[SECURITY] Fedora EPEL 5 Update: phpMyAdmin4-4.0.10.4-1.el5
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-3206
2014-10-09 18:26:02
--------------------------------------------------------------------------------
Name : phpMyAdmin4
Product : Fedora EPEL 5
Version : 4.0.10.4
Release : 1.el5
URL : http://www.phpmyadmin.net/
Summary : Handle the administration of MySQL over the World Wide Web
Description :
phpMyAdmin is a tool written in PHP intended to handle the administration of
MySQL over the World Wide Web. Most frequently used operations are supported
by the user interface (managing databases, tables, fields, relations, indexes,
users, permissions), while you still have the ability to directly execute any
SQL statement.
Features include an intuitive web interface, support for most MySQL features
(browse and drop databases, tables, views, fields and indexes, create, copy,
drop, rename and alter databases, tables, fields and indexes, maintenance
server, databases and tables, with proposals on server configuration, execute,
edit and bookmark any SQL-statement, even batch-queries, manage MySQL users
and privileges, manage stored procedures and triggers), import data from CSV
and SQL, export data to various formats: CSV, SQL, XML, PDF, OpenDocument Text
and Spreadsheet, Word, Excel, LATEX and others, administering multiple servers,
creating PDF graphics of your database layout, creating complex queries using
Query-by-example (QBE), searching globally in a database or a subset of it,
transforming stored data into any format using a set of predefined functions,
like displaying BLOB-data as image or download-link and much more...
--------------------------------------------------------------------------------
Update Information:
phpMyAdmin 4.0.10.4 (2014-10-01)
================================
* [security] XSS vulnerabilities in table search and table structure pages
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1148664 - CVE-2014-7217 phpmyadmin: cross-site scripting (XSS) flaw fixed in versions 4.0.10.4, 4.1.14.5, and 4.2.9.1 (PMASA-2014-11)
https://bugzilla.redhat.com/show_bug.cgi?id=1148664
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update phpMyAdmin4' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
9 years, 7 months
[SECURITY] Fedora EPEL 6 Update: catdoc-0.94.2-10.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-3297
2014-10-13 20:52:34
--------------------------------------------------------------------------------
Name : catdoc
Product : Fedora EPEL 6
Version : 0.94.2
Release : 10.el6
URL : http://www.wagner.pp.ru/~vitus/software/catdoc/
Summary : A program which converts Microsoft office files to plain text
Description :
catdoc is program which reads one or more Microsoft word files
and outputs text, contained insinde them to standard output.
Therefore it does same work for.doc files, as unix cat
command for plain ASCII files.
It is now accompanied by xls2csv - program which converts
Excel spreadsheet into comma-separated value file,
and catppt - utility to extract textual information
from Powerpoint files
--------------------------------------------------------------------------------
Update Information:
Fix buffer overflow vulnerability
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #872390 - catdoc: buffer overflow flaw
https://bugzilla.redhat.com/show_bug.cgi?id=872390
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update catdoc' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
9 years, 7 months
Fedora EPEL 7 Update: trickle-1.07-19.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-3145
2014-10-07 23:41:12
--------------------------------------------------------------------------------
Name : trickle
Product : Fedora EPEL 7
Version : 1.07
Release : 19.el7
URL : http://monkey.org/~marius/pages/?page=trickle
Summary : Portable lightweight userspace bandwidth shaper
Description :
trickle is a portable lightweight userspace bandwidth shaper.
It can run in collaborative mode or in stand alone mode.
trickle works by taking advantage of the unix loader preloading.
Essentially it provides, to the application,
a new version of the functionality that is required
to send and receive data through sockets.
It then limits traffic based on delaying the sending
and receiving of data over a socket.
trickle runs entirely in userspace and does not require root privileges.
--------------------------------------------------------------------------------
Update Information:
Update to sync with master by mail request from Moez Roy
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update trickle' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
9 years, 7 months
Fedora EPEL 7 Update: ghc-pattern-arrows-0.0.2-1.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-3275
2014-10-10 23:14:12
--------------------------------------------------------------------------------
Name : ghc-pattern-arrows
Product : Fedora EPEL 7
Version : 0.0.2
Release : 1.el7
URL : https://hackage.haskell.org/package/pattern-arrows
Summary : Arrows for pretty printing
Description :
A library for generating concise pretty printers based on precedence rules.
--------------------------------------------------------------------------------
Update Information:
Arrows for pretty printing
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1149556 - Review Request: ghc-pattern-arrows - Arrows for Pretty Printing
https://bugzilla.redhat.com/show_bug.cgi?id=1149556
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update ghc-pattern-arrows' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
9 years, 7 months
Fedora EPEL 5 Update: perl-enum-1.10-1.el5
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-3323
2014-10-13 20:53:38
--------------------------------------------------------------------------------
Name : perl-enum
Product : Fedora EPEL 5
Version : 1.10
Release : 1.el5
URL : http://search.cpan.org/dist/enum/
Summary : C-style enumerated types and bitmask flags in Perl
Description :
This module is used to define a set of constants with ordered numeric
values, similar to the enum type in the C programming language.
