August 2012 - package-announce - Fedora Mailing-Lists

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2012-10776 2012-07-19 08:28:21 -------------------------------------------------------------------------------- Name : csslint Product : Fedora 17 Version : 0.9.8 Release : 1.fc17 URL : https://github.com/stubbornella/csslint Summary : Detecting potential problems in CSS code Description : CSSLint is a tool to help point out problems with your CSS code. It does basic syntax checking as well as applying a set of rules to the code that look for problematic patterns or signs of inefficiency. The rules are all pluggable, so you can easily write your own or omit ones you don't want. -------------------------------------------------------------------------------- Update Information: Upstream 0.9.8 -------------------------------------------------------------------------------- ChangeLog: * Tue Jul 17 2012 Guillaume Kulakowski <guillaume DOT kulakowski AT fedoraproject DOT org> - 0.9.8-1 - Upstream 0.9.8 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update csslint' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

11 years, 9 months

1
0
0 / 0

Fedora 17 Update: perl-HTTP-Lite-2.4-1.fc17

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2012-11022 2012-07-23 19:53:39 -------------------------------------------------------------------------------- Name : perl-HTTP-Lite Product : Fedora 17 Version : 2.4 Release : 1.fc17 URL : http://search.cpan.org/dist/HTTP-Lite/ Summary : Lightweight HTTP implementation Description : HTTP::Lite is a stand-alone lightweight HTTP/1.1 implementation for perl. It is not intended as a replacement for the fully-features LWP module. Instead, it is intended for use in situations where it is desirable to install the minimal number of modules to achieve HTTP support, or where LWP is not a good candidate due to CPU overhead, such as slower processors. HTTP::Lite is also significantly faster than LWP. -------------------------------------------------------------------------------- Update Information: This update to the latest upstream version includes: * Fixed RT #13791, which meant you couldn't request http://foobar.com -- had to have to trailing slash on the URL. * Don't add request header if value passed is undef (RT #4546). * Fixed bug where writing the request can get stuck in a loop. * RT #35360 fixed (fix included in report). -------------------------------------------------------------------------------- ChangeLog: * Sat Jul 21 2012 Iain Arnell <iarnell(a)gmail.com> 2.4-1 - update to latest upstream version * Fri Jul 20 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 2.3-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Tue Jul 10 2012 Petr Pisar <ppisar(a)redhat.com> - 2.3-7 - Perl 5.16 re-rebuild of bootstrapped packages * Fri Jun 8 2012 Petr Pisar <ppisar(a)redhat.com> - 2.3-6 - Perl 5.16 rebuild -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update perl-HTTP-Lite' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

11 years, 9 months

1
0
0 / 0

Fedora 17 Update: deltacloud-core-1.0.0-7.fc17

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2012-11336 2012-08-01 05:52:06 -------------------------------------------------------------------------------- Name : deltacloud-core Product : Fedora 17 Version : 1.0.0 Release : 7.fc17 URL : http://deltacloud.org Summary : Deltacloud REST API Description : The Deltacloud API is built as a service-based REST API. You do not directly link a Deltacloud library into your program to use it. Instead, a client speaks the Deltacloud API over HTTP to a server which implements the REST interface. -------------------------------------------------------------------------------- Update Information: Fixed rubyabi version -------------------------------------------------------------------------------- ChangeLog: * Tue Jul 31 2012 Michal Fojtik <mfojtik(a)redhat.com> - 1.0.0-7 - Fixed rubyabi version * Tue Jul 31 2012 Michal Fojtik <mfojtik(a)redhat.com> - 1.0.0-6 - Added rbovirt gem dependency for RHEV-M * Mon Jul 16 2012 Michal Fojtik <mfojtik(a)redhat.com> - 1.0.0-5 - Backported capability checking patches * Tue Jun 26 2012 Michal Fojtik <mfojtik(a)redhat.com> - 1.0.0-4 - Updated old configuration file * Tue Jun 26 2012 Michal Fojtik <mfojtik(a)redhat.com> - 1.0.0-3 - Added genisoimage require for VSphere driver (needed for user_data injection) * Tue Jun 26 2012 Michal Fojtik <mfojtik(a)redhat.com> - 1.0.0-2 - Fixed xml-simple dependency name * Mon Jun 25 2012 Michal Fojtik <mfojtik(a)redhat.com> - 1.0.0-1 - Update to 1.0.0 release * Wed Feb 8 2012 Michal Fojtik <mfojtik(a)redhat.com> - 0.5.0-1 - Version bump 0.5.0 GA -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update deltacloud-core' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

11 years, 9 months

1
0
0 / 0

Fedora 17 Update: eclipse-wtp-jeetools-3.4.0-1.fc17

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2012-10610 2012-07-14 21:19:20 -------------------------------------------------------------------------------- Name : eclipse-wtp-jeetools Product : Fedora 17 Version : 3.4.0 Release : 1.fc17 URL : http://www.eclipse.org/webtools/jee/ Summary : Frameworks and tools focused on development of J2EE artifacts Description : The Java EE Tools Project provides frameworks and tools focused on the development of J2EE artifacts. -------------------------------------------------------------------------------- Update Information: Update to R3.4.0 Juno stable release -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update eclipse-wtp-jeetools' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

11 years, 9 months

1
0
0 / 0

Fedora 17 Update: v8-3.10.8-1.fc17

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2012-11005 2012-07-23 19:52:46 -------------------------------------------------------------------------------- Name : v8 Product : Fedora 17 Version : 3.10.8 Release : 1.fc17 URL : http://code.google.com/p/v8 Summary : JavaScript Engine Description : V8 is Google's open source JavaScript engine. V8 is written in C++ and is used in Google Chrome, the open source browser from Google. V8 implements ECMAScript as specified in ECMA-262, 3rd edition. -------------------------------------------------------------------------------- Update Information: Update to 3.10.8, needed for chromium 20. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 6 2012 Tom Callaway <spot(a)fedoraproject.org> 1:3.10.8-1 - update to 3.10.8 (chromium 20) * Tue Jun 12 2012 Tom Callaway <spot(a)fedoraproject.org> 1:3.9.24-1 - update to 3.9.24 (chromium 19) * Mon Apr 23 2012 Thomas Spura <tomspur(a)fedoraproject.org> 1:3.7.12.6 - rebuild for icu-49 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update v8' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

11 years, 9 months

1
0
0 / 0

Fedora 17 Update: perlbrew-0.46-1.fc17

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2012-10994 2012-07-23 19:52:16 -------------------------------------------------------------------------------- Name : perlbrew Product : Fedora 17 Version : 0.46 Release : 1.fc17 URL : http://search.cpan.org/dist/App-perlbrew/ Summary : Manage perl installations in your $HOME Description : perlbrew is a program to automate the building and installation of perl in the users HOME. At the moment, it installs everything to ~/perl5/perlbrew, and requires you to tweak your PATH by including a bashrc/cshrc file it provides. You then can benefit from not having to run 'sudo' commands to install cpan modules because those are installed inside your HOME too. It's almost like an isolated perl environments. -------------------------------------------------------------------------------- Update Information: This update includes * fix: The deprecation warning when running `self-upgrde` * fix: system MANPATH detection * improvement: Specifying multiple perl: `exec --with perl-5.14.2,perl-5.16.0` * New command: install-ack . This install the standalone version of ack under $PERLBREW_ROOT/bin * New command: list-modules * `exec` command now also iterates thourgh all the libs * Documented the `--with` argument of exec command. See `perlbrew help exec` -------------------------------------------------------------------------------- ChangeLog: * Sun Jul 22 2012 Iain Arnell <iarnell(a)gmail.com> 0.46-1 - update to latest upstream version * Fri Jul 20 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.44-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Mon Jul 9 2012 Petr Pisar <ppisar(a)redhat.com> - 0.44-2 - Perl 5.16 rebuild * Sun Jul 8 2012 Iain Arnell <iarnell(a)gmail.com> 0.44-1 - update to latest upstream version * Thu Jun 21 2012 Petr Pisar <ppisar(a)redhat.com> - 0.43-2 - Perl 5.16 rebuild * Sat Jun 9 2012 Iain Arnell <iarnell(a)gmail.com> 0.43-1 - update to latest upstream version -------------------------------------------------------------------------------- References: [ 1 ] Bug #840288 - perlbrew-0.46 is available https://bugzilla.redhat.com/show_bug.cgi?id=840288 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update perlbrew' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

