - wrong gettext initialization breaks translation (Rodney) #70918 - Importing kontact vcard causes inifinite loop (Siva) * Calendar #64682 - Moving an appointment from one calendar to another sends update (Chen) #67031 - GroupWise tasks are not getting updated in any way (Chen) * All #69186 - cannot remove GAL from Autocomplete in settings (Siva) #64298 - G/W failure to authenticate (Siva) Other bugs * Calendar - warning fixes (Michael) - fix groupwise ssl usage (Harish) * Address Book - fix vcard note migration issues if containing non-ascii chars (Siva) - fix groupwise ssl usage (Harish) * All - 64 bit fixes (Michael) Updated Translations: -et (Priit Laes) -ru (Leonid Kanter) Evolution Data Server 1.0.3, 2004-12-06 ---------------------------------------- Bugzilla bugs fixed (see http://bugzilla.ximian.com/show_bug.cgi): * Calendar #59904 - Speed up calendar queries (Rodrigo) #69624 - make changes in evo corresponding to soap schema changes (Siva) Other bugs * Address Book - prevent e_book_commit_contact from crashing on multiple calls (Diego Gonzalez) - prevent file backend from crashing if uid of vcard is NULL (Diego Gonzalez) * Calendar - fix libical build for automake 1.9 (Rodney) - fix putenv usage for portability (Julio M. Merino Vidal) Updated Translations: - sv (Christian Rose) --------------------------------------------------------------------- * Mon Feb 21 2005 David Malcolm - 1.0.4-3 - updated libsoup requirement from 2.2.1 to 2.2.2 * Mon Feb 21 2005 David Malcolm - 1.0.4-2 - updated sources * Mon Feb 21 2005 David Malcolm - 1.0.4-1 - Update from upstream stable release 1.0.2 to 1.0.4 - Add run-time requirements on libgnomeui, libgnome - Add build-time requirements on libgnomeui-devel, libgnome-devel, bison, libtool - Removed patch for x86_64 build; this is now in upstream tarball - Updated localization code from evolution-data-server-1.5.mo to evolution-data-server-1.0.mo, to match change in upstream tarball --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 53e370baadbb5b739f6abb992cfaa6f4 SRPMS/evolution-data-server-1.0.4-3.src.rpm 78f6bf316034566e2de90f1831716509 x86_64/evolution-data-server-1.0.4-3.x86_64.rpm 06f07adcf8e2579eee9426a2bcc1c1fb x86_64/evolution-data-server-devel-1.0.4-3.x86_64.rpm 94d72968fb84c704bdc200b4c6c3fd1e x86_64/debug/evolution-data-server-debuginfo-1.0.4-3.x86_64.rpm 57d2e92a75ba7bd1aad93aaad69da650 x86_64/evolution-data-server-1.0.4-3.i386.rpm 57d2e92a75ba7bd1aad93aaad69da650 i386/evolution-data-server-1.0.4-3.i386.rpm c1d520c5c85719e7ebdfd9f6b22959d4 i386/evolution-data-server-devel-1.0.4-3.i386.rpm 9fd3f2aa4ccb681ded57babd02f4fef5 i386/debug/evolution-data-server-debuginfo-1.0.4-3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From dmalcolm at redhat.com Thu Mar 17 18:48:02 2005 From: dmalcolm at redhat.com (David Malcolm) Date: Thu, 17 Mar 2005 13:48:02 -0500 Subject: Fedora Core 3 Update: evolution-2.0.4-1 Message-ID: <200503171848.j2HIm2nX017930@porkchop.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-169 2005-03-17 --------------------------------------------------------------------- Product : Fedora Core 3 Name : evolution Version : 2.0.4 Release : 1 Summary : GNOME's next-generation groupware suite Description : Evolution is the GNOME mailer, calendar, contact manager and communications tool. The tools which make up Evolution will be tightly integrated with one another and act as a seamless personal information-management tool. --------------------------------------------------------------------- Update Information: Evolution 2.0.4 --------------- Bugzilla bugs fixed (see http://bugzilla.ximian.com/show_bug.cgi): * Addressbook #36137 - Leading %s in addressbook message totally non-obvious (Siva) #70339 - vcard preview doesn't appear to work (Siva) #70622 - Crash changing gtkhtml settings (JP) #70922 - Email address types should show "Other" when importing vcards (Siva) #70540 - Adding contact from email doesn't let you change "file as" (Hans) * Calendar #41624 - only the last exception is deleted on palm device (JP) #46901 - Only one line gets printed when printing Tasks and Appointments (Yong Sun) * Mail #33933 - Sorting by subject does not result in expected order (Jeff) #70795 - Next/Previous Message Should Only Display Listed Emails (Michael) #65329 - regression in default folder name localisation (Michael) #71312 - Double-clicking vFolder of Draft folder doesn't allow editing (Michael) #71310 - Always loses my signature script settings (Michael) #71310 - Always loses my signature script settings (Michael) #69850 - Crash: attempting to create a Vfolder based on a message without a Sender (Michael) #65178 - newly created folder on local maildir doesn't show until evolution restart (Michael) #70858 - selecting newly created folder flakey (Michael) #60664 - message view does not follow theme change (Michael) #70768 - 'Mark All as Read' marks all the mails which are not in current query as read (Michael) #70563 - crash when 'load images' on MyEclipse newsletter email (Michael) #66943 - Crash when saving draft (Michael) #71105 - When trying to rename a folder containing a slash "/" and spaces, evil stuff happens (Michael) #72020 - Error parsing filter: Unknown identifier: adjust-score (Michael) #38791 - gpg can make evo hang if keyserver unreachable (Michael) #36142 - Don't use acronyms as verbs in messages (Michael) #70303 - pgp signature invalid with very short emails (Michael) #69757 - Memory leak in imap_parse_list_response (Michael) #22496 - Evolution does not appear to support ALERT messages (Michael) #71427 - Evolution does not prompt for new password (Michael) #71625 - Don't display content of e-mail when first selected (Michael) #56110 - Messages in digest displayed as source (Michael) #69024 - Doesn't update NNTP folder in a Virtual folder (Michael) #47824 - nested, identical multipart boundaries dont parse properly (Michael) #70919 - Crash during fetching mail (mail has gpg signature) (Michael) #70556 - Unable load messages info from MS Exchange by IMAP (Michael) Other bugs * Mail -64 bit fixes (Michael) * Addressbook - work around 67411 (Hans) - 64 bit fixes (Michael) - Turkish locale fixes (S.??aglar Onur) * Calendar - fix potential resize crash (Michael) * S/MIME - don't remove the cert from the tree if it wasn't actually deleted (Michael) Updated translations: - nl (Vincent van Adrighem) - pt (Duarte Loreto) - hu (Laszlo Dvornik) - ca (Jordi Mallach) - fr (Jeremie Knuesel, Sebastien Bacher, Christophe Merlet) - sv (Christian Rose) - de (Hendrik Brandt) - id (Mohammad DAMT) - es (Francisco Javier F. Serrador) - da (Martin Willemoes Hansen) - ko (Changwoo Ryu) - zh_CN (Funda Wang) - ms (Hasbullah Bin Pit) - hu (Laszlo Dvornik) - cs (Miloslav Trmac) - ru (Leonid Kanter) - bg (Vladimir Petkov) - sq (Laurent Dhima) - en_GB (David Lodge) - pl (Artur Flinta) - sr (Danilo Segan) - sr at Latn (Danilo Segan) - en_CA (Adam Weinberger) - pt_BR (Raphael Higino) - nn (??smund Skj??veland) Evolution 2.0.3 --------------- Bugzilla bugs fixed (see http://bugzilla.ximian.com/show_bug.cgi): * Addressbook #67656 - almost the same email address are considrered identical (Siva) #69079 - Data repeated after save with bad date format (Siva) #66854 - Some strings are missed to translation (Rodney) * Calendar #47529 - Date in reminder window appears in UTF-8 in non-UTF-8 locale (Rodney) #68707 - Events ending at 12:00 AM show as ending at 12:00 pm (JP) #67403 - wrong alarm time displayed (Rodrigo) #68077 - appointment dialog re-size (Rodrigo) * Mail #69533 - Unable to subscribe to the alt hierarchy (Michael) #69776 - Signed Mail with attachments displays everything with multipart/boundaries stuff (Michael) #69615 - delete certificate after viewing smime message (Michael) #69109 - EHLO or HELO with ip addresses does not conform rfc 821 (Michael) #69982 - During Newsgroup list refresh, it crashes (Michael) #69446 - Mail shown as attachment if some headers are upper case (S. Caglar Onur) #68556 - NNTP with SSL won't work, even with stunnel (Michael) #69145 - toplevel message/rfc822 parts are broken for IMAP (Michael) #69241 - base64 attachement holding PGP block (Jeff) #67895 - nntp support not asking for password (Michael) #67898 - Use of symbolic port-names is not guaranteed to work everywhere (Michael) #69851 - remember password check doesn't stick (Michael) #69623 - Moving a message from an IMAP INBOX to an IMAP folder caused crash (Radek) #69339 - postscript and some other attachments not visable (Michael) #69579 - vFolders#UNMATCHED generates errors (Michael) #68958 - current message forgotten in vfolders (Michael) #68974 - Wizard doesn't store smtp auth settings (Michael) #67496 - html email not rendered in preview pane (Michael) #67014 - Checking supported auth types doesn't work with new SSL certificate (Michael) #68006 - Evo crashed after viewing previously-sent email and copying URL from it (Michael) #68787 - Crash when migrating 1.4 data to 2.0.2 (Michael) #67622 - SMTP auth usernames containing % character fail (Jeff) Other bugs * Mail - fix pthread_key_delete args (Julio M. Merino Vidal) * Calendar - leak fixes (Chen) - sensitize menu items in list view properly (JP) - redraw display when 24hr time setting changes (JP) Updated translations: - nl (Vincent van Adrighem) - pt (Duarte Loreto) - hu (Laszlo Dvornik) - ca (Jordi Mallach) - fr (Jeremie Knuesel, Sebastien Bacher, Christophe Merlet) - sv (Christian Rose) - de (Hendrik Brandt) - id (Mohammad DAMT) - es (Francisco Javier F. Serrador) - da (Martin Willemoes Hansen) - ko (Changwoo Ryu) - zh_CN (Funda Wang) - ms (Hasbullah Bin Pit) - hu (Laszlo Dvornik) - cs (Miloslav Trmac) - ru (Leonid Kanter) - bg (Vladimir Petkov) - sq (Laurent Dhima) - en_GB (David Lodge) - pl (Artur Flinta) - sr (Danilo Segan) - sr at Latn (Danilo Segan) - en_CA (Adam Weinberger) - pt_BR (Raphael Higino) - nn (??smund Skj??veland) --------------------------------------------------------------------- * Thu Feb 24 2005 David Malcolm - 2.0.4-1 - Bugfix update from stable 2.0.2 to stable 2.0.4 - Updated dependency on libsoup from 2.2.0 to 2.2.1 - Updated dependency on e-d-s from 1.0.2 to 1.0.4 - Updated dependency on libgal2 from 2.2.3 to 2.2.5 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 72ed4a1f82e3ebcbe2971a91f0451eee SRPMS/evolution-2.0.4-1.src.rpm 958435fca5d6ce810b3bd97bd04782ac x86_64/evolution-2.0.4-1.x86_64.rpm 2e4ee31bb1349b80d3fcc5522d5caeb9 x86_64/evolution-devel-2.0.4-1.x86_64.rpm faf9358e38493371e4831feb0913557b x86_64/debug/evolution-debuginfo-2.0.4-1.x86_64.rpm e004014d3356c5bda82453c8877505c5 i386/evolution-2.0.4-1.i386.rpm 2d48ddcae3e49015c3dd6598a2e7b41c i386/evolution-devel-2.0.4-1.i386.rpm b3484da44f8b13be55cd8ad94d9f0916 i386/debug/evolution-debuginfo-2.0.4-1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From dmalcolm at redhat.com Thu Mar 17 18:50:23 2005 From: dmalcolm at redhat.com (David Malcolm) Date: Thu, 17 Mar 2005 13:50:23 -0500 Subject: Fedora Core 3 Update: evolution-connector-2.0.4-1 Message-ID: <200503171850.j2HIoNab018598@porkchop.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-170 2005-03-17 --------------------------------------------------------------------- Product : Fedora Core 3 Name : evolution-connector Version : 2.0.4 Release : 1 Summary : Evolution plugin to interact with MS Exchange Server Description : The connector enables added functionality to Evolution when used with a Microsoft Exchange Server. --------------------------------------------------------------------- Update Information: Bugzilla bugs fixed (see http://bugzilla.ximian.com/show_bug.cgi): #65047 - 'Select contacts from Addressbook' hangs (Sushma) #67991 - Can't connect to OWA using Forms-Based Authentication over SSL (Sarfraaz) #70730 - connector hangs on kerberos authentication attempts (Sarfraaz) #71432 - Don't see schedule in new meeting request dialog (Sushma) #70357 - Crash: Exchange calendar query hangs Evolution (glibc gives a double-free or corruption error!) (Sarfraaz) #68330 - Exchange now crashes on start (Sarfraaz) #66963 - The trash is filtered for spam (that I just deleated) when I select (and there by open) the trashdir to do an expunge (Sarfraaz) #71469 - Menus for Connector are not Translated to French (Sarfraaz) #71555 - Label setting is not being saved across sessions (Sushma) #70283 - All-day calendar events incorrectly show as busy (Sarfraaz) #70414 - Memory corruption/build-up tracking bug (Sarfraaz) Fixes for 64 bit support (Michael Zucchi) Updated Translations: (Since 2.0.1) - bg (Alexander Shopov) - da (Martin Willemoes Hansen) - ca (Jordi Mallach) - hu (Laszlo Dvornik) --------------------------------------------------------------------- * Thu Feb 24 2005 David Malcolm - 2.0.4-1 - Stable bugfix update from 2.0.2 to 2.0.4 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ c4eb018424befcb76994ce6d40592ac5 SRPMS/evolution-connector-2.0.4-1.src.rpm c8a39383dcc7e406130b9c780048fe15 x86_64/evolution-connector-2.0.4-1.x86_64.rpm a10e8214e2320e8c381661d07e7a8e4d x86_64/debug/evolution-connector-debuginfo-2.0.4-1.x86_64.rpm b3066837250ac00fa26006eb66c6ce4c i386/evolution-connector-2.0.4-1.i386.rpm 89718d1b55855ee52dd52e48061c8f4f i386/debug/evolution-connector-debuginfo-2.0.4-1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From dwalsh at redhat.com Thu Mar 17 19:42:20 2005 From: dwalsh at redhat.com (Daniel J Walsh) Date: Thu, 17 Mar 2005 14:42:20 -0500 Subject: Fedora Core 3 Update: selinux-policy-targeted-1.17.30-2.89 Message-ID: <4239DD9C.2060709@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-201 2005-03-17 --------------------------------------------------------------------- Product : Fedora Core 3 Name : selinux-policy-targeted Version : 1.17.30 Release : 2.89 Summary : SELinux targeted policy configuration Description : Security-enhanced Linux is a patch of the Linux? kernel and a number of utilities with enhanced security functionality designed to add mandatory access controls to Linux. The Security-enhanced Linux kernel contains new architectural components originally developed to improve the security of the Flask operating system. These architectural components provide general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement?, Role-based Access Control, and Multi-level Security. This package contains the SELinux example policy configuration along with the Flask configuration information and the application configuration files. --------------------------------------------------------------------- * Wed Mar 9 2005 Dan Walsh 1.17.30-2.89 - Backport many changes from rawhide - Allow httpd getattr on etc_t lnk - Switch to use read_sysctl - Clean up postgresql file_contexts - Allow nscd to handle certificates * Tue Mar 1 2005 Dan Walsh 1.17.30-2.87 - Allow listen on stream sockets for httpd_sys_script_t --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 4028eb3ff9c545ae73ae6c77d92787e8 SRPMS/selinux-policy-targeted-1.17.30-2.89.src.rpm 646bbd6b50511484b5f8e49ed8312721 x86_64/selinux-policy-targeted-1.17.30-2.89.noarch.rpm 2a6ecd9ab065012688a63ddbc32ad649 x86_64/selinux-policy-targeted-sources-1.17.30-2.89.noarch.rpm 646bbd6b50511484b5f8e49ed8312721 i386/selinux-policy-targeted-1.17.30-2.89.noarch.rpm 2a6ecd9ab065012688a63ddbc32ad649 i386/selinux-policy-targeted-sources-1.17.30-2.89.noarch.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- -- From dwalsh at redhat.com Thu Mar 17 19:43:54 2005 From: dwalsh at redhat.com (Daniel J Walsh) Date: Thu, 17 Mar 2005 14:43:54 -0500 Subject: Fedora Core 3 Update: policycoreutils-1.18.1-2.10 Message-ID: <4239DDFA.30202@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-195 2005-03-17 --------------------------------------------------------------------- Product : Fedora Core 3 Name : policycoreutils Version : 1.18.1 Release : 2.10 Summary : SELinux policy core utilities. Description : Security-enhanced Linux is a patch of the Linux? kernel and a number of utilities with enhanced security functionality designed to add mandatory access controls to Linux. The Security-enhanced Linux kernel contains new architectural components originally developed to improve the security of the Flask operating system. These architectural components provide general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement?, Role-based Access Control, and Multi-level Security. policycoreutils contains the policy core utilities that are required for basic operation of a SELinux system. These utilities include load_policy to load policies, setfiles to label filesystems, newrole to switch roles, and run_init to run /etc/init.d scripts in the proper context. --------------------------------------------------------------------- * Mon Feb 28 2005 Dan Walsh 1.18.1-2.10 - Change fixfiles to match latest in rawhide - Fix restorecon -e flag to exclude before stat - Move genhomedircon to newer version to allow customizing of usespace --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 145ab7fd04d502ea54e6e8756bb6bb96 SRPMS/policycoreutils-1.18.1-2.10.src.rpm 873dd972012af6234a49b218286836fb x86_64/policycoreutils-1.18.1-2.10.x86_64.rpm dcc6caabc26b6325492276b5591e80d6 x86_64/debug/policycoreutils-debuginfo-1.18.1-2.10.x86_64.rpm 0efbfa6c4c6399f08364b118a9233518 i386/policycoreutils-1.18.1-2.10.i386.rpm ac2a99341a07bfab5f9e764570d64bd0 i386/debug/policycoreutils-debuginfo-1.18.1-2.10.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- -- From sopwith at redhat.com Thu Mar 17 21:37:50 2005 From: sopwith at redhat.com (Elliot Lee) Date: Thu, 17 Mar 2005 16:37:50 -0500 (EST) Subject: Fedora Core CVS commit notifications Message-ID: Hey hackers! If you would like to get details of the commits to Fedora Core packages, you can now receive them by subscribing to the fedora-cvs-commits mailing list (https://www.redhat.com/mailman/listinfo/fedora-cvs-commits). This list is the Fedora Core equivalent of the fedora-extras-commits list. Best, -- Elliot From nphilipp at redhat.com Fri Mar 18 17:44:03 2005 From: nphilipp at redhat.com (Nils Philippsen) Date: Fri, 18 Mar 2005 12:44:03 -0500 Subject: Fedora Core 3 Update: gimp-2.2.4-0.fc3.3 Message-ID: <200503181744.j2IHi3eM029528@devserv.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-204 2005-03-18 --------------------------------------------------------------------- Product : Fedora Core 3 Name : gimp Version : 2.2.4 Release : 0.fc3.3 Summary : The GNU Image Manipulation Program Description : The GIMP (GNU Image Manipulation Program) is a powerful image composition and editing program, which can be extremely useful for creating logos and other graphics for webpages. The GIMP has many of the tools and filters you would expect to find in similar commercial offerings, and some interesting extras as well. The GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. The GIMP includes a scripting facility, but many of the included scripts rely on fonts that we cannot distribute. The GIMP FTP site has a package of fonts that you can install by yourself, which includes all the fonts needed to run the included scripts. Some of the fonts have unusual licensing requirements; all the licenses are documented in the package. Get ftp://ftp.gimp.org/pub/gimp/fonts/freefonts-0.10.tar.gz and ftp://ftp.gimp.org/pub/gimp/fonts/sharefonts-0.10.tar.gz if you are so inclined. Alternatively, choose fonts which exist on your system before running the scripts. --------------------------------------------------------------------- * Wed Mar 9 2005 Nils Philippsen - prevent gifload plugin from crashing when loading files with bogus frame size (#150677, #150678) * Wed Mar 2 2005 Nils Philippsen - don't barf when building with gcc 4.0 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 85fa606526f9c5d55020909d3e4ad24a SRPMS/gimp-2.2.4-0.fc3.3.src.rpm 45554de9a6750bd039596164a10c086b x86_64/gimp-2.2.4-0.fc3.3.x86_64.rpm f310f4be2bb8a4af42fe84cea85b8ed9 x86_64/gimp-devel-2.2.4-0.fc3.3.x86_64.rpm 762f518f82f57812a778a4ed53b6e134 x86_64/debug/gimp-debuginfo-2.2.4-0.fc3.3.x86_64.rpm 13f9835ebff16bca1fca630968edd12e i386/gimp-2.2.4-0.fc3.3.i386.rpm 4cddb436c48fa22597002a99c7dff1d2 i386/gimp-devel-2.2.4-0.fc3.3.i386.rpm a117d0ace35e1fe80b66af7b5b7df380 i386/debug/gimp-debuginfo-2.2.4-0.fc3.3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From kzak at redhat.com Fri Mar 18 22:08:56 2005 From: kzak at redhat.com (Karel Zak) Date: Fri, 18 Mar 2005 17:08:56 -0500 Subject: Fedora Core 3 Update: procps-3.2.3-5.2 Message-ID: <200503182208.j2IM8uae025766@porkchop.