Fedora 9 Update: pyke-0.5-1.fc9
Fedora Update Notification FEDORA-2008-9640 2008-11-14 11:07:45 Name: pyke Product : Fedora 9 Version : 0.5 Release : 1.fc9 URL : http://pyke.sourceforge.net/ Summary : Knowledge-based inference engine Description : Pyke is a knowledge-based inference engine (expert system) written in 100% python that can: * Do both forward-chaining (data driven) and backward-chaining (goal directed) inferencing. * Automatically generate python programs by assembling individual python functions into complete call graphs. Update Information: Update to 0.5, API changes in an incompatible way, but nothing depends on pyke in Fedora. See: http://sourceforge.net/project/shownotes.php?group_id=207724release_id=639302 ChangeLog: This update can be installed with the yum update program. Use su -c 'yum update pyke' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 9 Update: flashrom-0-0.14.20081103svn3723.fc9
Fedora Update Notification FEDORA-2008-9353 2008-11-14 11:07:52 Name: flashrom Product : Fedora 9 Version : 0 Release : 0.14.20081103svn3723.fc9 URL : http://linuxbios.org/Flashrom Summary : Simple program for reading/writing BIOS chips content Description : Utility which can be used to detect BIOS chips (DIP, PLCC), read their contents and write new contents on the chips (flash the chip). Update Information: %changelog * Mon Nov 3 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.14.20081103svn3723 - Dump ICH8/ICH9/ICH10 SPI registers - Add additional SPI sector erase and chip erase command - Add support for the ST M50FW002 chip - Support for some Numonyx parts (M25PE) - SPI boot flash support on EP80579 - Support for the Intel 82371MX (MPIIX) southbridge - Support for the Intel 82371FB PIIX and 82371SB (PIIX3) southbridges - Support for the VIA VT82C586A/B chipset - ICH10 support to flashrom - Support for AM29F002(N)B[BT] ChangeLog: * Mon Nov 3 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.14.20081103svn3723 - Dump ICH8/ICH9/ICH10 SPI registers - Add additional SPI sector erase and chip erase command - Add support for the ST M50FW002 chip - Support for some Numonyx parts (M25PE) - SPI boot flash support on EP80579 - Support for the Intel 82371MX (MPIIX) southbridge - Support for the Intel 82371FB PIIX and 82371SB (PIIX3) southbridges - Support for the VIA VT82C586A/B chipset - ICH10 support to flashrom - Support for AM29F002(N)B[BT] * Mon Oct 6 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.13.20080928svn3602 - More ExcludeArch * Sun Sep 28 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.12.20080928svn3602 - Proper support for EN29F002(A)(N)[BT] - Recognize the Intel EP80579 LPC flash interface - Add support for MSI KT4V - Support for Winbond W39V040C and MSI K8T Neo2-F * Sun Jul 6 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.11.20080607svn3418 - AMIC A29002 - flashing system with Nvidia MCP67 - PCI IDs for EPIA-CN - VIA SPI controller on VT8237S - ICH7 SPI support - support for AMIC Technology A49LF040A - Board enable and autodetection for GIGABYTE GA-7VT600 - Add support for Amic Technology A29040B flash chip - Board enable and autodetection for BioStar P4M80-M4 - Add support for the ASUS P4B266 board - Add support for Amic A25L40P SPI flash * Fri Jun 6 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.10.20080517svn3332 - Exclude sparc64 * Sat May 17 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.9.20080517svn3332 - Fixed %patch0 * Sat May 17 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.8.20080517svn3332 - Support Pm49FL004/2 Block Locking Registers - Add support for the Atmel AT25DF321 SPI flash - Lots of new SST flash chip IDs - Add lots of ATMEL SPI flash chips - Add SST39VF512, SST39VF010, SST39VF040 support - Add ICH9 detection to flashrom - Support for the Winbond W39V080FA series of chips - Support for flashing on the Kontron 986LCD-M board - Add board_enable for Artec Group DBE61 and DBE62 This update can be installed with the yum update program. Use su -c 'yum update flashrom' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 9 Update: qtoctave-0.8.1-0.20080823.svn165.fc9
Fedora Update Notification FEDORA-2008-7407 2008-11-14 11:08:03 Name: qtoctave Product : Fedora 9 Version : 0.8.1 Release : 0.20080823.svn165.fc9 URL : http://qtoctave.wordpress.com/ Summary : Frontend for Octave Description : QtOctave is a frontend for Octave based on Qt4. Update Information: qtoctave is a fronted for octave written using qt4 widgets. It includes a m-editor, a pane for showing variables, a file navigator pane, a command-history pane, lots of helpers to easily create graphics, solve equations, analyze functions. ChangeLog: References: [ 1 ] Bug #438750 - Review Request: qtoctave - fronted for octave written using qt4 widgets https://bugzilla.redhat.com/show_bug.cgi?id=438750 This update can be installed with the yum update program. Use su -c 'yum update qtoctave' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 8 Update: gerbv-2.1.0-2.fc8
Fedora Update Notification FEDORA-2008-9643 2008-11-14 11:08:13 Name: gerbv Product : Fedora 8 Version : 2.1.0 Release : 2.fc8 URL : http://gerbv.sourceforge.net/ Summary : Gerber file viewer from the gEDA toolkit Description : Gerber Viewer (gerbv) is a viewer for Gerber files. Gerber files are generated from PCB CAD system and sent to PCB manufacturers as basis for the manufacturing process. The standard supported by gerbv is RS-274X. gerbv also supports drill files. The format supported are known under names as NC-drill or Excellon. The format is a bit undefined and different EDA-vendors implement it different. gerbv is listed among Fedora Electronic Lab (FEL) packages. Update Information: new stable release ChangeLog: * Thu Nov 13 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 2.1.0-2 - BR ImageMagick-devel added * Thu Nov 13 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 2.1.0-1 - New upstream release and split into -devel package * Fri Feb 1 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 2.0.0-1 - New upstream release * Tue Dec 4 2007 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 1.0.3-1 - new upstream release This update can be installed with the yum update program. Use su -c 'yum update gerbv' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
[SECURITY] Fedora 9 Update: clamav-0.93.3-2.fc9
Fedora Update Notification FEDORA-2008-9644 2008-11-14 11:08:19 Name: clamav Product : Fedora 9 Version : 0.93.3 Release : 2.fc9 URL : http://www.clamav.net Summary : End-user tools for the Clam Antivirus scanner Description : Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use with your own software. The virus database is based on the virus database from OpenAntiVirus, but contains additional signatures (including signatures for popular polymorphic viruses, too) and is KEPT UP TO DATE. Update Information: Security fixes from upstream 0.94 and 0.94.1:CVE-2008-1389 (#461461): Invalid memory access in the CHM unpacker CVE-2008-3912 (#461461): Multiple out-of-memory NULL pointer dereferences CVE-2008-3913 (#461461): Fix memory leak in the error code path in freshclam CVE-2008-3914 (#461461): Multiple file descriptor leaks on the error code path CVE-2008-5050 (#470783): get_unicode_name() off-by-one buffer overflow ChangeLog: * Thu Nov 13 2008 Tomas Hoger [EMAIL PROTECTED] - 0.93.3-2 - Security update - backport security fixes from 0.94: CVE-2008-1389 (#461461): Invalid memory access in the CHM unpacker CVE-2008-3912 (#461461): Multiple out-of-memory NULL pointer dereferences CVE-2008-3913 (#461461): Fix memory leak in the error code path in freshclam CVE-2008-3914 (#461461): Multiple file descriptor leaks on the error code path - Security update - backport security fixes from 0.94.1: CVE-2008-5050 (#470783): get_unicode_name() off-by-one buffer overflow * Sun Jul 13 2008 Enrico Scholz [EMAIL PROTECTED] - 0.93.3-1 - updated to 0.93.3; improved fix for CVE-2008-2713 (out-of-bounds read on petite files) - CVE-2008-3215 - put pid instead of pgrp into pidfile of clamav-milter (bz #452359) * Tue Jun 17 2008 Enrico Scholz [EMAIL PROTECTED] - 0.93.1-1 - updated to 0.93.1 - rediffed -path patch - CVE-2008-2713 Invalid Memory Access Denial Of Service Vulnerability * Mon Apr 14 2008 Enrico Scholz [EMAIL PROTECTED] - 0.93-1 - updated to final 0.93 - removed daily.inc + main.inc directories; they are now replaced by *.cld containers - trimmed down MAILTO list of cronjob to 'root' again; every well configured system has an alias for this recipient References: [ 1 ] Bug #461461 - clamav: multiple security fixes in 0.94 (CVE-2008-1389, CVE-2008-3912, CVE-2008-3913, CVE-2008-3914) https://bugzilla.redhat.com/show_bug.cgi?id=461461 [ 2 ] Bug #470783 - CVE-2008-5050 clamav: get_unicode_name() off-by-one buffer overflow ( 0.94.1) https://bugzilla.redhat.com/show_bug.cgi?id=470783 This update can be installed with the yum update program. Use su -c 'yum update clamav' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 8 Update: flashrom-0-0.14.20081103svn3723.fc8
Fedora Update Notification FEDORA-2008-9399 2008-11-14 11:08:26 Name: flashrom Product : Fedora 8 Version : 0 Release : 0.14.20081103svn3723.fc8 URL : http://linuxbios.org/Flashrom Summary : Simple program for reading/writing BIOS chips content Description : Utility which can be used to detect BIOS chips (DIP, PLCC), read their contents and write new contents on the chips (flash the chip). Update Information: %changelog * Mon Nov 3 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.14.20081103svn3723 - Dump ICH8/ICH9/ICH10 SPI registers - Add additional SPI sector erase and chip erase command - Add support for the ST M50FW002 chip - Support for some Numonyx parts (M25PE) - SPI boot flash support on EP80579 - Support for the Intel 82371MX (MPIIX) southbridge - Support for the Intel 82371FB PIIX and 82371SB (PIIX3) southbridges - Support for the VIA VT82C586A/B chipset - ICH10 support to flashrom - Support for AM29F002(N)B[BT] ChangeLog: * Mon Nov 3 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.14.20081103svn3723 - Dump ICH8/ICH9/ICH10 SPI registers - Add additional SPI sector erase and chip erase command - Add support for the ST M50FW002 chip - Support for some Numonyx parts (M25PE) - SPI boot flash support on EP80579 - Support for the Intel 82371MX (MPIIX) southbridge - Support for the Intel 82371FB PIIX and 82371SB (PIIX3) southbridges - Support for the VIA VT82C586A/B chipset - ICH10 support to flashrom - Support for AM29F002(N)B[BT] * Mon Oct 6 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.13.20080928svn3602 - More ExcludeArch * Sun Sep 28 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.12.20080928svn3602 - Proper support for EN29F002(A)(N)[BT] - Recognize the Intel EP80579 LPC flash interface - Add support for MSI KT4V - Support for Winbond W39V040C and MSI K8T Neo2-F * Sun Jul 6 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.11.20080607svn3418 - AMIC A29002 - flashing system with Nvidia MCP67 - PCI IDs for EPIA-CN - VIA SPI controller on VT8237S - ICH7 SPI support - support for AMIC Technology A49LF040A - Board enable and autodetection for GIGABYTE GA-7VT600 - Add support for Amic Technology A29040B flash chip - Board enable and autodetection for BioStar P4M80-M4 - Add support for the ASUS P4B266 board - Add support for Amic A25L40P SPI flash * Fri Jun 6 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.10.20080517svn3332 - Exclude sparc64 * Sat May 17 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.9.20080517svn3332 - Fixed %patch0 * Sat May 17 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.8.20080517svn3332 - Support Pm49FL004/2 Block Locking Registers - Add support for the Atmel AT25DF321 SPI flash - Lots of new SST flash chip IDs - Add lots of ATMEL SPI flash chips - Add SST39VF512, SST39VF010, SST39VF040 support - Add ICH9 detection to flashrom - Support for the Winbond W39V080FA series of chips - Support for flashing on the Kontron 986LCD-M board - Add board_enable for Artec Group DBE61 and DBE62 * Sat Feb 9 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.7.20080209svn3099 - Add board enable for VIA EPIA SP - support for devices using AMD Geode companion chip CS5536 that have the Boot ROM on NOR flash that is directly connected to FLASH_CS3 (Boot Flash Chip Select) - Add support for the PMC Pm25LV family of SPI flash chips - Add ids and chip entry for Spansion S25FL016A - Support for MX25L3205D chip - Enable MX25L8005 support * Wed Jan 9 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.6.20080109svn3036 - support for SST25VF040B flash chip - enable ga_2761gxdk board - support for EN29F002(A)(N)B chips - support for EON EN29F002AT flash chip - support for 25VF016B flash chip - support for ST M25P05-A, M25P10-A, M25P20, M25P40, M25P16, M25P32, M25P64 and M25P128 flash chips - support for ST M25P80 flash chip - support for AT49F002, AT49F002N, AT49F002T and AT49F002NT flash chips - enable Acorp 6A815EPD board * Sun Nov 18 2007 Peter Lemenkov [EMAIL PROTECTED] 0-0.5.20071118svn2967 - svn ver. 2967 (support for Intel 440MX systems, Fujitsu MBM29F400TC, AMD Geode CS5536) * Sun Oct 28 2007 Peter Lemenkov [EMAIL PROTECTED] 0-0.4.20071028svn2897 - typo fix * Sun Oct 28 2007 Peter Lemenkov [EMAIL PROTECTED] 0-0.3.20071028svn2897 - svn ver. 2897 (support for Gigabyte M61P-S3 SPI m/b, Am29LV040B chip) - flashrom executable now sits in sbindir since it's administrator's tool This update can be installed with the yum update program. Use su -c 'yum update flashrom' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages
Fedora 9 Update: xorg-x11-server-1.5.2-3.fc9
Fedora Update Notification FEDORA-2008-9380 2008-11-14 11:08:26 Name: xorg-x11-server Product : Fedora 9 Version : 1.5.2 Release : 3.fc9 URL : http://www.x.org Summary : X.Org X11 X server Description : X.Org X11 X server Update Information: Set AllowEmptyInput to off by default to force driver kbd to load if the server is started without a configuration file. xkb: fix core keyboard map generation.According to Section 12.4 of the XKB Protocol Spec, if a key only has a single group but the keyboard has multiple groups defined, the core description of the key is a duplication of the single group across all symbols. i.e. G1L1 G1L2 G1L1 G1L2 G1L3 G1L4 G1L3 G1L4 The previous code generated G1L1 G1L2 G1L3 G1L4 G1L3 G1L4, leading to invented groups when the process is reversed. ChangeLog: * Mon Nov 3 2008 Peter Hutterer [EMAIL PROTECTED] 1.5.2-3 - xserver-1.5.0-no-evdev-keyboards-kthnx.patch: disable AllowEmptyInput by default again (got inadvertently removed). (#462606) * Mon Oct 27 2008 Peter Hutterer [EMAIL PROTECTED] 1.5.2-2 - xserver-1.5.0-more-sanity-checks.patch: more sanity checks to stop vmmouse from segfaulting the server. #434807 * Mon Oct 13 2008 Adam Jackson [EMAIL PROTECTED] 1.5.2-1 - xserver 1.5.2 - xserver-1.5.1-global-backtrace.patch: Make backtracing globally available. - xserver-1.5.2-mieq-backtrace.patch: bt when the input queue overflows. * Fri Sep 12 2008 Adam Jackson [EMAIL PROTECTED] 1.5.0-1 - xserver 1.5.0 * Wed Jul 23 2008 Adam Jackson [EMAIL PROTECTED] 1.4.99.906-1 - 1.5RC6. * Wed Jul 2 2008 Adam Jackson [EMAIL PROTECTED] 1.4.99.905-2.20080702 - Today's snapshot. * Mon Jun 30 2008 Adam Jackson [EMAIL PROTECTED] 1.4.99.905-1.20080701 - 1.5RC5. * Thu Jun 12 2008 Dave Airlie [EMAIL PROTECTED] 1.4.99.902-3.20080612 - xserver-1.5.0-fix-single-aspect.patch - fix 2560x1600 on my monitor. * Thu Jun 12 2008 Dave Airlie [EMAIL PROTECTED] 1.4.99.902-2.20080612 - cve-2008-1377: Record and Security Extension Input validation - cve-2008-1379: MIT-SHM extension Input Validation flaw - cve-2008-2360: Render AllocateGlyph extension Integer overflows - cve-2008-2361: Render CreateCursor extension Integer overflows - cve-2008-2362: Render Gradient extension Integer overflows - Rebase to 1.5 head for security patches for above * Mon Jun 9 2008 Adam Jackson [EMAIL PROTECTED] 1.4.99.902-1.20080609 - Today's git snapshot. References: [ 1 ] Bug #462606 - No keyboard in xorg-x11-server-Xorg-1.5.0-1.fc9.x86_64 https://bugzilla.redhat.com/show_bug.cgi?id=462606 [ 2 ] Bug #434807 - vmmouse cursor position doesn't match screen coordinates https://bugzilla.redhat.com/show_bug.cgi?id=434807 [ 3 ] Bug #458747 - Wrong display size detectedon Samsung 2493HM LCD https://bugzilla.redhat.com/show_bug.cgi?id=458747 [ 4 ] Bug #460545 - None https://bugzilla.redhat.com/show_bug.cgi?id=460545 This update can be installed with the yum update program. Use su -c 'yum update xorg-x11-server' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 9 Update: kde-plasma-quickaccess-0.7.1-2.fc9
Fedora Update Notification FEDORA-2008-9500 2008-11-14 11:08:26 Name: kde-plasma-quickaccess Product : Fedora 9 Version : 0.7.1 Release : 2.fc9 URL : http://www.kde-look.org/content/show.php/QuickAccess?content=84128 Summary : Plasma applet for quick access to the most used folders Description : QuickAccess is a small applet designed for the panel to have quick access to the most used folders. Update Information: Set default size of applet. This update can be installed with the yum update program. Use su -c 'yum update kde-plasma-quickaccess' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 8 Update: monafont-2.90-4.fc8.1
Fedora Update Notification FEDORA-2008-9645 2008-11-14 11:08:26 Name: monafont Product : Fedora 8 Version : 2.90 Release : 4.fc8.1 URL : http://monafont.sourceforge.net/ Summary : Japanese font for text arts Description : Mona Font is a Japanese proportional font which allows you to view Japanese text arts correctly. Update Information: monafont is rebuilt against VLGothic 20081029. This update can be installed with the yum update program. Use su -c 'yum update monafont' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 9 Update: superiotool-0-0.14.20081103svn3698.fc9
Fedora Update Notification FEDORA-2008-9358 2008-11-14 11:08:34 Name: superiotool Product : Fedora 9 Version : 0 Release : 0.14.20081103svn3698.fc9 URL : http://linuxbios.org/index.php/Superiotool Summary : Simple program for detecting Super I/O on your mainboard Description : User-space helper tool which allows you to detect which Super I/O you have on your mainboard, and it can provide detailed information about the register contents of the Super I/O. Update Information: %changelog * Mon Nov 3 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.14.20081103svn3698 - Support for the ITE IT8661F/IT8770F, IT8673F, and IT8671F/IT8687R - Add register definitions for W83627HF - Drop global register 0x07 for all Super I/Os - Add dump support to ITE IT8726F - Add Fintek F71882FG support - Add some more Super I/O IDs/names ChangeLog: * Mon Nov 3 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.14.20081103svn3698 - Support for the ITE IT8661F/IT8770F, IT8673F, and IT8671F/IT8687R - Add register definitions for W83627HF - Drop global register 0x07 for all Super I/Os - Add dump support to ITE IT8726F - Add Fintek F71882FG support - Add some more Super I/O IDs/names * Mon Oct 6 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.13.20080815svn3511 - More ExcludeArch * Fri Aug 15 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.12.20080815svn3511 - Fixed svn path (LinuxBIOS renamed to Coreboot) - svn ver. 3511 - add support for SMSC SIO10N268 (trivial) - add support for 2 new SMSC superio chips - Add dump support for Winbond (NSC) PC87427 * Sun May 18 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.11.20080518svn3319 - Fixed installation * Sun May 18 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.10.20080518svn3319 - Add support for dumping ITE IT8718F EC registers - Detect SMSC SCH5027 - Small cleanups This update can be installed with the yum update program. Use su -c 'yum update superiotool' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 9 Update: ganyremote-5.4.1-1.fc9
Fedora Update Notification FEDORA-2008-9647 2008-11-14 11:08:44 Name: ganyremote Product : Fedora 9 Version : 5.4.1 Release : 1.fc9 URL : http://anyremote.sourceforge.net/ Summary : GTK frontend for anyRemote Description : gAnyRemote package is GTK GUI frontend for anyRemote (http://anyremote.sourceforge.net/). The overall goal of this project is to provide remote control service on Linux through Bluetooth, InfraRed, Wi-Fi or TCP/IP connection. ChangeLog: This update can be installed with the yum update program. Use su -c 'yum update ganyremote' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 8 Update: pysvn-1.6.2-1.fc8
Fedora Update Notification FEDORA-2008-9378 2008-11-14 11:08:51 Name: pysvn Product : Fedora 8 Version : 1.6.2 Release : 1.fc8 URL : http://pysvn.tigris.org/ Summary : Pythonic style bindings for Subversion Description : Pythonic style bindings for Subversion This update can be installed with the yum update program. Use su -c 'yum update pysvn' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 8 Update: geda-utils-20080929-1.fc8
Fedora Update Notification FEDORA-2008-9648 2008-11-14 11:08:51 Name: geda-utils Product : Fedora 8 Version : 20080929 Release : 1.fc8 URL : http://www.geda.seul.org/tools/utils/index.html Summary : Several utilities for the gEDA project Description : Several utilities for the gEDA project. Update Information: 1.4.1 ChangeLog: * Tue Nov 11 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20080929-1 - New upstream release * Mon Jul 7 2008 Tom spot Callaway [EMAIL PROTECTED] - 20080127-2 - fix conditional comparison * Fri Feb 1 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20080127-1 - New upstream release * Tue Jan 22 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20071231-1 - New upstream release This update can be installed with the yum update program. Use su -c 'yum update geda-utils' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 8 Update: geda-gattrib-20080929-1.fc8
Fedora Update Notification FEDORA-2008-9648 2008-11-14 11:08:51 Name: geda-gattrib Product : Fedora 8 Version : 20080929 Release : 1.fc8 URL : http://www.geda.seul.org/tools/gattrib/index.html Summary : Attribute editor for gEDA Description : Gattrib is gEDA's attribute editor. It reads a set of gschem .sch files (schematic files), and creates a spreadsheet showing all components in rows, with the associated component attributes listed in the columns. It allows the user to add, modify, or delete component attributes outside of gschem, and then save the .sch files back out. When it is completed, it will allow the user to edit attributes attached to components, nets, and pins. (Currently, only component attribute editing is implemented; pin attributes are displayed only, and net attributes are TBD.) Update Information: 1.4.1 ChangeLog: * Tue Nov 11 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20080929-1 - New upstream release * Sun Feb 3 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20080127-2 - fix desktop file - added gettext-devel and intltool as BR * Sat Feb 2 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20080127-1 - New upstream release * Tue Jan 22 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20071231-1 - New upstream release This update can be installed with the yum update program. Use su -c 'yum update geda-gattrib' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 8 Update: geda-gsymcheck-20080929-1.fc8
Fedora Update Notification FEDORA-2008-9648 2008-11-14 11:08:51 Name: geda-gsymcheck Product : Fedora 8 Version : 20080929 Release : 1.fc8 URL : http://www.geda.seul.org/tools/gsymcheck/index.html Summary : Symbol checker for electronics schematics editor Description : Gsymcheck is a utility to check symbols for gschem. It is part of the gEDA project. Update Information: 1.4.1 ChangeLog: * Tue Nov 11 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20080929-1 - New upstream release * Sat Feb 2 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20080127-1 - New upstream release * Tue Jan 22 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20071231-1 - New upstream release This update can be installed with the yum update program. Use su -c 'yum update geda-gsymcheck' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 8 Update: geda-gnetlist-20080929-1.fc8
Fedora Update Notification FEDORA-2008-9648 2008-11-14 11:08:51 Name: geda-gnetlist Product : Fedora 8 Version : 20080929 Release : 1.fc8 URL : http://www.geda.seul.org/tools/gnetlist/index.html Summary : Netlister for the gEDA project Description : Gnetlist generates netlists from schematics drawn with gschem (the gEDA schematic editor). Possible output formats are: - native - tango - spice - allegro - PCB - verilog and others. Update Information: 1.4.1 ChangeLog: * Tue Nov 11 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20080929-1 - New upstream release * Sat Feb 2 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20080127-1 - New upstream release * Tue Jan 22 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20071231-1 - New upstream release This update can be installed with the yum update program. Use su -c 'yum update geda-gnetlist' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 8 Update: geda-gschem-20080929-1.fc8
Fedora Update Notification FEDORA-2008-9648 2008-11-14 11:08:51 Name: geda-gschem Product : Fedora 8 Version : 20080929 Release : 1.fc8 URL : http://www.geda.seul.org/tools/gschem/index.html Summary : Electronics schematics editor Description : Gschem is an electronics schematic editor. It is part of the gEDA project. Update Information: 1.4.1 ChangeLog: * Tue Nov 11 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20080929-1 - New upstream release * Sun Feb 3 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20080127-2 - fix desktop file - added gettext-devel and intltool as BR * Fri Feb 1 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20080127-1 - New upstream release This update can be installed with the yum update program. Use su -c 'yum update geda-gschem' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 9 Update: bouncycastle-1.41-2.fc9
Fedora Update Notification
FEDORA-2008-9649
2008-11-14 11:08:58
Name: bouncycastle
Product : Fedora 9
Version : 1.41
Release : 2.fc9
URL : http://www.bouncycastle.org/
Summary : Bouncy Castle Crypto Package for Java
Description :
The Bouncy Castle JCE provider.
Update Information:
bouncycastle-mail is new for F-9. It has been in the rawhide (and then in F-10)
for a while. bouncycastle's spec is updated for guidelines compatibility
ChangeLog:
* Tue Nov 11 2008 Orcan Ogetbil orcanbahri [AT] yahoo [DOT] com 1.41-2
- Fixed license tag (BSD - MIT).
- Minor improvements in the SPEC file for better compatibility with the
Fedora Java Packaging Guidelines.
- Added Provides: bcprov == %{version}-%{release}.
* Thu Oct 2 2008 Lillian Angel [EMAIL PROTECTED] - 1.41-1
- Import Bouncy Castle 1.41.
- Resolves: rhbz#465203
* Thu May 15 2008 Thomas Fitzsimmons [EMAIL PROTECTED] - 1.39-1
- Import Bouncy Castle 1.39.
- Set target to 1.5.
References:
[ 1 ] Bug #465382 - Review Request: bouncycastle-mail - SMIME/CMS packages
for Bouncy Castle
https://bugzilla.redhat.com/show_bug.cgi?id=465382
This update can be installed with the yum update program. Use
su -c 'yum update bouncycastle' at the command line.
For more information, refer to Managing Software with yum,
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
___
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 9 Update: bouncycastle-mail-1.41-3.fc9
Fedora Update Notification FEDORA-2008-9649 2008-11-14 11:08:58 Name: bouncycastle-mail Product : Fedora 9 Version : 1.41 Release : 3.fc9 URL : http://www.bouncycastle.org/ Summary : S/MIME and CMS libraries for Bouncy Castle Description : Bouncy Castle consists of a lightweight cryptography API and is a provider for the Java Cryptography Extension and the Java Cryptography Architecture. This library package offers additional classes, in particuar generators/processors for S/MIME and CMS, for Bouncy Castle. Update Information: bouncycastle-mail is new for F-9. It has been in the rawhide (and then in F-10) for a while. bouncycastle's spec is updated for guidelines compatibility References: [ 1 ] Bug #465382 - Review Request: bouncycastle-mail - SMIME/CMS packages for Bouncy Castle https://bugzilla.redhat.com/show_bug.cgi?id=465382 This update can be installed with the yum update program. Use su -c 'yum update bouncycastle-mail' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 8 Update: tennix-0.6.1-4.fc8
Fedora Update Notification FEDORA-2008-8326 2008-11-14 11:09:26 Name: tennix Product : Fedora 8 Version : 0.6.1 Release : 4.fc8 URL : http://icculus.org/tennix/ Summary : A simple tennis game Description : Tennix! is a SDL port of a simple tennis game. It features a two-player game mode and a single-player mode against the computer. Update Information: Tennix! is a SDL port of a simple tennis game. It features a two-player game mode and a single-player mode against the computer. References: [ 1 ] Bug #445604 - Review Request: tennix - A funny 2D tennis game https://bugzilla.redhat.com/show_bug.cgi?id=445604 This update can be installed with the yum update program. Use su -c 'yum update tennix' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
[SECURITY] Fedora 8 Update: clamav-0.92.1-4.fc8
Fedora Update Notification FEDORA-2008-9651 2008-11-14 11:09:18 Name: clamav Product : Fedora 8 Version : 0.92.1 Release : 4.fc8 URL : http://www.clamav.net Summary : End-user tools for the Clam Antivirus scanner Description : Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use with your own software. The virus database is based on the virus database from OpenAntiVirus, but contains additional signatures (including signatures for popular polymorphic viruses, too) and is KEPT UP TO DATE. Update Information: Security fixes from upstream 0.94 and 0.94.1:CVE-2008-3912 (#461461): Multiple out-of-memory NULL pointer dereferences CVE-2008-3913 (#461461): Fix memory leak in the error code path in freshclam CVE-2008-3914 (#461461): File descriptor leak on the error code path CVE-2008-5050 (#470783): get_unicode_name() off-by-one buffer overflow ChangeLog: * Thu Nov 13 2008 Tomas Hoger [EMAIL PROTECTED] - 0.92.1-4 - Security update - backport security fixes from 0.94: CVE-2008-3912 (#461461): Multiple out-of-memory NULL pointer dereferences CVE-2008-3913 (#461461): Fix memory leak in the error code path in freshclam CVE-2008-3914 (#461461): File descriptor leak on the error code path - Security update - backport security fixes from 0.94.1: CVE-2008-5050 (#470783): get_unicode_name() off-by-one buffer overflow * Sun Jul 13 2008 Enrico Scholz [EMAIL PROTECTED] - 0.92.1-3 - disabled check which prevents older freshclam versions to run in 4h intervals (bz #453601) - backported security fixes from 0.93.3: CVE-2008-2713: out-of-bounds read on petite files * Thu Apr 24 2008 Tomas Hoger [EMAIL PROTECTED] - 0.92.1-2 - Security update - backport security fixes from 0.93: CVE-2008-1100 (#442360): Upack Processing Buffer Overflow Vulnerability CVE-2008-1387 (#442525): Endless loop / hang with crafted arj CVE-2008-0314 (#442740): PeSpin Heap Overflow Vulnerability CVE-2008-1833 (#442741): PE WWPack Heap Overflow Vulnerability * Mon Feb 11 2008 Enrico Scholz [EMAIL PROTECTED] - 0.92.1-1 - updated to 0.92.1 * Tue Jan 1 2008 Enrico Scholz [EMAIL PROTECTED] - 0.92-6 - redisabled unrar stuff completely by using clean sources * Tue Jan 1 2008 Enrico Scholz [EMAIL PROTECTED] - 0.92-5 - use a better way to disable RPATH-generation (needed for '--with unrar' builds) * Mon Dec 31 2007 Enrico Scholz [EMAIL PROTECTED] - 0.92-4 - added a README.fedora to the milter package (#240610) - ship original sources again; unrar is now licensed correctly (no more stolen code put under GPL). Nevertheless, this license is not GPL compatible, and to allow libclamav to be used by GPL applications, unrar is disabled by a ./configure switch. - use pkg-config in clamav-config to emulate --cflags and --libs operations (fixes partly multilib issues) - registered some more auto-updated files and marked them as %ghost * Fri Dec 21 2007 Tom spot Callaway [EMAIL PROTECTED] - 0.92-3 - updated to 0.92 (SECURITY): - CVE-2007-6335 MEW PE File Integer Overflow Vulnerability References: [ 1 ] Bug #461461 - clamav: multiple security fixes in 0.94 (CVE-2008-1389, CVE-2008-3912, CVE-2008-3913, CVE-2008-3914) https://bugzilla.redhat.com/show_bug.cgi?id=461461 [ 2 ] Bug #470783 - CVE-2008-5050 clamav: get_unicode_name() off-by-one buffer overflow ( 0.94.1) https://bugzilla.redhat.com/show_bug.cgi?id=470783 This update can be installed with the yum update program. Use su -c 'yum update clamav' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 9 Update: monafont-2.90-4.fc9.1
Fedora Update Notification FEDORA-2008-9652 2008-11-14 11:09:26 Name: monafont Product : Fedora 9 Version : 2.90 Release : 4.fc9.1 URL : http://monafont.sourceforge.net/ Summary : Japanese font for text arts Description : Mona Font is a Japanese proportional font which allows you to view Japanese text arts correctly. Update Information: monafont is rebuilt against VLGothic 20081029. ChangeLog: This update can be installed with the yum update program. Use su -c 'yum update monafont' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 9 Update: projectM-pulseaudio-1.2.0-3.fc9
Fedora Update Notification FEDORA-2008-9653 2008-11-14 11:09:33 Name: projectM-pulseaudio Product : Fedora 9 Version : 1.2.0 Release : 3.fc9 URL : http://projectm.sourceforge.net/ Summary : The projectM visualization plugin for pulseaudio Description : This package allows the use of the projectM visualization plugin through any pulseaudio compatible applications. Update Information: Initial build References: [ 1 ] Bug #464054 - Package Review Request for projectM-pulseaudio https://bugzilla.redhat.com/show_bug.cgi?id=464054 This update can be installed with the yum update program. Use su -c 'yum update projectM-pulseaudio' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 9 Update: ssm-0.1-9.fc9
Fedora Update Notification FEDORA-2008-9654 2008-11-14 11:09:41 Name: ssm Product : Fedora 9 Version : 0.1 Release : 9.fc9 URL : http://www.bioxray.au.dk/~mok/ssm Summary : Macromolecular coordinate superposition library Description : SSM is a macromolecular coordinate superposition library, written by Eugene Krissinel. The library implements the SSM algorithm of protein structure comparison in three dimensions, which includes an original procedure of matching graphs built on the protein's secondary-structure elements, followed by an iterative three-dimensional alignment of protein backbone Calpha atoms. The algorithm implemented by the software is described in: E. Krissinel K. Henrick (2004) Secondary-structure matching (SSM), a new tool for fast protein structure alignment in three dimensions. Acta Crystallogr D Biol Crystallogr. 60, 2256-68. This package contains the shared library components needed for programs that have been compiled with the ssm library. This update can be installed with the yum update program. Use su -c 'yum update ssm' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 8 Update: R-bigmemory-2.3-3.fc8
Fedora Update Notification FEDORA-2008-9655 2008-11-14 11:09:50 Name: R-bigmemory Product : Fedora 8 Version : 2.3 Release : 3.fc8 URL : http://cran.r-project.org/web/packages/bigmemory/index.html Summary : Manage massive matrices in R using C++, with support for shared memory Description : Use C++ to create, store, access, and manipulate massive matrices. Under *NIX, it also supports use of shared memory. Update Information: New package: Use C++ to create, store, access, and manipulate massive matrices. Under *NIX, it also supports use of shared memory. References: [ 1 ] Bug #454441 - Review Request: R-bigmemory - Manage massive matrices in R using C++, with support for shared memory https://bugzilla.redhat.com/show_bug.cgi?id=454441 This update can be installed with the yum update program. Use su -c 'yum update R-bigmemory' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 8 Update: fuse-encfs-1.5-1.fc8
Fedora Update Notification FEDORA-2008-9266 2008-11-14 11:10:08 Name: fuse-encfs Product : Fedora 8 Version : 1.5 Release : 1.fc8 URL : http://arg0.net/wiki/encfs Summary : Encrypted pass-thru filesystem in userspace Description : EncFS implements an encrypted filesystem in userspace using FUSE. FUSE provides a Linux kernel module which allows virtual filesystems to be written in userspace. EncFS encrypts all data and filenames in the filesystem and passes access through to the underlying filesystem. Similar to CFS except that it does not use NFS. Update Information: Ver. 1.5 ChangeLog: * Sun Oct 26 2008 Peter Lemenkov [EMAIL PROTECTED] 1.5-1 - Ver. 1.5 - Dropped upstreamed patches * Tue Aug 12 2008 Peter Lemenkov [EMAIL PROTECTED] 1.4.2-5 - Rebuild with new boost * Fri Aug 1 2008 Peter Lemenkov [EMAIL PROTECTED] 1.4.2-4 - Fix build with new rlog * Sat Jul 12 2008 Peter Lemenkov [EMAIL PROTECTED] 1.4.2-3 - rebuild due to rlog soname bump * Mon May 5 2008 Tomas Hoger [EMAIL PROTECTED] - 1.4.2-2 - Work-around broken boost library path auto detection causing build failures on 64-bit architectures. * Mon Apr 14 2008 Peter Lemenkov [EMAIL PROTECTED] 1.4.2-1 - Ver. 1.4.2 - add option to pass-through file 'holes'. Only available in expert mode - config file format changed to XML via boost serialization (config file is now .encfs6.xml) - remove ulockmgr support, caused numerous locking issues. (bz# 440483) - fix symlink handling in encfsctl export - fix stdinpass option parsing, reported by Scott Hendrickson - fix path suffix in encfsctl * Fri Mar 28 2008 Alex Lancaster alexlan[AT]fedoraproject org - 1.4.1.1-5 - Update patch for building with GCC 4.3 (use cstring throughout) * Tue Mar 25 2008 Peter Lemenkov [EMAIL PROTECTED] 1.4.1.1-4.1 - Another attempt to fix GCC 4.3 builds * Tue Mar 25 2008 Peter Lemenkov [EMAIL PROTECTED] 1.4.1.1-4 - Another attempt to fix GCC 4.3 builds * Tue Feb 19 2008 Fedora Release Engineering [EMAIL PROTECTED] - 1.4.1.1-3 - Autorebuild for GCC 4.3 * Sat Feb 9 2008 Peter Lemenkov [EMAIL PROTECTED] 1.4.1.1-2 - Rebuild for GCC 4.3 This update can be installed with the yum update program. Use su -c 'yum update fuse-encfs' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
[SECURITY] Fedora 9 Update: quassel-0.3.0.3-1.fc9
Fedora Update Notification FEDORA-2008-9658 2008-11-14 11:10:21 Name: quassel Product : Fedora 9 Version : 0.3.0.3 Release : 1.fc9 URL : http://quassel-irc.org/ Summary : QT4 Based distrubuted IRC system Description : Quassel IRC is a modern, distributed IRC client, meaning that one (or multiple) client(s) can attach to and detach from a central core -- much like the popular combination of screen and a text-based IRC client such as WeeChat, but graphical Update Information: New upstream release fixes a security issue with CTCP handling in Quassel Core, that could potentially be exploited to send arbitrary IRC commands on your behalf. This update can be installed with the yum update program. Use su -c 'yum update quassel' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 9 Update: pysvn-1.6.2-1.fc9
Fedora Update Notification FEDORA-2008-9371 2008-11-14 11:10:28 Name: pysvn Product : Fedora 9 Version : 1.6.2 Release : 1.fc9 URL : http://pysvn.tigris.org/ Summary : Pythonic style bindings for Subversion Description : Pythonic style bindings for Subversion Update Information: ChangeLog: This update can be installed with the yum update program. Use su -c 'yum update pysvn' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 9 Update: grc-0.70-3.fc9
Fedora Update Notification FEDORA-2008-7344 2008-11-14 11:10:28 Name: grc Product : Fedora 9 Version : 0.70 Release : 3.fc9 URL : http://gnuradio.org/trac/wiki/GNURadioCompanion Summary : GUI for Gnuradio Description : The GNU Radio Companion is a preliminary graphical user interface which allows GNU Radio components to be put together graphically. It is currently under development by Josh Blum. GNU Radio Companion encompasses over 200 blocks from the GNU Radio Project. Update Information: The GNU Radio Companion is a preliminary graphical user interface which allows GNU Radio components to be put together graphically. It is currently under development by Josh Blum. GNU Radio Companion encompasses over 200 blocks from the GNU Radio Project. References: [ 1 ] Bug #460104 - GRC not installed https://bugzilla.redhat.com/show_bug.cgi?id=460104 This update can be installed with the yum update program. Use su -c 'yum update grc' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 9 Update: basket-1.0.3.1-2.fc9
Fedora Update Notification FEDORA-2008-9659 2008-11-14 11:10:28 Name: basket Product : Fedora 9 Version : 1.0.3.1 Release : 2.fc9 URL : http://basket.kde.org/ Summary : Taking care of your ideas Description : A multi-purpose note-taking application that makes it easy to write down ideas as you think, and quickly find them later. You can collect, import or share any data, tag your notes and secure it some or all of it with passwords and/or encryption. Update Information: Taking care of your ideas ChangeLog: * Mon Nov 10 2008 Christopher D. Stover [EMAIL PROTECTED] 1.0.3.1-2 - added a requires for hicolor-icon-theme - removed -p from the main package /sbin/ldconfig * Sat Oct 25 2008 Christopher D. Stover [EMAIL PROTECTED] 1.0.3.1-1 - version 1.0.3.1 - gcc43 patch is no longer needed * Sat Jun 7 2008 Kevin Kofler [EMAIL PROTECTED] 1.0.2-7 - disable -kontact for F10+ (can't integrate KDE 3 app into KDE 4 Kontact) * Sun Jun 1 2008 Aurelien Bompard [EMAIL PROTECTED] 1.0.2-6 - rebuild References: [ 1 ] Bug #468562 - Review Request: basket - Taking care of your ideas https://bugzilla.redhat.com/show_bug.cgi?id=468562 This update can be installed with the yum update program. Use su -c 'yum update basket' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 9 Update: wraplinux-1.6-1.fc9
Fedora Update Notification FEDORA-2008-9660 2008-11-14 11:10:38 Name: wraplinux Product : Fedora 9 Version : 1.6 Release : 1.fc9 URL : http://www.kernel.org/pub/linux/utils/boot/wraplinux/ Summary : Utility to wrap a Linux kernel and initrd into an ELF or NBI file Description : A tool to wrap an x86 Linux kernel and one or more initrd files into a single file in ELF or NBI format, as required by some booting protocols. Update Information: Requirement of LTSP. This update can be installed with the yum update program. Use su -c 'yum update wraplinux' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 8 Update: geda-examples-20080929-1.fc8
Fedora Update Notification FEDORA-2008-9663 2008-11-14 11:11:04 Name: geda-examples Product : Fedora 8 Version : 20080929 Release : 1.fc8 URL : http://www.geda.seul.org Summary : Circuit examples for gEDA Description : This package contains circuit examples for the gEDA project. Update Information: 1.4.1 ChangeLog: * Tue Nov 11 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20080929-1 - New upstream release * Mon Jul 7 2008 Tom spot Callaway [EMAIL PROTECTED] - 20080127-2 - fix conditional comparison * Sat Feb 2 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20080127-1 - New upstream release * Tue Jan 22 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20071231-1 - New upstream release This update can be installed with the yum update program. Use su -c 'yum update geda-examples' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 8 Update: libgeda-20080929-1.fc8
Fedora Update Notification FEDORA-2008-9662 2008-11-14 11:10:55 Name: libgeda Product : Fedora 8 Version : 20080929 Release : 1.fc8 URL : http://www.geda.seul.org Summary : Libraries for the gEDA project Description : This package contains libgeda, the library needed by gEDA applications. Update Information: new upstream release ChangeLog: * Tue Nov 11 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20080929-1 - New upstream release - cleaned rpmlint warnings : unused-direct-shlib-dependencies * Fri Feb 1 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20080127-1 - New upstream release - disable-update-mime-database - prepare post and postun - treat locales properly * Tue Jan 22 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20071231-1 - New upstream release This update can be installed with the yum update program. Use su -c 'yum update libgeda' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 8 Update: geda-symbols-20080929-1.fc8
Fedora Update Notification FEDORA-2008-9663 2008-11-14 11:11:04 Name: geda-symbols Product : Fedora 8 Version : 20080929 Release : 1.fc8 URL : http://www.geda.seul.org Summary : Electronic symbols for gEDA Description : This package contains a bunch of symbols of electronic devices used by gschem, the gEDA project schematic editor. Update Information: 1.4.1 ChangeLog: * Tue Nov 11 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20080929-1 - New upstream release * Fri Feb 1 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20080127-1 - New upstream release * Tue Jan 22 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20071231-1 - New upstream release - added transfig as BR for fig2dev This update can be installed with the yum update program. Use su -c 'yum update geda-symbols' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 8 Update: geda-docs-20080929-1.fc8
Fedora Update Notification FEDORA-2008-9663 2008-11-14 11:11:04 Name: geda-docs Product : Fedora 8 Version : 20080929 Release : 1.fc8 URL : http://www.geda.seul.org Summary : Documentation for gEDA Description : This package contains documentation for the gEDA project. Update Information: 1.4.1 ChangeLog: * Tue Nov 11 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20080929-1 - New upstream release * Sat Feb 2 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20080127-1 - New upstream release * Tue Jan 22 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20071231-1 - New upstream release This update can be installed with the yum update program. Use su -c 'yum update geda-docs' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 9 Update: R-bigmemory-2.3-3.fc9
Fedora Update Notification FEDORA-2008-9664 2008-11-14 11:11:12 Name: R-bigmemory Product : Fedora 9 Version : 2.3 Release : 3.fc9 URL : http://cran.r-project.org/web/packages/bigmemory/index.html Summary : Manage massive matrices in R using C++, with support for shared memory Description : Use C++ to create, store, access, and manipulate massive matrices. Under *NIX, it also supports use of shared memory. Update Information: New package: Use C++ to create, store, access, and manipulate massive matrices. Under *NIX, it also supports use of shared memory. ChangeLog: References: [ 1 ] Bug #454441 - Review Request: R-bigmemory - Manage massive matrices in R using C++, with support for shared memory https://bugzilla.redhat.com/show_bug.cgi?id=454441 This update can be installed with the yum update program. Use su -c 'yum update R-bigmemory' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 8 Update: barry-0.14-4.fc8
Fedora Update Notification FEDORA-2008-9665 2008-11-14 11:11:19 Name: barry Product : Fedora 8 Version : 0.14 Release : 4.fc8 URL : http://www.netdirect.ca/downloads/barry Summary : BlackBerry Desktop for Linux Description : Barry is a desktop toolset for managing your BlackBerry device. This package contains commandline tools which will enable you to charge your device with a proper 500mA and be able to access data on the device. It also includes a GUI application to backup your BlackBerry. Update Information: Barry is a desktop toolset for managing your BlackBerry device. References: [ 1 ] Bug #467958 - Review Request: barry - BlackBerry(tm) Desktop for Linux https://bugzilla.redhat.com/show_bug.cgi?id=467958 This update can be installed with the yum update program. Use su -c 'yum update barry' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 9 Update: barry-0.14-4.fc9
Fedora Update Notification FEDORA-2008-9666 2008-11-14 11:11:26 Name: barry Product : Fedora 9 Version : 0.14 Release : 4.fc9 URL : http://www.netdirect.ca/downloads/barry Summary : BlackBerry Desktop for Linux Description : Barry is a desktop toolset for managing your BlackBerry device. This package contains commandline tools which will enable you to charge your device with a proper 500mA and be able to access data on the device. It also includes a GUI application to backup your BlackBerry. Update Information: Barry is a desktop toolset for managing your BlackBerry device. ChangeLog: References: [ 1 ] Bug #467958 - Review Request: barry - BlackBerry(tm) Desktop for Linux https://bugzilla.redhat.com/show_bug.cgi?id=467958 This update can be installed with the yum update program. Use su -c 'yum update barry' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
[SECURITY] Fedora 8 Update: firefox-2.0.0.18-1.fc8
Fedora Update Notification FEDORA-2008-9667 2008-11-14 11:11:33 Name: firefox Product : Fedora 8 Version : 2.0.0.18 Release : 1.fc8 URL : http://www.mozilla.org/projects/firefox/ Summary : Mozilla Firefox Web browser. Description : Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 8.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 2.0.0.18[1].All firefox users and users of packages depending on firefox[2] should upgrade to these updated packages, which correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox20.html#firefox2.0.0.18 [2] blam cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome-web-photo kazehakase liferea Miro openvrml ruby-gnome2 yelp Provides Python bindings for libgdl on PPC64. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] 2.0.0.18-1 - Update to 2.0.0.18 * Tue Sep 23 2008 Christopher Aillon [EMAIL PROTECTED] 2.0.0.17-1 - Update to 2.0.0.17 * Tue Jul 15 2008 Christopher Aillon [EMAIL PROTECTED] 2.0.0.16-1 - Update to 2.0.0.16 * Wed Jul 2 2008 Christopher Aillon [EMAIL PROTECTED] 2.0.0.15-1 - Update to 2.0.0.15 * Wed Apr 16 2008 Christopher Aillon [EMAIL PROTECTED] 2.0.0.14-1 - Update to 2.0.0.14 * Tue Mar 25 2008 Christopher Aillon [EMAIL PROTECTED] 2.0.0.13-1 - Update to 2.0.0.13 * Fri Feb 8 2008 Christopher Aillon [EMAIL PROTECTED] 2.0.0.12-1 - Update to 2.0.0.12 * Thu Dec 13 2007 Christopher Aillon [EMAIL PROTECTED] 2.0.0.10-3 - Fix the getStartPage method to not return blank. Patch by [EMAIL PROTECTED] * Wed Nov 28 2007 Christopher Aillon [EMAIL PROTECTED] 2.0.0.10-2 - Make Canvas.drawImage work again * Mon Nov 26 2007 Christopher Aillon [EMAIL PROTECTED] 2.0.0.10-1 - Update to 2.0.0.10 * Mon Nov 5 2007 Martin Stransky [EMAIL PROTECTED] 2.0.0.9-1 - updated to the latest upstream * Wed Oct 31 2007 Martin Stransky [EMAIL PROTECTED] 2.0.0.8-3 - added mozilla-plugin-config to startup script References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470864 - CVE-2008-5012 Mozilla Image stealing via canvas and HTTP redirect https://bugzilla.redhat.com/show_bug.cgi?id=470864 [ 3 ] Bug #470867 - CVE-2008-5013 Mozilla Flash Player dynamic module unloading flaw https://bugzilla.redhat.com/show_bug.cgi?id=470867 [ 4 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 5 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 6 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 7 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 8 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 9 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser https://bugzilla.redhat.com/show_bug.cgi?id=470892 [ 10 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in
[SECURITY] Fedora 8 Update: epiphany-2.20.3-8.fc8
Fedora Update Notification FEDORA-2008-9667 2008-11-14 11:11:33 Name: epiphany Product : Fedora 8 Version : 2.20.3 Release : 8.fc8 URL : http://www.gnome.org/projects/epiphany/ Summary : GNOME web browser based on the Mozilla rendering engine Description : epiphany is a simple GNOME web browser based on the Mozilla rendering engine. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 8.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 2.0.0.18[1].All firefox users and users of packages depending on firefox[2] should upgrade to these updated packages, which correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox20.html#firefox2.0.0.18 [2] blam cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome-web-photo kazehakase liferea Miro openvrml ruby-gnome2 yelp Provides Python bindings for libgdl on PPC64. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 2.20.3-8 - Rebuild against newer gecko * Tue Sep 23 2008 Christopher Aillon [EMAIL PROTECTED] - 2.20.3-7 - Rebuild against newer gecko * Tue Jul 15 2008 Christopher Aillon [EMAIL PROTECTED] - 2.20.3-6 - Rebuild against newer gecko * Wed Jul 2 2008 Christopher Aillon [EMAIL PROTECTED] - 2.20.3-5 - Rebuild against newer gecko * Sun Apr 27 2008 Christopher Aillon [EMAIL PROTECTED] - 2.20.3-4 - Stop shipping LowContrastLargePrint icons * Wed Apr 16 2008 Christopher Aillon [EMAIL PROTECTED] - 2.20.3-3 - Rebuild against newer gecko * Tue Mar 25 2008 Christopher Aillon [EMAIL PROTECTED] - 2.20.3-2 - Rebuild against newer gecko * Sat Mar 8 2008 Christopher Aillon [EMAIL PROTECTED] - 2.20.3-1 - Update to 2.20.3 * Sat Mar 8 2008 Christopher Aillon [EMAIL PROTECTED] - 2.20.2-4 - Update the useragent for Fedora * Fri Feb 8 2008 Christopher Aillon [EMAIL PROTECTED] - 2.20.2-3 - Rebuild against newer gecko * Thu Nov 29 2007 Martin Stransky [EMAIL PROTECTED] - 2.20.2-2 - Polished wrapper patch * Tue Nov 27 2007 Matthias Clasen [EMAIL PROTECTED] - 2.20.2-1 - Update to 2.20.2 * Tue Nov 27 2007 Christopher Aillon [EMAIL PROTECTED] - 2.20.1-6 - Rebuild against newer gecko * Mon Nov 19 2007 Martin Stransky [EMAIL PROTECTED] - 2.20.1-5 - Updated wrapper patch * Mon Nov 5 2007 Martin Stransky [EMAIL PROTECTED] - 2.20.1-4 - Rebuild against new firefox References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470864 - CVE-2008-5012 Mozilla Image stealing via canvas and HTTP redirect https://bugzilla.redhat.com/show_bug.cgi?id=470864 [ 3 ] Bug #470867 - CVE-2008-5013 Mozilla Flash Player dynamic module unloading flaw https://bugzilla.redhat.com/show_bug.cgi?id=470867 [ 4 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 5 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 6 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 7 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 8 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore
[SECURITY] Fedora 8 Update: cairo-dock-1.6.3.1-1.fc8.1
Fedora Update Notification FEDORA-2008-9667 2008-11-14 11:11:33 Name: cairo-dock Product : Fedora 8 Version : 1.6.3.1 Release : 1.fc8.1 URL : http://www.cairo-dock.org/ Summary : Light eye-candy fully themable animated dock Description : An light eye-candy fully themable animated dock for any Linux desktop. It has a family-likeness with OSX dock, but with more options. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 8.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 2.0.0.18[1].All firefox users and users of packages depending on firefox[2] should upgrade to these updated packages, which correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox20.html#firefox2.0.0.18 [2] blam cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome-web-photo kazehakase liferea Miro openvrml ruby-gnome2 yelp Provides Python bindings for libgdl on PPC64. References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470864 - CVE-2008-5012 Mozilla Image stealing via canvas and HTTP redirect https://bugzilla.redhat.com/show_bug.cgi?id=470864 [ 3 ] Bug #470867 - CVE-2008-5013 Mozilla Flash Player dynamic module unloading flaw https://bugzilla.redhat.com/show_bug.cgi?id=470867 [ 4 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 5 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 6 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 7 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 8 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 9 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser https://bugzilla.redhat.com/show_bug.cgi?id=470892 [ 10 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 11 ] Bug #470895 - CVE-2008-5022 Mozilla nsXMLHttpRequest::NotifyEventListeners() same-origin violation https://bugzilla.redhat.com/show_bug.cgi?id=470895 [ 12 ] Bug #470898 - CVE-2008-5023 Mozilla -moz-binding property bypasses security checks on codebase principals https://bugzilla.redhat.com/show_bug.cgi?id=470898 [ 13 ] Bug #470902 - CVE-2008-5024 Mozilla parsing error in E4X default namespace https://bugzilla.redhat.com/show_bug.cgi?id=470902 This update can be installed with the yum update program. Use su -c 'yum update cairo-dock' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list
[SECURITY] Fedora 8 Update: epiphany-extensions-2.20.1-11.fc8
Fedora Update Notification FEDORA-2008-9667 2008-11-14 11:11:33 Name: epiphany-extensions Product : Fedora 8 Version : 2.20.1 Release : 11.fc8 URL : http://www.gnome.org/projects/epiphany/extensions Summary : Extensions for Epiphany, the GNOME web browser Description : Epiphany Extensions is a collection of extensions for Epiphany, the GNOME web browser. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 8.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 2.0.0.18[1].All firefox users and users of packages depending on firefox[2] should upgrade to these updated packages, which correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox20.html#firefox2.0.0.18 [2] blam cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome-web-photo kazehakase liferea Miro openvrml ruby-gnome2 yelp Provides Python bindings for libgdl on PPC64. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 2.20.1-11 - Rebuild against newer gecko * Wed Sep 24 2008 Christopher Aillon [EMAIL PROTECTED] - 2.20.1-10 - Rebuild against newer gecko * Tue Jul 15 2008 Christopher Aillon [EMAIL PROTECTED] - 2.20.1-9 - Rebuild against newer gecko * Wed Jul 2 2008 Christopher Aillon [EMAIL PROTECTED] - 2.20.1-8 - Rebuild against newer gecko * Wed Apr 16 2008 Christopher Aillon [EMAIL PROTECTED] - 2.20.1-7 - Rebuild against newer gecko * Tue Mar 25 2008 Christopher Aillon [EMAIL PROTECTED] - 2.20.1-6 - Rebuild against newer gecko * Fri Feb 8 2008 Christopher Aillon [EMAIL PROTECTED] - 2.20.1-5 - Rebuild against newer gecko * Tue Nov 27 2007 Christopher Aillon [EMAIL PROTECTED] - 2.20.1-3 - Rebuild against newer gecko * Tue Nov 6 2007 Peter Gordon [EMAIL PROTECTED] - 2.20.1-2 - Rebuild for new Gecko (Firefox 2.0.0.9) References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470864 - CVE-2008-5012 Mozilla Image stealing via canvas and HTTP redirect https://bugzilla.redhat.com/show_bug.cgi?id=470864 [ 3 ] Bug #470867 - CVE-2008-5013 Mozilla Flash Player dynamic module unloading flaw https://bugzilla.redhat.com/show_bug.cgi?id=470867 [ 4 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 5 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 6 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 7 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 8 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 9 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser https://bugzilla.redhat.com/show_bug.cgi?id=470892 [ 10 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 11 ] Bug #470895 - CVE-2008-5022 Mozilla nsXMLHttpRequest::NotifyEventListeners() same-origin violation https://bugzilla.redhat.com/show_bug.cgi?id=470895 [ 12 ] Bug #470898 -
[SECURITY] Fedora 8 Update: blam-1.8.3-19.fc8
Fedora Update Notification FEDORA-2008-9667 2008-11-14 11:11:33 Name: blam Product : Fedora 8 Version : 1.8.3 Release : 19.fc8 URL : http://www.cmartin.tk/blam.html Summary : An RSS/RDF feed reader Description : Blam is a tool that helps you keep track of the growing number of news feeds distributed as RSS. Blam lets you subscribe to any number of feeds and provides an easy to use and clean interface to stay up to date Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 8.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 2.0.0.18[1].All firefox users and users of packages depending on firefox[2] should upgrade to these updated packages, which correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox20.html#firefox2.0.0.18 [2] blam cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome-web-photo kazehakase liferea Miro openvrml ruby-gnome2 yelp Provides Python bindings for libgdl on PPC64. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 1.8.3-19 - Rebuild against newer gecko * Tue Sep 23 2008 Christopher Aillon [EMAIL PROTECTED] - 1.8.3-18 - Rebuild against newer gecko * Tue Jul 15 2008 Christopher Aillon [EMAIL PROTECTED] - 1.8.3-17 - Rebuild against newer gecko * Wed Jul 2 2008 Christopher Aillon [EMAIL PROTECTED] - 1.8.3-16 - Rebuild against newer gecko * Wed Apr 16 2008 Christopher Aillon [EMAIL PROTECTED] - 1.8.3-15 - Rebuild against newer gecko * Tue Mar 25 2008 Christopher Aillon [EMAIL PROTECTED] - 1.8.3-14 - Rebuild against newer gecko * Fri Feb 8 2008 Christopher Aillon [EMAIL PROTECTED] - 1.8.3-13 - Rebuild against newer gecko * Tue Nov 27 2007 Christopher Aillon [EMAIL PROTECTED] - 1.8.3-12 - Rebuild against newer gecko * Thu Nov 22 2007 Peter Gordon [EMAIL PROTECTED] - 1.8.3-11 - Fix CVE-2005-4790 (bug 252294). * Tue Nov 13 2007 Peter Gordon [EMAIL PROTECTED] - 1.8.3-10 - Rebuild for new Gecko (Firefox 2.0.0.9). References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470864 - CVE-2008-5012 Mozilla Image stealing via canvas and HTTP redirect https://bugzilla.redhat.com/show_bug.cgi?id=470864 [ 3 ] Bug #470867 - CVE-2008-5013 Mozilla Flash Player dynamic module unloading flaw https://bugzilla.redhat.com/show_bug.cgi?id=470867 [ 4 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 5 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 6 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 7 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 8 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 9 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser https://bugzilla.redhat.com/show_bug.cgi?id=470892 [ 10 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 11 ] Bug #470895 - CVE-2008-5022
[SECURITY] Fedora 8 Update: chmsee-1.0.0-5.31.fc8
Fedora Update Notification FEDORA-2008-9667 2008-11-14 11:11:33 Name: chmsee Product : Fedora 8 Version : 1.0.0 Release : 5.31.fc8 URL : http://chmsee.gro.clinux.org/ Summary : A Gtk+2 CHM document viewer Description : A gtk2 chm document viewer. It uses chmlib to extract files. It uses gecko to display pages. It supports displaying multilingual pages due to gecko. It features bookmarks and tabs. The tabs could be used to jump inside the chm file conveniently. Its UI is clean and handy, also is well localized. It is actively developed and maintained. The author of chmsee is Jungle Ji and several other great people. Hint * Unlike other chm viewers, chmsee extracts files from chm file, and then read and display them. The extracted files could be found in $HOME/.chmsee/bookshelf directory. You can clean those files at any time and there is a special config option for that. * The bookmark is related to each file so not all bookmarks will be loaded, only current file's. * Try to remove $HOME/.chmsee if you encounter any problem after an upgrade. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 8.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 2.0.0.18[1].All firefox users and users of packages depending on firefox[2] should upgrade to these updated packages, which correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox20.html#firefox2.0.0.18 [2] blam cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome-web-photo kazehakase liferea Miro openvrml ruby-gnome2 yelp Provides Python bindings for libgdl on PPC64. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 1.0.0-5.31 - Rebuild against newer gecko * Tue Sep 23 2008 Christopher Aillon [EMAIL PROTECTED] - 1.0.0-4.31 - Rebuild against newer gecko * Tue Jul 15 2008 Christopher Aillon [EMAIL PROTECTED] - 1.0.0-3.31 - Rebuild against newer gecko * Wed Jul 2 2008 Christopher Aillon [EMAIL PROTECTED] - 1.0.0-2.31 - Rebuild against newer gecko * Wed Apr 16 2008 Christopher Aillon [EMAIL PROTECTED] - 1.0.0-2.30 - Rebuild against newer gecko * Tue Mar 25 2008 Christopher Aillon [EMAIL PROTECTED] - 1.0.0-1.30 - Rebuild against newer gecko * Tue Mar 4 2008 bbbush [EMAIL PROTECTED] - 1.0.0-1.29 - re-add firefox_version * Fri Feb 8 2008 Christopher Aillon [EMAIL PROTECTED] - 1.0.0-1.28 - Rebuild against newer gecko References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470864 - CVE-2008-5012 Mozilla Image stealing via canvas and HTTP redirect https://bugzilla.redhat.com/show_bug.cgi?id=470864 [ 3 ] Bug #470867 - CVE-2008-5013 Mozilla Flash Player dynamic module unloading flaw https://bugzilla.redhat.com/show_bug.cgi?id=470867 [ 4 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 5 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 6 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 7 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 8 ] Bug #470889 -
[SECURITY] Fedora 8 Update: devhelp-0.16.1-11.fc8
Fedora Update Notification FEDORA-2008-9667 2008-11-14 11:11:33 Name: devhelp Product : Fedora 8 Version : 0.16.1 Release : 11.fc8 URL : http://developer.imendio.com/projects/devhelp Summary : API document browser Description : An API document browser for GNOME 2. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 8.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 2.0.0.18[1].All firefox users and users of packages depending on firefox[2] should upgrade to these updated packages, which correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox20.html#firefox2.0.0.18 [2] blam cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome-web-photo kazehakase liferea Miro openvrml ruby-gnome2 yelp Provides Python bindings for libgdl on PPC64. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 0.16.1-11 - Rebuild against newer gecko * Tue Sep 23 2008 Christopher Aillon [EMAIL PROTECTED] - 0.16.1-10 - Rebuild against newer gecko * Tue Jul 15 2008 Christopher Aillon [EMAIL PROTECTED] - 0.16.1-9 - Rebuild against newer gecko * Wed Jul 2 2008 Christopher Aillon [EMAIL PROTECTED] - 0.16.1-8 - Rebuild against newer gecko * Wed Apr 16 2008 Christopher Aillon [EMAIL PROTECTED] - 0.16.1-7 - Rebuild against newer gecko * Tue Mar 25 2008 Christopher Aillon [EMAIL PROTECTED] - 0.16.1-6 - Rebuild against newer gecko * Fri Feb 8 2008 Christopher Aillon [EMAIL PROTECTED] - 0.16.1-5 - Rebuild against newer gecko * Tue Nov 27 2007 Christopher Aillon [EMAIL PROTECTED] - 0.16.1-4 - Rebuild against newer gecko * Mon Nov 5 2007 Martin Stransky [EMAIL PROTECTED] - 0.16.1-3.fc8 - rebuild against new firefox References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470864 - CVE-2008-5012 Mozilla Image stealing via canvas and HTTP redirect https://bugzilla.redhat.com/show_bug.cgi?id=470864 [ 3 ] Bug #470867 - CVE-2008-5013 Mozilla Flash Player dynamic module unloading flaw https://bugzilla.redhat.com/show_bug.cgi?id=470867 [ 4 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 5 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 6 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 7 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 8 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 9 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser https://bugzilla.redhat.com/show_bug.cgi?id=470892 [ 10 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 11 ] Bug #470895 - CVE-2008-5022 Mozilla nsXMLHttpRequest::NotifyEventListeners() same-origin violation https://bugzilla.redhat.com/show_bug.cgi?id=470895 [ 12 ] Bug #470898 - CVE-2008-5023 Mozilla -moz-binding property bypasses security checks on codebase principals
[SECURITY] Fedora 8 Update: evolution-rss-0.0.8-13.fc8
