From Annvix
Annvix 3.0-RELEASE Changelog
2008-03-27 00:36 vdanen
* gnupg/SOURCES/gnupg-1.4.8.tar.bz2,
gnupg/SOURCES/gnupg-1.4.8.tar.bz2.sig,
gnupg/SOURCES/gnupg-1.4.9.tar.bz2,
gnupg/SOURCES/gnupg-1.4.9.tar.bz2.sig, gnupg/SPECS/gnupg.spec:
- 1.4.9: fixes a possible memory corruption bug while importing
keys
2008-03-21 16:27 vdanen
* bzip2/SOURCES/bzip2-1.0.4.tar.gz,
bzip2/SOURCES/bzip2-1.0.5.tar.gz, bzip2/SPECS/bzip2.spec:
- 1.0.5: fixes CVE-2008-1372
2008-03-20 16:18 vdanen
* perl-Net-DNS/SOURCES/Net-DNS-0.61.tar.gz,
perl-Net-DNS/SOURCES/Net-DNS-0.63.tar.gz,
perl-Net-DNS/SPECS/perl-Net-DNS.spec:
- 0.63: fixes CVE-2007-6341
2008-03-20 15:52 vdanen
* krb5/SOURCES/krb5-1.6.1-rh-CVE-2007-5901.patch,
krb5/SOURCES/krb5-1.6.1-rh-CVE-2007-5971.patch,
krb5/SOURCES/krb5-1.6.1-rh-CVE-2008-0062_0063.patch,
krb5/SOURCES/krb5-1.6.1-rh-CVE-2008-0947.patch,
krb5/SPECS/krb5.spec:
- P19: security fix for CVE-2007-5901
- P20: security fix for CVE-2007-5971
- P21: security fix for CVE-2008-0062 and CVE-2008-0063
- P22: security fix for CVE-2008-0947
2008-03-20 15:39 vdanen
* tcl/SOURCES/tcl-8.4.15-rh-CVE-2007-4772.patch,
tcl/SPECS/tcl.spec:
- P4: security fix for CVE-2007-4772
2008-03-20 15:33 vdanen
* unzip/SOURCES/unzip-5.52-deb-CVE-2008-0888.patch,
unzip/SPECS/unzip.spec:
- P4: security fix for CVE-2008-0888
2008-03-18 18:34 vdanen
* ghostscript/SOURCES/ghostscript-CVE-2008-0411.patch,
ghostscript/SPECS/ghostscript.spec:
- P0: security fix for CVE-2008-0411
2008-03-18 18:25 vdanen
* pcre/SOURCES/pcre-7.4.tar.bz2,
pcre/SOURCES/pcre-7.4.tar.bz2.sig,
pcre/SOURCES/pcre-7.6.tar.bz2,
pcre/SOURCES/pcre-7.6.tar.bz2.sig, pcre/SPECS/pcre.spec,
releases/3.1-CURRENT/pcre/SPECS/pcre.spec:
- 7.6: fixes CVE-2008-0674
- enable unicode properties
2008-03-17 18:49 vdanen
* kernel26/SOURCES/patches/scripts/create_configs,
kernel26/SPECS/kernel26-avx.spec:
- set the memory support back to 4GB
2008-03-14 05:41 vdanen
* kernel26/SOURCES/patches/configs/i386.config,
kernel26/SOURCES/patches/scripts/create_configs,
kernel26/SPECS/kernel26-avx.spec:
- drop the supported arch from i686 to i586 as per tmb's note in
bugzilla
2008-03-10 15:44 vdanen
* dovecot/SOURCES/dovecot-1.0.10.tar.gz,
dovecot/SOURCES/dovecot-1.0.10.tar.gz.sig,
dovecot/SOURCES/dovecot-1.0.13.tar.gz,
dovecot/SOURCES/dovecot-1.0.13.tar.gz.sig,
dovecot/SPECS/dovecot.spec:
- 1.0.13: security fixes (user login without valid password)
2008-03-08 17:23 vdanen
* kernel26/SPECS/kernel26-avx.spec:
- actually use the new version
2008-03-08 17:16 vdanen
* kernel26/SOURCES/linux-2.6.22.18.tar.bz2,
kernel26/SOURCES/linux-2.6.22.18.tar.bz2.sign,
kernel26/SOURCES/linux-2.6.22.19.tar.bz2,
kernel26/SOURCES/linux-2.6.22.19.tar.bz2.sign,
kernel26/SOURCES/patches/scripts/create_configs,
kernel26/SPECS/kernel26-avx.spec:
- 2.6.22.19: fixes CVE-2007-3731
- really set CONFIG_HIGHMEM=4GB (has to be done via
scripts/create_configs)
which should finally fix bug #65
2008-03-06 15:08 vdanen
* dovecot/SPECS/dovecot.spec:
- tighten permissions on the configuration file so it's no
longer world-
readable, as per Red Hat bug #436287
2008-03-05 16:28 vdanen
* openldap/SOURCES/openldap-2.3.38-CVE-2008-0658.patch,
openldap/SPECS/openldap.spec:
- P17: security fix for CVE-2008-0658
2008-03-02 04:46 ying
* postfix/SOURCES/postfix-2.4.6.tar.gz,
postfix/SOURCES/postfix-2.4.6.tar.gz.sig,
postfix/SOURCES/postfix-2.4.7.tar.gz,
postfix/SOURCES/postfix-2.4.7.tar.gz.sig,
postfix/SPECS/postfix.spec:
Postfix 2.4.7 Update
2008-02-23 02:14 vdanen
* cups/SOURCES/cups-1.3.5-source.tar.bz2,
cups/SOURCES/cups-1.3.6-source.tar.bz2, cups/SPECS/cups.spec:
- 1.3.6: fixes CVE-2008-0882
- fix permissions
- fix some rpmlint warnings
2008-02-11 16:05 vdanen
* kernel26/SOURCES/linux-2.6.22.17.tar.bz2,
kernel26/SOURCES/linux-2.6.22.17.tar.bz2.sign,
kernel26/SOURCES/linux-2.6.22.18.tar.bz2,
kernel26/SOURCES/linux-2.6.22.18.tar.bz2.sign,
kernel26/SPECS/kernel26-avx.spec:
- 2.6.22.18: fixes CVE-2008-0600
2008-02-08 16:08 vdanen
* kernel26/SOURCES/linux-2.6.22.16.tar.bz2,
kernel26/SOURCES/linux-2.6.22.16.tar.bz2.sign,
kernel26/SOURCES/linux-2.6.22.17.tar.bz2,
kernel26/SOURCES/linux-2.6.22.17.tar.bz2.sign,
kernel26/SOURCES/patches/patches/ZZ01_CVE-2007-6206_git.patch,
kernel26/SOURCES/patches/patches/series,
kernel26/SPECS/kernel26-avx.spec:
- 2.6.22.17: fixes CVE-2007-6206, CVE-2008-0007
- drop PZZ01; fixed upstream
2008-02-08 05:32 vdanen
* tk/SOURCES/tk-cvs-CVE-2008-0553.patch, tk/SPECS/tk.spec:
- P2: security for for CVE-2008-0553
2008-01-28 20:49 vdanen
* rsync/SOURCES/daemon-exclude-2.6.9-CVE-2007-6200.diff,
rsync/SOURCES/munge-symlinks-2.6.9-CVE-2007-6199.diff,
rsync/SPECS/rsync.spec:
- P1: security fix for CVE-2007-6199
- P2: security fix for CVE-2007-6200
2008-01-26 22:59 vdanen
* apparmor/SPECS/apparmor.spec:
- apache 2.2.8
2008-01-26 22:52 vdanen
* subversion/SPECS/subversion.spec:
- apache 2.2.8
2008-01-26 22:51 vdanen
* httpd-mod_suexec/SPECS/httpd-mod_suexec.spec:
- apache 2.2.8
2008-01-26 22:51 vdanen
* httpd-mod_security2/SPECS/httpd-mod_security2.spec:
- apache 2.2.8
2008-01-26 22:49 vdanen
* httpd-mod_security/SPECS/httpd-mod_security.spec:
- apache 2.2.8
2008-01-26 22:44 vdanen
* httpd-mod_php/SPECS/httpd-mod_php.spec:
- apache 2.2.8
2008-01-26 22:39 vdanen
* httpd-mod_perl/SPECS/httpd-mod_perl.spec:
- apache 2.2.8
2008-01-26 22:38 vdanen
* httpd-mod_layout/SPECS/httpd-mod_layout.spec:
- apache 2.2.8
2008-01-26 22:37 vdanen
* httpd-mod_auth_shadow/SPECS/httpd-mod_auth_shadow.spec:
- apache 2.2.8
2008-01-26 22:37 vdanen
* httpd-mod_auth_remote/SPECS/httpd-mod_auth_remote.spec:
- apache 2.2.8
2008-01-26 22:36 vdanen
* httpd-mod_auth_radius/SPECS/httpd-mod_auth_radius.spec:
- apache 2.2.8
2008-01-26 22:35 vdanen
* httpd-mod_auth_pgsql/SPECS/httpd-mod_auth_pgsql.spec:
- apache 2.2.8
2008-01-26 22:34 vdanen
* httpd-mod_auth_mysql/SPECS/httpd-mod_auth_mysql.spec:
- apache 2.2.8
2008-01-26 22:33 vdanen
* httpd-mod_auth_external/SPECS/httpd-mod_auth_external.spec:
- apache 2.2.8
2008-01-26 22:04 vdanen
* httpd-conf/SOURCES/httpd-conf-2.2.6.tar.bz2,
httpd-conf/SOURCES/httpd-conf-2.2.8.tar.bz2:
- commit sources
2008-01-26 22:03 vdanen
* httpd-conf/SOURCES/httpd.conf, httpd-conf/SOURCES/mime.types,
httpd-conf/SPECS/httpd-conf.spec:
- apache 2.2.8
2008-01-26 22:02 vdanen
* httpd/SOURCES/apachesrc.diff,
httpd/SOURCES/httpd-2.2.6-ssllibver.patch,
httpd/SOURCES/httpd-2.2.6.tar.gz,
httpd/SOURCES/httpd-2.2.6.tar.gz.asc,
httpd/SOURCES/httpd-2.2.8.tar.gz,
httpd/SOURCES/httpd-2.2.8.tar.gz.asc,
httpd/SOURCES/httpd-limitipconn.diff,
httpd/SOURCES/perl-framework.tar.bz2,
httpd/SOURCES/worker_init_patch_plus_r572937_2.2.x.patch,
httpd/SPECS/httpd.spec:
- 2.2.8: security fixes for CVE-2007-6421, CVE-2007-6422,
CVE-2007-6388,
and CVE-2007-5000
- drop upstream patches: P17, P20
- update perl framework (S4) to r609180
2008-01-22 22:49 vdanen
* kernel26/SOURCES/patches/configs/i386.config,
kernel26/SPECS/kernel26-avx.spec:
- set CONFIG_HIGHMEM=64G off and enable HIGHMEM4G instead (x86)
- disable CONFIG_RESOURCES_64BIT (x86)
- hopefully these will solve the "PANIC: CPU too old for this
kernel" that
some people are seeing
2008-01-17 20:36 vdanen
* kernel26/SOURCES/linux-2.6.22.15.tar.bz2,
kernel26/SOURCES/linux-2.6.22.15.tar.bz2.sign,
kernel26/SOURCES/linux-2.6.22.16.tar.bz2,
kernel26/SOURCES/linux-2.6.22.16.tar.bz2.sign,
kernel26/SPECS/kernel26-avx.spec:
- 2.6.22.16; fixes CVE-2008-0001
2008-01-12 01:02 vdanen
* postgresql/SOURCES/postgresql-8.2.5.tar.bz2,
postgresql/SOURCES/postgresql-8.2.5.tar.bz2.md5,
postgresql/SOURCES/postgresql-8.2.6.tar.bz2,
postgresql/SOURCES/postgresql-8.2.6.tar.bz2.md5,
postgresql/SPECS/postgresql.spec:
- 8.2.6: fixes CVE-2007-6600, CVE-2007-4769, CVE-2007-4772,
CVE-2007-6067,
CVE-2007-6601, CVE-2007-3278
2008-01-11 21:03 vdanen
* libxml2/SOURCES/libxml2-CVE-2007-6284.patch,
libxml2/SPECS/libxml2.spec:
- P2: security fix for CVE-2007-6284
2007-12-30 22:22 vdanen
* .:
branch 3.0-RELEASE
