package-announce October 2010

package-announce@lists.fedoraproject.org

1 participants
1499 discussions

Fedora 12 Update: mingetty-1.08-5.fc12
by updates＠fedoraproject.org 30 Oct '10

30 Oct '10

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-16624 2010-10-27 21:11:47 -------------------------------------------------------------------------------- Name : mingetty Product : Fedora 12 Version : 1.08 Release : 5.fc12 URL : http://sourceforge.net/projects/mingetty/ Summary : A compact getty program for virtual consoles only Description : The mingetty program is a lightweight, minimalist getty program for use only on virtual consoles. Mingetty is not suitable for serial lines (you should use the mgetty program in that case). -------------------------------------------------------------------------------- Update Information: In addition, deprecated syslog facility has been updated to modern LOG_AUTHPRIV constant -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 26 2010 Petr Pisar <ppisar(a)redhat.com> - 1.08-5 - Check chroot(), chdir(), and nice() (bug #635412) - Open syslog with AUTPRIV facility - Limit TTY name length to prevent buffer overflow (bug #551754) -------------------------------------------------------------------------------- References: [ 1 ] Bug #551754 - Buffer overflow in open_tty() https://bugzilla.redhat.com/show_bug.cgi?id=551754 [ 2 ] Bug #635412 - unsafe chroot() calls in mingetty https://bugzilla.redhat.com/show_bug.cgi?id=635412 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update mingetty' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 12 Update: clustershell-1.3.3-1.fc12
by updates＠fedoraproject.org 30 Oct '10

30 Oct '10

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-16556 2010-10-21 05:14:12 -------------------------------------------------------------------------------- Name : clustershell Product : Fedora 12 Version : 1.3.3 Release : 1.fc12 URL : http://clustershell.sourceforge.net/ Summary : Python framework for efficient cluster administration Description : Tools and event-based Python library to execute commands on cluster nodes in parallel depending on selected engine and worker mechanisms. The library provides also advanced NodeSet and NodeGroups handling methods to ease and improve administration of large compute clusters or server farms. Three convenient command line utilities, clush, clubak and nodeset, allow traditional shell scripts to benefit some useful features offered by the library. -------------------------------------------------------------------------------- Update Information: Update release to 1.3.3. Minor bug fixed and improved documentation. -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update clustershell' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

[SECURITY] Fedora 12 Update: gnucash-2.2.9-5.fc12
by updates＠fedoraproject.org 30 Oct '10

30 Oct '10

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-16622 2010-10-22 17:32:24 -------------------------------------------------------------------------------- Name : gnucash Product : Fedora 12 Version : 2.2.9 Release : 5.fc12 URL : http://gnucash.org/ Summary : Finance management application Description : GnuCash is a personal finance manager. A check-book like register GUI allows you to enter and track bank accounts, stocks, income and even currency trades. The interface is designed to be simple and easy to use, but is backed with double-entry accounting principles to ensure balanced books. -------------------------------------------------------------------------------- Update Information: This update removes an unneeded file that could cause a security issue if ran from a directory that other users had write access to. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 21 2010 Bill Nottingham <notting(a)redhat.com> - don't ship gnc-test-env (#644933, CVE-2010-3999) * Mon Jan 18 2010 Bill Nottingham <notting(a)redhat.com> - Fix crash on exporting account tree (#544454, #550362, #546597) * Thu Dec 10 2009 Bill Nottingham <notting(a)redhat.com> - Fix accelerators (#533019, #541915) * Wed Aug 12 2009 Ville Skyttä <ville.skytta(a)iki.fi> - 2.2.9-3 - Use lzma compressed upstream tarball. -------------------------------------------------------------------------------- References: [ 1 ] Bug #644933 - CVE-2010-3999 gnucash: insecure library loading vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=644933 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update gnucash' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 12 Update: libucil-0.9.10-1.fc12
by updates＠fedoraproject.org 30 Oct '10