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-229 2005-03-18 --------------------------------------------------------------------- Product : Fedora Core 3 Name : procps Version : 3.2.3 Release : 5.2 Summary : System and process monitoring utilities. Description : The procps package contains a set of system utilities that provide system information. Procps includes ps, free, skill, snice, tload, top, uptime, vmstat, w, and watch. The ps command displays a snapshot of running processes. The top command provides a repetitive update of the statuses of running processes. The free command displays the amounts of free and used memory on your system. The skill command sends a terminate command (or another specified signal) to a specified set of processes. The snice command is used to change the scheduling priority of specified processes. The tload command prints a graph of the current system load average to a specified tty. The uptime command displays the current time, how long the system has been running, how many users are logged on, and system load averages for the past one, five, and fifteen minutes. The w command displays a list of the users who are currently logged on and what they are running. The watch program watches a running program. The vmstat command displays virtual memory statistics about processes, memory, paging, block I/O, traps, and CPU activity. --------------------------------------------------------------------- * Fri Mar 17 2006 Karel Zak 3.2.3-5.2 - fix pmap truncates filenames of mappings (#142751) - fix slabtop calculation overflow (#151376) - fix screen resize in top (#151375) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 62c4795f6d899ae9662bf75971cb80b1 SRPMS/procps-3.2.3-5.2.src.rpm 3d37a7b5861b14415cd3843839162293 x86_64/procps-3.2.3-5.2.x86_64.rpm 6c6267f849d836ad267755d5be04f9be x86_64/debug/procps-debuginfo-3.2.3-5.2.x86_64.rpm 10716bef533289b9cbeb51e13c444c3a i386/procps-3.2.3-5.2.i386.rpm 88b9256a52ee3663012c48aae1530405 i386/debug/procps-debuginfo-3.2.3-5.2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From kzak at redhat.com Fri Mar 18 22:11:31 2005 From: kzak at redhat.com (Karel Zak) Date: Fri, 18 Mar 2005 17:11:31 -0500 Subject: Fedora Core 3 Update: lsof-4.72-2.1 Message-ID: <200503182211.j2IMBVoY027479@porkchop.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-230 2005-03-18 --------------------------------------------------------------------- Product : Fedora Core 3 Name : lsof Version : 4.72 Release : 2.1 Summary : A utility which lists open files on a Linux/UNIX system. Description : Lsof stands for LiSt Open Files, and it does just that: it lists information about files that are open by the processes running on a UNIX system. --------------------------------------------------------------------- * Mon Mar 14 2005 Karel Zak 4.72-2.1 - src.rpm cleanup --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 85c4a798cc6197b3d239ddc17eb46c1d SRPMS/lsof-4.72-2.1.src.rpm 95660113c65815251da048a7c87aabe5 x86_64/lsof-4.72-2.1.x86_64.rpm 76cffec9190569e4144474d9c5d4509f x86_64/debug/lsof-debuginfo-4.72-2.1.x86_64.rpm 8f0bfe9c6413d53b97bf431fa25afc6a i386/lsof-4.72-2.1.i386.rpm 10bdecbf779c0d01cdc8dc7cc987fa96 i386/debug/lsof-debuginfo-4.72-2.1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From kzak at redhat.com Fri Mar 18 22:12:28 2005 From: kzak at redhat.com (Karel Zak) Date: Fri, 18 Mar 2005 17:12:28 -0500 Subject: Fedora Core 3 Update: lockdev-1.0.1-4.1 Message-ID: <200503182212.j2IMCSnt028133@porkchop.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-231 2005-03-18 --------------------------------------------------------------------- Product : Fedora Core 3 Name : lockdev Version : 1.0.1 Release : 4.1 Summary : A library for locking devices. Description : Lockdev provides a reliable way to put an exclusive lock to devices using both FSSTND and SVr4 methods. --------------------------------------------------------------------- * Thu Mar 17 2005 Karel Zak 1.0.1-4.1 - lockdev errs on /dev/input/ttyACM0 (3-component pathname) (#126082, #98160, #74454) * Fri Oct 22 2004 Adrian Havill 1.0.1-4 - don't unlock files if pid still exists (#128104) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 46a1f101f0afd36fe3890a9a216fa03d SRPMS/lockdev-1.0.1-4.1.src.rpm fb3b3d79d390e8bbc0fb077dfdd8d0c4 x86_64/lockdev-1.0.1-4.1.x86_64.rpm d5c0f6543f5c560a602b4b6de1f04841 x86_64/lockdev-devel-1.0.1-4.1.x86_64.rpm 37ad618f8187220bb824694875b37d1a x86_64/debug/lockdev-debuginfo-1.0.1-4.1.x86_64.rpm c612c64c53189e98b931fdf99377891c x86_64/lockdev-1.0.1-4.1.i386.rpm c612c64c53189e98b931fdf99377891c i386/lockdev-1.0.1-4.1.i386.rpm 67e10b6fb2f6fab9a30b58e865b52183 i386/lockdev-devel-1.0.1-4.1.i386.rpm 038160a2e8ba98ede14524cb78992bdb i386/debug/lockdev-debuginfo-1.0.1-4.1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From notting at redhat.com Sat Mar 19 00:10:59 2005 From: notting at redhat.com (Bill Nottingham) Date: Fri, 18 Mar 2005 19:10:59 -0500 Subject: [SECURITY] Fedora Core 2 Update: xloadimage-4.1-34.FC2 Message-ID: <200503190010.j2J0Ax5B011938@devserv.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-236 2005-03-18 --------------------------------------------------------------------- Product : Fedora Core 2 Name : xloadimage Version : 4.1 Release : 34.FC2 Summary : An X Window System based image viewer. Description : The xloadimage utility displays images in an X Window System window, loads images into the root window, or writes images into a file. Xloadimage supports many image types (including GIF, TIFF, JPEG, XPM, and XBM). --------------------------------------------------------------------- Update Information: This update fixes CAN-2005-0638, a problem in the parsing of shell metacharacters in filenames. It also fixes bugs in handling of malformed TIFF and PBM/PNM/PPM issues. --------------------------------------------------------------------- * Fri Mar 18 2005 Bill Nottingham - use system libjpeg - fix quoting in filenames (CAN-2005-0638) * Fri Jan 21 2005 Bill Nottingham 4.1-33 - fix bad use of format strings (#70867, #78481 ) * Wed Oct 13 2004 Bill Nottingham 4.1-32 - add patch for slideshow (#114689) * Tue Jun 15 2004 Elliot Lee - rebuilt --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ 2c177151565a8c1c109bc36769831c1a SRPMS/xloadimage-4.1-34.FC2.src.rpm 9d01327b4444c76a06cb1cc8560b5891 x86_64/xloadimage-4.1-34.FC2.x86_64.rpm c3c25132097e69c71172e1d509dfa836 x86_64/debug/xloadimage-debuginfo-4.1-34.FC2.x86_64.rpm ba9ab8fd596fefdf4284015b90c82d36 i386/xloadimage-4.1-34.FC2.i386.rpm f35200f3233a2e9ea5bd560dc589ee29 i386/debug/xloadimage-debuginfo-4.1-34.FC2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From notting at redhat.com Sat Mar 19 00:10:59 2005 From: notting at redhat.com (Bill Nottingham) Date: Fri, 18 Mar 2005 19:10:59 -0500 Subject: [SECURITY] Fedora Core 3 Update: xloadimage-4.1-34.FC3 Message-ID: <200503190010.j2J0AxIC011940@devserv.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-237 2005-03-18 --------------------------------------------------------------------- Product : Fedora Core 3 Name : xloadimage Version : 4.1 Release : 34.FC3 Summary : An X Window System based image viewer. Description : The xloadimage utility displays images in an X Window System window, loads images into the root window, or writes images into a file. Xloadimage supports many image types (including GIF, TIFF, JPEG, XPM, and XBM). --------------------------------------------------------------------- Update Information: This update fixes CAN-2005-0638, a problem in the parsing of shell metacharacters in filenames. It also fixes bugs in handling of malformed TIFF and PBM/PNM/PPM issues. --------------------------------------------------------------------- * Fri Mar 18 2005 Bill Nottingham - use system libjpeg - fix quoting in filenames (CAN-2005-0638) * Fri Jan 21 2005 Bill Nottingham 4.1-33 - fix bad use of format strings (#70867, #78481 ) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 73db46740e8466a34ecf35bd1790b49e SRPMS/xloadimage-4.1-34.FC3.src.rpm a18f636c94faf58a8e1effdc807e0607 x86_64/xloadimage-4.1-34.FC3.x86_64.rpm 3997943e250f2a4913a5c63f412b47b4 x86_64/debug/xloadimage-debuginfo-4.1-34.FC3.x86_64.rpm 9c9668258b3b995830f7fe7ef0752f8e i386/xloadimage-4.1-34.FC3.i386.rpm 66e15fea24aaf802193a7f39bc88edbd i386/debug/xloadimage-debuginfo-4.1-34.FC3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From jdennis at redhat.com Tue Mar 22 20:54:31 2005 From: jdennis at redhat.com (John Dennis) Date: Tue, 22 Mar 2005 15:54:31 -0500 Subject: [SECURITY] Fedora Core 2 Update: mailman-2.1.5-10.fc2 Message-ID: <1111524871.3154.9.camel@localhost.localdomain> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-241 2005-03-22 --------------------------------------------------------------------- Product : Fedora Core 2 Name : mailman Version : 2.1.5 Release : 10.fc2 Summary : Mailing list manager with built in Web access. Description : Mailman is software to help manage email discussion lists, much like Majordomo and Smartmail. Unlike most similar products, Mailman gives each mailing list a webpage, and allows users to subscribe, unsubscribe, etc. over the Web. Even the list manager can administer his or her list entirely from the Web. Mailman also integrates most things people want to do with mailing lists, including archiving, mail <-> news gateways, and so on. Documentation can be found in: /usr/share/doc/mailman-2.1.5 When the package has finished installing, you will need to perform some additional installation steps, these are described in: /usr/share/doc/mailman-2.1.5/INSTALL.REDHAT --------------------------------------------------------------------- Update Information: A cross-site scripting (XSS) flaw in the driver script of mailman prior to version 2.1.5 could allow remote attackers to execute scripts as other web users. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1177 to this issue. Users of mailman should update to this erratum package, which corrects this issue by turning on STEALTH_MODE by default and using Utils.websafe() to quote the html. --------------------------------------------------------------------- * Mon Mar 21 2005 John Dennis - 3:2.1.5-10.fc2 - fix bug #147833, CAN-2004-1177 * Mon Feb 14 2005 John Dennis - 3:2.1.5-9.fc2 - fix bug #147856, moderator -1 admin requests pending * Tue Feb 8 2005 John Dennis - 3:2.1.5-8.fc2 - fix security vulnerability CAN-2005-0202, errata RHSA-2005:136, bug #147343 * Wed Jun 9 2004 John Dennis - 3:2.1.5-6 - fix bug in pre scriplet, last command had been "service mailman stop" - bump rev for rebuild which should have been harmless if mailman was not installed except that it left the exit status from the script as non-zero and rpm aborted the install. * Wed Jun 9 2004 John Dennis - 3:2.1.5-5 - add status reporting to init.d control script stop mailman during an installation restart mailman if it had been running prior to installation * Mon Jun 7 2004 John Dennis - 3:2.1.5-4 - back python prereq down to 2.2, should be sufficient * Thu May 20 2004 John Dennis 3:2.1.5-3 - make python prereq be at least 2.3 * Tue May 18 2004 Jeremy Katz 3:2.1.5-2 - rebuild * Mon May 17 2004 John Dennis 3:2.1.5-1 - bring up to latest 2.1.5 upstream release From Barry Warsaw: Mailman 2.1.5, a bug fix release that also contains new support for the Turkish language, and a few minor new features. Mailman 2.1.5 is a significant upgrade which should improve disk i/o performance, administrative overhead for discarding held spams, and the behavior of bouncing member disables. This version also contains a fix for an exploit that could allow 3rd parties to retrieve member passwords. It is thus highly recommended that all existing sitesupgrade to the latest version * Tue May 4 2004 Warren Togami 3:2.1.4-4 - #105638 fix bytecompile and rpm -V - postun /etc/postfix/aliases fix - clean uninstall (no more empty dirs) - #115378 RedirectMatch syntax fix * Fri Feb 13 2004 Elliot Lee - rebuilt * Fri Jan 9 2004 John Dennis 3:2.1.4-1 - upgrade to new upstream release 2.1.4 - fixes bugs 106349,112851,105367,91463 * Wed Jun 4 2003 Elliot Lee - rebuilt * Wed May 7 2003 John Dennis - bring up to next upstream release 2.1.2 * Sun May 4 2003 Florian La Roche - fix typo in post script: mmusr -> mmuser * Thu Apr 24 2003 John Dennis - fix bug 72004, 74483, 74484, 87856 - improper log rotation - fix bug 88083 - mailman user/group needed to exist during build - fix bug 88144 - wrong %file attributes on mm_cfg.py - fix bug 89221 - mailman user not created on install - fix bug 89250 - wrong pid file name in initscript * Wed Mar 5 2003 Florian La Roche - change to /etc/rc.d/init.d as in all other rpms * Thu Feb 20 2003 John Dennis - change mailman login shell from /bin/false to /sbin/nologin * Fri Feb 14 2003 John Dennis - bring package up to 2.1.1 release, add /usr/share/doc files * Sat Feb 1 2003 Florian La Roche - make the icon dir owned by root:root as in other rpms * Fri Jan 31 2003 John Dennis - various small tweaks to the spec file to make installation cleaner - use /usr/bin/python when compiling, redirect compile output to /dev/null, - don't run update in %post, let the user do it, remove the .pyc files in %postun, - add setting of MAILHOST and URLHOST to localhost.localdomain, don't let - configure set them to the build machine. * Mon Jan 27 2003 John Dennis - add the cross site scripting (xss) security patch to version 2.1 * Fri Jan 24 2003 John Dennis - do not start mailman service in %post * Wed Jan 22 2003 Tim Powers - rebuilt * Mon Jan 20 2003 John Dennis - 1) remove config patch, mailmanctl was not the right file to install in init.d, - it needed to be scripts/mailman - 2) rename httpd-mailman.conf to mailman.conf, since the file now lives - in httpd/conf.d directory the http prefix is redundant and inconsistent - with the other file names in that directory. * Tue Jan 7 2003 John Dennis - Bring package up to date with current upstream source, 2.1 - Fix several install/packaging problems that were in upstream source - Add multiple mail group functionality - Fix syntax error in fblast.py - Remove the forced setting of mail host and url host in mm_cfg.py * Tue Nov 12 2002 Tim Powers 2.0.13-4 - remove files from $$RPM_BUILD_ROOT that we don't intent to ship * Wed Aug 14 2002 Nalin Dahyabhai 2.0.13-3 - set MAILHOST and WWWHOST in case the configure script can't figure out the local host name * Fri Aug 2 2002 Nalin Dahyabhai 2.0.13-2 - rebuild * Fri Aug 2 2002 Nalin Dahyabhai 2.0.13-1 - specify log files individually, per faq wizard - update to 2.0.13 * Wed May 22 2002 Nalin Dahyabhai 2.0.11-1 - update to 2.0.11 * Fri Apr 5 2002 Nalin Dahyabhai 2.0.9-1 - include README.QMAIL in with the docs (#58887) - include README.SENDMAIL and README.EXIM in with the docs - use an included httpd.conf file instead of listing the configuration directives in the %description, which due to specspo magic might look wrong sometimes (part of #51324) - interpolate the DEFAULT_HOST_NAME value in mm.cfg into both the DEFAULT_URL and MAILMAN_OWNER (#57987) - move logs to /var/log/mailman, qfiles to /var/spool/mailman, rotate logs in the log directory (#48724) - raise exceptions when someone tries to set the admin address for a list to that of the admin alias (#61468) * Thu Apr 4 2002 Nalin Dahyabhai - fix a default permissions problem in /var/mailman/archives/private, reported by Johannes Erdfelt - update to 2.0.9 * Tue Apr 2 2002 Nalin Dahyabhai - make the symlink in /etc/smrsh relative * Tue Dec 11 2001 Nalin Dahyabhai 2.0.8-1 - set FQDN and URL at build-time so that they won't be set to the host the RPM package is built on (#59177) * Wed Nov 28 2001 Nalin Dahyabhai - update to 2.0.8 * Sat Nov 17 2001 Florian La Roche 2.0.7-1 - update to 2.0.7 * Wed Jul 25 2001 Nalin Dahyabhai 2.0.6-1 - update to 2.0.6 * Mon Jun 25 2001 Nalin Dahyabhai - code in default user/group names/IDs * Wed May 30 2001 Nalin Dahyabhai - update to 2.0.5 - change the default hostname from localhost to localhost.localdomain in the default configuration - chuck configuration file settings other than those dependent on the host name (the build system's host name is not a good default) (#32337) * Tue Mar 13 2001 Nalin Dahyabhai - update to 2.0.3 * Tue Mar 6 2001 Nalin Dahyabhai - update to 2.0.2 * Wed Feb 21 2001 Nalin Dahyabhai - patch from Barry Warsaw (via mailman-developers) to not die on broken Content-Type: headers * Tue Jan 9 2001 Nalin Dahyabhai - update to 2.0.1 * Wed Dec 6 2000 Nalin Dahyabhai - update to 2.0 final release - move the data to /var * Fri Oct 20 2000 Nalin Dahyabhai - update to beta 6 * Thu Aug 3 2000 Nalin Dahyabhai - add note about adding FollowSymlinks so that archives work * Wed Aug 2 2000 Nalin Dahyabhai - make the default owner root again so that root owns the docs - update to 2.0beta5, which fixes a possible security vulnerability - add smrsh symlink * Mon Jul 24 2000 Prospector - rebuilt * Wed Jul 19 2000 Nalin Dahyabhai - update to beta4 - change uid/gid to apache.apache to match apache (#13593) - properly recompile byte-compiled versions of the scripts (#13619) - change mailman alias from root to postmaster * Sat Jul 1 2000 Nalin Dahyabhai - update to beta3 - drop bugs and arch patches (integrated into beta3) * Tue Jun 27 2000 Nalin Dahyabhai - move web files to reside under /var/www - move files from /usr/share to /usr/share - integrate spot-fixes from mailman lists via gnome.org * Mon Jun 19 2000 Nalin Dahyabhai - rebuild for Power Tools * Tue May 23 2000 Nalin Dahyabhai - Update to 2.0beta2 to pick up security fixes. - Change equires python to list >= 1.5.2 * Mon Nov 8 1999 Bernhard Rosenkranzer - 1.1 * Tue Sep 14 1999 Preston Brown - 1.0 final. * Tue Jun 15 1999 Preston Brown - security fix for cookies - moved to /usr/share/mailman * Fri May 28 1999 Preston Brown - fix up default values. * Fri May 7 1999 Preston Brown - modifications to install scripts * Thu May 6 1999 Preston Brown - initial RPM for SWS 3.0 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ 898fb9a008e82e26614d157bc6178244 SRPMS/mailman-2.1.5-10.fc2.src.rpm 69e2626ff50b3a1c71ef758a3724a5bb x86_64/mailman-2.1.5-10.fc2.x86_64.rpm 9aa5111f6bd88033bebfc67d329b7679 x86_64/debug/mailman-debuginfo-2.1.5-10.fc2.x86_64.rpm 2bb2085fd024b45215d43d0c17dc05f4 i386/mailman-2.1.5-10.fc2.i386.rpm 088c601b4fd076b933128a398810f7b7 i386/debug/mailman-debuginfo-2.1.5-10.fc2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- -- John Dennis From jdennis at redhat.com Tue Mar 22 20:56:15 2005 From: jdennis at redhat.com (John Dennis) Date: Tue, 22 Mar 2005 15:56:15 -0500 Subject: [SECURITY] Fedora Core 3 Update: mailman-2.1.5-32.fc3 Message-ID: <1111524976.3154.11.camel@localhost.localdomain> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-242 2005-03-22 --------------------------------------------------------------------- Product : Fedora Core 3 Name : mailman Version : 2.1.5 Release : 32.fc3 Summary : Mailing list manager with built in Web access. Description : Mailman is software to help manage email discussion lists, much like Majordomo and Smartmail. Unlike most similar products, Mailman gives each mailing list a webpage, and allows users to subscribe, unsubscribe, etc. over the Web. Even the list manager can administer his or her list entirely from the Web. Mailman also integrates most things people want to do with mailing lists, including archiving, mail <-> news gateways, and so on. Documentation can be found in: /usr/share/doc/mailman-2.1.5 When the package has finished installing, you will need to perform some additional installation steps, these are described in: /usr/share/doc/mailman-2.1.5/INSTALL.REDHAT --------------------------------------------------------------------- Update Information: A cross-site scripting (XSS) flaw in the driver script of mailman prior to version 2.1.5 could allow remote attackers to execute scripts as other web users. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1177 to this issue. Users of mailman should update to this erratum package, which corrects this issue by turning on STEALTH_MODE by default and using Utils.websafe() to quote the html. In addition this version of the rpm includes a utility script in /usr/share/doc/mailman-*/contrib/migrate-fhs that can be run if the user has installed an FC3 or FC4 mailman rpm over an older non-FHS compliant mailman installation. The script will aid in moving the file locations from the old directory structure to the new FHS mailman directory structure that are present in FC3, FC4, and RHEL4. Users who have installed mailman originally from FC3, FC4 or RHEL4 will not need to migration any file locations. --------------------------------------------------------------------- * Wed Mar 2 2005 John Dennis - 3:2.1.5-32.fc3 - fix bug #150065, provide migration script for new FHS installation - fix bug #147833, CAN-2004-1177 * Mon Feb 14 2005 John Dennis - 3:2.1.5-31.fc3 - fix bug #132750, add daemon to mail-gid so courier mail server will work. - fix bug #143008, wrong location of mailmanctl in logrotate - fix bug #142605, init script doesn't use /var/lock/subsys * Tue Feb 8 2005 John Dennis - 3:2.1.5-30.fc3 - fix security vulnerability CAN-2005-0202, errata RHSA-2005:137, bug #147343 * Tue Nov 9 2004 John Dennis 3:2.1.5-29.fc3 - fix bug #137863, buildroot path in .pyc files * Mon Nov 8 2004 John Dennis 3:2.1.5-27 - rebuild to fix bug #137863, python embeds build root in .pyc files * Sat Oct 16 2004 John Dennis 3:2.1.5-26 - fix typo in install documentation - fix error in templates/Makefile.in, bad install args, fixes bug #136001, thank you to Kaj J. Niemi for spotting this. * Thu Oct 14 2004 John Dennis 3:2.1.5-24 - more FHS changes, matches with new SELinux security policy * Wed Sep 29 2004 John Dennis 3:2.1.5-21 - move list data dir to /var/lib/mailman to conform to FHS move lock dir to /var/lock/mailman to conform to FHS move config dir (VAR_PREFIX/data) to /etc/mailman to conform to FHS Thanks to Matt Domsch for pointing this out. * Tue Sep 28 2004 John Dennis 3:2.1.5-20 - fix bug #132732, security policy violations, - bump release verison move non-data installation files from /var/mailman to /usr/lib/mailman, update documentation * Fri Sep 10 2004 John Dennis 3:2.1.5-19 - add il18n start/stop strings to init.d script * Fri Sep 10 2004 John Dennis 3:2.1.5-18 - fix bug #89250, add condrestart also fix status return values in mailmanctl and init.d script * Tue Sep 7 2004 John Dennis 3:2.1.5-17 - fix bug #120930, add contents of contrib to doc area * Tue Sep 7 2004 John Dennis 3:2.1.5-16 - fix bug #121220, httpd config file tweaks add doc to INSTALL.REDHAT for selecting MTA * Fri Sep 3 2004 John Dennis 3:2.1.5-15 - fix bug #117615, don't overwrite user modified templates on install made template directory "config noreplace" * Thu Sep 2 2004 John Dennis 3:2.1.5-14 - add comments into the crontab files so users know the /etc/cron.d file is volitile and will edit the right file. Also make the master crontab file "config noreplace" so edits are preserved. * Wed Sep 1 2004 John Dennis 3:2.1.5-13 - fix bug #124208, enable mailman cron jobs from init.d rather than during installation * Tue Aug 31 2004 John Dennis 3:2.1.5-12 - fix bug #129920, cron jobs execute under wrong SELinux policy * Mon Aug 30 2004 John Dennis 3:2.1.5-11 - remove all editing of aliases file in %pre and %post, fixes #bug 125651 * Mon Aug 9 2004 John Dennis 3:2.1.5-10 - fix bug #129492 and bug #120912 stop using crontab to setup mailman's cron jobs, instead install cron script in /etc/cron.d * Mon Aug 9 2004 John Dennis 3:2.1.5-9 - apply patch to elminate "-1 LISTNAME moderator request(s) waiting" messages problem desciption here: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq03.038.htp * Tue Jun 15 2004 Elliot Lee - rebuilt * Wed Jun 9 2004 John Dennis - 3:2.1.5-7 - bump rev for rebuild * Wed Jun 9 2004 John Dennis - 3:2.1.5-6 - fix bug in pre scriplet, last command had been "service mailman stop" which should have been harmless if mailman was not installed except that it left the exit status from the script as non-zero and rpm aborted the install. * Wed Jun 9 2004 John Dennis - 3:2.1.5-5 - add status reporting to init.d control script stop mailman during an installation restart mailman if it had been running prior to installation * Mon Jun 7 2004 John Dennis - 3:2.1.5-4 - back python prereq down to 2.2, should be sufficient * Thu May 20 2004 John Dennis 3:2.1.5-3 - make python prereq be at least 2.3 * Tue May 18 2004 Jeremy Katz 3:2.1.5-2 - rebuild * Mon May 17 2004 John Dennis 3:2.1.5-1 - bring up to latest 2.1.5 upstream release From Barry Warsaw: Mailman 2.1.5, a bug fix release that also contains new support for the Turkish language, and a few minor new features. Mailman 2.1.5 is a significant upgrade which should improve disk i/o performance, administrative overhead for discarding held spams, and the behavior of bouncing member disables. This version also contains a fix for an exploit that could allow 3rd parties to retrieve member passwords. It is thus highly recommended that all existing sitesupgrade to the latest version * Tue May 4 2004 Warren Togami 3:2.1.4-4 - #105638 fix bytecompile and rpm -V - postun /etc/postfix/aliases fix - clean uninstall (no more empty dirs) - #115378 RedirectMatch syntax fix * Fri Feb 13 2004 Elliot Lee - rebuilt * Fri Jan 9 2004 John Dennis 3:2.1.4-1 - upgrade to new upstream release 2.1.4 - fixes bugs 106349,112851,105367,91463 * Wed Jun 4 2003 Elliot Lee - rebuilt * Wed May 7 2003 John Dennis - bring up to next upstream release 2.1.2 * Sun May 4 2003 Florian La Roche - fix typo in post script: mmusr -> mmuser * Thu Apr 24 2003 John Dennis - fix bug 72004, 74483, 74484, 87856 - improper log rotation - fix bug 88083 - mailman user/group needed to exist during build - fix bug 88144 - wrong %file attributes on mm_cfg.py - fix bug 89221 - mailman user not created on install - fix bug 89250 - wrong pid file name in initscript * Wed Mar 5 2003 Florian La Roche - change to /etc/rc.d/init.d as in all other rpms * Thu Feb 20 2003 John Dennis - change mailman login shell from /bin/false to /sbin/nologin * Fri Feb 14 2003 John Dennis - bring package up to 2.1.1 release, add /usr/share/doc files * Sat Feb 1 2003 Florian La Roche - make the icon dir owned by root:root as in other rpms * Fri Jan 31 2003 John Dennis - various small tweaks to the spec file to make installation cleaner - use /usr/bin/python when compiling, redirect compile output to /dev/null, - don't run update in %post, let the user do it, remove the .pyc files in %postun, - add setting of MAILHOST and URLHOST to localhost.localdomain, don't let - configure set them to the build machine. * Mon Jan 27 2003 John Dennis - add the cross site scripting (xss) security patch to version 2.1 * Fri Jan 24 2003 John Dennis - do not start mailman service in %post * Wed Jan 22 2003 Tim Powers - rebuilt * Mon Jan 20 2003 John Dennis - 1) remove config patch, mailmanctl was not the right file to install in init.d, - it needed to be scripts/mailman - 2) rename httpd-mailman.conf to mailman.conf, since the file now lives - in httpd/conf.d directory the http prefix is redundant and inconsistent - with the other file names in that directory. * Tue Jan 7 2003 John Dennis - Bring package up to date with current upstream source, 2.1 - Fix several install/packaging problems that were in upstream source - Add multiple mail group functionality - Fix syntax error in fblast.py - Remove the forced setting of mail host and url host in mm_cfg.py * Tue Nov 12 2002 Tim Powers 2.0.13-4 - remove files from $$RPM_BUILD_ROOT that we don't intent to ship * Wed Aug 14 2002 Nalin Dahyabhai 2.0.13-3 - set MAILHOST and WWWHOST in case the configure script can't figure out the local host name * Fri Aug 2 2002 Nalin Dahyabhai 2.0.13-2 - rebuild * Fri Aug 2 2002 Nalin Dahyabhai 2.0.13-1 - specify log files individually, per faq wizard - update to 2.0.13 * Wed May 22 2002 Nalin Dahyabhai 2.0.11-1 - update to 2.0.11 * Fri Apr 5 2002 Nalin Dahyabhai 2.0.9-1 - include README.QMAIL in with the docs (#58887) - include README.SENDMAIL and README.EXIM in with the docs - use an included httpd.conf file instead of listing the configuration directives in the %description, which due to specspo magic might look wrong sometimes (part of #51324) - interpolate the DEFAULT_HOST_NAME value in mm.cfg into both the DEFAULT_URL and MAILMAN_OWNER (#57987) - move logs to /var/log/mailman, qfiles to /var/spool/mailman, rotate logs in the log directory (#48724) - raise exceptions when someone tries to set the admin address for a list to that of the admin alias (#61468) * Thu Apr 4 2002 Nalin Dahyabhai - fix a default permissions problem in /var/mailman/archives/private, reported by Johannes Erdfelt - update to 2.0.9 * Tue Apr 2 2002 Nalin Dahyabhai - make the symlink in /etc/smrsh relative * Tue Dec 11 2001 Nalin Dahyabhai 2.0.8-1 - set FQDN and URL at build-time so that they won't be set to the host the RPM package is built on (#59177) * Wed Nov 28 2001 Nalin Dahyabhai - update to 2.0.8 * Sat Nov 17 2001 Florian La Roche 2.0.7-1 - update to 2.0.7 * Wed Jul 25 2001 Nalin Dahyabhai 2.0.6-1 - update to 2.0.6 * Mon Jun 25 2001 Nalin Dahyabhai - code in default user/group names/IDs * Wed May 30 2001 Nalin Dahyabhai - update to 2.0.5 - change the default hostname from localhost to localhost.localdomain in the default configuration - chuck configuration file settings other than those dependent on the host name (the build system's host name is not a good default) (#32337) * Tue Mar 13 2001 Nalin Dahyabhai - update to 2.0.3 * Tue Mar 6 2001 Nalin Dahyabhai - update to 2.0.2 * Wed Feb 21 2001 Nalin Dahyabhai - patch from Barry Warsaw (via mailman-developers) to not die on broken Content-Type: headers * Tue Jan 9 2001 Nalin Dahyabhai - update to 2.0.1 * Wed Dec 6 2000 Nalin Dahyabhai - update to 2.0 final release - move the data to /var * Fri Oct 20 2000 Nalin Dahyabhai - update to beta 6 * Thu Aug 3 2000 Nalin Dahyabhai - add note about adding FollowSymlinks so that archives work * Wed Aug 2 2000 Nalin Dahyabhai - make the default owner root again so that root owns the docs - update to 2.0beta5, which fixes a possible security vulnerability - add smrsh symlink * Mon Jul 24 2000 Prospector - rebuilt * Wed Jul 19 2000 Nalin Dahyabhai - update to beta4 - change uid/gid to apache.apache to match apache (#13593) - properly recompile byte-compiled versions of the scripts (#13619) - change mailman alias from root to postmaster * Sat Jul 1 2000 Nalin Dahyabhai - update to beta3 - drop bugs and arch patches (integrated into beta3) * Tue Jun 27 2000 Nalin Dahyabhai - move web files to reside under /var/www - move files from /usr/share to /usr/share - integrate spot-fixes from mailman lists via gnome.org * Mon Jun 19 2000 Nalin Dahyabhai - rebuild for Power Tools * Tue May 23 2000 Nalin Dahyabhai - Update to 2.0beta2 to pick up security fixes. - Change equires python to list >= 1.5.2 * Mon Nov 8 1999 Bernhard Rosenkranzer - 1.1 * Tue Sep 14 1999 Preston Brown - 1.0 final. * Tue Jun 15 1999 Preston Brown - security fix for cookies - moved to /usr/share/mailman * Fri May 28 1999 Preston Brown - fix up default values. * Fri May 7 1999 Preston Brown - modifications to install scripts * Thu May 6 1999 Preston Brown - initial RPM for SWS 3.0 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 2035fb6745f1e7450014d6fc93599fd6 SRPMS/mailman-2.1.5-32.fc3.src.rpm bce1fd54e4b957e893fdcd36b9c65dad x86_64/mailman-2.1.5-32.fc3.x86_64.rpm 89dcbb4182b5a49b3fe936232c0b397b x86_64/debug/mailman-debuginfo-2.1.5-32.fc3.x86_64.rpm 660ab67c528290082041a69aebc3d437 i386/mailman-2.1.5-32.fc3.i386.rpm b1e34a8085876f74c06922f291ccb5af i386/debug/mailman-debuginfo-2.1.5-32.fc3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- -- John Dennis From bkoz at redhat.com Wed Mar 23 03:56:17 2005 From: bkoz at redhat.com (Benjamin Kosnik) Date: Tue, 22 Mar 2005 21:56:17 -0600 Subject: Fedora Core 3 Update: boost-1.32.0-5.fc3 Message-ID: <20050322215617.3bda66cd@belmont.artheist.org> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-233 2005-03-22 --------------------------------------------------------------------- Product : Fedora Core 3 Name : boost Version : 1.32.0 Release : 5.fc3 Summary : The Boost C++ Libraries Description : Boost provides free peer-reviewed portable C++ source libraries. The emphasis is on libraries which work well with the C++ Standard Library. One goal is to establish "existing practice" and provide reference implementations so that the Boost libraries are suitable for eventual standardization. (Some of the libraries have already been proposed for inclusion in the C++ Standards Committee's upcoming C++ Standard Library Technical Report.) --------------------------------------------------------------------- Update Information: This is a bugfix release. --------------------------------------------------------------------- * Fri Mar 18 2005 Benjamin Kosnik 1.32.0-5 - Revert boost-base.patch to old behavior. - Use SONAMEVERSION instead of dllversion. * Wed Mar 16 2005 Benjamin Kosnik 1.32.0-4 - (#142612: Compiling Boost 1.32.0 Failed in RHEL 3.0 on Itanium2) - (#150069: libboost_python.so is missing) - (#141617: bad patch boost-base.patch) - (#122817: libboost_*.so symlinks missing) - Re-add boost-thread.patch. - Change boost-base.patch to show thread tags. - Change boost-gcc-tools.patch to use SOTAG, compile with dllversion. - Add symbolic links to files. - Sanity check can compile with gcc-3.3.x, gcc-3.4.2, gcc-4.0.x., gcc-4.1.x. * Thu Dec 2 2004 Benjamin Kosnik 1.32.0-3 - (#122817: libboost_*.so symlinks missing) - (#141574: half of the package is missing) - (#141617: bad patch boost-base.patch) * Wed Dec 1 2004 Benjamin Kosnik 1.32.0-2 - Remove bogus Obsoletes. --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 6ff3845dc3804417b80a5a50614a2cc8 SRPMS/boost-1.32.0-5.fc3.src.rpm 1619ac6943b7ba39ae88e981a048e246 x86_64/boost-1.32.0-5.fc3.x86_64.rpm 4166f53a9053b803eadf498f45af9fa9 x86_64/boost-devel-1.32.0-5.fc3.x86_64.rpm 40bd366966075238c903a1fa5404f2df x86_64/debug/boost-debuginfo-1.32.0-5.fc3.x86_64.rpm 8f53395a45b0f15e308d8169547f2051 x86_64/boost-1.32.0-5.fc3.i386.rpm 8f53395a45b0f15e308d8169547f2051 i386/boost-1.32.0-5.fc3.i386.rpm db958d0d7c119409d1a8a99e9ed3d93f i386/boost-devel-1.32.0-5.fc3.i386.rpm ff2cb9488d54633b8932ef62857b2a7c i386/debug/boost-debuginfo-1.32.0-5.fc3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From than at redhat.com Wed Mar 23 20:42:49 2005 From: than at redhat.com (Than Ngo) Date: Wed, 23 Mar 2005 21:42:49 +0100 Subject: [SECURITY] Fedora Core 2 Update: kdelibs-3.2.2-14.FC2 Message-ID: <4241D4C9.4030609@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-244 2005-03-23 --------------------------------------------------------------------- Product : Fedora Core 2 Name : kdelibs Version : 3.2.2 Release : 14.FC2 Summary : K Desktop Environment - Libraries Description : Libraries for the K Desktop Environment: KDE Libraries included: kdecore (KDE core library), kdeui (user interface), kfm (file manager), khtmlw (HTML widget), kio (Input/Output, networking), kspell (spelling checker), jscript (javascript), kab (addressbook), kimgio (image manipulation). --------------------------------------------------------------------- * Wed Mar 2 2005 Than Ngo 6:3.2.2-14.FC2 - Applied patch to fix DCOP DoS, CAN-2005-0396, #150090 thanks KDE security team * Wed Feb 16 2005 Than Ngo 3.2.2-13.FC2 - Applied patch to fix dcopidlng insecure temporary file usage, CAN-2005-0365, #148823 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ aaa0cb8e445fa90e1847892e256282d5 SRPMS/kdelibs-3.2.2-14.FC2.src.rpm 1dadffe3da3ea39e8c5916101d46aee3 x86_64/kdelibs-3.2.2-14.FC2.x86_64.rpm 73d5e1ed8ce19204593df1a0c8434713 x86_64/kdelibs-devel-3.2.2-14.FC2.x86_64.rpm 72b1a5439fc9f8f270dbe220f1e8c15b x86_64/debug/kdelibs-debuginfo-3.2.2-14.FC2.x86_64.rpm 1df0c931f51840cdf5079a08606f4a55 i386/kdelibs-3.2.2-14.FC2.i386.rpm e2846a3d48ed4f68f286af01c591a6da i386/kdelibs-devel-3.2.2-14.FC2.i386.rpm 8e14d65d02656ee73dc1850d80c96e2c i386/debug/kdelibs-debuginfo-3.2.2-14.FC2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From caillon at redhat.com Wed Mar 23 20:46:14 2005 From: caillon at redhat.com (Christopher Aillon) Date: Wed, 23 Mar 2005 15:46:14 -0500 Subject: [SECURITY] Fedora Core 3 Update: firefox-1.0.2-1.3.1 Message-ID: <4241D596.2020008@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-246 2005-03-23 --------------------------------------------------------------------- Product : Fedora Core 3 Name : firefox Version : 1.0.2 Release : 1.3.1 Summary : Mozilla Firefox Web browser. Description : Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. --------------------------------------------------------------------- Update Information: A buffer overflow bug was found in the way Firefox processes GIF images. It is possible for an attacker to create a specially crafted GIF image, which when viewed by a victim will execute arbitrary code as the victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0399 to this issue. A bug was found in the way Firefox processes XUL content. If a malicious web page can trick a user into dragging an object, it is possible to load malicious XUL content. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0401 to this issue. A bug was found in the way Firefox bookmarks content to the sidebar. If a user can be tricked into bookmarking a malicious web page into the sidebar panel, that page could execute arbitrary programs. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0402 to this issue. Users of Firefox are advised to upgrade to this updated package which contains Firefox version 1.0.2 and is not vulnerable to these issues. Additionally, there was a bug found in the way Firefox rendered some fonts, notably the Tahoma font while italicized. This issue has been filed as Bug 150041 (bugzilla.redhat.com). This updated package contains a fix for this issue. --------------------------------------------------------------------- * Wed Mar 23 2005 Christopher Aillon 0:1.0.2-1.3.1 - Firefox 1.0.2 - Fix issues with italic rendering using certain fonts (e.g. Tahoma) - Add upstream fix to reduce round trips to xserver during remote control - Add upstream fix to call g_set_application_name --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ a461bc4e69e10779b3a46944f6b3fd23 SRPMS/firefox-1.0.2-1.3.1.src.rpm 1951b68e390da2f45177df9c016240a0 x86_64/firefox-1.0.2-1.3.1.x86_64.rpm a81f4837b641ae78f3f6559cbf05715c x86_64/debug/firefox-debuginfo-1.0.2-1.3.1.x86_64.rpm 9b19361c8a3dc98edaa07eb1043c11b3 i386/firefox-1.0.2-1.3.1.i386.rpm a97e425d13c5abb994520829b16b8063 i386/debug/firefox-debuginfo-1.0.2-1.3.1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From than at redhat.com Wed Mar 23 20:44:45 2005 From: than at redhat.com (Than Ngo) Date: Wed, 23 Mar 2005 21:44:45 +0100 Subject: [SECURITY] Fedora Core 3 Update: kdelibs-3.3.1-2.9.FC3 Message-ID: <4241D53D.90604@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-245 2005-03-23 --------------------------------------------------------------------- Product : Fedora Core 3 Name : kdelibs Version : 3.3.1 Release : 2.9.FC3 Summary : K Desktop Environment - Libraries Description : Libraries for the K Desktop Environment: KDE Libraries included: kdecore (KDE core library), kdeui (user interface), kfm (file manager), khtmlw (HTML widget), kio (Input/Output, networking), kspell (spelling checker), jscript (javascript), kab (addressbook), kimgio (image manipulation). --------------------------------------------------------------------- * Wed Mar 23 2005 Than Ngo 6:3.3.1-2.9.FC3 - Applied patch to fix konqueror international domain name spoofing, CAN-2005-0237, #147405 - get rid of broken AltiVec instructions on ppc * Wed Mar 2 2005 Than Ngo 6:3.3.1-2.8.FC3 - Applied patch to fix DCOP DoS, CAN-2005-0396, #150092 thanks KDE security team * Wed Feb 16 2005 Than Ngo 6:3.3.1-2.7.FC3 - Applied patch to fix dcopidlng insecure temporary file usage, CAN-2005-0365, #148823 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ c28ef6077f606f12a42cc9353b44dbfb SRPMS/kdelibs-3.3.1-2.9.FC3.src.rpm 27aa0f9c550e57fecd378e5e7c5aff97 x86_64/kdelibs-3.3.1-2.9.FC3.x86_64.rpm f2801218b5ff4be23df191f5de57fa42 x86_64/kdelibs-devel-3.3.1-2.9.FC3.x86_64.rpm add5d7c4324e4790ee84441237225e88 x86_64/debug/kdelibs-debuginfo-3.3.1-2.9.FC3.x86_64.rpm 4ef5aaa433f4108d56110118c35e3f7f x86_64/kdelibs-3.3.1-2.9.FC3.i386.rpm 4ef5aaa433f4108d56110118c35e3f7f i386/kdelibs-3.3.1-2.9.FC3.i386.rpm 5aca755d133987148fb5885b08daad24 i386/kdelibs-devel-3.3.1-2.9.FC3.i386.rpm f79bcea56792848db679d141f9bd903b i386/debug/kdelibs-debuginfo-3.3.1-2.9.FC3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From caillon at redhat.com Wed Mar 23 22:33:10 2005 From: caillon at redhat.com (Christopher Aillon) Date: Wed, 23 Mar 2005 17:33:10 -0500 Subject: [SECURITY] Fedora Core 3 Update: thunderbird-1.0.2-1.3.1 Message-ID: <4241EEA6.8090200@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-247 2005-03-23 --------------------------------------------------------------------- Product : Fedora Core 3 Name : thunderbird Version : 1.0.2 Release : 1.3.1 Summary : Mozilla Thunderbird mail/newsgroup client Description : Mozilla Thunderbird is a standalone mail and newsgroup client. --------------------------------------------------------------------- Update Information: A buffer overflow bug was found in the way Thunderbird processes GIF images. It is possible for an attacker to create a specially crafted GIF image, which when viewed by a victim will execute arbitrary code as the victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0399 to this issue. A bug was found in the Thunderbird string handling functions. If a malicious website is able to exhaust a system's memory, it becomes possible to execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0255 to this issue. Users of Thunderbird are advised to upgrade to this updated package which contains Thunderbird version 1.0.2 and is not vulnerable to these issues. This update enables pango rendering by default. --------------------------------------------------------------------- * Wed Mar 23 2005 Christopher Aillon 1.0.2-1.3.1 - Thunderbird 1.0.2 - Enable pango rendering * Tue Mar 8 2005 Christopher Aillon 1.0-5 - Add patch to compile against new fortified glibc macros * Sat Mar 5 2005 Christopher Aillon 1.0-4 - Rebuild against GCC 4.0 - Add execshield patches - Minor specfile cleanup * Mon Dec 20 2004 Christopher Aillon 1.0-3 - Rebuild * Thu Dec 16 2004 Christopher Aillon 1.0-2 - Add RPM version to useragent * Thu Dec 16 2004 Christopher Blizzard - Port over pango patches from firefox * Wed Dec 8 2004 Christopher Aillon 1.0-1.3.1 - Thunderbird 1.0 * Mon Dec 6 2004 Christopher Aillon 1.0-0.rc1.1 - Fix advanced prefs * Fri Dec 3 2004 Christopher Aillon - Make this run on s390(x) now for real * Wed Dec 1 2004 Christopher Aillon 1.0-0.rc1.0 - Update to 1.0 rc1 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ a7764787e90a38e1a7d121b5393c946c SRPMS/thunderbird-1.0.2-1.3.1.src.rpm 642aec4401a1e924bc1569a8a28d2f18 x86_64/thunderbird-1.0.2-1.3.1.x86_64.rpm b1c171a3a1ec24d996e36f8e3efec462 x86_64/debug/thunderbird-debuginfo-1.0.2-1.3.1.x86_64.rpm f8872d466515e23b7eb4e49564a24f9f i386/thunderbird-1.0.2-1.3.1.i386.rpm 90eb655353de9280aa8595becc07496c i386/debug/thunderbird-debuginfo-1.0.2-1.3.1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From caillon at redhat.com Wed Mar 23 22:38:36 2005 From: caillon at redhat.com (Christopher Aillon) Date: Wed, 23 Mar 2005 17:38:36 -0500 Subject: [SECURITY] Fedora Core 3 Update: mozilla-1.7.6-1.3.2 Message-ID: <4241EFEC.2070305@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-249 2005-03-23 --------------------------------------------------------------------- Product : Fedora Core 3 Name : mozilla Version : 1.7.6 Release : 1.3.2 Summary : Web browser and mail reader Description : Mozilla is an open-source web browser, designed for standards compliance, performance and portability. --------------------------------------------------------------------- Update Information: A buffer overflow bug was found in the way Mozilla processes GIF images. It is possible for an attacker to create a specially crafted GIF image, which when viewed by a victim will execute arbitrary code as the victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0399 to this issue. A bug was found in the way Mozilla responds to proxy auth requests. It is possible for a malicious webserver to steal credentials from a victims browser by issuing a 407 proxy authentication request. (CAN-2005-0147) A bug was found in the way Mozilla displays dialog windows. It is possible that a malicious web page which is being displayed in a background tab could present the user with a dialog window appearing to come from the active page. (CAN-2004-1380) A bug was found in the way Mozilla Mail handles cookies when loading content over HTTP regardless of the user's preference. It is possible that a particular user could be tracked through the use of malicious mail messages which load content over HTTP. (CAN-2005-0149) A flaw was found in the way Mozilla displays international domain names. It is possible for an attacker to display a valid URL, tricking the user into thinking they are viewing a legitimate webpage when they are not. (CAN-2005-0233) A bug was found in the way Mozilla handles pop-up windows. It is possible for a malicious website to control the content in an unrelated site's pop-up window. (CAN-2004-1156) A bug was found in the way Mozilla saves temporary files. Temporary files are saved with world readable permissions, which could allow a local malicious user to view potentially sensitive data. (CAN-2005-0142) A bug was found in the way Mozilla handles synthetic middle click events. It is possible for a malicious web page to steal the contents of a victims clipboard. (CAN-2005-0146) A bug was found in the way Mozilla processes XUL content. If a malicious web page can trick a user into dragging an object, it is possible to load malicious XUL content. (CAN-2005-0401) A bug was found in the way Mozilla loads links in a new tab which are middle clicked. A malicious web page could read local files or modify privileged chrom settings. (CAN-2005-0141) A bug was found in the way Mozilla displays the secure site icon. A malicious web page can use a view-source URL targetted at a secure page, while loading an insecure page, yet the secure site icon shows the previous secure state. (CAN-2005-0144) A bug was found in the way Mozilla displays the secure site icon. A malicious web page can display the secure site icon by loading a binary file from a secured site. (CAN-2005-0143) A bug was found in the way Mozilla displays the download dialog window. A malicious site can obfuscate the content displayed in the source field, tricking a user into thinking they are downloading content from a trusted source. (CAN-2005-0585) Users of Mozilla are advised to upgrade to this updated package which contains Mozilla version 1.7.6 to correct these issues. --------------------------------------------------------------------- * Wed Mar 22 2005 Christopher Aillon 37:1.7.6-1.3.2 - Install all-redhat.js pref files * Tue Mar 22 2005 Christopher Aillon 37:1.7.6-1.3.1 - Update to 1.7.6 - Add RPM version to useragent - Enable smooth scrolling and system colors by default. - Backport pango fixes from the firefox package, and now enabled by default. - Add upstream fix to reduce round trips to xserver during remote control - Add upstream fix to call g_set_application_name --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 02669640d96d1cc1bb50966bcaca5a4e SRPMS/mozilla-1.7.6-1.3.2.src.rpm 086140fa80837e4395bd23863d1cd3bc x86_64/mozilla-1.7.6-1.3.2.x86_64.rpm 399367ebf6f9d4f9498473984634c0ce x86_64/mozilla-nspr-1.7.6-1.3.2.x86_64.rpm dabf52db59410c637ae33902009136ab x86_64/mozilla-nspr-devel-1.7.6-1.3.2.x86_64.rpm 5172afe0363245d1172488021b3ad9bf x86_64/mozilla-nss-1.7.6-1.3.2.x86_64.rpm 678f8d13728810ee930350440c706947 x86_64/mozilla-nss-devel-1.7.6-1.3.2.x86_64.rpm 7ff378a5d83625991fc0c51729a788f9 x86_64/mozilla-devel-1.7.6-1.3.2.x86_64.rpm 0107bce1bc3fe6e102aa8da01bb85ab7 x86_64/mozilla-mail-1.7.6-1.3.2.x86_64.rpm 3213705339c737d8bcc29616874a7d5c x86_64/mozilla-chat-1.7.6-1.3.2.x86_64.rpm 765be3f54ee532d841ffeaeede8101e0 x86_64/mozilla-js-debugger-1.7.6-1.3.2.x86_64.rpm 61fb797c0664a3583066d744b2aa9581 x86_64/mozilla-dom-inspector-1.7.6-1.3.2.x86_64.rpm 5a19978771f9d234ba77bb150e93438a x86_64/debug/mozilla-debuginfo-1.7.6-1.3.2.x86_64.rpm a4b85d9372781b5f68395fa4ac8d7340 x86_64/mozilla-nspr-1.7.6-1.3.2.i386.rpm d35ce4037dafb1ec40c2cec9304b61ba x86_64/mozilla-nss-1.7.6-1.3.2.i386.rpm 98aa9de7049b5343e39a2e26040672fa i386/mozilla-1.7.6-1.3.2.i386.rpm a4b85d9372781b5f68395fa4ac8d7340 i386/mozilla-nspr-1.7.6-1.3.2.i386.rpm 65a61de5c98a9e0b2843aa928b00228b i386/mozilla-nspr-devel-1.7.6-1.3.2.i386.rpm d35ce4037dafb1ec40c2cec9304b61ba i386/mozilla-nss-1.7.6-1.3.2.i386.rpm 24d648cc13985e7bcedb8df625a59359 i386/mozilla-nss-devel-1.7.6-1.3.2.i386.rpm 92fd43a847dfccba9ea7dcc0473d18f7 i386/mozilla-devel-1.7.6-1.3.2.i386.rpm 783772ada6aefc80993931a46c7650cf i386/mozilla-mail-1.7.6-1.3.2.i386.rpm f49ca97eeffc2355fdbe4de8ad32db1b i386/mozilla-chat-1.7.6-1.3.2.i386.rpm c63029efea76cbe664b46db3a881386a i386/mozilla-js-debugger-1.7.6-1.3.2.i386.rpm 9564486586776c0e3b40f5b6e56cbe5e i386/mozilla-dom-inspector-1.7.6-1.3.2.i386.rpm 9a2fa3f14fbb6af45d3bb43bd00b2974 i386/debug/mozilla-debuginfo-1.7.6-1.3.2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From caillon at redhat.com Wed Mar 23 22:51:24 2005 From: caillon at redhat.com (Christopher Aillon) Date: Wed, 23 Mar 2005 17:51:24 -0500 Subject: [SECURITY] Fedora Core 3 Update: devhelp-0.9.2-2.3.1 Message-ID: <4241F2EC.6090809@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-252 2005-03-23 --------------------------------------------------------------------- Product : Fedora Core 3 Name : devhelp Version : 0.9.2 Release : 2.3.1 Summary : API document browser Description : A API document browser for GNOME 2. --------------------------------------------------------------------- Update Information: There were several security flaws found in the mozilla package, which devhelp depends on. Users of devhelp are advised to upgrade to this updated package which has been rebuilt against a later version of mozilla which is not vulnerable to these flaws. --------------------------------------------------------------------- * Wed Mar 23 2005 Christopher Aillon 0.9.2-2.3.1 - Build against mozilla 1.7.6 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 6c151fff55a839f25ec6badfa532d56c SRPMS/devhelp-0.9.2-2.3.1.src.rpm d0e75caaaa0e6c3e07e2033f8848137b x86_64/devhelp-0.9.2-2.3.1.x86_64.rpm 1d014b859ea02e697133725b4a68cda3 x86_64/devhelp-devel-0.9.2-2.3.1.x86_64.rpm 5daa38a6f9a18d3f3e81ceef03243331 x86_64/debug/devhelp-debuginfo-0.9.2-2.3.1.x86_64.rpm 304625c2d7548ab99399566b9c5184e0 i386/devhelp-0.9.2-2.3.1.i386.rpm 95daa11b364e50c340b13950e4fb0115 i386/devhelp-devel-0.9.2-2.3.1.i386.rpm 80f5c322ca9789d25b0bd5cfe855c827 i386/debug/devhelp-debuginfo-0.9.2-2.3.1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From caillon at redhat.com Wed Mar 23 22:51:31 2005 From: caillon at redhat.com (Christopher Aillon) Date: Wed, 23 Mar 2005 17:51:31 -0500 Subject: [SECURITY] Fedora Core 3 Update: epiphany-1.4.4-4.3.1 Message-ID: <4241F2F3.7020307@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-254 2005-03-23 --------------------------------------------------------------------- Product : Fedora Core 3 Name : epiphany Version : 1.4.4 Release : 4.3.1 Summary : GNOME web browser based on the Mozilla rendering engine Description : epiphany is a simple GNOME web browser based on the Mozilla rendering engine --------------------------------------------------------------------- Update Information: There were several security flaws found in the mozilla package, which epiphany depends on. Users of epiphany are advised to upgrade to this updated package which has been rebuilt against a later version of mozilla which is not vulnerable to these flaws. --------------------------------------------------------------------- * Wed Mar 23 2005 Christopher Aillon 1.4.4-4.3.1 - Build against 1.7.6 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ ee392eccf5da0006b3cf7d15fc5b3827 SRPMS/epiphany-1.4.4-4.3.1.src.rpm 2ff6cfeb569e92932c726c3be0c6ca6b x86_64/epiphany-1.4.4-4.3.1.x86_64.rpm d8e15cd2a4b75f1583ef8cdf8c02be7a x86_64/epiphany-devel-1.4.4-4.3.1.x86_64.rpm e036ff59e6cdfe79b1ec2143b487a20f x86_64/debug/epiphany-debuginfo-1.4.4-4.3.1.x86_64.rpm a2b5e1b52dc3e7dd748184b1434d60cb i386/epiphany-1.4.4-4.3.1.i386.rpm caee256a486e64bc37f47b2246929d1c i386/epiphany-devel-1.4.4-4.3.1.i386.rpm b264f825744b5a29d0e646c47eda0c3d i386/debug/epiphany-debuginfo-1.4.4-4.3.1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From caillon at redhat.com Wed Mar 23 22:55:23 2005 From: caillon at redhat.com (Christopher Aillon) Date: Wed, 23 Mar 2005 17:55:23 -0500 Subject: [SECURITY] Fedora Core 3 Update: evolution-2.0.4-2 Message-ID: <4241F3DB.90907@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-255 2005-03-23 --------------------------------------------------------------------- Product : Fedora Core 3 Name : evolution Version : 2.0.4 Release : 2 Summary : GNOME's next-generation groupware suite Description : Evolution is the GNOME mailer, calendar, contact manager and communications tool. The tools which make up Evolution will be tightly integrated with one another and act as a seamless personal information-management tool. --------------------------------------------------------------------- Update Information: There were several security flaws found in the mozilla package, which evolution depends on. Users of evolution are advised to upgrade to this updated package which has been rebuilt against a later version of mozilla which is not vulnerable to these flaws. --------------------------------------------------------------------- * Wed Mar 23 2005 David Malcolm - 2.0.4-2 - Removed explicit run-time spec-file requirement on mozilla. The Mozilla NSS API/ABI stabilised by version 1.7.3 The libraries are always located in the libdir However, the headers are in /usr/include/mozilla-1.7.6 and so they move each time the mozilla version changes. So we no longer have an explicit mozilla run-time requirement in the specfile; a requirement on the appropriate NSS and NSPR .so files is automagically generated on build. We have an explicit, exact build-time version, so that we can find the headers (without invoking an RPM query from the spec file; to do so is considered bad practice) - Introduced mozilla_build_version, to replace mozilla_version (now 1.7.6) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 7631fea197a1ccd056b1823be75a023c SRPMS/evolution-2.0.4-2.src.rpm 14c411da1ca80dff7aa6a625cc2c5365 x86_64/evolution-2.0.4-2.x86_64.rpm 4fc5867087714e7a59f5e1da1cc71e1d x86_64/evolution-devel-2.0.4-2.x86_64.rpm 0a17830e4f2b39aed9e7883c51421085 x86_64/debug/evolution-debuginfo-2.0.4-2.x86_64.rpm 35f623a4203d3ca943e423c6607e69b8 i386/evolution-2.0.4-2.i386.rpm a940f9dd3baf9f54f91110e3488695f5 i386/evolution-devel-2.0.4-2.i386.rpm fe42b6729dd452612e70bc941cba7226 i386/debug/evolution-debuginfo-2.0.4-2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From kzak at redhat.com Thu Mar 24 08:04:47 2005 From: kzak at redhat.com (Karel Zak) Date: Thu, 24 Mar 2005 03:04:47 -0500 Subject: Fedora Core 3 Update: lsof-4.72-2.2 Message-ID: <200503240804.j2O84ld0029345@porkchop.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-243 2005-03-24 --------------------------------------------------------------------- Product : Fedora Core 3 Name : lsof Version : 4.72 Release : 2.2 Summary : A utility which lists open files on a Linux/UNIX system. Description : Lsof stands for LiSt Open Files, and it does just that: it lists information about files that are open by the processes running on a UNIX system. --------------------------------------------------------------------- * Wed Mar 23 2005 Karel Zak 4.72-2.2 - fix "lsof -b" hangs if a process is stuck in disk-wait/NFS (#131712, #98559) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ ed13c294f44a5f4b9b69fcbbd446e203 SRPMS/lsof-4.72-2.2.src.rpm 2318695424b082a8d4103501c0db5b88 x86_64/lsof-4.72-2.2.x86_64.rpm 7656703febc352b6aceb30651d3c31e0 x86_64/debug/lsof-debuginfo-4.72-2.2.x86_64.rpm beebdbfd6a4658eb4739ba9cd30e42e4 i386/lsof-4.72-2.2.i386.rpm 149d57a319c2fde948cc9895cf74880b i386/debug/lsof-debuginfo-4.72-2.2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From dwalsh at redhat.com Thu Mar 24 14:05:24 2005 From: dwalsh at redhat.com (Daniel J Walsh) Date: Thu, 24 Mar 2005 09:05:24 -0500 Subject: Fedora Core 3 Update: selinux-policy-targeted-1.17.30-2.90 Message-ID: <4242C924.3040606@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-238 2005-03-24 --------------------------------------------------------------------- Product : Fedora Core 3 Name : selinux-policy-targeted Version : 1.17.30 Release : 2.90 Summary : SELinux targeted policy configuration Description : Security-enhanced Linux is a patch of the Linux? kernel and a number of utilities with enhanced security functionality designed to add mandatory access controls to Linux. The Security-enhanced Linux kernel contains new architectural components originally developed to improve the security of the Flask operating system. These architectural components provide general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement?, Role-based Access Control, and Multi-level Security. This package contains the SELinux example policy configuration along with the Flask configuration information and the application configuration files. --------------------------------------------------------------------- * Tue Mar 15 2005 Dan Walsh 1.17.30-2.90 - Allow system_mail_t access to random_device_t --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 7208a460ddb2a0b8d023149c6e52d714 SRPMS/selinux-policy-targeted-1.17.30-2.90.src.rpm c80c1d364516ec89b475cc76f823b5c3 x86_64/selinux-policy-targeted-1.17.30-2.90.noarch.rpm bcd39e49f76de6e2dac8b9fc4c186162 x86_64/selinux-policy-targeted-sources-1.17.30-2.90.noarch.rpm c80c1d364516ec89b475cc76f823b5c3 i386/selinux-policy-targeted-1.17.30-2.90.noarch.rpm bcd39e49f76de6e2dac8b9fc4c186162 i386/selinux-policy-targeted-sources-1.17.30-2.90.noarch.