Sicherheit: Zwei Probleme in qpid-cpp - Pro-Linux

Name        : qpid-cpp
Product     : Fedora 21
Version     : 0.32
Release     : 4.fc21
URL         : http://qpid.apache.org
Summary     : Libraries for Qpid C++ client applications
Description :

Run-time libraries for AMQP client applications developed using Qpid
C++. Clients exchange messages with an AMQP message broker using
the AMQP protocol.

-------------------------------------------------------------------------------
-
Update Information:

Removed qpid-send and qpid-receive from qpid-cpp-client-devel.
Include the qpid.tests module in python-qpid
Bumped the release to force a build against Proton 0.9 in F22.
Added qpidtoollibs to the qpid-tools package.
Fixed path to qpid-ha in the systemd service descriptor.
Resolves: BZ#1186308
Apply patch 10.
Resolves: BZ#1184488
Resolves: BZ#1181721
-------------------------------------------------------------------------------
-
ChangeLog:

* Wed May 27 2015 Darryl L. Pierce <dpierce@redhat.com> - 0.32-4
- Removed qpid-send and qpid-receive from qpid-cpp-client-devel.
* Fri May 22 2015 Darryl L. Pierce <dpierce@redhat.com> - 0.32-3
- Include the qpid.tests module in python-qpid
- Resolves: BZ#1224260
* Mon Apr 13 2015 Peter Robinson <pbrobinson@fedoraproject.org> 0.32-2
- Re-add patch that fixes builds on aarch64/ppc64le
* Tue Apr  7 2015 Darryl L. Pierce <dpierce@redhat.com> - 0.32-1.1
- Bumped the release to force a build against Proton 0.9 in F22.
* Mon Apr  6 2015 Darryl L. Pierce <dpierce@redhat.com> - 0.32-1
- Rebased on Qpid 0.32.
- Added build flag to enable building the legacy store.
- Added the perl-qpid-messaging subpackage.
- Added the python-qpid-messaging subpackage.
- Added the python-qpid subpackage.
* Wed Feb 25 2015 Darryl L. Pierce <dpierce@redhat.com> - 0.30-12
- Added qpidtoollibs to the qpid-tools package.
* Fri Feb 20 2015 Darryl L. Pierce <dpierce@redhat.com> - 0.30-11
- Fixed path to qpid-ha in the systemd service descriptor.
* Wed Feb  4 2015 Petr Machata <pmachata@redhat.com> - 0.30-10
- Bump for rebuild.
* Mon Feb  2 2015 Darryl L. Pierce <dpierce@redhat.com> - 0.30-9
- Resolves: BZ#1186308
* Tue Jan 27 2015 Petr Machata <pmachata@redhat.com> - 0.30-8
- Rebuild for boost 1.57.0
* Thu Jan 22 2015 Darryl L. Pierce <dpierce@redhat.com> - 0.30-7
- Apply patch 10.
* Wed Jan 21 2015 Darryl L. Pierce <dpierce@redhat.com> - 0.30-6
- Resolves: BZ#1184488
* Fri Jan 16 2015 Darryl L. Pierce <dpierce@redhat.com> - 0.30-5
- Resolves: BZ#1181721
* Wed Oct 29 2014 Darryl L. Pierce <dpierce@redhat.com> - 0.30-4
- QPID-6170: Fixes builds on aarch64 and ppc64le architectures.
-------------------------------------------------------------------------------
-
References:

  [ 1 ] Bug #1181721 - CVE-2015-0203 qpid-cpp: 3 qpidd DoS issues in AMQP 0-10
 protocol handling
        https://bugzilla.redhat.com/show_bug.cgi?id=1181721
  [ 2 ] Bug #1186308 - CVE-2015-0223 qpid-cpp: anonymous access to qpidd cannot
 be prevented
        https://bugzilla.redhat.com/show_bug.cgi?id=1186308
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program.  Use
su -c 'yum update qpid-cpp' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce