[AC] mutt - security upgrade
There is a new version of mutt which fixes CVE-2007-2683 and CVE-2007-1558. I enclose patch for the AC-branch. Best wishes, -- Kacper Kornet Index: mutt.spec === RCS file: /cvsroot/SPECS/mutt.spec,v retrieving revision 1.183.2.1 diff -u -r1.183.2.1 mutt.spec --- mutt.spec 17 Jul 2006 13:35:04 - 1.183.2.1 +++ mutt.spec 1 Jun 2007 16:25:29 - @@ -19,13 +19,13 @@ Summary(tr): Mutt elektronik posta programý Summary(uk): đĎŰÔĎ×Á ËĚŚ¤ÎÔÓŘËÁ ĐŇĎÇŇÁÍÁ Mutt Name: mutt -Version: 1.4.2.2 +Version: 1.4.2.3 Release: 1 Epoch: 6 License: GPL Group: Applications/Mail -Source0: ftp://ftp.mutt.org/mutt/%{name}-%{version}i.tar.gz -# Source0-md5: 51a08429c5bd5c34af3f4268b8cbcda3 +Source0: ftp://ftp.mutt.org/mutt/%{name}-%{version}.tar.gz +# Source0-md5: dcb94661827dd090fa813e73e122ea0c Source1: %{name}.desktop Source2: %{name}.png Source3: %{name}.1.pl ___ pld-devel-en mailing list pld-devel-en@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
Re: /dev/null in bind chroot()
Arkadiusz Miskiewicz wrote: Hello I wonder what for /dev/null can be used by named inside of it's chroot() ? Any ideas? I guess glibc itself doesn't really need it. /dev/random for example is no longer needed since bind can use /dev/random from outside of chroot (it opens it early and keeps descriptor). Is the descriptor kept over a reload of named? AFAIR there were problems with that. Now if /dev/null could be dropped, too then it would be great. -- === Andrzej M. Krzysztofowicz [EMAIL PROTECTED] phone (48)(58) 347 19 36 Faculty of Applied Phys. Math., Gdansk University of Technology ___ pld-devel-en mailing list pld-devel-en@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
Re: /dev/null in bind chroot()
On Friday 01 of June 2007, Andrzej Krzysztofowicz wrote: Arkadiusz Miskiewicz wrote: Hello I wonder what for /dev/null can be used by named inside of it's chroot() ? Any ideas? I guess glibc itself doesn't really need it. /dev/random for example is no longer needed since bind can use /dev/random from outside of chroot (it opens it early and keeps descriptor). Is the descriptor kept over a reload of named? AFAIR there were problems with that. Seems so. [EMAIL PROTECTED] ~]# lsof -n |grep named |grep random named 24763 named5r CHR1,8 402654872 /dev/random [EMAIL PROTECTED] ~]# service named reload Przeładowanie usługi Named... [ ZROBIONE ] [EMAIL PROTECTED] ~]# lsof -n |grep named |grep random named 24763 named5r CHR1,8 402654872 /dev/random no complains in log. For testing I also deleted /var/lib/named/dev/null - so far no problems. -- Arkadiusz MiśkiewiczPLD/Linux Team arekm / maven.plhttp://ftp.pld-linux.org/ ___ pld-devel-en mailing list pld-devel-en@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
[AC] gimp upgrade
I enclose the path with the upgrade of gimp. The new version corrects CVE-2007-2356. P.S. Building new gimp I discovered that pango-devel probably misses requirement for glitz-devel. -- Kacper Kornet Index: gimp.spec === RCS file: /cvsroot/SPECS/gimp.spec,v retrieving revision 1.275 diff -u -r1.275 gimp.spec --- gimp.spec 27 Apr 2007 19:33:20 - 1.275 +++ gimp.spec 2 Jun 2007 01:43:30 - @@ -21,13 +21,13 @@ Summary(zh_CN.UTF-8): [ĺžĺ]GNUĺžčąĄĺ¤çĺˇĽĺ ˇ Summary(zh_TW.UTF-8): [ĺĺ]GNUĺ蹥čçĺˇĽĺ ˇ Name: gimp -Version: 2.2.14 +Version: 2.2.15 Release: 1 Epoch: 1 License: GPL Group: X11/Applications/Graphics Source0: ftp://ftp.gimp.org/pub/gimp/v2.2/%{name}-%{version}.tar.bz2 -# Source0-md5: 2f47dd66d714a970356e275dd1d3caac +# Source0-md5: 5e705f0c7a3b37703d407e88bee357bb Patch0:%{name}-home_etc.patch URL: http://www.gimp.org/ %{?with_aalib:BuildRequires: aalib-devel} ___ pld-devel-en mailing list pld-devel-en@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-devel-en