News
[asl-2.0] mod_security 2.5.13-2 PDF Print E-mail
Monday, 13 December 2010 15:36

This update is only necessary if you are using mod_security from the atomic channel.

Changelog:

  • Bugfix #XXX, bumped the Release on the asl-2.0 package to force an update. Users of mod_security from the atomic channel cannot integrate correctly in an ASL environment due to the different logging formats.

 

To upgrade:

yum upgrade mod_security
 
[atomic] php-pecl-apc 3.1.6-2 PDF Print E-mail
Monday, 13 December 2010 15:34

Description:

APC is a free, open, and robust framework for caching and optimizing PHP intermediate code.

 

Changelog:

  • Bugfix #XXX, relinked this package against PHP 5.2.15. Previous release was linked against php 5.3.3

 

To upgrade:

yum upgrade php-pecl-apc

 

To Install:

yum install php-pecl-apc

Add new comment
 
[atomic] PHP 5.2.15-1 Released PDF Print E-mail
Monday, 13 December 2010 15:32

Changelog:

  • Fixed extract() to do not overwrite $GLOBALS and $this when using EXTR_OVERWRITE. (jorto at redhat dot com)
  • Fixed crash in zip extract method (possible CWE-170). (Maksymilian Arciemowicz, Pierre)
  • Fixed a possible double free in imap extension (Identified by Mateusz Kocielski). (CVE-2010-4150). (Ilia)
  • Fixed possible flaw in open_basedir (CVE-2010-3436). (Pierre)
  • Fixed possible crash in mssql_fetch_batch(). (Kalle)
  • Fixed NULL pointer dereference in ZipArchive::getArchiveComment. (CVE-2010-3709). (Maksymilian Arciemowicz)
  • Fixed bug #53492 (fix crash if anti-aliasing steps are invalid). (Pierre)
  • Fixed bug #53323 (pdo_firebird getAttribute() crash). (preeves at ibphoenix dot com)
  • Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with large amount of data). (CVE-2010-3709). (Adam)
  • Fixed bug #52879 (Objects unreferenced in __get, __set, __isset or __unset can be freed too early). (mail_ben_schmidt at yahoo dot com dot au, Dmitry)
  • Fixed bug #52772 (var_dump() doesn't check for the existence of get_class_name before calling it). (Kalle, Gustavo)
  • Fixed bug #52546 (pdo_dblib segmentation fault when iterating MONEY values). (Felipe, Adam)
  • Fixed bug #52436 (Compile error if systems do not have stdint.h) (Sriram Natarajan)
  • Fixed bug #52390 (mysqli_report() should be per-request setting). (Kalle)
  • Fixed bug #51008 (Zend/tests/bug45877.phpt fails). (Dmitry)
  • Fixed bug #47643 (array_diff() takes over 3000 times longer than php 5.2.4). (Felipe)
  • Fixed bug #44248 (RFC2616 transgression while HTTPS request through proxy with SoapClient object). (Dmitry)

To upgrade:

yum upgrade php

Add new comment
 
[asl-2.0] mod_security 2.5.13 PDF Print E-mail
Wednesday, 01 December 2010 16:49

This is a minor bug and feature update. It is duplicated to both the ASL-2.0 and Atomic Repos.

Changelog

  • Remove the ability to use a relative path to a piped audit logger (i.e. mlogc) as Apache does not support it in their piped loggers and it was breaking Windows and probably other platforms that use spaces in filesystem paths.  Discovered by Tom Donovan.
  • Fix memory leak freeing regex.  Discovered by Tom Donovan.
  • Fix some portability issues on Windows.
  • Fixed Geo lookup concurrent connections bug
  • Fixed Skip/SkipAfter chain bug
  • Added new setvar Lua API to be used into Lua scripts
  • Added PCRE messages indicates each rule that exceed match limits
  • Added new Base64 transformation function called base64DecodeEx, which can decode base64 data skipping special characters.
  • Add SecReadStateLimit to limit the number of concurrent threads in BUSY connections per ip address
  • Fixed redirect action was not expanding macros in chained rules

To upgrade:
yum upgrade mod_security
 
[asl-2.0] Clamav 0.96.5 PDF Print E-mail
Wednesday, 01 December 2010 13:04

This update is duplicated in both the [asl-2.0]  and [atomic] channels.

Changelog:
* libclamav/pdf.c: fix crashes (bb #2358, bb #2380, bb #2396).  Thanks to Arkadiusz Miskiewicz <arekm*maven.pl> for bb #2380.
* libclamav/pe_icons.c: off by one while (bb#2344)
* libclamav: fix detection of embedded executables
* libclamav/matcher-ac.c: fix offset handling for sigs with {x-y} wildcards (bb#2393)
* freshclam/manager.c: fix error path infinite loop (bb#2389)
* clamd/clamd.c: fix RLIMIT_DATA setting on BSD (bb #1941), thanks to Andreas Longwitz <longwitz* incore.de>.
* freshclam: improve mirror management
* libclamav: fix possible use of uninitialized values (bb#2291)
* libclamav: Set the unreliability flag on (un)packed files (bb#2307)
* libclamav/c++: Update embedded copy of LLVM to version 2.8 (bb #2327)
* freshclam: make query format backward compatible
* freshclam: get detection stats directly from clamd (bb#2312)
* libclamav/cache.c,c++/bytecode2llvm.cpp}: make cl_load thread safe (bb #2333).
* freshclam: load database in subprocess (bb #2147).
* clamd: add new commands DETSTATS and DETSTATSCLEAR (part of bb#2312)
* libclamav/7z.c: fix file descriptor leak (bb #2347)
* clamd, libclamavll: add ability to logg messages from libclamav (bb #1965)
* libclamav/builtin_bytecodes.h: Don't disable JIT on pentium4 (bb #2345)
* clamav-for-windows: displace clamav-for-windows to a separate solution and directory
* clamd: add new option OLE2BlockMacros (requested by Mike)
* freshclam: DatabaseCustomURL: add support for If-Modified-Since and signature counter
* freshclam: add initial support for DatabaseCustomURL

To upgrade:
yum upgrade clamd
 
More Articles...
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 9 of 13