The following Fedora 15 Security updates need testing: https://admin.fedoraproject.org/updates/php-ZendFramework-1.11.6-1.fc15 https://admin.fedoraproject.org/updates/pure-ftpd-1.0.32-1.fc15 https://admin.fedoraproject.org/updates/gimp-2.6.11-14.fc15 https://admin.fedoraproject.org/updates/dovecot-2.0.13-1.fc15 https://admin.fedoraproject.org/updates/apr-1.4.5-1.fc15 https://admin.fedoraproject.org/updates/viewvc-1.1.11-1.fc15 https://admin.fedoraproject.org/updates/unbound-1.4.8-5.fc15 https://admin.fedoraproject.org/updates/wordpress-3.1.2-1.fc15 https://admin.fedoraproject.org/updates/drupal7-7.2-1.fc15 https://admin.fedoraproject.org/updates/drupal6-6.22-1.fc15 The following Fedora 15 Critical Path updates have yet to be approved: https://admin.fedoraproject.org/updates/shared-mime-info-0.90-8.fc15 https://admin.fedoraproject.org/updates/nautilus-3.0.2-1.fc15 https://admin.fedoraproject.org/updates/gdb-7.2.90.20110525-38.fc15 https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-14.fc15.1 https://admin.fedoraproject.org/updates/lldpad-0.9.41-3.fc15 https://admin.fedoraproject.org/updates/mtools-4.0.16-1.fc15 https://admin.fedoraproject.org/updates/libfprint-0.4.0-1.fc15,fprintd-0.4.1-1.fc15 The following builds have been pushed to Fedora 15 updates-testing NetworkManager-0.8.999-3.git20110526.fc15 autoconf-archive-2011.04.12-1.fc15 ctpl-0.3.2-3.fc15 cvs-1.11.23-15.fc15 drupal6-6.22-1.fc15 drupal7-7.2-1.fc15 ebnetd-1.0-10.fc15 ecryptfs-utils-87-2.fc15 eekboard-0.90.7-2.fc15 emacs-magit-1.0.0-1.fc15 evolution-rspam-0.3.0-1.fc15 facter-1.5.9-1.fc15 fence-agents-3.1.4-1.fc15 file-roller-3.0.2-1.fc15 gdb-7.2.90.20110525-38.fc15 gedit-3.0.2-2.fc15 gnome-shell-3.0.2-1.fc15 ibus-1.3.99.20110408-5.fc15 libgpod-0.8.0-9.fc15 libmygpo-qt-1.0.3-1.fc15 libqzeitgeist-0.7.0-1.fc15 mutter-3.0.2.1-1.fc15 nautilus-3.0.2-1.fc15 opencv-2.2.0-6.fc15 perl-TryCatch-1.003000-1.fc15 powertop-1.98-1.fc15 prison-1.0-2.fc15 pyrenamer-0.6.0-7.fc15 rhythmbox-2.90.1-10.git20110502.fc15 scummvm-1.3.0-1.fc15 shared-mime-info-0.90-8.fc15 shotwell-0.9.3-1.fc15 systemd-26-2.fc15 systemtap-1.5-1.fc15 thunar-vcs-plugin-0.1.4-1.fc15 unbound-1.4.8-5.fc15 upstart-1.2-4.fc15 xfce4-xkb-plugin-0.5.4.1-1.fc15 xmonad-0.9.2-8.fc15 Details about builds: ================================================================================ NetworkManager-0.8.999-3.git20110526.fc15 (FEDORA-2011-7583) Network connection manager and user applications -------------------------------------------------------------------------------- ChangeLog: * Thu May 26 2011 Dan Williams <dcbw@xxxxxxxxxx> - 0.8.999-3.git20110526 - compat: fix activation/deactivation of VPN connections (rh #699786) - core: fix autodetection of previously-used hidden wifi networks - core: silence error if ConsoleKit database does not yet exist (rh #695617) - core: fix Ad-Hoc frequency handling (rh #699203) - core: fixes for migrated OpenConnect VPN plugin connections - core: various fixes for VPN connection secrets handling - core: send only short hostname to DHCP servers (rh #694758) - core: better handling of PKCS#8 private keys - core: fix dispatcher script interface name handling - editor: fix potential crash when connection is invalid (rh #704848) - editor: allow _ as a valid character for GSM APNs -------------------------------------------------------------------------------- References: [ 1 ] Bug #699786 - VPN connections broken in the compat interface https://bugzilla.redhat.com/show_bug.cgi?id=699786 [ 2 ] Bug #695617 - Error stating file /var/run/ConsoleKit/database in nm_session_monitor_init() https://bugzilla.redhat.com/show_bug.cgi?id=695617 [ 3 ] Bug #699203 - Unable to connect to ad-hoc WiFi network using nl80211 https://bugzilla.redhat.com/show_bug.cgi?id=699203 [ 4 ] Bug #694758 - dhclient sends FQDN as a host name in DHCP request https://bugzilla.redhat.com/show_bug.cgi?id=694758 [ 5 ] Bug #704848 - [abrt] NetworkManager-gnome-0.8.999-2.git20110509.fc15: g_type_check_instance: Process /usr/bin/nm-connection-editor was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=704848 -------------------------------------------------------------------------------- ================================================================================ autoconf-archive-2011.04.12-1.fc15 (FEDORA-2011-7567) The Autoconf Macro Archive -------------------------------------------------------------------------------- Update Information: The GNU Autoconf Archive is a collection of more than 450 macros for GNU Autoconf that have been contributed as free software by friendly supporters of the cause from all over the Internet. -------------------------------------------------------------------------------- References: [ 1 ] Bug #663925 - Review Request: autoconf-archive - The Autoconf Macro Archive https://bugzilla.redhat.com/show_bug.cgi?id=663925 -------------------------------------------------------------------------------- ================================================================================ ctpl-0.3.2-3.fc15 (FEDORA-2011-7541) Template library and engine written in C -------------------------------------------------------------------------------- Update Information: This fixes an small issue with the Fedora packaging of the CTPL documentation. -------------------------------------------------------------------------------- ChangeLog: * Wed May 25 2011 Dominic Hopf <dmaphy@xxxxxxxxxxxxxxxxx> - 0.3.2-3 - remove depedency on gtk-doc (fixes #707547) -------------------------------------------------------------------------------- References: [ 1 ] Bug #707547 - ctpl-doc depends on gtk-doc unnecessarily https://bugzilla.redhat.com/show_bug.cgi?id=707547 -------------------------------------------------------------------------------- ================================================================================ cvs-1.11.23-15.fc15 (FEDORA-2011-7572) Concurrent Versions System -------------------------------------------------------------------------------- Update Information: cvs package does not require csh anymore -------------------------------------------------------------------------------- ChangeLog: * Thu May 26 2011 Petr Pisar <ppisar@xxxxxxxxxx> - 1.11.23-15 - Filter sccs2rcs interpreter from dependencies again (bug #225672) -------------------------------------------------------------------------------- References: [ 1 ] Bug #225672 - Merge Review: cvs https://bugzilla.redhat.com/show_bug.cgi?id=225672 -------------------------------------------------------------------------------- ================================================================================ drupal6-6.22-1.fc15 (FEDORA-2011-7559) An open-source content-management platform -------------------------------------------------------------------------------- Update Information: * Advisory ID: DRUPAL-SA-CORE-2011-001 * Project: Drupal core [1] * Version: 6.x, 7.x * Date: 2011-May-25 * Security risk: Critical [2] * Exploitable from: Remote * Vulnerability: Access bypass, Cross Site Scripting -------- DESCRIPTION --------------------------------------------------------- Multiple vulnerabilities and weaknesses were discovered in Drupal. .... Reflected cross site scripting vulnerability in error handler A reflected cross site scripting vulnerability was discovered in Drupal's error handler. Drupal displays PHP errors in the messages area, and a specially crafted URL can cause malicious scripts to be injected into the message. The issue can be mitigated by disabling on-screen error display at admin/settings/error-reporting. This is the recommended setting for production sites. This issue affects Drupal 6.x only. .... Cross site scripting vulnerability in Color module When using re-colorable themes, color inputs are not sanitized. Malicious color values can be used to insert arbitrary CSS and script code. Successful exploitation requires the "Administer themes" permission. This issue affects Drupal 6.x and 7.x. .... Access bypass in File module When using private files in combination with a node access module, the File module allows unrestricted access to private files. This issue affects Drupal 7.x only. -------- VERSIONS AFFECTED --------------------------------------------------- * Drupal 7.x before version 7.1. * Drupal 6.x before version 6.21. -------- SOLUTION ------------------------------------------------------------ Install the latest version: * If you are running Drupal 7.x then upgrade to Drupal 7.1 [3] or 7.2 [4]. * If you are running Drupal 6.x then upgrade to Drupal 6.21 [5] or 6.22. [6] The Security Team has released both a pure security update without other bug fixes and a security update combined with other bug fixes and improvements. You can choose to either only include the security update for an immediate fix (which might require less quality assurance and testing) or more fixes and improvements alongside the security fixes by choosing between Drupal 7.1 [7] and Drupal 7.2 [8] or Drupal 6.21 [9] and Drupal 6.22 [10]. See the release announcement [11] for more information. See also the Drupal core [12] project page. -------- REPORTED BY --------------------------------------------------------- * The reflected cross site scripting vulnerability was reported by Heine Deelstra [13] (*). * The Color module cross site scripting vulnerability was reported by Kasper Lindgaard, Secunia Research. * The File access bypass was reported by Hubert Lecorche, and Peter Bex [14]. -------- FIXED BY ------------------------------------------------------------ * The reflected cross site scripting vulnerability was fixed by Alan Smithee. * The Color module cross site scripting vulnerability was fixed by StÃphane Corlosquet [15] (*), Heine Deelstra [16] (*), and Peter Wolanin [17] (*). * The File access bypass was fixed by Heine Deelstra [18] (*). (*) Member of the Drupal security team. -------- CONTACT AND MORE INFORMATION ---------------------------------------- The Drupal security team can be reached at security at drupal.org or via the contact form at http://drupal.org/contact [19]. Learn more about the Drupal Security team and their policies [20], writing secure code for Drupal [21], and securing your site [22]. [1] http://drupal.org/project/drupal [2] http://drupal.org/security-team/risk-levels [3] http://drupal.org/node/1168910 [4] http://drupal.org/node/1168946 [5] http://drupal.org/node/1168908 [6] http://drupal.org/node/1168950 [7] http://drupal.org/node/1168910 [8] http://drupal.org/node/1168946 [9] http://drupal.org/node/1168908 [10] http://drupal.org/node/1168950 [11] http://drupal.org/drupal-7.2 [12] http://drupal.org/project/drupal [13] http://drupal.org/user/17943 [14] https://drupal.org/user/309898 [15] http://drupal.org/user/52142 [16] http://drupal.org/user/17943 [17] http://drupal.org/user/49851 [18] http://drupal.org/user/17943 [19] http://drupal.org/contact [20] http://drupal.org/security-team [21] http://drupal.org/writing-secure-code [22] http://drupal.org/security/secure-configuration _______________________________________________ Security-news mailing list Security-news@xxxxxxxxxx http://lists.drupal.org/mailman/listinfo/security-news -------------------------------------------------------------------------------- ChangeLog: * Thu May 26 2011 Jon Ciesla <limb@xxxxxxxxxxxx> - 6.22-1 - Update to 6.22, SA-CORE-2011-001. -------------------------------------------------------------------------------- ================================================================================ drupal7-7.2-1.fc15 (FEDORA-2011-7575) An open-source content-management platform -------------------------------------------------------------------------------- Update Information: * Advisory ID: DRUPAL-SA-CORE-2011-001 * Project: Drupal core [1] * Version: 6.x, 7.x * Date: 2011-May-25 * Security risk: Critical [2] * Exploitable from: Remote * Vulnerability: Access bypass, Cross Site Scripting -------- DESCRIPTION --------------------------------------------------------- Multiple vulnerabilities and weaknesses were discovered in Drupal. .... Reflected cross site scripting vulnerability in error handler A reflected cross site scripting vulnerability was discovered in Drupal's error handler. Drupal displays PHP errors in the messages area, and a specially crafted URL can cause malicious scripts to be injected into the message. The issue can be mitigated by disabling on-screen error display at admin/settings/error-reporting. This is the recommended setting for production sites. This issue affects Drupal 6.x only. .... Cross site scripting vulnerability in Color module When using re-colorable themes, color inputs are not sanitized. Malicious color values can be used to insert arbitrary CSS and script code. Successful exploitation requires the "Administer themes" permission. This issue affects Drupal 6.x and 7.x. .... Access bypass in File module When using private files in combination with a node access module, the File module allows unrestricted access to private files. This issue affects Drupal 7.x only. -------- VERSIONS AFFECTED --------------------------------------------------- * Drupal 7.x before version 7.1. * Drupal 6.x before version 6.21. -------- SOLUTION ------------------------------------------------------------ Install the latest version: * If you are running Drupal 7.x then upgrade to Drupal 7.1 [3] or 7.2 [4]. * If you are running Drupal 6.x then upgrade to Drupal 6.21 [5] or 6.22. [6] The Security Team has released both a pure security update without other bug fixes and a security update combined with other bug fixes and improvements. You can choose to either only include the security update for an immediate fix (which might require less quality assurance and testing) or more fixes and improvements alongside the security fixes by choosing between Drupal 7.1 [7] and Drupal 7.2 [8] or Drupal 6.21 [9] and Drupal 6.22 [10]. See the release announcement [11] for more information. See also the Drupal core [12] project page. -------- REPORTED BY --------------------------------------------------------- * The reflected cross site scripting vulnerability was reported by Heine Deelstra [13] (*). * The Color module cross site scripting vulnerability was reported by Kasper Lindgaard, Secunia Research. * The File access bypass was reported by Hubert Lecorche, and Peter Bex [14]. -------- FIXED BY ------------------------------------------------------------ * The reflected cross site scripting vulnerability was fixed by Alan Smithee. * The Color module cross site scripting vulnerability was fixed by StÃphane Corlosquet [15] (*), Heine Deelstra [16] (*), and Peter Wolanin [17] (*). * The File access bypass was fixed by Heine Deelstra [18] (*). (*) Member of the Drupal security team. -------- CONTACT AND MORE INFORMATION ---------------------------------------- The Drupal security team can be reached at security at drupal.org or via the contact form at http://drupal.org/contact [19]. Learn more about the Drupal Security team and their policies [20], writing secure code for Drupal [21], and securing your site [22]. [1] http://drupal.org/project/drupal [2] http://drupal.org/security-team/risk-levels [3] http://drupal.org/node/1168910 [4] http://drupal.org/node/1168946 [5] http://drupal.org/node/1168908 [6] http://drupal.org/node/1168950 [7] http://drupal.org/node/1168910 [8] http://drupal.org/node/1168946 [9] http://drupal.org/node/1168908 [10] http://drupal.org/node/1168950 [11] http://drupal.org/drupal-7.2 [12] http://drupal.org/project/drupal [13] http://drupal.org/user/17943 [14] https://drupal.org/user/309898 [15] http://drupal.org/user/52142 [16] http://drupal.org/user/17943 [17] http://drupal.org/user/49851 [18] http://drupal.org/user/17943 [19] http://drupal.org/contact [20] http://drupal.org/security-team [21] http://drupal.org/writing-secure-code [22] http://drupal.org/security/secure-configuration _______________________________________________ Security-news mailing list Security-news@xxxxxxxxxx http://lists.drupal.org/mailman/listinfo/security-news Require php 5.3. -------------------------------------------------------------------------------- ChangeLog: * Thu May 26 2011 Jon Ciesla <limb@xxxxxxxxxxxx> - 7.2-1 - New upstream, SA-CORE-2011-001. -------------------------------------------------------------------------------- References: [ 1 ] Bug #704319 - drupal7 should require php53 instead of php (including php sub-packages) https://bugzilla.redhat.com/show_bug.cgi?id=704319 -------------------------------------------------------------------------------- ================================================================================ ebnetd-1.0-10.fc15 (FEDORA-2011-7564) EBNET protocol server -------------------------------------------------------------------------------- ChangeLog: * Thu May 26 2011 Akira TAGOH <tagoh@xxxxxxxxxx> - 1.0-10 - Correct a typo to support tmpfiles.d. -------------------------------------------------------------------------------- ================================================================================ ecryptfs-utils-87-2.fc15 (FEDORA-2011-7550) The eCryptfs mount helper and support libraries -------------------------------------------------------------------------------- Update Information: - auto-load ecryptfs module in ecryptfs-setup-private - fix not working mount after umount - confirm passphrases in interactive mode - fix not working mount after umount - confirm passphrases in interactive mode -------------------------------------------------------------------------------- ChangeLog: * Thu May 26 2011 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 87-2 - auto-load ecryptfs module in ecryptfs-setup-private * Tue May 24 2011 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 87-1 - updated tp v. 87 * Fri Mar 11 2011 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 86-3 - fix man pages * Wed Mar 2 2011 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 86-2 - fix selinux context -------------------------------------------------------------------------------- References: [ 1 ] Bug #707608 - Can not create Private Folder - No Kernelmodule? https://bugzilla.redhat.com/show_bug.cgi?id=707608 -------------------------------------------------------------------------------- ================================================================================ eekboard-0.90.7-2.fc15 (FEDORA-2011-7532) An Easy-to-use Virtual Keyboard Toolkit -------------------------------------------------------------------------------- Update Information: fix dependencies -------------------------------------------------------------------------------- ChangeLog: * Thu May 26 2011 Daiki Ueno <dueno@xxxxxxxxxx> - 0.90.7-2 - remove runtime dependency on gtk-doc (#707551) - let the base package depend on eekboard-python instead of eekboard-libs, for eekboard-inscript -------------------------------------------------------------------------------- References: [ 1 ] Bug #707551 - eekboard-devel depends on gtk-doc unnecessarily https://bugzilla.redhat.com/show_bug.cgi?id=707551 -------------------------------------------------------------------------------- ================================================================================ emacs-magit-1.0.0-1.fc15 (FEDORA-2011-7585) Emacs interface to the most common Git operations -------------------------------------------------------------------------------- Update Information: Update to upstream 1.0.1 release -------------------------------------------------------------------------------- ChangeLog: * Fri May 13 2011 Tom Moertel <tom@xxxxxxxxxxx> - 1.0.0-1 - Updated to upstream 1.0.0 -------------------------------------------------------------------------------- ================================================================================ evolution-rspam-0.3.0-1.fc15 (FEDORA-2011-7569) Evolution Plugin for reporting spam -------------------------------------------------------------------------------- Update Information: Update to latest upstream release. -------------------------------------------------------------------------------- ChangeLog: * Sat May 14 2011 Lucian Langa <cooly@xxxxxxxxxxxx> - 0.3.0-1 - new upstream release * Mon May 2 2011 Lucian Langa <cooly@xxxxxxxxxxxx> - 0.2.0-3 - rebuild for newer evolution * Tue Feb 8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ facter-1.5.9-1.fc15 (FEDORA-2011-7553) Ruby module for collecting simple facts about a host operating system -------------------------------------------------------------------------------- Update Information: Facter 1.5.9 is a maintenance release containing fixes and updates. This release contains several fixes, and updated facts, as well as adding some new facts. These include enhancements with Facter & EC2, additional memory facts for OS