[CentOS-announce] CESA-2013:0215 Important CentOS 6 abrt Update

CentOS Errata and Security Advisory 2013:0215 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2013-0215.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
99851e81e7cac7d406e9931753af92833ecc58fdcf5e328e715334382e169337 abrt-2.0.8-6.el6.centos.2.i686.rpm
3ed3c46d03e4dae6be6082b157b952570289c2ee828c10032cfb020ffd0fdd7b abrt-addon-ccpp-2.0.8-6.el6.centos.2.i686.rpm
b7f061fd7ddf9f4daecaf3e17faff2b264de48818ee40282eaf1f75f0f2d9731 abrt-addon-kerneloops-2.0.8-6.el6.centos.2.i686.rpm
0f4f4ca291c1d695d454d09840d6f752b7d087699bbf5ba3c0a20a9be7792684 abrt-addon-python-2.0.8-6.el6.centos.2.i686.rpm
53402d4a46ef3260b85f73f9cbb63afd01ca059027637b4e24f2ec17741f51c3 abrt-addon-vmcore-2.0.8-6.el6.centos.2.i686.rpm
5c32b3ebb2645397588edd8c46c229bce1bbaa5a0e54371d9ab5e66cb7ccfc25 abrt-cli-2.0.8-6.el6.centos.2.i686.rpm
fe16d485cf09570eea5a2c46a023df9c2ba2d648a98d380921fce8d55591a767 abrt-desktop-2.0.8-6.el6.centos.2.i686.rpm
e71d5bf2b6ae169c010e7e61a760ece4fb6312996ac485839e0bbb09a4af70f1 abrt-devel-2.0.8-6.el6.centos.2.i686.rpm
827b7562d78d98c1b4ad2e1d31eb942462f0c9b1c633c8ed7d9f6fc475508592 abrt-gui-2.0.8-6.el6.centos.2.i686.rpm
1e2b8414f68959761103b8d261a6b00ae6fc2f39046930742d3366fabb46b0eb abrt-libs-2.0.8-6.el6.centos.2.i686.rpm
bda68ae0afe2e0717d158e401484878089bbe8a9f6d3c789f050fc4e4976f030 abrt-tui-2.0.8-6.el6.centos.2.i686.rpm

x86_64:
592efb202a65ab128c5f45bca3b011d81962fba3472e04858fb77d9bad180ee3 abrt-2.0.8-6.el6.centos.2.x86_64.rpm
12a2541afc5d7cf74e4406d51322aa653ad8bd25af5ecd25d1ad0714c15abdc4 abrt-addon-ccpp-2.0.8-6.el6.centos.2.x86_64.rpm
aaefcc6c7e12a8250dcc8c984252699b58f0bd49fd7ad5271e38e0346fb43819 abrt-addon-kerneloops-2.0.8-6.el6.centos.2.x86_64.rpm
90e0dc7bba6bf24197b10c2970a08e32400c9397893665b656d37234e911318e abrt-addon-python-2.0.8-6.el6.centos.2.x86_64.rpm
eba577a25da22d53b21ef8108e5d48e816a0fc75ddbcdf136ee4e39ebbfd4045 abrt-addon-vmcore-2.0.8-6.el6.centos.2.x86_64.rpm
d154cbb65c54c7aed29cf8c8a540d774bd245b154c887e675ca2951aef205010 abrt-cli-2.0.8-6.el6.centos.2.x86_64.rpm
87516d7e2257026b9f32ca01a655a8ea872858923479cbc01a5fcccd48d2ab93 abrt-desktop-2.0.8-6.el6.centos.2.x86_64.rpm
e71d5bf2b6ae169c010e7e61a760ece4fb6312996ac485839e0bbb09a4af70f1 abrt-devel-2.0.8-6.el6.centos.2.i686.rpm
74a195b40bc73bfbbc474b2f78c5152532c71bfb25f6c17f438f77b23af51ae5 abrt-devel-2.0.8-6.el6.centos.2.x86_64.rpm
6fe933d1bea1b75d167e6df5e8142e8796d8b5b26db1c52d3f46ad36af9f6d88 abrt-gui-2.0.8-6.el6.centos.2.x86_64.rpm
1e2b8414f68959761103b8d261a6b00ae6fc2f39046930742d3366fabb46b0eb abrt-libs-2.0.8-6.el6.centos.2.i686.rpm
096cd160d307b745c68d13884b01edc44b3de55c8bd490ffaae57ee74e2c6f16 abrt-libs-2.0.8-6.el6.centos.2.x86_64.rpm
bff039a681695683a865d243aadf17dbdfd81bd8f2e56f06fdf2f5a45b09ede6 abrt-tui-2.0.8-6.el6.centos.2.x86_64.rpm

Source:
18ce3f397397cedfddad1a353e040cdab6c03a1c3c29feae812667d25c39a23a abrt-2.0.8-6.el6.centos.2.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CESA-2013:0215 Important CentOS 6 libreport Update

CentOS Errata and Security Advisory 2013:0215 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2013-0215.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
8e0d59501d93b4a67d44055bf5b5e5c78b85e3629075ec416fdf3bfa3d42c89c libreport-2.0.9-5.el6.centos.2.i686.rpm
3e9dbbd95daed780c12153d6f38309600bd66590d63e56e817120ed95b225e35 libreport-cli-2.0.9-5.el6.centos.2.i686.rpm
ccd9f41d805ade92881a7ca7b4462b44d093a2604087b4a918343610806b4701 libreport-devel-2.0.9-5.el6.centos.2.i686.rpm
0c5324c7eacd6b372d4f4bf7406cf718072b6e13510a8955e066ea7c8b0f0284 libreport-gtk-2.0.9-5.el6.centos.2.i686.rpm
ef8672cecca76da21532c2ade4e129c88d0f90b639155b731ee9f617ba1d51a9 libreport-gtk-devel-2.0.9-5.el6.centos.2.i686.rpm
290f73d5a3154d15ef2ffd247c9918a31d947fbb2b4e31fca3680e8fe308341a libreport-newt-2.0.9-5.el6.centos.2.i686.rpm
d7763b62d243700c8ce1b4a655841d79fe6934b17b358d4fe70a29eacdc211ce libreport-plugin-bugzilla-2.0.9-5.el6.centos.2.i686.rpm
e68b8babf6c6226c4585a22c954c3b119c86b36f293d6af200e3732c16097e0a libreport-plugin-kerneloops-2.0.9-5.el6.centos.2.i686.rpm
8eb620319a6daa288633faa7eb8e3c3a75b3292d8511e9b4a99ded129bf55faa libreport-plugin-logger-2.0.9-5.el6.centos.2.i686.rpm
79e1f535effba553cecb6267a8ee14122ed20ad18c6673353cdefad3f1893956 libreport-plugin-mailx-2.0.9-5.el6.centos.2.i686.rpm
000cd2129036a237c2072dd24c039f1e15754294dffe1bc0de20b6c54204a5e5 libreport-plugin-reportuploader-2.0.9-5.el6.centos.2.i686.rpm
a82f1231c012eba482894766833cbd4ea85936763500242c7e95e717f7da51b8 libreport-plugin-rhtsupport-2.0.9-5.el6.centos.2.i686.rpm
a6b1b87db38dce9e27b518f355b75cafdb2b529f994a3b574cd44b26997095b0 libreport-python-2.0.9-5.el6.centos.2.i686.rpm

x86_64:
8e0d59501d93b4a67d44055bf5b5e5c78b85e3629075ec416fdf3bfa3d42c89c libreport-2.0.9-5.el6.centos.2.i686.rpm
c4ac1b3b34f494df353b7bb5c883c4c865b51e68baf7ed9c8f959e6eab176e4d libreport-2.0.9-5.el6.centos.2.x86_64.rpm
60b1b38bf661d042b20945dbfd3dce6ec2512f59f880458a15d13b2d80457f50 libreport-cli-2.0.9-5.el6.centos.2.x86_64.rpm
ccd9f41d805ade92881a7ca7b4462b44d093a2604087b4a918343610806b4701 libreport-devel-2.0.9-5.el6.centos.2.i686.rpm
336b1a107ce81f81956d22922a22184553c881219efea82930075f3ba22cc723 libreport-devel-2.0.9-5.el6.centos.2.x86_64.rpm
0c5324c7eacd6b372d4f4bf7406cf718072b6e13510a8955e066ea7c8b0f0284 libreport-gtk-2.0.9-5.el6.centos.2.i686.rpm
280d662cca789d9b256328bfd414616db60de108cb6b5027cc58fc0b585f9cdb libreport-gtk-2.0.9-5.el6.centos.2.x86_64.rpm
ef8672cecca76da21532c2ade4e129c88d0f90b639155b731ee9f617ba1d51a9 libreport-gtk-devel-2.0.9-5.el6.centos.2.i686.rpm
4f9dbf54d24f861eb5ccf33d67b66090295d0a6508d2cd2e7978fddbcc98b43a libreport-gtk-devel-2.0.9-5.el6.centos.2.x86_64.rpm
47cc4986e8ca9ca9106f8dccd991c4eb87ffd112638fc1e240c608f31447af8b libreport-newt-2.0.9-5.el6.centos.2.x86_64.rpm
97ac69bea50729a77e65e63914fd0ef861f4b4aebc3b9b993fb7c71052a4baa6 libreport-plugin-bugzilla-2.0.9-5.el6.centos.2.x86_64.rpm
d6f027c7130eb9cd45dcc3348bf4c1c8b505ed6e32f7e6672a0b3039a61f853f libreport-plugin-kerneloops-2.0.9-5.el6.centos.2.x86_64.rpm
670d92620fc26e55fb3e1d605efc03d421cac7716c34f5818d1c43b6bf5526ca libreport-plugin-logger-2.0.9-5.el6.centos.2.x86_64.rpm
baf8ce51c95a93f9df32bdf2ec51a2611d435d7896ff43f4c259b7c1dbc099ac libreport-plugin-mailx-2.0.9-5.el6.centos.2.x86_64.rpm
f36a8dc70d72dafd24d506fbe10e1cec26a4315eebc329d18082bd380568b181 libreport-plugin-reportuploader-2.0.9-5.el6.centos.2.x86_64.rpm
c463c72546dceb37294beb2f6a635ed86502299ca525c9be87e6c8c674919110 libreport-plugin-rhtsupport-2.0.9-5.el6.centos.2.x86_64.rpm
6e5b9064107c26c51486b487ec3d3abe9d00103403509e281aa85f6fb5f7ef72 libreport-python-2.0.9-5.el6.centos.2.x86_64.rpm

Source:
b5db120674caa9a2f386cba313cbc83c10a919bedd9c6c36fb7b092804628ca4 libreport-2.0.9-5.el6.centos.2.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CESA-2013:0216 Important CentOS 6 freetype Update

CentOS Errata and Security Advisory 2013:0216 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2013-0216.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
b37dfc93cc75837d5b0d8fd431074098f99b79c4e691dcfd00ee5b1664d56864 freetype-2.3.11-14.el6_3.1.i686.rpm
5e91057b351b08a32245ee371dd60f501d9e839680bc354159eb4edb8d025b14 freetype-demos-2.3.11-14.el6_3.1.i686.rpm
e563423bb14e3e301a289e12fc6eb39b3cdfdf9c34c88c7c2c38a4a0e2020443 freetype-devel-2.3.11-14.el6_3.1.i686.rpm

x86_64:
b37dfc93cc75837d5b0d8fd431074098f99b79c4e691dcfd00ee5b1664d56864 freetype-2.3.11-14.el6_3.1.i686.rpm
0ba55b5fd3f1be53709c67884f8c75bd16916277a9f40327648de0619ad25b14 freetype-2.3.11-14.el6_3.1.x86_64.rpm
a23e9344e17c4ce811d14a62784f5b1802d2d2bd70a030e43b9a3bfb4b4ae86b freetype-demos-2.3.11-14.el6_3.1.x86_64.rpm
e563423bb14e3e301a289e12fc6eb39b3cdfdf9c34c88c7c2c38a4a0e2020443 freetype-devel-2.3.11-14.el6_3.1.i686.rpm
2e1a2befb77a2a96e7f3beea35ffd515a12568206e77e6a5f7e3f0864b9a4cc2 freetype-devel-2.3.11-14.el6_3.1.x86_64.rpm

Source:
25a5e38ef7e61078513bad46af09c8963586cd56d3411ad8d0e8558e1d515ae7 freetype-2.3.11-14.el6_3.1.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CESA-2013:0219 Moderate CentOS 6 mysql Update

CentOS Errata and Security Advisory 2013:0219 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2013-0219.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
ecee86964db7e38b57e9737b3b1a0381dde9e585ee050d5e8788099e01651c2d mysql-5.1.67-1.el6_3.i686.rpm
a9129bc6a47c40e0c31256907d66d5ac2b4a2fc549c3b7cec85919b18f19e832 mysql-bench-5.1.67-1.el6_3.i686.rpm
3fe72dd0a06433c7e478a0593439182c75ff665df65e09200f6a8c18540d1cb1 mysql-devel-5.1.67-1.el6_3.i686.rpm
c3373b826a295eaf71b67f2b421579f1d708aefa3e11c5392a877a224699aaa1 mysql-embedded-5.1.67-1.el6_3.i686.rpm
4f682bd801716ed1c799e174bcc2acf8c1f4a71b2cd81e9e0c29a11b58bd491b mysql-embedded-devel-5.1.67-1.el6_3.i686.rpm
db444bb71cacb7625a8623c3f6be19413f02cefdc99058c9cc49e45170dd6352 mysql-libs-5.1.67-1.el6_3.i686.rpm
e3331fcf2a56272c383696ca441c7b3f6d2c82a498589c6f1545efc2243ff635 mysql-server-5.1.67-1.el6_3.i686.rpm
2dea1b319433a31261dae849fe5ed5d36dffcb8a9d155b41caa2975bdd6f8626 mysql-test-5.1.67-1.el6_3.i686.rpm

x86_64:
3d2d40fdcd196b017bcd64a036fd2607585d634508ebb7e5537fefa8c4467372 mysql-5.1.67-1.el6_3.x86_64.rpm
61add48ec87de135e263d78c71ffd1999004ac520ff3181f0bce197514368d1f mysql-bench-5.1.67-1.el6_3.x86_64.rpm
3fe72dd0a06433c7e478a0593439182c75ff665df65e09200f6a8c18540d1cb1 mysql-devel-5.1.67-1.el6_3.i686.rpm
b73d89fab99dcfcff51feed632c8a38c0160f7a6965a3e3f755033adaa5c512d mysql-devel-5.1.67-1.el6_3.x86_64.rpm
c3373b826a295eaf71b67f2b421579f1d708aefa3e11c5392a877a224699aaa1 mysql-embedded-5.1.67-1.el6_3.i686.rpm
e686777282cf33d81b5ebf95563a72211d3d5e70e80ae4f00cf2801b4ced5eb9 mysql-embedded-5.1.67-1.el6_3.x86_64.rpm
4f682bd801716ed1c799e174bcc2acf8c1f4a71b2cd81e9e0c29a11b58bd491b mysql-embedded-devel-5.1.67-1.el6_3.i686.rpm
5b07993efcfdf84c983f9108b863d9c806f43aef8361ecce6582d633bc1136d6 mysql-embedded-devel-5.1.67-1.el6_3.x86_64.rpm
db444bb71cacb7625a8623c3f6be19413f02cefdc99058c9cc49e45170dd6352 mysql-libs-5.1.67-1.el6_3.i686.rpm
f439dcd0020893e7f9fbf76e9bddc48217e943f2379243bfb3b9395ba785cae9 mysql-libs-5.1.67-1.el6_3.x86_64.rpm
5a25bca9c9543da74bb3157a9f533dbb2f3dfc859831dd992a9f2588e7fc1453 mysql-server-5.1.67-1.el6_3.x86_64.rpm
b050e02e4e518911273cfec40301331c3cb36b05d6053abc73dc709fd2c70d2a mysql-test-5.1.67-1.el6_3.x86_64.rpm

Source:
5aa2cc8321571088c2dc1b1741aabbe0c4a302e4c32297f9cebfd519bc1a04c8 mysql-5.1.67-1.el6_3.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CESA-2013:0218 Moderate CentOS 6 xorg-x11-drv-qxl Update

CentOS Errata and Security Advisory 2013:0218 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2013-0218.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
193d4ec422cd207bc9d204007f6434217bf266dd1fbe25c6caf8d04d5f4a3b59 xorg-x11-drv-qxl-0.0.14-14.el6_3.i686.rpm

x86_64:
06baa84f3f8c2f5b61463c7bb7163c44ab77e861e1e56886b92e944daa2438e5 xorg-x11-drv-qxl-0.0.14-14.el6_3.x86_64.rpm

Source:
4c29fb70823da60b70220eec34fd59c5b6aa17d41c09d0ab11550531b42083c5 xorg-x11-drv-qxl-0.0.14-14.el6_3.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CESA-2013:0217 Important CentOS 6 mingw32-libxml2 Update

CentOS Errata and Security Advisory 2013:0217 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2013-0217.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )


x86_64:
0dcd47145306e07bea0a967496ac90f8f9be80d39862cff2b61e2f0c3f1891e9 mingw32-libxml2-2.7.6-6.el6_3.noarch.rpm
05e742cf17dd15ab34a1409546da921a6dae53c07c49451a871449bc63611dbe mingw32-libxml2-static-2.7.6-6.el6_3.noarch.rpm

Source:
98ee2989d0e498ab1bf88ff21d7bb91572c15dc1276907869825106bbf924c5e mingw32-libxml2-2.7.6-6.el6_3.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CESA-2013:0213 Important CentOS 6 nspr Update

CentOS Errata and Security Advisory 2013:0213 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2013-0213.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
e88151e6973a30f30a75bf2029b65c3e0139c791843de3b183c8be6e2d9eea6f nspr-4.9.2-0.el6_3.1.i686.rpm
3fbb608da6c2fdb764cc16cac51aaa3857d37321ccd36f148bc235ee05584db3 nspr-devel-4.9.2-0.el6_3.1.i686.rpm
f155dca20b3fb6d0a2a19348c2b4369277535ffb1f49ee763dc835008fc62087 nss-3.13.6-2.el6_3.i686.rpm
90571821bf868f05d9da65af03d3dfcdc6b06ed1e907cca2ee98222eb8f95c29 nss-devel-3.13.6-2.el6_3.i686.rpm
2ddfe0ec2123fa09f4001d58530c9262164a64a680f429b2085f3e6970f30365 nss-pkcs11-devel-3.13.6-2.el6_3.i686.rpm
7525c1e454fc530b3bb9eadcc0be55e721ceeea6380f3e008558235f8c9df29c nss-sysinit-3.13.6-2.el6_3.i686.rpm
cfda2ca0e99b69a1aa94c49f38303fd9fcb8bfca029c2a12f83484ea642981e2 nss-tools-3.13.6-2.el6_3.i686.rpm
c4dff154761dedcc6b126e366ff53cdf5589ee32796f9aa50463fc3236029202 nss-util-3.13.6-1.el6_3.i686.rpm
44e6810fa11556541f2adf5bb38eb7efb0ed441a8cafc4b8c80d5d998a0a4cba nss-util-devel-3.13.6-1.el6_3.i686.rpm

x86_64:
e88151e6973a30f30a75bf2029b65c3e0139c791843de3b183c8be6e2d9eea6f nspr-4.9.2-0.el6_3.1.i686.rpm
a614f8c673f06c16fdc5b3cb48261656a657d7a0f914734e52aa2f8fa4ac0fb1 nspr-4.9.2-0.el6_3.1.x86_64.rpm
3fbb608da6c2fdb764cc16cac51aaa3857d37321ccd36f148bc235ee05584db3 nspr-devel-4.9.2-0.el6_3.1.i686.rpm
5831cb338c698b6a4ea80222ded557a6e3d9efb846444cc92aba2c39e89845e6 nspr-devel-4.9.2-0.el6_3.1.x86_64.rpm
f155dca20b3fb6d0a2a19348c2b4369277535ffb1f49ee763dc835008fc62087 nss-3.13.6-2.el6_3.i686.rpm
4d2622b1f82d169fc0c1337b102f8487065c057824de9aae8f25e44599be175b nss-3.13.6-2.el6_3.x86_64.rpm
90571821bf868f05d9da65af03d3dfcdc6b06ed1e907cca2ee98222eb8f95c29 nss-devel-3.13.6-2.el6_3.i686.rpm
2ffe95978f3b359a0bfc4f059849b91fe76954d901b220750a453c83a9fdd3fa nss-devel-3.13.6-2.el6_3.x86_64.rpm
2ddfe0ec2123fa09f4001d58530c9262164a64a680f429b2085f3e6970f30365 nss-pkcs11-devel-3.13.6-2.el6_3.i686.rpm
5a7cba73bcbad6b007762290b76ee204461f9fb1b054b61eea80bfb08ba2925c nss-pkcs11-devel-3.13.6-2.el6_3.x86_64.rpm
d56d789a102e508871d8b2e3ca2a7633e91ee56ff009ea70a6b8a3a02f07b02b nss-sysinit-3.13.6-2.el6_3.x86_64.rpm
1a5324f7ee58cd148283e95b7c19871c4d71f0937cbf335f1886c08f6897b437 nss-tools-3.13.6-2.el6_3.x86_64.rpm
c4dff154761dedcc6b126e366ff53cdf5589ee32796f9aa50463fc3236029202 nss-util-3.13.6-1.el6_3.i686.rpm
b82db6998fb39f0ecec6b71cac9bd3cb17c078e9a34d9a554df5e59f8a2a4b9c nss-util-3.13.6-1.el6_3.x86_64.rpm
44e6810fa11556541f2adf5bb38eb7efb0ed441a8cafc4b8c80d5d998a0a4cba nss-util-devel-3.13.6-1.el6_3.i686.rpm
2eff8615b9eaf3596c9d32b37aeec43644440146c7d53bf89de076b2ae976a9b nss-util-devel-3.13.6-1.el6_3.x86_64.rpm

Source:
3b1b77e7523245462a4b5b5df12cc78c71b82b89d5a599d77501002976015009 nspr-4.9.2-0.el6_3.1.src.rpm
fc4c2852dfe1d18583da0dd782d2e5558ee4a3b6ee153883fc25a19b9f129d3c nss-3.13.6-2.el6_3.src.rpm
312f8b48f3ee4eefeab39171b3f1dd24aa032475be7e12a5a34e9f2054e947c5 nss-util-3.13.6-1.el6_3.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2013:0212 CentOS 6 glibc Update

CentOS Errata and Bugfix Advisory 2013:0212

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-0212.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
62527f00a955f3ad30cc1ab3e9b6871ed71d4c607729040194873943d89d8f9f glibc-2.12-1.80.el6_3.7.i686.rpm
3cb35a37c25728e0f17a3eff7df75e23ea85123c66f05d6b97e00cbdc9540012 glibc-common-2.12-1.80.el6_3.7.i686.rpm
dbe7d58085786f153c1b53e474fc0af9f0599b669e0063e508f1bf2b74346d7e glibc-devel-2.12-1.80.el6_3.7.i686.rpm
54905f21359536ce157f40c90ae19a6047c540ff92ebd288f4c049cedebb6141 glibc-headers-2.12-1.80.el6_3.7.i686.rpm
8e53d3ed738b204fa5822c060bac34f644b7bf62b6c4be3c1a8d14cc5fc0811e glibc-static-2.12-1.80.el6_3.7.i686.rpm
5e30fc354488218e2f070e59746d51c0378c3acf0e1119f96a51ad58b6be91bb glibc-utils-2.12-1.80.el6_3.7.i686.rpm
0afe9316d959ea93dc07a3ed198d3bafa0d7cc5db1a67aaaccfdbc0eff4c40fa nscd-2.12-1.80.el6_3.7.i686.rpm

x86_64:
62527f00a955f3ad30cc1ab3e9b6871ed71d4c607729040194873943d89d8f9f glibc-2.12-1.80.el6_3.7.i686.rpm
9a8a7860b78167cc64c68938798d84f2bee4dccda3f873057283940c70cbdbf6 glibc-2.12-1.80.el6_3.7.x86_64.rpm
26f0f86bf4431e824682b5cc1faeadfbe64d1a22ded8b223d88db476fbaae969 glibc-common-2.12-1.80.el6_3.7.x86_64.rpm
dbe7d58085786f153c1b53e474fc0af9f0599b669e0063e508f1bf2b74346d7e glibc-devel-2.12-1.80.el6_3.7.i686.rpm
a535fa893137cd181cf175cdc401ec8ccd7384049c0a56f8994a3960018fac9b glibc-devel-2.12-1.80.el6_3.7.x86_64.rpm
acc35b400b081d4f8343fbeeb8035dee0ea6207b05f02595665077efcd7acf7b glibc-headers-2.12-1.80.el6_3.7.x86_64.rpm
8e53d3ed738b204fa5822c060bac34f644b7bf62b6c4be3c1a8d14cc5fc0811e glibc-static-2.12-1.80.el6_3.7.i686.rpm
629b1f1ef98af638a8c9e21306d9312d8946c9cefb218ce33fb84b18c72e15ce glibc-static-2.12-1.80.el6_3.7.x86_64.rpm
91db2b7efb9f26369a08714000433372c166f43573c816ebe2de6955d7fa78c6 glibc-utils-2.12-1.80.el6_3.7.x86_64.rpm
f1270081274f120128d09b5aaa71ee216915e0f2317406f8068c24cfea741c61 nscd-2.12-1.80.el6_3.7.x86_64.rpm

Source:
39a5f804f1151adc1caea48311ffdeb5bef1c1e6867c46c13dc126f3a35102f2 glibc-2.12-1.80.el6_3.7.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CESA-2013:0214 Important CentOS 5 nss Update

CentOS Errata and Security Advisory 2013:0214 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2013-0214.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
0cc8059ea73dfc88457a101080cdbffe999c34e2e11113e29d5164d9ae2af569 nspr-4.9.2-2.el5_9.i386.rpm
7074f2a9b08d29fa82d0c66dbda09d4c3242a7ca3a9c4b19bf0f7449517b65cb nspr-devel-4.9.2-2.el5_9.i386.rpm
16029039ca032ffce958953c8fea9cae8955c013a93e8a9ae0832f10d40cc5e7 nss-3.13.6-3.el5_9.i386.rpm
e80971e8ed65bd9872ad780be62fa23d7812d7499f56ea8b19f0c3a63cb09945 nss-devel-3.13.6-3.el5_9.i386.rpm
1c625b6ff09dcc423e2da22d1fa107566fadf6d091751ce19880e58c7339a86f nss-pkcs11-devel-3.13.6-3.el5_9.i386.rpm
9ef285b564335e8df2241b9d64478e65da3097c4948c2243179c153658f23dda nss-tools-3.13.6-3.el5_9.i386.rpm

x86_64:
0cc8059ea73dfc88457a101080cdbffe999c34e2e11113e29d5164d9ae2af569 nspr-4.9.2-2.el5_9.i386.rpm
94a64a0377aed96c931aa10255c90d41fc78d1fc59e7fe94d5a5fe13d6cfcd76 nspr-4.9.2-2.el5_9.x86_64.rpm
7074f2a9b08d29fa82d0c66dbda09d4c3242a7ca3a9c4b19bf0f7449517b65cb nspr-devel-4.9.2-2.el5_9.i386.rpm
ca84498851244e166c4a26b88ee107abe2ea03d58c24d155590a281c42d61d59 nspr-devel-4.9.2-2.el5_9.x86_64.rpm
16029039ca032ffce958953c8fea9cae8955c013a93e8a9ae0832f10d40cc5e7 nss-3.13.6-3.el5_9.i386.rpm
66504c5bd514d0919ff8b9170aa9587f6332ae4d70f7df003b4a7cf093506c36 nss-3.13.6-3.el5_9.x86_64.rpm
e80971e8ed65bd9872ad780be62fa23d7812d7499f56ea8b19f0c3a63cb09945 nss-devel-3.13.6-3.el5_9.i386.rpm
6ac0b087a4a03f61a82402f648f22071f7b0a257d173897430a471b79c50f3df nss-devel-3.13.6-3.el5_9.x86_64.rpm
1c625b6ff09dcc423e2da22d1fa107566fadf6d091751ce19880e58c7339a86f nss-pkcs11-devel-3.13.6-3.el5_9.i386.rpm
d010d807d939017365568d016fa788fea4d5a240a7024b29b32c0a22dcb23737 nss-pkcs11-devel-3.13.6-3.el5_9.x86_64.rpm
c8463457371032eddc7659d7cbc8befc4cc796121e43677d9ecd1fb19976b1e5 nss-tools-3.13.6-3.el5_9.x86_64.rpm

Source:
bbcf6dac3475641667363def0dd9cb165e5265dc55dd304d0db9cdad231bef38 nspr-4.9.2-2.el5_9.src.rpm
c71dbc152e220e43b49f737939e01d5bc1c397294a1fdb163c584e12f72c49cf nss-3.13.6-3.el5_9.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CESA-2013:0216 Important CentOS 5 freetype Update

CentOS Errata and Security Advisory 2013:0216 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2013-0216.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
cacc70568addbfa074947de9177b38da49f5a45361640dd4360e45252650bb81 freetype-2.2.1-32.el5_9.1.i386.rpm
0406d616a5c8fc7fccd343d6226a52fde050c8ae7a5ccc71a42eddece6621028 freetype-demos-2.2.1-32.el5_9.1.i386.rpm
ca10d7bc4e1dc5dceac26529add39f6ca1660b086d6fd81b475185ed7a6ac3a1 freetype-devel-2.2.1-32.el5_9.1.i386.rpm

x86_64:
cacc70568addbfa074947de9177b38da49f5a45361640dd4360e45252650bb81 freetype-2.2.1-32.el5_9.1.i386.rpm
1fffcbb350ebb38bfcaa5a18cfc2ea6bbe42461d11cf0c642e88032f292651f0 freetype-2.2.1-32.el5_9.1.x86_64.rpm
c59ebbfc5eaffa320569404a46f7de69ca6c99969dc02d158173a18530dfd280 freetype-demos-2.2.1-32.el5_9.1.x86_64.rpm
ca10d7bc4e1dc5dceac26529add39f6ca1660b086d6fd81b475185ed7a6ac3a1 freetype-devel-2.2.1-32.el5_9.1.i386.rpm
bf6a082d5d70e48a95444f7a0ecfa7e0e4cfe2dbd651c1fc183a9dce2b4aa01b freetype-devel-2.2.1-32.el5_9.1.x86_64.rpm

Source:
f12c161fcd00a6278ee2204306c84e63689b28421a805200b3981fea3393691b freetype-2.2.1-32.el5_9.1.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

Proposed F19 Feature: Usermode Migration

= Features/UsermodeMigration =
https://fedoraproject.org/wiki/Features/UsermodeMigration

Feature owner(s): Harald Hoyer <harald@redhat.com>, Kay Sievers
<kay@redhat.com>, Bill Nottingham <notting@redhat.com>

Access control of privileged operations for ordinary users should be handled
exclusively by a centrally managed authority.

Usermode/consolehelper should be phased out and be replaced entirely by
polkit.

== Detailed description ==
The usermode/consolehelper program is a setuid-root wrapper around a couple of
system tools, providing superuser privileges to ordinary users. Its policy is
controlled by text files in /etc.

These days, most privileged system operations are already controlled by
polkit, a well-established, fine-grained, (possibly) network-transparent
service for managing privileged operations by ordinary users. Enterprise
environments need to be able to centrally define access control policy for the
organization, and automatically apply it to all connected workstations.

* polkit can be used by privileged processes to decide if it should execute
privileged operations on behalf of the requesting user. For directly executed
tools, polkit provides a setuid-root helper program called ''pkexec''.The
hooks to ask the user for authorizations are well-integrated into text
environments, and native in all major graphical environments.
* The concept of a ''console user'' (that usermode/consolehelper implements)
is no longer a sufficient concept to derive privileges from. OTOH polkit
authorizations can properly distinguish between multiple active sessions and
seats: e.g. an untrusted user's reboot request is only granted if only a
single user session runs at that time.

Btw. this Feature was already accepted for Fedora 18 and it's continuous effort
spread over several releases.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Proposed F19 Feature: Virt Storage Migration

= Features/Virt Storage Migration =
https://fedoraproject.org/wiki/Features/Virt_Storage_Migration

Feature owner(s): Cole Robinson <crobinso@redhat.com>, Paolo Bonzini
<pbonzini@redhat.com>

Migrate a running virtual machine from one host to another, including in use
storage, with no downtime. No need for a shared storage location between the
two.

== Detailed description ==
Live migration of a VM has been around for a while, but usage historically
required that VM storage disk images were shared between the source and
destination host, and mounted in the same location.

Since qemu 0.12 (December 2009), there has been a storage migration feature in
qemu, but it was inflexible, and inefficient to the point that any workload in
the guest would often prevent the guest from ever being full migrated. While
supported in libvirt/virsh, it was still difficult to use, requiring stub disk
images to be present on the destination host.

New developments in QEMU allow migrating a VM with no shared storage between
the source and destination, and does it in a performant manner.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Proposed F19 Feature: System Configuration Shell

= Features/SystemConfigurationShell =
https://fedoraproject.org/wiki/Features/SystemConfigurationShell

Feature owner(s): Tom Schwaller <tom dot schwaller at web dot de>

The System Configuration Shell System provides an easy to use interactive
command line interface with a standardized syntax to manage your system.

== Detailed description ==
Network Administrators love their very powerful switch/router/firewall/etc. CLI
which can be used for all administrative tasks in a very structured and well
documented way. Compare that to classical Linux System Administration which is
a mix of editing configuration files using different formats and executing
commands & scripts with a heterogeneous syntax. The System Configuration Shell
will provide an interactive command line interface using the python-configshell
framework with a standardized syntax to manage your system. It consists of the
command configsh which starts an interactive shell and can also be used in
shell scripts and the command config for one-shot configuration commands (e.g.
config hostname www.fedoraproject.org which not only executes hostname
www.fedoraproject.org but also changes several configuration files to make the
new hostname permanent).

The System Configuration Shell will facilitate the Linux System administrators
daily work. Since every command is logged (in a verbose mode even showing the
exact system commands and scripts executed), each administrator can decide
him/herself if he/she feels comfortable using standard parts (or local
extensions) the System Configuration Shell. The approach is similar to the
OpenWrt UCI Command Line Utility or the Vyatta vbash but using a different
approach.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Proposed F19 Feature: Virtio RNG

= Features/Virtio RNG =
https://fedoraproject.org/wiki/Features/Virtio_RNG

Feature owner(s): Cole Robinson <crobinso@redhat.com>, Amit Shah
<amit.shah@redhat.com>

Provide a paravirtual random number generator to virtual machines, to prevent
entropy starvation in guests.

== Detailed description ==
The linux kernel collects entropy from various non-deterministic hardware
events, like mouse and keyboard input, and network traffic. This entropy is then
exposed through /dev/random, commonly used by cryptographic applications that
need true randomness to maintain security. However if more entropy is being
consumed than is being produced, we have entropy starvation: reading from
/dev/random will block, which can cause a denial of service. A common example
here is use of /dev/random by SSL in various services.

VirtIO RNG (random number generator) is a paravirtualized device that is
exposed as a hardware RNG device to the guest. Virtio RNG just appears as a
regular hardware RNG to the guest, which the kernel reads from to fill its
entropy pool. This effectively allows a host to inject entropy into a guest via
several means: The default mode uses the host's /dev/random, but a physical HW
RNG device or EGD (Entropy Gathering Daemon) source can also be used.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

[CentOS-announce] CEBA-2013:0212 CentOS 6 glibc Update

CentOS Errata and Bugfix Advisory 2013:0212

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-0212.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
49895c07e6438541f8fcee9de7e61f917bb1059f5ecefa8797d7c3a45f7a0542 glibc-2.12-1.80.el6_3.7.i686.rpm
9ac3511106793afc32bf4db7fb6005352cc0f34b618fd84581361923529925dd glibc-common-2.12-1.80.el6_3.7.i686.rpm
941a2c8311e2c39d209eb8f4738c220b57bd8a1929c1d6cc64586ab2407db7c3 glibc-devel-2.12-1.80.el6_3.7.i686.rpm
b1afc555f1f6b2e59b55a762d753edfa339b2de1a148905c341f0390013df35c glibc-headers-2.12-1.80.el6_3.7.i686.rpm
ebf30b405afbd8b7a24fbeb23c9fdbaae551157a3bb3861311965184f9705683 glibc-static-2.12-1.80.el6_3.7.i686.rpm
140ec7848bceabc8188a7fe6778f6facab9d6fa762cd042cb180016b45a67375 glibc-utils-2.12-1.80.el6_3.7.i686.rpm
6dc9fa51750e1d36e0e75cda872bd42aa68ac5cf91874da69075a88eb5083512 nscd-2.12-1.80.el6_3.7.i686.rpm

x86_64:
49895c07e6438541f8fcee9de7e61f917bb1059f5ecefa8797d7c3a45f7a0542 glibc-2.12-1.80.el6_3.7.i686.rpm
4466b6bfda35951eec957e925debd47af2f2ee7fa5fe62fc8f9a96a08f9f12b5 glibc-2.12-1.80.el6_3.7.x86_64.rpm
b4e89bc58a60659a885be0713eb99e2425c1a58e22d30d3f229f6de33440202e glibc-common-2.12-1.80.el6_3.7.x86_64.rpm
941a2c8311e2c39d209eb8f4738c220b57bd8a1929c1d6cc64586ab2407db7c3 glibc-devel-2.12-1.80.el6_3.7.i686.rpm
2ebcd18ce2b7e05a57667b2b588d804c733e109ca25c748c5bdcecfa7502e121 glibc-devel-2.12-1.80.el6_3.7.x86_64.rpm
74ee89ddb7df516f06fe18e8fed848090769ff2a74f8a1adcdd343e9851c6e0e glibc-headers-2.12-1.80.el6_3.7.x86_64.rpm
ebf30b405afbd8b7a24fbeb23c9fdbaae551157a3bb3861311965184f9705683 glibc-static-2.12-1.80.el6_3.7.i686.rpm
f4febf76728c35459376fbd3622507f698805de1bf9b8649ba9b339c5e48d3a4 glibc-static-2.12-1.80.el6_3.7.x86_64.rpm
4195f0e0b661341bb06bc05055a389d605859bfe3683ceb3a8034f6d154bdc47 glibc-utils-2.12-1.80.el6_3.7.x86_64.rpm
e31d1ecfcfcca92106095e72ba1d535aa87f4d841d02576f32cedf6a71534a0a nscd-2.12-1.80.el6_3.7.x86_64.rpm

Source:
00a4acd908f62bef4b9b67942e1fc347a62aa19b9db0c7b677daa96160c217b7 glibc-2.12-1.80.el6_3.7.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

Proposed F19 Feature: QXL/Spice KMS Driver

= Features/QXLKMSSupport =
https://fedoraproject.org/wiki/Features/QXLKMSSupport

Feature owner(s): Alon Levy <alevy@redhat.com>

Currently the QXL driver is X.org only, a KMS driver is required to move
forward with projects like spice 3D, and also to allow more features to be
show in virt environments like plymouth.

== Detailed description ==
The current spice GPU driver for Linux guests is an X.org only driver. A
kernel modesetting driver needs to be developed along with a new X.org driver
that runs on top of it. Additionally the kernel driver will allow it to work
with the modesetting DDX driver. The new ioctl interface the driver will
expose will allow updating the qxl DDX driver to work on it. The new driver
needs to support all revisions of the qxl device.

Btw. Feature has been already proposed as Fedora 18 feature but was postponed
for Fedora 19.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Proposed F19 Feature: Less Brittle Kerberos

= Features/LessBrittleKerberos =
https://fedoraproject.org/wiki/Features/LessBrittleKerberos

Feature owner(s): Stef Walter <stefw@redhat.com>

Make kerberos in Fedora simpler to use by removing some of the brittleness
that are common failure points. In particular we remove the need for kerberos
clients to sync their clocks, and remove the need to have reverse DNS records
carefully setup for services.

== Detailed description ==
MIT kerberos 1.11 now contains work so that clients do not have to sync their
system clocks with that of the KDC. A time offset is discovered during preauth
and stored along with the local credentials. This removes a common point of
failure when using kerberos.

Kerberos clients can optionally verify reverse DNS records for services that
they connect to as a way of trying to identify which realm they belong to.
However in many cases these do not exist. Kerberos should fall back to it's
default behavior in that case. Failure to do this is a common point of failure
when using kerberos.

Further enhancements will be included in kerberos 1.11:

* http://k5wiki.kerberos.org/wiki/Projects/Responder (for 1.11)
* http://web.mit.edu/kerberos/krb5-latest/
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Proposed F19 Feature: Yesod Web Framework

= Features/YesodWebFramework =
https://fedoraproject.org/wiki/Features/YesodWebFramework

Feature owner(s): Jens Petersen <petersen@redhat.com>, Michel Salim, Ben
Boeckel

Yesod is a Haskell web framework for productive development of type-safe,
RESTful, high performance web applications.