30 Oct '10

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-15772 2010-10-05 09:00:18 -------------------------------------------------------------------------------- Name : libucil Product : Fedora 12 Version : 0.9.10 Release : 1.fc12 URL : http://www.unicap-imaging.org/ Summary : Library to render text and graphic overlays onto video images Description : Unicap provides a uniform interface to video capture devices. It allows applications to use any supported video capture device via a single API. The related ucil library provides easy to use functions to render text and graphic overlays onto video images. -------------------------------------------------------------------------------- Update Information: * src/ucil_theora.c (fill_frames): replaced ucutil_queue with GQueue -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 4 2020 Robert Scheck <robert(a)fedoraproject.org> 0.9.10-1 - Upgrade to 0.9.10 * Wed Sep 29 2010 Jesse Keating <jkeating(a)redhat.com> 0.9.8-6 - Rebuilt for gcc bug 634757 * Wed Sep 15 2010 Kamil Dudka <kdudka(a)redhat.com> 0.9.8-5 - upstream patch for #632439 - check return value of theora_encode_init() (#627890) * Wed Aug 25 2010 Kamil Dudka <kdudka(a)redhat.com> 0.9.8-4 - fix SIGSEGV in ucil_theora_encode_thread (#627161) * Wed Jun 2 2010 Kamil Dudka <kdudka(a)redhat.com> 0.9.8-3 - fix SIGSEGV in ucil_alsa_fill_audio_buffer (#572966) - fix SIGSEGV in ucil_theora_encode_thread (#595863) * Fri Mar 12 2010 Kamil Dudka <kdudka(a)redhat.com> 0.9.8-2 - build the package in %build -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update libucil' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 14 Update: ucview-0.33-1.fc14
by updates＠fedoraproject.org 30 Oct '10

30 Oct '10

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-16427 2010-10-18 20:50:35 -------------------------------------------------------------------------------- Name : ucview Product : Fedora 14 Version : 0.33 Release : 1.fc14 URL : http://www.unicap-imaging.org/ Summary : Image and video capture application using unicap toolkit Description : UCView is a video image capture application using the unicap toolkit. It provides a simple way to parametrise the video device, can capture still images from the video stream or record the stream as mpeg file. By using unicap, it can access many different video capture devices like webcams, video grabber boards, IEEE-1394 (FireWire) cameras and others. -------------------------------------------------------------------------------- Update Information: * Correction of wrong inclusion of ucview.h in ucview-window.h * Changed handling in function device_dialog_ok_clicked_cb() -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 18 2010 Robert Scheck <robert(a)fedoraproject.org> 0.33-1 - Upgrade to 0.33 (#643107) -------------------------------------------------------------------------------- References: [ 1 ] Bug #643107 - update to the latest upstream version - 0.33 https://bugzilla.redhat.com/show_bug.cgi?id=643107 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update ucview' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 13 Update: libucil-0.9.10-1.fc13
by updates＠fedoraproject.org 30 Oct '10

30 Oct '10

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-15752 2010-10-05 08:59:18 -------------------------------------------------------------------------------- Name : libucil Product : Fedora 13 Version : 0.9.10 Release : 1.fc13 URL : http://www.unicap-imaging.org/ Summary : Library to render text and graphic overlays onto video images Description : Unicap provides a uniform interface to video capture devices. It allows applications to use any supported video capture device via a single API. The related ucil library provides easy to use functions to render text and graphic overlays onto video images. -------------------------------------------------------------------------------- Update Information: * src/ucil_theora.c (fill_frames): replaced ucutil_queue with GQueue -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 4 2020 Robert Scheck <robert(a)fedoraproject.org> 0.9.10-1 - Upgrade to 0.9.10 * Wed Sep 29 2010 Jesse Keating <jkeating(a)redhat.com> 0.9.8-6 - Rebuilt for gcc bug 634757 * Wed Sep 15 2010 Kamil Dudka <kdudka(a)redhat.com> 0.9.8-5 - upstream patch for #632439 - check return value of theora_encode_init() (#627890) * Wed Aug 25 2010 Kamil Dudka <kdudka(a)redhat.com> 0.9.8-4 - fix SIGSEGV in ucil_theora_encode_thread (#627161) * Wed Jun 2 2010 Kamil Dudka <kdudka(a)redhat.com> 0.9.8-3 - fix SIGSEGV in ucil_alsa_fill_audio_buffer (#572966) - fix SIGSEGV in ucil_theora_encode_thread (#595863) * Fri Mar 12 2010 Kamil Dudka <kdudka(a)redhat.com> 0.9.8-2 - build the package in %build -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update libucil' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Fedora 13 Update: php-pear-Image-Graph-0.8.0-1.fc13
by updates＠fedoraproject.org 30 Oct '10

