-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-13640 2010-08-27 06:12:41 --------------------------------------------------------------------------------
Name : couchdb Product : Fedora 13 Version : 0.11.2 Release : 2.fc13 URL : http://couchdb.apache.org/ Summary : A document database server, accessible via a RESTful JSON API Description : Apache CouchDB is a distributed, fault-tolerant and schema-free document-oriented database accessible via a RESTful HTTP/JSON API. Among other features, it provides robust, incremental replication with bi-directional conflict detection and resolution, and is queryable and indexable using a table-oriented view engine with JavaScript acting as the default view definition language. -------------------------------------------------------------------------------- Update Information: Despite the fact that this is a security-related fix I would like to test these packages for a while because of possible API incompatibilities (version upgrade). -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 26 2010 Peter Lemenkov <[email protected]> 0.11.2-2 - Cleaned up spec-file a bit * Tue Aug 17 2010 Peter Lemenkov <[email protected]> 0.11.2-1 - Ver. 0.11.2 * Wed Jul 14 2010 Peter Lemenkov <[email protected]> 0.11.1-1 - Ver. 0.11.1 - Removed patch for compatibility with Erlang/OTP R14A (merged upstream) * Sun Jul 11 2010 Peter Lemenkov <[email protected]> 0.11.0-3 - Compatibility with Erlang R14A (see patch9) * Tue Jun 22 2010 Peter Lemenkov <[email protected]> 0.11.0-2 - Massive spec cleanup * Fri Jun 18 2010 Peter Lemenkov <[email protected]> 0.11.0-1 - Ver. 0.11.0 (a feature-freeze release candidate) * Fri Jun 18 2010 Peter Lemenkov <[email protected]> 0.10.2-13 - Remove ldconfig invocation (no system-wide shared libraries) - Removed icu-config requires * Tue Jun 15 2010 Peter Lemenkov <[email protected]> 0.10.2-12 - Narrow explicit requires * Tue Jun 8 2010 Peter Lemenkov <[email protected]> 0.10.2-11 - Remove bundled ibrowse library (see rhbz #581282). * Mon Jun 7 2010 Peter Lemenkov <[email protected]> 0.10.2-10 - Use system-wide erlang-mochiweb instead of bundled copy (rhbz #581284) - Added %check target and necessary BuildRequires - etap, oauth, mochiweb * Wed Jun 2 2010 Peter Lemenkov <[email protected]> 0.10.2-9 - Remove pid-file after stopping CouchDB * Tue Jun 1 2010 Peter Lemenkov <[email protected]> 0.10.2-8 - Suppress unneeded message while stopping CouchDB via init-script * Mon May 31 2010 Peter Lemenkov <[email protected]> 0.10.2-7 - Do not manually remove pid-file while stopping CouchDB * Mon May 31 2010 Peter Lemenkov <[email protected]> 0.10.2-6 - Fix 'stop' and 'status' targets in the init-script (see rhbz #591026) * Thu May 27 2010 Peter Lemenkov <[email protected]> 0.10.2-5 - Use system-wide erlang-etap instead of bundled copy (rhbz #581281) * Fri May 14 2010 Peter Lemenkov <[email protected]> 0.10.2-4 - Use system-wide erlang-oauth instead of bundled copy (rhbz #581283) * Thu May 13 2010 Peter Lemenkov <[email protected]> 0.10.2-3 - Fixed init-script to use /etc/sysconfig/couchdb values (see rhbz #583004) - Fixed installation location of beam-files (moved to erlang directory) * Fri May 7 2010 Peter Lemenkov <[email protected]> 0.10.2-2 - Remove useless BuildRequires * Fri May 7 2010 Peter Lemenkov <[email protected]> 0.10.2-1 - Update to 0.10.2 (resolves rhbz #578580 and #572176) - Fixed chkconfig priority (see rhbz #579568) * Fri Apr 2 2010 Caolán McNamara <[email protected]> 0.10.0-3 - rebuild for icu 4.4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #627498 - CVE-2010-2953 couchdb: start-up script sets insecure LD_LIBRARY_PATH https://bugzilla.redhat.com/show_bug.cgi?id=627498 [ 2 ] Bug #624764 - CVE-2010-2234 couchdb: CSRF vulnerability in versions prior to 0.11.2/1.0.1 https://bugzilla.redhat.com/show_bug.cgi?id=624764 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update couchdb' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