11 years, 9 months

1
0
0 / 0

Fedora 17 Update: perl-Test-WWW-Mechanize-Catalyst-0.58-1.fc17

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2012-11010 2012-07-23 19:53:00 -------------------------------------------------------------------------------- Name : perl-Test-WWW-Mechanize-Catalyst Product : Fedora 17 Version : 0.58 Release : 1.fc17 URL : http://search.cpan.org/dist/Test-WWW-Mechanize-Catalyst/ Summary : Test::WWW::Mechanize for Catalyst Description : Catalyst is an elegant MVC Web Application Framework. Test::WWW::Mechanize is a subclass of WWW::Mechanize that incorporates features for web application testing. The Test::WWW::Mechanize::Catalyst module meshes the two to allow easy testing of Catalyst applications without starting up a web server. -------------------------------------------------------------------------------- Update Information: This update * Fixes external server test. * Fixes infinite redirects. RT#76614 * Makes fail to start server more verbose. RT#77174 * Fixes test skip count. RT#77181 -------------------------------------------------------------------------------- ChangeLog: * Sun Jul 22 2012 Iain Arnell <iarnell(a)gmail.com> 0.58-1 - update to latest upstream version * Fri Jul 20 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 0.57-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Tue Jul 10 2012 Petr Pisar <ppisar(a)redhat.com> - 0.57-3 - Perl 5.16 re-rebuild of bootstrapped packages * Mon Jul 2 2012 Petr Pisar <ppisar(a)redhat.com> - 0.57-2 - Perl 5.16 rebuild -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update perl-Test-WWW-Mechanize-Catalyst' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

11 years, 9 months

1
0
0 / 0

Fedora 16 Update: spamassassin-iXhash2-2.05-2.fc16

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2012-10654 2012-07-14 21:21:23 -------------------------------------------------------------------------------- Name : spamassassin-iXhash2 Product : Fedora 16 Version : 2.05 Release : 2.fc16 URL : http://mailfud.org/iXhash2/ Summary : SpamAssassin plugin to lookup e-mail checksums in blacklists Description : iXhash2 is an unofficial improved version of the iXhash spam filter plugin for SpamAssassin, adding async DNS lookups for performance and removing unneeded features but fully compatible with the iXhash 1.5.5 (http://www.ixhash.net/) implementation. It computes MD5 checksums of fragments of the body of an e-mail and compares them to those of known spam using DNS queries to a RBL-like name server. So it works similar to the standard plugins that use the Pyzor, Razor and DCC software packages from within SpamAssassin. -------------------------------------------------------------------------------- Update Information: iXhash2 is an unofficial improved version of the iXhash spam filter plugin for SpamAssassin, adding async DNS lookups for performance and removing unneeded features but fully compatible with the iXhash 1.5.5 (http://www.ixhash.net/) implementation. It computes MD5 checksums of fragments of the body of an e-mail and compares them to those of known spam using DNS queries to a RBL-like name server. So it works similar to the standard plugins that use the Pyzor, Razor and DCC software packages from within SpamAssassin. -------------------------------------------------------------------------------- References: [ 1 ] Bug #838327 - Review Request: spamassassin-iXhash2 - SpamAssassin plugin to lookup e-mail checksums in blacklists https://bugzilla.redhat.com/show_bug.cgi?id=838327 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update spamassassin-iXhash2' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

