[SECURITY] Fedora 18 Update: cumin-0.1.5522-4.fc18

updates at fedoraproject.org updates at fedoraproject.org
Thu Mar 14 02:55:27 UTC 2013


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-17834
2012-11-09 03:11:28
--------------------------------------------------------------------------------

Name        : cumin
Product     : Fedora 18
Version     : 0.1.5522
Release     : 4.fc18
URL         : http://svn.fedorahosted.org/svn/cumin
Summary     : MRG management web console
Description :
Cumin is the MRG management web console.  It provides a unified
management interface for the Messaging, Realtime and Grid components
of MRG.

--------------------------------------------------------------------------------
Update Information:

Latest build adds a missing dependency on python-saslwrapper and missing upgrade scripts in addition to a patch for BZ842286.
The previous version of the spec file did not install cumin-report and was missing a dependency on pymongo.
This release contains many bug fixes (logged against Cumin in RHEL MRG but applying to Fedora as well).  There are also many security enhancements but it is not just a security release.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov  7 2012 Trevor McKay <tmckay at redhat.com> - 0.1.5522-4
- Add dependency on python-saslwrapper
- Add a patch to include missing upgrade scripts from BZ846345
- Add a patch to handle ssl exceptions (BZ842286)
842286
* Fri Nov  2 2012 Trevor McKay <tmckay at redhat.com> - 0.1.5522-3
- Fix the spec in regards to the long term reporting feature
- The cumin-report script was not being installed in /usr/bin
- A dependency on pymongo was missing
* Thu Oct 25 2012 Trevor McKay <tmckay at redhat.com> - 0.1.5522-2
- Change form of bug numbers in the last changelog so they show
- up in the build system web UI
438142
635207
699487
703859
705358
733516
737979
739658
748735
750196
751779
752732
756384
760567
765713
765846
765894
767232
768298
769753
771642
772105
782359
782485
782839
782902
783139
785551
785863
787138
789351
796798
799129
799382
799404
800065
800611
800624
801047
801287
801291
802698
802704
805029
807838 
807912
807970
809006
809369
812407
814386
815316
820681
823506
830243
830245
830854
831203
831235
831244
837037
837047
839576
840112
840121
840123
840133
846010
846345
846349
847940
848344
850759
851205
853454
* Thu Oct 25 2012 Trevor McKay <tmckay at redhat.com> - 0.1.5522-1
- Add dependency on python-ldap
- Add creation of /etc/cumin/cumin.conf.d for future use
- Add use of systemd macros for F18+
- Many, many bug fixes since 5137:
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #830243 - CVE-2012-2683 cumin: multiple XSS flaws
        https://bugzilla.redhat.com/show_bug.cgi?id=830243
  [ 2 ] Bug #830245 - CVE-2012-2684 cumin: SQL injection flaw
        https://bugzilla.redhat.com/show_bug.cgi?id=830245
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update cumin' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list