-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-9628 2013-05-30 02:06:32 --------------------------------------------------------------------------------
Name : bzr Product : Fedora 17 Version : 2.5.1 Release : 11.fc17 URL : http://www.bazaar-vcs.org/ Summary : Friendly distributed version control system Description : Bazaar is a distributed revision control system that is powerful, friendly, and scalable. It is the successor of Baz-1.x which, in turn, was a user-friendly reimplementation of GNU Arch. -------------------------------------------------------------------------------- Update Information: * Fixes CVE-2013-2099, maliciously crafted SSL certificate can cause a denial of service. * Builds the C extensions from the Cython source instead of the pregenerated C files. * Build without strict-aliasing on Fedora versions which have a bug in the python distutils module. * Install the localization files * (F17-only) Update from upstream 2.5.0 to 2.5.1 -------------------------------------------------------------------------------- ChangeLog: * Tue May 28 2013 Toshio Kuratomi <[email protected]> - 2.5.1-11 - BuildRequires Cython so that the C extensions are built from their original sources. * Tue May 28 2013 Ondrej Oprala <[email protected] 2.5.1-10 - Conditionally add -fno-strict-aliasing to CFLAGS * Tue May 28 2013 Ondrej Oprala <[email protected] 2.5.1-9 - Add gettext to BuildRequires * Mon May 27 2013 Ondrej Oprala <[email protected]> 2.5.1-8 - Fix conditional include of python-paramiko * Fri May 24 2013 Ondrej Oprala <[email protected]> - 2.5.1-7 - Turn off strict aliasing in CFLAGS * Fri May 24 2013 Ondrej Oprala <[email protected]> - 2.5.1-6 - Add condition not to include python-paramiko in RHEL7 and above * Fri May 24 2013 Ondrej Oprala <[email protected]> - 2.5.1-5 - Fix unpackaged files error * Thu May 23 2013 Toshio Kuratomi <[email protected]> - 2.5.1-4 - Patch for CVE-2013-2099 - Trim changelog * Wed Feb 13 2013 Fedora Release Engineering <[email protected]> - 2.5.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Wed Jul 18 2012 Fedora Release Engineering <[email protected]> - 2.5.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Wed May 30 2012 Henrik Nordstrom <[email protected]> - 2.5.1-1 - Upstream 2.5.1 bugfix release -------------------------------------------------------------------------------- References: [ 1 ] Bug #963260 - CVE-2013-2098 CVE-2013-2099 python: ssl.match_hostname() DoS via certificates with specially crafted hostname wildcard patterns https://bugzilla.redhat.com/show_bug.cgi?id=963260 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update bzr' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