11 years, 9 months

1
0
0 / 0

Fedora 17 Update: selinux-policy-3.10.0-142.fc17

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2012-11215 2012-07-28 00:40:08 -------------------------------------------------------------------------------- Name : selinux-policy Product : Fedora 17 Version : 3.10.0 Release : 142.fc17 URL : http://oss.tresys.com/repos/refpolicy/ Summary : SELinux policy configuration Description : SELinux Reference Policy - modular. Based off of reference policy: Checked out revision 2.20091117 -------------------------------------------------------------------------------- Update Information: Here is where you give an explanation of your update. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 27 2012 Miroslav Grepl <mgrepl(a)redhat.com> 3.10.0-142 - Regenerate man pages - Dontaudit mysqld_safe sending signull to random domains - Add interface for mysqld to dontaudit signull to all processes - Allow editparams.cgi running as httpd_bugzilla_script_t to read /etc/group - Allow smbd to read cluster config - Add additional labelinf for passenger - Add labeling for /var/motion - Add amavis_use_jit boolean - Allow mongod to connet to postgresql port * Tue Jul 24 2012 Miroslav Grepl <mgrepl(a)redhat.com> 3.10.0-141 - Allow samba_net to read /proc/net - Allow hplip_t to send notification dbus messages to users - Allow mailserver_deliver to read/write own pip - Allow munin-plugin domains to read /etc/passwd - Allow postfix_cleanup to use sockets create for smtpd - Dovecot seems to be searching directories of every mountpoint, lets just dontaudit this - Allow mozilla-plugin to read all kernel sysctls - Allow jockey to read random/urandom - Dontaudit dovecot to search all dirs - Add aditional params to allow cachedfiles to manage its content - gpg agent needs to read /dev/random - Add labelling and allow rules based on avc's from RHEL6 for amavis * Wed Jul 18 2012 Miroslav Grepl <mgrepl(a)redhat.com> 3.10.0-140 - Add support for rhnsd daemon - Allow cgclear to read cgconfig - Allow sys_ptrace capability for snmp - Allow freshclam to read /proc - Fix rhsmcertd pid filetrans - Allow NM to execute wpa_cli - Allow procmail to manage /home/user/Maildir content - Allow amavis to read clamd system state - Allow postdrop to use unix_stream_sockets leaked into it - Allow uucpd_t to uucpd port * Sun Jul 15 2012 Miroslav Grepl <mgrepl(a)redhat.com> 3.10.0-139 - Add support for ecryptfs * ecryptfs does not support xattr - Allow lpstat.cups to read fips_enabled file - Allow pyzor running as spamc_t to create /root/.pyzor directory - Add labeling for amavisd-snmp init script - Add support for amavisd-snmp - Allow fprintd sigkill self - Allow xend (w/o libvirt) to start virtual machines - Allow aiccu to read /etc/passwd - accountsd needs to fchown some files/directories - Add ICACLient and zibrauserdata as mozilla_filetrans_home_content - Allow xend_t to read the /etc/passwd file - Allow freshclam to update databases thru HTTP proxy - Add init_access_check() interface - Allow s-m-config to access check on systemd - Allow abrt to read public files by default - Fix amavis_create_pid_files() interface - Allow tuned sys_nice, sys_admin caps - Allow amavisd to execute fsav - Allow system_dbusd_t to stream connect to bluetooth, and use its socket * Tue Jul 10 2012 Miroslav Grepl <mgrepl(a)redhat.com> 3.10.0-138 - Add labeling for aeolus-configserver-thinwrapper - Allow thin domains to execute shell - Allow OpenMPI job running as condor_startd_ssh_t to manage condor lib files - Allow OpenMPI job to use kerberos - Make deltacloudd_t as nsswitch_domain - Allow xend_t to run lsscsi - Allow qemu-dm running as xend_t to create tun_socket - Allow jockey-backend to read pyconfig-64.h labeled as usr_t - Fix alsa_manage_home_files interface - Fix clamscan_can_scan_system boolean - Allow lpr to connectto to /run/user/$USER/keyring-22uREb/pkcs11 * Tue Jul 3 2012 Miroslav Grepl <mgrepl(a)redhat.com> 3.10.0-137 - Fixes for passenger running within openshift - Add labeling for all tomcat6 dirs - Allow cobblerd to read /etc/passwd - Allow jockey to read sysfs and and execute binaries with bin_t - Allow thum to use user terminals - Allow systemd_logind_t to read/write /dev/input0 * Fri Jun 29 2012 Miroslav Grepl <mgrepl(a)redhat.com> 3.10.0-136 - Fixes to make minimal policy to be installed * Wed Jun 27 2012 Miroslav Grepl <mgrepl(a)redhat.com> 