Tuesday, January 29, 2013

Proposed F19 Feature: Better NetworkManager IPSec Integration

= Features/BetterNetworkManagerIPSecIntegration =
https://fedoraproject.org/wiki/Features/BetterNetworkManagerIPSecIntegration

Feature owner(s): Dan Williams <dcbw at redhat dot com>

IPSec usage is becoming more popular and the existing NetworkManager IPSec VPN
plugin will be enhanced to better support these use-cases and fix known bugs.

== Detailed description ==
The existing VPN plugin uses the openswan IPSec package to provide IPSec
functionality for NetworkManager users. Communication with openswan could be
much more robust and secure by communicating directly with openswan's tools
rather than writing secrets and other configuration out to temporary files like
openswan current requires. Furthermore, NetworkManager should be enhanced to
allow for route-based tunnel connections instead of requiring a TUN/TAP
interface for each VPN connection.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

No comments:

Proposed F19 Feature: Anaconda Realm Integration

= Features/AnacondaRealmIntegration =
https://fedoraproject.org/wiki/Features/AnacondaRealmIntegration

Feature owner(s): Vratislav Podzimek <vpodzime@redhat.com>, Stef Walter
<stefw@redhat.com>

Kickstart will have a 'realm join example.com' command, to join the machine
during install to an AD or FreeIPA domain. This will take place using one time
passwords or password-less joins to an AD or FreeIPA domain.

== Detailed description ==
realmd is an on demand system DBus service, which allows callers to configure
network authentication and domain membership in a standard way. realmd
discovers information about the domain or realm automatically and does not
require complicated configuration in order to join a domain or realm.

By integrating realmd with Kickstart and Anaconda, administrators will be able
to add machines to a domain en-masse. This can be done without leaking
administrative domain credentials into the kickstart fail.

In addition there will be a GUI for joining a domain during the anaconda
install process.

This will be implemented as an Anaconda addon, to help keep the scope and base
feature set of Anaconda in check.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

No comments:

Proposed F19 Feature: AnacondaNewUI Followup

= Features/AnacondaNewUI Followup =
https://fedoraproject.org/wiki/Features/AnacondaNewUI_Followup

Feature owner(s): Chris Lumens <clumens@redhat.com>

The purpose of this feature is to describe the high level work items we have
for anaconda related to newui in F-19.

== Detailed description ==
* Add in advanced storage capabilities in to the UI (device filtering,
multipath/iscsi/zfcp/fcoe configuration, etc).
* Make system-config-kickstart work again. The removal of
iw/GroupSelector.py from anaconda caused it to break. (#859928)
* Move to a some tool that prevents or avoids the GTK+ redraw ugliness
(e.g., mutter). (#858684)
* Review UX design suggestions from different users and groups and
incorporate adjustments that make sense and work well with the overall design.
* Improve anaconda's threading. Right now it is difficult to tell what
thread a method is executing in and whether or not you can do GTK calls
directly. We need either a policy or a technical solution to this.
* Allow selecting multiple disks. (#864707)
* Allow a faster way of deleting everything on a disk. (#880686)
* Add repo needs to work.
* Updates checkbox needs to work. Needs backend code and then made visible
in the UI.
* Add new firstboot-type questions to the second hub (dependent on the
firstboot work, which is another feature).
* Expand text mode to offer more or the same installation options as the
graphical mode. We don't anticipate the text mode being capable of 100%
similarity to the graphical mode, but we want it to be closer than where it is
now. As it stands, it is comparable to the former reduced text mode in F-17
and earlier.
* Use the blivet storage module in anaconda once that code is broken out
in to a separate project (blivet is the name of the anaconda storage library
becoming a standalone Python module).
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

No comments:

