[SECURITY] Fedora EPEL 6 Update: perl-YAML-LibYAML-0.38-4.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-0980
2014-03-27 18:47:49
--------------------------------------------------------------------------------
Name : perl-YAML-LibYAML
Product : Fedora EPEL 6
Version : 0.38
Release : 4.el6
URL : http://search.cpan.org/dist/YAML-LibYAML/
Summary : Perl YAML Serialization using XS and libyaml
Description :
Kirill Siminov's "libyaml" is arguably the best YAML implementation. The C
library is written precisely to the YAML 1.1 specification. It was originally
bound to Python and was later bound to Ruby.
--------------------------------------------------------------------------------
Update Information:
This update addresses two security issues.
CVE-2013-6393: The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML document, which triggers a heap-based buffer overflow.
CVE-2014-2525: The library is affected by a heap-based buffer overflow which can lead to arbitrary code execution. The vulnerability is caused by lack of proper expansion for the string passed to the yaml_parser_scan_uri_escapes() function. A specially crafted YAML file, with a long sequence of percent-encoded characters in a URL, can be used to trigger the overflow.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1078083 - CVE-2014-2525 libyaml: heap-based buffer overflow when parsing URLs
https://bugzilla.redhat.com/show_bug.cgi?id=1078083
[ 2 ] Bug #1033990 - CVE-2013-6393 libyaml: heap-based buffer overflow when parsing YAML tags
https://bugzilla.redhat.com/show_bug.cgi?id=1033990
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update perl-YAML-LibYAML' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 1 month
Fedora EPEL 6 Update: fedocal-0.5.1-1.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-0777
2014-03-07 17:59:01
--------------------------------------------------------------------------------
Name : fedocal
Product : Fedora EPEL 6
Version : 0.5.1
Release : 1.el6
URL : http://fedorahosted.org/fedocal/
Summary : A web based calendar application
Description :
fedocal is a web- based calendar application for Fedora. It aims at replacing
the tables in the wiki which are hard to edit and maintain.
Calendar can be exported to an iCal format allowing read-only integration with
most calendar application.
--------------------------------------------------------------------------------
Update Information:
This new release of fedocal improve the month calendar on the left side menu and fix the reminder email
This update brings the new shiny fedocal 0.4.7 which now supports having meetings every 3 or 4 weeks.
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update fedocal' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 1 month
Fedora EPEL 6 Update: open-vm-tools-9.4.0-8.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-0967
2014-03-26 17:07:02
--------------------------------------------------------------------------------
Name : open-vm-tools
Product : Fedora EPEL 6
Version : 9.4.0
Release : 8.el6
URL : http://open-vm-tools.sourceforge.net/
Summary : Open Virtual Machine Tools for virtual machines hosted on VMware
Description :
The open-vm-tools project is an open source implementation of VMware Tools. It
is a suite of open source virtualization utilities and drivers to improve the
functionality, user experience and administration of VMware virtual machines.
This package contains only the core user-space programs and libraries of
open-vm-tools.
--------------------------------------------------------------------------------
Update Information:
Added package dependencies to address BZ#1045709 and BZ#1077320.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1045709 - open-vm-tools should depend on which
https://bugzilla.redhat.com/show_bug.cgi?id=1045709
[ 2 ] Bug #1077320 - open-vm-tools should depend on ifconfig
https://bugzilla.redhat.com/show_bug.cgi?id=1077320
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update open-vm-tools' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 1 month
Fedora EPEL 6 Update: packagedb-cli-1.7.0-1.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-0813
2014-03-10 16:55:43
--------------------------------------------------------------------------------
Name : packagedb-cli
Product : Fedora EPEL 6
Version : 1.7.0
Release : 1.el6
URL : https://fedorahosted.org/packagedb-cli/
Summary : A CLI for pkgdb
Description :
packagedb-cli is a command line interface of the well-known
packagedb of the Fedora project.
It allows you to manage the ACL for your packages as well
as requesting new ACL for new packages.
It also allows you to orphan and/or retire your package(s).
--------------------------------------------------------------------------------
Update Information:
This update brings you the latest version of pkgdb-cli with the brand new ``branches`` command as well as bugfixes in the ``list --branch`` command.
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update packagedb-cli' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 1 month
Fedora EPEL 6 Update: perl-REST-Client-271-1.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-0966
2014-03-26 17:06:56
--------------------------------------------------------------------------------
Name : perl-REST-Client
Product : Fedora EPEL 6
Version : 271
Release : 1.el6
URL : http://search.cpan.org/dist/REST-Client/
Summary : Simple client for interacting with RESTful http/https resources
Description :
REST::Client provides a simple way to interact with HTTP RESTful resources.