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- -- From caillon at redhat.com Thu Mar 24 20:13:07 2005 From: caillon at redhat.com (Christopher Aillon) Date: Thu, 24 Mar 2005 15:13:07 -0500 Subject: Fedora Core 3 Update: thunderbird-1.0.2-1.3.2 Message-ID: <42431F53.9020104@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-257 2005-03-24 --------------------------------------------------------------------- Product : Fedora Core 3 Name : thunderbird Version : 1.0.2 Release : 1.3.2 Summary : Mozilla Thunderbird mail/newsgroup client Description : Mozilla Thunderbird is a standalone mail and newsgroup client. --------------------------------------------------------------------- Update Information: There was an issue with a patch being incorrectly applied which caused the Advanced Preferences panel to fail to load. There was an issue where thunderbird requested the incorrect system colors from GTK, causing grey to be the default background color for many people. Users of Thunderbird are advised to upgrade to this updated package which contains fixes for these issues. --------------------------------------------------------------------- * Thu Mar 24 2005 Christopher Aillon 1.0.2-1.3.2 - Add patch to request the correct system color from gtk - Add patch to reduce round trips to the X-server during remote control - Fix patch to advanced prefs as per rawhide. --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 85dd08d54059617dcc7d956d925159a2 SRPMS/thunderbird-1.0.2-1.3.2.src.rpm 24edc9c76cb9657da19fd5ece297dd8c x86_64/thunderbird-1.0.2-1.3.2.x86_64.rpm 2114c617bbfb1dc07b16474efe3551f2 x86_64/debug/thunderbird-debuginfo-1.0.2-1.3.2.x86_64.rpm ef6cb26b72940af8d01e2464a42039e9 i386/thunderbird-1.0.2-1.3.2.i386.rpm 01320e65e8ad711996d884d0847b2cb4 i386/debug/thunderbird-debuginfo-1.0.2-1.3.2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From caillon at redhat.com Fri Mar 25 21:35:04 2005 From: caillon at redhat.com (Christopher Aillon) Date: Fri, 25 Mar 2005 16:35:04 -0500 Subject: [SECURITY] Fedora Core 2 Update: mozilla-1.7.6-1.2.2 Message-ID: <42448408.2070601@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-248 2005-03-25 --------------------------------------------------------------------- Product : Fedora Core 2 Name : mozilla Version : 1.7.6 Release : 1.2.2 Summary : Web browser and mail reader Description : Mozilla is an open-source web browser, designed for standards compliance, performance and portability. --------------------------------------------------------------------- Update Information: A buffer overflow bug was found in the way Mozilla processes GIF images. It is possible for an attacker to create a specially crafted GIF image, which when viewed by a victim will execute arbitrary code as the victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0399 to this issue. A bug was found in the way Mozilla responds to proxy auth requests. It is possible for a malicious webserver to steal credentials from a victims browser by issuing a 407 proxy authentication request. (CAN-2005-0147) A bug was found in the way Mozilla displays dialog windows. It is possible that a malicious web page which is being displayed in a background tab could present the user with a dialog window appearing to come from the active page. (CAN-2004-1380) A bug was found in the way Mozilla Mail handles cookies when loading content over HTTP regardless of the user's preference. It is possible that a particular user could be tracked through the use of malicious mail messages which load content over HTTP. (CAN-2005-0149) A flaw was found in the way Mozilla displays international domain names. It is possible for an attacker to display a valid URL, tricking the user into thinking they are viewing a legitimate webpage when they are not. (CAN-2005-0233) A bug was found in the way Mozilla handles pop-up windows. It is possible for a malicious website to control the content in an unrelated site's pop-up window. (CAN-2004-1156) A bug was found in the way Mozilla saves temporary files. Temporary files are saved with world readable permissions, which could allow a local malicious user to view potentially sensitive data. (CAN-2005-0142) A bug was found in the way Mozilla handles synthetic middle click events. It is possible for a malicious web page to steal the contents of a victims clipboard. (CAN-2005-0146) A bug was found in the way Mozilla processes XUL content. If a malicious web page can trick a user into dragging an object, it is possible to load malicious XUL content. (CAN-2005-0401) A bug was found in the way Mozilla loads links in a new tab which are middle clicked. A malicious web page could read local files or modify privileged chrom settings. (CAN-2005-0141) A bug was found in the way Mozilla displays the secure site icon. A malicious web page can use a view-source URL targetted at a secure page, while loading an insecure page, yet the secure site icon shows the previous secure state. (CAN-2005-0144) A bug was found in the way Mozilla displays the secure site icon. A malicious web page can display the secure site icon by loading a binary file from a secured site. (CAN-2005-0143) A bug was found in the way Mozilla displays the download dialog window. A malicious site can obfuscate the content displayed in the source field, tricking a user into thinking they are downloading content from a trusted source. (CAN-2005-0585) Users of Mozilla are advised to upgrade to this updated package which contains Mozilla version 1.7.6 to correct these issues. --------------------------------------------------------------------- * Wed Mar 23 2005 Christopher Aillon 37:1.7.6-1.2.2 - Install all-redhat.js pref files * Wed Mar 23 2005 Christopher Aillon 37:1.7.6-1.2.1 - Update to 1.7.6 - Import changes from FC-3 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ 670cd6dfd4638a8b720c5524dfda0904 SRPMS/mozilla-1.7.6-1.2.2.src.rpm 250c3130e8e6155be3aad1ba87230558 x86_64/mozilla-1.7.6-1.2.2.x86_64.rpm fbcc83d64cde004cec0a7bc1aca02e58 x86_64/mozilla-nspr-1.7.6-1.2.2.x86_64.rpm e824cb1b879262dae5b84f5a7e5ee995 x86_64/mozilla-nspr-devel-1.7.6-1.2.2.x86_64.rpm 6a05ed7fb6d14e24f3be8c175ff4c8b3 x86_64/mozilla-nss-1.7.6-1.2.2.x86_64.rpm d5d63a2c25fa094e097bea688283c323 x86_64/mozilla-nss-devel-1.7.6-1.2.2.x86_64.rpm 88b1642f9efa482b8dc4d2ad0ce379db x86_64/mozilla-devel-1.7.6-1.2.2.x86_64.rpm b801fab02c0c048598f638b4a28fae3e x86_64/mozilla-mail-1.7.6-1.2.2.x86_64.rpm 9772a6749e5e2bac54844fade15e1b14 x86_64/mozilla-chat-1.7.6-1.2.2.x86_64.rpm 1920c0b8b1755128c0155b99e6fcf1d3 x86_64/mozilla-js-debugger-1.7.6-1.2.2.x86_64.rpm 6245b9a349949253d2d05d8641d00db3 x86_64/mozilla-dom-inspector-1.7.6-1.2.2.x86_64.rpm 1484983385ff129c03169a196c40c587 x86_64/debug/mozilla-debuginfo-1.7.6-1.2.2.x86_64.rpm 241e38a280bf30ab84eeb87a916ba5ac x86_64/mozilla-1.7.6-1.2.2.i386.rpm 8059d43c76c69a9dcdfbc80bab47c61d x86_64/mozilla-nspr-1.7.6-1.2.2.i386.rpm 78823643c0968e1127cb3a1105361ec3 x86_64/mozilla-nspr-devel-1.7.6-1.2.2.i386.rpm 25095410d01ea542dc1e429afb8c2b41 x86_64/mozilla-nss-1.7.6-1.2.2.i386.rpm 41aaf5aa43ef2ac72cbaa2e50fa8a768 x86_64/mozilla-nss-devel-1.7.6-1.2.2.i386.rpm 13eecc00d20fea369a3f2826235858b7 x86_64/mozilla-devel-1.7.6-1.2.2.i386.rpm 599cb8a1eeea64e30761f182e1e4b8c9 x86_64/mozilla-mail-1.7.6-1.2.2.i386.rpm c88c78fe40130f350fa63eb5012a7519 x86_64/mozilla-chat-1.7.6-1.2.2.i386.rpm 054ca767763a06e4dc8c7791ad4e0b62 x86_64/mozilla-js-debugger-1.7.6-1.2.2.i386.rpm 08593a9c0909bbdfc2b3913420bc2b7e x86_64/mozilla-dom-inspector-1.7.6-1.2.2.i386.rpm 241e38a280bf30ab84eeb87a916ba5ac i386/mozilla-1.7.6-1.2.2.i386.rpm 8059d43c76c69a9dcdfbc80bab47c61d i386/mozilla-nspr-1.7.6-1.2.2.i386.rpm 78823643c0968e1127cb3a1105361ec3 i386/mozilla-nspr-devel-1.7.6-1.2.2.i386.rpm 25095410d01ea542dc1e429afb8c2b41 i386/mozilla-nss-1.7.6-1.2.2.i386.rpm 41aaf5aa43ef2ac72cbaa2e50fa8a768 i386/mozilla-nss-devel-1.7.6-1.2.2.i386.rpm 13eecc00d20fea369a3f2826235858b7 i386/mozilla-devel-1.7.6-1.2.2.i386.rpm 599cb8a1eeea64e30761f182e1e4b8c9 i386/mozilla-mail-1.7.6-1.2.2.i386.rpm c88c78fe40130f350fa63eb5012a7519 i386/mozilla-chat-1.7.6-1.2.2.i386.rpm 054ca767763a06e4dc8c7791ad4e0b62 i386/mozilla-js-debugger-1.7.6-1.2.2.i386.rpm 08593a9c0909bbdfc2b3913420bc2b7e i386/mozilla-dom-inspector-1.7.6-1.2.2.i386.rpm d8233042be25ec4f4cabcbe431d1a1b7 i386/debug/mozilla-debuginfo-1.7.6-1.2.2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From caillon at redhat.com Fri Mar 25 21:37:08 2005 From: caillon at redhat.com (Christopher Aillon) Date: Fri, 25 Mar 2005 16:37:08 -0500 Subject: [SECURITY] Fedora Core 2 Update: epiphany-1.2.10-0.2.1 Message-ID: <42448484.7030107@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-253 2005-03-25 --------------------------------------------------------------------- Product : Fedora Core 2 Name : epiphany Version : 1.2.10 Release : 0.2.1 Summary : GNOME web browser based on the Mozilla rendering engine Description : epiphany is a simple GNOME web browser based on the Mozilla rendering engine --------------------------------------------------------------------- Update Information: There were several security flaws found in the mozilla package, which epiphany depends on. Users of epiphany are advised to upgrade to this updated package which has been rebuilt against a later version of mozilla which is not vulnerable to these flaws. --------------------------------------------------------------------- * Wed Mar 23 2005 Christopher Aillon 1.2.10-0.2.1 - Update to 1.2.10 - Build against mozilla 1.7.6 (with help from Christian Persch) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ 398444378e055d50d82da73619b3cafb SRPMS/epiphany-1.2.10-0.2.1.src.rpm 52e4b6cd8f2ff59b219c3b2ad6aeb8d1 x86_64/epiphany-1.2.10-0.2.1.x86_64.rpm 26d196879bb545c94911264c0af96cd9 x86_64/debug/epiphany-debuginfo-1.2.10-0.2.1.x86_64.rpm 8fed4532e1d742bb7fc9cb02083fec11 i386/epiphany-1.2.10-0.2.1.i386.rpm 80fdc9ccfd0bbf7fb56ad039f28ce2ea i386/debug/epiphany-debuginfo-1.2.10-0.2.1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From caillon at redhat.com Fri Mar 25 21:38:33 2005 From: caillon at redhat.com (Christopher Aillon) Date: Fri, 25 Mar 2005 16:38:33 -0500 Subject: [SECURITY] Fedora Core 2 Update: devhelp-0.9.1-0.2.5 Message-ID: <424484D9.9090507@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-251 2005-03-25 --------------------------------------------------------------------- Product : Fedora Core 2 Name : devhelp Version : 0.9.1 Release : 0.2.5 Summary : API document browser Description : A API document browser for GNOME 2. --------------------------------------------------------------------- Update Information: There were several security flaws found in the mozilla package, which devhelp depends on. Users of devhelp are advised to upgrade to this updated package which has been rebuilt against a later version of mozilla which is not vulnerable to these flaws. --------------------------------------------------------------------- * Wed Mar 23 2005 Christopher Aillon 0.9.1-0.2.5 - Use correct Requires line * Wed Mar 23 2005 Christopher Aillon 0.9.1-0.2.4 - Rebuild * Wed Mar 23 2005 Christopher Aillon 0.9.1-0.2.3 - Rebuild against mozilla 1.7.6 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ a35fe8bea6559080c3a6f461527a0461 SRPMS/devhelp-0.9.1-0.2.5.src.rpm 1bff7e616103f3875599df5a0291f63d x86_64/devhelp-0.9.1-0.2.5.x86_64.rpm f3509c3787eff72692d4468972e53443 x86_64/devhelp-devel-0.9.1-0.2.5.x86_64.rpm 441fa682bdab1eb47a7fc8002a68a166 x86_64/debug/devhelp-debuginfo-0.9.1-0.2.5.x86_64.rpm 2b9c05582b7223a571b6fbd023041f30 i386/devhelp-0.9.1-0.2.5.i386.rpm 94cd93edd472cca7f38df7dcbd45b80d i386/devhelp-devel-0.9.1-0.2.5.i386.rpm 18fec0d58c92e91fab1b0ee4036fa2d1 i386/debug/devhelp-debuginfo-0.9.1-0.2.5.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From davej at redhat.com Mon Mar 28 21:44:37 2005 From: davej at redhat.com (Dave Jones) Date: Mon, 28 Mar 2005 16:44:37 -0500 Subject: [SECURITY] Fedora Core 2 Update: kernel-2.6.10-1.771_FC2 Message-ID: <200503282144.j2SLib2K016007@devserv.devel.redhat.com> --------------------------------------------------------------------- Fedora Security Update Notification FEDORA-2005-262 2005-03-28 --------------------------------------------------------------------- Product : Fedora Core 2 Name : kernel Version : 2.6.10 Release : 1.771_FC2 Summary : The Linux kernel (the core of the Linux operating system) Description : The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. --------------------------------------------------------------------- * Sun Mar 27 2005 Dave Jones - Catch up with all recent security issues. - CAN-2005-0210 : dst leak - CAN-2005-0384 : ppp dos - CAN-2005-0531 : Sign handling issues. - CAN-2005-0400 : EXT2 information leak. - CAN-2005-0449 : Remote oops. - CAN-2005-0736 : Epoll overflow - CAN-2005-0749 : ELF loader may kfree wrong memory. - CAN-2005-0750 : Missing range checking in bluetooth - CAN-2005-0767 : drm race in radeon - CAN-2005-0815 : Corrupt isofs images could cause oops. * Tue Mar 22 2005 Dave Jones - Fix swapped parameters to memset in ieee802.11 code. --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ 279048bd2e34f477912badf1bb73d798 SRPMS/kernel-2.6.10-1.771_FC2.src.rpm 65d8acccaa8686bc8a8be34268801b5a x86_64/kernel-2.6.10-1.771_FC2.x86_64.rpm a5a4c03beb3cd37a71789b4c40e99797 x86_64/kernel-smp-2.6.10-1.771_FC2.x86_64.rpm 28ca62a9652cca57aadc0841dd58c85c x86_64/debug/kernel-debuginfo-2.6.10-1.771_FC2.x86_64.rpm e8d9cfc6aa998268426023a8a7bd3012 x86_64/kernel-sourcecode-2.6.10-1.771_FC2.noarch.rpm 3a14cc12fa4e6fb796edc1f8b7fa36cb x86_64/kernel-doc-2.6.10-1.771_FC2.noarch.rpm 2dd2777c4e63ee49a1fa5d0aac63198e i386/kernel-2.6.10-1.771_FC2.i586.rpm 4f85f53a459595cf69635ca98f538eea i386/kernel-smp-2.6.10-1.771_FC2.i586.rpm f6c507301df73b72cb9636a3e7db2eb6 i386/debug/kernel-debuginfo-2.6.10-1.771_FC2.i586.rpm c11edec2fb84f899cbc4ba21e0cf3a0a i386/kernel-2.6.10-1.771_FC2.i686.rpm b2a94b6b94be8816b02901b4347b805c i386/kernel-smp-2.6.10-1.771_FC2.i686.rpm 3fe0f11bdf21a2d3aa9afa2956926542 i386/debug/kernel-debuginfo-2.6.10-1.771_FC2.i686.rpm e8d9cfc6aa998268426023a8a7bd3012 i386/kernel-sourcecode-2.6.10-1.771_FC2.noarch.rpm 3a14cc12fa4e6fb796edc1f8b7fa36cb i386/kernel-doc-2.6.10-1.771_FC2.noarch.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From wtogami at redhat.com Mon Mar 28 22:32:03 2005 From: wtogami at redhat.com (Warren Togami) Date: Mon, 28 Mar 2005 12:32:03 -1000 Subject: [SECURITY] Fedora Core 3 Update: squirrelmail-1.4.4-1.FC3 Message-ID: <424885E3.2080104@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-260 2005-03-28 --------------------------------------------------------------------- Product : Fedora Core 3 Name : squirrelmail Version : 1.4.4 Release : 1.FC3 Summary : SquirrelMail webmail client Description : SquirrelMail is a standards-based webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no Javascript) for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install. SquirrelMail has all the functionality you would want from an email client, including strong MIME support, address books, and folder manipulation. --------------------------------------------------------------------- Update Information: Multiple issues in squirrelmail (CAN-2005-0104) Upgrade to 1.4.4 --------------------------------------------------------------------- * Thu Jan 27 2005 Warren Togami 1.4.4-2 - 1.4.4 - re-include translations and Provide squirrelmail-i18n better compatible with upstream, but we cannot split sub-package due to support of existing distributions - remove unnecessary .po files --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ b62f0fe0b26a125239e4897a1aef60d8 SRPMS/squirrelmail-1.4.4-1.FC3.src.rpm 4df4db9e6f9b4278615c5d6189427f7a x86_64/squirrelmail-1.4.4-1.FC3.noarch.rpm 4df4db9e6f9b4278615c5d6189427f7a i386/squirrelmail-1.4.4-1.FC3.noarch.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From wtogami at redhat.com Mon Mar 28 22:32:05 2005 From: wtogami at redhat.com (Warren Togami) Date: Mon, 28 Mar 2005 12:32:05 -1000 Subject: [SECURITY] Fedora Core 2 Update: squirrelmail-1.4.4-1.FC2 Message-ID: <424885E5.6050409@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-259 2005-03-28 --------------------------------------------------------------------- Product : Fedora Core 2 Name : squirrelmail Version : 1.4.4 Release : 1.FC2 Summary : SquirrelMail webmail client Description : SquirrelMail is a standards-based webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no Javascript) for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install. SquirrelMail has all the functionality you would want from an email client, including strong MIME support, address books, and folder manipulation. --------------------------------------------------------------------- Update Information: Multiple issues in squirrelmail (CAN-2005-0104) Upgrade to 1.4.4 --------------------------------------------------------------------- * Thu Jan 27 2005 Warren Togami 1.4.4-2 - 1.4.4 - re-include translations and Provide squirrelmail-i18n better compatible with upstream, but we cannot split sub-package due to support of existing distributions - remove unnecessary .po files --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ a238db60bcad582241e36e125eb2888a SRPMS/squirrelmail-1.4.4-1.FC2.src.rpm 196e34e86ad654beb1f44462c6148e99 x86_64/squirrelmail-1.4.4-1.FC2.noarch.rpm 196e34e86ad654beb1f44462c6148e99 i386/squirrelmail-1.4.4-1.FC2.noarch.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From wtogami at redhat.com Mon Mar 28 22:32:07 2005 From: wtogami at redhat.com (Warren Togami) Date: Mon, 28 Mar 2005 12:32:07 -1000 Subject: Fedora Core 3 Update: spamassassin-3.0.2-0.fc3 Message-ID: <424885E7.90006@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-261 2005-03-28 --------------------------------------------------------------------- Product : Fedora Core 3 Name : spamassassin Version : 3.0.2 Release : 0.fc3 Summary : Spam filter for email which can be invoked from mail delivery agents. Description : SpamAssassin provides you with a way to reduce if not completely eliminate Unsolicited Commercial Email (SPAM) from your incoming email. It can be invoked by a MDA such as sendmail or postfix, or can be called from a procmail script, .forward file, etc. It uses a genetic-algorithm evolved scoring system to identify messages which look spammy, then adds headers to the message so they can be filtered by the user's mail reading software. This distribution includes the spamd/spamc components which create a server that considerably speeds processing of mail. To enable spamassassin, if you are receiving mail locally, simply add this line to your ~/.procmailrc: INCLUDERC=/etc/mail/spamassassin/spamassassin-default.rc To filter spam for all users, add that line to /etc/procmailrc (creating if necessary). --------------------------------------------------------------------- Update Information: http://wiki.apache.org/spamassassin/changes302 Upstream bug fixes. --------------------------------------------------------------------- * Thu Mar 24 2005 Florian La Roche - add "exit 0" to postun script * Thu Mar 24 2005 Joe Orton 3.0.2-4 - package the NOTICE file * Thu Mar 17 2005 Warren Togami - 3.0.2-3 - reinclude ia64, thanks jvdias * Tue Mar 15 2005 Warren Togami - 3.0.2-2 - exclude ia64 for now due to Bug #151127 * Mon Dec 20 2004 Warren Togami - 3.0.2-1 - 3.0.2 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ fa6de1906320c843125f3a578b522757 SRPMS/spamassassin-3.0.2-0.fc3.src.rpm 82f592b238ef341fa84d33886ab0f294 x86_64/spamassassin-3.0.2-0.fc3.x86_64.rpm 741c896af056b0c7d0accb1576da90ce x86_64/debug/spamassassin-debuginfo-3.0.2-0.fc3.x86_64.rpm 667d0f426b824fa2d0403859c7422f1e i386/spamassassin-3.0.2-0.fc3.i386.rpm 0a25bc3c18979406006b5fd8e7b77393 i386/debug/spamassassin-debuginfo-3.0.2-0.fc3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From wtogami at redhat.com Tue Mar 29 00:29:40 2005 From: wtogami at redhat.com (Warren Togami) Date: Mon, 28 Mar 2005 14:29:40 -1000 Subject: Fedora Core 2 Update: mozilla-1.7.6-1.2.5 Message-ID: <4248A174.1000100@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-271 2005-03-28 --------------------------------------------------------------------- Product : Fedora Core 2 Name : mozilla Version : 1.7.6 Release : 1.2.5 Summary : Web browser and mail reader Description : Mozilla is an open-source web browser, designed for standards compliance, performance and portability. --------------------------------------------------------------------- Update Information: This update supercedes the previous 1.7.6-1.2.2 which mistakenly had dependencies on FC3. --------------------------------------------------------------------- * Sun Mar 27 2005 Warren Togami 37:1.7.6-1.2.5 - reduce desktop-file-utils version dep (#152220) - remove update-desktop-database from scriptlets - fix gtk system colors --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ 2e93d64716ab25839f67b4f917063b9a SRPMS/mozilla-1.7.6-1.2.5.src.rpm 91b036318cc6002d1731c129bcf96e28 x86_64/mozilla-1.7.6-1.2.5.x86_64.rpm 167409ffa36f06cb37040b017beae889 x86_64/mozilla-nspr-1.7.6-1.2.5.x86_64.rpm 4f8e912a56ceb281c7a66c186baf069a x86_64/mozilla-nspr-devel-1.7.6-1.2.5.x86_64.rpm 232fee0dce85b49c566d8e4e28b31f9e x86_64/mozilla-nss-1.7.6-1.2.5.x86_64.rpm 81720a50b5bb0dfec1115fd8b7918f80 x86_64/mozilla-nss-devel-1.7.6-1.2.5.x86_64.rpm fb05b71bd4105fcdb4a04fe6b0431fc5 x86_64/mozilla-devel-1.7.6-1.2.5.x86_64.rpm abf590b8ee56af3535896a6a1eceeceb x86_64/mozilla-mail-1.7.6-1.2.5.x86_64.rpm 2c417c12dced865f0db37366194cce40 x86_64/mozilla-chat-1.7.6-1.2.5.x86_64.rpm 793aa4347fc4d16f6512a02729848386 x86_64/mozilla-js-debugger-1.7.6-1.2.5.x86_64.rpm 49d841233ba022cc051988fea7587878 x86_64/mozilla-dom-inspector-1.7.6-1.2.5.x86_64.rpm cf3c2ad6594e716420e67e6fea532874 x86_64/debug/mozilla-debuginfo-1.7.6-1.2.5.x86_64.rpm 48d99f4bd366216969bc05ebd908cd44 x86_64/mozilla-1.7.6-1.2.5.i386.rpm 7e2aac09061264fb116a2cc9b3b79163 x86_64/mozilla-nspr-1.7.6-1.2.5.i386.rpm 9ebe8c00e8c30ee88c5f5641a6d001ae x86_64/mozilla-nspr-devel-1.7.6-1.2.5.i386.rpm e285cc9470a1f44bb73ae3fc0c80052e x86_64/mozilla-nss-1.7.6-1.2.5.i386.rpm 30cceceae8c08f7852e888fccc291022 x86_64/mozilla-nss-devel-1.7.6-1.2.5.i386.rpm 8dd4ba6d84b9b08858418a9b69c92f1a x86_64/mozilla-devel-1.7.6-1.2.5.i386.rpm 40ef06bf418a697459dd5fd8de993b38 x86_64/mozilla-mail-1.7.6-1.2.5.i386.rpm 5d4f779684f7ce732efe000db14b57e0 x86_64/mozilla-chat-1.7.6-1.2.5.i386.rpm 09c4c881300fa51e530a8f821bf36843 x86_64/mozilla-js-debugger-1.7.6-1.2.5.i386.rpm 6cbb56a9c8196d8956a98fc3fddadeef x86_64/mozilla-dom-inspector-1.7.6-1.2.5.i386.rpm 48d99f4bd366216969bc05ebd908cd44 i386/mozilla-1.7.6-1.2.5.i386.rpm 7e2aac09061264fb116a2cc9b3b79163 i386/mozilla-nspr-1.7.6-1.2.5.i386.rpm 9ebe8c00e8c30ee88c5f5641a6d001ae i386/mozilla-nspr-devel-1.7.6-1.2.5.i386.rpm e285cc9470a1f44bb73ae3fc0c80052e i386/mozilla-nss-1.7.6-1.2.5.i386.rpm 30cceceae8c08f7852e888fccc291022 i386/mozilla-nss-devel-1.7.6-1.2.5.i386.rpm 8dd4ba6d84b9b08858418a9b69c92f1a i386/mozilla-devel-1.7.6-1.2.5.i386.rpm 40ef06bf418a697459dd5fd8de993b38 i386/mozilla-mail-1.7.6-1.2.5.i386.rpm 5d4f779684f7ce732efe000db14b57e0 i386/mozilla-chat-1.7.6-1.2.5.i386.rpm 09c4c881300fa51e530a8f821bf36843 i386/mozilla-js-debugger-1.7.6-1.2.5.i386.rpm 6cbb56a9c8196d8956a98fc3fddadeef i386/mozilla-dom-inspector-1.7.6-1.2.5.i386.rpm 4fb7a370ac1ae8eecb2235f5f75fb296 i386/debug/mozilla-debuginfo-1.7.6-1.2.5.