Fedora Essential and Critical Security Patch Updates - Page 755

Find the information you need for your favorite open source distribution .

Fedora 11 Update: httpd-2.2.13-1.fc11

Fedora 11 Update: httpd-2.2.13-1.fc11

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This update includes the latest release of the Apache HTTP Server, version 2.2.13, fixing several security issues: * Fix a potential Denial-of-Service attack against mod_deflate or other modules, by forcing the server to consume CPU time in compressing a large file after a client disconnects. (CVE-2009-1891) * Prevent the "Includes" Option from being enabled in an .htaccess file if the AllowOverride restrictions do not permit it. (CVE-2009-1195) * Fix a potential Denial-of-Service attack against mod_proxy in a reverse proxy configuration, where a remote attacker can force a proxy process to consume CPU time indefinitely. (CVE-2009-1890) * mod_proxy_ajp: Avoid delivering content from a previous request which failed to send a request body. (CVE-2009-1191) Many bug fixes are also included; see the upstream changelog for further details:

Fedora 10 Update: firebird-2.1.3.18185.0-2.fc10

Fedora 10 Update: firebird-2.1.3.18185.0-2.fc10

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Upgrade from previous package version may be a problem since previous version remove /var/run/firebird and it shouldn't This release fix this problem for future updates If you are in that case (no longer /var/run/firebird directory after upgrade), just reinstall firebird-2.1.3.18185.0-2 package or create /var/run/firebird owned by user firebird

Fedora 11 Update: kernel-2.6.29.6-217.2.16.fc11

Fedora 11 Update: kernel-2.6.29.6-217.2.16.fc11

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Security fixes: - CVE-2009-2691: Information disclosure in proc filesystem - CVE-2009-2848: execve: must clear current->child_tid - CVE-2009-2849: md: null pointer dereference - CVE-2009-2847: Information leak in do_sigaltstack Restore missing LIRC drivers, dropped in previous release. Backport upstream fixes that further improve the security of mmap of low addresses. (CVE-2009-2695)

Fedora 10 Update: dhcp-4.0.0-37.fc10

Fedora 10 Update: dhcp-4.0.0-37.fc10

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This update to the dhcp package includes fixes for CVE-2009-0692 and CVE-2009-1892. More information on these issues are available here: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1892 Note: CVE-2009-0692 had no security consequences on Fedora, thanks to the use of FORTIFY_SOURCE

Fedora 10 Update: perl-Compress-Raw-Bzip2-2.020-1.fc10

Fedora 10 Update: perl-Compress-Raw-Bzip2-2.020-1.fc10

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Off-by-one error in the bzinflate function in Bzip2.xs in the Compress-Raw- Bzip2 module before 2.018 for Perl allows context-dependent attackers to cause a denial of service (application hang or crash) via a crafted bzip2 compressed stream that triggers a buffer overflow, a related issue to CVE-2009-1391.

Fedora 11 Update: perl-Compress-Raw-Bzip2-2.020-1.fc11

Fedora 11 Update: perl-Compress-Raw-Bzip2-2.020-1.fc11

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Off-by-one error in the bzinflate function in Bzip2.xs in the Compress-Raw- Bzip2 module before 2.018 for Perl allows context-dependent attackers to cause a denial of service (application hang or crash) via a crafted bzip2 compressed stream that triggers a buffer overflow, a related issue to CVE-2009-1391.

Fedora 10 Update: buildbot-0.7.11p3-1.fc10

Fedora 10 Update: buildbot-0.7.11p3-1.fc10

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-8577 2009-08-15 07:17:42 -------------------------------------------------------------------------------- Name : buildbot Product : Fedora 10 Version : 0.7.11p3 Release : 1.fc10 URL : https://buildbot.net/ Summary : Build/test automation system Description : The BuildBot is a system to automate the compile/test cycle required by most software projects to validate code changes. By automatically rebuilding and testing the tree each time something has changed, build problems are pinpointed quickly, before other developers are inconvenienced by the failure. -------------------------------------------------------------------------------- Update Information: Update to new upstream version 0.7.11p3: https://pypi.org/project/buildbot/0.7.11p3/ fixing XSS issue detailed in upstream security alert: -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 17 2009 Steve 'Ashcrow' Milner - 0.7.11p3-1 - Update for another XSS vuln from upstream * Thu Aug 13 2009 Steve 'Ashcrow' Milner - 0.7.11p2-1 - Update for XSS vuln from upstream * Fri Jul 24 2009 Fedora Release Engineering - 0.7.11p1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild * Fri Jul 17 2009 Gianluca Sforna - 0.7.11p1-1 - New upstream release - Change Source0 URI - Make tests optional * Tue Mar 3 2009 Gianluca Sforna - 0.7.10p1-2 - New upstream release - darcs only avaliable on ix86 platforms * Thu Feb 26 2009 Gianluca Sforna - 0.7.10-1 - New upstream release - Drop upstreamed patch - Add %check section and needed BR * Mon Feb 23 2009 Fedora Release Engineering - 0.7.7-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild * Sat Nov 29 2008 Ignacio Vazquez-Abrams - 0.7.7-3 - Rebuild for Python 2.6 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update buildbot' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.redhat.com/mailman/listinfo/fedora-package-announce

Fedora 11 Update: buildbot-0.7.11p3-2.fc11

Fedora 11 Update: buildbot-0.7.11p3-2.fc11

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-8516 2009-08-15 07:14:57 -------------------------------------------------------------------------------- Name : buildbot Product : Fedora 11 Version : 0.7.11p3 Release : 2.fc11 URL : https://buildbot.net/ Summary : Build/test automation system Description : The BuildBot is a system to automate the compile/test cycle required by most software projects to validate code changes. By automatically rebuilding and testing the tree each time something has changed, build problems are pinpointed quickly, before other developers are inconvenienced by the failure. -------------------------------------------------------------------------------- Update Information: Update to new upstream version 0.7.11p3: https://pypi.org/project/buildbot/0.7.11p3/ fixing XSS issue detailed in upstream security alert: -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 17 2009 Steve 'Ashcrow' Milner - 0.7.11p3-2 - turning off tests in builds * Mon Aug 17 2009 Steve 'Ashcrow' Milner - 0.7.11p3-1 - Update for another XSS vuln from upstream * Thu Aug 13 2009 Steve 'Ashcrow' Milner - 0.7.11p2-1 - Update for XSS vuln from upstream * Fri Jul 24 2009 Fedora Release Engineering - 0.7.11p1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild * Fri Jul 17 2009 Gianluca Sforna - 0.7.11p1-1 - New upstream release - Change Source0 URI - Make tests optional -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update buildbot' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.redhat.com/mailman/listinfo/fedora-package-announce

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved