Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: <updates <at> fedoraproject.org>
Subject: [SECURITY] Fedora 18 Update: bzr-2.5.1-11.fc18
Newsgroups: gmane.linux.redhat.fedora.package.announce
Date: Friday 7th June 2013 03:01:38 UTC (over 3 years ago)
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-9620
2013-05-30 02:06:16
--------------------------------------------------------------------------------

Name        : bzr
Product     : Fedora 18
Version     : 2.5.1
Release     : 11.fc18
URL         : http://www.bazaar-vcs.org/
Summary     : Friendly distributed version control system
Description :
Bazaar is a distributed revision control system that is powerful, friendly,
and scalable.  It is the successor of Baz-1.x which, in turn, was
a user-friendly reimplementation of GNU Arch.

--------------------------------------------------------------------------------
Update Information:

* Fixes CVE-2013-2099, maliciously crafted SSL certificate can cause a
denial of service.
* Builds the C extensions from the Cython source instead of the
pregenerated C files.
* Build without strict-aliasing on Fedora versions which have a bug in the
python distutils module.
* Install the localization files
* (F17-only) Update from upstream 2.5.0 to 2.5.1 
--------------------------------------------------------------------------------
ChangeLog:

* Tue May 28 2013 Toshio Kuratomi  - 2.5.1-11
- BuildRequires Cython so that the C extensions are built from their
original sources.
* Tue May 28 2013 Ondrej Oprala  2.5.1-8
- Fix conditional include of python-paramiko
* Fri May 24 2013 Ondrej Oprala  - 2.5.1-7
- Turn off strict aliasing in CFLAGS
* Fri May 24 2013 Ondrej Oprala  - 2.5.1-6
- Add condition not to include python-paramiko in RHEL7 and above
* Fri May 24 2013 Ondrej Oprala  - 2.5.1-5
- Fix unpackaged files error
* Thu May 23 2013 Toshio Kuratomi  - 2.5.1-4
- Patch for CVE-2013-2099
- Trim changelog
* Wed Feb 13 2013 Fedora Release Engineering
 - 2.5.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #963260 - CVE-2013-2098 CVE-2013-2099 python:
ssl.match_hostname() DoS via certificates with specially crafted hostname
wildcard patterns
        https://bugzilla.redhat.com/show_bug.cgi?id=963260
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update bzr' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on
the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/package-announce
 
CD: 4ms