30 Oct '10

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-15959 2010-10-08 19:55:55 -------------------------------------------------------------------------------- Name : php-pear-Image-Graph Product : Fedora 13 Version : 0.8.0 Release : 1.fc13 URL : http://pear.php.net/package/Image_Graph Summary : Displays numerical data as a graph/chart/plot Description : Image_Graph provides a set of classes that creates graphs/plots/charts based on (numerical) data. Many different plot types are supported: Bar, line, area, step, impulse, scatter, radar, pie, map, candlestick, band, box & whisker and smoothed line, area and radar plots. The graph is highly customizable, making it possible to get the exact look and feel that is required. The output is controlled by a Image_Canvas, which facilitates easy output to many different output formats, amongst others, GD (PNG, JPEG, GIF, WBMP), PDF (using PDFLib), Scalable Vector Graphics (SVG). -------------------------------------------------------------------------------- Update Information: QA release Most changes from upstream already in previous package (SVN snapshot). Upstream Changelog: * Bug #16529 Doesn't work with PHP 5.3.0 neufeind * Bug #16834 Column width error, small PHP typo (fix incl.) neufeind * Bug #2685 Plots do not honor ID tags for fills. nosey * Bug #2791 wrong x-axis label position when using ttf font nosey * Bug #2831 using Image_Graph_Fill in Image_Graph_Fill_Array * Bug #2832 GD always outputs PNG nosey * Bug #3346 double as data nosey * Bug #3496 Image/Graph/value/marker.php - dir don't exist * Bug #3984 Cannot inherit image_color * Bug #4080 setSpaceFromBorder missing ?? * Bug #4333 Legend division by zero error on PieChart nosey * Bug #4417 Cannot use point ID as marker value nosey * Bug #4430 Call-time pass-by-reference has been deprecated nosey * Bug #4484 SVG output problem with fill and alignment attributes of text nosey * Bug #4522 Image_Graph_Axis::_calcLabelInterval() dont work like it was working before * Bug #4586 Content type image/jpg does not recognized by IE nosey * Bug #4876 mis-type in code -> undefined property nosey * Bug #5066 Reference Notices nosey * Bug #5607 X Axis Labels align to right nosey * Bug #6941 Logarithmic axis values between 0 and 1 nosey * Bug #7364 Incorrect Include in Grid.php nosey * Bug #7367 Windows XP Marker for top Y-value cut nosey * Bug #7375 Windows XP "Only variables should be assigned by reference" notice * Bug #7572 addPoint function in Image_Graph_Dataset_Sequential doesn't use parameter nosey * Bug #7621 Linux Pie Chart Legend does not display nosey * Bug #7729 Wrong axis X label placement * Bug #8055 No Legend with Pie Charts nosey * Bug #11812 "forceMaximum" method uwesteinm RPM Changelog: * Provided tests now use FreeSans font. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 7 2010 Remi Collet <fedora(a)famillecollet.com> - 0.8.0-1 - upstream Version 0.8.0 (alpha) - API 0.8.0 (alpha) but most changes already in previous SVN snapshot - set timezone during build - use FreeSans.ttf in tests provided * Sun Aug 15 2010 Remi Collet <fedora(a)famillecollet.com> - 0.7.3-0.1.svn291756 - update to SVN snapshot to fix PHP 5.3 issues (#547738) - rename Image_Graph.xml to php-pear-Image-Graph.xml -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update php-pear-Image-Graph' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