3.10.0-135 - abrt_watch_log should be abrt_domain - add ptrace_child access to process - Allow mozilla_plugin to connect to gatekeeper port - Allow dbomatic to execute ruby - Allow boinc domains to manage boinc_lib_t lnk_files - Add support for boinc-client.service unit file - add support for boinc.log - Allow httpd_smokeping_cgi_script_t to read /etc/passwd * Tue Jun 26 2012 Miroslav Grepl <mgrepl(a)redhat.com> 3.10.0-134 - Allow mozilla_plugin execmod on mozilla home files if allow_execmod - Allow dovecot_deliver_t to read dovecot_var_run_t - Add tomcat policy from F18 - Allow ldconfig and insmod to manage kdumpctl tmp files - Add kdumpctl policy - Move thin policy out from cloudform.pp and add a new thin policy files - pacemaker needs to communicate with corosync streams - abrt is now started on demand by dbus - Allow certmonger to talk directly to Dogtag servers - Change labeling for /var/lib/cobbler/webui_sessions to httpd_cobbler_rw_content_t - Allow mozila_plugin to execute gstreamer home files - Allow useradd to delete all file types stored in the users homedir - rhsmcertd reads the rpm database - Add support for lightdm * Fri Jun 22 2012 Miroslav Grepl <mgrepl(a)redhat.com> 3.10.0-133 - Dontaudit thumb to setattr on xdm_tmp dirs - Allow wicd to execute ldconfig - Add /var/run/cherokee\.pid labeling - Allow snort to create netlink_socket - Allow setpcap for rpcd_t - Firstboot should be just creating tmp_t dirs - Transition xauth files within firstboot_tmp_t - Fix labeling of /run/media to match /media - Allow firstboot to create tmp_t files/directories - Label tuned scripts located in /etc as bin_t - Add port definition for mxi port - Fix labeling for /var/log/lxdm.log.old - Allow ddclient to read /etc/passwd - change dovecot_deliver to manage mail_home_rw_t - Remove razor/pyzor policy - Allow local_login_t to execute tmux - Allow mozilla_plugin_t to execute the dynamic link/loader * Mon Jun 18 2012 Miroslav Grepl <mgrepl(a)redhat.com> 3.10.0-132 - apcupsd needs to read /etc/passwd - Sanlock allso sends sigkill - Allow glance_registry to connect to the mysqld port - Dontaudit mozilla_plugin trying to getattr on /dev/gpmctl - Allow firefox plugins/flash to connect to port 1234 - Allow mozilla plugins to delete user_tmp_t files - Add transition name rule for printers.conf.O - Allow virt_lxc_t to read urand - Allow systemd_loigind to list gstreamer_home_dirs - Fix labeling for /usr/bin - Fixes for cloudform services * support FIPS - Allow polipo to work as web caching - Allow chfn to execute tmux * Fri Jun 15 2012 Miroslav Grepl <mgrepl(a)redhat.com> 3.10.0-131 - Fix labeling of kerbero host cache files, allow rpc.svcgssd to manage - Allow dovecot to manage Maildir content, fix transitions to Maildir - Allow postfix_local to transition to dovecot_deliver - Dontaudit attempts to setattr on xdm_tmp_t, looks like bogus code - Cleanup interface definitions - Allow apmd to change with the logind daemon - Changes required for sanlock in rhel6 - Label /run/user/apache as httpd_tmp_t - Allow thumb to use lib_t as execmod if boolean turned on - Allow squid to create the squid directory in /var with the correct - When staff_t runs libvirt it reads dnsmasq_var_run_t - Mount command now lists user_tmp looking for gvfs - /etc/blkid is moving to /run/blkid - Allow rw_cgroup_files to also read a symlink - Make sure gdm directory in ~/.cache/gdm gets created with the correct label - Add labeling for .cache/gdm in the homedir - Allow mount to mount on user_tmp_t for /run/user/dwalsh/gvfs - xdm now needs to execute xsession_exec_t - Need labels for /var/lib/gdm * Mon Jun 11 2012 Miroslav Grepl <mgrepl(a)redhat.com> 3.10.0-130 - Dontaudit logwatch to gettr on /dev/dm-2 - Allow policykit-auth to manage kerberos files - Allow systemd_logind_t to signal, signull, sigkill all processes - Add filetrans rules for etc_runtime files - Allow systemd_login to send signals to devicekit power - Allow systemd_logind to signal initrc scripts to handle third party packages running as initrc_t - Allow virsh to read /etc/passwd - Allow policykit to manage kerberos rcache files - Allow systemd-logind to send a signal to init_t - /usr/sbin/xl2tpd wants to read /etc/group - Allow ncftool to list of content /etc/modprobe.d - Allow dkim-milter to listen own tcp_socke * Fri Jun 8 2012 Miroslav Grepl <mgrepl(a)redhat.com> 3.10.0-129 - Allow collectd to read virt config - Allow collectd setsched - Add support for /usr/sbin/mdm* - Fix java binaries labels when installed under /usr/lib/jvm/java - Add labeling for /var/run/mdm - Allow apps that can read net_conf_t files read symlinks - Allow all domains that can search or read tmp_t, able to read a tmp_t link - Dontaudit mozilla_plugin looking at xdm_tmp_t - Looks like collectd needs to change it scheduling priority - Allow uux_t to access nsswitch data - New labeling for samba, pid dirs moved to subdirs of samba - Allow nova_api to use nsswitch - Allow mozilla_plugin to execute files labeled as lib_t - Label content under HOME_DIR/zimbrauserdata as mozilla_home date - abrt is fooled into reading mozilla_plugin content, we want to dontaudit - Allow mozilla_plugin to connect to ircd ports since a plugin might be a irc chat window - Allow winbind to create content in smbd_var_run_t directories - Allow setroubleshoot_fixit to read the selinux policy store. No reason to deny it - Support libvirt plugin for collectd * Wed May 30 2012 Miroslav Grepl <mgrepl(a)redhat.com> 3.10.0-128 - Fix description of authlogin_nsswitch_use_ldap - Fix transition rule for rhsmcertd_t needed for RHEL7 - Allow useradd to list nfs state data - Allow openvpn to manage its log file and directory - We want vdsm to transition to mount_t when executing mount command to make sure /etc/mtab remains labeled correctly - Allow thumb to use nvidia devices - Allow local_login to create user_tmp_t files for kerberos - Pulseaudio needs to read systemd_login /var/run content - virt should only transition named system_conf_t config files - Allow munin to execute its plugins - Allow nagios system plugin to read /etc/passwd - Allow plugin to connect to soundd port - Fix httpd_passwd to be able to ask passwords - Radius servers can use ldap for backing store - Seems to need to mount on /var/lib for xguest polyinstatiation to work. - Allow systemd_logind to list the contents of gnome keyring - VirtualGL need xdm to be able to manage content in /etc/opt/VirtualGL - Add policy for isns-utils * Mon May 28 2012 Miroslav Grepl <mgrepl(a)redhat.com> 3.10.0-127 - Add policy for subversion daemon - Allow boinc to read passwd - Allow pads to read kernel network state - Fix man2html interface for sepolgen-ifgen - Remove extra /usr/lib/systemd/system/smb - Remove all /lib/systemd and replace with /usr/lib/systemd - Add policy for man2html - Fix the label of kerberos_home_t to krb5_home_t - Allow mozilla plugins to use Citrix - Allow tuned to read /proc/sys/kernel/nmi_watchdog - Allow tune /sys options via systemd's tmpfiles.d "w" type * Wed May 23 2012 Miroslav Grepl <mgrepl(a)redhat.com> 3.10.0-126 - Dontaudit lpr_t to read/write leaked mozilla tmp files - Add file name transition for .grl-podcasts directory - Allow corosync to read user tmp files - Allow fenced to create snmp lib dirs/files - More fixes for sge policy - Allow mozilla_plugin_t to execute any application - Allow dbus to read/write any open file descriptors to any non security file on the system that it inherits to that it can pass them to another domain - Allow mongod to read system state information - Fix wrong type, we should dontaudit sys_admin for xdm_t not xserver_t - Allow polipo to manage polipo_cache dirs - Add jabbar_client port to mozilla_plugin_t - Cleanup procmail policy - system bus will pass around open file descriptors on files that do not have labels on them - Allow l2tpd_t to read system state - Allow tuned to run ls /dev - Allow sudo domains to read usr_t files - Add label to machine-id - Fix corecmd_read_bin_symlinks cut and paste error * Wed May 16 2012 Miroslav Grepl <mgrepl(a)redhat.com> 3.10.0-125 - Fix pulseaudio port definition - Add labeling for condor_starter - Allow chfn_t to creat user_tmp_files - Allow chfn_t to execute bin_t - Allow prelink_cron_system_t to getpw calls - Allow sudo domains to manage kerberos rcache files - Allow user_mail_domains to work with courie - Port definitions necessary for running jboss apps within openshift - Add support for openstack-nova-metadata-api - Add support for nova-console* - Add support for openstack-nova-xvpvncproxy - Fixes to make privsep+SELinux working if we try to use chage to change passwd - Fix auth_role() interface - Allow numad to read sysfs - Allow matahari-rpcd to execute shell - Add label for ~/.spicec - xdm is executing lspci as root which is requesting a sys_admin priv but seems to succeed without it - Devicekit_disk wants to read the logind sessions file when writing a cd - Add fixes for condor to make condor jobs working correctly - Change label of /var/log/rpmpkgs to cron_log_t - Access requires to allow systemd-tmpfiles --create to work. - Fix obex to be a user application started by the session bus. - Add additional filename trans rules for kerberos - Fix /var/run/heartbeat labeling - Allow apps that are managing rcache to file trans correctly - Allow openvpn to authenticate against ldap server - Containers need to listen to network starting and stopping events * Wed May 9 2012 Miroslav Grepl <mgrepl(a)redhat.com> 3.10.0-124 - Make systemd unit files less specific * Mon May 7 2012 Miroslav Grepl <mgrepl(a)redhat.com> 3.10.0-123 - Fix zarafa labeling - Allow guest_t to fix labeling - corenet_tcp_bind_all_unreserved_ports(ssh_t) should be called with the user_tcp_server boolean - add lxc_contexts - Allow accountsd to read /proc - Allow restorecond to getattr on all file sytems - tmpwatch now calls getpw - Allow apache daemon to transition to pwauth domain - Label content under /var/run/user/NAME/keyring* as gkeyringd_tmp_t - The obex socket seems to be a stream socket - dd label for /var/run/nologin * Mon May 7 2012 Miroslav Grepl <mgrepl(a)redhat.com> 3.10.0-122 - Allow jetty running as httpd_t to read hugetlbfs files - Allow sys_nice and setsched for rhsmcertd - Dontaudit attempts by mozilla_plugin_t to bind to ssdp ports - Allow setfiles to append to xdm_tmp_t - Add labeling for /export as a usr_t directory - Add labels for .grl files created by gstreamer -------------------------------------------------------------------------------- References: [ 1 ] Bug #839103 - Missing dontaudit rule for dovecot searching named_zone_t https://bugzilla.redhat.com/show_bug.cgi?id=839103 [ 2 ] Bug #839428 - SELinux reporting denied pipe read/write for sendmail.postfix https://bugzilla.redhat.com/show_bug.cgi?id=839428 [ 3 ] Bug #841336 - SELinux is preventing /usr/lib64/xulrunner-2/plugin-container from 'getattr' accesses on the file /proc/sys/kernel/modprobe. https://bugzilla.redhat.com/show_bug.cgi?id=841336 [ 4 ] Bug #841337 - SELinux is preventing /usr/lib64/xulrunner-2/plugin-container from 'search' accesses on the directory dev. https://bugzilla.redhat.com/show_bug.cgi?id=841337 [ 5 ] Bug #841680 - SELinux is preventing /usr/bin/systemd-tmpfiles from 'write' accesses on the directory 0E. https://bugzilla.redhat.com/show_bug.cgi?id=841680 [ 6 ] Bug #842240 - SELinux is preventing /usr/bin/python2.7 from 'read' accesses on the file /etc/modprobe.d/blacklist.conf. https://bugzilla.redhat.com/show_bug.cgi?id=842240 [ 7 ] Bug #842241 - SELinux is preventing /usr/bin/bash from 'execute' accesses on the file /usr/bin/bash. https://bugzilla.redhat.com/show_bug.cgi?id=842241 [ 8 ] Bug #842242 - SELinux is preventing /usr/bin/python2.7 from 'read' accesses on the chr_file urandom. https://bugzilla.redhat.com/show_bug.cgi?id=842242 [ 9 ] Bug #842507 - SELinux is preventing /usr/bin/bash from 'read' accesses on the file /etc/passwd. https://bugzilla.redhat.com/show_bug.cgi?id=842507 [ 10 ] Bug #842513 - SELinux is preventing /usr/bin/perl from 'read' accesses on the file /etc/group. https://bugzilla.redhat.com/show_bug.cgi?id=842513 [ 11 ] Bug #843431 - SELinux is preventing /usr/bin/motion from 'write' accesses on the directory /var/motion. https://bugzilla.redhat.com/show_bug.cgi?id=843431 [ 12 ] Bug #843638 - SELinux is prevent PassengerWatchdog from loading https://bugzilla.redhat.com/show_bug.cgi?id=843638 [ 13 ] Bug #838664 - pingus binaries have a wrong context 'ping_exec_t' https://bugzilla.redhat.com/show_bug.cgi?id=838664 [ 14 ] Bug #839175 - Whenver I run it I get SELinux errors https://bugzilla.redhat.com/show_bug.cgi?id=839175 [ 15 ] Bug #839287 - SELinux prevents xend (w/o libvirt) from starting virtual machines https://bugzilla.redhat.com/show_bug.cgi?id=839287 [ 16 ] Bug #841425 - CacheFiles bind failed: errno 13 (Permission denied https://bugzilla.redhat.com/show_bug.cgi?id=841425 [ 17 ] Bug #842065 - SELinux is preventing /usr/libexec/postfix/cleanup from (getattr|getopt) access on the tcp_socket https://bugzilla.redhat.com/show_bug.cgi?id=842065 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update selinux-policy' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

11 years, 9 months

1
0
0 / 0

Fedora 17 Update: drbdlinks-1.22-1.fc17

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2012-10836 2012-07-19 08:32:27 -------------------------------------------------------------------------------- Name : drbdlinks Product : Fedora 17 Version : 1.22 Release : 1.fc17 URL : http://www.tummy.com/Community/software/drbdlinks/ Summary : A program for managing links into a DRBD shared partition Description : The drbdlinks program manages links into a DRBD partition which is shared among several machines. A simple configuration file, "/etc/drbdlinks.conf", specifies the links. This can be used to manage e.g. links for /etc/httpd, /var/lib/pgsql and other system directories that need to appear as if they are local to the system when running applications after the drbd shared partition has been mounted. When running drbdlinks with "start" as the mode, drbdlinks will rename the existing files/directories and then make symbolic links into the DRBD partition, "stop" does the reverse. By default, rename appends ".drbdlinks" to the name, but this can be overridden. An init script is included which runs "stop" before heartbeat starts, and after heartbeat stops. This is done to try to ensure that when the shared partition isn't mounted, the links are in their normal state. -------------------------------------------------------------------------------- Update Information: Upstream changes: - Changing configs-to-clean to be under "/var/lib" rather than "/var/run" (found by Alan Robertson, RHEL 6.x will clean out "/var/run/drbdlinks") - Adding a syslog note to drbdlinksclean when it cleans up copied configs. - The XML meta-data needs to have blank lines removed (reported by Alan Robertson) - Supporting being run as an OCF resource (thanks to Alan Robertson for testing and providing fixes for the OCFS code) - Adding "initialize_shared_storage" mode (suggested by Alan Robertson) - Adding "checklinks" mode (suggested by Alan Robertson) - Enhancing the README -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 19 2012 Robert Scheck <robert(a)fedoraproject.org> 1.22-1 - Upgrade to 1.22 * Wed Jul 18 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 1.20-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update drbdlinks' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

11 years, 9 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

package-announce August 2012