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From tagoh at redhat.com Tue Mar 29 02:23:17 2005 From: tagoh at redhat.com (Akira TAGOH) Date: Tue, 29 Mar 2005 11:23:17 +0900 (JST) Subject: Fedora Core 2 Update: sylpheed-1.0.4-0.fc2 Message-ID: <20050329.112317.3660096149289074307.tagoh@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-263 2005-03-29 --------------------------------------------------------------------- Product : Fedora Core 2 Name : sylpheed Version : 1.0.4 Release : 0.fc2 Summary : A GTK+ based, lightweight, and fast email client. Description : This program is an X based fast email client which has features like: o user-friendly and intuitive interface o integrated NetNews client (partially implemented) o ability of keyboard-only operation o Mew/Wanderlust-like key bind o multipart MIME o unlimited multiple account handling o message queueing o assortment function o XML-based address book See /usr/share/doc/sylpheed*/README for more information. --------------------------------------------------------------------- * Mon Mar 28 2005 Warren Togami - 1.0.4-0.fc2 - 1.0.4 fixes another buffer overflow --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ 2f5a18417bde55cae286daeff079903f SRPMS/sylpheed-1.0.4-0.fc2.src.rpm 9969eb242a19817dafd30edff744ddb3 x86_64/sylpheed-1.0.4-0.fc2.x86_64.rpm 487835349be1bc4794145c0b5b395eaa x86_64/debug/sylpheed-debuginfo-1.0.4-0.fc2.x86_64.rpm 94ca08666fd3ddd52b72be0b23dad99e i386/debug/sylpheed-debuginfo-1.0.4-0.fc2.i386.rpm 6d075fbac76ff0fdb9ce962896ed6952 i386/sylpheed-1.0.4-0.fc2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From tagoh at redhat.com Tue Mar 29 02:24:47 2005 From: tagoh at redhat.com (Akira TAGOH) Date: Tue, 29 Mar 2005 11:24:47 +0900 (JST) Subject: Fedora Core 3 Update: sylpheed-1.0.4-0.fc3 Message-ID: <20050329.112447.1371001000740328539.tagoh@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-264 2005-03-29 --------------------------------------------------------------------- Product : Fedora Core 3 Name : sylpheed Version : 1.0.4 Release : 0.fc3 Summary : A GTK+ based, lightweight, and fast email client. Description : This program is an X based fast email client which has features like: o user-friendly and intuitive interface o integrated NetNews client (partially implemented) o ability of keyboard-only operation o Mew/Wanderlust-like key bind o multipart MIME o unlimited multiple account handling o message queueing o assortment function o XML-based address book See /usr/share/doc/sylpheed*/README for more information. --------------------------------------------------------------------- * Mon Mar 28 2005 Warren Togami - 1.0.4-0.fc3 - 1.0.4 fixes another buffer overflow --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 079c6ec9358056925208c99c6ebaee22 SRPMS/sylpheed-1.0.4-0.fc3.src.rpm 84f3bbb2cff85b076825cde553fe9dda x86_64/sylpheed-1.0.4-0.fc3.x86_64.rpm a807a28b7d13d4d8d1491890c00ff480 x86_64/debug/sylpheed-debuginfo-1.0.4-0.fc3.x86_64.rpm c747a3fee4f6fa0088199118f92e7134 i386/debug/sylpheed-debuginfo-1.0.4-0.fc3.i386.rpm 8d0f9be6fa4d314e5c869fca9dfeabce i386/sylpheed-1.0.4-0.fc3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From jmoyer at redhat.com Tue Mar 29 17:41:54 2005 From: jmoyer at redhat.com (Jeff Moyer) Date: Tue, 29 Mar 2005 12:41:54 -0500 Subject: Fedora Core 3 Update: libaio-0.3.103-5 Message-ID: <16969.37730.120407.661456@segfault.boston.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sorry for the late announcement. - --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-147 2005-03-29 - --------------------------------------------------------------------- Product : Fedora Core 3 Name : libaio Version : 0.3.103 Release : 5 Summary : Linux-native asynchronous I/O access library Description : The Linux-native asynchronous I/O facility ("async I/O", or "aio") has a richer API and capability set than the simple POSIX async I/O facility. This library, libaio, provides the Linux-native API for async I/O. The POSIX async I/O facility requires this library in order to provide kernel-accelerated async I/O capabilities, as do applications which require the Linux-native async I/O API. - --------------------------------------------------------------------- Update Information: The SONAME for libaio was inadvertantly changed from libaio.so.1 to libaio.so.1.0.0. While applications linked with libaio.so.1 would still load, they would fail upon looking up a symbol in libaio. This also introduced an RPM dependency that could not be solved. Application RPMs which were built against the old package would not install as well. The solution for this was to revert the SONAME to its old value, and to provide a compat library for those packages that were built against the library with the wrong SONAME. - --------------------------------------------------------------------- * Mon Feb 14 2005 Jeff Moyer - 0.3.103-5 - - Build the library twice. Once with the old SONAME and once with the new one. This fixes the wrong SONAME problem by keeping a library around with the wrong name (libaio.so.1.0.0) and generating a new one (libaio.so.1.0.1). - --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 502e9012e7fce64fc6fbbda218d96154 SRPMS/libaio-0.3.103-5.src.rpm 37bfedf308962c5643ee722856e1b535 x86_64/libaio-0.3.103-5.x86_64.rpm 56b059051f2665751f3b19a8aa84a1e2 x86_64/libaio-devel-0.3.103-5.x86_64.rpm 3636705da3d24f5061c9294098c0ac09 x86_64/debug/libaio-debuginfo-0.3.103-5.x86_64.rpm 9b65bc00d61e80fffbd0a95572a5c405 x86_64/libaio-0.3.103-5.i386.rpm 9b65bc00d61e80fffbd0a95572a5c405 i386/libaio-0.3.103-5.i386.rpm 6b123d9266b8ab2836157c7148e9cc49 i386/libaio-devel-0.3.103-5.i386.rpm ee6ef2f1183e1d957220ca3d62906f93 i386/debug/libaio-debuginfo-0.3.103-5.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. - --------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Processed by Mailcrypt 3.5.8 iD8DBQFCSZNCH/inyh944bQRAhExAKC60ba1iwbK9pmPRXAoUIpfPIku1gCgphGi xmvVk8FkwV4BWbXDbUrEUe8= =83Y/ -----END PGP SIGNATURE----- From nalin at redhat.com Tue Mar 29 19:25:55 2005 From: nalin at redhat.com (Nalin Dahyabhai) Date: Tue, 29 Mar 2005 14:25:55 -0500 Subject: [SECURITY] Fedora Core 2 Update: krb5-1.3.6-4 Message-ID: <20050329192555.GB30885@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-269 2005-03-29 --------------------------------------------------------------------- Product : Fedora Core 2 Name : krb5 Version : 1.3.6 Release : 4 Summary : The Kerberos network authentication system. Description : Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords. --------------------------------------------------------------------- Update Information: Updated krb5 packages which fix two buffer overflow vulnerabilities in the included Kerberos-aware telnet client are now available. Kerberos is a networked authentication system which uses a trusted third party (a KDC) to authenticate clients and servers to each other. The krb5-workstation package includes a Kerberos-aware telnet client. Two buffer overflow flaws were discovered in the way the telnet client handles messages from a server. An attacker may be able to execute arbitrary code on a victim's machine if the victim can be tricked into connecting to a malicious telnet server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-0468 and CAN-2005-0469 to these issues. --------------------------------------------------------------------- * Wed Mar 23 2005 Nalin Dahyabhai 1.3.6-4 - drop krshd patch * Thu Mar 17 2005 Nalin Dahyabhai - add draft fix from Tom Yu for slc_add_reply() buffer overflow (CAN-2005-0469) - add draft fix from Tom Yu for env_opt_add() buffer overflow (CAN-2005-0468) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ 3c210dbdcfb5f01a35f52632abbd3e58 SRPMS/krb5-1.3.6-4.src.rpm 2b4e4f7ffe208989572b173efa18c4b4 x86_64/krb5-devel-1.3.6-4.x86_64.rpm 67a3ffb77c8f92b235d503380ff54b32 x86_64/krb5-libs-1.3.6-4.x86_64.rpm 5d8e752002f27ca2ea7c8f40a6247b37 x86_64/krb5-server-1.3.6-4.x86_64.rpm b01504865b91a46e9f6dab345a939bf6 x86_64/krb5-workstation-1.3.6-4.x86_64.rpm 72def6a5e69a30e63ab071f581ad1729 x86_64/debug/krb5-debuginfo-1.3.6-4.x86_64.rpm 891e77b16aa127543976583a0b134464 x86_64/krb5-libs-1.3.6-4.i386.rpm e26b5c97144daa666babf9e01bc90b25 i386/krb5-devel-1.3.6-4.i386.rpm 891e77b16aa127543976583a0b134464 i386/krb5-libs-1.3.6-4.i386.rpm 16a523103910c903de48a8c2e33c6524 i386/krb5-server-1.3.6-4.i386.rpm f36537a81b6330e72c01de759196fb35 i386/krb5-workstation-1.3.6-4.i386.rpm 123d9371167ecbe81399b256ece22399 i386/debug/krb5-debuginfo-1.3.6-4.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From nalin at redhat.com Tue Mar 29 19:26:12 2005 From: nalin at redhat.com (Nalin Dahyabhai) Date: Tue, 29 Mar 2005 14:26:12 -0500 Subject: [SECURITY] Fedora Core 3 Update: krb5-1.3.6-5 Message-ID: <20050329192612.GC30885@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-270 2005-03-29 --------------------------------------------------------------------- Product : Fedora Core 3 Name : krb5 Version : 1.3.6 Release : 5 Summary : The Kerberos network authentication system. Description : Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords. --------------------------------------------------------------------- Update Information: Updated krb5 packages which fix two buffer overflow vulnerabilities in the included Kerberos-aware telnet client are now available. Kerberos is a networked authentication system which uses a trusted third party (a KDC) to authenticate clients and servers to each other. The krb5-workstation package includes a Kerberos-aware telnet client. Two buffer overflow flaws were discovered in the way the telnet client handles messages from a server. An attacker may be able to execute arbitrary code on a victim's machine if the victim can be tricked into connecting to a malicious telnet server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-0468 and CAN-2005-0469 to these issues. --------------------------------------------------------------------- * Mon Mar 28 2005 Nalin Dahyabhai 1.3.6-5 - rebuild * Wed Mar 23 2005 Nalin Dahyabhai 1.3.6-4 - drop krshd patch * Thu Mar 17 2005 Nalin Dahyabhai - add draft fix from Tom Yu for slc_add_reply() buffer overflow (CAN-2005-0469) - add draft fix from Tom Yu for env_opt_add() buffer overflow (CAN-2005-0468) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 15bad9c44ba4da14de7d5527a02c1a90 SRPMS/krb5-1.3.6-5.src.rpm 41314d054ab13a935cd57466a99bb03e x86_64/krb5-devel-1.3.6-5.x86_64.rpm c99ffb83d090d156e59a0348e8162b6e x86_64/krb5-libs-1.3.6-5.x86_64.rpm 9ed53c214ae3b20aa8cb3a3f339b46ad x86_64/krb5-server-1.3.6-5.x86_64.rpm 1f03b24107cb22cfca368d59fb9c40ee x86_64/krb5-workstation-1.3.6-5.x86_64.rpm 0c354d4e12fcfe83c2cd6fbfb96abc16 x86_64/debug/krb5-debuginfo-1.3.6-5.x86_64.rpm f07344531de5e52ff9b5a0d20bdc91be x86_64/krb5-libs-1.3.6-5.i386.rpm 0af73edbe1464ecceaf3a30789c5d400 i386/krb5-devel-1.3.6-5.i386.rpm f07344531de5e52ff9b5a0d20bdc91be i386/krb5-libs-1.3.6-5.i386.rpm d737538d9eb42347efc297930f17241c i386/krb5-server-1.3.6-5.i386.rpm 92a3d0a3000bd0a78abcf11da80009ba i386/krb5-workstation-1.3.6-5.i386.rpm d8b1635e05c1b0bb6d76cb9f7a810d78 i386/debug/krb5-debuginfo-1.3.6-5.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From krh at redhat.com Tue Mar 29 19:52:16 2005 From: krh at redhat.com (=?utf-8?b?S3Jpc3RpYW4gSMO4Z3NiZQ==?= =?utf-8?b?cmc=?=) Date: Tue, 29 Mar 2005 14:52:16 -0500 Subject: [SECURITY] Fedora Core 3 Update: xorg-x11-6.8.2-1.FC3.13 Message-ID: <200503291952.j2TJqGiA021702@porkchop.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-273 2005-03-29 --------------------------------------------------------------------- Product : Fedora Core 3 Name : xorg-x11 Version : 6.8.2 Release : 1.FC3.13 Summary : The basic fonts, programs and docs for an X workstation. Description : X.org X11 is an open source implementation of the X Window System. It provides the basic low level functionality which full fledged graphical user interfaces (GUIs) such as GNOME and KDE are designed upon. --------------------------------------------------------------------- Update Information: An integer overflow flaw was found in libXpm, which is used by some applications for loading of XPM images. An attacker could create a malicious XPM file that would execute arbitrary code if opened by a victim using an application linked to the vulnerable library. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0605 to this issue. Futhermore, this updates the Fedora Core 3 X.org packages to the 6.8.2 maintenance release, which includes a large number of bug fixes: http://xorg.freedesktop.org/wiki/X11R682Release --------------------------------------------------------------------- * Thu Mar 24 2005 Kristian H?gsberg 6.8.2-1.FC3.13 - Rebuild 6.8.2-13 as 6.8.2-1.FC3.13 for Fedora Core 3 release * Wed Mar 23 2005 Kristian H?gsberg 6.8.2-13 - Add XFree86-4.1.0-xpm-security-fix-CAN-2005-0605.patch (#150040). --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 94366578adb65612201728ef9ab1bd55 SRPMS/xorg-x11-6.8.2-1.FC3.13.src.rpm f5206f5e0ef0ba672f25455af5f0d57a x86_64/xorg-x11-6.8.2-1.FC3.13.x86_64.rpm 7ca91351cde46271ced109127e32445c x86_64/xorg-x11-devel-6.8.2-1.FC3.13.x86_64.rpm 3c1a1ff519f0ada181791769f5fa317e x86_64/xorg-x11-deprecated-libs-devel-6.8.2-1.FC3.13.x86_64.rpm 92e89e566fc6618245318b7fa4034ee6 x86_64/xorg-x11-font-utils-6.8.2-1.FC3.13.x86_64.rpm 13ff89b32d789d7a3dd3e87d9d4f7991 x86_64/xorg-x11-xfs-6.8.2-1.FC3.13.x86_64.rpm 9e75b9b0e32b1b58e6b235ee33809c41 x86_64/xorg-x11-twm-6.8.2-1.FC3.13.x86_64.rpm cc264ec7b1c14271e346f72b21fd5a87 x86_64/xorg-x11-xdm-6.8.2-1.FC3.13.x86_64.rpm d9eec089b430a0cbcd8be6aff2a5de85 x86_64/xorg-x11-libs-6.8.2-1.FC3.13.x86_64.rpm 3af6857ae01305df21c29c2f4fb44d2e x86_64/xorg-x11-deprecated-libs-6.8.2-1.FC3.13.x86_64.rpm a67e229ca44e3919a36cbe6fce01775c x86_64/xorg-x11-doc-6.8.2-1.FC3.13.x86_64.rpm f357a1344a59fea10207b7b49dd6003b x86_64/xorg-x11-Xdmx-6.8.2-1.FC3.13.x86_64.rpm 53e42bac132fb395ebea33994d70e53d x86_64/xorg-x11-Xnest-6.8.2-1.FC3.13.x86_64.rpm 72e0cbfba322f1e240685b361cf2537c x86_64/xorg-x11-tools-6.8.2-1.FC3.13.x86_64.rpm 2ce584c855b0f1cc1ac4db8780b25ae3 x86_64/xorg-x11-xauth-6.8.2-1.FC3.13.x86_64.rpm 546248e8a4c711e534b2c6fe5f5736ad x86_64/xorg-x11-Mesa-libGL-6.8.2-1.FC3.13.x86_64.rpm 07149a3e65259666f7364aa5e6ca36c2 x86_64/xorg-x11-Mesa-libGLU-6.8.2-1.FC3.13.x86_64.rpm e119760d056fd141c22efb422c33bfd3 x86_64/xorg-x11-Xvfb-6.8.2-1.FC3.13.x86_64.rpm 5aa92c62145317639586854a7529e408 x86_64/xorg-x11-sdk-6.8.2-1.FC3.13.x86_64.rpm d42f17f76c9ff4171b7003ef2844ff46 x86_64/xorg-x11-devel-6.8.2-1.FC3.13.i386.rpm a1106b41ab938b60ae31a6030ce2ae69 x86_64/xorg-x11-libs-6.8.2-1.FC3.13.i386.rpm 1befcda39823dc6ff70be791f9ebe8fb x86_64/xorg-x11-deprecated-libs-6.8.2-1.FC3.13.i386.rpm 85a86b438f512a8f608a03a7d26c7ccb x86_64/xorg-x11-Mesa-libGL-6.8.2-1.FC3.13.i386.rpm ca913c4a6d5d06d5c3474a3da83b726c x86_64/xorg-x11-Mesa-libGLU-6.8.2-1.FC3.13.i386.rpm a9589a414fd18a04c436549d622eb064 i386/xorg-x11-6.8.2-1.FC3.13.i386.rpm d42f17f76c9ff4171b7003ef2844ff46 i386/xorg-x11-devel-6.8.2-1.FC3.13.i386.rpm 9002eb404a7018c70306af2ac821aa30 i386/xorg-x11-deprecated-libs-devel-6.8.2-1.FC3.13.i386.rpm f99acd9ceb6cbfd2d57e2c7b31ce89ef i386/xorg-x11-font-utils-6.8.2-1.FC3.13.i386.rpm ed74e8cd8d2a360baf8daba04d14d409 i386/xorg-x11-xfs-6.8.2-1.FC3.13.i386.rpm 7f4fbd7f2eea4ebbe1e6e7c42215714c i386/xorg-x11-twm-6.8.2-1.FC3.13.i386.rpm 4582c9a5650832884660187eac3bb136 i386/xorg-x11-xdm-6.8.2-1.FC3.13.i386.rpm a1106b41ab938b60ae31a6030ce2ae69 i386/xorg-x11-libs-6.8.2-1.FC3.13.i386.rpm 1befcda39823dc6ff70be791f9ebe8fb i386/xorg-x11-deprecated-libs-6.8.2-1.FC3.13.i386.rpm 5169a66fe5a367a60b2635c4be98ab9b i386/xorg-x11-doc-6.8.2-1.FC3.13.i386.rpm 1af9bb7976c506df46967105053e9ef7 i386/xorg-x11-Xdmx-6.8.2-1.FC3.13.i386.rpm 80dca4903e83c67f2666fd8f56aef393 i386/xorg-x11-Xnest-6.8.2-1.FC3.13.i386.rpm 37f9361bd2b9b085375c4b9689b499e2 i386/xorg-x11-tools-6.8.2-1.FC3.13.i386.rpm 831a10dfe3e76c21b48e0a578a0542f4 i386/xorg-x11-xauth-6.8.2-1.FC3.13.i386.rpm 85a86b438f512a8f608a03a7d26c7ccb i386/xorg-x11-Mesa-libGL-6.8.2-1.FC3.13.i386.rpm ca913c4a6d5d06d5c3474a3da83b726c i386/xorg-x11-Mesa-libGLU-6.8.2-1.FC3.13.i386.rpm 28c10ea5794c39d0d299ad317d0a6749 i386/xorg-x11-Xvfb-6.8.2-1.FC3.13.i386.rpm e91fd9c112fe3859abf46b336d2dc623 i386/xorg-x11-sdk-6.8.2-1.FC3.13.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From krh at redhat.com Tue Mar 29 19:53:47 2005 From: krh at redhat.com (=?utf-8?b?S3Jpc3RpYW4gSMO4Z3NiZQ==?= =?utf-8?b?cmc=?=) Date: Tue, 29 Mar 2005 14:53:47 -0500 Subject: [SECURITY] Fedora Core 2 Update: xorg-x11-6.7.0-14 Message-ID: <200503291953.j2TJrlev021814@porkchop.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-272 2005-03-29 --------------------------------------------------------------------- Product : Fedora Core 2 Name : xorg-x11 Version : 6.7.0 Release : 14 Summary : The basic fonts, programs and docs for an X workstation. Description : X.org X11 is an open source implementation of the X Window System. It provides the basic low level functionality which full fledged graphical user interfaces (GUIs) such as GNOME and KDE are designed upon. --------------------------------------------------------------------- Update Information: An integer overflow flaw was found in libXpm, which is used by some applications for loading of XPM images. An attacker could create a malicious XPM file that would execute arbitrary code if opened by a victim using an application linked to the vulnerable library. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0605 to this issue. --------------------------------------------------------------------- * Thu Mar 24 2005 Kristian H?gsberg 6.7.0-14 - Add XFree86-4.1.0-xpm-security-fix-CAN-2005-0605.patch (#150040). --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ 600a0cfb0c9a9772da75c5652929518b SRPMS/xorg-x11-6.7.0-14.src.rpm 825a43a427fe4f42ed37b17f18f45558 x86_64/xorg-x11-6.7.0-14.x86_64.rpm b27a8d713eec80fce36e2f244eef0a2f x86_64/xorg-x11-devel-6.7.0-14.x86_64.rpm 6275bf8618179e6eeea10feeef759bbb x86_64/xorg-x11-font-utils-6.7.0-14.x86_64.rpm 89c8653ccb04e75510e74bc85508d7fd x86_64/xorg-x11-xfs-6.7.0-14.x86_64.rpm cf31406344a93fe433d23bfdcb0da81b x86_64/xorg-x11-twm-6.7.0-14.x86_64.rpm 1cf2b9c77a87758430315feb848c48b9 x86_64/xorg-x11-xdm-6.7.0-14.x86_64.rpm fadf7f5d595d9fcb611ec285435b961c x86_64/xorg-x11-libs-6.7.0-14.x86_64.rpm a070eccd4d418e14098030dffff0c859 x86_64/xorg-x11-libs-data-6.7.0-14.x86_64.rpm e3a8a1f75a97820627be65bf3976a08f x86_64/xorg-x11-base-fonts-6.7.0-14.x86_64.rpm b9939cd88b4cc7aca4bfaf27b95e3674 x86_64/xorg-x11-truetype-fonts-6.7.0-14.x86_64.rpm f6f33802011c13cb39d1e0b395870a47 x86_64/xorg-x11-syriac-fonts-6.7.0-14.x86_64.rpm 9b9b8064b4a18c0c8f4b70f09168bb29 x86_64/xorg-x11-75dpi-fonts-6.7.0-14.x86_64.rpm 7f3363d21561fb6cd6ca19bcc5f258a0 x86_64/xorg-x11-100dpi-fonts-6.7.0-14.x86_64.rpm be4cf2103796bcdb13ba614498496f10 x86_64/xorg-x11-ISO8859-2-75dpi-fonts-6.7.0-14.x86_64.rpm 58f5345f28c3f95b5e966a894d75566b x86_64/xorg-x11-ISO8859-2-100dpi-fonts-6.7.0-14.x86_64.rpm 61903949f372c4fdb24f067a7009fe53 x86_64/xorg-x11-ISO8859-9-75dpi-fonts-6.7.0-14.x86_64.rpm 08f9c2b87c56f9b8e4ace980dfddd3df x86_64/xorg-x11-ISO8859-9-100dpi-fonts-6.7.0-14.x86_64.rpm 3bb47bb6bf4d3f0e445c5709c82320fd x86_64/xorg-x11-ISO8859-14-75dpi-fonts-6.7.0-14.x86_64.rpm f830609d16d830b5cc03b359e33cad80 x86_64/xorg-x11-ISO8859-14-100dpi-fonts-6.7.0-14.x86_64.rpm 17dfac76eb62313d2d6cb88f56982825 x86_64/xorg-x11-ISO8859-15-75dpi-fonts-6.7.0-14.x86_64.rpm 51297d1016839a60c058b3773a49fe89 x86_64/xorg-x11-ISO8859-15-100dpi-fonts-6.7.0-14.x86_64.rpm c6525692b3052fa0f0000056b9985ed0 x86_64/xorg-x11-cyrillic-fonts-6.7.0-14.x86_64.rpm 2b16a602848c8145d78fc41dbb27e30c x86_64/xorg-x11-doc-6.7.0-14.x86_64.rpm 6df6be39cadf75d56f05e08823ff5569 x86_64/xorg-x11-Xnest-6.7.0-14.x86_64.rpm 40298ae776b44605648aae8fc765d7a8 x86_64/xorg-x11-tools-6.7.0-14.x86_64.rpm 5a2e53f1ae2296ff3317bcb2899ac021 x86_64/xorg-x11-xauth-6.7.0-14.x86_64.rpm dc536d4f899405eeebf55aefd0b69250 x86_64/xorg-x11-Mesa-libGL-6.7.0-14.x86_64.rpm d6f0bfe66f978ec510320aa136e845f8 x86_64/xorg-x11-Mesa-libGLU-6.7.0-14.x86_64.rpm a7090fa49b90b64d17b68fb8b34b0574 x86_64/xorg-x11-Xvfb-6.7.0-14.x86_64.rpm f3f7f737769df12c9ecb3611d843493c x86_64/xorg-x11-sdk-6.7.0-14.x86_64.rpm 09f987c885e0ab18c641b31ab0778eb0 x86_64/xorg-x11-libs-6.7.0-14.i386.rpm 4d8905737e62497664683b053e58f87e x86_64/xorg-x11-libs-data-6.7.0-14.i386.rpm 54074a661b6889f91a29fb91c62a189e x86_64/xorg-x11-Mesa-libGL-6.7.0-14.i386.rpm 30949ab6f8bf9427e32e841c37bac6e2 x86_64/xorg-x11-Mesa-libGLU-6.7.0-14.i386.rpm 4576076e43b32eb7d34fb9ff112c2ab6 i386/xorg-x11-6.7.0-14.i386.rpm aa42939c5f62b2eb863c3b433eda091e i386/xorg-x11-devel-6.7.0-14.i386.rpm 12758faeb79e52858b8cb963e829f7d1 i386/xorg-x11-font-utils-6.7.0-14.i386.rpm e5e37ec4b840fd3c8e11bdffcd5a799f i386/xorg-x11-xfs-6.7.0-14.i386.rpm ae4a343bdeb63c559859d633fedc3720 i386/xorg-x11-twm-6.7.0-14.i386.rpm 9281ffb09a3c6c6387dd62fde5e6939f i386/xorg-x11-xdm-6.7.0-14.i386.rpm 09f987c885e0ab18c641b31ab0778eb0 i386/xorg-x11-libs-6.7.0-14.i386.rpm 4d8905737e62497664683b053e58f87e i386/xorg-x11-libs-data-6.7.0-14.i386.rpm 8f11ccc3a45ee547c408d29fb61c8d21 i386/xorg-x11-base-fonts-6.7.0-14.i386.rpm 6b1426acb8c1c89f7c02c10e1ef8a6f9 i386/xorg-x11-truetype-fonts-6.7.0-14.i386.rpm 287625bb4fa84f794ab0e6f2525598bb i386/xorg-x11-syriac-fonts-6.7.0-14.i386.rpm bb6740fa5b20fb389940b19fdd9d5cf6 i386/xorg-x11-75dpi-fonts-6.7.0-14.i386.rpm f5014cfda408afc422be35be41c854bb i386/xorg-x11-100dpi-fonts-6.7.0-14.i386.rpm ac9eb026a651b64f15257870bc855b77 i386/xorg-x11-ISO8859-2-75dpi-fonts-6.7.0-14.i386.rpm b8c3f6d33a83254c2c3dbe1746140254 i386/xorg-x11-ISO8859-2-100dpi-fonts-6.7.0-14.i386.rpm 401876c22190ad302fcbd2406b2195a6 i386/xorg-x11-ISO8859-9-75dpi-fonts-6.7.0-14.i386.rpm 0fe35cdc12d5efc451b83c6bee9badef i386/xorg-x11-ISO8859-9-100dpi-fonts-6.7.0-14.i386.rpm c1a35a47c2105d205aab91a6eb494ec1 i386/xorg-x11-ISO8859-14-75dpi-fonts-6.7.0-14.i386.rpm 24e129935a31acb375c52b2c67fa56ca i386/xorg-x11-ISO8859-14-100dpi-fonts-6.7.0-14.i386.rpm 3c7922f8a8b2280bb29ffeeb3b83254d i386/xorg-x11-ISO8859-15-75dpi-fonts-6.7.0-14.i386.rpm eade863f16a383b6817fa211bafa0a63 i386/xorg-x11-ISO8859-15-100dpi-fonts-6.7.0-14.i386.rpm 508e852b7f0b06750769c6170d4aa7b1 i386/xorg-x11-cyrillic-fonts-6.7.0-14.i386.rpm 6a848de0e9d6c23cc13200e5b1e6c367 i386/xorg-x11-doc-6.7.0-14.i386.rpm 9799f497d482f759bcdca575c719784c i386/xorg-x11-Xnest-6.7.0-14.i386.rpm 2ee2a3660f4d37cfeab7f0ef8b1dbeeb i386/xorg-x11-tools-6.7.0-14.i386.rpm 8e9d284aa1fee22df6aad4675538a2ea i386/xorg-x11-xauth-6.7.0-14.i386.rpm 54074a661b6889f91a29fb91c62a189e i386/xorg-x11-Mesa-libGL-6.7.0-14.i386.rpm 30949ab6f8bf9427e32e841c37bac6e2 i386/xorg-x11-Mesa-libGLU-6.7.0-14.i386.rpm 8be650d47e7f34cc6b63b8e2321cf2eb i386/xorg-x11-Xvfb-6.7.0-14.i386.rpm 41adbaea8de3dee2f6a2698a73d875ff i386/xorg-x11-sdk-6.7.0-14.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From nphilipp at redhat.com Wed Mar 30 11:06:15 2005 From: nphilipp at redhat.com (Nils Philippsen) Date: Wed, 30 Mar 2005 06:06:15 -0500 Subject: Fedora Core 3 Update: system-config-services-0.8.21-0.fc3.1 Message-ID: <200503301106.j2UB6FI6019394@devserv.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-256 2005-03-30 --------------------------------------------------------------------- Product : Fedora Core 3 Name : system-config-services Version : 0.8.21 Release : 0.fc3.1 Summary : system-config-services is an initscript and xinetd configuration utility Description : system-config-services is a utility which allows you to configure which services should be enabled on your machine. --------------------------------------------------------------------- * Thu Mar 24 2005 Nils Philippsen 0.8.21-0.fc3.1 - connect toggled signals of service/runlevel checkboxes to enable saving again (#151982) - consolidate on_optRL*_toggled - connect delete_event of mainWindow to ask whether things should be saved before quitting - tab -> space indentation to avoid ambiguity - change some typos * Fri Mar 18 2005 Nils Philippsen 0.8.20-1 - don't read from /dev/null when restarting xinetd/services to prevent hangs - build toolbar in glade to avoid DeprecationWarnings (#134978) - dynamic, translated column titles for runlevel columns * Thu Feb 17 2005 Daniel J Walsh 0.8.19-1 - Added patch from Charlie Brej --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ bcc5c622f9f7092c0a2528a8753c19a2 SRPMS/system-config-services-0.8.21-0.fc3.1.src.rpm 3548ae3b649aa9fb0118a1afb60e51d3 x86_64/system-config-services-0.8.21-0.fc3.1.noarch.rpm 3548ae3b649aa9fb0118a1afb60e51d3 i386/system-config-services-0.8.21-0.fc3.1.noarch.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From harald at redhat.com Wed Mar 30 13:31:21 2005 From: harald at redhat.com (Harald Hoyer) Date: Wed, 30 Mar 2005 15:31:21 +0200 Subject: [SECURITY] Fedora Core 3 Update: telnet-0.17-32.FC3.2 Message-ID: <424AAA29.7020602@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-274 2005-03-30 --------------------------------------------------------------------- Product : Fedora Core 3 Name : telnet Version : 0.17 Release : 32.FC3.2 Summary : The client program for the telnet remote login protocol. Description : Telnet is a popular protocol for logging into remote systems over the Internet. The telnet package provides a command line telnet client. --------------------------------------------------------------------- Update Information: Two buffer overflow flaws were discovered in the way the telnet client handles messages from a server. An attacker may be able to execute arbitrary code on a victim's machine if the victim can be tricked into connecting to a malicious telnet server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-0468 and CAN-2005-0469 to these issues. Red Hat would like to thank iDEFENSE for their responsible disclosure of this issue. --------------------------------------------------------------------- * Thu Mar 17 2005 Harald Hoyer - 1:0.17-32.FC3.2 - fixed CAN-2005-468 and CAN-2005-469 * Thu Jan 13 2005 Jason Vas Dias - 1:0.17-31 - bug 143929 / 145004 : fix race condition in telnetd on wtmp lock - when cleanup() is entered from main process and in signal - handler --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 89834e05dfaaf87030241f12a8d43622 SRPMS/telnet-0.17-32.FC3.2.src.rpm 9ffe815c3d82132847f6f243662d8689 x86_64/telnet-0.17-32.FC3.2.x86_64.rpm 70c70de3253e43c621e1bd753ad85ac8 x86_64/telnet-server-0.17-32.FC3.2.x86_64.rpm 299a0a1ddc2f575b14509757a8e352fa x86_64/debug/telnet-debuginfo-0.17-32.FC3.2.x86_64.rpm 317a655b172288cfc0615b1a06fd2e07 i386/telnet-0.17-32.FC3.2.i386.rpm a51075465fe35429b26f83df4e1888b5 i386/telnet-server-0.17-32.FC3.2.i386.rpm 0f90b3b223e4a5286882f29d2ddc39dc i386/debug/telnet-debuginfo-0.17-32.FC3.2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From twaugh at redhat.com Wed Mar 30 14:43:22 2005 From: twaugh at redhat.com (Tim Waugh) Date: Wed, 30 Mar 2005 15:43:22 +0100 Subject: Fedora Core 3 Update: foomatic-3.0.2-13.3 Message-ID: <20050330144321.GN12412@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-149 2005-03-30 --------------------------------------------------------------------- Product : Fedora Core 3 Name : foomatic Version : 3.0.2 Release : 13.3 Summary : Foomatic printer database. Description : Foomatic is a comprehensive, spooler-independent database of printers, printer drivers, and driver descriptions. It contains utilities to generate driver description files and printer queues for CUPS, LPD, LPRng, and PDQ using the database. There is also the possibility to read the PJL options out of PJL-capable laser printers and take them into account at the driver description file generation. There are spooler-independent command line interfaces to manipulate queues (foomatic-configure) and to print files/manipulate jobs (foomatic printjob). The site http://www.linuxprinting.org/ is based on this database. --------------------------------------------------------------------- Update Information: This is an update to a newer version. --------------------------------------------------------------------- * Thu Feb 17 2005 Tim Waugh 3.0.2-13.3 - Fixed warning patch. * Wed Feb 16 2005 Tim Waugh 3.0.2-13.2 - Don't ship backup files. * Wed Feb 16 2005 Tim Waugh 3.0.2-13.1 - Built for FC3. * Wed Feb 16 2005 Tim Waugh - Updated db to 20050216. * Thu Feb 10 2005 Tim Waugh - Added IEEE 1284 information for HP Color LaserJet 4600 (bug #147648). * Tue Feb 8 2005 Tim Waugh - Corrected IEEE 1284 information for HP DeskJet 6540 (bug #147288). - Added IEEE 1284 information for Epson Stylus C82 (bug #147230). * Mon Jan 24 2005 Tim Waugh - Fixed last change. * Fri Jan 21 2005 Tim Waugh - Prevent a warning from DB.pm (bug #145605). * Tue Jan 18 2005 Tim Waugh 3.0.2-13 - Updated db to 20050118. * Mon Jan 10 2005 Tim Waugh - Added IEEE 1284 information for Epson Stylus Photo R200 (bug #144631). * Tue Jan 4 2005 Tim Waugh - Added IEEE 1284 information for Okidata Okipage 6ex (bug #143964). - Added IEEE 1284 information for Epson Stylus Photo R300 (bug #143939). * Mon Dec 20 2004 Tim Waugh 3.0.2-12 - Added IEEE 1284 information for Epson Stylus CX3200 (bug #143343). * Mon Dec 6 2004 Tim Waugh 3.0.2-11 - Updated db to 20041206. * Thu Dec 2 2004 Tim Waugh 3.0.2-10 - Added IEEE 1284 information for HP-Color_Inkjet_Printer_CP1700 (bug #141594). - Added IEEE 1284 information for Samsung-ML-1710 (bug #141163). - Added IEEE 1284 information for HP-OfficeJet_G95 (bug #141057). * Wed Nov 24 2004 Tim Waugh 3.0.2-9 - Updated db to 20041124. - Updated hpijs-db to 1.5-20041124. - No longer need HP DJ 6122 patch. - No longer need ieee1284 patch. - Updated Omni-printers to 0.9.2. * Wed Nov 24 2004 Tim Waugh 3.0.2-8 - Minor PPD.pm fix for PPD import (bug #132625). * Mon Nov 22 2004 Tim Waugh 3.0.2-7 - Applied some foomatic-rip fixes from CVS. * Thu Nov 18 2004 Tim Waugh - Add autodetect information for HP Color LaserJet 4550 (bug #139799). * Wed Nov 17 2004 Tim Waugh 3.0.2-6 - Add autodetect information for HP LaserJet 8150 (bug #139683). - Add autodetect information for Epson Stylus Color 777 (bug #139629). * Tue Nov 16 2004 Tim Waugh 3.0.2-5 - Ship data as non-executable (bug #139271). - Corrected autodetect information for HP Business InkJet 1100 (bug #139258). * Mon Nov 15 2004 Tim Waugh 3.0.2-4 - Add autodetect information for HP Business InkJet 1100 (bug #139258). - Add autodetect information for Epson Stylus Photo 790 (bug #139266). - Add autodetect information for HP DJ 3820 (bug #139271). --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 5eece1b6348cd6d8504fee8944561a36 SRPMS/foomatic-3.0.2-13.3.src.rpm 90883a645d3d59962f483210c5e77510 x86_64/foomatic-3.0.2-13.3.x86_64.rpm 3cffd7b48d1ce04e03ceac2d6c1b9937 x86_64/debug/foomatic-debuginfo-3.0.2-13.3.x86_64.rpm 66b65de495877c56491e063963ff8fc9 i386/foomatic-3.0.2-13.3.i386.rpm db7a49556356705e703d9fb13ca28975 i386/debug/foomatic-debuginfo-3.0.2-13.3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From fenlason at redhat.com Wed Mar 30 15:55:27 2005 From: fenlason at redhat.com (Jay Fenlason) Date: Wed, 30 Mar 2005 10:55:27 -0500 Subject: [SECURITY] Fedora Core 2 Update: squid-2.5.STABLE9-1.FC2.2 Message-ID: <20050330155527.GA4173@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-275 2005-03-30 --------------------------------------------------------------------- Product : Fedora Core 2 Name : squid Version : 2.5.STABLE9 Release : 1.FC2.2 Summary : The Squid proxy caching server. Description : Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. Note that squid-2.5.STABLE7 and later do not use /etc/squid/errors for error messages. If you do not want to use the default English error messages, you must set the error_directory in your /etc/squid/squid.conf to the appropriate subdirectory of /usr/share/squid/errors --------------------------------------------------------------------- * Tue Mar 29 2005 Jay Fenlason 7:2.5.STABLE9-1.FC3.2 - more upstream patches - include -libbind patch, to prevent squid from picking up a dependency on libbind. - remove references to /etc/squid/errors, since squid now uses {_datadir}/squid/errors/English by default. (overridable in squid.conf) - Mark {datadir}/squid/errors as config(noreplace) so custom error messages won't get scribbled on. * Wed Mar 16 2005 Jay Fenlason 7:2.5.STABLE9-1.FC3.1 - New upstream version, with 14 upstream patches. Includes fix for bz#150234 cookie leak in squid --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ 4f87823cc8d2e7dbbd1c6f0bc390c7a5 SRPMS/squid-2.5.STABLE9-1.FC2.2.src.rpm e60b6b22ae7af50eca46e621155cfd90 x86_64/squid-2.5.STABLE9-1.FC2.2.x86_64.rpm 899e5cf5ee75a51ea8c2256bf4c2e205 x86_64/debug/squid-debuginfo-2.5.STABLE9-1.FC2.2.x86_64.rpm f4bf9886e9c100e0ac9bf17b2e40f7d4 i386/squid-2.5.STABLE9-1.FC2.2.i386.rpm 9c06c585c6d113a154e99f8573c530dd i386/debug/squid-debuginfo-2.5.STABLE9-1.FC2.2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From fenlason at redhat.com Wed Mar 30 15:56:46 2005 From: fenlason at redhat.com (Jay Fenlason) Date: Wed, 30 Mar 2005 10:56:46 -0500 Subject: [SECURITY] Fedora Core 3 Update: squid-2.5.STABLE9-1.FC3.4 Message-ID: <20050330155646.GB4173@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-276 2005-03-30 --------------------------------------------------------------------- Product : Fedora Core 3 Name : squid Version : 2.5.STABLE9 Release : 1.FC3.4 Summary : The Squid proxy caching server. Description : Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. Note that squid-2.5.STABLE7 and later do not use /etc/squid/errors for error messages. If you do not want to use the default English error messages, you must set the error_directory in your /etc/squid/squid.conf to the appropriate subdirectory of /usr/share/squid/errors --------------------------------------------------------------------- * Wed Mar 23 2005 Jay Fenlason 7:2.5.STABLE9-1.FC3.4 - Add more upstream patches. - add the -libbind patch, to avoid picking up a new dependency on libbind. - Remove references to /etc/squid/errors from this spec, since squid now uses {_datadir}/squid/errors/English/ by default (overridable in /etc/squid/squid.conf, as always) - mark {_datadir}/squid/errors as config(noreplace) so custom error messages won't get stomped on. * Wed Mar 16 2005 Jay Fenlason 7:2.5.STABLE9-1.FC3.3 - Actually apply the -date patch. * Wed Mar 16 2005 Jay Fenlason 7:2.5.STABLE9-1.FC3.2 - New upstream version, with 14 patches. Includes fix for bz#150234 cookie leak in squid --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 402440397d0a352c5539cf99a1277ab7 SRPMS/squid-2.5.STABLE9-1.FC3.4.src.rpm f41d841e3c2ad7cde69896f0efb9b243 x86_64/squid-2.5.STABLE9-1.FC3.4.x86_64.rpm ceeb68cf5c12194835240059d08215db x86_64/debug/squid-debuginfo-2.5.STABLE9-1.FC3.4.x86_64.rpm 8857ae1347c3592347fc7caef24baf56 i386/squid-2.5.STABLE9-1.FC3.4.i386.rpm a08fb359713307d62edc738317dcd85c i386/debug/squid-debuginfo-2.5.STABLE9-1.FC3.4.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From harald at redhat.com Wed Mar 30 16:19:52 2005 From: harald at redhat.com (Harald Hoyer) Date: Wed, 30 Mar 2005 18:19:52 +0200 Subject: [SECURITY] Fedora Core 2 Update: telnet-0.17-28.FC2.1 Message-ID: <424AD1A8.303@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-277 2005-03-30 --------------------------------------------------------------------- Product : Fedora Core 2 Name : telnet Version : 0.17 Release : 28.FC2.1 Summary : The client program for the telnet remote login protocol. Description : Telnet is a popular protocol for logging into remote systems over the Internet. The telnet package provides a command line telnet client. --------------------------------------------------------------------- Update Information: Two buffer overflow flaws were discovered in the way the telnet client handles messages from a server. An attacker may be able to execute arbitrary code on a victim's machine if the victim can be tricked into connecting to a malicious telnet server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-0468 and CAN-2005-0469 to these issues. Red Hat would like to thank iDEFENSE for their responsible disclosure of this issue. --------------------------------------------------------------------- * Thu Mar 17 2005 Harald Hoyer - 1:0.17-28.FC2.1 - fixed CAN-2005-468 and CAN-2005-469 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ 24aa5985deaa986141292837ba73249b SRPMS/telnet-0.17-28.FC2.1.src.rpm 2fc2868d96e97260cfbae7f9b6557c02 x86_64/telnet-0.17-28.FC2.1.x86_64.rpm 536604c795642bdf90c1568a8c2db5a5 x86_64/telnet-server-0.17-28.FC2.1.x86_64.rpm 827d2014eacad235de5f0b7c0be5e716 x86_64/debug/telnet-debuginfo-0.17-28.FC2.1.x86_64.rpm 81b0c394c3d9fb8b852d3a847c11cf02 i386/telnet-0.17-28.FC2.1.i386.rpm d1e36e266c88b50d0e1b4f879a981786 i386/telnet-server-0.17-28.FC2.1.i386.rpm 8fd31e10878d243a4b0f6d3e3e6d3b25 i386/debug/telnet-debuginfo-0.17-28.FC2.1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From gdk at redhat.com Wed Mar 30 17:16:43 2005 From: gdk at redhat.com (Greg DeKoenigsberg) Date: Wed, 30 Mar 2005 12:16:43 -0500 (EST) Subject: FUDCon2 @ LinuxTag, 24-25 June 2005, Call For Papers Message-ID: FUD: An acronym for Fear, Uncertainty and Doubt. A typical tactic used by the opponents of open source to prevent its widespread adoption. Con: In opposition or disagreement with; against. === FUDCon II, the second gathering of Fedora Users and Developers, will be held at LinuxTag, on the 24th and 25th of June in Karlsruhe, Germany. FUDCon II will feature presentations from prominent members of the Fedora Project, both from Red Hat and from the Fedora community. Attendance is free to anyone attending LinuxTag, and pre-registration to LinuxTag is also free; visit http://linuctag.org for more details. The FUDCon staff requests that those who plan to attend FUDCon II reply via email to fudcon-register at fedoraproject.org. Thanks, and we'll see you in Karlsruhe! === Call for Presentations Working on an interesting project that uses Fedora? Looking to find contributors to help with your work, or just looking to share your project with the world? The Fedora Project is looking for presenters at FUDCon II. Any topic that relates significantly to the Fedora Project will be considered. Please submit an abstract of no more than 250 words to fudcon-cfp at fedoraporject.org. Submission deadline: Friday, April 22nd, 2005 Notification of decision: Friday, May 6th, 2005 Final version deadline: Friday, May 27th, 2005 === _____________________ ____________________________________________ Greg DeKoenigsberg ] [ the future masters of technology will have Community Relations ] [ to be lighthearted and intelligent. the Red Hat ] [ machine easily masters the grim and the ] [ dumb. --mcluhan From mclasen at redhat.com Wed Mar 30 18:42:16 2005 From: mclasen at redhat.com (Matthias Clasen) Date: Wed, 30 Mar 2005 13:42:16 -0500 Subject: [SECURITY] Fedora Core 2 Update: ImageMagick-6.2.0.7-2.fc2 Message-ID: <1112208136.28956.68.camel@golem.boston.