9:19 a.m.
Compose started at Sat May 23 06:15:04 UTC 2009
Updated Packages:
alsa-utils-1.0.20-3.fc11
------------------------
* Fri May 15 2009 Jaroslav Kysela <jkysela(a)redhat.com> 1.0.20-3
- fixed Headphone Volume issue (bz#500956)
* Mon May 11 2009 Jaroslav Kysela <jkysela(a)redhat.com> 1.0.20-1
- updated to 1.0.20 final
- updated alsa-info.sh script to 0.4.56
* Mon May 11 2009 Jaroslav Kysela <jkysela(a)redhat.com> 1.0.20-2
- fix build (update sources file)
coccinelle-0.1.8-1.fc11.3
-------------------------
* Fri May 22 2009 Richard W.M. Jones <rjones(a)redhat.com> - 0.1.8-1.fc11.3
- New upstream version 0.1.8.
- Include patch from Debian to fix CVE-2009-1753 (RHBZ#502174).
- Segfaults on PPC64, so added to ExcludeArch.
generic-release-11-1
--------------------
* Wed May 20 2009 Tom "spot" Callaway <tcallawa(a)redhat.com> - 11-1
- resync with fedora-release package
glibc-2.10.1-2
--------------
* Fri May 22 2009 Jakub Jelinek <jakub(a)redhat.com> 2.10.1-2
- fix accept4 on architectures other than i?86/x86_64
- robustify nscd client code during server GC
- fix up nscd segfaults during daemon shutdown
- fix memchr on ia64 (BZ#10162)
- replace the Sun RPC license with the BSD license, with the explicit
permission of Sun Microsystems
- fix up powerpc long double errno reporting
ibus-chewing-1.0.10.20090523-2.fc11
-----------------------------------
* Fri May 22 2009 - Ding-Yi Chen <dchen at redhat.com> - 1.0.10.20090522-1
- Now the 1st down key brings the longest possible phrases.
The 2nd down key brings the 2nd longest possible phrases from the back,
unlike the previous versions where the cursor stays in the head of longest phrase.
- Add force lowercase in English mode option.
- Fix double free issue when destroy ibus-chewing.
- Hide ibus-chewing-panel when ibus-chewing is focus-out
* Fri May 22 2009 Ding-Yi Chen <dchen at redhat.com> - 1.0.10.20090523-1
- Applied Lubomir Rintel's patch
* Fri May 22 2009 Ding-Yi Chen <dchen at redhat.com> - 1.0.10.20090523-2
- Add back the export GCONF_CONFIG_SOURCE=`gconftool-2 --get-default-source`
* Mon May 11 2009 Ding-Yi Chen <dchen at redhat.com> - 1.0.9.20090508-1
Now commit is forced when switch of ibus-chewing or current application loses focus.
- New ibus-chewing.png is contribute by WM.
- input-keyboard.png is no longer needed and removed.
- ibus-engine-chewing -v option now need an integer as verbose level.
- ibus-chewing.schemas is now generated.
- Fix some CMake modules bugs.
* Tue Apr 28 2009 Ding-Yi Chen <dchen at redhat.com> - 1.0.8.20090428-1
Fix the errors which Funda Wang as pointing out:
- Move src/chewing.xml.in to data/
- Fixed some typo in next_version targets.
- Remove GConf2 package requirement, while add gconftool-2 requirement.
libchewing-0.3.2-10.fc11
------------------------
* Wed May 20 2009 Ding-Yi Chen <dchen at redhat dot com> - 0.3.2-10
- Need autoreconf to make changes in Makefile.am effective.
* Mon May 18 2009 Ding-Yi Chen <dchen at redhat dot com> - 0.3.2-9
- Possible Fix of Bug 501220 - RFE: edit last preedit character from end of line
Chewing upstream does not handle if phrase choice rearward is enabled.
libdrm-2.4.6-7.fc11
-------------------
* Tue May 19 2009 Kristian Høgsberg <krh(a)redhat.com> - 2.4.6-7
- Add patch to limit cachable object size (#498131).
squirrelmail-1.4.19-1.fc11
--------------------------
* Fri May 22 2009 Michal Hlavinka <mhlavink(a)redhat.com> - 1.4.19-1
- updated to 1.4.19
- fixes CVE-2009-1579, CVE-2009-1580, CVE-2009-1581
* Tue May 19 2009 Michal Hlavinka <mhlavink(a)redhat.com> - 1.4.18-2
- fix undefined variable aSpamIds (#501260)
* Tue May 12 2009 Michal Hlavinka <mhlavink(a)redhat.com> - 1.4.18-1
- updated to 1.4.18
transmission-1.53-1.fc11
------------------------
* Fri May 22 2009 Denis Leroy <denis(a)poolshark.org> - 1.53-1
- Update to upstream 1.53
- Security fix CVE-2009-1757 (#500278)
* Tue Apr 28 2009 Denis Leroy <denis(a)poolshark.org> - 1.52-1
- Update to upstream 1.52
- XDG Download patch upstreamed
- Added patch to make full allocation by default
xorg-x11-drv-intel-2.7.0-6.fc11
-------------------------------
* Wed May 20 2009 <krh(a)madara.bos.redhat.com> - 2.7.0-6
- Add intel-2.7-dont-gtt-map-big-objects.patch to avoid mapping big
gem objects through the GTT (#498131).
* Thu May 07 2009 Adam Jackson <ajax(a)redhat.com> 2.7.0-5
- Update intel-gpu-tools
Summary:
Added Packages: 0
Removed Packages: 0
Modified Packages: 10
Broken deps for ppc64
----------------------------------------------------------
cabal2spec-0.12-1.fc11.noarch requires ghc > 0:6.10.1-7
12:37 p.m.
Rawhide Report wrote:
- Include patch from Debian to fix CVE-2009-1753 (RHBZ#502174).
Yet another insecure temporary file vulnerability. Why do we still not
polyinstantiate /tmp by default? We're wasting lots of time on security
measures which keep breaking apps such as SELinux, but simple things like
polyinstantiation are still not used, why? This code would be perfectly
safe if polyinstantiation was mandatory. Why are we stuck in the 1970s?
Kevin Kofler
11:48 a.m.
Kevin Kofler (kevin.kofler(a)chello.at) said:
Yet another insecure temporary file vulnerability. Why do we still
not
polyinstantiate /tmp by default? We're wasting lots of time on security
measures which keep breaking apps such as SELinux, but simple things like
polyinstantiation are still not used, why? This code would be perfectly
safe if polyinstantiation was mandatory. Why are we stuck in the 1970s?
... send patches? It's techncially feasible, but no one's done the
legwork to integrate it fully yet. (xguest goes a bit beyond what
we'd want by default.)
Bill
12:12 p.m.
On Di Mai 26 2009, Bill Nottingham wrote:
Kevin Kofler (kevin.kofler(a)chello.at) said:
> Yet another insecure temporary file vulnerability. Why do we still not
> polyinstantiate /tmp by default? We're wasting lots of time on security
> measures which keep breaking apps such as SELinux, but simple things like
> polyinstantiation are still not used, why? This code would be perfectly
> safe if polyinstantiation was mandatory. Why are we stuck in the 1970s?
... send patches? It's techncially feasible, but no one's done the
legwork to integrate it fully yet.
It is already done on the Fedorapeople server:
https://fedoraproject.org/wiki/Infrastructure/FedoraPeopleConfig#polyinst...
Regards
Till
1:04 p.m.
On Tue, 2009-05-26 at 19:12 +0200, Till Maas wrote:
On Di Mai 26 2009, Bill Nottingham wrote:
> Kevin Kofler (kevin.kofler(a)chello.at) said:
> > Yet another insecure temporary file vulnerability. Why do we still not
> > polyinstantiate /tmp by default? We're wasting lots of time on security
> > measures which keep breaking apps such as SELinux, but simple things like
> > polyinstantiation are still not used, why? This code would be perfectly
> > safe if polyinstantiation was mandatory. Why are we stuck in the 1970s?
>
> ... send patches? It's techncially feasible, but no one's done the
> legwork to integrate it fully yet.
It is already done on the Fedorapeople server:
https://fedoraproject.org/wiki/Infrastructure/FedoraPeopleConfig#polyinst...
Hey, nice.
That should really be an F12 feature.
8:44 a.m.
On Tue May 26 2009, Matthias Clasen wrote:
On Tue, 2009-05-26 at 19:12 +0200, Till Maas wrote:
> It is already done on the Fedorapeople server:
> https://fedoraproject.org/wiki/Infrastructure/FedoraPeopleConfig#polyinst
>antiated_tempdirs
Hey, nice.
That should really be an F12 feature.
Here is a draft feature page for this:
https://fedoraproject.org/wiki/Features/Polyinstantiated_Temporary_Direct...
Regards
Till
5455
days inactive
5459
days old
5 comments
5 participants
participants (5)
-
Bill Nottingham -
Fedora compose checker -
Kevin Kofler -
Matthias Clasen -
Till Maas