--------------------------------------------------------------------------------
Update Information:
Initial release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1079890 - Review Request: perl-REST-Client - A simple client for interacting with RESTful http/https resources
https://bugzilla.redhat.com/show_bug.cgi?id=1079890
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update perl-REST-Client' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 1 month
Fedora EPEL 6 Update: atari++-1.73-1.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-0968
2014-03-26 17:07:04
--------------------------------------------------------------------------------
Name : atari++
Product : Fedora EPEL 6
Version : 1.73
Release : 1.el6
URL : http://www.xl-project.com/
Summary : Unix based emulator of the Atari eight bit computers
Description :
The Atari++ Emulator is a Unix based emulator of the Atari eight bit
computers, namely the Atari 400 and 800, the Atari 400XL, 800XL and 130XE,
and the Atari 5200 game console. The emulator is auto-configurable and
will compile on a variety of systems (Linux, Solaris, Irix).
Atari++ 1.30 and up contain a built-in ROM emulation that tries to mimic
the AtariXL operating system closely.
--------------------------------------------------------------------------------
Update Information:
- updated to 1.73
- please read details at http://www.xl-project.com/news.html
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update atari++' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 1 month
Fedora EPEL 6 Update: kbackup-0.8-1.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-0964
2014-03-26 17:06:50
--------------------------------------------------------------------------------
Name : kbackup
Product : Fedora EPEL 6
Version : 0.8
Release : 1.el6
URL : http://www.kde-apps.org/content/show.php?content=44998
Summary : Back up your data in a simple, user friendly way
Description :
KBackup is a program that lets you back up any directories or files,
whereby it uses an easy to use directory tree to select the things to back up.
The program was designed to be very simple in its use
so that it can be used by non-computer experts.
The storage format is the well known TAR format, whereby the data
is still stored in compressed format (bzip2 or gzip).
--------------------------------------------------------------------------------
Update Information:
Update to 0.8
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update kbackup' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 1 month
Fedora EPEL 5 Update: shogun-data-0.8.1-0.4.git20140303.6615cf0.el5
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-0868
2014-03-15 16:50:04
--------------------------------------------------------------------------------
Name : shogun-data
Product : Fedora EPEL 5
Version : 0.8.1
Release : 0.4.git20140303.6615cf0.el5
URL : http://shogun-toolbox.org
Summary : Data-files for the SHOGUN machine learning toolbox
Description :
This package contains data-files needed for running the testsuite and
examples of the SHOGUN machine learning toolbox.
--------------------------------------------------------------------------------
Update Information:
* updated to new snapshot git20140303.6615cf007634595d459853bf4dc6f1a227d2450c
* added a macro for use in other spec-files
* place rpm-macros into proper location
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1068941 - shogun-data 0.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1068941
[ 2 ] Bug #1074285 - shogun-data installs macros files to /etc/rpm
https://bugzilla.redhat.com/show_bug.cgi?id=1074285
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update shogun-data' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 1 month
Fedora EPEL 5 Update: fdupes-1.51-5.el5
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-0896
2014-03-19 18:14:00
--------------------------------------------------------------------------------
Name : fdupes
Product : Fedora EPEL 5
Version : 1.51
Release : 5.el5
URL : https://code.google.com/p/fdupes/
Summary : Finds duplicate files in a given set of directories
Description :
FDUPES is a program for identifying duplicate files residing within specified
directories.
--------------------------------------------------------------------------------
Update Information:
* Initial build for EPEL-branches
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update fdupes' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 1 month
Fedora EPEL 6 Update: shogun-data-0.8.1-0.4.git20140303.6615cf0.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-0869
2014-03-15 16:50:07
--------------------------------------------------------------------------------
Name : shogun-data
Product : Fedora EPEL 6
Version : 0.8.1
Release : 0.4.git20140303.6615cf0.el6
URL : http://shogun-toolbox.org
Summary : Data-files for the SHOGUN machine learning toolbox
Description :
This package contains data-files needed for running the testsuite and
examples of the SHOGUN machine learning toolbox.
--------------------------------------------------------------------------------
Update Information:
* updated to new snapshot git20140303.6615cf007634595d459853bf4dc6f1a227d2450c
* added a macro for use in other spec-files
* place rpm-macros into proper location
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1068941 - shogun-data 0.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1068941
[ 2 ] Bug #1074285 - shogun-data installs macros files to /etc/rpm
https://bugzilla.redhat.com/show_bug.cgi?id=1074285
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update shogun-data' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
10 years, 1 month