Fedora Legacy Test Update Notification: htdig

Marc Deslauriers marcdeslauriers at videotron.ca
Fri Nov 25 04:37:48 UTC 2005


---------------------------------------------------------------------
Fedora Legacy Test Update Notification
FEDORALEGACY-2005-152907
Bugzilla https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152907
2005-11-24
---------------------------------------------------------------------

Name        : htdig
Versions    : rh73: htdig-3.2.0-2.011302.3.legacy
Versions    : rh9: htdig-3.2.0-16.20021103.3.legacy
Versions    : fc1: htdig-3.2.0-19.20030601.2.legacy
Versions    : fc2: htdig-3.2.0b5-7.2.legacy
Summary     : A Web indexing system.
Description :
The ht://Dig system is a Web search and indexing system for a small
domain or intranet. This system is not meant to replace the need for
powerful Internet-wide search systems; instead it is meant to cover
the search needs for a single company, campus, or even a particular
subsection of a website.

---------------------------------------------------------------------
Update Information:

Updated htdig packages that fix a security bug are now available.

The ht://Dig system is a Web search and indexing system for a small
domain or intranet.

A cross-site scripting bug has been found in htdig. This issue could
allow an attacker to send a carefully crafted message, which could
result in causing the victim's machine to execute a malicious script.
The Common Vulnerabilities and Exposures project has assigned the name
CVE-2005-0085 to this issue.

All users of htdig should upgrade to these updated packages, which
include a backported patch to correct this issue.

---------------------------------------------------------------------
Changelogs

rh73:
* Mon Nov 21 2005 Marc Deslauriers <marcdeslauriers at videotron.ca>
3.2.0-2.011302.3.legacy
- Added missing autoconf, automake, sendmail, time, bison
  and openssl-devel to BuildRequires

* Sun Nov 20 2005 Marc Deslauriers <marcdeslauriers at videotron.ca>
3.2.0-2.011302.2.legacy
- Added missing section back into CAN-2005-0085 patch

* Sun Jun 12 2005 Marc Deslauriers <marcdeslauriers at videotron.ca>
3.2.0-2.011302.1.legacy
- Added patch for CAN-2005-0085

rh9:
* Mon Nov 21 2005 Marc Deslauriers <marcdeslauriers at videotron.ca>
3.2.0-16.20021103.3.legacy
- Added missing autoconf, automake, sendmail, time, bison, libtool
  and openssl-devel to BuildRequires

* Sun Nov 20 2005 Marc Deslauriers <marcdeslauriers at videotron.ca>
3.2.0-16.20021103.2.legacy
- Added missing section back into CAN-2005-0085 patch

* Sun Jun 12 2005 Marc Deslauriers <marcdeslauriers at videotron.ca>
3.2.0-16.20021103.1.legacy
- Added patch for CAN-2005-0085

fc1:
* Thu Nov 24 2005 Marc Deslauriers <marcdeslauriers at videotron.ca>
3.2.0-19.20030601.1.legacy
- Added missing autoconf, automake, sendmail, time, bison, libtool
  httpd and openssl-devel to BuildRequires

* Sun Jun 12 2005 Marc Deslauriers <marcdeslauriers at videotron.ca>
3.2.0-19.20030601.1.legacy
- Added patch for CAN-2005-0085

fc2:
* Thu Nov 24 2005 Marc Deslauriers <marcdeslauriers at videotron.ca>
3.2.0b5-7.2.legacy
- Added missing autoconf, automake, sendmail, time, bison, libtool
  httpd and openssl-devel to BuildRequires

* Sun Jun 12 2005 Marc Deslauriers <marcdeslauriers at videotron.ca>
3.2.0b5-7.1.legacy
- Added patch for CAN-2005-0085

---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedoralegacy.org/
(sha1sums)

rh73:
9f2c2108c62a38698946a3d054a02318115575db
redhat/7.3/updates-testing/i386/htdig-3.2.0-2.011302.3.legacy.i386.rpm
2f7355e1dac9e1f0af4de0ba4c57707afe253ef0
redhat/7.3/updates-testing/i386/htdig-web-3.2.0-2.011302.3.legacy.i386.rpm
e76b1a954834c707a05d323e1910165c204edc21
redhat/7.3/updates-testing/SRPMS/htdig-3.2.0-2.011302.3.legacy.src.rpm

rh9:
a660dbbc2839b32b186bb121e972a553586286fa
redhat/9/updates-testing/i386/htdig-3.2.0-16.20021103.3.legacy.i386.rpm
f6904537f1da733bf209d20d28b295dcc7d69b99
redhat/9/updates-testing/i386/htdig-web-3.2.0-16.20021103.3.legacy.i386.rpm
37c36aefd9331dc327e24e2fa040399be0b80601
redhat/9/updates-testing/SRPMS/htdig-3.2.0-16.20021103.3.legacy.src.rpm

fc1:
7478d40f0bae9370d5ab262fe916c41944776adf
fedora/1/updates-testing/i386/htdig-3.2.0-19.20030601.2.legacy.i386.rpm
8df233b896f4a139ad123a5465c3d3816da27623
fedora/1/updates-testing/i386/htdig-web-3.2.0-19.20030601.2.legacy.i386.rpm
908e27f80a740632f88bfba330c356b68c76c429
fedora/1/updates-testing/SRPMS/htdig-3.2.0-19.20030601.2.legacy.src.rpm

fc2:
7b03742a875fb2964b294a1e35d690539a097204
fedora/2/updates-testing/i386/htdig-3.2.0b5-7.2.legacy.i386.rpm
5f590cad676cc7dae81a24d5b02c55cae3ebe603
fedora/2/updates-testing/i386/htdig-web-3.2.0b5-7.2.legacy.i386.rpm
31ab214325ff0fadfa3a2f0d385e16b8de24aed9
fedora/2/updates-testing/SRPMS/htdig-3.2.0b5-7.2.legacy.src.rpm

---------------------------------------------------------------------

Please test and comment in bugzilla.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/fedora-legacy-list/attachments/20051124/d72c53e1/attachment.sig>


More information about the fedora-legacy-list mailing list