The following builds have been pushed to Fedora 13 updates-testing
3proxy-0.6.1-9.fc13
aldrin-0.13-4.fc13
armstrong-0.2.6-11.fc13
bdii-5.1.5-1.fc13
calibre-0.6.55-1.fc13
canorus-0.7-6.R1213.20100530svn.fc13
cdf-0.2-3.fc13
emacs-vm-8.1.1-1.fc13
erlang-esasl-0.1-5.fc13
evolution-2.30.1-8.fc13
freeglut-2.6.0-5.fc13
gnome-icon-theme-extras-2.30.1-2.fc13
gpodder-2.6-6.fc13
grub2-1.98-2.fc13
guitone-1.0-0.1.rc4.fc13
imapsync-1.311-1.fc13
isdn4k-utils-3.2-71.fc13
isight-firmware-tools-1.5.92-1.fc13
jaxodraw-2.0.1-5.fc13
kicad-2010.05.27-2.rev2363.fc13
koffice-2.2.0-1.fc13
koffice-langpack-2.2.0-1.fc13
kpartsplugin-0.0.1-0.2.20100521.fc13
libfm-0.1.12-1.fc13
liboggz-1.1.1-1.fc13
mozilla-noscript-1.9.9.81-1.fc13
openssh-5.4p1-3.fc13
papyrus-0.13.3-1.fc13
pcmanfm-0.9.7-1.fc13
perlbrew-0.06-2.fc13
pidgin-2.7.1-2.fc13
python-cssutils-0.9.6-1.fc13
python-py-1.3.1-1.fc13
rhythmbox-equalizer-1.4-1.fc13
rkhunter-1.3.6-6.fc13
rkward-0.5.3-1.fc13
roundup-1.4.13-2.fc13
selinux-policy-3.7.19-22.fc13
setools-3.3.7-2.fc13
squid-3.1.4-1.fc13
surfraw-2.2.7-1.fc13
tinyproxy-1.8.1-1.fc13
uzbl-0-0.13.20100410gitec473e124.fc13
waf-1.5.17-1.fc13
wordpress-plugin-bad-behavior-2.0.36-1.fc13
wxPython-2.8.11.0-1.fc13
xinha-0.96.1-2.fc13
xiphos-3.1.3-2.fc13
Details about builds:
================================================================================
3proxy-0.6.1-9.fc13 (FEDORA-2010-9263)
Tiny but very powerful proxy
--------------------------------------------------------------------------------
Update Information:
Correct path to config file in man (BUG#596087) add Patch0: 3proxy-0.6.1-config-
path.patch
--------------------------------------------------------------------------------
ChangeLog:
* Sun May 30 2010 Pavel Alexeev <Pahan@xxxxxxxxxxxxx> - 0.6.1-9
- Correct path to config file in man (BUG#596087) add Patch0: 3proxy-0.6.1-config-path.patch
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #596087 - Wrong path to 3proxy.cfg in /usr/share/man/man8/3proxy.8.gz
https://bugzilla.redhat.com/show_bug.cgi?id=596087
--------------------------------------------------------------------------------
================================================================================
aldrin-0.13-4.fc13 (FEDORA-2010-9248)
Modular music sequencer/tracker
--------------------------------------------------------------------------------
Update Information:
armstrong changes: - Fix stack smashing in 32 bit systems - More lunar
fixes - Superfm fix - New lunar note plugin aldrin changes: - Change
device order in autodetect. Prevents a possible crash. - Fix segfault in
waveedit when deleting end of waveform.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 6 2010 Orcan Ogetbil <oget [DOT] fedora [AT] gmail [DOT] com> - 0.13-4
- Change device order in autodetect. Prevents a possible crash.
- Fix segfault in waveedit when deleting end of waveform.
- Comply with new python guidelines
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #508779 - aldrin won't start on fc11
https://bugzilla.redhat.com/show_bug.cgi?id=508779
--------------------------------------------------------------------------------
================================================================================
armstrong-0.2.6-11.fc13 (FEDORA-2010-9248)
Powerful music sequencing library
--------------------------------------------------------------------------------
Update Information:
armstrong changes: - Fix stack smashing in 32 bit systems - More lunar
fixes - Superfm fix - New lunar note plugin aldrin changes: - Change
device order in autodetect. Prevents a possible crash. - Fix segfault in
waveedit when deleting end of waveform.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 5 2010 Orcan Ogetbil <oget [DOT] fedora [AT] gmail [DOT] com> 0.2.6-11
- Fix stack smashing in 32 bit systems RHBZ#508779
- More lunar fixes
- Superfm fix
- New lunar note plugin
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #508779 - aldrin won't start on fc11
https://bugzilla.redhat.com/show_bug.cgi?id=508779
--------------------------------------------------------------------------------
================================================================================
bdii-5.1.5-1.fc13 (FEDORA-2010-9271)
The Berkeley Database Information Index (BDII)
--------------------------------------------------------------------------------
Update Information:
The Berkeley Database Information Index (BDII) consists of a standard LDAP
database which is updated by an external process. The update process obtains
LDIF from a number of sources and merges them. It then compares this to the
contents of the database and creates an LDIF file of the differences. This is
then used to update the database.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #576839 - Review Request: bdii - The Berkeley Database Information Index (BDII)
https://bugzilla.redhat.com/show_bug.cgi?id=576839
--------------------------------------------------------------------------------
================================================================================
calibre-0.6.55-1.fc13 (FEDORA-2010-9228)
E-book converter and library management
--------------------------------------------------------------------------------
Update Information:
This is an update to the latest upstream that fixes several crashes and provides
a number of enhancements. See:
http://bazaar.launchpad.net/~kovid/calibre/trunk/annotate/head:/Changelog.yaml
for full information.