You can also define bitmask constants, where the value assigned to
each constant has exactly one bit set (e.g. 1, 2, 4, 8, etc).
--------------------------------------------------------------------------------
Update Information:
perl-enum: initial release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1141486 - Review Request: perl-enum - C-style enumerated types and bitmask flags in Perl
https://bugzilla.redhat.com/show_bug.cgi?id=1141486
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update perl-enum' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
9 years, 7 months
[SECURITY] Fedora EPEL 7 Update: python-oauth2-1.5.211-8.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-3236
2014-10-09 18:27:16
--------------------------------------------------------------------------------
Name : python-oauth2
Product : Fedora EPEL 7
Version : 1.5.211
Release : 8.el7
URL : http://pypi.python.org/pypi/oauth2/
Summary : Python support for improved oauth
Description :
Oauth2 was originally forked from Leah Culver and Andy Smith's oauth.py
code. Some of the tests come from a fork by Vic Fryzel, while a revamped
Request class and more tests were merged in from Mark Paschal's fork. A
number of notable differences exist between this code and its forefathers:
- 100% unit test coverage.
- The DataStore object has been completely ripped out. While creating unit
tests for the library I found several substantial bugs with the
implementation and confirmed with Andy Smith that it was never fully
baked.
- Classes are no longer prefixed with OAuth.
- The Request class now extends from dict.
- The library is likely no longer compatible with Python 2.3.
- The Client class works and extends from httplib2. It's a thin wrapper
that handles automatically signing any normal HTTP request you might
wish to make.
--------------------------------------------------------------------------------
Update Information:
Actually apply patch to fix CVE-2013-4347 (thanks to Jason Green, Matt Wilson).
Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski.
Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1007746 - CVE-2013-4346 python-oauth2: _check_signature() ignores the nonce value when validating signed urls
https://bugzilla.redhat.com/show_bug.cgi?id=1007746
[ 2 ] Bug #1007758 - CVE-2013-4347 python-oauth2: Uses poor PRNG in nonce
https://bugzilla.redhat.com/show_bug.cgi?id=1007758
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update python-oauth2' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
9 years, 7 months
Fedora EPEL 7 Update: php-ocramius-instantiator-1.1.4-1.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-3161
2014-10-07 23:41:54
--------------------------------------------------------------------------------
Name : php-ocramius-instantiator
Product : Fedora EPEL 7
Version : 1.1.4
Release : 1.el7
URL : https://github.com/Ocramius/Instantiator
Summary : Instantiate objects in PHP without invoking their constructors
Description :
This library provides a way of avoiding usage of constructors when
instantiating PHP classes.
--------------------------------------------------------------------------------
Update Information:
Changelog
* 16: Hotfix/backport doctrine/instantiator#7 fix
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update php-ocramius-instantiator' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
9 years, 7 months
Fedora EPEL 5 Update: perl-Devel-Timer-0.05-2.el5
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-3303
2014-10-13 20:52:49
--------------------------------------------------------------------------------
Name : perl-Devel-Timer
Product : Fedora EPEL 5
Version : 0.05
Release : 2.el5
URL : http://search.cpan.org/dist/Devel-Timer/
Summary : Track and report execution time for parts of code
Description :
Devel::Timer allows developers to accurately time how long a specific
piece of code takes to execute. This can be helpful in locating the
slowest parts of an existing application.
--------------------------------------------------------------------------------
Update Information:
perl-Devel-Timer: initial submission
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1139041 - Review Request: perl-Devel-Timer - Track and report execution time for parts of code
https://bugzilla.redhat.com/show_bug.cgi?id=1139041
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update perl-Devel-Timer' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
9 years, 7 months
Fedora EPEL 7 Update: perl-enum-1.10-1.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-3338
2014-10-13 20:54:19
--------------------------------------------------------------------------------
Name : perl-enum
Product : Fedora EPEL 7
Version : 1.10
Release : 1.el7
URL : http://search.cpan.org/dist/enum/
Summary : C-style enumerated types and bitmask flags in Perl
Description :
This module is used to define a set of constants with ordered numeric
values, similar to the enum type in the C programming language.
You can also define bitmask constants, where the value assigned to
each constant has exactly one bit set (e.g. 1, 2, 4, 8, etc).
--------------------------------------------------------------------------------
Update Information:
perl-enum: initial release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1141486 - Review Request: perl-enum - C-style enumerated types and bitmask flags in Perl
https://bugzilla.redhat.com/show_bug.cgi?id=1141486
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update perl-enum' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
9 years, 7 months
Fedora EPEL 7 Update: fedmsg-0.11.0-1.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-3244
2014-10-09 18:27:33
--------------------------------------------------------------------------------
Name : fedmsg
Product : Fedora EPEL 7
Version : 0.11.0
Release : 1.el7
URL : http://github.com/ralphbean/fedmsg
Summary : Tools for Fedora Infrastructure real-time messaging
Description :
Python API used around Fedora Infrastructure to send and receive messages with
zeromq. Includes some CLI tools.
--------------------------------------------------------------------------------
Update Information:
New fedmsg.meta.msg2long_form API. Other IRC-related bugfixes and enhancements.
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update fedmsg' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
9 years, 7 months