[SECURITY] Fedora EPEL 5 Update: perl-CGI-Simple-1.113-1.el5
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2011-0149
2011-01-22 18:05:05
--------------------------------------------------------------------------------
Name : perl-CGI-Simple
Product : Fedora EPEL 5
Version : 1.113
Release : 1.el5
URL : http://search.cpan.org/dist/CGI-Simple/
Summary : Simple totally OO CGI interface that is CGI.pm compliant
Description :
Simple totally OO CGI interface that is CGI.pm compliant.
--------------------------------------------------------------------------------
Update Information:
Update to 1.113 and apply additional patch to resolve CVE-2010-4410.
Fix boundary to use randomized value as opposed to hardcoded value.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #658976 - perl-CGI, perl-CGI-Simple: CVE-2010-2761 -- hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, CVE-2010-4410 -- CRLF injection vulnerability in the header function
https://bugzilla.redhat.com/show_bug.cgi?id=658976
[ 2 ] Bug #658970 - perl-CGI-Simple: CRLF injection vulnerability via a crafted URL
https://bugzilla.redhat.com/show_bug.cgi?id=658970
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update perl-CGI-Simple' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 2 months
Fedora EPEL 5 Update: skipfish-1.84-0.1.b.el5
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2011-0144
2011-01-22 18:04:57
--------------------------------------------------------------------------------
Name : skipfish
Product : Fedora EPEL 5
Version : 1.84
Release : 0.1.b.el5
URL : http://code.google.com/p/skipfish/
Summary : Web application security scanner
Description :
High-performance, easy, and sophisticated Web application security testing
tool. It features a single-threaded multiplexing HTTP stack, heuristic
detection of obscure Web frameworks, and advanced, differential security
checks capable of detecting blind injection vulnerabilities, stored XSS,
and so forth.
--------------------------------------------------------------------------------
Update Information:
Update to versin 1.84b
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #576431 - Package Review: skipfish - Web application security scanner
https://bugzilla.redhat.com/show_bug.cgi?id=576431
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update skipfish' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 2 months
Fedora EPEL 5 Update: blender-2.49b-9.el5
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2011-0069
2011-01-15 19:23:50
--------------------------------------------------------------------------------
Name : blender
Product : Fedora EPEL 5
Version : 2.49b
Release : 9.el5
URL : http://www.blender.org
Summary : 3D modeling, animation, rendering and post-production
Description :
Blender is the essential software solution you need for 3D, from modeling,
animation, rendering and post-production to interactive creation and playback.
Professionals and novices can easily and inexpensively publish stand-alone,
secure, multi-platform content to the web, CD-ROMs, and other media.
--------------------------------------------------------------------------------
Update Information:
Fix a dependency issue agains gettext in RHEL 5.6
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #669843 - Blender package broken dependency with RHEL 5.6
https://bugzilla.redhat.com/show_bug.cgi?id=669843
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update blender' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 2 months
Fedora EPEL 6 Update: PyPAM-0.5.0-9.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2011-0096
2011-01-20 06:04:14
--------------------------------------------------------------------------------
Name : PyPAM
Product : Fedora EPEL 6
Version : 0.5.0
Release : 9.el6
URL : http://www.pangalactic.org/PyPAM
Summary : PAM bindings for Python
Description :
PAM (Pluggable Authentication Module) bindings for Python.
--------------------------------------------------------------------------------
Update Information:
fix two bugs in the PAM object deallocation
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #658955 - core dump when using example script
https://bugzilla.redhat.com/show_bug.cgi?id=658955
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update PyPAM' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 2 months
Fedora EPEL 6 Update: python-pep8-0.6.0-2.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2011-0132
2011-01-22 18:04:36
--------------------------------------------------------------------------------
Name : python-pep8
Product : Fedora EPEL 6
Version : 0.6.0
Release : 2.el6
URL : https://github.com/jcrocholl/pep8
Summary : Python style guide checker
Description :
pep8 is a tool to check your Python code against some of the style conventions
in PEP 8. It has a plugin architecture, making new checks easy, and its output
is parseable, making it easy to jump to an error location in your editor.