== Detailed description ==
This is a packaging effort: the Yesod stack of packages requires quite a lot of
new Haskell libraries to be added to Fedora. Some basic packages have already
been done for a long time but there are a lot left to be added.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Proposed F19 Feature: KVM Device Failover

= Features/Virt Device Failover =
https://fedoraproject.org/wiki/Features/Virt_Device_Failover

Feature owner(s): Michael S. Tsirkin <mst@redhat.com>, Gal Hammer
<hammer@redhat.com>, Cole Robinson <crobinso@redhat.com>, Laine Stump
<laine@redhat.com>

Support for transparent failover between an assigned and an emulated device,
allows enabling the migration and overcommit dynamically, while still gaining
the performance benefits of device assignment and without disrupting the guest
operation.

== Detailed description ==
For virtual machines, device assignment is the best
option for performance. However, when a device is assigned to a VM, both
migration and memory overcommit are currently disabled.

This feature aims at removing the performance/features tradeoff,
by switching to an emulated device in a way that is almost
transparent to users, for configurations where both host
and guest are Fedora.

Fedora should detect that the emulated device serves as a failover
for the assigned device. When requested by the hypervisor,
it will stop and eject the assigned device, switching to failover.
After this point, migration and memory overcommit are possible,
while device configuration is preserved. Once e.g. migration
completes, the reverse switch can take place.

Thus the device is controlled by:
* before migration: device specific driver loaded in guest
* during migration: driver loaded in host, virtio or emulated device driver
loaded in guest
* after migration: device specific driver loaded in guest

At the kernel level, for networking, this can be done by and creating
a bond in a failover configuration, and for storage, using multipath,
on top of both the assigned and the emulated device.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

[USN-1713-1] squid-cgi vulnerabilities

==========================================================================
Ubuntu Security Notice USN-1713-1
January 31, 2013

squid-cgi vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 10.04 LTS

Summary:

squid-cgi could consume excessive system resources, leading to a denial
of service attack on it and other hosted services.

Software Description:
- squid3: Full featured Web Proxy cache (HTTP proxy)
- squid: Internet object cache (WWW proxy cache)

Details:

It was discovered that squid's cachemgr.cgi was vulnerable to excessive
resource use. A remote attacker could exploit this flaw to perform a denial
of service attack on the server and other hosted services. (CVE-2012-5643)

It was discovered that the patch for CVE-2012-5643 was incorrect. A
remote attacker could exploit this flaw to perform a denial of service
attack. (CVE-2013-0189)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.10:
squid-cgi 3.1.20-1ubuntu1.1

Ubuntu 12.04 LTS:
squid-cgi 3.1.19-1ubuntu3.12.04.2

Ubuntu 11.10:
squid-cgi 3.1.14-1ubuntu0.3

Ubuntu 10.04 LTS:
squid-cgi 2.7.STABLE7-1ubuntu12.6

In general, a standard system update will make all the necessary changes.
Ensure the webserver access controls properly restrict access to cachemgr.cgi.

References:
http://www.ubuntu.com/usn/usn-1713-1
CVE-2012-5643, CVE-2013-0189

Package Information:
https://launchpad.net/ubuntu/+source/squid3/3.1.20-1ubuntu1.1
https://launchpad.net/ubuntu/+source/squid3/3.1.19-1ubuntu3.12.04.2
https://launchpad.net/ubuntu/+source/squid3/3.1.14-1ubuntu0.3
https://launchpad.net/ubuntu/+source/squid/2.7.STABLE7-1ubuntu12.6

ARM arches in F19 and forward.

Hi all,

This is just a note for a wider audience. the Fedora ARM has dropped
support for software floating point going forward, we will only be
building hardware floating point binaries from Fedora 19 on. it was
discussed at FUDCon and on the arm list the FUDCon notes
https://fedoraproject.org/wiki/Architectures/ARM/Meetings/FUDCon_Lawrence_2013#Future
show that we were going to look at having F19 be the last softfp
supporting release after further thought and discussion we are dropping
from F19 and F18 will be the last release supporting sfp so those with
sfp only devices, which the only supported ones are kirkwood based
devices like the guruplug will get software support for about 1 year
more.

The Raspberry Pi will be supported by the efforts at Seneca College
with armv6hl it will support hardware floating point.

Longer term we will start to support aarch64

Regards

Dennis
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

[USN-1712-1] Inkscape vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJRCUIkAAoJEGVp2FWnRL6TZVoQALbm1Jz+30eHPX9vb2kWFpzw
9YpPQ/PehtvjB/Rf4IhVVb8GWj9lXCOeqe8OfLy9FBlnUdX7G2KiFa2vL9TZ+q74
qXPOrvLFRLTZx0YnYKrlnESarODtj5r1v0/kDLAGX8U0QYfkKDnyZgFkTNkqVyKq
xmM+8juimp05Z174MOHR+qzo0y5tbrSNeeADCIdbb7ayW7IjavSx4/+Hg8jQiyqQ
d0SPo8nfNalgQ86Lb+4yR5SVhw0Obfu7u08xQ7/Dn5vceuiPZOQBbFJX2z2O4xoC
rzRO0LOXUBddSck0w7PHzLT1F+0HDzzMCElDlJvJgUmhwwvjmMTDFuuxxVIIMtwQ
pvKyUm/WjZLgDJ0MhJwNkl4TL/bF8zAK5NEXteDq13E9yW2YX8m/KmggxGpM8z8C
F6DLv4T/GX9Nw35HlP41hnM9/FAFaq9sjbC3YZRaApZMGEHri0YEaXrr1PbOW8y7
pKYKQ8zL7Z6+YDrRnUOd5hE5YBdVOj497LoTox0s8TcJ+Fq9uR3n7slWvg8U7x33
edGvmIyrsqApi26jHZYCuG0K6u7miQABl7hkFboZCFclzpCTRon3/u0+INGmjcoU
/NGV28Xq3GOws8HmdidhCahRnuDn3fxYD+woA28iXaJzWQh14+D5dbgGA5FU6Xhg
xtPJlei6oYwGyd1McASK
=+Oud
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1712-1
January 30, 2013

inkscape vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 10.04 LTS

Summary:

Several security issues were fixed in Inkscape.

Software Description:
- inkscape: vector-based drawing program

Details:

It was discoverd that Inkscape incorrectly handled XML external entities in
SVG files. If a user were tricked into opening a specially-crafted SVG
file, Inkscape could possibly include external files in drawings, resulting
in information disclosure. (CVE-2012-5656)

It was discovered that Inkscape attempted to open certain files from the
/tmp directory instead of the current directory. A local attacker could
trick a user into opening a different file than the one that was intended.
This issue only applied to Ubuntu 11.10, Ubuntu 12.04 LTS and Ubuntu 12.10.
(CVE-2012-6076)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.10:
inkscape 0.48.3.1-1ubuntu6.1

Ubuntu 12.04 LTS:
inkscape 0.48.3.1-1ubuntu1.1

Ubuntu 11.10:
inkscape 0.48.2-0ubuntu1.1

Ubuntu 10.04 LTS:
inkscape 0.47.0-2ubuntu2.1

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1712-1
CVE-2012-5656, CVE-2012-6076

Package Information:
https://launchpad.net/ubuntu/+source/inkscape/0.48.3.1-1ubuntu6.1
https://launchpad.net/ubuntu/+source/inkscape/0.48.3.1-1ubuntu1.1
https://launchpad.net/ubuntu/+source/inkscape/0.48.2-0ubuntu1.1
https://launchpad.net/ubuntu/+source/inkscape/0.47.0-2ubuntu2.1

Proposed F19 Feature: Thermostat 1.0

= Features/Thermostat1.0 =
https://fedoraproject.org/wiki/Features/Thermostat1.0

Feature owner(s): Omair Majid <omajid@redhat.com>

== Detailed description ==
Thermostat is a serviceability and instrumentation tool for OpenJDK. The 1.0
release of thermostat brings a number of new features that developers may find
very useful.
* More information for Hosts and Java Virtual Machines being monitored
* A stable API for external plugin developers
* Ability to use thermostat, securely, in a network or a cluster
* An experimental eclipse plugin that lets developers use eclipse as a
thermostat GUI

The goal is to get the 1.0 release of thermostat into Fedora 19. If upstream
also releases 1.1 before the alpha deadline for Fedora 19, we may use that
instead.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Proposed F19 Feature: Network Team driver - Update for new features

= Features/TeamDriverUpdate =
https://fedoraproject.org/wiki/Features/TeamDriverUpdate

Feature owner(s): Jiri Pirko <jiri@pirko.cz>

Network Team driver allows multiple network interfaces to be teamed together
and act like a single one. This update adds several kind of new features to
it.

== Detailed description ==
The goal is to extend current Team driver experience in Fedora. In order to do
that, following features will be implemented:

* ARP link validation over VLAN
* Transmit hashing involving L4 headers
* Support for NICs which do now allow mac change on run
* Load balancing support for incoming traffic
* Corrected carrier detection

_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Proposed F19 Feature: Systemtap 2.2

= Features/Systemtap22 =
https://fedoraproject.org/wiki/Features/Systemtap22

Feature owner(s): Lukas Berk <lberk@redhat.com>, Frank Ch. Eigler
<fche@redhat.com>

A new feature release of Systemtap.

== Detailed description ==
Systemtap 2.2 will introduce several new features:
* Native Java per-method probing capabilities (using byteman)

Plus new features coming from the impending systemtap 2.1:
* A suite of error-explanation man pages.
* Perf event probes may now be read on demand
* Perf event probes may now be bound to a specific task using the process name
* The dyninst backend's runtime has been improved to allow much more
concurrency when probing multi-threaded processes
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Proposed F19 Feature: Realmd FreeIPA Support

= Features/RealmdFreeIpaSupport =
https://fedoraproject.org/wiki/Features/RealmdFreeIpaSupport

Feature owner(s): Stef Walter <stefw@redhat.com>

realmd currently supports discovery and configuring of Active Directory
domains. With this feature it will also include support for FreeIPA domains.

== Detailed description ==
realmd is an on demand system DBus service, which allows callers to configure
network authentication and domain membership in a standard way. realmd
discovers information about the domain or realm automatically and does not
require complicated configuration in order to join a domain or realm.

realmd will be able to be used with FreeIPA. Current GUI and CLI tools that
use realmd to join Active Directory domains will now be able to seamlessly
join FreeIPA domains as well.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Proposed F19 Feature: Pcsd Configuration Wizards

= Features/Pcsd Configuration Wizards =
https://fedoraproject.org/wiki/Features/Pcsd_Configuration_Wizards

Feature owner(s): Chris Feist <cfeist@redhat.com>

This feature will allow easier building of configuration wizards for pcsd (the
Pacemaker/Corosync GUI), so through a simple configuration file we can create
wizards for some common configurations (such as setting up a 2 nodes HA
webserver).

== Detailed description ==
The new feature will allow for a configuration file to be used to create wizards
(instead of manually creating javascript/html, etc.) for each separate wizard.

Initially the simple configuration wizards will include the following:
* 2 node HA webserver
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Proposed F19 Feature: oVirt engine 3.2

= Features/oVirtEngine 3.2 =
https://fedoraproject.org/wiki/Features/oVirtEngine_3.2

Feature owner(s): Juan Hernández <juan.hernandez@redhat.com>

The oVirt engine is the management application of the oVirt virtualization
platform. Version 3.2 is the latest version, including many new features.

== Detailed description ==
Version 3.1 of the oVirt engine was already included in Fedora 18, but we want
to bring the new features provided by version 3.2.

The version 3.2 of the oVirt engine includes the web based user interface for
administrators and users, and many new features, for example:

* UI plugins
* Make network a main tab
* Import of existing gluster clusters
* Bootstrap improvements
* PKI improvments
* MOM
* Improved quota
* Integrate smartcard support
* Display address override
* VM creation base on pre-defined profiles (instance types)
* Storage live migration (needs to be checked)
* Sync network
* Port mirroring
* User level api
* Automatic storage domain upgrade
* Unidirectional Gluster geo-replication support
* Support for asynchronous Gluster volume tasks
* Gluster volume performance statistics
* Configuration sync with Gluster CLI
* Monitoring Gluster Volumes and Bricks
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Proposed F19 Feature: NetworkManager Bridging Support

= Features/NetworkManagerBridging =
https://fedoraproject.org/wiki/Features/NetworkManagerBridging

Feature owner(s): Pavel Šimerda <psimerda at redhat.com>, Dan Williams <dcbw
at redhat dot com>

NetworkManager should be able to configure bridge interfaces with commonly used
options and recognize their existing configuration on startup without
disrupting their operation.

== Detailed description ==
A bridge connects two or more physical or virtual network interfaces to allow
network traffic to flow between the two interfaces at a low level. Bridging is
commonly used to connect Virtual Machines to the outside world; a bridge
interface is created, to which a physical interface (typically ethernet) is
assigned as a slave, and a virtual interface (typically TAP) is created and
also assigned to the bridge as a slave, and then given to the Virtual Machine.
Thus traffic from one or more VMs can be combined and sent out of the machine
via the physical interface.

This setup is currently done either manually using ifcfg files and ifup/ifdown,
or by a tool like libvirt/netcf. NetworkManager should be able to configure
bridge interfaces and their slaves with the same functionality as provided by
libvirt, and should recognize and not disrupt existing bridge connections when
it starts up.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Proposed F19 Feature: NetworkManager Bonding Support

= Features/NetworkManagerBonding =
https://fedoraproject.org/wiki/Features/NetworkManagerBonding

Feature owner(s): Pavel Šimerda <psimerda at redhat.com>, Dan Williams <dcbw
at redhat dot com>

NetworkManager should be able to configure bond master interfaces with commonly
used options and recognize their existing configuration on startup without
disrupting their operation.

== Detailed description ==
NetworkManager's existing support for bond interfaces covers a limited number
of use-cases and can conflict with existing bonding configurations created by
tools like libvirt. The purpose of this Fedora feature is to implement more
flexible bonding infrastructure in NetworkManager to support an expanded number
of use-cases and to be more cooperative with other users of bonding.

Support will be added to NetworkManager to detect the existing configuration of
a bond interface and its slaves and to seamless "take over" that connection
without disrupting it. Even if the existing configuration is not backed by
ifcfg files on-disk, NetworkManager will leave that configuration on the
interface unless told to change it by the user via GUI or CLI tools.
Additional bond interface configuration will be added to expand the use-cases
and hardware that NetworkManager can configure (eg primary, use_carrier,
xmit_hash_policy, etc).
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Proposed F19 Feature: firewalld Rich Language

= Features/FirewalldRichLanguage =
https://fedoraproject.org/wiki/Features/FirewalldRichLanguage

Feature owner(s): Thomas Woerner <twoerner@redhat.com>

This feature adds a rich (high level) language to firewalld, that allows to
easily create complex firewall rules without the knowledge of iptables syntax.

= Detailed Description =
Currently, complex firewall rules can only be added using the direct interface
of firewalld. But this requires to know the syntax of iptables and the rules
are not permanent.

With the rich language more complex firewall rules can be created in an easy to
understand way. The language will use keywords with (sometimes multiple)
values and will be an abstract representation of ip*tables and ebtables rules.
Services and zones can be configured using this language, the current
configuration will still be supported.

A mixture of the old and new configuration of services and zones might be
possible, but this needs to be verified. With the possibility to use the rich
language in services and zones, the configuration will also be permanent.

The configuration with files will be available for Fedora 19. The D-BUS
interface with the command line client should be finished, but this depends on
Fedora 19 schedule. UI work will most likely be available later (depends on
Fedora 19 schedule also).
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Proposed F19 Feature: firewalld Lockdown

= Features/FirewalldLockdown =
https://fedoraproject.org/wiki/Features/FirewalldLockdown

Feature owner(s): Thomas Woerner <twoerner@redhat.com>

This feature adds a simple configuration setting for firewalld to be able to
lock down configuration changes from local applications.

== Detailed description ==
Local applications are able to change the firewall configuration. With this
feature the administator can lock the firewall configuration and these
applications are not able to modify the firewall anymore.

The lockdown feature is the first part of user and application policies for
firewalld and will be disabled by default.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Proposed F19 Feature: Federated VoIP

= Features/FederatedVoIP =
https://fedoraproject.org/wiki/Features/FederatedVoIP

Feature owner(s): Daniel Pocock <daniel@pocock.com.au>

Make it easier for the deployment of federated SIP and XMPP (Jabber) networks,
functioning much like federated SMTP email.

== Detailed description ==
Many VoIP installations still operate on a standalone basis, often with a
single SIP proxy or soft PBX trunking all calls to an external provider.
Ideally, VoIP should be fully federated, with no central provider other than
perhaps the DNS. This feature aims to bring that vision closer to reality, by
making it easier to start a SIP proxy in federated mode, using TLS by default
for security/identity of external peers and benefiting from ENUM for legacy
phone numbers.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Proposed F19 Feature: Apache OpenOffice

= Features/ApacheOpenOffice =
https://fedoraproject.org/wiki/Features/ApacheOpenOffice

Feature owner(s): Andrea Pescetti <pescetti@apache.org>

Add Apache OpenOffice, the free productivity suite, to Fedora.

== Detailed description ==
Apache OpenOffice (formerly OpenOffice.org) is the the leading free and open-
source office software suite.

Donated by Oracle to the Apache Software Foundation in 2011, it is now
developed and supported by a thriving community; it graduated from the Apache
Incubator in October 2012 and it is now an Apache Top-Level Project.

Two new versions, 3.4.0 and 3.4.1, were released in the last 8 months and a
major update, 4.0, is in the works and scheduled for April 2012. Versions
3.4.0 and 3.4.1 totalled 35 million downloads so far (not counting mirrors).

To be clear, this proposal is about merely adding Apache OpenOffice: it doesn't
affect existing office suites included in Fedora and it doesn't require that
Apache OpenOffice is made the default office suite in Fedora.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

[USN-1710-1] OpenStack Glance vulnerability

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJRCFqxAAoJEFHb3FjMVZVzKEkP/2qt1K83vdf8qD3mXYytrEQO
6PpfC7al3oL+IzYcdr/1r7kt64bUQLIqfL8YOYV1Pf2hBllPOG/13+XfROivxSLd
/mWz8o/BbQGtElNGjihPtTfBNpR/KZEBln4n7ttb32cAzTGOJ8cHp5aTK5598xmR
ywMO5VQ0pUQO1yALqjnAY0w8/wvohV2+yiLJtQPwQJz9Lv8xXBwjrg5LiccZEaRz
yVbZIT5C0gawNvLJ0/GWgi26kR6Q4nr85fLSsd0AsrYjWfkw3O/C4OsXGDVqN6Fq
FPpqmesEkSMUdYJfAcAivV8D1P/dcTMbmoaR8HZCL7RgI9J/zlss7KCPvm+owQjV
//GkyTYjoo8BpYGe5E0sdbWv4h47015lJg7x71jE3GVIBKRJoBKLwplS3IsCalnv
lcEcn3Vm8OwcJ5eF26p0xsQXPKjfdy1+ysTKyiByBfP4rCbe76rPgVwx+nmt292t
Wx/NPtMd79phrFIv+wOg7ZaSIlYE5rBD5tOQztZ8NnR6uYg+QIVqLS772NURlC3G
/ZlprMl3UJgqRJB2Ui7HGdWxnCRrXdH+8VaXNxA5Y+dc0bQa/PKIUR0LrpqyCOE6
mLgv8J+kMTvMudrFbLC86ZRbTabkt/1jAaMRQgYgtd3A9r6AL7bTtC0ELppZv4dF
OcU1f/LT3bwxRa/LoGS6
=PyGe
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1710-1
January 29, 2013

glance vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 11.10

Summary:

Glance could be made to expose sensitive information over the network.