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 28 2010 Kevin Fenzi <kevin@xxxxxxxxx> - 0.6.55-1
- Update to 0.6.55
* Fri May 21 2010 Kevin Fenzi <kevin@xxxxxxxxx> - 0.6.54-1
- Update to 0.6.54
* Fri May 21 2010 Kevin Fenzi <kevin@xxxxxxxxx> - 0.6.53-1
- Update to 0.6.53
* Wed May 5 2010 Marcela Maslanova <mmaslano@xxxxxxxxxx> - 0.6.47-2
- Rebuild against new poppler
* Sat Apr 10 2010 Ionuț C. Arțăriși <mapleoin@xxxxxxxxxxxxxxxxx> - 0.6.47-1
- new upstream release 0.6.47
- new chmlib requirement
- create directory for calibre's environment module
- use bzip2 instead of gzip when preparing tarball in generate-tarball.sh
- remove cssutils patches (we now have python-cssutils 0.9.6 in Fedora)
--------------------------------------------------------------------------------
================================================================================
canorus-0.7-6.R1213.20100530svn.fc13 (FEDORA-2010-9305)
Music Score Editor
--------------------------------------------------------------------------------
Update Information:
Bugfixes in: - exporting text on chords to Lilypond - unable to save the
document. - unsaved changes warning dialog when opening recent documents -
sheet properties toolbar when removing the last sheet - properties dialog
layout - default note stem direction - score user interface
--------------------------------------------------------------------------------
ChangeLog:
* Sun May 30 2010 Orcan Ogetbil <oget[DOT]fedora[AT]gmail[DOT]com> - 0.7-6.R1213.20100530svn
- Fix DSO linking
* Sun May 30 2010 Orcan Ogetbil <oget[DOT]fedora[AT]gmail[DOT]com> - 0.7-5.R1213.20100530svn
- SVN revision 1213
--------------------------------------------------------------------------------
================================================================================
cdf-0.2-3.fc13 (FEDORA-2010-9324)
A colorized df
--------------------------------------------------------------------------------
================================================================================
emacs-vm-8.1.1-1.fc13 (FEDORA-2010-9285)
Emacs VM mailreader
--------------------------------------------------------------------------------
Update Information:
Update to new upstream bugfix version with updated support for org-mode, and
POP/IMAP folders
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 26 2010 Jonathan G. Underwood <jonathan.underwood@xxxxxxxxx> - 8.1.1-1
- Update to version 8.1.1
- Fix source URL
--------------------------------------------------------------------------------
================================================================================
erlang-esasl-0.1-5.fc13 (FEDORA-2010-9249)
Simple Authentication and Security Layer (SASL) support for Erlang
--------------------------------------------------------------------------------
Update Information:
Narrowed explicit requires.
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 28 2010 Peter Lemenkov <lemenkov@xxxxxxxxx> 0.1-5
- Narrow explicit requires
--------------------------------------------------------------------------------
================================================================================
evolution-2.30.1-8.fc13 (FEDORA-2010-9246)
Mail and calendar client for GNOME
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 28 2010 Matthew Barnes <mbarnes@xxxxxxxxxx> - 2.30.1-8.fc13
- Add patch for RH bug #590373 (quietly close unchanged drafts).
* Thu May 27 2010 Matthew Barnes <mbarnes@xxxxxxxxxx> - 2.30.1-7.fc13
- Add patch for GNOME bug #618400 (missing keyboard shortcut).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #590373 - evolution doesn't save unfinished messages
https://bugzilla.redhat.com/show_bug.cgi?id=590373
--------------------------------------------------------------------------------
================================================================================
freeglut-2.6.0-5.fc13 (FEDORA-2010-9258)
A freely licensed alternative to the GLUT library
--------------------------------------------------------------------------------
Update Information:
Suppress the bogus and annoying "Unknown X event type" warnings printed out with
the new xorg.
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 31 2010 Tomas Smetana <tsmetana@xxxxxxxxxx> 2.6.0-5
- fix #575885, #575885 - suppress the "Unknown X event type" warnings
* Fri May 7 2010 Josh Boyer <jwboyer@xxxxxxxxx> 2.6.0-4
- Add -lm to fix ppc build
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #575885 - freeglut error Unknown X Event type 96
https://bugzilla.redhat.com/show_bug.cgi?id=575885
[ 2 ] Bug #595031 - Unknown X event type: 105
https://bugzilla.redhat.com/show_bug.cgi?id=595031
--------------------------------------------------------------------------------
================================================================================
gnome-icon-theme-extras-2.30.1-2.fc13 (FEDORA-2010-9291)
Additional GNOME icons
--------------------------------------------------------------------------------
Update Information:
This update adds an icon for the Apple iPad, as advertised.
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 28 2010 Bastien Nocera <bnocera@xxxxxxxxxx> 2.30.1-2
- Add iPad icons
--------------------------------------------------------------------------------
================================================================================
gpodder-2.6-6.fc13 (FEDORA-2010-8945)
Podcast receiver/catcher written in Python
--------------------------------------------------------------------------------
Update Information:
This update includes: * a better episode list context menu and some bug fixes
* upstream patch to fix All Episode subscription editing crashes * upstream
patch for TypeError in gui.py * versioned dependency on python-mygpoclient 1.4
--------------------------------------------------------------------------------
ChangeLog:
* Sun May 30 2010 Ville-Pekka Vainio <vpivaini AT cs.helsinki.fi> - 2.6-6
- Require python-mygpoclient >= 1.4, rhbz #597740
* Fri May 28 2010 Jef Spaleta <jspaleta AT fedoraproject DOT org> - 2.6-5
- Replace All Episodes patch with better patch from upstream.
* Fri May 28 2010 Ville-Pekka Vainio <vpivaini AT cs.helsinki.fi> - 2.6-4
- Upstream patch for TypeError in gui.py, upstream bug #934, rhbz #595980
* Sun May 23 2010 Jef Spaleta <jspaleta AT fedoraproject DOT org> - 2.6-3
- better patch
* Sun May 23 2010 Jef Spaleta <jspaleta AT fedoraproject DOT org> - 2.6-2
- small patch to prevent crashes when selecting All episodes for subscription edit
* Sun May 23 2010 Ville-Pekka Vainio <vpivaini AT cs.helsinki.fi> - 2.6-1
- New upstream release, mostly bug fixes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #596339 - [abrt] crash in gpodder-2.5-1.fc13: channel.py:37:new:TypeError: Gtk.Label.set_text() argument 1 must be string, not None
https://bugzilla.redhat.com/show_bug.cgi?id=596339
[ 2 ] Bug #595980 - [abrt] crash in gpodder-2.5-1.fc13: gui.py:2088:play_or_download:TypeError: unknown type (null)
https://bugzilla.redhat.com/show_bug.cgi?id=595980
[ 3 ] Bug #597740 - gpodder should have a versioned dependency on python-mygpoclient
https://bugzilla.redhat.com/show_bug.cgi?id=597740
--------------------------------------------------------------------------------
================================================================================
grub2-1.98-2.fc13 (FEDORA-2010-9224)
Bootloader with support for Linux, Multiboot and more
--------------------------------------------------------------------------------
Update Information:
update to 1.98 fixing detection of root devices
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 28 2010 Dennis Gilmore <dennis@xxxxxxxx> - 1:1.98-2
- add patch so grub2-probe works with lvm to detect devices correctly
* Wed Apr 21 2010 Dennis Gilmore <dennis@xxxxxxxx> - 1:1.98-1
- update to 1.98
--------------------------------------------------------------------------------
================================================================================
guitone-1.0-0.1.rc4.fc13 (FEDORA-2010-9235)
A frontend for Monotone
--------------------------------------------------------------------------------
Update Information:
The 1.0rc4 version comes with a few new nifty features like an improved
changeset browser and enhanced certificate support, as well as a couple of other
smaller improvements and bugfixes.
--------------------------------------------------------------------------------
ChangeLog:
* Sun May 30 2010 Thomas Moschny <thomas.moschny@xxxxxx> - 1.0-0.1.rc4
- Update to 1.0rc4.
--------------------------------------------------------------------------------
================================================================================
imapsync-1.311-1.fc13 (FEDORA-2010-9319)
Tool to migrate email between IMAP servers
--------------------------------------------------------------------------------
Update Information:
Upgrade to 1.311
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 28 2010 Nick Bebout <nb@xxxxxxxxxxxxxxxxx> - 1.311-1
- Upgrade to 1.311
- License is now WTFPL
--------------------------------------------------------------------------------
================================================================================
isdn4k-utils-3.2-71.fc13 (FEDORA-2010-9294)
Utilities for configuring an ISDN subsystem
--------------------------------------------------------------------------------
Update Information:
- enable capi.new - fix multilib issue
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 14 2010 Than Ngo <than@xxxxxxxxxx> - 3.2-71
- fix bz#566909, thanks to Louis Lagendijk
- own LIBDIR/capi
- fix loading of plugins
- remove chkconfig capi off
* Tue May 4 2010 Than Ngo <than@xxxxxxxxxx> - 3.2-70
- enable capi.new
- add 40-isdn.rules, it's dropped from udev in F14 and later
- fix multilib issue
- add subpackage doc
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #566909 - RFE: please change isdn4k-utils to use capi20.new
https://bugzilla.redhat.com/show_bug.cgi?id=566909
--------------------------------------------------------------------------------
================================================================================
isight-firmware-tools-1.5.92-1.fc13 (FEDORA-2010-9317)
Firmware extraction tools for Apple Built-in iSight camera
--------------------------------------------------------------------------------
Update Information:
iSight Firmware Tools provide tools to manipulate firmware for Built-in iSight
cameras found on Apple machines since iMac G5 (November 2005).
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 24 2010 Jason Montleon <jmontleo@xxxxxxxxxx> - 1.5.92-1
- Updated to 1.5.92 to support 10.6.2 firmware BZ 537448
* Sun May 16 2010 Jason Montleon <jmontleo@xxxxxxxxxx> - 1.5.90-2
- Fixed spec file warnings, bad source url, and created patch for udev rules.
* Tue Apr 6 2010 Jason Montleon <jmontleo@xxxxxxxxxx> - 1.5.90-1
- Updated to 1.5.90
--------------------------------------------------------------------------------
================================================================================
jaxodraw-2.0.1-5.fc13 (FEDORA-2010-9323)
A Java program for drawing Feynman diagrams
--------------------------------------------------------------------------------
Update Information:
Added man page and desktop icon.
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 29 2010 Jussi Lehtola <jussilehtola@xxxxxxxxxxxxxxxxx> - 2.0.1-5
- Added man page and desktop icon.
--------------------------------------------------------------------------------
================================================================================
kicad-2010.05.27-2.rev2363.fc13 (FEDORA-2010-9301)
Electronic schematic diagrams and printed circuit board artwork
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 29 2010 Alain Portal <alain.portal[AT]univ-montp2[DOT]fr> 2010.05.27-2
- Don't forget icons
* Sat May 29 2010 Alain Portal <alain.portal[AT]univ-montp2[DOT]fr> 2010.05.27-1
- New packager version
- Update kicad version number patch
- Patch to fix https://bugs.launchpad.net/kicad/+bug/587175
- Patch to fix https://bugs.launchpad.net/kicad/+bug/587176
* Fri May 21 2010 Alain Portal <alain.portal[AT]univ-montp2[DOT]fr> 2010.05.09-3
- Fix the kicad version number
- Fix a problem when trying to modify a footprint value in eeschema
https://bugs.launchpad.net/kicad/+bug/583939
* Tue May 18 2010 Alain Portal <alain.portal[AT]univ-montp2[DOT]fr> 2010.05.09-2
- No backup of patched files to deleted
- Add noreplace flag to config macro
* Mon May 17 2010 Alain Portal <alain.portal[AT]univ-montp2[DOT]fr> 2010.05.09-1
- New upstream version
- All previous patches no more needed
- Backward to cmake 2.6 requirement
* Sun May 9 2010 Alain Portal <alain.portal[AT]univ-montp2[DOT]fr> 2010.05.05-1
- New upstream version
- All previous patches no more needed
- Fix url: KiCad move from SourceForge.net to LaunchPad.net
- Remove vendor tag from desktop-file-install
- Add x-kicad-pcbnew mimetype
- Add new icons for mimetype
* Mon May 3 2010 Alain Portal <alain.portal[AT]univ-montp2[DOT]fr> 2010.04.06-9.rev2515
- Fix a minor bug that occurs when changing module orientation or side
* Mon May 3 2010 Alain Portal <alain.portal[AT]univ-montp2[DOT]fr> 2010.04.06-8.rev2515
- Auto update 3D viewer: fix https://bugs.launchpad.net/kicad/+bug/571089
- Create png from screen (libedit): fix https://bugs.launchpad.net/kicad/+bug/573833
* Sun May 2 2010 Alain Portal <alain.portal[AT]univ-montp2[DOT]fr> 2010.04.06-7.rev2515
- Rename COTATION class (french word) in DIMENSION and fix
https://bugs.launchpad.net/kicad/+bug/568356 and https://bugs.launchpad.net/kicad/+bug/568357
- Some code cleaning ans enhancements + fix a bug about last netlist file used (LP #567902)
* Sat May 1 2010 Alain Portal <alain.portal[AT]univ-montp2[DOT]fr> 2010.04.06-6.rev2515
- Make cleanup feature undoable, fix https://bugs.launchpad.net/kicad/+bug/564619
- Fix issues in SVG export, fix https://bugs.launchpad.net/kicad/+bug/565388
- Minor pcbnew enhancements
- Fix minor gerber problems, fix https://bugs.launchpad.net/kicad/+bug/567881
* Sat May 1 2010 Alain Portal <alain.portal[AT]univ-montp2[DOT]fr> 2010.04.06-5.rev2515
- DRC have to use the local parameters clearance if specified,
and NETCLASS value only if no local value specified.
* Sat May 1 2010 Alain Portal <alain.portal[AT]univ-montp2[DOT]fr> 2010.04.06-4.rev2514
- Fix https://bugs.launchpad.net/bugs/568896 and https://bugs.launchpad.net/bugs/569312
* Thu Apr 29 2010 Alain Portal <alain.portal[AT]univ-montp2[DOT]fr> 2010.04.06-3.rev2514
- Fix a crash that happens sometimes when opening the design rule dialog
* Mon Apr 26 2010 Alain Portal <alain.portal[AT]univ-montp2[DOT]fr> 2010.04.06-2.rev2514
- Fix https://bugs.launchpad.net/bugs/570074
* Mon Apr 12 2010 Alain Portal <alain.portal[AT]univ-montp2[DOT]fr> 2010.04.06-1.rev2514
- New upstream version
- Patches no more needed
* Mon Apr 5 2010 Alain Portal <alain.portal[AT]univ-montp2[DOT]fr> 2010.03.14-5.rev2463
- Add patch to fix SF #2981759
* Sat Apr 3 2010 Alain Portal <alain.portal[AT]univ-montp2[DOT]fr> 2010.03.14-4.rev2463
- Apply upstream patch to fix inch/mm ratio
- Provide a source download URL
--------------------------------------------------------------------------------
================================================================================
koffice-2.2.0-1.fc13 (FEDORA-2010-9240)
An integrated office suite
--------------------------------------------------------------------------------
Update Information:
The KOffice team is very happy to announce version 2.2.0, half a year after the
release of KOffice 2.1. This release brings an unprecedented number of new
features and bugfixes. See http://www.koffice.org/news/koffice-2-2-released/
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 24 2010 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 3:2.2.0-1
- koffice-2.2.0
--------------------------------------------------------------------------------
================================================================================
koffice-langpack-2.2.0-1.fc13 (FEDORA-2010-9240)
Language files for koffice
--------------------------------------------------------------------------------
Update Information:
The KOffice team is very happy to announce version 2.2.0, half a year after the
release of KOffice 2.1. This release brings an unprecedented number of new
features and bugfixes. See http://www.koffice.org/news/koffice-2-2-released/
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 24 2010 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 2:2.2.0-1
- koffice-l10n-2.2.0
--------------------------------------------------------------------------------
================================================================================
kpartsplugin-0.0.1-0.2.20100521.fc13 (FEDORA-2010-9245)
KParts technology to embed file viewers into non-KDE browsers
--------------------------------------------------------------------------------
Update Information:
This software implements a plug-in for Netscape-compatible browsers in a Unix
environment. This plug-in uses KDE's KParts technology to embed file viewers
(e.g. for PDF files) into non-KDE browsers. Tested browsers include both
Mozilla Firefox and Opera. With this plug-in, you can e.g. view PDF files in
Firefox using Okular as an embedded plug-in.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #594839 - Review Request: kpartsplugin - KParts technology to embed file viewers into non-KDE browsers
https://bugzilla.redhat.com/show_bug.cgi?id=594839
--------------------------------------------------------------------------------
================================================================================
libfm-0.1.12-1.fc13 (FEDORA-2010-9225)
GIO-based library for file manager-like programs
--------------------------------------------------------------------------------
Update Information:
New version libfm 0.1.12 / pcmanfm 0.9.7 are released. These new packages
also fixes the issue of gnome-terminal wrapper crash with certain PATH setting.