--------------------------------------------------------------------------------
Update Information:
This update fixes a dependency issue where python-setuptools, a required package to run this program, was not installed.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #633102 - [abrt] python-pep8-0.4.2-2.fc13: pep8:5:<module>:ImportError: No module named pkg_resources
https://bugzilla.redhat.com/show_bug.cgi?id=633102
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update python-pep8' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 2 months
Fedora EPEL 5 Update: xpdf-3.02-17.el5
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2011-0145
2011-01-22 18:04:59
--------------------------------------------------------------------------------
Name : xpdf
Product : Fedora EPEL 5
Version : 3.02
Release : 17.el5
URL : http://www.foolabs.com/xpdf/
Summary : A PDF file viewer for the X Window System
Description :
Xpdf is an X Window System based viewer for Portable Document Format
(PDF) files. Xpdf is a small and efficient program which uses
standard X fonts.
--------------------------------------------------------------------------------
Update Information:
Adds pdftoppm binary and manpage back into xpdf EL-5 package, since it is not otherwise available in EL-5.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #669662 - readd pdftoppm to xpdf, as it is missing in poppler-utils for el5
https://bugzilla.redhat.com/show_bug.cgi?id=669662
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update xpdf' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 2 months
Fedora EPEL 6 Update: skipfish-1.84-0.1.b.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2011-0136
2011-01-22 18:04:43
--------------------------------------------------------------------------------
Name : skipfish
Product : Fedora EPEL 6
Version : 1.84
Release : 0.1.b.el6
URL : http://code.google.com/p/skipfish/
Summary : Web application security scanner
Description :
High-performance, easy, and sophisticated Web application security testing
tool. It features a single-threaded multiplexing HTTP stack, heuristic
detection of obscure Web frameworks, and advanced, differential security
checks capable of detecting blind injection vulnerabilities, stored XSS,
and so forth.
--------------------------------------------------------------------------------
Update Information:
Update to versin 1.84b
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #576431 - Package Review: skipfish - Web application security scanner
https://bugzilla.redhat.com/show_bug.cgi?id=576431
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update skipfish' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 2 months
Fedora EPEL 5 Update: pootle-2.1.5-1.el5
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2011-0089
2011-01-19 07:07:42
--------------------------------------------------------------------------------
Name : pootle
Product : Fedora EPEL 5
Version : 2.1.5
Release : 1.el5
URL : http://translate.sourceforge.net/wiki/pootle/index
Summary : Localization and translation management web application
Description :
Pootle is web application for managing distributed or crowdsourced
translation.
It's features include::
* Translation of Gettext PO and XLIFF files.
* Translation of monolingual files (subtitles, Java properties, etc)
* Submitting to remote version control systems (VCS).
* Managing groups of translators
* Online webbased or offline translation
* Quality checks
--------------------------------------------------------------------------------
Update Information:
**Update to 2.1.5**
- Fix regression causing update from templates to fail for GNU Style
projects with subdirectories.
- Fix regression in handling obsolete units while committing to version
control (reported by Mozilla).
- Clean stale file locks left in cases of external kills which running
expensive commands.
- Fix security bug where project names would leak to users without view
access on the server via news summary on front page or profile edit form.
- Fix a bug that prevented Project level permissions from overriding very
restrictive server wide permissions.
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update pootle' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 2 months
Fedora EPEL 6 Update: freealut-1.1.0-11.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2011-0073
2011-01-15 19:23:58
--------------------------------------------------------------------------------
Name : freealut
Product : Fedora EPEL 6
Version : 1.1.0
Release : 11.el6
URL : http://openal.org/
Summary : Implementation of OpenAL's ALUT standard
Description :
freealut is a free implementation of OpenAL's ALUT standard. See the file
AUTHORS for the people involved.
--------------------------------------------------------------------------------
Update Information:
Add missing freealut package into EPEL-6
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #533599 - freealut bad dependency
https://bugzilla.redhat.com/show_bug.cgi?id=533599
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update freealut' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 2 months
Fedora EPEL 5 Update: python-pep8-0.6.0-2.el5
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2011-0146
2011-01-22 18:05:00
--------------------------------------------------------------------------------
Name : python-pep8
Product : Fedora EPEL 5
Version : 0.6.0
Release : 2.el5
URL : https://github.com/jcrocholl/pep8
Summary : Python style guide checker
Description :
pep8 is a tool to check your Python code against some of the style conventions
in PEP 8. It has a plugin architecture, making new checks easy, and its output
is parseable, making it easy to jump to an error location in your editor.
--------------------------------------------------------------------------------
Update Information:
This update fixes a dependency issue where python-setuptools, a required package to run this program, was not installed.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #633102 - [abrt] python-pep8-0.4.2-2.fc13: pep8:5:<module>:ImportError: No module named pkg_resources
https://bugzilla.redhat.com/show_bug.cgi?id=633102
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update python-pep8' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
13 years, 2 months