Software Description:
- glance: OpenStack Image Registry and Delivery Service

Details:

Dan Prince discovered an issue in Glance error reporting. An authenticated
attacker could exploit this to expose the Glance operator's Swift
credentials for a misconfigured or otherwise unusable Swift endpoint.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.10:
python-glance 2012.2.1-0ubuntu1.1

Ubuntu 12.04 LTS:
python-glance 2012.1.3+stable~20120821-120fcf-0ubuntu1.3

Ubuntu 11.10:
python-glance 2011.3-0ubuntu4.2

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1710-1
CVE-2013-0212

Package Information:
https://launchpad.net/ubuntu/+source/glance/2012.2.1-0ubuntu1.1

https://launchpad.net/ubuntu/+source/glance/2012.1.3+stable~20120821-120fcf-0ubuntu1.3
https://launchpad.net/ubuntu/+source/glance/2011.3-0ubuntu4.2

[USN-1709-1] OpenStack Nova vulnerability

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJRCFnZAAoJEFHb3FjMVZVz9+EQAIF4a2hfYvnSX0Z8pRYVWRDl
yBDp2mG8E05O3CK8daxKTKg+1tmrMm/gMx8BBRtc/6PFNqD20dWTqPp1HtNFUNvW
sZjFETbNAfhWRD23jt2fOXF3Gev5Etnz1GxUcoakNhnAPBpZrZfLNwnuL3ZEmTlj
CeU1G8FxQ/mWO4ZFAm/iZK9+XrXm1VPBcFqt8aGCfLVYjh6ZspyJLZ+VPY0le010
vStnNCswH4CogRXgCi/vu9uzijrlzk2ATDbN73zrNYzhwIjaoCGex45Ho3j4yTcq
89uc4qpNlu3yAIL5j8J/ruUnq2HN3SP9dHJw8xMcGeQFb7RWsKpuKW+mW9drxk0K
3DcHTJUr/dU4EYz8GkarvMiOqwTBdng+ADuRinV0OXcp3aCS0jxAAxXlCA4A2VYt
3lwL+xmTanSh2SfikEtwfMGP/epORawbN3567gfYmZmE+Z/QdaBo3Ri80xrTM9Y0
/B2ZPX0uBfJL14hRwexU5TeIAdpWaN2JuSJ6X/WJJFASue5oSy0gXbw2SaiyWkgD
Tl3Nh5iXaEnV3c3sjjctmqXYG4mxyc4vjhtp4o+T/FFkEbJjcvVY/WNsn5Smni8a
wEizUd07pd227rK1F/zr2Pf/phbCtJxRPeNziOKgQRvDrSp9eoI+OwqbHKxDYAY1
hPlmt48VVUYrnqAXlsSU
=05hF
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1709-1
January 29, 2013

nova vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 11.10

Summary:

Nova volume could be made to expose volumes from other users.

Software Description:
- nova: OpenStack Compute cloud infrastructure

Details:

Phil Day discovered that nova-volume did not validate access to volumes. An
authenticated attacker could exploit this to bypass intended access
controls and boot from arbitrary volumes.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.10:
nova-volume
2012.2.1+stable-20121212-a99a802e-0ubuntu1.1
python-nova
2012.2.1+stable-20121212-a99a802e-0ubuntu1.1

Ubuntu 12.04 LTS:
nova-volume
2012.1.3+stable-20120827-4d2a4afe-0ubuntu1.1
python-nova
2012.1.3+stable-20120827-4d2a4afe-0ubuntu1.1

Ubuntu 11.10:
nova-volume 2011.3-0ubuntu6.11
python-nova 2011.3-0ubuntu6.11

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1709-1
CVE-2013-0208

Package Information:

https://launchpad.net/ubuntu/+source/nova/2012.2.1+stable-20121212-a99a802e-0ubuntu1.1

https://launchpad.net/ubuntu/+source/nova/2012.1.3+stable-20120827-4d2a4afe-0ubuntu1.1
https://launchpad.net/ubuntu/+source/nova/2011.3-0ubuntu6.11

Proposed F19 Feature: Add LVM Thin provisioning support to the yum-fs-snapshot plugin

= Features/YumFsSnapshotThinpSupport =
https://fedoraproject.org/wiki/Features/YumFsSnapshotThinpSupport

Feature owner(s): Ondrej Kozina <okozina AT redhat DOT com>, Mike Snitzer
<snitzer AT redhat DOT com >

For the purposes of system rollback: Provide the ability to create a snapshot
of all thinly provisioned LVM2 volumes associated with FS mount points that
are relevant to a yum transaction.

== Detailed description ==
Yum's fs-snapshot plugin already has support for LVM2's old snapshots. LVM2's
new thinp snapshots offer much more performance and ease administration. It is
desirable to have the life-cycle of snapshots that are created by yum's fs-
snapshot plugin be managed by the snapper utility. As such it could be that
the yum fs-snapshot plugin is extend to provide a wrapper around snapper for
the creation of thinp based snapshots.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Fedora 19 Feature Submission Deadline is TODAY

Just a follow up to yesterday's reminder - Fedora 19 Feature Submission
Deadline is TODAY (2013-01-29 23:59 UTC).

Please make sure your Features are in the correct - FeatureReadyForWrangler -
category. All Features submitted by this deadline will be processed and
announced on devel-announce list but it could take a day/two to process it (+
I may ask you for fix) - also and not to overflood the list with announcements.
Thanks for you patience ;-)

Features announced for more than one week were already scheduled for
tomorrow's FESCo meeting, see FESCo Trac (and you should be on CC).

Jaroslav

_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Proposed F19 Feature: Erlang/OTP R16

= Features/Erlang R16 =
https://fedoraproject.org/wiki/Features/Erlang_R16

Feature owner(s): Peter Lemenkov <lemenkov@gmail.com>

Update Erlang to the upstream R16 release.

== Detailed description ==
Erlang is a general-purpose concurrent programming language and runtime
system. The sequential subset of Erlang is a functional language, with strict
evaluation, single assignment, and dynamic typing. For concurrency it follows
the Actor model. It was designed by Ericsson to support distributed, fault-
tolerant, soft-real-time, non-stop applications. The first version was
developed by Joe Armstrong in 1986. It supports hot swapping, thus code can be
changed without stopping a system. Erlang was originally a proprietary
language within Ericsson, but was released as open source in 1998.

While threads are considered a complicated and error-prone topic in most
languages, Erlang provides language-level features for creating and managing
processes with the aim of simplifying concurrent programming. Though all
concurrency is explicit in Erlang, processes communicate using message passing
instead of shared variables, which removes the need for locks.

The above text was taken from
http://en.wikipedia.org/wiki/Erlang_%28programming_language%29

The status of Erlang and related packages in Fedora/EPEL is shown at Erlang
SIG page - https://fedoraproject.org/wiki/SIGs/Erlang#Current_packages
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

[USN-1708-1] libvirt vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJRB/vYAAoJEGVp2FWnRL6T3G8QALVQKS3LOH3QsUxSFXnWnjk9
pgMGIqPiSFft9hK/pCyoXlEa02L/HaTmIgY4FYIz8lgDygofgidbUPmUAYRjSGKH
6Fjr5vCbBd8WFDsLAxhtvVDYHvPTTRA+2rsMv+716dKf7b2hShALoCICEuQtBmB6
1YRmEBug/Zz0mSNxo6tY2GPiHBOYSgyHANym0wM/HUY3jOL/h+LUYfsYazyrnx2v
jRlMdBBR8bGO/G0UiSrVLH1Irpgt3gdNc3CUzGdzEpfGW5olzDJ4Ekh9WgnJo6sf
Cpe+4JeKJ+YY5Bia7DqSZPLRm/QXDtut2hH5sVZAYWbiOSBUKy2JYD/FEfJFoiX1
q77eoMEzGkVRruxYCiMhw44NF3OxJiiEOZFMlD+R32+1ireabC9vaAlVxGejJB2N
4U8gpmau11WwkQFdOizntvnA5UcfwxVO252BGDEA9vqhFxQBpvEZh9ciVt7x2Wq2
NCOplYNXD9pfKXidcZywL6PGTeXVAMS4C+inmelaVsRAyW1Hm30H/al5wjoURDdZ
e/Ojh+wfrUC9jazefxprQJi47khm7L98rTLmjNT7R6vj3WT2vSjlAQE2zl+f1kZi
5Mh70OOc80P3IfGBxzOjxD18HFN44vuw79cZyN3++xIbkuMPhkCsCTkZj9u9rlzF
BdgehkO5JimulM15d4UC
=QvGx
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1708-1
January 29, 2013

libvirt vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.10
- Ubuntu 12.04 LTS

Summary:

libvirt could be made to crash or run programs if it received specially
crafted network traffic.

Software Description:
- libvirt: Libvirt virtualization toolkit

Details:

Wenlong Huang discovered that libvirt incorrectly handled certain RPC
calls. A remote attacker could exploit this and cause libvirt to crash,
resulting in a denial of service. This issue only affected Ubuntu 12.04
LTS. (CVE-2012-4423)

Tingting Zheng discovered that libvirt incorrectly handled cleanup under
certain error conditions. A remote attacker could exploit this and cause
libvirt to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2013-0170)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.10:
libvirt-bin 0.9.13-0ubuntu12.2
libvirt0 0.9.13-0ubuntu12.2

Ubuntu 12.04 LTS:
libvirt-bin 0.9.8-2ubuntu17.7
libvirt0 0.9.8-2ubuntu17.7

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1708-1
CVE-2012-4423, CVE-2013-0170

Package Information:
https://launchpad.net/ubuntu/+source/libvirt/0.9.13-0ubuntu12.2
https://launchpad.net/ubuntu/+source/libvirt/0.9.8-2ubuntu17.7

Proposed F19 Feature: PreUpgrade Assistant

= Features/PreUpgrade Assistant =
https://fedoraproject.org/wiki/Features/PreUpgrade_Assistant

Feature owner(s): Nils Philippsen <nils@redhat.com>, Phil Knirsch
<pknirsch@redhat.com>

The PreUgrade assistant is a tool to help people upgrade from one release to
another and be sure to track important manual configuration changes they
performed.

== Detailed description ==
The idea behind the The PreUpgrade assistant came from the notion that even
during the rather short release cycles in Fedora occasionally there are
changes that are incompatible between releases and which are either hard or
nearly impossible to cover during a standard package upgrade. Examples would
be major version upgrades of applications or services that change configuration
file syntax or on-disk date format changes.

The assistant works by analyzing the source system and will generate a report
which will offer information and configuration files for typically changed
settings and services. It offers a plugin architecture where component or
functional area owners can contribute and write their on plugins in python
that can generate additional information for the report.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Proposed F19 Feature: KDE Plasma Workspaces 4.10

= KDE Plasma Workspaces 4.10 =
https://fedoraproject.org/wiki/Features/KDE410

Feature owner(s): rdieter@fedoraproject.org, ltinkl@redhat.com,
than@redhat.com, jreznik@redhat.com

Rebase to KDE Plasma Workspace 4.10. including Plasma Desktop and Netbook
workspaces, the KDE Applications and the KDE Platform.

== Detailed description ==
New features overview
* KDE Plasma Workspaces, KDE Applications and KDE Platform 4.10
* based on top of Qt 4.8
* New Screen Locker, a new screen locking mechanism based on QtQuick brings
more flexibility and security to Plasma Desktop.
* Animated Wallpapers
* Qt Quick in Plasma Workspaces
* Improved Zooming in Okular
* New Print Manager plasma applet and settings module
* Faster indexing, improvements in the Nepomuk semantic engine allows faster
indexing of files.
* KWin supports global menu (appmenu-qt should be added to kickstart)
* New Apper plasma applet for better updates notifications
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Proposed F19 Feature: Trusted Network Connect (TNC)

= Features/Trusted Network Connect (TNC) =
https://fedoraproject.org/wiki/Features/Trusted_Network_Connect_%28TNC%29

Feature owner(s): Avesh Agarwal <avagarwa@redhat.com>

This feature provides Trusted Network Connect(TNC) framework that can be used
to assess and verify clients' posture (or integrity measurements or
configuration) and its compliance to a predefined policy with existing network
access control (NAC) solutions.

== Detailed description ==
Traditionally network access control (NAC) has lacked the ability in its
decision making to asses endpoint's security posture and its compliance to
enterprise policies. This lack of assessment may leave an enterprise's network
vulnerable to malicious attacks. Trusted Computing Group (TCG) (and IETF too)
has defined an open architecture called Trusted network connect (TNC) (IETF's
Network Endpoint Assessment (NEA)) to fill this gap. TNC, as part of its
architectural components, includes integrity measurement collectors (IMCs) and
TNC client at endpoint and integrity measurement verifiers (IMVs) and TNC
server at enterprise network side communicating over NAC solutions such as EAP
with 802.1X to evaluate and verify the security posture of the endpoint
against the enterprise policies before allowing network access. For this, TCG
has released transport (IF-T), session (IF-TNCCS) and messaging (IF-M)
standards which are open and interoperable. TNC architecture by virtue of it's
IF-M protocol can leverage NIST's SCAP's (OpenSCAP) automated security aspects
for measurement collection, verification and remediation. In addition, TCG has
defined IF-PTS and PTS protocol specifications to integrate platform trust
services (PTS) with TNC for TPM based attestation of integrity measurements.
PTS protocol defines messaging payloads to be used over IF-M protocol.

This feature includes the aforementioned functionalities and aims to provide
an end-to-end network based client assessment, verification and remediation.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Proposed F19 Feature: OpenShift Origin

= Features/OpenShift_Origin =
https://fedoraproject.org/wiki/Features/OpenShift_Origin

Feature owner(s): Troy Dawson <tdawson@redhat.com>

OpenShift Origin is a cloud application platform as a service (PaaS). It is
the open sourced, community supported version of OpenShift.

== Detailed description ==
OpenShift Origin is a cloud application platform as a service (PaaS). It is
the open sourced, community supported version of OpenShift

OpenShift is Red Hat's Cloud Computing Platform as a Service (PaaS) offering.
OpenShift is an application platform in the cloud where application developers
and teams can build, test, deploy, and run their applications.

OpenShift Origin takes care of all the infrastructure, middleware, and
management and allows the developer to focus on what they do best: designing
and coding applications.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Proposed F19 Feature: Ease Of Use: System Management with OpenLMI

= Features/OpenLMIEaseOfUse =
https://fedoraproject.org/wiki/Features/OpenLMIEaseOfUse

Feature owner(s): Tomáš Smetana <tsmetana at redhat.com >

Add providers and capabilites to the OpenLMI infrastructure that would ease
the remote system management.

== Detailed description ==
The OpenLMI project provides a common infrastructure for the management of
Linux systems. The goal is to add the missing parts that would enable remote
management of a Fedora system:

* Complete the CIM storage API to allow for a better remote storage management
* Add a new provider and extend the existing ones to allow for a remote
hardware information retrieval (HW inventory)
* Add a new provider that would allow for a remote AD/Kerberos realms
enrollment
* Add a new provider that would allow for a remote Firewall management
(open/close a particular port) through firewalld
* Improve the software management in OpenLMI to allow for a comprehensive
remote package management
* Add and improve the remote system monitoring using OpenLMI
* Improve the OpenLMI Shell to allow for a quick and easy scriptable remote
management
* Allow to use OpenLMI under selinux enforcing policy
* Possibly add providers to allow management also other system parts:
Containers, SELinux, SCAP scans, performance monitoring
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Proposed F19 Feature: Multiqueue virtio-net

= Features/MQ virtio net =
https://fedoraproject.org/wiki/Features/MQ_virtio_net

Feature owner(s): Jason Wang <jasowang@redhat.com>

Multiqueue virtio-net provides an approach that scales the network performance
as the increasing of the number of vcpus by allowing them to transfer packets
through more than one virtqueue pairs.

== Detailed description ==
Today's high-end server have more processors, guests running on them tend have
an increasing number of vcpus. The scale of the protocol stack in guest in
restricted because of the single queue virtio-net:

* The network performance does not scale as the number of vcpus increasing:
Guest can not transmit or retrieve packets in parallel as virtio-net have only
one TX and RX, virtio-net drivers must be synchronized before sending and
receiving packets. Even through there's software technology to spread the
loads into different processor such as RFS, such kind of method is only for
transmission and is really expensive in guest as they depends on IPI which may
brings extra overhead in virtualized environment.
* Multiqueue nic were more common used and is well supported by linux kernel,
but current virtual nic can not utilize the multi queue support: the tap and
virtio-net backend must serialize the co-current transmission/receiving
request comes from different cpus.

In order the remove those bottlenecks, we must allow the paralleled packet
processing by introducing multi queue support for both back-end and guest
drivers. Ideally, we may let the packet handing be done by processors in
parallel without interleaving and scale the network performance as the number
of vcpus increasing.

The following parts were changed to parallize the packet processing:

* tuntap: convert the driver to multiqueue by allowing multiple socket/fd to
be attached to the device, each socket/fd exposed by the device could be
treated as a queue.
* qemu:
* net: Add multiple queue infrastructure to qemu
* let qemu can create multiple vhost threads for a virtio-net device
* userspace multiple queue virtio-net
* guest driver: let the driver can use multiple virtqueues to do packet
sending/receiving.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Proposed F19 Feature: More Mobile Broadband

= Features/MoreMobileBroadband =
https://fedoraproject.org/wiki/Features/MoreMobileBroadband

Feature owner(s): Dan Williams <dcbw at redhat dot com>

New mobile broadband devices supporting multiple technologies (eg,
CDMA/EVDO/LTE and/or GSM/UMTS/LTE) and using new proprietary protocols are
becoming common in the marketplace, and are not well supported by ModemManager
0.6 and earlier. We developed ModemManager 0.7/0.8 with a new API specifically
to address this issue and to be more compatible with future mobile broadband
devices.

== Detailed description ==
Multi-mode Qualcomm-based devices have on the market since 2009 and support
multiple WWAN technologies, often at the same time or with a runtime firmware
change. CDMA-based carriers migrating to LTE (like Verizon, Sprint, China
Telecom, KDDI, etc) require these multi-mode devices to ensure that coverage
is not interrupted when handoff between CDMA/EVDO and LTE occurs.

ModemManager 0.6's D-Bus API simply could not be extended to handle these
cases, and due to this, the opportunity was taken to rewrite the API to ensure
future functionality could be more easily supported in the D-Bus API.

Additionally, most newer Qualcomm chipsets (which the majority of phones and
data cards contain) use the proprietary QMI protocol for most operations
instead of their limited AT command port. We have developed the libqmi library
to support these devices, and ModemManager 0.7 and later use libqmi to provide
fully-featured support for these Qualcomm devices.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Proposed F19 Feature: Enterprise / distributed two-factor authentication

= Features/EnterpriseTwoFactorAuthentication =
https://fedoraproject.org/wiki/Features/EnterpriseTwoFactorAuthentication

Feature owner(s): Daniel Pocock <daniel@pocock.com.au>

Provide a flexible solution for two-factor authentication on a distributed
basis, suitable for enterprise and SSO.

== Detailed description ==
Most OTP solutions for two-factor authentication require some kind of storage
backend for counters or other volatile data. Early implementations work with
flat files on a single host. dynalogin was created to bring stability and
flexibility, storing counters in just about any type of database. Other
solutions such as totp-cgi have similar goals (although it only mentions
Postgres support, whereas dynalogin can use MySQL thanks to UNIXODBC).
dynalogin has been successfully integrated with the SimpleID provider for
OpenID authentication.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Proposed F19 Feature: Dracut HostOnly

= Features/DracutHostOnly =
https://fedoraproject.org/wiki/Features/DracutHostOnly

Feature owner(s): Harald Hoyer <harald@redhat.com>

Only create "host-only" initramfs images. A generic fallback image should be
installed by anaconda on installation/update and never ever be removed.

== Detailed description ==
Current initramfs images contain most of the kernel drivers to boot from any
hardware. This results in a very big initramfs, which takes a long time to
load on system start and a long time to create on kernel updates. Switching to
host-only will improve the situation. To cope with hardware change, a boot
entry "Rescue System" should be installed with a full fledged initramfs also
containing debug tools. This boot entry can then be used to recover from
hardware changes and also from unforseen software failure after updates.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Proposed F19 Feature: CUPS 1.6

= Features/CUPS1.6 =
https://fedoraproject.org/wiki/Features/CUPS1.6

Feature owner(s): Tim Waugh <twaugh@redhat.com>, Jiri Popelka
<jpopelka@redhat.com>

Update CUPS to the latest upstream release and use PDF rather than PostScript
as baseline document format.

== Detailed description ==
CUPS 1.6 was released in July 2012 and has brought several important changes
* Merged Fedora's patch for color management using colord
* Merged Fedora's patch for mDNS/DNS-SD support using Avahi
* Removed support for CUPS Browsing and Polling
* The CUPS Browsing protocol is currently the primary mechanism for CUPS-
to-CUPS printer queue discovery on Linux. It works by having each CUPS server
periodically broadcast UDP packets on port 631 announcing its available
queues, and listening for broadcasts from other CUPS servers. CUPS Browsing
protocol has no longer been meeting the requirements of current networking
technologies, and in fact has had some bad effects on wireless networks due to
the use of UDP broadcasts. Rather than trying to address these issues by
introducing a new and incompatible update to the protocol, the existing
mDNS/DNS-SD standards can serve as a ready replacement and actually has been
used in CUPS for many years now.
* All filters and backends not used by Mac OS X have been dropped
* These filters and backends, together with the filters for the PDF printing
workflow are now hosted as the cups-filters project at linuxfoundation.org.

PDF printing workflow
* Currently CUPS uses PostScript as the common format for manipulating print
jobs. We want to switch the standard print job transfer format from PostScript
to PDF, which has many important advantages.
* Additional filters for the PDF printing workflow have been added to the cups-
filters project.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce