[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 458/05 - Five Fedora Update Notifications:



 
-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------------------
   UNIRAS (UK Govt CERT) Briefing Notice - 458/05 dated 17.06.05  Time: 14:40  
  UNIRAS is part of NISCC (National Infrastructure Security Co-ordination Centre)
- ---------------------------------------------------------------------------------- 
  UNIRAS material is also available from its website at www.uniras.gov.uk and
         Information about NISCC is available from www.niscc.gov.uk
- ----------------------------------------------------------------------------------

Title
=====

Five Fedora Update Notifications:

1. FEDORA-2005-410 - gaim

2. FEDORA-2005-427 - spamassassin

3. FEDORA-2005-411 - gaim

4. FEDORA-2005-405 - mikmod

5. FEDORA-2005-428 - spamassassin

Detail
====== 

1. Gaim allows you to talk to anyone using a variety of messaging
protocols, including AIM (Oscar and TOC), ICQ, IRC, Yahoo!,
MSN Messenger, Jabber, Gadu-Gadu, Napster, and Zephyr.  These
protocols are implemented using a modular, easy to use design.
To use a protocol, just add an account using the account editor.

2. SpamAssassin provides you with a way to reduce if not completely eliminate
Unsolicited Commercial Email (SPAM) from your incoming email.  It can
be invoked by a MDA such as sendmail or postfix, or can be called from
a procmail script, .forward file, etc.  It uses a genetic-algorithm
evolved scoring system to identify messages which look spammy, then
adds headers to the message so they can be filtered by the user's mail
reading software.  This distribution includes the spamd/spamc components
which create a server that considerably speeds processing of mail.

3. Gaim allows you to talk to anyone using a variety of messaging
protocols, including AIM (Oscar and TOC), ICQ, IRC, Yahoo!,
MSN Messenger, Jabber, Gadu-Gadu, Napster, and Zephyr.  These
protocols are implemented using a modular, easy to use design.
To use a protocol, just add an account using the account editor.

4. MikMod is one of the best and most well known MOD music file players
for UNIX-like systems.  This particular distribution is intended to
compile fairly painlessly in a Linux environment. MikMod uses the OSS
/dev/dsp driver including all recent kernels for output, and will also
write .wav files. Supported file formats include MOD, STM, S3M, MTM,
XM, ULT, and IT.  The player uses ncurses for console output and
supports transparent loading from gzip/pkzip/zoo archives and the
loading/saving of playlists.

5. SpamAssassin provides you with a way to reduce if not completely eliminate
Unsolicited Commercial Email (SPAM) from your incoming email.  It can
be invoked by a MDA such as sendmail or postfix, or can be called from
a procmail script, .forward file, etc.  It uses a genetic-algorithm
evolved scoring system to identify messages which look spammy, then
adds headers to the message so they can be filtered by the user's mail
reading software.  This distribution includes the spamd/spamc components
which create a server that considerably speeds processing of mail.



1.


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-410
2005-06-16
- ---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : gaim
Version     : 1.3.1
Release     : 0.fc3
Summary     : A Gtk+ based multiprotocol instant messaging client
Description :
Gaim allows you to talk to anyone using a variety of messaging
protocols, including AIM (Oscar and TOC), ICQ, IRC, Yahoo!,
MSN Messenger, Jabber, Gadu-Gadu, Napster, and Zephyr.  These
protocols are implemented using a modular, easy to use design.
To use a protocol, just add an account using the account editor.

Gaim supports many common features of other clients, as well as many
unique features, such as perl scripting and C plugins.

Gaim is NOT affiliated with or endorsed by America Online, Inc.,
Microsoft Corporation, or Yahoo! Inc. or other messaging service
providers.

- ---------------------------------------------------------------------
Update Information:

More bug and denial of service fixes.
- ---------------------------------------------------------------------
* Thu Jun  9 2005 Warren Togami <wtogami@xxxxxxxxxx> 1:1.3.1-0
- - 1.3.1 more bug fixes
   CAN-2005-1269 CAN-2005-1934
- - enable Message Notification plugin by default

- ---------------------------------------------------------------------
This update can be downloaded from:
   http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

290bcd97b27afcd71c802b72993250c5  SRPMS/gaim-1.3.1-0.fc3.src.rpm
3a6a13610fad43bdb784c376899647ba  x86_64/gaim-1.3.1-0.fc3.x86_64.rpm
aaddc70a7dfdb9e03b7e90073174ea67 
x86_64/debug/gaim-debuginfo-1.3.1-0.fc3.x86_64.rpm
fdfa1e0331281d07cad2911e1ff9945a  i386/gaim-1.3.1-0.fc3.i386.rpm
090675e02fc726449b52e573426375b5 
i386/debug/gaim-debuginfo-1.3.1-0.fc3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
- ---------------------------------------------------------------------

- --
fedora-announce-list mailing list
fedora-announce-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-announce-list



2.


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-427
2005-06-16
- ---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : spamassassin
Version     : 3.0.4
Release     : 1.fc3
Summary     : Spam filter for email which can be invoked from mail 
delivery agents.
Description :
SpamAssassin provides you with a way to reduce if not completely eliminate
Unsolicited Commercial Email (SPAM) from your incoming email.  It can
be invoked by a MDA such as sendmail or postfix, or can be called from
a procmail script, .forward file, etc.  It uses a genetic-algorithm
evolved scoring system to identify messages which look spammy, then
adds headers to the message so they can be filtered by the user's mail
reading software.  This distribution includes the spamd/spamc components
which create a server that considerably speeds processing of mail.

To enable spamassassin, if you are receiving mail locally, simply add
this line to your ~/.procmailrc:
INCLUDERC=/etc/mail/spamassassin/spamassassin-default.rc

To filter spam for all users, add that line to /etc/procmailrc
(creating if necessary).

- ---------------------------------------------------------------------
Update Information:

Important update for a Denial of Service vulnerability, plus more
bug fixes from upstream.  More details available at:
http://wiki.apache.org/spamassassin/NextRelease
- ---------------------------------------------------------------------
* Sun Jun  5 2005 Warren Togami <wtogami@xxxxxxxxxx> - 3.0.4-1
- - 3.0.4 with more bug fixes and CAN-2005-1266

* Tue May 17 2005 Warren Togami <wtogami@xxxxxxxxxx> - 3.0.3-4
- - allow user-level disabling of subject rewriting pref (#147464)

- ---------------------------------------------------------------------
This update can be downloaded from:
   http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

59d5fe379a2dc6932a4e621cc9a497ad  SRPMS/spamassassin-3.0.4-1.fc3.src.rpm
c3f1595455b87681a9a39476e1643f31  x86_64/spamassassin-3.0.4-1.fc3.x86_64.rpm
f635b82f1ce7339386ff9e1d19394b2d 
x86_64/debug/spamassassin-debuginfo-3.0.4-1.fc3.x86_64.rpm
f0a5cf57a98e76b96c434567333f75c8  i386/spamassassin-3.0.4-1.fc3.i386.rpm
8b2557759728f029191629dad8b76d3b 
i386/debug/spamassassin-debuginfo-3.0.4-1.fc3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
- ---------------------------------------------------------------------

- --
fedora-announce-list mailing list
fedora-announce-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-announce-list



3.


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-411
2005-06-16
- ---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : gaim
Version     : 1.3.1
Release     : 0.fc4
Summary     : A Gtk+ based multiprotocol instant messaging client
Description :
Gaim allows you to talk to anyone using a variety of messaging
protocols, including AIM (Oscar and TOC), ICQ, IRC, Yahoo!,
MSN Messenger, Jabber, Gadu-Gadu, Napster, and Zephyr.  These
protocols are implemented using a modular, easy to use design.
To use a protocol, just add an account using the account editor.

Gaim supports many common features of other clients, as well as many
unique features, such as perl scripting and C plugins.

Gaim is NOT affiliated with or endorsed by America Online, Inc.,
Microsoft Corporation, or Yahoo! Inc. or other messaging service
providers.

- ---------------------------------------------------------------------
Update Information:

More bug and denial of service fixes.
- ---------------------------------------------------------------------
* Thu Jun  9 2005 Warren Togami <wtogami@xxxxxxxxxx> 1:1.3.1-0
- - 1.3.1 more bug fixes
   CAN-2005-1269 CAN-2005-1934
- - enable Message Notification plugin by default

- ---------------------------------------------------------------------
This update can be downloaded from:
   http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

ac429c8d93a279c67b8ab1fd85137157  SRPMS/gaim-1.3.1-0.fc4.src.rpm
5c56ca6453da77329c41865eaf04a185  ppc/gaim-1.3.1-0.fc4.ppc.rpm
88baf07667f49d8b64bbcc32cc3893de 
ppc/debug/gaim-debuginfo-1.3.1-0.fc4.ppc.rpm
2dc3fad568de1cb1d847d6e2bd0a18d1  x86_64/gaim-1.3.1-0.fc4.x86_64.rpm
962c9bb2fc25e288095c183d97d82fd4 
x86_64/debug/gaim-debuginfo-1.3.1-0.fc4.x86_64.rpm
ec21757c012921fbe370ab0f231aa460  i386/gaim-1.3.1-0.fc4.i386.rpm
bbe720360f37608392f05a027bcf391d 
i386/debug/gaim-debuginfo-1.3.1-0.fc4.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
- ---------------------------------------------------------------------

- --
fedora-announce-list mailing list
fedora-announce-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-announce-list



4.

- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-405
2005-06-16
- ---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : mikmod
Version     : 3.1.6
Release     : 35.FC4
Summary     : A MOD music file player.
Description :
MikMod is one of the best and most well known MOD music file players
for UNIX-like systems.  This particular distribution is intended to
compile fairly painlessly in a Linux environment. MikMod uses the OSS
/dev/dsp driver including all recent kernels for output, and will also
write .wav files. Supported file formats include MOD, STM, S3M, MTM,
XM, ULT, and IT.  The player uses ncurses for console output and
supports transparent loading from gzip/pkzip/zoo archives and the
loading/saving of playlists.

Install the mikmod package if you need a MOD music file player.

- ---------------------------------------------------------------------

* Mon Jun  6 2005 Martin Stransky <stransky@xxxxxxxxxx> 3.1.6-35.FC4

- - fixed #159290,#159291 - CAN-2003-0427
- - fixed playing mod files from tar archive


- ---------------------------------------------------------------------
This update can be downloaded from:
   http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

944a009b899e348614059aa2bd2e6b5e  SRPMS/mikmod-3.1.6-35.FC4.src.rpm
546b2d73b402c71965443d4c5e02a865  ppc/mikmod-3.1.6-35.FC4.ppc.rpm
6d15dbacb1c0e470a4598c97819e2dd4  ppc/mikmod-devel-3.1.6-35.FC4.ppc.rpm
97234e209388dbd3f4ea7adf3e9aba06 
ppc/debug/mikmod-debuginfo-3.1.6-35.FC4.ppc.rpm
212959d733c66dc0c60d132d2ef13737  ppc/mikmod-3.1.6-35.FC4.ppc64.rpm
b48ef75ce3df5f3b54df0e2b5ea77e4c  x86_64/mikmod-3.1.6-35.FC4.x86_64.rpm
066f3e934045ade26ae8ce724d8004e3 
x86_64/mikmod-devel-3.1.6-35.FC4.x86_64.rpm
70b85c2ba5619571d404b14e83080340 
x86_64/debug/mikmod-debuginfo-3.1.6-35.FC4.x86_64.rpm
f96c91607f003eb6f6421d9efa825508  x86_64/mikmod-3.1.6-35.FC4.i386.rpm
f96c91607f003eb6f6421d9efa825508  i386/mikmod-3.1.6-35.FC4.i386.rpm
309a045a718fb0def0ad25339797753b  i386/mikmod-devel-3.1.6-35.FC4.i386.rpm
b6a3a0e31dda9c37e71e4ff639ee3dae 
i386/debug/mikmod-debuginfo-3.1.6-35.FC4.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
- ---------------------------------------------------------------------

- --
fedora-announce-list mailing list
fedora-announce-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-announce-list



5.


- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-428
2005-06-16
- ---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : spamassassin
Version     : 3.0.4
Release     : 1.fc4
Summary     : Spam filter for email which can be invoked from mail 
delivery agents.
Description :
SpamAssassin provides you with a way to reduce if not completely eliminate
Unsolicited Commercial Email (SPAM) from your incoming email.  It can
be invoked by a MDA such as sendmail or postfix, or can be called from
a procmail script, .forward file, etc.  It uses a genetic-algorithm
evolved scoring system to identify messages which look spammy, then
adds headers to the message so they can be filtered by the user's mail
reading software.  This distribution includes the spamd/spamc components
which create a server that considerably speeds processing of mail.

To enable spamassassin, if you are receiving mail locally, simply add
this line to your ~/.procmailrc:
INCLUDERC=/etc/mail/spamassassin/spamassassin-default.rc

To filter spam for all users, add that line to /etc/procmailrc
(creating if necessary).

- ---------------------------------------------------------------------
Update Information:

Important update for a Denial of Service vulnerability, plus more
bug fixes from upstream.  More details available at:
http://wiki.apache.org/spamassassin/NextRelease
- ---------------------------------------------------------------------
* Sun Jun  5 2005 Warren Togami <wtogami@xxxxxxxxxx> - 3.0.4-1

- - 3.0.4 with more bug fixes and CAN-2005-1266

- ---------------------------------------------------------------------
This update can be downloaded from:
   http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

b50c6ab812dd61849bd7e00c331f6edd  SRPMS/spamassassin-3.0.4-1.fc4.src.rpm
4ddd73e272c9c854b7bfafbefd01c092  ppc/spamassassin-3.0.4-1.fc4.ppc.rpm
7fadeb5ca946c4c218bfb4bfc4846ead 
ppc/debug/spamassassin-debuginfo-3.0.4-1.fc4.ppc.rpm
0ff72abd48f845e469c22eb7cc4d9c16  x86_64/spamassassin-3.0.4-1.fc4.x86_64.rpm
7e5b1c94241272d6eb56e5fe89d1c8b8 
x86_64/debug/spamassassin-debuginfo-3.0.4-1.fc4.x86_64.rpm
ce44f6f3e461f23c4ab7eb9eca51903b  i386/spamassassin-3.0.4-1.fc4.i386.rpm
03cfb93cbfa21ec921dbdf9ab07b38bb 
i386/debug/spamassassin-debuginfo-3.0.4-1.fc4.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
- ---------------------------------------------------------------------

- --
fedora-announce-list mailing list
fedora-announce-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-announce-list

- ---------------------------------------------------------------------------------

For additional information or assistance, please contact the HELP Desk by 
telephone or Not Protectively Marked information may be sent via 
EMail to: uniras@xxxxxxxxxxxx

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 870 487 0748 Ext 4511
Fax: +44 (0) 870 487 0749

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 870 487 0748 and follow the prompts

- ----------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Fedora for the information 
contained in this Briefing. 
- ----------------------------------------------------------------------------------
This Briefing contains the information released by the original author. Some 
of the information may have changed since it was released. If the vulnerability 
affects you, it may be prudent to retrieve the advisory from the canonical site 
to ensure that you receive the most current information concerning that problem.

Reference to any specific commercial product, process, or service by trade 
name, trademark manufacturer, or otherwise, does not constitute or imply 
its endorsement, recommendation, or favouring by UNIRAS or NISCC.  The views 
and opinions of authors expressed within this notice shall not be used for 
advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors 
or omissions contained within this briefing notice. In particular, they shall 
not be liable for any loss or damage whatsoever, arising from or in connection 
with the usage of information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) 
and has contacts with other international Incident Response Teams (IRTs) in 
order to foster cooperation and coordination in incident prevention, to prompt 
rapid reaction to incidents, and to promote information sharing amongst its 
members and the community at large. 
- ----------------------------------------------------------------------------------
<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQCVAwUBQrLRcYpao72zK539AQHpFwP+ItfsdU60QLY+hW0KaL1xwpSlwF7F+0bM
UNO82UJcUp3mH7E5mgiIF7Sprxlw2Jzl/HaZr4UfNysruhOuAE0q4cBJC+KnIKLK
L9xQR8zSS2AsMpYbZTth/kLaW9jU0lbqW7B0jdP95fcRjg1JLl3wRhCGTzeqT+rf
xoNO85yI92w=
=Ky/c
-----END PGP SIGNATURE-----


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________