Fedora EPEL 4 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Wed Mar 24 18:02:28 UTC 2010
The following builds have been pushed to Fedora EPEL 4 updates-testing
bitlbee-1.2.5-1.el4
cherokee-0.99.43-1.el4
flashrom-0.9.1-3.svn931.el4
spamass-milter-0.3.1-17.el4
voms-1.9.16.1-1.el4
Details about builds:
================================================================================
bitlbee-1.2.5-1.el4 (FEDORA-EPEL-2010-2471)
IRC to other chat networks gateway
--------------------------------------------------------------------------------
Update Information:
- Many bug fixes, including a fix for MSN login issues, Jabber login timing
issues, Yahoo! crashes at login time with huge contact lists, - Avoid linking
in a static version of libresolv now that glibc has all relevant functions
available in the dynamic version. - Improved away state code and added the
ability to set (non-away) status messages using "set status" (also possible per
account) and see them in blist and /whois output. - Added a post-1.2 equivalent
of encode/decode to quickly encrypt/decrypt passwords in a way that BitlBee can
read them. - Allow using the full name for generating nicknames, instead of
just the handle. This is especially useful when using the Facebook XMPP server.
- Auto reconnect is now enabled by default since all protocols can properly
detect cases where auto reconnect should be avoided (i.e. concurrent logins). -
Changed the default resource_select setting which should reduce message routing
issues on Jabber (i.e. messages going someone's phone instead of the main
client).
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 18 2010 Robert Scheck <robert at fedoraproject.org> 1.2.5-1
- Upgrade to 1.2.5
--------------------------------------------------------------------------------
================================================================================
cherokee-0.99.43-1.el4 (FEDORA-EPEL-2010-2479)
Flexible and Fast Webserver
--------------------------------------------------------------------------------
Update Information:
New release and updated init script - suppressed confusing output.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 18 2010 Pavel Lisy <pavel.lisy at gmail.com> - 0.99.43-1
- 0.99.43
- FIX: Performance related regression (Keep-alive w/o cache)
- FIX: Better lingering close
- FIX: PAM authentication module fixes: threading issue
- FIX: Cherokee-admin supports IPv6 by default
- FIX: Parsing IPv6 addresses in "allow from" restrictions
- FIX: Rule OR is slightly faster now
- FIX: Fixes a few accessibility issues in cherokee-admin
- FIX: Symfony wizard, fixed to use the new paths
- suppressed confusing output from init script
* Tue Feb 2 2010 Lorenzo Villani <lvillani at binaryhelix.net> - 0.99.42-1
- 0.99.42
- Compilation and last-minute fixes
- NEW: POST managing subsystem has been rewritten from scratch
- NEW: New POST (uploads) status reporting mechanism
- NEW: Rules can be configured to forbid the use of certain encoders
- NEW: Custom logger: Adds ${response_size} support
- FIX: File descriptor leak fixed in the HTTP reverse proxy
- FIX: Error pages with UTF8 encoded errors work now
- FIX: Safer file descriptor closing
- FIX: getpwuid_r() detection
- FIX: Original query strings (and requests) are logged now
- FIX: Misc cherokee-admin fixes
- FIX: uWSCGI: Endianess fixes and protocol modifiers
- FIX: Chinese translation updated
- FIX: Cherokee-admin: Display custom error if the doc. is missing
- FIX: Early logging support is not supported any longer
- FIX: QA and Cherokee-Admin: Bumps PySCGI to version 1.11
- FIX: The 'fastcgi' handler has been deprecated in favor of 'fcgi'
- FIX: PATH_INFO generation on merging non-final rules (corner case)
- DOC: Installation updated
--------------------------------------------------------------------------------
================================================================================
flashrom-0.9.1-3.svn931.el4 (FEDORA-EPEL-2010-2467)
Simple program for reading/writing BIOS chips content
--------------------------------------------------------------------------------
Update Information:
Changelog: * Fri Mar 12 2010 Peter Lemenkov <lemenkov at gmail.com>
0.9.1-3.svn931 * Updated to latest svn ver. 931 * ASUS A7V8X-X
board * MS-7202 board * Asus M2NBP-VM CSM board * HP
Vectra VL420SFF board * Eon EN29F010 chip * Abit IP35 Pro
board * HP Vectra VL400 board * Intel E28F004S5 flash chip
* Lots of bugfixes
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 12 2010 Peter Lemenkov <lemenkov at gmail.com> 0.9.1-3.svn931
- Updated to latest svn ver. 931
- ASUS A7V8X-X board
- MS-7202 board
- Asus M2NBP-VM CSM board
- HP Vectra VL420SFF board
- Eon EN29F010 chip
- Abit IP35 Pro board
- HP Vectra VL400 board
- Intel E28F004S5 flash chip
- Lots of bugfixes
--------------------------------------------------------------------------------
================================================================================
spamass-milter-0.3.1-17.el4 (FEDORA-EPEL-2010-2473)
Milter (mail filter) for spamassassin
--------------------------------------------------------------------------------
Update Information:
This update includes a fix for a problem where if the milter is running using
the "-x" option to expand aliases before passing inbound mail through
SpamAssassin, a malicious client using a carefully-crafted SMTP session could
execute arbitrary code on the mail server. The fix avoids the use of a shell in
the alias expansion and hence there is no longer a problem with having to
sanitize input from the client. No CVE number has yet been assigned to this
problem, which is tracked upstream at https://savannah.nongnu.org/bugs/?29136
The update also contains a fix for a problem where the milter would erroneously
log warnings about the mail server's configuration when the first message from a
non-authenticated client passed through. As part of the fix for this issue, the
required milter macro configuration for the mail server has changed slightly:
see the README file included in the package for details.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 12 2010 Paul Howarth <paul at city-fan.org> 0.3.1-17
- Update initscript to support running the milter as root, which is needed
for the -x (expand aliases) option; note that the milter does not run as
root by default
- Add patch for popen unsanitized input vulnerability
(#572117, #572119, https://savannah.nongnu.org/bugs/?29136)
- Rebase authuser patch
- Update patch adding auth info to dummy Received-header so that it doesn't
generate spurious warnings about missing macros (#532266), and update and
merge the macro documentation patch into this patch
- Document patch usage in spec file
* Tue Aug 11 2009 Paul Howarth <paul at city-fan.org> 0.3.1-16
- Switch to bzipped source tarball
* Sun Jul 26 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> 0.3.1-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Fri Apr 24 2009 Paul Howarth <paul at city-fan.org> 0.3.1-14
- Fix Received-header generation (#496763)
- Add authentication info to dummy Received-header (#496769)
- Add option to skip checks for authenticated senders (#437506, #496767)
(thanks to Habeeb J. Dihu for the reports and patches)
* Wed Mar 18 2009 Paul Howarth <paul at city-fan.org> 0.3.1-13
- Call initscripts directly instead of via /sbin/service and fine-tune scriptlet
dependencies
- Change sa-milt user's home directory from
%{_localstatedir}/run/spamass-milter to %{_localstatedir}/lib/spamass-milter
so as to retain directory contents across a reboot (#489995), and fix the home
directory of any existing sa-milt account on upgrades
* Fri Feb 27 2009 Paul Howarth <paul at city-fan.org> 0.3.1-12
- Subpackage for postfix is now noarch for Fedora 10 onwards
- Fix scriptlet deps to ensure that sa-milt user exists before we attempt to
add it to the postfix group
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> 0.3.1-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Fri Feb 13 2009 Paul Howarth <paul at city-fan.org> 0.3.1-10
- Rebuild for shared libmilter in Fedora 11 development
* Thu Jul 3 2008 Paul Howarth <paul at city-fan.org> 0.3.1-9
- Require /usr/sbin/sendmail (for -b/-B/-x options) rather than sendmail pkg
- Make summary and description less Sendmail-specific
- Add patch to support group-writable socket for MTA communication, needed
to be able to use a Unix-domain socket with Postfix (#452248)
- Add subpackage with group-writable directory for Postfix support
- Tweak initscript to change default options when Postfix socket directory is
present
- Document additional ENVRCPT macros to provide
* Tue May 20 2008 Paul Howarth <paul at city-fan.org> 0.3.1-8
- Fix initscript failure to start with SELinux in enforcing mode (#447247)
(needs selinux-policy >= 3.3.1-55 on F9)
* Tue Feb 19 2008 Fedora Release Engineering <rel-eng at fedoraproject.org> 0.3.1-7
- Autorebuild for GCC 4.3
* Mon Feb 18 2008 Paul Howarth <paul at city-fan.org> 0.3.1-6
- Rebuild with gcc 4.3.0 for Fedora 9
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #572117 - SpamAssassin Mail Filter: Arbitrary shell command injection (privilege escalation)
https://bugzilla.redhat.com/show_bug.cgi?id=572117
--------------------------------------------------------------------------------
================================================================================
voms-1.9.16.1-1.el4 (FEDORA-EPEL-2010-2469)
Virtual Organization Membership Service
--------------------------------------------------------------------------------
Update Information:
This update fixes a bug that occasionally made voms-proxy-init fail when
creating RFC compliant VOMS proxy certificates.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 19 2010 Mattias Ellert <mattias.ellert at fysast.uu.se> - 1.9.16.1-1
- Upstream 1.9.16.1 (CVS tag glite-security-voms_R_1_9_16_1)
- Fix uninitialized variable in voms-proxy-init
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #573922 - voms-proxy-init does not work reliably
https://bugzilla.redhat.com/show_bug.cgi?id=573922
--------------------------------------------------------------------------------
More information about the epel-devel-list
mailing list