Fedora Update Notification FEDORA-2008-9667 2008-11-14 11:11:33 Name: evolution-rss Product : Fedora 8 Version : 0.0.8 Release : 13.fc8 URL : http://gnome.eu.org/evo/index.php/Evolution_RSS_Reader_Plugin Summary : Evolution RSS Reader Description : This is an evolution plugin which enables evolution to read rss feeds. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 8.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 2.0.0.18[1].All firefox users and users of packages depending on firefox[2] should upgrade to these updated packages, which correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox20.html#firefox2.0.0.18 [2] blam cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome-web-photo kazehakase liferea Miro openvrml ruby-gnome2 yelp Provides Python bindings for libgdl on PPC64. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 0.0.8-13 - Rebuild against newer gecko * Tue Sep 23 2008 Christopher Aillon [EMAIL PROTECTED] - 0.0.8-12 - Rebuild against newer gecko * Wed Jul 16 2008 Lucian Langa [EMAIL PROTECTED] - 0.0.8-11 - Rebuild against newer gecko (1.8.1.18) * Mon Jul 7 2008 Lucian Langa [EMAIL PROTECTED] - 0.0.8-10 - Rebuild against newer gecko (1.8.1.15) * Mon Apr 28 2008 Lucian Langa [EMAIL PROTECTED] - 0.0.8-9 - Rebuild against newer gecko (1.8.1.14) * Thu Apr 10 2008 Lucian Langa [EMAIL PROTECTED] - 0.0.8-8 - Make gecko primary render engine - Force gecko-libs as required deps * Fri Mar 28 2008 Lucian Langa [EMAIL PROTECTED] - 0.0.8-7 - Rebuild against newer gecko References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470864 - CVE-2008-5012 Mozilla Image stealing via canvas and HTTP redirect https://bugzilla.redhat.com/show_bug.cgi?id=470864 [ 3 ] Bug #470867 - CVE-2008-5013 Mozilla Flash Player dynamic module unloading flaw https://bugzilla.redhat.com/show_bug.cgi?id=470867 [ 4 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 5 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 6 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 7 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 8 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 9 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser https://bugzilla.redhat.com/show_bug.cgi?id=470892 [ 10 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 11 ] Bug #470895 - CVE-2008-5022 Mozilla nsXMLHttpRequest::NotifyEventListeners() same-origin violation https://bugzilla.redhat.com/show_bug.cgi?id=470895 [ 12 ] Bug #470898 - CVE-2008-5023 Mozilla -moz-binding property bypasses security checks on codebase principals https://bugzilla.redhat.com/show_bug.cgi?id=470898 [ 13 ] Bug #470902 - CVE-2008-5024 Mozilla parsing
[SECURITY] Fedora 8 Update: galeon-2.0.4-6.fc8.3
Fedora Update Notification FEDORA-2008-9667 2008-11-14 11:11:33 Name: galeon Product : Fedora 8 Version : 2.0.4 Release : 6.fc8.3 URL : http://galeon.sourceforge.net/ Summary : GNOME2 Web browser based on Mozilla Description : Galeon is a web browser built around Gecko (Mozilla's rendering engine) and Necko (Mozilla's networking engine). It's a GNOME web browser, designed to take advantage of as many GNOME technologies as makes sense. Galeon was written to do just one thing - browse the web. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 8.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 2.0.0.18[1].All firefox users and users of packages depending on firefox[2] should upgrade to these updated packages, which correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox20.html#firefox2.0.0.18 [2] blam cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome-web-photo kazehakase liferea Miro openvrml ruby-gnome2 yelp Provides Python bindings for libgdl on PPC64. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 2.0.4-6.3 - Rebuild against newer gecko * Tue Sep 23 2008 Christopher Aillon [EMAIL PROTECTED] - 2.0.4-5.3 - Rebuild against newer gecko * Tue Jul 15 2008 Christopher Aillon [EMAIL PROTECTED] - 2.0.4-4.3 - Rebuild against newer gecko * Wed Jul 2 2008 Christopher Aillon [EMAIL PROTECTED] - 2.0.4-3.3 - Rebuild against newer gecko * Wed Apr 16 2008 Christopher Aillon [EMAIL PROTECTED] - 2.0.4-2.3 - Rebuild against newer gecko * Tue Mar 25 2008 Christopher Aillon [EMAIL PROTECTED] - 2.0.4-1.3 - Rebuild against newer gecko * Fri Feb 8 2008 Christopher Aillon [EMAIL PROTECTED] - 2.0.4-1.2 - Rebuild against newer gecko * Sun Jan 6 2008 Denis Leroy [EMAIL PROTECTED] - 2.0.4-1.1 - Fixed plugin-wrapper patch * Sat Dec 15 2007 Denis Leroy [EMAIL PROTECTED] - 2.0.4-1 - Update to upstream 2.0.4 - Some patches integrated upstream, plugin-wrapper patch ported * Thu Nov 29 2007 Martin Stransky [EMAIL PROTECTED] - 2.0.3-17 - Updated patch for wrapped plugins * Tue Nov 27 2007 Denis Leroy [EMAIL PROTECTED] - 2.0.3-16 - Rebuild with gecko lib 1.8.1.10 * Mon Nov 19 2007 Martin Stransky [EMAIL PROTECTED] - 2.0.3-15 - Added support for wrapped plugins * Tue Nov 6 2007 Denis Leroy [EMAIL PROTECTED] - 2.0.3-14 - Rebuild with gecko lib 1.8.1.9 References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470864 - CVE-2008-5012 Mozilla Image stealing via canvas and HTTP redirect https://bugzilla.redhat.com/show_bug.cgi?id=470864 [ 3 ] Bug #470867 - CVE-2008-5013 Mozilla Flash Player dynamic module unloading flaw https://bugzilla.redhat.com/show_bug.cgi?id=470867 [ 4 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 5 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 6 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 7 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 8 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session
[SECURITY] Fedora 8 Update: gnome-web-photo-0.3-14.fc8
Fedora Update Notification FEDORA-2008-9667 2008-11-14 11:11:33 Name: gnome-web-photo Product : Fedora 8 Version : 0.3 Release : 14.fc8 URL : http://ftp.gnome.org/pub/GNOME/sources/gnome-web-photo/0.3/ Summary : HTML pages thumbnailer Description : gnome-web-photo contains a thumbnailer that will be used by GNOME applications, including the file manager, to generate screenshots of web pages. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 8.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 2.0.0.18[1].All firefox users and users of packages depending on firefox[2] should upgrade to these updated packages, which correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox20.html#firefox2.0.0.18 [2] blam cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome-web-photo kazehakase liferea Miro openvrml ruby-gnome2 yelp Provides Python bindings for libgdl on PPC64. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 0.3-14 - Rebuild against newer gecko * Tue Sep 23 2008 Christopher Aillon [EMAIL PROTECTED] - 0.3-13 - Rebuild against newer gecko * Tue Jul 15 2008 Christopher Aillon [EMAIL PROTECTED] - 0.3-12 - Rebuild against newer gecko * Wed Jul 2 2008 Christopher Aillon [EMAIL PROTECTED] - 0.3-11 - Rebuild against newer gecko * Wed Apr 16 2008 Christopher Aillon [EMAIL PROTECTED] - 0.3-10 - Rebuild against newer gecko * Tue Mar 25 2008 Christopher Aillon [EMAIL PROTECTED] - 0.3-9 - Rebuild against newer gecko * Fri Feb 8 2008 Christopher Aillon [EMAIL PROTECTED] - 0.3-8 - Rebuild against newer gecko * Tue Nov 27 2007 Christopher Aillon [EMAIL PROTECTED] - 0.3-7 - Rebuild against newer gecko * Tue Nov 6 2007 - Martin Stransky [EMAIL PROTECTED] - 0.3-6 - Rebuild for new Gecko * Thu Oct 25 2007 - Bastien Nocera [EMAIL PROTECTED] - 0.3-5 - Rebuild for new Gecko, tighten dependencies References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470864 - CVE-2008-5012 Mozilla Image stealing via canvas and HTTP redirect https://bugzilla.redhat.com/show_bug.cgi?id=470864 [ 3 ] Bug #470867 - CVE-2008-5013 Mozilla Flash Player dynamic module unloading flaw https://bugzilla.redhat.com/show_bug.cgi?id=470867 [ 4 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 5 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 6 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 7 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 8 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 9 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser https://bugzilla.redhat.com/show_bug.cgi?id=470892 [ 10 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 11 ] Bug #470895 - CVE-2008-5022 Mozilla nsXMLHttpRequest::NotifyEventListeners()
[SECURITY] Fedora 8 Update: liferea-1.4.15-5.fc8
Fedora Update Notification FEDORA-2008-9667 2008-11-14 11:11:33 Name: liferea Product : Fedora 8 Version : 1.4.15 Release : 5.fc8 URL : http://liferea.sourceforge.net/ Summary : An RSS/RDF feed reader Description : Liferea (Linux Feed Reader) is an RSS/RDF feed reader. It's intended to be a clone of the Windows-only FeedReader. It can be used to maintain a list of subscribed feeds, browse through their items, and show their contents. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 8.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 2.0.0.18[1].All firefox users and users of packages depending on firefox[2] should upgrade to these updated packages, which correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox20.html#firefox2.0.0.18 [2] blam cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome-web-photo kazehakase liferea Miro openvrml ruby-gnome2 yelp Provides Python bindings for libgdl on PPC64. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 1.4.15-5 - Rebuild against newer gecko * Tue Sep 23 2008 Christopher Aillon [EMAIL PROTECTED] - 1.4.15-4 - Rebuild against newer gecko * Tue Jul 15 2008 Christopher Aillon [EMAIL PROTECTED] - 1.4.15-3 - Rebuild against newer gecko * Wed Jul 2 2008 Christopher Aillon [EMAIL PROTECTED] - 1.4.15-2 - Rebuild against newer gecko * Thu May 15 2008 Marc Wiriadisastra [EMAIL PROTECTED] - 1.4.15-1 - New version rebuild for F-8 and F-7 * Mon Apr 7 2008 Alex Lancaster alexlan[AT]fedoraproject org - 1.4.13-2 - Rebuild for N-E-V-R issues. * Mon Mar 17 2008 Marc Wiriadisastra [EMAIL PROTECTED] - 1.4.13-1 - Updated to latest stable version * Sat Feb 23 2008 Marc Wiriadisastra [EMAIL PROTECTED] - 1.4.12-2 - Fixed fedora feed for fedora weekly news * Wed Feb 20 2008 Marc Wiriadisastra [EMAIL PROTECTED] - 1.4.12-1 - new version - builds with gcc4.3 - added firefox-devel and xulrunner-devel for different fedora's * Fri Feb 8 2008 Christopher Aillon [EMAIL PROTECTED] - 1.4.11-2 - Rebuild against newer gecko * Thu Jan 17 2008 Brian Pepple [EMAIL PROTECTED] - 1.4.11-1 - Update to 1.4.11. release fixes news bin crasher. (#429021) * Wed Dec 19 2007 Brian Pepple [EMAIL PROTECTED] - 1.4.10-1 - Update to 1.4.10. - Update feed patch. * Sun Dec 2 2007 Brian Pepple [EMAIL PROTECTED] - 1.4.9-1 - Update to 1.4.9. - Update feed patch. * Tue Nov 27 2007 Christopher Aillon [EMAIL PROTECTED] - 1.4.8-2 - Rebuild against newer gecko * Thu Nov 22 2007 Brian Pepple [EMAIL PROTECTED] - 1.4.8-1 - Update to 1.4.8. - fixes LD_LIBRARY_PATH security bug. CVE-2006-4791 * Thu Nov 15 2007 Brian Pepple [EMAIL PROTECTED] - 1.4.7-1 - Update to 1.4.7. - Drop opml nm patches. fixed upstream. - Update fedora feed patch for 1.4.x. - add BR on sqlite-devel, dbus-devel, dbus-glib-devel, libglade2-devel. - Don't build gtkhtml2 plugin for now. * Tue Nov 6 2007 Brian Pepple [EMAIL PROTECTED] - 1.2.23-6 - Rebuild for new gecko libs. * Wed Oct 31 2007 Brian Pepple [EMAIL PROTECTED] - 1.2.23-5 - Add patch to fix opml security bug: CVE-2007-5751. (#360641) References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470864 - CVE-2008-5012 Mozilla Image stealing via canvas and HTTP redirect https://bugzilla.redhat.com/show_bug.cgi?id=470864 [ 3 ] Bug #470867 - CVE-2008-5013 Mozilla Flash Player dynamic module
[SECURITY] Fedora 8 Update: gnome-python2-extras-2.19.1-19.fc8
Fedora Update Notification FEDORA-2008-9667 2008-11-14 11:11:33 Name: gnome-python2-extras Product : Fedora 8 Version : 2.19.1 Release : 19.fc8 URL : http://www.pygtk.org/ Summary : The sources for additional. PyGNOME Python extension modules. Description : The gnome-python-extra package contains the source packages for additional Python bindings for GNOME. It should be used together with gnome-python. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 8.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 2.0.0.18[1].All firefox users and users of packages depending on firefox[2] should upgrade to these updated packages, which correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox20.html#firefox2.0.0.18 [2] blam cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome-web-photo kazehakase liferea Miro openvrml ruby-gnome2 yelp Provides Python bindings for libgdl on PPC64. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 2.19.1-19 - Rebuild against newer gecko * Mon Oct 27 2008 Matthew Barnes [EMAIL PROTECTED] - 2.19.1-18 - Provide Python bindings for anjuta-gdl on ppc64 (RH bug #468693). * Tue Sep 23 2008 Christopher Aillon [EMAIL PROTECTED] - 2.19.1-17 - Rebuild against newer gecko * Tue Jul 15 2008 Christopher Aillon [EMAIL PROTECTED] - 2.19.1-16 - Rebuild against newer gecko * Wed Jul 2 2008 Christopher Aillon [EMAIL PROTECTED] - 2.19.1-15 - Rebuild against newer gecko * Wed Apr 16 2008 Christopher Aillon [EMAIL PROTECTED] - 2.19.1-14 - Rebuild against newer gecko * Tue Mar 25 2008 Christopher Aillon [EMAIL PROTECTED] - 2.19.1-13 - Rebuild against newer gecko * Fri Feb 8 2008 Christopher Aillon [EMAIL PROTECTED] - 2.19.1-12 - Rebuild against newer gecko * Tue Nov 27 2007 Christopher Aillon [EMAIL PROTECTED] - 2.19.1-11 - Rebuild against newer gecko * Sat Nov 10 2007 Alex Lancaster [EMAIL PROTECTED] - 2.19.1-10.fc8 - Rebuild against gecko-libs 1.8.1.9 References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470864 - CVE-2008-5012 Mozilla Image stealing via canvas and HTTP redirect https://bugzilla.redhat.com/show_bug.cgi?id=470864 [ 3 ] Bug #470867 - CVE-2008-5013 Mozilla Flash Player dynamic module unloading flaw https://bugzilla.redhat.com/show_bug.cgi?id=470867 [ 4 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 5 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 6 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 7 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 8 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 9 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser https://bugzilla.redhat.com/show_bug.cgi?id=470892 [ 10 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 11 ] Bug
[SECURITY] Fedora 8 Update: kazehakase-0.5.6-1.fc8.1
Fedora Update Notification FEDORA-2008-9667 2008-11-14 11:11:33 Name: kazehakase Product : Fedora 8 Version : 0.5.6 Release : 1.fc8.1 URL : http://kazehakase.sourceforge.jp/ Summary : Kazehakase browser using Gecko rendering engine Description : Kazehakase is a Web browser which aims to provide a user interface that is truly user-friendly fully customizable. This package uses Gecko for HTML rendering engine. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 8.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 2.0.0.18[1].All firefox users and users of packages depending on firefox[2] should upgrade to these updated packages, which correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox20.html#firefox2.0.0.18 [2] blam cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome-web-photo kazehakase liferea Miro openvrml ruby-gnome2 yelp Provides Python bindings for libgdl on PPC64. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 0.5.6-1.1 - Rebuild against newer gecko * Fri Oct 31 2008 Mamoru Tasaka [EMAIL PROTECTED] - 0.5.6-1 - 0.5.6 - -UGTK_DISABLE_DEPRECATED hack removed (hack introduced in upstream) * Wed Sep 24 2008 Christopher Aillon [EMAIL PROTECTED] - Rebuild against newer gecko (F-9/8) * Tue Aug 5 2008 Mamoru Tasaka [EMAIL PROTECTED] - Try rev. 3509 * Wed Jul 30 2008 Mamoru Tasaka [EMAIL PROTECTED] - 0.5.5-1 - 0.5.5 * Sat Jul 19 2008 Mamoru Tasaka [EMAIL PROTECTED] - 0.5.4-7.svn3506_trunk - F-9+: relax gecko libs dependency (as GRE_GetGREPathWithProperties properly finds out GRE) - F-10+: add -UGTK_DISABLE_DEPRECATED temporarily * Tue Jul 15 2008 Christopher Aillon [EMAIL PROTECTED] - Rebuild against newer gecko (F-8) * Wed Jul 2 2008 Christopher Aillon [EMAIL PROTECTED] - Rebuild against newer gecko (F-8) * Sat Jun 28 2008 Mamoru Tasaka [EMAIL PROTECTED] - 0.5.4-6.svn3506_trunk - Try rev 3506 - Workaround for bug 447444 (xulrunner vs hunspell conflict) (F-9+) * Wed Jun 25 2008 Mamoru Tasaka [EMAIL PROTECTED] - 0.5.4-5 - Apply xulrunner related patches from debian by Mike Hommey (debian bug 480796, rh bug 402641) This time kazehakase actually works with xulrunner! * Tue Apr 29 2008 Mamoru Tasaka [EMAIL PROTECTED] - 0.5.4-4 - Remove redundant description per rel-eng team request * Wed Apr 23 2008 Mamoru Tasaka [EMAIL PROTECTED] - 0.5.4-3 - F-9: temporizing fix for xulrunner * Enable gtk-mozembed - don't work at all, however does not crash * force to install WebKit version * Wed Apr 16 2008 Christopher Aillon [EMAIL PROTECTED] - 0.5.4-2.1 - Rebuild against newer gecko (F-8/9) * Mon Apr 14 2008 Mamoru Tasaka [EMAIL PROTECTED] - 0.5.4-2 - Rebuild for new WebKit (F-7/8: bug 438531) * Sun Mar 30 2008 Mamoru Tasaka [EMAIL PROTECTED] - 0.5.4-1 - 0.5.4 * Fri Mar 28 2008 Mamoru Tasaka [EMAIL PROTECTED] - 0.5.3-6.svn3501_trunk - Try svn 3501 (still not work against xulrunner :( ) * Tue Mar 25 2008 Christopher Aillon [EMAIL PROTECTED] - 0.5.3-5 - Rebuild against newer gecko (F-7/8) * Wed Mar 5 2008 Mamoru Tasaka [EMAIL PROTECTED] - 0.5.3-4 - Create kazehakase-base, split gecko.so from -base package so that users can install only WebKit based package. * Sun Mar 2 2008 Mamoru Tasaka [EMAIL PROTECTED] - 0.5.3-3 - Support WebGTK * Sat Mar 1 2008 Mamoru Tasaka [EMAIL PROTECTED] - 0.5.3-1 - 0.5.3 * Fri Feb 29 2008 Mamoru Tasaka [EMAIL PROTECTED] - 0.5.2-8.svn3410_trunk - More try to use xulrunner * GRE version fix * Remove seemingly undesirable linking * Sun Feb 24 2008
[SECURITY] Fedora 8 Update: openvrml-0.17.10-2.0.fc8
Fedora Update Notification FEDORA-2008-9667 2008-11-14 11:11:33 Name: openvrml Product : Fedora 8 Version : 0.17.10 Release : 2.0.fc8 URL : http://openvrml.org Summary : VRML/X3D runtime library Description : OpenVRML is a VRML/X3D support library, including a runtime and facilities for reading and displaying VRML and X3D models. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 8.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 2.0.0.18[1].All firefox users and users of packages depending on firefox[2] should upgrade to these updated packages, which correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox20.html#firefox2.0.0.18 [2] blam cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome-web-photo kazehakase liferea Miro openvrml ruby-gnome2 yelp Provides Python bindings for libgdl on PPC64. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 0.17.10-2.0 - Rebuild against newer gecko * Sun Oct 26 2008 Braden McDaniel [EMAIL PROTECTED] - 0.17.10-1.0 - Updated to 0.17.10. * Thu Oct 9 2008 Braden McDaniel [EMAIL PROTECTED] - 0.17.9-1.0 - Updated to 0.17.9. * Thu Oct 9 2008 Braden McDaniel [EMAIL PROTECTED] - Include two directories in -player pkg. * Tue Sep 23 2008 Christopher Aillon [EMAIL PROTECTED] - 0.17.8-2.0 - Rebuild against newer gecko * Wed Aug 13 2008 Braden McDaniel [EMAIL PROTECTED] - Build with -Wno-missing-braces. * Wed Aug 13 2008 Braden McDaniel [EMAIL PROTECTED] - 0.17.8-1.0 - Updated to 0.17.8. * Tue Aug 12 2008 Braden McDaniel [EMAIL PROTECTED] - 0.17.7-1.0 - Updated to 0.17.7. * Tue Aug 12 2008 Braden McDaniel [EMAIL PROTECTED] - 0.17.6-7.0 - Change to x.y convention for the Release number to satisfy Fedora packaging scripts. * Tue Jul 15 2008 Christopher Aillon [EMAIL PROTECTED] - 0.17.6-6 - Rebuild against newer gecko * Mon Jul 7 2008 Braden McDaniel [EMAIL PROTECTED] - 0.17.6-5 - gcc visibility flags are still a problem for firefox headers on F8. * Sun Jul 6 2008 Braden McDaniel [EMAIL PROTECTED] - 0.17.6-4 - Rebuild after updating gecko-libs requirement. * Wed Jul 2 2008 Christopher Aillon [EMAIL PROTECTED] - 0.17.6-3 - Rebuild against newer gecko * Sun Jun 22 2008 Braden McDaniel [EMAIL PROTECTED] - 0.17.6-2 - Make symbols for libglade callbacks in openvrml-player visible. * Fri Jun 20 2008 Braden McDaniel [EMAIL PROTECTED] - 0.17.6-1 - Updated to 0.17.6. - Build with -fvisibility=hidden -fvisibility-inlines-hidden * Wed Apr 16 2008 Christopher Aillon [EMAIL PROTECTED] - 0.17.5-5 - Rebuild against newer gecko * Tue Mar 25 2008 Christopher Aillon [EMAIL PROTECTED] - 0.17.5-4 - Rebuild against newer gecko * Mon Mar 17 2008 Braden McDaniel [EMAIL PROTECTED] - 0.17.5-3 - Patch for crash in openvrml-xembed (bug 437611). * Fri Feb 8 2008 Christopher Aillon [EMAIL PROTECTED] - 0.17.5-2 - Rebuild against newer gecko * Tue Feb 5 2008 Braden McDaniel [EMAIL PROTECTED] - 0.17.5-1 - Updated to 0.17.5. - Added --enable-gecko-rpath. * Sat Jan 26 2008 Braden McDaniel [EMAIL PROTECTED] - 0.17.4-1 - Updated to 0.17.4. * Thu Jan 17 2008 Braden McDaniel [EMAIL PROTECTED] - 0.17.3-1 - Updated to 0.17.3. * Wed Jan 9 2008 Braden McDaniel [EMAIL PROTECTED] - 0.17.2-1 - Updated to 0.17.2. * Sun Jan 6 2008 Braden McDaniel [EMAIL PROTECTED] - 0.17.1-1 - Updated to 0.17.1. * Wed Dec 19 2007 Braden McDaniel [EMAIL PROTECTED] - 0.17.0-2 - Removed %check. The browser test fails on ppc due to what looks like a probable compiler bug. * Wed Dec 19 2007
[SECURITY] Fedora 8 Update: Miro-1.2.7-2.fc8
