PaulHowarth/Blog/2013-10-08

Tuesday 8th October 2013

Fedora Project

  • Updated mod_fcgid to 2.3.9 in F-18, F-19, F-20, Rawhide and EPEL-6:

    • Security: Fix possible heap buffer overwrite (CVE-2013-4365)

    • Add experimental cmake-based build system for Windows

    • Correctly parse quotation and escaped spaces in FcgidWrapper and the AAA Authenticator/Authorizor/Access directives' command line argument, as currently documented (PR#51194)

    • Honour quoted FcgidCmdOptions arguments (notably for InitialEnv assignments) (PR#51657)

    • Conform script response parsing with mod_cgid and ensure no response body is sent when ap_meets_conditions() determines that request conditions are met

    • Improve logging in access control hook functions

    • Avoid making internal sub-requests and processing Location headers when in FCGI_AUTHORIZER mode, as the auth hook functions already treat Location headers returned by scripts as an error since redirections are not meaningful in this mode

    • Revert fix for PR#53693, added in 2.3.8 but undocumented
    • Fix issues with a minor optimization added in 2.3.8

  • Updated perl-IO-All to 0.48 in F-20 and Rawhide:

    • Add ->os method to ::Filesys

    • Switch from Module::Install to Dist::Zilla

  • Updated perl-Net-FTPServer to 1.125 in F-20 and Rawhide:

    • Maintainer changed
    • Organized document and package files
    • Fixed pod format errors

    • New repository: https://github.com/ryochin/p5-net-ftpserver

    • Added a workaround to make sure to cause abort by SIGURG in t/240abort.t (CPAN RT#21261)

    • Fixed a bug that MLST command treated DirHandle as FileHandle (CPAN RT#27640)

    • Fixed a bug that ls -l command doesn't show a directory named '0' (CPAN RT#29503)

    • Fixed a problem that extra large file sizes were not displayed correctly because of integer digit overflow (CPAN RT#35332)

    • Fixed a problem caused by a Constant.pm internal change, affecting Archive::Zip (CPAN RT#35698)

    • Fixed a problem that Archive::Zip::Member::setLastModFileDateTimeFromUnix() doesn't accept 0 (CPAN RT#35698)

    • Addressed an issue that ftpd.conf had been installed despite lack of write permission to sysconfdir (CPAN RT#81130)

    • Added a message that Win32 platform is not supported (CPAN RT#81136)

    • Switched to Test::More for better installation process

    • Supported cpantesters and added other small changes

    • Tweaked t/240abort.t to skip when BSD::Resource is not installed, to avoid test errors on OpenBSD/Solaris at cpantesters

    • Improved an error message when using chroot feature by non-root users with Full personality

Local Packages

  • Updated mod_fcgid to 2.3.9 as per the Fedora version

Recent