[SECURITY] Fedora 12 Update: firefox-3.5.15-1.fc12
by updates＠fedoraproject.org 30 Oct '10

30 Oct '10

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-16885 2010-10-28 21:19:56 -------------------------------------------------------------------------------- Name : firefox Product : Fedora 12 Version : 3.5.15 Release : 1.fc12 URL : http://www.mozilla.org/projects/firefox/ Summary : Mozilla Firefox Web browser Description : Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. -------------------------------------------------------------------------------- Update Information: Update to new upstream Firefox version 3.5.15, fixing multiple security issues detailed in the upstream advisories: * http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefo… * http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefo… Update also includes packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 27 2010 Martin Stransky <stransky(a)redhat.com> - 3.5.15-1 - Update to 3.5.15 * Tue Oct 19 2010 Jan Horak <jhorak(a)redhat.com> - 3.5.14-1 - Update to 3.5.14 * Mon Sep 6 2010 Jan Horak <jhorak(a)redhat.com> - 3.5.12-1 - Update to 3.5.12 * Tue Jul 20 2010 Jan Horak <jhorak(a)redhat.com> - 3.5.11-1 - Update to 3.5.11 * Thu Jun 24 2010 Martin Stransky <stransky(a)redhat.com> - 3.5.10-2 - Fixed rhbz#531159 - disable firefox default browser check - Disabled automatic updates * Wed Jun 23 2010 Jan Horak <jhorak(a)redhat.com> - 3.5.10-1 - Update to 3.5.10 * Tue Apr 6 2010 Martin Stransky <stransky(a)redhat.com> - 3.5.9-2 - Fixed install dir * Tue Mar 30 2010 Jan Horak <jhorak(a)redhat.com> - 3.5.9-1 - Update to 3.5.9 * Tue Feb 16 2010 Jan Horak <jhorak(a)redhat.com> - 3.5.8-1 - Update to 3.5.8 * Wed Dec 16 2009 Jan Horak <jhorak(a)redhat.com> - 3.5.6-1 - Update to 3.5.6 * Thu Nov 5 2009 Jan Horak <jhorak(a)redhat.com> - 3.5.5-1 - Update to 3.5.5 -------------------------------------------------------------------------------- References: [ 1 ] Bug #642275 - CVE-2010-3175 Mozilla miscellaneous memory safety hazards https://bugzilla.redhat.com/show_bug.cgi?id=642275 [ 2 ] Bug #642272 - CVE-2010-3176 Mozilla miscellaneous memory safety hazards https://bugzilla.redhat.com/show_bug.cgi?id=642272 [ 3 ] Bug #642277 - CVE-2010-3179 Mozilla buffer overflow and memory corruption using document.write https://bugzilla.redhat.com/show_bug.cgi?id=642277 [ 4 ] Bug #642283 - CVE-2010-3180 Mozilla use-after-free error in nsBarProp https://bugzilla.redhat.com/show_bug.cgi?id=642283 [ 5 ] Bug #642286 - CVE-2010-3183 Mozilla dangling pointer vulnerability in LookupGetterOrSetter https://bugzilla.redhat.com/show_bug.cgi?id=642286 [ 6 ] Bug #642290 - CVE-2010-3177 Mozilla XSS in gopher parser when parsing hrefs https://bugzilla.redhat.com/show_bug.cgi?id=642290 [ 7 ] Bug #642294 - CVE-2010-3178 Mozilla cross-site information disclosure via modal calls https://bugzilla.redhat.com/show_bug.cgi?id=642294 [ 8 ] Bug #642300 - CVE-2010-3182 Mozilla unsafe library loading flaw https://bugzilla.redhat.com/show_bug.cgi?id=642300 [ 9 ] Bug #646997 - CVE-2010-3765 Firefox race condition flaw (MFSA 2010-73) https://bugzilla.redhat.com/show_bug.cgi?id=646997 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update firefox' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

[SECURITY] Fedora 12 Update: galeon-2.0.7-27.fc12
by updates＠fedoraproject.org 30 Oct '10

30 Oct '10

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-16885 2010-10-28 21:19:56 -------------------------------------------------------------------------------- Name : galeon Product : Fedora 12 Version : 2.0.7 Release : 27.fc12 URL : http://galeon.sourceforge.net/ Summary : GNOME2 Web browser based on Mozilla Description : Galeon is a web browser built around Gecko (Mozilla's rendering engine) and Necko (Mozilla's networking engine). It's a GNOME web browser, designed to take advantage of as many GNOME technologies as makes sense. Galeon was written to do just one thing - browse the web. -------------------------------------------------------------------------------- Update Information: Update to new upstream Firefox version 3.5.15, fixing multiple security issues detailed in the upstream advisories: * http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefo… * http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefo… Update also includes packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 28 2010 Jan Horak <jhorak(a)redhat.com> - 2.0.7-27 - Rebuild against newer gecko * Tue Oct 19 2010 Jan Horak <jhorak(a)redhat.com> - 2.0.7-26 - Rebuild against newer gecko * Wed Sep 8 2010 Jan Horak <jhorak(a)redhat.com> - 2.0.7-25 - Rebuild against newer gecko * Tue Jul 20 2010 Jan Horak <jhorak(a)redhat.com> - 2.0.7-24 - Rebuild against newer gecko * Wed Jun 23 2010 Jan Horak <jhorak(a)redhat.com> - 2.0.7-23 - Rebuild against newer gecko * Tue Mar 30 2010 Jan Horak <jhorak(a)redhat.com> - 2.0.7-22 - Rebuild against newer gecko * Mon Mar 29 2010 Yanko Kaneti <yaneti(a)declera.com> - 2.0.7-21 - Avoid crashing (#577604), gnome bug 418439 - http://start.fedoraproject.org/ as default homepage * Thu Feb 18 2010 Jan Horak <jhorak(a)redhat.com> - 2.0.7-20 - Rebuild against newer gecko * Wed Dec 16 2009 Jan Horak <jhorak(a)redhat.com> - 2.0.7-19 - Rebuild against newer gecko * Thu Nov 5 2009 Jan Horak <jhorak(a)redhat.com> - 2.0.7-18 - Rebuild against newer gecko -------------------------------------------------------------------------------- References: [ 1 ] Bug #642275 - CVE-2010-3175 Mozilla miscellaneous memory safety hazards https://bugzilla.redhat.com/show_bug.cgi?id=642275 [ 2 ] Bug #642272 - CVE-2010-3176 Mozilla miscellaneous memory safety hazards https://bugzilla.redhat.com/show_bug.cgi?id=642272 [ 3 ] Bug #642277 - CVE-2010-3179 Mozilla buffer overflow and memory corruption using document.write https://bugzilla.redhat.com/show_bug.cgi?id=642277 [ 4 ] Bug #642283 - CVE-2010-3180 Mozilla use-after-free error in nsBarProp https://bugzilla.redhat.com/show_bug.cgi?id=642283 [ 5 ] Bug #642286 - CVE-2010-3183 Mozilla dangling pointer vulnerability in LookupGetterOrSetter https://bugzilla.redhat.com/show_bug.cgi?id=642286 [ 6 ] Bug #642290 - CVE-2010-3177 Mozilla XSS in gopher parser when parsing hrefs https://bugzilla.redhat.com/show_bug.cgi?id=642290 [ 7 ] Bug #642294 - CVE-2010-3178 Mozilla cross-site information disclosure via modal calls https://bugzilla.redhat.com/show_bug.cgi?id=642294 [ 8 ] Bug #642300 - CVE-2010-3182 Mozilla unsafe library loading flaw https://bugzilla.redhat.com/show_bug.cgi?id=642300 [ 9 ] Bug #646997 - CVE-2010-3765 Firefox race condition flaw (MFSA 2010-73) https://bugzilla.redhat.com/show_bug.cgi?id=646997 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update galeon' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