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-234 2005-03-30 --------------------------------------------------------------------- Product : Fedora Core 2 Name : ImageMagick Version : 6.2.0.7 Release : 2.fc2 Summary : An X application for displaying and manipulating images. Description : ImageMagick(TM) is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work in the original format or a different one. ImageMagick also includes command line programs for creating animated or transparent .gifs, creating composite images, creating thumbnail images, and more. ImageMagick is one of your choices if you need a program to manipulate and dis play images. If you want to develop your own applications which use ImageMagick code or APIs, you need to install ImageMagick-devel as well. --------------------------------------------------------------------- Update Information: Andrei Nigmatulin discovered a heap based buffer overflow flaw in the ImageMagick image handler. An attacker could create a carefully crafted Photoshop Document (PSD) image in such a way that it would cause ImageMagick to execute arbitrary code when processing the image. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0005 to this issue. A format string bug was found in the way ImageMagick handles filenames. An attacker could execute arbitrary code in a victims machine if they are able to trick the victim into opening a file with a specially crafted name. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0397 to this issue. A bug was found in the way ImageMagick handles TIFF tags. It is possible that a TIFF image file with an invalid tag could cause ImageMagick to crash. A bug was found in ImageMagick's TIFF decoder. It is possible that a specially crafted TIFF image file could cause ImageMagick to crash. A bug was found in the way ImageMagick parses PSD files. It is possilbe that a specially crafted PSD file could cause ImageMagick to crash. A heap overflow bug was found in ImageMagick's SGI parser. It is possible that an attacker could execute arbitrary code by tricking a user into opening a specially crafted SGI image file. --------------------------------------------------------------------- * Wed Mar 16 2005 - 6.2.0.7-2.fc2 - Update to 6.2.0 to fix a number of security issues: - Drop a lot of upstreamed patches * Tue Nov 23 2004 - 5.5.7.7-1.3 - Fix heap overflow, CAN-2004-0827 - buffer overflow in ImageMagick's EXIF parser, CAN-2004-0981 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ 52fbf39e38a7ae5cc0914b6517fedcba SRPMS/ImageMagick-6.2.0.7-2.fc2.src.rpm f6a42bb0239a56780d7fac79bf4cb0cd x86_64/ImageMagick-6.2.0.7-2.fc2.x86_64.rpm ac4add6449a8f20658f865161656b492 x86_64/ImageMagick- devel-6.2.0.7-2.fc2.x86_64.rpm 414e95f0ed5189e246a5f03f27a9ba8a x86_64/ImageMagick- perl-6.2.0.7-2.fc2.x86_64.rpm 1f416050e2410950b7d31cb6a20fcf3c x86_64/ImageMagick-c+ +-6.2.0.7-2.fc2.x86_64.rpm dca65373bdde8fc72ad43f5fbb66d082 x86_64/ImageMagick-c++- devel-6.2.0.7-2.fc2.x86_64.rpm 39e6fd4dd15ff0830a8a4629f9544ad1 x86_64/debug/ImageMagick- debuginfo-6.2.0.7-2.fc2.x86_64.rpm 9cf6d6efbb10b85c7aac59ccdc8404c1 i386/ImageMagick-6.2.0.7-2.fc2.i386.rpm bd5af835d5c692efeb91f8e72bd3ad68 i386/ImageMagick- devel-6.2.0.7-2.fc2.i386.rpm 3bcd96b4f37d0d00496322172c3ab985 i386/ImageMagick- perl-6.2.0.7-2.fc2.i386.rpm 3cc2862b41fa967e89743dca2794068a i386/ImageMagick-c+ +-6.2.0.7-2.fc2.i386.rpm 40e7147cf90e2fcd9f9589bdd201ab48 i386/ImageMagick-c++- devel-6.2.0.7-2.fc2.i386.rpm ed7985c73aa5b5806ad66e0b97636f9c i386/debug/ImageMagick- debuginfo-6.2.0.7-2.fc2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From mclasen at redhat.com Wed Mar 30 18:43:42 2005 From: mclasen at redhat.com (Matthias Clasen) Date: Wed, 30 Mar 2005 13:43:42 -0500 Subject: [SECURITY] Fedora Core 3 Update: ImageMagick-6.2.0.7-2.fc3 Message-ID: <1112208222.28956.70.camel@golem.boston.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-235 2005-03-30 --------------------------------------------------------------------- Product : Fedora Core 3 Name : ImageMagick Version : 6.2.0.7 Release : 2.fc3 Summary : An X application for displaying and manipulating images. Description : ImageMagick(TM) is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work in the original format or a different one. ImageMagick also includes command line programs for creating animated or transparent .gifs, creating composite images, creating thumbnail images, and more. ImageMagick is one of your choices if you need a program to manipulate and dis play images. If you want to develop your own applications which use ImageMagick code or APIs, you need to install ImageMagick-devel as well. --------------------------------------------------------------------- Update Information: Andrei Nigmatulin discovered a heap based buffer overflow flaw in the ImageMagick image handler. An attacker could create a carefully crafted Photoshop Document (PSD) image in such a way that it would cause ImageMagick to execute arbitrary code when processing the image. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0005 to this issue. A format string bug was found in the way ImageMagick handles filenames. An attacker could execute arbitrary code in a victims machine if they are able to trick the victim into opening a file with a specially crafted name. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0397 to this issue. --------------------------------------------------------------------- * Wed Mar 16 2005 - 6.2.0.7-2.fc3 - Update to 6.2.0 to fix a number of security issues: - Drop a lot of upstreamed patches --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ dbbd0c32799bc32658214273037f1942 SRPMS/ImageMagick-6.2.0.7-2.fc3.src.rpm 39ecc49bcdfda64dd2cfaac13b332f42 x86_64/ImageMagick-6.2.0.7-2.fc3.x86_64.rpm 908f8c2f25568cf2340db0a6ae7c5b57 x86_64/ImageMagick- devel-6.2.0.7-2.fc3.x86_64.rpm 7f5112e7f05c9d4a448f5edeb42b153c x86_64/ImageMagick- perl-6.2.0.7-2.fc3.x86_64.rpm 039af81133349c933d0de1e1f61f3ba1 x86_64/ImageMagick-c+ +-6.2.0.7-2.fc3.x86_64.rpm 455c2286d9f1ed1e778a5c5e905053cb x86_64/ImageMagick-c++- devel-6.2.0.7-2.fc3.x86_64.rpm fe8a3812e6c3fbc8f5016e6eb1d2271a x86_64/debug/ImageMagick- debuginfo-6.2.0.7-2.fc3.x86_64.rpm 1f8387ff55eee8116b53309fc93e28db x86_64/ImageMagick-6.2.0.7-2.fc3.i386.rpm 214aee8a27780dee6e5c4a5b8b58ec0e x86_64/ImageMagick-c+ +-6.2.0.7-2.fc3.i386.rpm 1f8387ff55eee8116b53309fc93e28db i386/ImageMagick-6.2.0.7-2.fc3.i386.rpm a97fb99dfbcddc4391a351a51d544f14 i386/ImageMagick- devel-6.2.0.7-2.fc3.i386.rpm 12ceecfa8d7fd51e9e7a0eaf92c2abcf i386/ImageMagick- perl-6.2.0.7-2.fc3.i386.rpm 214aee8a27780dee6e5c4a5b8b58ec0e i386/ImageMagick-c+ +-6.2.0.7-2.fc3.i386.rpm 1ed8f7ca926e4fd31500f7ee8f767e72 i386/ImageMagick-c++- devel-6.2.0.7-2.fc3.i386.rpm 1f8756e8c6b5405dad07396eb34bf064 i386/debug/ImageMagick- debuginfo-6.2.0.7-2.fc3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From mclasen at redhat.com Wed Mar 30 18:50:45 2005 From: mclasen at redhat.com (Matthias Clasen) Date: Wed, 30 Mar 2005 13:50:45 -0500 Subject: [SECURITY] Fedora Core 2 Update: gdk-pixbuf-0.22.0-12.fc2 Message-ID: <1112208645.10574.3.camel@golem.boston.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-265 2005-03-30 --------------------------------------------------------------------- Product : Fedora Core 2 Name : gdk-pixbuf Version : 0.22.0 Release : 12.fc2 Summary : An image loading library used with GNOME. Description : The gdk-pixbuf package contains an image loading library used with the GNOME GUI desktop environment. The GdkPixBuf library provides image loading facilities, the rendering of a GdkPixBuf into various formats (drawables or GdkRGB buffers), and a cache interface. --------------------------------------------------------------------- Update Information: David Costanzo found a bug in the way gdk-pixbuf processes BMP images. It is possible that a specially crafted BMP image could cause a denial of service attack in applications linked against gdk-pixbuf. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0891 to this issue. --------------------------------------------------------------------- * Mon Mar 28 2005 Matthias Clasen - 1:0.22.0-12.fc2 - Fix a double free in the bmp loader --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ a0ba48a2695141af2d4a0f7ff3218062 SRPMS/gdk-pixbuf-0.22.0-12.fc2.src.rpm c1dc4fe31433159afb6bcfdd98dd84a2 x86_64/gdk- pixbuf-0.22.0-12.fc2.x86_64.rpm c561473d5921958c2aa7aed692671933 x86_64/gdk-pixbuf- devel-0.22.0-12.fc2.x86_64.rpm eb0fae059933dd9613048b4dfaa73d6f x86_64/gdk-pixbuf- gnome-0.22.0-12.fc2.x86_64.rpm 886d8069570a4202bfbcb6304203fd5a x86_64/debug/gdk-pixbuf- debuginfo-0.22.0-12.fc2.x86_64.rpm f56442e8a45c71b7004373b94acf5a9f i386/gdk-pixbuf-0.22.0-12.fc2.i386.rpm 0b16b3e1d3223b91728211fa311e8d72 i386/gdk-pixbuf- devel-0.22.0-12.fc2.i386.rpm 19ea2d840949337df59ccbe8e3303648 i386/gdk-pixbuf- gnome-0.22.0-12.fc2.i386.rpm a64d219947db70a88a5a29f1fba24227 i386/debug/gdk-pixbuf- debuginfo-0.22.0-12.fc2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From mclasen at redhat.com Wed Mar 30 18:52:00 2005 From: mclasen at redhat.com (Matthias Clasen) Date: Wed, 30 Mar 2005 13:52:00 -0500 Subject: [SECURITY] Fedora Core 3 Update: gdk-pixbuf-0.22.0-16.fc3 Message-ID: <1112208720.10574.6.camel@golem.boston.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-266 2005-03-30 --------------------------------------------------------------------- Product : Fedora Core 3 Name : gdk-pixbuf Version : 0.22.0 Release : 16.fc3 Summary : An image loading library used with GNOME. Description : The gdk-pixbuf package contains an image loading library used with the GNOME GUI desktop environment. The GdkPixBuf library provides image loading facilities, the rendering of a GdkPixBuf into various formats (drawables or GdkRGB buffers), and a cache interface. --------------------------------------------------------------------- Update Information: David Costanzo found a bug in the way gdk-pixbuf processes BMP images. It is possible that a specially crafted BMP image could cause a denial of service attack in applications linked against gdk-pixbuf. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0891 to this issue. --------------------------------------------------------------------- * Mon Mar 28 2005 Matthias Clasen - 1:0.22.0-16.fc3 - Fix a double free in the bmp loader --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 140402ef3823af459027e7eec1fb4a31 SRPMS/gdk-pixbuf-0.22.0-16.fc3.src.rpm 46732d3473a71aa4ab90dd456f0e957f x86_64/gdk- pixbuf-0.22.0-16.fc3.x86_64.rpm 14639a9be1a8470ef3ebf5f8ca6951fa x86_64/gdk-pixbuf- devel-0.22.0-16.fc3.x86_64.rpm d35d6f6ff840efced466d44e2556b556 x86_64/gdk-pixbuf- gnome-0.22.0-16.fc3.x86_64.rpm 91cb66921118ac3187e2a5234d33672a x86_64/debug/gdk-pixbuf- debuginfo-0.22.0-16.fc3.x86_64.rpm c226b3c99d9f139883015b249621294f x86_64/gdk- pixbuf-0.22.0-16.fc3.i386.rpm c226b3c99d9f139883015b249621294f i386/gdk-pixbuf-0.22.0-16.fc3.i386.rpm 7a7790402d9d477f7f0f47a74259bfa4 i386/gdk-pixbuf- devel-0.22.0-16.fc3.i386.rpm 4e8f98e1e520d1f9e2b7b1fa98c06119 i386/gdk-pixbuf- gnome-0.22.0-16.fc3.i386.rpm a3b06be3f9bd8ec74588dc6b95b637a9 i386/debug/gdk-pixbuf- debuginfo-0.22.0-16.fc3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From mclasen at redhat.com Wed Mar 30 18:53:26 2005 From: mclasen at redhat.com (Matthias Clasen) Date: Wed, 30 Mar 2005 13:53:26 -0500 Subject: [SECURITY] Fedora Core 2 Update: gtk2-2.4.14-2.fc2 Message-ID: <1112208806.10574.9.camel@golem.boston.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-267 2005-03-30 --------------------------------------------------------------------- Product : Fedora Core 2 Name : gtk2 Version : 2.4.14 Release : 2.fc2 Summary : The GIMP ToolKit (GTK+), a library for creating GUIs for X. Description : GTK+ is a multi-platform toolkit for creating graphical user interfaces. Offering a complete set of widgets, GTK+ is suitable for projects ranging from small one-off tools to complete application suites. --------------------------------------------------------------------- Update Information: David Costanzo found a bug in the way GTK+ processes BMP images. It is possible that a specially crafted BMP image could cause a denial of service attack in applications linked against GTK+. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0891 to this issue. --------------------------------------------------------------------- * Mon Mar 28 2005 Matthias Clasen - 2.4.14-2.fc2 - Fix a double free in the bmp loader --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ e554a876457e37b8a432191af098b455 SRPMS/gtk2-2.4.14-2.fc2.src.rpm e0ab627f18c00ea25257d7c0e82baa30 x86_64/gtk2-2.4.14-2.fc2.x86_64.rpm bffbdf4fb9ad6c0803c61994b4f3f125 x86_64/gtk2- devel-2.4.14-2.fc2.x86_64.rpm 64febbae57060204343e0f212279a3b8 x86_64/debug/gtk2- debuginfo-2.4.14-2.fc2.x86_64.rpm 40137c8115b35e5f92cc4ac764b7c04e x86_64/gtk2-2.4.14-2.fc2.i386.rpm 40137c8115b35e5f92cc4ac764b7c04e i386/gtk2-2.4.14-2.fc2.i386.rpm 1fd50f68800ac67282143c0d02e5be09 i386/gtk2-devel-2.4.14-2.fc2.i386.rpm 749b4834dfe87cdcf3133a9d859e5b91 i386/debug/gtk2- debuginfo-2.4.14-2.fc2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From mclasen at redhat.com Wed Mar 30 18:54:31 2005 From: mclasen at redhat.com (Matthias Clasen) Date: Wed, 30 Mar 2005 13:54:31 -0500 Subject: [SECURITY] Fedora Core 3 Update: gtk2-2.4.14-3.fc3 Message-ID: <1112208871.10574.12.camel@golem.boston.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-268 2005-03-30 --------------------------------------------------------------------- Product : Fedora Core 3 Name : gtk2 Version : 2.4.14 Release : 3.fc3 Summary : The GIMP ToolKit (GTK+), a library for creating GUIs for X. Description : GTK+ is a multi-platform toolkit for creating graphical user interfaces. Offering a complete set of widgets, GTK+ is suitable for projects ranging from small one-off tools to complete application suites. --------------------------------------------------------------------- Update Information: David Costanzo found a bug in the way GTK+ processes BMP images. It is possible that a specially crafted BMP image could cause a denial of service attack in applications linked against GTK+. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0891 to this issue. --------------------------------------------------------------------- * Mon Mar 28 2005 Matthias Clasen - 2.4.14-3.fc3 - Fix a double free in the bmp loader --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 8c9c1a539e15629f204038597c57e75a SRPMS/gtk2-2.4.14-3.fc3.src.rpm 6491f2ebf95a79a0fafdd90256033189 x86_64/gtk2-2.4.14-3.fc3.x86_64.rpm 7facd80dc1c9ffc2e1745cb1505096c0 x86_64/gtk2- devel-2.4.14-3.fc3.x86_64.rpm 922ad9d8b24a4a580bca1f3461c1fcde x86_64/debug/gtk2- debuginfo-2.4.14-3.fc3.x86_64.rpm 9351093394765c34bc5a6b28e8db301b x86_64/gtk2-2.4.14-3.fc3.i386.rpm 9351093394765c34bc5a6b28e8db301b i386/gtk2-2.4.14-3.fc3.i386.rpm abb369e8b7dbcbe785a23d9cf52ca2a0 i386/gtk2-devel-2.4.14-3.fc3.i386.rpm 816116449734868587e069851dc57a62 i386/debug/gtk2- debuginfo-2.4.14-3.fc3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From notting at redhat.com Wed Mar 30 22:23:39 2005 From: notting at redhat.com (Bill Nottingham) Date: Wed, 30 Mar 2005 17:23:39 -0500 Subject: Fedora Core 3 Update: initscripts-7.93.7-1 Message-ID: <20050330222339.GB28234@nostromo.devel.redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-279 2005-03-30 --------------------------------------------------------------------- Product : Fedora Core 3 Name : initscripts Version : 7.93.7 Release : 1 Summary : The inittab file and the /etc/init.d scripts. Description : The initscripts package contains the basic system scripts used to boot your Red Hat system, change runlevels, and shut the system down cleanly. Initscripts also contains the scripts that activate and deactivate most network interfaces. --------------------------------------------------------------------- Update Information: This update fixes various bugs, including several IPSEC bugs. --------------------------------------------------------------------- * Wed Mar 30 2005 Bill Nottingham 7.93.7-1 - fix mistranslation (#151120) - netfs: fix _netdev unmounting (#147610, ) - rc.sysinit: fix rngd check (#130350) ... then turn it off entirely - handle alternate VLAN naming schemes (#115001, ) - add proper ipsec route (#146169, #140654) - dhcp release cleanups () - ifdown: handle being called on down devices better * Wed Jan 19 2005 Bill Nottingham 7.93.6-1 - add support for releasing DHCP lease () - fix multiple scsi_hostadapter loads (#145432) - netfs: don't unmount NFS root FS (#142169) - netfs: don't mount GFS (#140281) - fix various minilogd bogosities (#106338) - fix various fgreps to not catch commented lines (#136531, expanded from ) - kill dhcp client even if BOOTOPROTO is now static (#127726, others) - ifup: fix typo (#134787, ) - set ETHTOOL_OPTS on addressless devices (#144682, ) - ifup: fix ONxxx (#136531, ) - ifup-ipsec: add fwd policies (#145507) - fix check_link_down to still check negotiation if link is listed as "up" on entering (#110164, ) - change setting of IPv6 default route (#142308, ) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ f5d5986c818bdc0bff959f55f7bcdc4c SRPMS/initscripts-7.93.7-1.src.rpm 09b45573de5cf69fb8ab0c8511a01bfd x86_64/initscripts-7.93.7-1.x86_64.rpm 5c9d484ebb59c42538b66368d89b1c4a x86_64/debug/initscripts-debuginfo-7.93.7-1.x86_64.rpm 140e0f3e6bd75205a2d45538f2196620 i386/initscripts-7.93.7-1.i386.rpm 898c7defceb1cc37a8c84e3de3fd726a i386/debug/initscripts-debuginfo-7.93.7-1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- From dwalsh at redhat.com Thu Mar 31 01:18:38 2005 From: dwalsh at redhat.com (Daniel J Walsh) Date: Wed, 30 Mar 2005 20:18:38 -0500 Subject: Fedora Core 3 Update: selinux-policy-targeted-1.17.30-2.93 Message-ID: <424B4FEE.9090206@redhat.com> --------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-250 2005-03-30 --------------------------------------------------------------------- Product : Fedora Core 3 Name : selinux-policy-targeted Version : 1.17.30 Release : 2.93 Summary : SELinux targeted policy configuration Description : Security-enhanced Linux is a patch of the Linux? kernel and a number of utilities with enhanced security functionality designed to add mandatory access controls to Linux. The Security-enhanced Linux kernel contains new architectural components originally developed to improve the security of the Flask operating system. These architectural components provide general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement?, Role-based Access Control, and Multi-level Security. This package contains the SELinux example policy configuration along with the Flask configuration information and the application configuration files. --------------------------------------------------------------------- * Wed Mar 23 2005 Dan Walsh 1.17.30-2.93 - Allow nscd and named to write to /var/log - Fix /var/lib/nfs/rpc_pipefs(/.*)? - Better handling of logrotate * Wed Mar 16 2005 Dan Walsh 1.17.30-2.91 - Allow logrotate to handle tmpfs /tmp --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 1a02e8633223288511e5b422e6e757e8 SRPMS/selinux-policy-targeted-1.17.30-2.93.src.rpm a51bdb3a2a4bde67dc571c9a1fd717c8 x86_64/selinux-policy-targeted-1.17.30-2.93.noarch.rpm 2d9108501c6ff5de2f9f186e2e881217 x86_64/selinux-policy-targeted-sources-1.17.30-2.93.noarch.rpm a51bdb3a2a4bde67dc571c9a1fd717c8 i386/selinux-policy-targeted-1.17.30-2.93.noarch.rpm 2d9108501c6ff5de2f9f186e2e881217 i386/selinux-policy-targeted-sources-1.17.30-2.93.noarch.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- --