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 29 2010 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxxxx> - 0.1.12-1
- Update to 0.1.12, drop upstreamed patches
* Sat May 29 2010 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxxxx> - 0.1.11-7
- Fix crash of gnome-terminal wrapper with certain path settings
(bug 596598, 597270)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #596598 - [abrt] crash in libfm-gtk-0.1.11-5.fc13: __strlen_sse2: Process /usr/lib64/libfm/gnome-terminal was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=596598
[ 2 ] Bug #597270 - [abrt] crash in libfm-gtk-0.1.11-5.fc13: __strlen_ia32: Process /usr/lib/libfm/gnome-terminal was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=597270
--------------------------------------------------------------------------------
================================================================================
liboggz-1.1.1-1.fc13 (FEDORA-2010-9289)
Simple programming interface for Ogg files and streams
--------------------------------------------------------------------------------
Update Information:
CVE-2009-3377 liboggz: unspecified security fixes mentioned in MFSA 2009-63
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 29 2010 Rakesh Pandit <rakesh@xxxxxxxxxxxxxxxxx> - 1.1.1-1
- Update 1.1.1
- (CVE-2009-3377) CVE-2009-3377 liboggz: unspecified security fixes mentioned in MFSA 2009-63
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #531770 - CVE-2009-3377 liboggz: unspecified security fixes mentioned in MFSA 2009-63
https://bugzilla.redhat.com/show_bug.cgi?id=531770
--------------------------------------------------------------------------------
================================================================================
mozilla-noscript-1.9.9.81-1.fc13 (FEDORA-2010-9293)
JavaScript white list extension for Mozilla Firefox
--------------------------------------------------------------------------------
Update Information:
[+] new feature, [x] bug fix, [-] removed feature, [=] repackaging or cosmetic
change v 1.9.9.81
========================================================================== +
Experimental blocking of page refreshes happening inside untrusted unfocused
tabs, should provide protection against Aviv Raff's scriptless "tabnabbing"
variant. Enabled by default, can be controlled through the
noscript.forbidBGRefresh about:config integer preference: 0 - no blocking
1 - block refreshes on untrusted unfocused tabs 2 - block refreshes on
trusted unfocused tabs 3 - block refreshes on both trusted and untrusted
unfocused tab Address patterns matching pages which shouldn't be affected can
be listed in the noscript.forbidBGRefresh.exceptions preference x Fixed XSS
false positive in new 3.7 add-ons manager x Fixed meta-refresh URL parsing
mismatch x Fixed import script surrogates being broken by a 1.9.9.79 regression
v 1.9.9.80
========================================================================== x
Fixed "Partially allowed scripts" icon shown instead of the "Scripts allowed
but some objects blocked" one when the blocked objects' domains are not
whitelisted for scripting (thanks al_9x for reporting) x Fixed "Scripts allowed
but some objects blocked" icon not being used for blocked web fonts (thanks
Alan Baxter for reporting) x (ABE) Deny on INCLUSION don't trigger a
notification even if the blocked request is for a subdocument (the blocking
is logged in the Console, use SUB if user-facing notification is needed) x
Fixed privileged XMLHttpRequests for untrusted resources being blocked if
HTTP redirections occurred (thanks mari for reporting) + Better compatibility
with IronPort web-based tools (thanks Ron Collins for reporting) v
1.9.9.79
========================================================================== x
Script surrogates whose source starts with the '!' get executed on pages
where scripts are disabled (on document DOM completion, rather than before
HTML parsing starts like regular surrogates) v 1.9.9.78
========================================================================== x
Redirect cache for scripts and XBL only x Fixed cross-site CSS being blocked
under some circumstances (e.g. on Flicker and Yahoo) v 1.9.9.77
========================================================================== +
ABE INCLUSION(type1, type2, type3...) pseudo-method allows rules to take
request type (e.g. SCRIPT vs CSS) in account + ABE SELF+ (same domain) and
SELF++ (same base domain) pseudo-origins x Fixed iconic feedback
inconsistencies when untrusted blocked objects are mixed with full-trusted
content (tanks al_9x for reporting) x Fixed Injection Checker false positives
on some kinds of complex nested URLs (thanks Sirdarckcat for reporting) x
Tweaked ClearClick for Disqus compatibility (thanks John for reporting) v
1.9.9.76
========================================================================== x
Fixed broken menu on Minefield when External Filters are enabled (thanks
linuser for reporting) x Fixed about: URL not being shown in NoScript menu
(thanks al_9x for reporting) x Removed minor strict warnings on Minefield
v 1.9.9.75
========================================================================== x
Redirected site caching now skips plugin content x Removed __parent__ usages
for Minefield compatibility x Removed some strict warnings (thanks timeless for
reporting)
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 28 2010 Thomas Spura <tomspur@xxxxxxxxxxxxxxxxx> - 1.9.9.81-1
- new version
* Mon May 24 2010 Thomas Spura <tomspur@xxxxxxxxxxxxxxxxx> - 1.9.9.79-1
- new version
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #593247 - mozilla-noscript-1.9.9.81 is available
https://bugzilla.redhat.com/show_bug.cgi?id=593247
--------------------------------------------------------------------------------
================================================================================
openssh-5.4p1-3.fc13 (FEDORA-2010-9238)
An open source implementation of SSH protocol versions 1 and 2
--------------------------------------------------------------------------------
Update Information:
Repaired authorized_keys_file procession
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 31 2010 Jan F. Chadima <jchadima@xxxxxxxxxx> - 5.4p1-3
- parsing authorised file (#595935)
* Fri May 21 2010 Jan F. Chadima <jchadima@xxxxxxxxxx> - 5.4p1-2
- synchronize uid and gid for the user sshd
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #595935 - Public Key authentication on ssh fails
https://bugzilla.redhat.com/show_bug.cgi?id=595935
--------------------------------------------------------------------------------
================================================================================
papyrus-0.13.3-1.fc13 (FEDORA-2010-9298)
Cairo based C++ scenegraph library
--------------------------------------------------------------------------------
Update Information:
This release introduces a new controller named Flasher that derives from
Animator. On each animation frame, Flasher will alternate between showing and
hiding the associated drawables,... causing them to flash at the interval rate
of the animator. The addition of the Flasher animator exposed a bug that has
been fixed in Drawable's renderer related to the visibility of objects. The
show()/hide() methods should now work as expected.
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 27 2010 Rick L Vinyard Jr <rvinyard@xxxxxxxxxxx> - 0.13.3-1
- New release
* Fri Apr 16 2010 Rick L Vinyard Jr <rvinyard@xxxxxxxxxxx> - 0.13.2-1
- New release
--------------------------------------------------------------------------------
================================================================================
pcmanfm-0.9.7-1.fc13 (FEDORA-2010-9225)
Extremly fast and lightweight file manager
--------------------------------------------------------------------------------
Update Information:
New version libfm 0.1.12 / pcmanfm 0.9.7 are released. These new packages
also fixes the issue of gnome-terminal wrapper crash with certain PATH setting.
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 29 2010 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxxxx> - 0.9.7-1
- Update to 0.9.7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #596598 - [abrt] crash in libfm-gtk-0.1.11-5.fc13: __strlen_sse2: Process /usr/lib64/libfm/gnome-terminal was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=596598
[ 2 ] Bug #597270 - [abrt] crash in libfm-gtk-0.1.11-5.fc13: __strlen_ia32: Process /usr/lib/libfm/gnome-terminal was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=597270
--------------------------------------------------------------------------------
================================================================================
perlbrew-0.06-2.fc13 (FEDORA-2010-9265)
Manage perl installations in your $HOME
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #591812 - Review Request: perlbrew - Manage perl installations in your $HOME
https://bugzilla.redhat.com/show_bug.cgi?id=591812
--------------------------------------------------------------------------------
================================================================================
pidgin-2.7.1-2.fc13 (FEDORA-2010-9221)
A Gtk+ based multiprotocol instant messaging client
--------------------------------------------------------------------------------
Update Information:
New release 2.7.1 - Adds Direct Connection support for MSN - Numerous bug
fixes Full Upstream ChangeLog: - http://developer.pidgin.im/wiki/ChangeLog
Fedora packaging changes: - Evolution support moved to pidgin-evolution for
F13+
--------------------------------------------------------------------------------
ChangeLog:
* Sun May 30 2010 Stu Tomlinson <stu@xxxxxxxxxxxxx> 2.7.1-2
- Add Obsoletes to pull in pidgin-evolution during update
* Sun May 30 2010 Stu Tomlinson <stu@xxxxxxxxxxxxx> 2.7.1-1
- 2.7.1
- Adds Direct Connection support for MSN
- Numerous bug fixes
- Evolution support moved to pidgin-evolution for F13+ (#581144)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #581144 - REF: Make a separate package for evolution plugin
https://bugzilla.redhat.com/show_bug.cgi?id=581144
--------------------------------------------------------------------------------
================================================================================
python-cssutils-0.9.6-1.fc13 (FEDORA-2010-9228)
CSS Cascading Style Sheets library for Python
--------------------------------------------------------------------------------
Update Information:
This is an update to the latest upstream that fixes several crashes and provides
a number of enhancements. See:
http://bazaar.launchpad.net/~kovid/calibre/trunk/annotate/head:/Changelog.yaml
for full information.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 25 2010 Matthias Saou <http://freshrpms.net/> 0.9.6-1
- Update to 0.9.6.
--------------------------------------------------------------------------------
================================================================================
python-py-1.3.1-1.fc13 (FEDORA-2010-9254)
Rapid testing (py.test) and development utils (pylib)
--------------------------------------------------------------------------------
Update Information:
The pylib/py.test 1.3.1 release brings: * the new imperative py.test.xfail()
helper in order to have a test or setup function result in an "expected failure"
* a new option --maxfail=NUM to stop the test run after some failures *
markers/decorators are now applicable to test classes (>=Python2.6) * improved
reporting, shorter tracebacks in several cases * some simplified internals,
more compatibility with Jython and PyPy * bug fixes and various refinements
See http://codespeak.net/py/dist/announce/release-1.3.1.html for the full list
of changes.
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 29 2010 Thomas Moschny <thomas.moschny@xxxxxx> - 1.3.1-1
- Update to 1.3.1.
--------------------------------------------------------------------------------
================================================================================
rhythmbox-equalizer-1.4-1.fc13 (FEDORA-2010-9273)
An Equalizer plugin for Rhythmbox
--------------------------------------------------------------------------------
Update Information:
Please test if presets are saved and restored correctly, and that they are
remembered
--------------------------------------------------------------------------------
ChangeLog:
* Sun May 30 2010 Hicham HAOUARI <hicham.haouari@xxxxxxxxx> 1.4-1
- New upstream release
- Drop the presets per user patch ( gstreamer presets are now used instead )
--------------------------------------------------------------------------------
================================================================================
rkhunter-1.3.6-6.fc13 (FEDORA-2010-9283)
A host-based tool to scan for rootkits, backdoors and local exploits
--------------------------------------------------------------------------------
Update Information:
Add an exclude for md-device map and fix the ssh version check.
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 28 2010 Kevin Fenzi <kevin@xxxxxxxxx> - 1.3.6-6
- Add exclude for md-device-map - bug #596731
- Supress ssh version check - bug #596775
* Sat Mar 6 2010 Kevin Fenzi <kevin@xxxxxxxxx> - 1.3.6-5
- Change config to not specify XINETD_PATH - bug #560562
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #596731 - /dev/md/md-device-map
https://bugzilla.redhat.com/show_bug.cgi?id=596731
[ 2 ] Bug #596775 - ssh protocol 1 warning
https://bugzilla.redhat.com/show_bug.cgi?id=596775
--------------------------------------------------------------------------------
================================================================================
rkward-0.5.3-1.fc13 (FEDORA-2010-9270)
Graphical frontend for R language
--------------------------------------------------------------------------------
Update Information:
* New features and improvements - File browser window saves settings on
exit - Plugin dialogs are shown with a larger initial size - Add close buttons
to each tab in the main document view area (not available in KDE 4.0) - Make
"print", "export as HTML", "dynamic word wrap", and "increase/descress font
size" available for the console window - Use a native menu, instead of the
default TclTk-menu - Added "paste special" action to script editor and console
for pasting R vectors and matrices from spreadsheets - File->Open R Script File
now allows to specify the character encoding to use - Initialize the output file
with an appropriate encoding specification - Add SVG support to export
(graphics) plugin - Add basic settings format settings for graphics output -
Convert all plugins to use ECMAscript instead of PHP; RKWard no longer depends
on PHP * Fixes and corrections - Fixed: Windows->Activate->Window
left / right actions were always disabled - Several windows-specific bugs were
fixed - Fixed: Newly created variables were not properly updated when closing
and re-opening the editor - Fix order of menus for detached windows - Fixed: No
entries were added the recent script/workspaces actions after "save as" - Fixed:
Frequent crashes while running automated plugintests - Fixed: Filenames without
extension would not be shown in file dialogs - Fixed: Calling "fix(my.fun)"
would remove comments - Fixed: Removing "@CRAN@" from the repositories would
break package installation
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 31 2010 pingou <pingou@xxxxxxxxxxxx> - 0.5.3-1
- Update to 0.5.3
--------------------------------------------------------------------------------
================================================================================
roundup-1.4.13-2.fc13 (FEDORA-2010-9309)
Simple and flexible issue-tracking system
--------------------------------------------------------------------------------
Update Information:
updated to 1.4.13
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 29 2010 John Khvatov <ivaxer@xxxxxxxxxxxxxxxxx> - 1.4.13-2
- updated to 1.4.13
--------------------------------------------------------------------------------
================================================================================
selinux-policy-3.7.19-22.fc13 (FEDORA-2010-9256)
SELinux policy configuration
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 25 2010 Dan Walsh <dwalsh@xxxxxxxxxx> 3.7.19-22
- Allow procmail to execute scripts in the users home dir that are labeled home_bin_t
- Fix /var/run/abrtd.lock label
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #575639 - procmail cannot call/run user created script, SELinux denied execute
https://bugzilla.redhat.com/show_bug.cgi?id=575639
[ 2 ] Bug #595491 - SELinux is preventing /sbin/mount.cifs "dac_read_search" access .
https://bugzilla.redhat.com/show_bug.cgi?id=595491
[ 3 ] Bug #596110 - SELinux is preventing /usr/bin/perl "dac_override" access .
https://bugzilla.redhat.com/show_bug.cgi?id=596110
[ 4 ] Bug #596413 - SELinux is preventing /usr/sbin/usbmuxd "lock" access on /var/run/usbmuxd.pid.
https://bugzilla.redhat.com/show_bug.cgi?id=596413
[ 5 ] Bug #596415 - bug in git policy
https://bugzilla.redhat.com/show_bug.cgi?id=596415
[ 6 ] Bug #596436 - SELinux is preventing /usr/bin/passwd "name_connect" access .
https://bugzilla.redhat.com/show_bug.cgi?id=596436
[ 7 ] Bug #596121 - SELinux is preventing /usr/bin/boinc_client "name_connect" access .
https://bugzilla.redhat.com/show_bug.cgi?id=596121
[ 8 ] Bug #596535 - SELinux is preventing /usr/bin/which "getattr" access on /usr/sbin/sendmail.sendmail.
https://bugzilla.redhat.com/show_bug.cgi?id=596535
[ 9 ] Bug #567454 - SELinux is preventing /usr/sbin/tzdata-update access to a leaked /tmp/tmpNJCaKB file descriptor.
https://bugzilla.redhat.com/show_bug.cgi?id=567454
[ 10 ] Bug #596569 - SELinux is preventing /usr/libexec/gdm-simple-greeter "read" access on /var/lib/AccountsService/icons/hadess.
https://bugzilla.redhat.com/show_bug.cgi?id=596569
[ 11 ] Bug #596533 - SELinux is preventing /usr/bin/passwd "write" access on /etc/passwd-.
https://bugzilla.redhat.com/show_bug.cgi?id=596533
[ 12 ] Bug #596872 - SELinux is preventing /usr/sbin/hddtemp "read" access on /etc/gai.conf.
https://bugzilla.redhat.com/show_bug.cgi?id=596872
[ 13 ] Bug #595528 - SELinux is preventing /usr/sbin/clamd "create" access on clamd.sock.
https://bugzilla.redhat.com/show_bug.cgi?id=595528
[ 14 ] Bug #595835 - selinux breaks nagios
https://bugzilla.redhat.com/show_bug.cgi?id=595835
[ 15 ] Bug #596564 - SELinux is preventing /var/lib/boinc/projects/www.rnaworld.de_rnaworld/cmswrapper_0.10_x86_64-pc-linux-gnu "search" access .
https://bugzilla.redhat.com/show_bug.cgi?id=596564
--------------------------------------------------------------------------------
================================================================================
setools-3.3.7-2.fc13 (FEDORA-2010-9259)
Policy analysis tools for SELinux
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 12 2010 Chris PeBenito <cpebenito@xxxxxxxxxx> 3.3.7-2
- Add missing bzip2 dependencies.
* Wed May 12 2010 Chris PeBenito <cpebenito@xxxxxxxxxx> 3.3.7-1
- New upstream release.
--------------------------------------------------------------------------------
================================================================================
squid-3.1.4-1.fc13 (FEDORA-2010-9276)
The Squid proxy caching server
--------------------------------------------------------------------------------
Update Information:
Upstream 3.1.4 bugfix release, issues relating to IPv6, TPROXY, Memory
management, follow_x_forwarded_for, and stability fixes
--------------------------------------------------------------------------------
ChangeLog:
* Sun May 30 2010 Henrik Nordstrom <henrik@xxxxxxxxxxxxxxxxxxx> - 7:3.1.4-1
- Upstream 3.1.4 bugfix release, issues relating to IPv6, TPROXY, Memory
management, follow_x_forwarded_for, and stability fixes
* Fri May 14 2010 Henrik Nordstrom <henrik@xxxxxxxxxxxxxxxxxxx> - 7:3.1.3-2
- Fully fix #548903 - "comm_open: socket failure: (97) Address family not supported by protocol" if IPv6 disabled
- Various IPv6 related issues fixed, making tcp_outgoing_address behave
as expected and no commResetFD warnings when using tproxy setups.
--------------------------------------------------------------------------------
================================================================================
surfraw-2.2.7-1.fc13 (FEDORA-2010-9250)
Shell Users Revolutionary Front Rage Against the Web
--------------------------------------------------------------------------------
Update Information:
Update to version 2.2.7. Changes include new elvi bing, bookfinder, bugmenot,
duckduckgo, scroogle and amendo, as well as fixes and enhancements for other
elvi.