[SECURITY] Fedora 12 Update: gnome-python2-extras-2.25.3-22.fc12
by updates＠fedoraproject.org 30 Oct '10

30 Oct '10

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-16885 2010-10-28 21:19:56 -------------------------------------------------------------------------------- Name : gnome-python2-extras Product : Fedora 12 Version : 2.25.3 Release : 22.fc12 URL : http://www.pygtk.org/ Summary : Additional PyGNOME Python extension modules Description : The gnome-python-extra package contains the source packages for additional Python bindings for GNOME. It should be used together with gnome-python. -------------------------------------------------------------------------------- Update Information: Update to new upstream Firefox version 3.5.15, fixing multiple security issues detailed in the upstream advisories: * http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefo… * http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefo… Update also includes packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 28 2010 Jan Horak <jhorak(a)redhat.com> - 2.25.3-22 - Rebuild against newer gecko * Tue Oct 19 2010 Jan Horak <jhorak(a)redhat.com> - 2.25.3-21 - Rebuild against newer gecko * Wed Sep 8 2010 Jan Horak <jhorak(a)redhat.com> - 2.25.3-20 - Rebuild against newer gecko * Tue Jul 20 2010 Jan Horak <jhorak(a)redhat.com> - 2.25.3-19 - Rebuild against newer gecko * Wed Jun 23 2010 Jan Horak <jhorak(a)redhat.com> - 2.25.3-18 - Rebuild against newer gecko * Tue Mar 30 2010 Jan Horak <jhorak(a)redhat.com> - 2.25.3-17 - Rebuild against newer gecko * Thu Feb 18 2010 Jan Horak <jhorak(a)redhat.com> - 2.25.3-16 - Rebuild against newer gecko * Thu Jan 7 2010 Matthew Barnes <mbarnes(a)redhat.com> - 2.25.3-15 - Add switches to disable gda and gdl subpackages. * Wed Dec 16 2009 Jan Horak <jhorak(a)redhat.com> - 2.25.3-14 - Rebuild against newer gecko -------------------------------------------------------------------------------- References: [ 1 ] Bug #642275 - CVE-2010-3175 Mozilla miscellaneous memory safety hazards https://bugzilla.redhat.com/show_bug.cgi?id=642275 [ 2 ] Bug #642272 - CVE-2010-3176 Mozilla miscellaneous memory safety hazards https://bugzilla.redhat.com/show_bug.cgi?id=642272 [ 3 ] Bug #642277 - CVE-2010-3179 Mozilla buffer overflow and memory corruption using document.write https://bugzilla.redhat.com/show_bug.cgi?id=642277 [ 4 ] Bug #642283 - CVE-2010-3180 Mozilla use-after-free error in nsBarProp https://bugzilla.redhat.com/show_bug.cgi?id=642283 [ 5 ] Bug #642286 - CVE-2010-3183 Mozilla dangling pointer vulnerability in LookupGetterOrSetter https://bugzilla.redhat.com/show_bug.cgi?id=642286 [ 6 ] Bug #642290 - CVE-2010-3177 Mozilla XSS in gopher parser when parsing hrefs https://bugzilla.redhat.com/show_bug.cgi?id=642290 [ 7 ] Bug #642294 - CVE-2010-3178 Mozilla cross-site information disclosure via modal calls https://bugzilla.redhat.com/show_bug.cgi?id=642294 [ 8 ] Bug #642300 - CVE-2010-3182 Mozilla unsafe library loading flaw https://bugzilla.redhat.com/show_bug.cgi?id=642300 [ 9 ] Bug #646997 - CVE-2010-3765 Firefox race condition flaw (MFSA 2010-73) https://bugzilla.redhat.com/show_bug.cgi?id=646997 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update gnome-python2-extras' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

1 0

Jump to page:

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

package-announce October 2010