Fedora Update Notification FEDORA-2008-9667 2008-11-14 11:11:33 Name: Miro Product : Fedora 8 Version : 1.2.7 Release : 2.fc8 URL : http://www.getmiro.com/ Summary : Miro - Internet TV Player Description : Miro is a free application that turns your computer into an internet TV video player. This release is still a beta version, which means that there are some bugs, but we're moving quickly to fix them and will be releasing bug fixes on a regular basis. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 8.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 2.0.0.18[1].All firefox users and users of packages depending on firefox[2] should upgrade to these updated packages, which correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox20.html#firefox2.0.0.18 [2] blam cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome-web-photo kazehakase liferea Miro openvrml ruby-gnome2 yelp Provides Python bindings for libgdl on PPC64. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 1.2.7-2 - Rebuild against newer gecko * Sun Sep 28 2008 Alex Lancaster alexlan[AT]fedoraproject org - 1.2.7-1 - Update to latest upstream (1.2.7) * Tue Sep 23 2008 Christopher Aillon [EMAIL PROTECTED] - 1.2.3-4 - Rebuild against newer gecko * Tue Jul 15 2008 Christopher Aillon [EMAIL PROTECTED] - 1.2.3-3 - Rebuild against newer gecko * Wed Jul 2 2008 Christopher Aillon [EMAIL PROTECTED] - 1.2.3-2 - Rebuild against newer gecko * Tue Apr 29 2008 Alex Lancaster alexlan[AT]fedoraproject org - 1.2.3-1 - Update to new upstream release (1.2.3) * Wed Apr 16 2008 Christopher Aillon [EMAIL PROTECTED] - 1.2-2 - Rebuild against newer gecko * Sat Mar 29 2008 Alex Lancaster alexlan[AT]fedoraproject org - 1.2-1 - Update to latest upstream (1.2) * Tue Mar 25 2008 Christopher Aillon [EMAIL PROTECTED] 1.1.2-2 - Rebuild against newer gecko * Tue Mar 11 2008 Alex Lancaster alexlan[AT]fedoraproject org - 1.1.2-1 - Update to upstream 1.1.2 release * Fri Feb 8 2008 Christopher Aillon [EMAIL PROTECTED] 1.1-3 - Rebuild against newer gecko * Fri Jan 25 2008 Michel Salim [EMAIL PROTECTED] - 1.1-2 - Fix charset mismatch in download window - Remove shebangs from scripts - Sanitize end-of-line markers * Thu Jan 17 2008 Alex Lancaster alexlan[AT]fedoraproject org - 1.1-1 - Update to upstream 1.1 release - Add BuildRequires: openssl-devel * Mon Nov 26 2007 Alex Lancaster alexlan[AT]fedoraproject org 1.0-2 - Build against gecko-libs 1.8.1.10 (firefox 2.0.0.10) * Fri Nov 16 2007 Alex Lancaster alexlan[AT]fedoraproject org 1.0-1 - Update to latest upstream (1.0). * Fri Nov 9 2007 Alex Lancaster alexlan[AT]fedoraproject org 0.9.9.9-1 - Update to latest upstream (0.9.9.9) - Build against gecko-libs 1.8.1.9 (firefox 2.0.0.9) - Include xine_extractor in package (thanks to Jason Farrell) - Drop Miro-setup.py.patch * Thu Nov 1 2007 Alex Lancaster alexlan[AT]fedoraproject org 0.9.9.1-6 - Update patch with workaround suggested on: http://bugzilla.pculture.org/show_bug.cgi?id=8579 * Wed Oct 31 2007 Alex Lancaster alexlan[AT]fedoraproject org 0.9.9.1-5 - Add setup.py patch to ignore call to svn. * Tue Oct 30 2007 Alex Lancaster alexlan[AT]fedoraproject org 0.9.9.1-3 - Add BuildRequires: libXv-devel - Drop dbus patch * Sun Oct 28 2007 Alex Lancaster alexlan[AT]fedoraproject org 0.9.9.1-1 - Update to latest upstream (0.9.9.1) * Fri Oct 26 2007 Alex Lancaster alexlan[AT]fedoraproject org 0.9.8.1-8 - Replace Requires and BuildRequires for firefox with gecko
[SECURITY] Fedora 8 Update: ruby-gnome2-0.17.0-3.fc8
Fedora Update Notification FEDORA-2008-9667 2008-11-14 11:11:33 Name: ruby-gnome2 Product : Fedora 8 Version : 0.17.0 Release : 3.fc8 URL : http://ruby-gnome2.sourceforge.jp/ Summary : Ruby binding of libgnome/libgnomeui-2.x Description : This is a set of bindings for the GNOME-2.x libraries for use from Ruby. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 8.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 2.0.0.18[1].All firefox users and users of packages depending on firefox[2] should upgrade to these updated packages, which correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox20.html#firefox2.0.0.18 [2] blam cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome-web-photo kazehakase liferea Miro openvrml ruby-gnome2 yelp Provides Python bindings for libgdl on PPC64. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 0.17.0-3 - Rebuild against newer gecko * Tue Sep 23 2008 Christopher Aillon [EMAIL PROTECTED] - 0.17.0-2 - Rebuild against newer gecko * Thu Sep 18 2008 Mamoru Tasaka [EMAIL PROTECTED] 0.17.0-1 - Update to 0.17.0 - Patch from svn to fix Ruby/GLib bug (bug 456816) * Tue Jul 15 2008 Christopher Aillon [EMAIL PROTECTED] - 0.17.0-0.3.rc1 - Rebuild against newer gecko * Wed Jul 2 2008 Christopher Aillon [EMAIL PROTECTED] - 0.17.0-0.2.rc1 - Rebuild against newer gecko * Sun Jun 8 2008 Mamoru Tasaka [EMAIL PROTECTED] - 0.17.0-0.1.rc1 - 0.17.0 rc1 - Remove upstreamed patches - 2 patches remain - ruby-gnome2-0.17.0-rc1-script.patch - ruby-gnome2-all-0.16.0-xulrunner.patch - Restrict ruby abi dependency to exact 1.8 version - Fix the license (to strict LGPLv2) * Wed Apr 16 2008 Christopher Aillon [EMAIL PROTECTED] - 0.16.0-22 - Rebuild against newer gecko * Tue Mar 25 2008 Christopher Aillon [EMAIL PROTECTED] 0.16.0-21 - Rebuild against newer gecko * Fri Feb 8 2008 Christopher Aillon [EMAIL PROTECTED] 0.16.0-20 - Rebuild against newer gecko * Sat Jan 26 2008 Allisson Azevedo [EMAIL PROTECTED] 0.16.0-19 - Fix libglade2 Undefined method error (bugzilla #428781) * Tue Dec 4 2007 Allisson Azevedo [EMAIL PROTECTED] 0.16.0-18 - Fix CVE-2007-6183, format string vulnerability (bugzilla #402871) * Tue Nov 27 2007 Christopher Aillon [EMAIL PROTECTED] 0.16.0-17 - Rebuild against newer gecko * Tue Nov 13 2007 Alex Lancaster [EMAIL PROTECTED] 0.16.0-16 - Fix my typo in BuildRequires * Tue Nov 13 2007 Alex Lancaster [EMAIL PROTECTED] 0.16.0-15 - Rebuild against gecko-libs and gecko-devel (firefox 2.0.0.9). References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470864 - CVE-2008-5012 Mozilla Image stealing via canvas and HTTP redirect https://bugzilla.redhat.com/show_bug.cgi?id=470864 [ 3 ] Bug #470867 - CVE-2008-5013 Mozilla Flash Player dynamic module unloading flaw https://bugzilla.redhat.com/show_bug.cgi?id=470867 [ 4 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 5 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 6 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 7 ] Bug
[SECURITY] Fedora 8 Update: seamonkey-1.1.13-1.fc8
Fedora Update Notification FEDORA-2008-9667 2008-11-14 11:11:33 Name: seamonkey Product : Fedora 8 Version : 1.1.13 Release : 1.fc8 URL : http://www.mozilla.org/projects/seamonkey/ Summary : Web browser, e-mail, news, IRC client, HTML editor Description : SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 8.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 2.0.0.18[1].All firefox users and users of packages depending on firefox[2] should upgrade to these updated packages, which correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox20.html#firefox2.0.0.18 [2] blam cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome-web-photo kazehakase liferea Miro openvrml ruby-gnome2 yelp Provides Python bindings for libgdl on PPC64. ChangeLog: * Thu Nov 13 2008 Christopher Aillon [EMAIL PROTECTED] - 1.1.13-1 - Update to 1.1.13 * Thu Sep 25 2008 Christopher Aillon [EMAIL PROTECTED] - 1.1.12-1 - Update to 1.1.12 * Tue Jul 15 2008 Christopher Aillon [EMAIL PROTECTED] - 1.1.11-1 - Update to 1.1.11 * Tue Jul 8 2008 Christopher Aillon [EMAIL PROTECTED] - 1.1.10-1 - Update to 1.1.10 - Use bullet characters to match GTK+ * Thu Apr 17 2008 Kai Engert [EMAIL PROTECTED] - 1.1.9-2 - add several upstream patches, not yet released: 425576 (crash), 323508, 378132, 390295, 421622 * Fri Mar 28 2008 Kai Engert [EMAIL PROTECTED] - 1.1.9-1 - SeaMonkey 1.1.9 * Fri Feb 8 2008 Kai Engert [EMAIL PROTECTED] - 1.1.8-1 - SeaMonkey 1.1.8 * Sun Dec 2 2007 Kai Engert [EMAIL PROTECTED] - 1.1.7-1 - SeaMonkey 1.1.7 * Mon Nov 5 2007 Kai Engert [EMAIL PROTECTED] - 1.1.6-1 - SeaMonkey 1.1.6 * Fri Oct 19 2007 Kai Engert [EMAIL PROTECTED] - 1.1.5-2 - SeaMonkey 1.1.5 References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470864 - CVE-2008-5012 Mozilla Image stealing via canvas and HTTP redirect https://bugzilla.redhat.com/show_bug.cgi?id=470864 [ 3 ] Bug #470867 - CVE-2008-5013 Mozilla Flash Player dynamic module unloading flaw https://bugzilla.redhat.com/show_bug.cgi?id=470867 [ 4 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 5 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 6 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 7 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 8 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 9 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser https://bugzilla.redhat.com/show_bug.cgi?id=470892 [ 10 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 11 ]
[SECURITY] Fedora 8 Update: yelp-2.20.0-14.fc8
Fedora Update Notification FEDORA-2008-9667 2008-11-14 11:11:33 Name: yelp Product : Fedora 8 Version : 2.20.0 Release : 14.fc8 URL : http://live.gnome.org/Yelp Summary : A system documentation reader from the Gnome project Description : Yelp is the Gnome 2 help/documentation browser. It is designed to help you browse all the documentation on your system in one central tool. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 8.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 2.0.0.18[1].All firefox users and users of packages depending on firefox[2] should upgrade to these updated packages, which correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox20.html#firefox2.0.0.18 [2] blam cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome-web-photo kazehakase liferea Miro openvrml ruby-gnome2 yelp Provides Python bindings for libgdl on PPC64. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 2.20.0-14 - Rebuild against newer gecko * Tue Sep 23 2008 Christopher Aillon [EMAIL PROTECTED] - 2.20.0-13 - Rebuild against newer gecko * Mon Aug 25 2008 Matthew Barnes [EMAIL PROTECTED] - 2.20.0-12 - Add patch for RH bug #459487 (format string vulnerability). * Tue Jul 15 2008 Christopher Aillon [EMAIL PROTECTED] - 2.20.0-11 - Rebuild against newer gecko * Wed Jul 2 2008 Christopher Aillon [EMAIL PROTECTED] - 2.20.0-10 - Rebuild against newer gecko * Wed Apr 16 2008 Christopher Aillon [EMAIL PROTECTED] - 2.20.0-9 - Rebuild against newer gecko * Tue Mar 25 2008 Christopher Aillon [EMAIL PROTECTED] - 2.20.0-8 - Rebuild against newer gecko * Fri Feb 8 2008 Christopher Aillon [EMAIL PROTECTED] - 2.20.0-7 - Rebuild against newer gecko * Tue Nov 27 2007 Christopher Aillon [EMAIL PROTECTED] - 2.20.0-6 - Rebuild against newer gecko * Mon Nov 5 2007 Matthias Clasen [EMAIL PROTECTED] - 2.20.0-5 - Fix a crash in search (#361041) * Mon Nov 5 2007 Martin Stransky [EMAIL PROTECTED] - 2.20.0-4 - Rebuild against new firefox * Sun Nov 4 2007 Matthias Clasen [EMAIL PROTECTED] - 2.20.0-3 - Fix a crash when loading the rarian docs References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470864 - CVE-2008-5012 Mozilla Image stealing via canvas and HTTP redirect https://bugzilla.redhat.com/show_bug.cgi?id=470864 [ 3 ] Bug #470867 - CVE-2008-5013 Mozilla Flash Player dynamic module unloading flaw https://bugzilla.redhat.com/show_bug.cgi?id=470867 [ 4 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 5 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 6 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 7 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 8 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 9 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser https://bugzilla.redhat.com/show_bug.cgi?id=470892 [ 10 ] Bug
Fedora 8 Update: ganyremote-5.4.1-1.fc8
Fedora Update Notification FEDORA-2008-9668 2008-11-14 11:11:41 Name: ganyremote Product : Fedora 8 Version : 5.4.1 Release : 1.fc8 URL : http://anyremote.sourceforge.net/ Summary : GTK frontend for anyRemote Description : gAnyRemote package is GTK GUI frontend for anyRemote (http://anyremote.sourceforge.net/). The overall goal of this project is to provide remote control service on Linux through Bluetooth, InfraRed, Wi-Fi or TCP/IP connection. This update can be installed with the yum update program. Use su -c 'yum update ganyremote' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
[SECURITY] Fedora 9 Update: xulrunner-1.9.0.4-1.fc9
Fedora Update Notification FEDORA-2008-9669 2008-11-14 11:11:49 Name: xulrunner Product : Fedora 9 Version : 1.9.0.4 Release : 1.fc9 URL : http://developer.mozilla.org/En/XULRunner Summary : XUL Runtime for Gecko Applications Description : XULRunner provides the XUL Runtime environment for Gecko applications. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 9.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.4[1].All firefox users and users of packages depending on xulrunner[2] should upgrade to these updated packages, which contain patches that correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.4 [2] cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome- web-photo google-gadgets gtkmozembedmm kazehakase Miro mozvoikko mugshot ruby- gnome2 totem yelp Provides Python bindings for libgdl on PPC64. This update fixes a build break. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] 1.9.0.4-1 - Update to 1.9.0.4 * Tue Sep 23 2008 Christopher Aillon [EMAIL PROTECTED] 1.9.0.2-1 - Update to 1.9.0.2 * Wed Jul 16 2008 Christopher Aillon [EMAIL PROTECTED] 1.9.0.1-1 - Update to 1.9.0.1 * Mon Jun 30 2008 Dennis Gilmore [EMAIL PROTECTED] 1.9-1.1 - handle sparc arches * Tue Jun 17 2008 Christopher Aillon [EMAIL PROTECTED] 1.9-1 - Update to 1.9 final * Thu May 29 2008 Christopher Aillon [EMAIL PROTECTED] 1.9-0.63 - Simplify PS/PDF operators * Thu May 22 2008 Christopher Aillon [EMAIL PROTECTED] 1.9-0.62 - Upstream patch to fsync() less * Thu May 8 2008 Colin Walters [EMAIL PROTECTED] 1.9-0.61 - Ensure we enable startup notification; add BR and modify config (bug #445543) References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470876 - CVE-2008-5015 Mozilla file: URIs inherit chrome privileges https://bugzilla.redhat.com/show_bug.cgi?id=470876 [ 3 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 4 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 5 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 6 ] Bug #470898 - CVE-2008-5023 Mozilla -moz-binding property bypasses security checks on codebase principals https://bugzilla.redhat.com/show_bug.cgi?id=470898 [ 7 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 8 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 9 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 10 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser https://bugzilla.redhat.com/show_bug.cgi?id=470892 [ 11 ] Bug #470895 - CVE-2008-5022 Mozilla nsXMLHttpRequest::NotifyEventListeners() same-origin violation https://bugzilla.redhat.com/show_bug.cgi?id=470895 [ 12 ] Bug #470902 - CVE-2008-5024 Mozilla parsing error in E4X default namespace
[SECURITY] Fedora 9 Update: firefox-3.0.4-1.fc9
Fedora Update Notification FEDORA-2008-9669 2008-11-14 11:11:49 Name: firefox Product : Fedora 9 Version : 3.0.4 Release : 1.fc9 URL : http://www.mozilla.org/projects/firefox/ Summary : Mozilla Firefox Web browser Description : Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 9.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.4[1].All firefox users and users of packages depending on xulrunner[2] should upgrade to these updated packages, which contain patches that correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.4 [2] cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome- web-photo google-gadgets gtkmozembedmm kazehakase Miro mozvoikko mugshot ruby- gnome2 totem yelp Provides Python bindings for libgdl on PPC64. This update fixes a build break. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] 3.0.4-1 - Update to 3.0.4 * Tue Sep 23 2008 Christopher Aillon [EMAIL PROTECTED] 3.0.2-1 - Update to 3.0.2 * Wed Jul 16 2008 Christopher Aillon [EMAIL PROTECTED] 3.0.1-1 - Update to 3.0.1 * Tue Jun 17 2008 Christopher Aillon [EMAIL PROTECTED] 3.0-1 - Firefox 3 Final * Thu May 8 2008 Colin Walters [EMAIL PROTECTED] 3.0-0.61 - Rebuild to pick up new xulrunner (bug #445543) References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470876 - CVE-2008-5015 Mozilla file: URIs inherit chrome privileges https://bugzilla.redhat.com/show_bug.cgi?id=470876 [ 3 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 4 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 5 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 6 ] Bug #470898 - CVE-2008-5023 Mozilla -moz-binding property bypasses security checks on codebase principals https://bugzilla.redhat.com/show_bug.cgi?id=470898 [ 7 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 8 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 9 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 10 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser https://bugzilla.redhat.com/show_bug.cgi?id=470892 [ 11 ] Bug #470895 - CVE-2008-5022 Mozilla nsXMLHttpRequest::NotifyEventListeners() same-origin violation https://bugzilla.redhat.com/show_bug.cgi?id=470895 [ 12 ] Bug #470902 - CVE-2008-5024 Mozilla parsing error in E4X default namespace https://bugzilla.redhat.com/show_bug.cgi?id=470902 This update can be installed with the yum update program. Use su -c 'yum update firefox' at the command line. For more information, refer to Managing Software
[SECURITY] Fedora 9 Update: epiphany-2.22.2-5.fc9
Fedora Update Notification FEDORA-2008-9669 2008-11-14 11:11:49 Name: epiphany Product : Fedora 9 Version : 2.22.2 Release : 5.fc9 URL : http://www.gnome.org/projects/epiphany/ Summary : GNOME web browser based on the Mozilla rendering engine Description : Epiphany is a simple GNOME web browser based on the Mozilla rendering engine. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 9.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.4[1].All firefox users and users of packages depending on xulrunner[2] should upgrade to these updated packages, which contain patches that correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.4 [2] cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome- web-photo google-gadgets gtkmozembedmm kazehakase Miro mozvoikko mugshot ruby- gnome2 totem yelp Provides Python bindings for libgdl on PPC64. This update fixes a build break. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 2.22.2-5 - Rebuild against newer gecko * Tue Sep 23 2008 Christopher Aillon [EMAIL PROTECTED] - 2.22.2-4 - Rebuild against newer gecko * Wed Jul 16 2008 Christopher Aillon [EMAIL PROTECTED] - 2.22.2-3 - Rebuild against newer gecko * Wed Jun 18 2008 Martin Stransky [EMAIL PROTECTED] - 2.22.2-2 - Rebuild against xulrunner * Wed May 28 2008 Matthias Clasen [EMAIL PROTECTED] - 2.22.2-1 - Update to 2.22.2 References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470876 - CVE-2008-5015 Mozilla file: URIs inherit chrome privileges https://bugzilla.redhat.com/show_bug.cgi?id=470876 [ 3 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 4 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 5 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 6 ] Bug #470898 - CVE-2008-5023 Mozilla -moz-binding property bypasses security checks on codebase principals https://bugzilla.redhat.com/show_bug.cgi?id=470898 [ 7 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 8 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 9 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 10 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser https://bugzilla.redhat.com/show_bug.cgi?id=470892 [ 11 ] Bug #470895 - CVE-2008-5022 Mozilla nsXMLHttpRequest::NotifyEventListeners() same-origin violation https://bugzilla.redhat.com/show_bug.cgi?id=470895 [ 12 ] Bug #470902 - CVE-2008-5024 Mozilla parsing error in E4X default namespace https://bugzilla.redhat.com/show_bug.cgi?id=470902 This update can be installed with the yum update program. Use su -c 'yum update epiphany' at the command line. For more information,
[SECURITY] Fedora 9 Update: chmsee-1.0.1-6.fc9
Fedora Update Notification FEDORA-2008-9669 2008-11-14 11:11:49 Name: chmsee Product : Fedora 9 Version : 1.0.1 Release : 6.fc9 URL : http://chmsee.gro.clinux.org/ Summary : A Gtk+2 CHM document viewer Description : A gtk2 chm document viewer. It uses chmlib to extract files. It uses gecko to display pages. It supports displaying multilingual pages due to gecko. It features bookmarks and tabs. The tabs could be used to jump inside the chm file conveniently. Its UI is clean and handy, also is well localized. It is actively developed and maintained. The author of chmsee is Jungle Ji and several other great people. Hint * Unlike other chm viewers, chmsee extracts files from chm file, and then read and display them. The extracted files could be found in $HOME/.chmsee/bookshelf directory. You can clean those files at any time and there is a special config option for that. * The bookmark is related to each file so not all bookmarks will be loaded, only current file's. * Try to remove $HOME/.chmsee if you encounter any problem after an upgrade. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 9.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.4[1].All firefox users and users of packages depending on xulrunner[2] should upgrade to these updated packages, which contain patches that correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.4 [2] cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome- web-photo google-gadgets gtkmozembedmm kazehakase Miro mozvoikko mugshot ruby- gnome2 totem yelp Provides Python bindings for libgdl on PPC64. This update fixes a build break. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 1.0.1-6 - Rebuild against newer gecko * Wed Sep 24 2008 Christopher Aillon [EMAIL PROTECTED] - 1.0.1-5 - Rebuild against newer gecko * Fri Jun 20 2008 Martin Stransky [EMAIL PROTECTED] - 1.0.1-4 - Rebuild against new xulrunner * Sat May 17 2008 bbbush [EMAIL PROTECTED] - 1.0.1-3 - update to 1.0.1 - specify gecko-provider to libxul, add nspr in patch to configure - BR libgcrypt-devel instead of openssl-devel * Fri Apr 25 2008 bbbush [EMAIL PROTECTED] - 1.0.0-2.37 - patch from Martin Stransky to fix crash on open files (rh#427622) References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470876 - CVE-2008-5015 Mozilla file: URIs inherit chrome privileges https://bugzilla.redhat.com/show_bug.cgi?id=470876 [ 3 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 4 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 5 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 6 ] Bug #470898 - CVE-2008-5023 Mozilla -moz-binding property bypasses security checks on codebase principals https://bugzilla.redhat.com/show_bug.cgi?id=470898 [ 7 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 8 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption
[SECURITY] Fedora 9 Update: devhelp-0.19.1-6.fc9
Fedora Update Notification FEDORA-2008-9669 2008-11-14 11:11:49 Name: devhelp Product : Fedora 9 Version : 0.19.1 Release : 6.fc9 URL : http://developer.imendio.com/projects/devhelp Summary : API document browser Description : An API document browser for GNOME 2. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 9.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.4[1].All firefox users and users of packages depending on xulrunner[2] should upgrade to these updated packages, which contain patches that correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.4 [2] cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome- web-photo google-gadgets gtkmozembedmm kazehakase Miro mozvoikko mugshot ruby- gnome2 totem yelp Provides Python bindings for libgdl on PPC64. This update fixes a build break. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 0.19.1-6 - Rebuild against newer gecko * Thu Oct 23 2008 Martin Stransky [EMAIL PROTECTED] - 0.19.1-5 - fixed #399441 - devhelp compiled against xulrunner doesn't seem to pick up css * Wed Sep 24 2008 Christopher Aillon [EMAIL PROTECTED] - 0.19.1-4 - Rebuild against newer gecko * Wed Jul 16 2008 Christopher Aillon [EMAIL PROTECTED] - 0.19.1-3 - Rebuild against newer gecko * Wed Jun 18 2008 Owen Taylor [EMAIL PROTECTED] - 0.19.1-2 - Rebuild against xulrunner-1.9 * Mon May 26 2008 Matthew Barnes [EMAIL PROTECTED] - 0.19.1-1 - Update to 0.19.1 * Sun May 4 2008 Matthias Clasen [EMAIL PROTECTED] - 0.19-5 - Fix source url References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470876 - CVE-2008-5015 Mozilla file: URIs inherit chrome privileges https://bugzilla.redhat.com/show_bug.cgi?id=470876 [ 3 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 4 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 5 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 6 ] Bug #470898 - CVE-2008-5023 Mozilla -moz-binding property bypasses security checks on codebase principals https://bugzilla.redhat.com/show_bug.cgi?id=470898 [ 7 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 8 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 9 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 10 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser https://bugzilla.redhat.com/show_bug.cgi?id=470892 [ 11 ] Bug #470895 - CVE-2008-5022 Mozilla nsXMLHttpRequest::NotifyEventListeners() same-origin violation https://bugzilla.redhat.com/show_bug.cgi?id=470895 [ 12 ] Bug #470902 - CVE-2008-5024 Mozilla parsing error in E4X default namespace https://bugzilla.redhat.com/show_bug.cgi?id=470902
[SECURITY] Fedora 9 Update: epiphany-extensions-2.22.1-5.fc9
Fedora Update Notification FEDORA-2008-9669 2008-11-14 11:11:49 Name: epiphany-extensions Product : Fedora 9 Version : 2.22.1 Release : 5.fc9 URL : http://www.gnome.org/projects/epiphany/extensions Summary : Extensions for Epiphany, the GNOME web browser Description : Epiphany Extensions is a collection of extensions for Epiphany, the GNOME web browser. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 9.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.4[1].All firefox users and users of packages depending on xulrunner[2] should upgrade to these updated packages, which contain patches that correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.4 [2] cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome- web-photo google-gadgets gtkmozembedmm kazehakase Miro mozvoikko mugshot ruby- gnome2 totem yelp Provides Python bindings for libgdl on PPC64. This update fixes a build break. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 2.22.1-5 - Rebuild against newer gecko * Wed Sep 24 2008 Christopher Aillon [EMAIL PROTECTED] - 2.22.1-4 - Rebuild against newer gecko * Thu Jul 17 2008 Christopher Aillon [EMAIL PROTECTED] - 2.22.1-3 - Rebuild against newer gecko * Sun Jun 22 2008 Martin Stransky [EMAIL PROTECTED] - 2.22.1-2 - Rebuild against newer gecko References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470876 - CVE-2008-5015 Mozilla file: URIs inherit chrome privileges https://bugzilla.redhat.com/show_bug.cgi?id=470876 [ 3 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 4 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 5 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 6 ] Bug #470898 - CVE-2008-5023 Mozilla -moz-binding property bypasses security checks on codebase principals https://bugzilla.redhat.com/show_bug.cgi?id=470898 [ 7 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 8 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 9 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 10 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser https://bugzilla.redhat.com/show_bug.cgi?id=470892 [ 11 ] Bug #470895 - CVE-2008-5022 Mozilla nsXMLHttpRequest::NotifyEventListeners() same-origin violation https://bugzilla.redhat.com/show_bug.cgi?id=470895 [ 12 ] Bug #470902 - CVE-2008-5024 Mozilla parsing error in E4X default namespace https://bugzilla.redhat.com/show_bug.cgi?id=470902 This update can be installed with the yum update program. Use su -c 'yum update epiphany-extensions' at the command line. For more information, refer to Managing Software with yum, available at
[SECURITY] Fedora 9 Update: galeon-2.0.7-3.fc9
Fedora Update Notification FEDORA-2008-9669 2008-11-14 11:11:49 Name: galeon Product : Fedora 9 Version : 2.0.7 Release : 3.fc9 URL : http://galeon.sourceforge.net/ Summary : GNOME2 Web browser based on Mozilla Description : Galeon is a web browser built around Gecko (Mozilla's rendering engine) and Necko (Mozilla's networking engine). It's a GNOME web browser, designed to take advantage of as many GNOME technologies as makes sense. Galeon was written to do just one thing - browse the web. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 9.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.4[1].All firefox users and users of packages depending on xulrunner[2] should upgrade to these updated packages, which contain patches that correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.4 [2] cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome- web-photo google-gadgets gtkmozembedmm kazehakase Miro mozvoikko mugshot ruby- gnome2 totem yelp Provides Python bindings for libgdl on PPC64. This update fixes a build break. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 2.0.7-3 - Rebuild against newer gecko * Tue Oct 7 2008 Denis Leroy [EMAIL PROTECTED] - 2.0.7-2 - Added patches to fix default font (#212616) and printing (#449806). Yay. * Sat Sep 27 2008 Denis Leroy [EMAIL PROTECTED] - 2.0.7-1 - Update to upstream 2.0.7, support for libxul-unstable - Plugin patch cleanup - Other patches upstreamed * Wed Sep 24 2008 Christopher Aillon [EMAIL PROTECTED] - 2.0.5-3 - Rebuild against newer gecko * Wed Jun 18 2008 Denis Leroy [EMAIL PROTECTED] - 2.0.5-2 - Rebuild with xulrunner 1.9 References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470876 - CVE-2008-5015 Mozilla file: URIs inherit chrome privileges https://bugzilla.redhat.com/show_bug.cgi?id=470876 [ 3 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 4 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 5 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 6 ] Bug #470898 - CVE-2008-5023 Mozilla -moz-binding property bypasses security checks on codebase principals https://bugzilla.redhat.com/show_bug.cgi?id=470898 [ 7 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 8 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 9 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 10 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser https://bugzilla.redhat.com/show_bug.cgi?id=470892 [ 11 ] Bug #470895 - CVE-2008-5022 Mozilla nsXMLHttpRequest::NotifyEventListeners() same-origin violation https://bugzilla.redhat.com/show_bug.cgi?id=470895 [ 12 ] Bug #470902 - CVE-2008-5024 Mozilla parsing error in E4X default namespace
[SECURITY] Fedora 9 Update: cairo-dock-1.6.3.1-1.fc9.1
Fedora Update Notification FEDORA-2008-9669 2008-11-14 11:11:49 Name: cairo-dock Product : Fedora 9 Version : 1.6.3.1 Release : 1.fc9.1 URL : http://www.cairo-dock.org/ Summary : Light eye-candy fully themable animated dock Description : An light eye-candy fully themable animated dock for any Linux desktop. It has a family-likeness with OSX dock, but with more options. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 9.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.4[1].All firefox users and users of packages depending on xulrunner[2] should upgrade to these updated packages, which contain patches that correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.4 [2] cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome- web-photo google-gadgets gtkmozembedmm kazehakase Miro mozvoikko mugshot ruby- gnome2 totem yelp Provides Python bindings for libgdl on PPC64. This update fixes a build break. ChangeLog: References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470876 - CVE-2008-5015 Mozilla file: URIs inherit chrome privileges https://bugzilla.redhat.com/show_bug.cgi?id=470876 [ 3 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 4 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 5 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 6 ] Bug #470898 - CVE-2008-5023 Mozilla -moz-binding property bypasses security checks on codebase principals https://bugzilla.redhat.com/show_bug.cgi?id=470898 [ 7 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 8 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 9 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 10 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser https://bugzilla.redhat.com/show_bug.cgi?id=470892 [ 11 ] Bug #470895 - CVE-2008-5022 Mozilla nsXMLHttpRequest::NotifyEventListeners() same-origin violation https://bugzilla.redhat.com/show_bug.cgi?id=470895 [ 12 ] Bug #470902 - CVE-2008-5024 Mozilla parsing error in E4X default namespace https://bugzilla.redhat.com/show_bug.cgi?id=470902 This update can be installed with the yum update program. Use su -c 'yum update cairo-dock' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list
[SECURITY] Fedora 9 Update: gtkmozembedmm-1.4.2.cvs20060817-22.fc9
Fedora Update Notification FEDORA-2008-9669 2008-11-14 11:11:49 Name: gtkmozembedmm Product : Fedora 9 Version : 1.4.2.cvs20060817 Release : 22.fc9 URL : http://gtkmm.sourceforge.net/ Summary : C++ wrapper for GtkMozembed Description : This package provides a C++/gtkmm wrapper for GtkMozEmbed from Mozilla 1.4.x to 1.7.x. The wrapper provides a convenient interface for C++ programmers to use the Gtkmozembed HTML-rendering widget inside their software. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 9.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.4[1].All firefox users and users of packages depending on xulrunner[2] should upgrade to these updated packages, which contain patches that correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.4 [2] cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome- web-photo google-gadgets gtkmozembedmm kazehakase Miro mozvoikko mugshot ruby- gnome2 totem yelp Provides Python bindings for libgdl on PPC64. This update fixes a build break. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 1.4.2.cvs20060817-22 - Rebuild against newer gecko * Wed Sep 24 2008 Christopher Aillon [EMAIL PROTECTED] - 1.4.2.cvs20060817-21 - Rebuild against newer gecko * Fri Jun 20 2008 Martin Stransky [EMAIL PROTECTED] - 1.4.2.cvs20060817-20 - rebuild against new gecko-libs 1.9 (xulrunner) * Sat Apr 12 2008 Haïkel Guémar [EMAIL PROTECTED] - 1.4.2.cvs20060817-19 - remove now useless sed one-liner. - fixed gtkmozembedmm-1.4.2.cvs20060817-xulrunner.patch - added gtkmozembedmm-1.4.2.cvs20060817-m4.patch * Mon Feb 18 2008 Fedora Release Engineering [EMAIL PROTECTED] - 1.4.2.cvs20060817-18 - Autorebuild for GCC 4.3 References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470876 - CVE-2008-5015 Mozilla file: URIs inherit chrome privileges https://bugzilla.redhat.com/show_bug.cgi?id=470876 [ 3 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 4 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 5 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 6 ] Bug #470898 - CVE-2008-5023 Mozilla -moz-binding property bypasses security checks on codebase principals https://bugzilla.redhat.com/show_bug.cgi?id=470898 [ 7 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 8 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 9 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 10 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser https://bugzilla.redhat.com/show_bug.cgi?id=470892 [ 11 ] Bug #470895 - CVE-2008-5022 Mozilla nsXMLHttpRequest::NotifyEventListeners() same-origin violation https://bugzilla.redhat.com/show_bug.cgi?id=470895 [ 12 ] Bug #470902 - CVE-2008-5024
[SECURITY] Fedora 9 Update: gnome-python2-extras-2.19.1-21.fc9
Fedora Update Notification FEDORA-2008-9669 2008-11-14 11:11:49 Name: gnome-python2-extras Product : Fedora 9 Version : 2.19.1 Release : 21.fc9 URL : http://www.pygtk.org/ Summary : The sources for additional. PyGNOME Python extension modules. Description : The gnome-python-extra package contains the source packages for additional Python bindings for GNOME. It should be used together with gnome-python. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 9.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.4[1].All firefox users and users of packages depending on xulrunner[2] should upgrade to these updated packages, which contain patches that correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.4 [2] cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome- web-photo google-gadgets gtkmozembedmm kazehakase Miro mozvoikko mugshot ruby- gnome2 totem yelp Provides Python bindings for libgdl on PPC64. This update fixes a build break. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 2.19.1-21 - Rebuild against newer gecko * Mon Oct 27 2008 Matthew Barnes [EMAIL PROTECTED] - 2.19.1-20 - Provide Python bindings for libgdl on ppc64 (RH bug #468693). * Thu Oct 9 2008 Matthew Barnes [EMAIL PROTECTED] - 2.19.1-19 - Remove gtkspell-static patch. Appears to not be needed anymore. * Wed Sep 24 2008 Christopher Aillon [EMAIL PROTECTED] - 2.19.1-18 - Rebuild against newer gecko * Fri Jul 18 2008 Paul W. Frields [EMAIL PROTECTED] - 2.19.1-17.fc9 - Rebuild against new xulrunner (1.9.0.4) and fix dependencies * Fri Jun 20 2008 Martin Stransky [EMAIL PROTECTED] - 2.19.1-16.fc9 - Rebuild against new gecko-libs 1.9 (xulrunner) References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470876 - CVE-2008-5015 Mozilla file: URIs inherit chrome privileges https://bugzilla.redhat.com/show_bug.cgi?id=470876 [ 3 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 4 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 5 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 6 ] Bug #470898 - CVE-2008-5023 Mozilla -moz-binding property bypasses security checks on codebase principals https://bugzilla.redhat.com/show_bug.cgi?id=470898 [ 7 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 8 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 9 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 10 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser https://bugzilla.redhat.com/show_bug.cgi?id=470892 [ 11 ] Bug #470895 - CVE-2008-5022 Mozilla nsXMLHttpRequest::NotifyEventListeners() same-origin violation https://bugzilla.redhat.com/show_bug.cgi?id=470895 [ 12 ] Bug #470902 - CVE-2008-5024 Mozilla parsing
[SECURITY] Fedora 9 Update: gnome-web-photo-0.3-15.fc9
Fedora Update Notification FEDORA-2008-9669 2008-11-14 11:11:49 Name: gnome-web-photo Product : Fedora 9 Version : 0.3 Release : 15.fc9 URL : http://ftp.gnome.org/pub/GNOME/sources/gnome-web-photo/0.3/ Summary : HTML pages thumbnailer Description : gnome-web-photo contains a thumbnailer that will be used by GNOME applications, including the file manager, to generate screenshots of web pages. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 9.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.4[1].All firefox users and users of packages depending on xulrunner[2] should upgrade to these updated packages, which contain patches that correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.4 [2] cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome- web-photo google-gadgets gtkmozembedmm kazehakase Miro mozvoikko mugshot ruby- gnome2 totem yelp Provides Python bindings for libgdl on PPC64. This update fixes a build break. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 0.3-15 - Rebuild against newer gecko * Wed Sep 24 2008 Christopher Aillon [EMAIL PROTECTED] - 0.3-14 - Rebuild against newer gecko * Mon Jul 21 2008 Martin Stransky [EMAIL PROTECTED] - 0.3-13 - Rebuild against new xulrunner * Fri Jun 20 2008 Martin Stransky [EMAIL PROTECTED] - 0.3-12 - Rebuild against new xulrunner References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470876 - CVE-2008-5015 Mozilla file: URIs inherit chrome privileges https://bugzilla.redhat.com/show_bug.cgi?id=470876 [ 3 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 4 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 5 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 6 ] Bug #470898 - CVE-2008-5023 Mozilla -moz-binding property bypasses security checks on codebase principals https://bugzilla.redhat.com/show_bug.cgi?id=470898 [ 7 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 8 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 9 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 10 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser https://bugzilla.redhat.com/show_bug.cgi?id=470892 [ 11 ] Bug #470895 - CVE-2008-5022 Mozilla nsXMLHttpRequest::NotifyEventListeners() same-origin violation https://bugzilla.redhat.com/show_bug.cgi?id=470895 [ 12 ] Bug #470902 - CVE-2008-5024 Mozilla parsing error in E4X default namespace https://bugzilla.redhat.com/show_bug.cgi?id=470902 This update can be installed with the yum update program. Use su -c 'yum update gnome-web-photo' at the command line. For more information, refer to Managing
[SECURITY] Fedora 9 Update: evolution-rss-0.1.0-4.fc9
Fedora Update Notification FEDORA-2008-9669 2008-11-14 11:11:49 Name: evolution-rss Product : Fedora 9 Version : 0.1.0 Release : 4.fc9 URL : http://gnome.eu.org/evo/index.php/Evolution_RSS_Reader_Plugin Summary : Evolution RSS Reader Description : This is an evolution plugin which enables evolution to read rss feeds. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 9.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.4[1].All firefox users and users of packages depending on xulrunner[2] should upgrade to these updated packages, which contain patches that correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.4 [2] cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome- web-photo google-gadgets gtkmozembedmm kazehakase Miro mozvoikko mugshot ruby- gnome2 totem yelp Provides Python bindings for libgdl on PPC64. This update fixes a build break. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 0.1.0-4 - Rebuild against newer gecko * Wed Sep 24 2008 Christopher Aillon [EMAIL PROTECTED] - 0.1.0-3 - Rebuild against newer gecko * Sat Jul 5 2008 Lucian Langa [EMAIL PROTECTED] - 0.1.0-2 - Fix firefox import RH bug #452322 * Wed Jul 2 2008 Lucian Langa [EMAIL PROTECTED] - 0.1.0-1 - Update to 0.1.0 version * Wed Apr 30 2008 Lucian Langa [EMAIL PROTECTED] - 0.0.8-9 - Update requirements * Mon Apr 7 2008 Lucian Langa [EMAIL PROTECTED] - 0.0.8-8 - Force gecko default html render References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470876 - CVE-2008-5015 Mozilla file: URIs inherit chrome privileges https://bugzilla.redhat.com/show_bug.cgi?id=470876 [ 3 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 4 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 5 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 6 ] Bug #470898 - CVE-2008-5023 Mozilla -moz-binding property bypasses security checks on codebase principals https://bugzilla.redhat.com/show_bug.cgi?id=470898 [ 7 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 8 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 9 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 10 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser https://bugzilla.redhat.com/show_bug.cgi?id=470892 [ 11 ] Bug #470895 - CVE-2008-5022 Mozilla nsXMLHttpRequest::NotifyEventListeners() same-origin violation https://bugzilla.redhat.com/show_bug.cgi?id=470895 [ 12 ] Bug #470902 - CVE-2008-5024 Mozilla parsing error in E4X default namespace https://bugzilla.redhat.com/show_bug.cgi?id=470902 This update can be installed with the yum update program. Use su -c
[SECURITY] Fedora 9 Update: google-gadgets-0.10.1-5.fc9.1
Fedora Update Notification FEDORA-2008-9669 2008-11-14 11:11:49 Name: google-gadgets Product : Fedora 9 Version : 0.10.1 Release : 5.fc9.1 URL : http://code.google.com/p/google-gadgets-for-linux/ Summary : Google Gadgets for Linux Description : Google Gadgets for Linux provides a platform for running desktop gadgets under Linux, catering to the unique needs of Linux users. It can run, without modification, many Google Desktop gadgets as well as the Universal Gadgets on iGoogle. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 9.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.4[1].All firefox users and users of packages depending on xulrunner[2] should upgrade to these updated packages, which contain patches that correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.4 [2] cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome- web-photo google-gadgets gtkmozembedmm kazehakase Miro mozvoikko mugshot ruby- gnome2 totem yelp Provides Python bindings for libgdl on PPC64. This update fixes a build break. References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470876 - CVE-2008-5015 Mozilla file: URIs inherit chrome privileges https://bugzilla.redhat.com/show_bug.cgi?id=470876 [ 3 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 4 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 5 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 6 ] Bug #470898 - CVE-2008-5023 Mozilla -moz-binding property bypasses security checks on codebase principals https://bugzilla.redhat.com/show_bug.cgi?id=470898 [ 7 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 8 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 9 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 10 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser https://bugzilla.redhat.com/show_bug.cgi?id=470892 [ 11 ] Bug #470895 - CVE-2008-5022 Mozilla nsXMLHttpRequest::NotifyEventListeners() same-origin violation https://bugzilla.redhat.com/show_bug.cgi?id=470895 [ 12 ] Bug #470902 - CVE-2008-5024 Mozilla parsing error in E4X default namespace https://bugzilla.redhat.com/show_bug.cgi?id=470902 This update can be installed with the yum update program. Use su -c 'yum update google-gadgets' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce
[SECURITY] Fedora 9 Update: Miro-1.2.7-2.fc9
Fedora Update Notification FEDORA-2008-9669 2008-11-14 11:11:49 Name: Miro Product : Fedora 9 Version : 1.2.7 Release : 2.fc9 URL : http://www.getmiro.com/ Summary : Miro - Internet TV Player Description : Miro is a free application that turns your computer into an internet TV video player. This release is still a beta version, which means that there are some bugs, but we're moving quickly to fix them and will be releasing bug fixes on a regular basis. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 9.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.4[1].All firefox users and users of packages depending on xulrunner[2] should upgrade to these updated packages, which contain patches that correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.4 [2] cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome- web-photo google-gadgets gtkmozembedmm kazehakase Miro mozvoikko mugshot ruby- gnome2 totem yelp Provides Python bindings for libgdl on PPC64. This update fixes a build break. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 1.2.7-2 - Rebuild against newer gecko * Sun Sep 28 2008 Alex Lancaster alexlan[AT]fedoraproject org - 1.2.7-1 - Update to 1.2.7 - Rebuild against gecko-libs 1.9.0.4 (#464205) * Fri Aug 22 2008 Michel Alexandre Salim [EMAIL PROTECTED] - 1.2.6-3 - Do not create backup files when patching; the backup files get re-added during the build process * Fri Aug 22 2008 Michel Salim [EMAIL PROTECTED] - 1.2.6-2 - Unapply boost patch; boost-1.36 has been backed out for F10 * Fri Aug 22 2008 Michel Salim [EMAIL PROTECTED] - 1.2.6-1 - Update to 1.2.6 - Patch for boost API change * Tue Aug 12 2008 Alex Lancaster alexlan[AT]fedoraproject org - 1.2.4-4 - Rebuild for new boost (fixes broken deps). * Sat Jul 19 2008 Alex Lancaster alexlan[AT]fedoraproject org - 1.2.4-3 - Rebuild for xulrunner-1.9.0.1 - Unfortunately we probably need to make this an exact match because Miro uses the unstable API, so a rebuild may need to be done on every package update to be sure that it will work with new xulrunner updates * Wed Jun 18 2008 Alex Lancaster alexlan[AT]fedoraproject org - 1.2.4-2 - Rebuild for xulrunner-1.9 final. * Sun Jun 15 2008 Alex Lancaster alexlan[AT]fedoraproject org - 1.2.4-1 - Update to latest upstream (1.2.4) References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470876 - CVE-2008-5015 Mozilla file: URIs inherit chrome privileges https://bugzilla.redhat.com/show_bug.cgi?id=470876 [ 3 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 4 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 5 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 6 ] Bug #470898 - CVE-2008-5023 Mozilla -moz-binding property bypasses security checks on codebase principals https://bugzilla.redhat.com/show_bug.cgi?id=470898 [ 7 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 8 ] Bug #470881 -
[SECURITY] Fedora 9 Update: kazehakase-0.5.6-1.fc9.1
Fedora Update Notification FEDORA-2008-9669 2008-11-14 11:11:49 Name: kazehakase Product : Fedora 9 Version : 0.5.6 Release : 1.fc9.1 URL : http://kazehakase.sourceforge.jp/ Summary : Kazehakase browser using Gecko rendering engine Description : Kazehakase is a Web browser which aims to provide a user interface that is truly user-friendly fully customizable. This package uses Gecko for HTML rendering engine. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 9.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.4[1].All firefox users and users of packages depending on xulrunner[2] should upgrade to these updated packages, which contain patches that correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.4 [2] cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome- web-photo google-gadgets gtkmozembedmm kazehakase Miro mozvoikko mugshot ruby- gnome2 totem yelp Provides Python bindings for libgdl on PPC64. This update fixes a build break. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 0.5.6-1.1 - Rebuild against newer gecko * Fri Oct 31 2008 Mamoru Tasaka [EMAIL PROTECTED] - 0.5.6-1 - 0.5.6 - -UGTK_DISABLE_DEPRECATED hack removed (hack introduced in upstream) * Wed Sep 24 2008 Christopher Aillon [EMAIL PROTECTED] - Rebuild against newer gecko (F-9/8) * Tue Aug 5 2008 Mamoru Tasaka [EMAIL PROTECTED] - Try rev. 3509 * Wed Jul 30 2008 Mamoru Tasaka [EMAIL PROTECTED] - 0.5.5-1 - 0.5.5 * Sat Jul 19 2008 Mamoru Tasaka [EMAIL PROTECTED] - 0.5.4-7.svn3506_trunk - F-9+: relax gecko libs dependency (as GRE_GetGREPathWithProperties properly finds out GRE) - F-10+: add -UGTK_DISABLE_DEPRECATED temporarily * Tue Jul 15 2008 Christopher Aillon [EMAIL PROTECTED] - Rebuild against newer gecko (F-8) * Wed Jul 2 2008 Christopher Aillon [EMAIL PROTECTED] - Rebuild against newer gecko (F-8) * Sat Jun 28 2008 Mamoru Tasaka [EMAIL PROTECTED] - 0.5.4-6.svn3506_trunk - Try rev 3506 - Workaround for bug 447444 (xulrunner vs hunspell conflict) (F-9+) * Wed Jun 25 2008 Mamoru Tasaka [EMAIL PROTECTED] - 0.5.4-5 - Apply xulrunner related patches from debian by Mike Hommey (debian bug 480796, rh bug 402641) This time kazehakase actually works with xulrunner! References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470876 - CVE-2008-5015 Mozilla file: URIs inherit chrome privileges https://bugzilla.redhat.com/show_bug.cgi?id=470876 [ 3 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 4 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 5 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 6 ] Bug #470898 - CVE-2008-5023 Mozilla -moz-binding property bypasses security checks on codebase principals https://bugzilla.redhat.com/show_bug.cgi?id=470898 [ 7 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 8 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption
[SECURITY] Fedora 9 Update: mugshot-1.2.2-3.fc9
Fedora Update Notification FEDORA-2008-9669 2008-11-14 11:11:49 Name: mugshot Product : Fedora 9 Version : 1.2.2 Release : 3.fc9 URL : http://mugshot.org/ Summary : Companion software for mugshot.org Description : Mugshot works with the server at mugshot.org to extend the panel, web browser, music player and other parts of the desktop with a live social experience and interoperation with online services you and your friends use. It's fun and easy. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 9.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.4[1].All firefox users and users of packages depending on xulrunner[2] should upgrade to these updated packages, which contain patches that correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.4 [2] cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome- web-photo google-gadgets gtkmozembedmm kazehakase Miro mozvoikko mugshot ruby- gnome2 totem yelp Provides Python bindings for libgdl on PPC64. This update fixes a build break. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 1.2.2-3 - Rebuild against newer gecko * Wed Sep 24 2008 Christopher Aillon [EMAIL PROTECTED] - 1.2.2-2 - Rebuild against newer gecko * Wed Jul 30 2008 Owen Taylor [EMAIL PROTECTED] - 1.2.2-1 - Update to 1.2.2 - Fixes Firefox min version to 3.0.x, #451918 again - Rebuild against hippo-canvas-0.3 * Wed Jun 18 2008 Owen Taylor [EMAIL PROTECTED] - 1.2.1-1 - Update to 1.2.1 (Fixes Firefox min version #451918) * Mon Jun 16 2008 Owen Taylor [EMAIL PROTECTED] - 1.2.0-1 - Update to 1.2.0 References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470876 - CVE-2008-5015 Mozilla file: URIs inherit chrome privileges https://bugzilla.redhat.com/show_bug.cgi?id=470876 [ 3 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 4 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 5 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 6 ] Bug #470898 - CVE-2008-5023 Mozilla -moz-binding property bypasses security checks on codebase principals https://bugzilla.redhat.com/show_bug.cgi?id=470898 [ 7 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 8 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 9 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 10 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser https://bugzilla.redhat.com/show_bug.cgi?id=470892 [ 11 ] Bug #470895 - CVE-2008-5022 Mozilla nsXMLHttpRequest::NotifyEventListeners() same-origin violation https://bugzilla.redhat.com/show_bug.cgi?id=470895 [ 12 ] Bug #470902 - CVE-2008-5024 Mozilla parsing error in E4X default namespace https://bugzilla.redhat.com/show_bug.cgi?id=470902
[SECURITY] Fedora 9 Update: mozvoikko-0.9.5-4.fc9
Fedora Update Notification FEDORA-2008-9669 2008-11-14 11:11:49 Name: mozvoikko Product : Fedora 9 Version : 0.9.5 Release : 4.fc9 URL : http://voikko.sourceforge.net Summary : Finnish Voikko spell-checker extension for Mozilla programs Description : This is mozvoikko, an extension for Mozilla programs for using the Finnish spell-checker Voikko. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 9.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.4[1].All firefox users and users of packages depending on xulrunner[2] should upgrade to these updated packages, which contain patches that correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.4 [2] cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome- web-photo google-gadgets gtkmozembedmm kazehakase Miro mozvoikko mugshot ruby- gnome2 totem yelp Provides Python bindings for libgdl on PPC64. This update fixes a build break. References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470876 - CVE-2008-5015 Mozilla file: URIs inherit chrome privileges https://bugzilla.redhat.com/show_bug.cgi?id=470876 [ 3 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 4 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 5 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 6 ] Bug #470898 - CVE-2008-5023 Mozilla -moz-binding property bypasses security checks on codebase principals https://bugzilla.redhat.com/show_bug.cgi?id=470898 [ 7 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 8 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 9 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 10 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser https://bugzilla.redhat.com/show_bug.cgi?id=470892 [ 11 ] Bug #470895 - CVE-2008-5022 Mozilla nsXMLHttpRequest::NotifyEventListeners() same-origin violation https://bugzilla.redhat.com/show_bug.cgi?id=470895 [ 12 ] Bug #470902 - CVE-2008-5024 Mozilla parsing error in E4X default namespace https://bugzilla.redhat.com/show_bug.cgi?id=470902 This update can be installed with the yum update program. Use su -c 'yum update mozvoikko' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
[SECURITY] Fedora 9 Update: ruby-gnome2-0.17.0-3.fc9
Fedora Update Notification FEDORA-2008-9669 2008-11-14 11:11:49 Name: ruby-gnome2 Product : Fedora 9 Version : 0.17.0 Release : 3.fc9 URL : http://ruby-gnome2.sourceforge.jp/ Summary : Ruby binding of libgnome/libgnomeui-2.x Description : This is a set of bindings for the GNOME-2.x libraries for use from Ruby. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 9.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.4[1].All firefox users and users of packages depending on xulrunner[2] should upgrade to these updated packages, which contain patches that correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.4 [2] cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome- web-photo google-gadgets gtkmozembedmm kazehakase Miro mozvoikko mugshot ruby- gnome2 totem yelp Provides Python bindings for libgdl on PPC64. This update fixes a build break. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 0.17.0-3 - Rebuild against newer gecko * Wed Sep 24 2008 Christopher Aillon [EMAIL PROTECTED] - 0.17.0-2 - Rebuild against newer gecko * Thu Sep 18 2008 Mamoru Tasaka [EMAIL PROTECTED] 0.17.0-1 - Update to 0.17.0 - Patch from svn to fix Ruby/GLib bug (bug 456816) * Sat Jul 19 2008 Mamoru Tasaka [EMAIL PROTECTED] - 0.17.0-0.4.rc1 - F-9+: relax gecko libs dependency - F-9+: bump version to fix EVR problem between F-8 branch * Fri Jun 20 2008 Martin Stransky [EMAIL PROTECTED] - 0.17.0-0.2.rc1 - Rebuild against new xulrunner * Sun Jun 8 2008 Mamoru Tasaka [EMAIL PROTECTED] - 0.17.0-0.1.rc1 - 0.17.0 rc1 - Remove upstreamed patches - 2 patches remain - ruby-gnome2-0.17.0-rc1-script.patch - ruby-gnome2-all-0.16.0-xulrunner.patch - Restrict ruby abi dependency to exact 1.8 version - Fix the license (to strict LGPLv2) References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470876 - CVE-2008-5015 Mozilla file: URIs inherit chrome privileges https://bugzilla.redhat.com/show_bug.cgi?id=470876 [ 3 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 4 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 5 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 6 ] Bug #470898 - CVE-2008-5023 Mozilla -moz-binding property bypasses security checks on codebase principals https://bugzilla.redhat.com/show_bug.cgi?id=470898 [ 7 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 8 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 9 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 10 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser https://bugzilla.redhat.com/show_bug.cgi?id=470892 [ 11 ] Bug #470895 - CVE-2008-5022 Mozilla nsXMLHttpRequest::NotifyEventListeners() same-origin violation
[SECURITY] Fedora 9 Update: seamonkey-1.1.13-1.fc9
Fedora Update Notification FEDORA-2008-9669 2008-11-14 11:11:49 Name: seamonkey Product : Fedora 9 Version : 1.1.13 Release : 1.fc9 URL : http://www.mozilla.org/projects/seamonkey/ Summary : Web browser, e-mail, news, IRC client, HTML editor Description : SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 9.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.4[1].All firefox users and users of packages depending on xulrunner[2] should upgrade to these updated packages, which contain patches that correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.4 [2] cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome- web-photo google-gadgets gtkmozembedmm kazehakase Miro mozvoikko mugshot ruby- gnome2 totem yelp Provides Python bindings for libgdl on PPC64. This update fixes a build break. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 1.1.13-1 - Update to 1.1.13 * Thu Sep 25 2008 Christopher Aillon [EMAIL PROTECTED] - 1.1.12-1 - Update to 1.1.12 * Sun Jul 6 2008 Christopher Aillon [EMAIL PROTECTED] - 1.1.10-1 - Update to 1.1.10 - Use bullet characters to match GTK+ References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470876 - CVE-2008-5015 Mozilla file: URIs inherit chrome privileges https://bugzilla.redhat.com/show_bug.cgi?id=470876 [ 3 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 4 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 5 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 6 ] Bug #470898 - CVE-2008-5023 Mozilla -moz-binding property bypasses security checks on codebase principals https://bugzilla.redhat.com/show_bug.cgi?id=470898 [ 7 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 8 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 9 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 10 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser https://bugzilla.redhat.com/show_bug.cgi?id=470892 [ 11 ] Bug #470895 - CVE-2008-5022 Mozilla nsXMLHttpRequest::NotifyEventListeners() same-origin violation https://bugzilla.redhat.com/show_bug.cgi?id=470895 [ 12 ] Bug #470902 - CVE-2008-5024 Mozilla parsing error in E4X default namespace https://bugzilla.redhat.com/show_bug.cgi?id=470902 This update can be installed with the yum update program. Use su -c 'yum update seamonkey' at the command line. For more
[SECURITY] Fedora 9 Update: yelp-2.22.1-6.fc9
Fedora Update Notification FEDORA-2008-9669 2008-11-14 11:11:49 Name: yelp Product : Fedora 9 Version : 2.22.1 Release : 6.fc9 URL : http://live.gnome.org/Yelp Summary : A system documentation reader from the Gnome project Description : Yelp is the Gnome 2 help/documentation browser. It is designed to help you browse all the documentation on your system in one central tool. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 9.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.4[1].All firefox users and users of packages depending on xulrunner[2] should upgrade to these updated packages, which contain patches that correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.4 [2] cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome- web-photo google-gadgets gtkmozembedmm kazehakase Miro mozvoikko mugshot ruby- gnome2 totem yelp Provides Python bindings for libgdl on PPC64. This update fixes a build break. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 2.22.1-6 - Rebuild against newer gecko * Wed Sep 24 2008 Christopher Aillon [EMAIL PROTECTED] - 2.22.1-5 - Rebuild against newer gecko * Wed Jul 16 2008 Christopher Aillon [EMAIL PROTECTED] - 2.22.1-4 - Rebuild against newer gecko * Wed Jun 18 2008 Martin Stransky [EMAIL PROTECTED] - 2.22.1-3 - rebuild against xulrunner * Mon May 19 2008 Matthew Barnes [EMAIL PROTECTED] - 2.22.1-2 - Require docbook-dtds (RH bug #447209). References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470876 - CVE-2008-5015 Mozilla file: URIs inherit chrome privileges https://bugzilla.redhat.com/show_bug.cgi?id=470876 [ 3 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 4 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 5 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 6 ] Bug #470898 - CVE-2008-5023 Mozilla -moz-binding property bypasses security checks on codebase principals https://bugzilla.redhat.com/show_bug.cgi?id=470898 [ 7 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 8 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 9 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 10 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser https://bugzilla.redhat.com/show_bug.cgi?id=470892 [ 11 ] Bug #470895 - CVE-2008-5022 Mozilla nsXMLHttpRequest::NotifyEventListeners() same-origin violation https://bugzilla.redhat.com/show_bug.cgi?id=470895 [ 12 ] Bug #470902 - CVE-2008-5024 Mozilla parsing error in E4X default namespace https://bugzilla.redhat.com/show_bug.cgi?id=470902 This update can be installed with the yum update program. Use su -c
[SECURITY] Fedora 9 Update: totem-2.23.2-8.fc9
Fedora Update Notification FEDORA-2008-9669 2008-11-14 11:11:49 Name: totem Product : Fedora 9 Version : 2.23.2 Release : 8.fc9 URL : http://www.gnome.org/projects/totem/ Summary : Movie player for GNOME Description : Totem is simple movie player for the Gnome desktop. It features a simple playlist, a full-screen mode, seek and volume controls, as well as a pretty complete keyboard navigation. Update Information: Updated firefox and xulrunner packages that fix various security issues are now available for Fedora Core 9.This update has been rated as having critical security impact by the Fedora Security Response Team.Mozilla Firefox is an open source Web browser.Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-0017, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021)Several flaws were found in the way malformed content was processed. A web site containing specially-crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5022, CVE-2008-5023, CVE-2008-5024)A flaw was found in the way Firefox opened file: URIs. If a file: URI was loaded in the same tab as a chrome or privileged about: page, the file: URI could execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-5015) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.4[1].All firefox users and users of packages depending on xulrunner[2] should upgrade to these updated packages, which contain patches that correct these issues.[1] http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.4 [2] cairo-dock chmsee devhelp epiphany epiphany-extensions evolution-rss galeon gnome-python2-extras gnome- web-photo google-gadgets gtkmozembedmm kazehakase Miro mozvoikko mugshot ruby- gnome2 totem yelp Provides Python bindings for libgdl on PPC64. This update fixes a build break. ChangeLog: * Wed Nov 12 2008 Christopher Aillon [EMAIL PROTECTED] - 2.23.2-8 - Rebuild against newer gecko * Wed Sep 24 2008 Christopher Aillon [EMAIL PROTECTED] - 2.23.2-7 - Rebuild against newer gecko * Fri Jul 25 2008 - Bastien Nocera [EMAIL PROTECTED] - 2.23.2-6 - Add patch to make FLV videos thumbnail (#449279) * Fri Jul 18 2008 Martin Stransky [EMAIL PROTECTED] - 2.23.2-5 - Rebuild against xulrunner 1.9.0.4 and fixed gecko dependency * Wed Jun 18 2008 Owen Taylor [EMAIL PROTECTED] - 2.23.2-4 - Rebuild against xulrunner 1.9 final * Wed May 7 2008 - Bastien Nocera [EMAIL PROTECTED] - 2.23.2-3 - Require gstreamer-plugins-flumpegdemux as used by the DVB and DVD playback bits References: [ 1 ] Bug #470903 - CVE-2008-4582 Mozilla same origin policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=470903 [ 2 ] Bug #470876 - CVE-2008-5015 Mozilla file: URIs inherit chrome privileges https://bugzilla.redhat.com/show_bug.cgi?id=470876 [ 3 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470883 [ 4 ] Bug #470889 - CVE-2008-5019 Mozilla XSS via session restore https://bugzilla.redhat.com/show_bug.cgi?id=470889 [ 5 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager https://bugzilla.redhat.com/show_bug.cgi?id=470894 [ 6 ] Bug #470898 - CVE-2008-5023 Mozilla -moz-binding property bypasses security checks on codebase principals https://bugzilla.redhat.com/show_bug.cgi?id=470898 [ 7 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering https://bugzilla.redhat.com/show_bug.cgi?id=470873 [ 8 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470881 [ 9 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=470884 [ 10 ] Bug #470892 - CVE-2008-0017 Mozilla buffer overflow in http-index-format parser https://bugzilla.redhat.com/show_bug.cgi?id=470892 [ 11 ] Bug #470895 - CVE-2008-5022 Mozilla nsXMLHttpRequest::NotifyEventListeners() same-origin violation https://bugzilla.redhat.com/show_bug.cgi?id=470895 [ 12 ] Bug #470902 - CVE-2008-5024 Mozilla parsing error in E4X default
Fedora 9 Update: homestead-0.92-1.fc9
Fedora Update Notification FEDORA-2008-9670 2008-11-14 11:11:56 Name: homestead Product : Fedora 9 Version : 0.92 Release : 1.fc9 URL : http://homestead.sourceforge.net/ Summary : 3D real-time network visualiser Description : Homestead is a 3D real-time network visualizer, displaying hosts and packet traffic. Features include support for multiple sensors, analysis of packets to gather hostnames and services, configurable layout of subnetworks, recording/replaying of packet traffic, and the ability to filter packets by host, protocol or port. hsen (Homestead Sensor) is a packet capture daemon which reads and sends packet header information to Homestead, locally or remotely. hsen also equates hostname to IP by reading DNS packets (UDP type A class IN standard query response). The relationship between hsen to Homestead can be one-to-one, one-to-many, many-to-one or many-to-many (many Homesteads would be on multiple computers on the same subnet, receiving packet header information from hsen via broadcast). Update Information: update This update can be installed with the yum update program. Use su -c 'yum update homestead' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 9 Update: ltsp-5.1.34-2.fc9
Fedora Update Notification FEDORA-2008-9671 2008-11-14 11:12:03 Name: ltsp Product : Fedora 9 Version : 5.1.34 Release : 2.fc9 URL : http://www.ltsp.org Summary : Linux Terminal Server Project Server and Client Description : LTSP client and server Update Information: http://wtogami.livejournal.com/28896.html Many bug fixes and cleanups from the LTSP Hackfest.ltsp-5.1.34-2.fc9 - jetpipe supports serial printers - TIMEZONE and TIMESERVER options for thin clients - Move LDM to VT1 by default - Prevent error during client chroot config - Many other little bug fixes ldm-2.0.18-1.fc9 - Fix race condition in a clean way without the ugly hack. - Improve logging. - Many little bug fixes and code cleanups.Maureen Duffy fixed the background of the LDM greeter theme. ChangeLog: * Thu Nov 13 2008 Warren Togami [EMAIL PROTECTED] - 5.1.34-2 - Enable plymouth support if supported hardware is detected - jetpipe supports serial printers - TIMEZONE and TIMESERVER options for thin clients - Move LDM to VT1 by default - Prevent error during client chroot config - Many other little bug fixes * Sat Nov 1 2008 Warren Togami [EMAIL PROTECTED] - 5.1.32-1 - Exclude wireless drivers because they cannot netboot, and they can often cause boot problems because of missing firmware - Point Fedora 10 client chroot at Fedora 10 mirrormanager * Fri Oct 31 2008 Warren Togami [EMAIL PROTECTED] - 5.1.31-1 - Revert upstream change that broke pulseaudio * Fri Oct 31 2008 Warren Togami [EMAIL PROTECTED] - 5.1.30-2 - ltsp-server requires ldminfod * Thu Oct 30 2008 Warren Togami [EMAIL PROTECTED] - 5.1.30-1 - ldminfod tells LDM client location of Xsession script fallback to client's known location if ldminfod failed to tell it - ldminfod moved from ltsp-server to ldminfod package - Add alsa-plugins-pulseaudio to client chroot, should allow most localapps to output sound. - Fix client boot with F10 iproute - Debug shells on VT2-VT6 are now disabled by default edit /var/lib/tftpboot/i386/lts.conf to enable if you need it * Sun Oct 5 2008 Warren Togami [EMAIL PROTECTED] - 5.1.26-1 - Fix copying of mkinitrd config file within chroot * Sun Oct 5 2008 Warren Togami [EMAIL PROTECTED] - 5.1.25-1 - Bug #462228 Prevent bogus mkinitrd config from landing on systems who accidentally install ltsp-client for no good reason. (Thanks John Ellson) - Remove irrelevant plugins from package * Thu Sep 11 2008 Warren Togami [EMAIL PROTECTED] - 5.1.24-1 - lts.conf options: VOLUME, HEADPHONE_VOLUME, PCM_VOLUME, CD_VOLUME, FRONT_VOLUME Set values higher than default if not specified in lts.conf. MIC_VOLUME not set by default, but can be controlled by lts.conf. - xrexec renamed to ltsp-localapps - xrexecd.sh renamed to ltsp-localappsd - fix build on RHEL-5 * Wed Sep 10 2008 Warren Togami [EMAIL PROTECTED] - 5.1.23-1 - Point F8 and F9 client chroot builder at newkey repos - Ensure that initscripts installs before ltsp-client * Wed Aug 27 2008 Warren Togami [EMAIL PROTECTED] - 5.1.22-1 - Exclude /var/cache/yum/* from mksquashfs * Sun Aug 24 2008 Warren Togami [EMAIL PROTECTED] - 5.1.21-1 - Exclude /proc/* and /sys/* from mksquashfs - Cleanup old kernels and images from tftpdir * Sun Aug 24 2008 Warren Togami [EMAIL PROTECTED] - 5.1.20-1 - Prep for NBD root boot (requires mkinitrd changes) - Fix nbdrootd and nbdswapd launch path - nbdswap detects an unused nbd device before using it - nbdrootd and nbdswapd uses KEEPALIVE, should die after default 7200 seconds - ltsp-update-image script to create NBD root images in /opt/ltsp/images - Cleanup old netboot images from chroot during kernel upgrade - xrexecd waits for xatom changes instead of polling - Disable nbdswap if server is running Live * Thu Aug 14 2008 Warren Togami [EMAIL PROTECTED] - 5.1.19-1 - Initial x86_64 client chroot support (John Ellson) - Fix chroot-creator so NBI and ELF images are created during client install. - Use wraplinux to create NBI image. * Wed Aug 13 2008 Warren Togami [EMAIL PROTECTED] - 5.1.18-1 - cleanups to localapps scripts - moved localapp stuff from ldm into this package - Fix nbdswap nbd was missing in both client and server nbdswapd had a bogus path to nbd-server - Automatic setup of coreboot/ELF capable Etherboot images created by mkelfimage. dhcpd.conf default serves this to any client reporting itself as Etherboot-5.4. * Fri Aug 8 2008 Warren Togami [EMAIL PROTECTED] - 5.1.15-4 - Include live-config within ltsp-server * Thu Aug 7 2008 Warren Togami [EMAIL PROTECTED] - 5.1.15-1 - kickstart files are no longer %config(noreplace). - Many minor fixes to silence error messages during
Fedora 8 Update: R-GeneR-2.11.1-3.fc8
Fedora Update Notification FEDORA-2008-9191 2008-11-14 11:12:09 Name: R-GeneR Product : Fedora 8 Version : 2.11.1 Release : 3.fc8 URL : http://www.bioconductor.org/packages/3.fc8/bioc/html/GeneR.html Summary : R for genes and sequences analysis Description : Package manipulating nucleotidic sequences (Embl, Fasta, GenBank). References: [ 1 ] Bug #465750 - Review Request: R-GeneR - R for genes and sequences analysis https://bugzilla.redhat.com/show_bug.cgi?id=465750 This update can be installed with the yum update program. Use su -c 'yum update R-GeneR' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 9 Update: tennix-0.6.1-4.fc9
Fedora Update Notification FEDORA-2008-8240 2008-11-14 11:12:12 Name: tennix Product : Fedora 9 Version : 0.6.1 Release : 4.fc9 URL : http://icculus.org/tennix/ Summary : A simple tennis game Description : Tennix! is a SDL port of a simple tennis game. It features a two-player game mode and a single-player mode against the computer. Update Information: Tennix! is a SDL port of a simple tennis game. It features a two-player game mode and a single-player mode against the computer. ChangeLog: References: [ 1 ] Bug #445604 - Review Request: tennix - A funny 2D tennis game https://bugzilla.redhat.com/show_bug.cgi?id=445604 This update can be installed with the yum update program. Use su -c 'yum update tennix' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 8 Update: superiotool-0-0.14.20081103svn3698.fc8
Fedora Update Notification FEDORA-2008-9354 2008-11-14 11:12:12 Name: superiotool Product : Fedora 8 Version : 0 Release : 0.14.20081103svn3698.fc8 URL : http://linuxbios.org/index.php/Superiotool Summary : Simple program for detecting Super I/O on your mainboard Description : User-space helper tool which allows you to detect which Super I/O you have on your mainboard, and it can provide detailed information about the register contents of the Super I/O. Update Information: %changelog * Mon Nov 3 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.14.20081103svn3698 - Support for the ITE IT8661F/IT8770F, IT8673F, and IT8671F/IT8687R - Add register definitions for W83627HF - Drop global register 0x07 for all Super I/Os - Add dump support to ITE IT8726F - Add Fintek F71882FG support - Add some more Super I/O IDs/names ChangeLog: * Mon Nov 3 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.14.20081103svn3698 - Support for the ITE IT8661F/IT8770F, IT8673F, and IT8671F/IT8687R - Add register definitions for W83627HF - Drop global register 0x07 for all Super I/Os - Add dump support to ITE IT8726F - Add Fintek F71882FG support - Add some more Super I/O IDs/names * Mon Oct 6 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.13.20080815svn3511 - More ExcludeArch * Fri Aug 15 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.12.20080815svn3511 - Fixed svn path (LinuxBIOS renamed to Coreboot) - svn ver. 3511 - add support for SMSC SIO10N268 (trivial) - add support for 2 new SMSC superio chips - Add dump support for Winbond (NSC) PC87427 * Sun May 18 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.11.20080518svn3319 - Fixed installation * Sun May 18 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.10.20080518svn3319 - Add support for dumping ITE IT8718F EC registers - Detect SMSC SCH5027 - Small cleanups * Sun Feb 10 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.9.20080210svn3064 - svn ver. 3064 - Added more Winbond W83627EHF chips * Thu Jan 10 2008 Peter Lemenkov [EMAIL PROTECTED] 0-0.8.20080110svn3011 - svn ver. 3011 - support for NSC PC87317 - support for SMSC LPC47M192 - support for NSC PC97317 - support for NSC PC97307 - support for NSC PC8741x - support for NSC PC87309 - support for SMSC FDC37C67x - support for the PC87366 - support for the SMSC LPC47B27x * Mon Nov 19 2007 Peter Lemenkov [EMAIL PROTECTED] 0.7.20071118svn2975 - Fixed man-page installation * Sun Nov 18 2007 Peter Lemenkov [EMAIL PROTECTED] 0.6.20071118svn2975 - svn ver. 2975 (support for SMSC LPC47N227, NSC PC8374L, Winbond W83977TF, Winbond W83977AF, Winbond W83697SF, NSC PC87360, SMSC FDC37N958FR) - drop patch1 This update can be installed with the yum update program. Use su -c 'yum update superiotool' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 8 Update: xmlrpc-c-1.06.31-1.fc8
Fedora Update Notification FEDORA-2008-9674 2008-11-14 11:12:31 Name: xmlrpc-c Product : Fedora 8 Version : 1.06.31 Release : 1.fc8 URL : http://xmlrpc-c.sourceforge.net/ Summary : A lightweight RPC library based on XML and HTTP Description : XML-RPC is a quick-and-easy way to make procedure calls over the Internet. It converts the procedure call into XML document, sends it to a remote server using HTTP, and gets back the response as XML. This library provides a modular implementation of XML-RPC for C and C++. Update Information: ChangeLog: * Thu Nov 13 2008 Enrico Scholz [EMAIL PROTECTED] - 1.06.31-1 - updated to 1.06.31 - use correct pkg-config script for 'xmlrpc-config server-util' output (#471323) * Sun Mar 16 2008 Enrico Scholz [EMAIL PROTECTED] - 1.06.25-1 - updated to 1.06.25 * Wed Jan 2 2008 Enrico Scholz [EMAIL PROTECTED] - 1.06.23-1 - use correct pkg-config script for 'xmlrpc-config abyss-server' output (#355411) - updated to 1.06.23 (#355411) References: [ 1 ] Bug #471323 - xmlrpc-c-config is broken https://bugzilla.redhat.com/show_bug.cgi?id=471323 This update can be installed with the yum update program. Use su -c 'yum update xmlrpc-c' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 9 Update: libgeda-20080929-1.fc9
Fedora Update Notification FEDORA-2008-9676 2008-11-14 11:12:46 Name: libgeda Product : Fedora 9 Version : 20080929 Release : 1.fc9 URL : http://www.geda.seul.org Summary : Libraries for the gEDA project Description : This package contains libgeda, the library needed by gEDA applications. Update Information: new upstream release ChangeLog: * Tue Nov 11 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20080929-1 - New upstream release - cleaned rpmlint warnings : unused-direct-shlib-dependencies This update can be installed with the yum update program. Use su -c 'yum update libgeda' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 9 Update: R-GeneR-2.11.1-5.fc9
Fedora Update Notification FEDORA-2008-9298 2008-11-14 11:13:13 Name: R-GeneR Product : Fedora 9 Version : 2.11.1 Release : 5.fc9 URL : http://www.bioconductor.org/packages/5.fc9/bioc/html/GeneR.html Summary : R for genes and sequences analysis Description : Package manipulating nucleotidic sequences (Embl, Fasta, GenBank). ChangeLog: References: [ 1 ] Bug #465750 - Review Request: R-GeneR - R for genes and sequences analysis https://bugzilla.redhat.com/show_bug.cgi?id=465750 This update can be installed with the yum update program. Use su -c 'yum update R-GeneR' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 9 Update: geda-symbols-20080929-1.fc9
Fedora Update Notification FEDORA-2008-9679 2008-11-14 11:13:13 Name: geda-symbols Product : Fedora 9 Version : 20080929 Release : 1.fc9 URL : http://www.geda.seul.org Summary : Electronic symbols for gEDA Description : This package contains a bunch of symbols of electronic devices used by gschem, the gEDA project schematic editor. Update Information: 1.4.1 ChangeLog: * Tue Nov 11 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20080929-1 - New upstream release This update can be installed with the yum update program. Use su -c 'yum update geda-symbols' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 9 Update: geda-docs-20080929-1.fc9
Fedora Update Notification FEDORA-2008-9679 2008-11-14 11:13:13 Name: geda-docs Product : Fedora 9 Version : 20080929 Release : 1.fc9 URL : http://www.geda.seul.org Summary : Documentation for gEDA Description : This package contains documentation for the gEDA project. Update Information: 1.4.1 ChangeLog: * Tue Nov 11 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20080929-1 - New upstream release This update can be installed with the yum update program. Use su -c 'yum update geda-docs' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 9 Update: geda-utils-20080929-1.fc9
Fedora Update Notification FEDORA-2008-9680 2008-11-14 11:13:21 Name: geda-utils Product : Fedora 9 Version : 20080929 Release : 1.fc9 URL : http://www.geda.seul.org/tools/utils/index.html Summary : Several utilities for the gEDA project Description : Several utilities for the gEDA project. Update Information: 1.4.1 ChangeLog: * Tue Nov 11 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20080929-1 - New upstream release * Mon Jul 7 2008 Tom spot Callaway [EMAIL PROTECTED] - 20080127-2 - fix conditional comparison This update can be installed with the yum update program. Use su -c 'yum update geda-utils' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 9 Update: geda-gattrib-20080929-1.fc9
Fedora Update Notification FEDORA-2008-9680 2008-11-14 11:13:21 Name: geda-gattrib Product : Fedora 9 Version : 20080929 Release : 1.fc9 URL : http://www.geda.seul.org/tools/gattrib/index.html Summary : Attribute editor for gEDA Description : Gattrib is gEDA's attribute editor. It reads a set of gschem .sch files (schematic files), and creates a spreadsheet showing all components in rows, with the associated component attributes listed in the columns. It allows the user to add, modify, or delete component attributes outside of gschem, and then save the .sch files back out. When it is completed, it will allow the user to edit attributes attached to components, nets, and pins. (Currently, only component attribute editing is implemented; pin attributes are displayed only, and net attributes are TBD.) Update Information: 1.4.1 ChangeLog: * Tue Nov 11 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20080929-1 - New upstream release This update can be installed with the yum update program. Use su -c 'yum update geda-gattrib' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 9 Update: geda-gnetlist-20080929-1.fc9
Fedora Update Notification FEDORA-2008-9680 2008-11-14 11:13:21 Name: geda-gnetlist Product : Fedora 9 Version : 20080929 Release : 1.fc9 URL : http://www.geda.seul.org/tools/gnetlist/index.html Summary : Netlister for the gEDA project Description : Gnetlist generates netlists from schematics drawn with gschem (the gEDA schematic editor). Possible output formats are: - native - tango - spice - allegro - PCB - verilog and others. Update Information: 1.4.1 ChangeLog: * Tue Nov 11 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20080929-1 - New upstream release This update can be installed with the yum update program. Use su -c 'yum update geda-gnetlist' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 9 Update: geda-gsymcheck-20080929-1.fc9
Fedora Update Notification FEDORA-2008-9680 2008-11-14 11:13:21 Name: geda-gsymcheck Product : Fedora 9 Version : 20080929 Release : 1.fc9 URL : http://www.geda.seul.org/tools/gsymcheck/index.html Summary : Symbol checker for electronics schematics editor Description : Gsymcheck is a utility to check symbols for gschem. It is part of the gEDA project. Update Information: 1.4.1 ChangeLog: * Tue Nov 11 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20080929-1 - New upstream release This update can be installed with the yum update program. Use su -c 'yum update geda-gsymcheck' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Fedora 9 Update: geda-gschem-20080929-1.fc9
Fedora Update Notification FEDORA-2008-9680 2008-11-14 11:13:21 Name: geda-gschem Product : Fedora 9 Version : 20080929 Release : 1.fc9 URL : http://www.geda.seul.org/tools/gschem/index.html Summary : Electronics schematics editor Description : Gschem is an electronics schematic editor. It is part of the gEDA project. Update Information: 1.4.1 ChangeLog: * Tue Nov 11 2008 Chitlesh Goorah chitlesh [AT] fedoraproject DOT org - 20080929-1 - New upstream release This update can be installed with the yum update program. Use su -c 'yum update geda-gschem' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys ___ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