Monday, January 28, 2013

[CentOS-announce] CESA-2013:0199 Important CentOS 6 libvirt Update

CentOS Errata and Security Advisory 2013:0199 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2013-0199.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
880a2564b9c1b120b001ebfc57a2765763ef66a170b40405deef201e4ba5698a libvirt-0.9.10-21.el6_3.8.i686.rpm
f132baecba83484560d1720c9cefebe2029514315878b32f1bc7294473669937 libvirt-client-0.9.10-21.el6_3.8.i686.rpm
d24ba4cdd52ea49e1a270a4a571e006f2f5e8b518af932e3124817cc193b45de libvirt-devel-0.9.10-21.el6_3.8.i686.rpm
d7bca83b7d2ac0a2ec89f108158a88ff2907fc5fa974f4c2b8775b480daecca3 libvirt-python-0.9.10-21.el6_3.8.i686.rpm

x86_64:
27d7eb63e13c6b6089f5dcd0b363236ea3d882062f7cfd392dc46317a48574ee libvirt-0.9.10-21.el6_3.8.x86_64.rpm
f132baecba83484560d1720c9cefebe2029514315878b32f1bc7294473669937 libvirt-client-0.9.10-21.el6_3.8.i686.rpm
fae89ea4ccc4e98dbe8bc0adf0d96ac3275e4818eb3a31f97407e891f467c92f libvirt-client-0.9.10-21.el6_3.8.x86_64.rpm
d24ba4cdd52ea49e1a270a4a571e006f2f5e8b518af932e3124817cc193b45de libvirt-devel-0.9.10-21.el6_3.8.i686.rpm
1c1e7dea98cf5cfa0ba319525c5de482c7e4e1c64cb1ba279cb1a49819ac3245 libvirt-devel-0.9.10-21.el6_3.8.x86_64.rpm
82711c817a9fe952e876d56295ed186bd8e574be45acde611f7f2261923216a0 libvirt-lock-sanlock-0.9.10-21.el6_3.8.x86_64.rpm
b966795762b8c83bfb11e16adf3f4847ee4b6b720a23c3c80afc005e8967403a libvirt-python-0.9.10-21.el6_3.8.x86_64.rpm

Source:
05cb232df3bc8b740dbadae94666e4e260bfc119a5dc63d97f8953c1806a4504 libvirt-0.9.10-21.el6_3.8.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

[USN-1707-1] libssh vulnerability

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJRBro6AAoJEGVp2FWnRL6T/acP+gPE2Ncfj7zUmrx6sRW1xmPt
rGkoxYbUgJ8Ii80ZgwZ4XWrrhlu/DXyu6aw13PAIJ6HC5Pg0h1MWCPDa41DI6ZSK
n+IvNmNVLsYK3KaifARhVD7gErGgyZcPwDGbMdRcLI2ATAk3HYOQKwRLAJS4RdmN
Fbi0qml97/agxtkdOx+OteEqwxKGEXprBREWO9kGuuQ6MkikPaGO2E0aHhQkjUgL
dy5Lzliz2P8OQQAg45Jpz4OChymGlJV6WZf667j6QX1THb24W3I2FUoC+b/zf3xA
6zc/ilgxE47c/JKT9FL3BjkGzVGHf7RU008c/oyG3dqeQWO/n4XTGWTzblIpIjDN
sAGXPs2eJAcrpQD9+fJxSiaUY42i4pUNxxwcGXEX+6Y1gEwH7evyeoGY79BeUTuJ
wv7YnwU4fCFV9ig+18TCM+i+N1CB9qX/ekTbo0mlOEtn+ZvuJyCVVTIvHD3+eK4A
92pVbVCbKAukiLy8hz+1KZG2R8SzlN0zjoVsIktIk9pJAq2FRiHs98WmEgMUzOwK
cY/Tz3u67h2NvuT3mAxGdqk0rKngLSvU6EqY1ffVZtm6b2Rdfth07WUSs2r8CRgl
nLWiY2cBMYbTnvKuKAwr+o44I0r/YRWjOPAeQmHArm0dEMNf7wvxmM6m4Ma5QJ+z
TX09dj6RT6D6EGQJR+lG
=w4k0
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1707-1
January 28, 2013

libssh vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 10.04 LTS

Summary:

libssh could be made to crash if it received specially crafted network
traffic.

Software Description:
- libssh: A tiny C SSH library

Details:

Yong Chuan Koh discovered that libssh incorrectly handled certain
negotiation requests. A remote attacker could use this to cause libssh to
crash, resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.10:
libssh-4 0.5.2-1ubuntu0.12.10.2

Ubuntu 12.04 LTS:
libssh-4 0.5.2-1ubuntu0.12.04.2

Ubuntu 11.10:
libssh-4 0.5.2-1ubuntu0.11.10.2

Ubuntu 10.04 LTS:
libssh-4 0.4.2-1ubuntu1.2

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1707-1
CVE-2013-0176

Package Information:
https://launchpad.net/ubuntu/+source/libssh/0.5.2-1ubuntu0.12.10.2
https://launchpad.net/ubuntu/+source/libssh/0.5.2-1ubuntu0.12.04.2
https://launchpad.net/ubuntu/+source/libssh/0.5.2-1ubuntu0.11.10.2
https://launchpad.net/ubuntu/+source/libssh/0.4.2-1ubuntu1.2
No comments:

[USN-1706-1] FFmpeg vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJRBotEAAoJEGVp2FWnRL6ToggP/0thWTwNuRirxFalyTzaI8O3
fuxFJWgTm9BSCKJgnqnRyBxcRRVRjhWO2qlel4WMcpU+2F2fUT3N+U5m5S2i6JCj
HKCc5tcAlghjeVpSA18XzuqVFE+yWFG+Ywm7BHWRaPgoJVRFbujI6o8ECLrdpviQ
QAuNyP5WUBj2C1ukMm/RwROVFzyBmlirubXkwrjUOXF6KUjAVFYqNY8P6dONZlya
h0KTkAcjmSlJtGNqaNPXWGzbRl6PZp+US4k52KB35Qd6ybthrcqgMuPGAwRn7R9h
0WuDKf2OggTOz9KSAEijotqBcUdG9HaqUIPZoRAwEMfREUpgVq5VEQISV5tPYvso
yh5G48U8OU93OdOg9+9VI6tQC92rkJrDYVYItCuJuYUJgy9toP0LSExlIsyQOq4J
mkj0lnbFgS19kuFlbemRBA8D9AaqFV7GasP22CxzRdCuWQ9umzu0oXOQvBjdKfWt
oifbk+SW/sQZys30B2VD92QQNjto58KaT//UAu6ZJvRPFRuolf8EIjYjOJ+3aMvx
zyzTvUj8SSYZa1n5qZZV6gaCb6U2MkfvV7CXm5D/T3LqD40x+E0lzqAcjy2hIDIl
Iz06rLGaaaNIeV7Ylttfqu+hO1Q9KKAybRCnw3Nk/5Y8OSosaU70dlPlXUeqphHf
kSdNMDA+rrXQfjDcktvS
=NPp+
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1706-1
January 28, 2013

ffmpeg vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 10.04 LTS

Summary:

FFmpeg could be made to crash or run programs as your login if it opened a
specially crafted file.

Software Description:
- ffmpeg: multimedia player, server and encoder

Details:

It was discovered that FFmpeg incorrectly handled certain malformed media
files. If a user were tricked into opening a crafted media file, an
attacker could cause a denial of service via application crash, or possibly
execute arbitrary code with the privileges of the user invoking the
program.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 10.04 LTS:
libavcodec52 4:0.5.9-0ubuntu0.10.04.3
libavformat52 4:0.5.9-0ubuntu0.10.04.3

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1706-1
CVE-2012-2783, CVE-2012-2803

Package Information:
https://launchpad.net/ubuntu/+source/ffmpeg/4:0.5.9-0ubuntu0.10.04.3
No comments:

[USN-1705-1] Libav vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJRBosjAAoJEGVp2FWnRL6TU1UP/iU/ZYFv2JK74MrVkrNUcLUC
eWT802uR6DOs4UIic+Lutv6apkxpAODXN66l8Fb1FPBEwR/QjnoE5pTZJd4UQkAv
Dyx1QjkSOiU1PL74SikqCjCC3Z2uDlLXWsXdhH1x5nAtZZBlyW+ZZcU7yCwCsIQE
BXuFXO50WzMI/AFHl7qOSYw6iDuDZBVhvybeKiFlZjKEACBd8sRVsli/DU0FBhnb
qDUwYNRZdD8nkLckIv2m+BMBqBVsA31gZKIepmJQyOimYzSOZGvmYQlyNby++S69
/VbsYfns0+3sAnnZAnGs9Sv1W9Ro7pa4lJ30BPWRPBT2mXusRx/ndHiRKxKoUHnC
hRWXSCRd+i9G/LCkEkq27TIFO4OKC8PEbf4MKpFiV1Bx58pvDOpwqIipDZiTYG6i
FF7uE3Fhp2ZOCGGFqm9sP/poAdTvtBr+N5VivJJ8r2KrY6AILZPqokySLf/wbSwI
0T0GXuyGJkO1FZHM9aa6oyv1jsxXtj3SzG9xsRvtabqTkQatFr9LooIaZPLODJk4
2Ota1I/zY4mHVRRESQpDNp+/iyF6e2SmpxnxHvQXCS0RQxZ5IJTXdcKMWAbsdBnN
7IX5IIXjr//tTvKuD8lQyDr7S+9MddMvNNHk70emyYwwvoa8PlHMGcnODUcO6AVC
iHbdBJ3UwKKzpBOZ8mAf
=4wBW
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1705-1
January 28, 2013

libav vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 11.10

Summary:

Libav could be made to crash or run programs as your login if it opened a
specially crafted file.

Software Description:
- libav: Multimedia player, server, encoder and transcoder

Details:

It was discovered that Libav incorrectly handled certain malformed media
files. If a user were tricked into opening a crafted media file, an
attacker could cause a denial of service via application crash, or possibly
execute arbitrary code with the privileges of the user invoking the
program.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.10:
libavcodec53 6:0.8.5-0ubuntu0.12.10.1
libavformat53 6:0.8.5-0ubuntu0.12.10.1

Ubuntu 12.04 LTS:
libavcodec53 4:0.8.5-0ubuntu0.12.04.1
libavformat53 4:0.8.5-0ubuntu0.12.04.1

Ubuntu 11.10:
libavcodec53 4:0.7.6-0ubuntu0.11.10.3
libavformat53 4:0.7.6-0ubuntu0.11.10.3

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1705-1
CVE-2012-2783, CVE-2012-2791, CVE-2012-2797, CVE-2012-2798,
CVE-2012-2801, CVE-2012-2802, CVE-2012-2803, CVE-2012-2804,
CVE-2012-5144

Package Information:
https://launchpad.net/ubuntu/+source/libav/6:0.8.5-0ubuntu0.12.10.1
https://launchpad.net/ubuntu/+source/libav/4:0.8.5-0ubuntu0.12.04.1
https://launchpad.net/ubuntu/+source/libav/4:0.7.6-0ubuntu0.11.10.3
No comments:

Proposed F19 Feature: Yum Groups as Objects

= Features/YumGroupsAsObjects =
https://fedoraproject.org/wiki/Features/YumGroupsAsObjects

Feature owner(s): James Antill <james@fedoraproject.org>

Change the default yum configuration from group_command=compat to
group_command=objects.

== Detailed description ==
Currently yum groups work as a simple substitution, so "yum group remove foo"
works as though you took every package from foo and passed it to "yum remove".
This tends to not be what users expect, for example "yum group install kde-
desktop" and then "yum group remove kde-desktop" will end up removing packages
(like abrt-desktop). This feature changes that so that groups are installed as
real objects, meaning that when a user does "yum group install foo" yum will
mark that the packages from foo are being installed (as before) but also that
a group called foo is being installed and that those packages are installed
because of it. Later if the group is removed, yum will remove the group and
only those packages that were installed because of the group install/upgrade
commands.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

No comments:

Proposed F19 Feature: OpenAttestation

= Features/OpenAttestation =
https://fedoraproject.org/wiki/Features/OpenAttestation

Feature owner(s): Gang Wei <gang.wei@intel.com>

Provide fedora packages for OpenAttestation to support Trusted Compute
Pools(TCP) feature in OpenStack since Folsom release & in future oVirt
releases.

== Detailed description ==
This feature would include mostly packaging OpenAttestation project for
fedora.

* the source package will be named oat
* the binary packages will include oat-appraiser & oat-client
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

No comments:

Proposed F19 Feature: New firstboot

= Features/NewFirstboot =
https://fedoraproject.org/wiki/Features/NewFirstboot

Feature owner(s): Martin Sivák <msivak@redhat.com>

This feature proposes new initial setup application with better integration to
the NewUI anaconda and to Gnome Initial Experience.

== Detailed description ==
Since the Anaconda installer moved to the NewUI Hub and Spoke concept, we can
reuse much of it's architecture and screens in the after reboot configuration
utility -- initial-setup. So the idea behind the firstboot replacement is that
we will have a new app that will use the same Hub and Spoke model and the same
API as Anaconda.

This will give us the possibility of letting the user configure his system
either during the package extraction or after reboot (important for OEMs). It
will also allow other teams (power management, security team, IPA) to prepare
their own screens for Anaconda and initial-setup and so further enhancing the
user experience.

Anaconda, initial-setup and Gnome Inital Experience will communicate to ensure
the screens are not shown multiple times. So for example the root password
setup or user creation process will be done only in one place, depending on
the installed system.

The old Firstboot will still stay as a fallback in case somebody still has his
old Firstboot plugins he needs to use.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

No comments:

Proposed F19 Feature: MinGW GCC 4.8

= Features/MinGW GCC 4.8 =
https://fedoraproject.org/wiki/Features/MinGW_GCC_4.8

Feature owner(s): Erik van Pienbroek <epienbro@fedoraproject.org>

Update the mingw-gcc cross-compiler to gcc 4.8 and rebuild all MinGW packages
against it.

== Detailed description ==
The Fedora MinGW SIG maintains over a large number of packages which allows
users to build binaries for the win32 and win64 targets using the mingw-w64
toolchain. One of the goals of the Fedora MinGW SIG is to have the package
versions as close as possible to their native counterparts as mentioned in our
packaging guidelines.

As gcc 4.8 was accepted as a feature for Fedora 19 we intend to update the
mingw-gcc package in Fedora 19 as well to gcc 4.8.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

No comments:

Proposed F19 Feature: libkkc - a new Japanese Kana Kanji input library

= Features/libkkc =
https://fedoraproject.org/wiki/Features/libkkc

Feature owner(s): Daiki Ueno <ueno at gnu.org>

libkkc, a new Japanese Kana Kanji input library, will be available in Fedora
19, along with an IBus input method engine which uses libkkc as backend (ibus-
kkc).

== Detailed description ==
There are currently two options for typical users to input Japanese sentences:
ibus-anthy or ibus-mozc. However, both have issues:

* ibus-anthy
- Anthy, the backend library, has been dead upstream for years.
- The accuracy is not good because of bugs in the core algorithm of Anthy.
* ibus-mozc
- Contributions to the input method are limited to Google employees.
- There are no library interface. That means it cannot easily be used by other
input method frameworks than IBus, such as Fcitx and uim.

libkkc and ibus-kkc will be a better replacement of those.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

No comments:
Subscribe to: Posts (Atom)