Fedora alert FEDORA-2012-17863 (cumin)
| From: | updates@fedoraproject.org | |
| To: | package-announce@lists.fedoraproject.org | |
| Subject: | [SECURITY] Fedora 17 Update: cumin-0.1.5522-4.fc17 | |
| Date: | Tue, 20 Nov 2012 03:15:52 +0000 | |
| Message-ID: | <20121120031552.9A54C20692@bastion01.phx2.fedoraproject.org> | |
| Archive‑link: | Article |
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2012-17863 2012-11-09 17:26:28 -------------------------------------------------------------------------------- Name : cumin Product : Fedora 17 Version : 0.1.5522 Release : 4.fc17 URL : http://svn.fedorahosted.org/svn/cumin Summary : MRG management web console Description : Cumin is the MRG management web console. It provides a unified management interface for the Messaging, Realtime and Grid components of MRG. -------------------------------------------------------------------------------- Update Information: Latest build adds a missing dependency on python-saslwrapper and missing upgrade scripts in addition to a patch for BZ842286. The previous version of the spec file did not install cumin-report and was missing a dependency on pymongo. This release contains many bug fixes (logged against Cumin in RHEL MRG but applying to Fedora as well). There are also many security enhancements but it is not just a security release. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 7 2012 Trevor McKay <tmckay@redhat.com> - 0.1.5522-4 - Add dependency on python-saslwrapper - Add a patch to include missing upgrade scripts from BZ846345 - Add a patch to handle ssl exceptions (BZ842286) 842286 * Fri Nov 2 2012 Trevor McKay <tmckay@redhat.com> - 0.1.5522-3 - Fix the spec in regards to the long term reporting feature - The cumin-report script was not being installed in /usr/bin - A dependency on pymongo was missing * Thu Oct 25 2012 Trevor McKay <tmckay@redhat.com> - 0.1.5522-2 - Change form of bug numbers in the last changelog so they show - up in the build system web UI 438142 635207 699487 703859 705358 733516 737979 739658 748735 750196 751779 752732 756384 760567 765713 765846 765894 767232 768298 769753 771642 772105 782359 782485 782839 782902 783139 785551 785863 787138 789351 796798 799129 799382 799404 800065 800611 800624 801047 801287 801291 802698 802704 805029 807838 807912 807970 809006 809369 812407 814386 815316 820681 823506 830243 830245 830854 831203 831235 831244 837037 837047 839576 840112 840121 840123 840133 846010 846345 846349 847940 848344 850759 851205 853454 * Thu Oct 25 2012 Trevor McKay <tmckay@redhat.com> - 0.1.5522-1 - Add dependency on python-ldap - Add creation of /etc/cumin/cumin.conf.d for future use - Add use of systemd macros for F18+ - Many, many bug fixes since 5137: * Wed Jul 18 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.1.5220-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sun Jan 15 2012 Trevor McKay <tmckay@redhat.com> - 0.1.5220-1 - Tweak dependencies again, python-qpid-qmf requires python-qpid now - Remove dependencies on pycairo and liberation-sans-fonts (new - sources in trunk remove flash and the need for pycairo) - Move root-only programs to /usr/sbin - Remove test programs on installation - cumin-database.patch no longer necessary -------------------------------------------------------------------------------- References: [ 1 ] Bug #830243 - CVE-2012-2683 cumin: multiple XSS flaws https://bugzilla.redhat.com/show_bug.cgi?id=830243 [ 2 ] Bug #830245 - CVE-2012-2684 cumin: SQL injection flaw https://bugzilla.redhat.com/show_bug.cgi?id=830245 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update cumin' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-...