--------------------------------------------------------------------------------
ChangeLog:
* Sun May 30 2010 Thomas Moschny <thomas.moschny@xxxxxx> - 2.2.7-1
- Update to 2.2.7.
--------------------------------------------------------------------------------
================================================================================
tinyproxy-1.8.1-1.fc13 (FEDORA-2010-9280)
A small, efficient HTTP/SSL proxy daemon
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 6 2010 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.8.1-1
- update to updstream 1.8.1
* Wed Feb 17 2010 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.8.0-1
- update to upstream 1.8.0
- add logrotate configuration
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #503465 - tinyproxy does not support upstream proxy authentication
https://bugzilla.redhat.com/show_bug.cgi?id=503465
[ 2 ] Bug #536785 - tinyproxy package points at wrong URL
https://bugzilla.redhat.com/show_bug.cgi?id=536785
--------------------------------------------------------------------------------
================================================================================
uzbl-0-0.13.20100410gitec473e124.fc13 (FEDORA-2010-9325)
Lightweight WebKit browser following the UNIX philosophy
--------------------------------------------------------------------------------
Update Information:
Split out core and browser subpackages; Enumerate dependencies of the default
scripts (#597238); Minor reorganization; New upstream snapshot
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 31 2010 Daiki Ueno <dueno@xxxxxxxxxx> - 0-0.13.20100410gitec473e124
- new upstream snapshot.
* Wed Apr 14 2010 Ben Boeckel <MathStuf@xxxxxxxxx> - 0-0.12.20100405gitae15d257a
- Split out core and browser subpackages
- Enumerate dependencies of the default scripts
- Minor reorganization
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #597238 - Missing dependency wget in uzbl rpm
https://bugzilla.redhat.com/show_bug.cgi?id=597238
--------------------------------------------------------------------------------
================================================================================
waf-1.5.17-1.fc13 (FEDORA-2010-9307)
A Python-based build system
--------------------------------------------------------------------------------
Update Information:
Update to waf 1.5.17, with a bunch of bug fixes and enhancements, for example:
* Better handling for deleted build folders and files * New method for
creating empty folders * Better interaction between swig and qt4, bison and
flex * Latex/bibtex processing improvements * d library detection (phobos 1,
2 or tango) and more. See
http://code.google.com/p/waf/source/browse/tags/waf-1.5.17/ChangeLog for the
full list of changes.
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 24 2010 Thomas Moschny <thomas.moschny@xxxxxx> - 1.5.17-1
- Update to 1.5.17.
- Add patch from issue 682 to install 3rd party tools.
--------------------------------------------------------------------------------
================================================================================
wordpress-plugin-bad-behavior-2.0.36-1.fc13 (FEDORA-2010-9278)
Bad Behavior plugin for WordPress
--------------------------------------------------------------------------------
Update Information:
Upgrade to 2.0.36
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 28 2010 Nick Bebout <nb@xxxxxxxxxxxxxxxxx> 2.0.36-1
- Update to 2.0.36
--------------------------------------------------------------------------------
================================================================================
wxPython-2.8.11.0-1.fc13 (FEDORA-2010-9237)
GUI toolkit for the Python programming language
--------------------------------------------------------------------------------
Update Information:
update to 2.8.11.0 to match the wxGTK version
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 31 2010 Dan Horák <dan[at]danny.cz> - 2.8.11.0-1
- update to 2.8.11.0 (#593837, #595936, #597639)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #593837 - cannot import wx; symbol not defined in .so file
https://bugzilla.redhat.com/show_bug.cgi?id=593837
[ 2 ] Bug #595936 - wxPython 2.8.11.0 solves wxPython/wxWidgets release number mismatch
https://bugzilla.redhat.com/show_bug.cgi?id=595936
[ 3 ] Bug #597639 - [abrt] crash in wxPython-2.8.10.1-3.fc13: wxToolBarBase::UpdateWindowUI: Process /usr/bin/python was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=597639
--------------------------------------------------------------------------------
================================================================================
xinha-0.96.1-2.fc13 (FEDORA-2010-9320)
A WYSIWIG HTML editor component in Javascript
--------------------------------------------------------------------------------
Update Information:
Name: CVE-2010-1916 URL: http://cve.mitre.org/cgi-
bin/cvename.cgi?name=CVE-2010-1916 Assigned: 20100511 Reference: MISC:
http://www.php-security.org/2010/05/10/mops-2010-019-serendipity-wysiwyg-editor-
plugin-configuration-injection-vulnerability/index.html Reference: MISC:
http://www.php-security.org/2010/05/10/mops-2010-020-xinha-wysiwyg-plugin-
configuration-injection-vulnerability/index.html The dynamic configuration
feature in Xinha WYSIWYG editor 0.96 Beta 2 and earlier, as used in Serendipity
1.5.2 and earlier, allows remote attackers to bypass intended access
restrictions and modify the configuration of arbitrary plugins via (1) crafted
backend_config_secret_key_location and backend_config_hash parameters that are
used in a SHA1 hash of a shared secret that can be known or externally
influenced, which are not properly handled by the "Deprecated config passing"
feature; or (2) crafted backend_data and backend_data[key_location] variables,
which are not properly handled by the xinha_read_passed_data function. NOTE:
this can be leveraged to upload and possibly execute arbitrary files via
config.inc.php in the ImageManager plugin.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #591701 - CVE-2010-1916 xinha: access restriction bypass [MOPS 2010-020]
https://bugzilla.redhat.com/show_bug.cgi?id=591701
--------------------------------------------------------------------------------
================================================================================
xiphos-3.1.3-2.fc13 (FEDORA-2010-9313)
Bible study and research tool
--------------------------------------------------------------------------------
Update Information:
Fix jump-to-anchor bug
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 28 2010 Deji Akingunola <dakingun@xxxxxxxxx> - 3.1.3-2
- Apply Karl Kleinpaste patch to fix the jump-to-anchor failure.
--------------------------------------------------------------------------------
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