X, and better Ruby 1.9 support. A patch from Orion Poplawski to address upstream issue 7682 (http://projects.puppetlabs.com/issues/7682) has been applied. This should improve support for EPEL users on Scientific Linux. For the full list of changes refer to the upstream release announcement: http://groups.google.com/group/puppet-announce/browse_thread/thread/b4eb40fa248d7b9b -------------------------------------------------------------------------------- ChangeLog: * Thu May 26 2011 Todd Zullinger <tmz@xxxxxxxxx> - 1.5.9-1 - Update to 1.5.9 - Improve Scientific Linux support, courtesy of Orion Poplawski (upstream #7682) -------------------------------------------------------------------------------- ================================================================================ fence-agents-3.1.4-1.fc15 (FEDORA-2011-7536) Fence Agents for Red Hat Cluster -------------------------------------------------------------------------------- Update Information: This update fixes a few minor bugs and adds support for Citrix XenServer and XCP. -------------------------------------------------------------------------------- ChangeLog: * Thu May 26 2011 Fabio M. Di Nitto <fdinitto@xxxxxxxxxx> - 3.1.4-1 - new upstream release -------------------------------------------------------------------------------- ================================================================================ file-roller-3.0.2-1.fc15 (FEDORA-2011-7547) Tool for viewing and creating archives -------------------------------------------------------------------------------- ChangeLog: * Wed May 25 2011 Christopher Aillon <caillon@xxxxxxxxxx> - 3.0.2-1 - Update to 3.0.2 -------------------------------------------------------------------------------- ================================================================================ gdb-7.2.90.20110525-38.fc15 (FEDORA-2011-7531) A GNU source-level debugger for C, C++, Java and other languages -------------------------------------------------------------------------------- Update Information: Rebase to FSF GDB 7.2.90.20110525 (which is a 7.3 pre-release). [stap] Fix double free (Sergio Durigan Junior). -------------------------------------------------------------------------------- ChangeLog: * Wed May 25 2011 Jan Kratochvil <jan.kratochvil@xxxxxxxxxx> - 7.2.90.20110525-38.fc15 - Rebase to FSF GDB 7.2.90.20110525 (which is a 7.3 pre-release). - [stap] Fix double free (Sergio Durigan Junior). * Tue May 3 2011 Jan Kratochvil <jan.kratochvil@xxxxxxxxxx> - 7.2.90.20110429-37.fc15 - Search also for .<seqno> files in /usr/lib/debug/.build-id (BZ 641377). -------------------------------------------------------------------------------- ================================================================================ gedit-3.0.2-2.fc15 (FEDORA-2011-7542) Text editor for the GNOME desktop -------------------------------------------------------------------------------- Update Information: This update fixes a possible crash when using the search function. -------------------------------------------------------------------------------- ChangeLog: * Wed May 25 2011 Dan Williams <dcbw@xxxxxxxxxx> 2:3.0.2-2 - Fix double-free when searching -------------------------------------------------------------------------------- References: [ 1 ] Bug #706102 - [abrt] gedit-3.0.2-1.fc15: __libc_free: Process /usr/bin/gedit was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=706102 -------------------------------------------------------------------------------- ================================================================================ gnome-shell-3.0.2-1.fc15 (FEDORA-2011-7571) Window management and application launching for GNOME -------------------------------------------------------------------------------- Update Information: This updates includes the latest stable versions of the GNOME Shell and the Mutter window management library, fixing numerous minor bugs and some memory leaks. For details of the included fixes, see: https://mail.gnome.org/archives/gnome-announce-list/2011-May/msg00035.html https://mail.gnome.org/archives/gnome-announce-list/2011-May/msg00036.html https://mail.gnome.org/archives/gnome-announce-list/2011-May/msg00037.html -------------------------------------------------------------------------------- ChangeLog: * Wed May 25 2011 Owen Taylor <otaylor@xxxxxxxxxx> - 3.0.2-1 - Update to 3.0.2 -------------------------------------------------------------------------------- ================================================================================ ibus-1.3.99.20110408-5.fc15 (FEDORA-2011-7587) Intelligent Input Bus for Linux OS -------------------------------------------------------------------------------- Update Information: Showed XKB variant descriptions only without layout descriptions. -------------------------------------------------------------------------------- ChangeLog: * Thu May 26 2011 Takao Fujiwara <tfujiwar@xxxxxxxxxx> - 1.3.99.20110408-5 - Added ibus-HEAD.patch Fixed Bug 697471 - ibus-gconf zombie when restart ibus from ibus panel. - Updated ibus-541492-xkb.patch Fixed Bug 701202 - us(dvorak) does not show up in list Showed XKB variant descriptions only without layout descriptions. - Updated ibus-xx-setup-frequent-lang.patch Updated UI strings -------------------------------------------------------------------------------- ================================================================================ libgpod-0.8.0-9.fc15 (FEDORA-2011-7580) Library to access the contents of an iPod -------------------------------------------------------------------------------- Update Information: Add support for tmpfiles.d. The ipod-set-info udev callout writes to /var/run/libgpod, which will vanish on reboot without a proper tmpfiles.d config file. Add support for tmpfiles.d. The ipod-set-info udev callout writes to /var/run/libgpod, which will vanish on reboot without a proper tmpfiles.d config file. -------------------------------------------------------------------------------- ChangeLog: * Wed May 25 2011 Todd Zullinger <tmz@xxxxxxxxx> - 0.8.0-9 - Fix tmpfiles.d user/group for /var/run/libgpod (#707787) * Mon May 23 2011 Todd Zullinger <tmz@xxxxxxxxx> - 0.8.0-8 - Support tmpfiles.d for Fedora >= 15 (#707066) -------------------------------------------------------------------------------- References: [ 1 ] Bug #707066 - ipod-set-info callout fails on Fedora 15, so songs are unavailable on iPod device https://bugzilla.redhat.com/show_bug.cgi?id=707066 [ 2 ] Bug #707787 - tmpfiles.d configuration file uses unknown user/group https://bugzilla.redhat.com/show_bug.cgi?id=707787 -------------------------------------------------------------------------------- ================================================================================ libmygpo-qt-1.0.3-1.fc15 (FEDORA-2011-7534) Qt Library that wraps the gpodder.net Web API -------------------------------------------------------------------------------- References: [ 1 ] Bug #703488 - Review Request: libmygpo-qt - Qt Library that wraps the gpodder.net Web API https://bugzilla.redhat.com/show_bug.cgi?id=703488 -------------------------------------------------------------------------------- ================================================================================ libqzeitgeist-0.7.0-1.fc15 (FEDORA-2011-7548) Qt Zeitgeist Library -------------------------------------------------------------------------------- References: [ 1 ] Bug #706400 - Review Request: libqzeitgeist - Qt Zeitgeist Library https://bugzilla.redhat.com/show_bug.cgi?id=706400 -------------------------------------------------------------------------------- ================================================================================ mutter-3.0.2.1-1.fc15 (FEDORA-2011-7571) Window and compositing manager based on Clutter -------------------------------------------------------------------------------- Update Information: This updates includes the latest stable versions of the GNOME Shell and the Mutter window management library, fixing numerous minor bugs and some memory leaks. For details of the included fixes, see: https://mail.gnome.org/archives/gnome-announce-list/2011-May/msg00035.html https://mail.gnome.org/archives/gnome-announce-list/2011-May/msg00036.html https://mail.gnome.org/archives/gnome-announce-list/2011-May/msg00037.html -------------------------------------------------------------------------------- ChangeLog: * Wed May 25 2011 Owen Taylor <otaylor@xxxxxxxxxx> - 3.0.2.1-1 - Update to 3.0.2.1 -------------------------------------------------------------------------------- ================================================================================ nautilus-3.0.2-1.fc15 (FEDORA-2011-7543) File manager for GNOME -------------------------------------------------------------------------------- Update Information: Update to upstream 3.0.2 -------------------------------------------------------------------------------- ChangeLog: * Tue May 24 2011 Cosimo Cecchi <cosimoc@xxxxxxxxxx> - 3.0.2-1 - Update to 3.0.2 -------------------------------------------------------------------------------- ================================================================================ opencv-2.2.0-6.fc15 (FEDORA-2011-7589) Collection of algorithms for computer vision -------------------------------------------------------------------------------- Update Information: Update to opencv bugfix branch - Fix libv4l - Typedef fix - Backport SSE2 asm on arch that support it. -------------------------------------------------------------------------------- ChangeLog: * Thu May 26 2011 Nicolas Chauvet <kwizart@xxxxxxxxx> - 2.2.0-6 - Backport fixes from branch 2.2 to date * Tue May 17 2011 Nicolas Chauvet <kwizart@xxxxxxxxx> - 2.2.0-5 - Re-enable v4l on f15 - Remove unused cmake options -------------------------------------------------------------------------------- ================================================================================ perl-TryCatch-1.003000-1.fc15 (FEDORA-2011-7565) First class try catch semantics for Perl, without source filters -------------------------------------------------------------------------------- Update Information: This new module is requirement for lot of packages. It adds try - catch statement. -------------------------------------------------------------------------------- ================================================================================ powertop-1.98-1.fc15 (FEDORA-2011-7560) Power consumption monitor -------------------------------------------------------------------------------- Update Information: This is new development version of upcoming powertop 2.x. This updated version is tagged 1.98 (aka beta 2) and contains many bugfixes. -------------------------------------------------------------------------------- ChangeLog: * Wed May 25 2011 Jaroslav Åkarvada <jskarvad@xxxxxxxxxx> - 1.98-1 - New version * Wed Mar 23 2011 Dan HorÃk <dan[at]danny.cz> - 1.97-2 - csstoh should return 0 -------------------------------------------------------------------------------- ================================================================================ prison-1.0-2.fc15 (FEDORA-2011-7538) A Qt-based barcode abstraction library -------------------------------------------------------------------------------- Update Information: Prison is a Qt-based barcode abstraction layer/library that provides an uniform access to generation of barcodes with data. -------------------------------------------------------------------------------- References: [ 1 ] Bug #706409 - Review Request: prison - A Qt-based barcode abstraction library https://bugzilla.redhat.com/show_bug.cgi?id=706409 -------------------------------------------------------------------------------- ================================================================================ pyrenamer-0.6.0-7.fc15 (FEDORA-2011-7584) A mass file renamer -------------------------------------------------------------------------------- Update Information: Un-orphaned. -------------------------------------------------------------------------------- References: [ 1 ] Bug #697976 - Review Request: pyrenamer - A mass file renamer https://bugzilla.redhat.com/show_bug.cgi?id=697976 -------------------------------------------------------------------------------- ================================================================================ rhythmbox-2.90.1-10.git20110502.fc15 (FEDORA-2011-7573) Music Management Application -------------------------------------------------------------------------------- ChangeLog: * Wed May 25 2011 Dan Williams <dcbw@xxxxxxxxxx> - 2.90.1-10.git20110502 - Fix crash handling dates (rh #699290) * Mon May 2 2011 Cosimo Cecchi <cosimoc@xxxxxxxxxx> - 2.90.1-9.git20110502 - Update to a newer git snapshot * Thu Apr 14 2011 Cosimo Cecchi <cosimoc@xxxxxxxxxx> - 2.90.1-8.git20110414 - Update to a newer git snapshot * Tue Mar 29 2011 Cosimo Cecchi <cosimoc@xxxxxxxxxx> - 2.90.1-7.git20110329 - Update to a newer git snapshot, should hopefully fix cover art. -------------------------------------------------------------------------------- References: [ 1 ] Bug #699290 - [abrt] rhythmbox-2.90.1-6.git20110328.fc15: g_str_hash: Process /usr/bin/rhythmbox was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=699290 -------------------------------------------------------------------------------- ================================================================================ scummvm-1.3.0-1.fc15 (FEDORA-2011-7568) Interpreter for several adventure games -------------------------------------------------------------------------------- Update Information: Update to latest upstream release. -------------------------------------------------------------------------------- ChangeLog: * Wed May 25 2011 Lucian Langa <cooly@xxxxxxxxxxxx> - 1.3.0-1 - new upstream release -------------------------------------------------------------------------------- ================================================================================ shared-mime-info-0.90-8.fc15 (FEDORA-2011-7570) Shared MIME information database -------------------------------------------------------------------------------- Update Information: This update changes the default productivity application associations to LibreOffice, rather than OpenOffice. -------------------------------------------------------------------------------- ChangeLog: * Thu May 26 2011 Bastien Nocera <bnocera@xxxxxxxxxx> 0.90-8 - Fix LibreOffice associations (patch from Caolan McNamara, #707971) -------------------------------------------------------------------------------- References: [ 1 ] Bug #707971 - defaults.list needs updating for libreoffice https://bugzilla.redhat.com/show_bug.cgi?id=707971 -------------------------------------------------------------------------------- ================================================================================ shotwell-0.9.3-1.fc15 (FEDORA-2011-7562) A photo organizer for the GNOME desktop -------------------------------------------------------------------------------- Update Information: This release fixes issues with desktop integration and RAW file storage, and includes translation updates. -------------------------------------------------------------------------------- ChangeLog: * Thu May 26 2011 Michel Salim <salimma@xxxxxxxxxxxxxxxxx> - 0.9.3-1 - Update to 0.9.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #700057 - shotwell-0.9.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=700057 -------------------------------------------------------------------------------- ================================================================================ systemd-26-2.fc15 (FEDORA-2011-7582) A System and Service Manager -------------------------------------------------------------------------------- Update Information: Fixe four bugs. Also contains part of the fix for 707577 -------------------------------------------------------------------------------- ChangeLog: * Wed May 25 2011 Lennart Poettering <lpoetter@xxxxxxxxxx> - 26-2 - Bugfix release - https://bugzilla.redhat.com/show_bug.cgi?id=707507 - https://bugzilla.redhat.com/show_bug.cgi?id=707483 - https://bugzilla.redhat.com/show_bug.cgi?id=705427 - https://bugzilla.redhat.com/show_bug.cgi?id=707577 -------------------------------------------------------------------------------- References: [ 1 ] Bug #707507 - systemd in F15 must Obsolete the latest upstart from F14 updates https://bugzilla.redhat.com/show_bug.cgi?id=707507 [ 2 ] Bug #707483 - systemd segfault when invalid method on DBus invoked https://bugzilla.redhat.com/show_bug.cgi?id=707483 [ 3 ] Bug #705427 - Hourly logging from cron fills up /var/log/secure https://bugzilla.redhat.com/show_bug.cgi?id=705427 -------------------------------------------------------------------------------- ================================================================================ systemtap-1.5-1.fc15 (FEDORA-2011-7539) Instrumentation System -------------------------------------------------------------------------------- ChangeLog: * Mon May 23 2011 Stan Cox <scox@xxxxxxxxxx> - 1.5-1 - Upstream release. -------------------------------------------------------------------------------- ================================================================================ thunar-vcs-plugin-0.1.4-1.fc15 (FEDORA-2011-7535) Version Contol System plugin for the Thunar filemanager -------------------------------------------------------------------------------- Update Information: This update makes the VCS plugin work with Thunar in Xfce 4.8 again. -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 20 2011 Christoph Wickert <cwickert@xxxxxxxxxxxxxxxxx> - 0.1.4-1 - Update to 0.1.4 (for Thunar >= 1.2.0) * Wed Feb 9 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.1.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild * Wed Nov 25 2009 Christoph Wickert <cwickert@xxxxxxxxxxxxxxxxx> - 0.1.2-3 - Rebuild vor subversion 1.6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #707728 - update thunar-vcs-plugin in F15 https://bugzilla.redhat.com/show_bug.cgi?id=707728 -------------------------------------------------------------------------------- ================================================================================ unbound-1.4.8-5.fc15 (FEDORA-2011-7540) Validating, recursive, and caching DNS(SEC) resolver -------------------------------------------------------------------------------- Update Information: Denial of Service fix: CVE-2011-1922 -------------------------------------------------------------------------------- ChangeLog: * Wed May 25 2011 Paul Wouters <paul@xxxxxxxxxxxxx> - 1.4.8-5 - Applied patch for CVE-2011-1922 DoS vulnerability -------------------------------------------------------------------------------- ================================================================================ upstart-1.2-4.fc15 (FEDORA-2011-7355) An event-driven init system -------------------------------------------------------------------------------- Update Information: This update only adds /etc/init.conf file in order to suppress boot error message: "init:/etc/init.conf: Unable to load configuration: No such file or directory". Obsoletes: upstart-sysvinit was removed to avoid installing upstart since distro update. -------------------------------------------------------------------------------- ChangeLog: * Wed May 25 2011 Petr Lautrbach <plautrba@xxxxxxxxxx> 1.2-4 - drop Obsoletes: upstart-sysvinit (#707507) - clean upstart-sysvinit stuff from spec file * Fri May 13 2011 Petr Lautrbach <plautrba@xxxxxxxxxx> 1.2-3 - add /etc/init.conf file -------------------------------------------------------------------------------- References: [ 1 ] Bug #707507 - systemd in F15 must Obsolete the latest upstart from F14 updates https://bugzilla.redhat.com/show_bug.cgi?id=707507 -------------------------------------------------------------------------------- ================================================================================ xfce4-xkb-plugin-0.5.4.1-1.fc15 (FEDORA-2011-7556) XKB layout switcher for the Xfce panel -------------------------------------------------------------------------------- Update Information: This update fixes several crashes and a memory leak. It also includes some updated translations and new flags. As a new feature you can now cycle through the keyboard layouts when pointing the mouse to the plugin and scrolling with it's wheel. -------------------------------------------------------------------------------- ChangeLog: * Wed May 25 2011 Christoph Wickert <wickert@xxxxxxxxxxxx> - 0.5.4.1-1 - Update to 0.5.4.1 - Remove all upstreamed patches -------------------------------------------------------------------------------- References: [ 1 ] Bug #608230 - xkb-plugin forgets "change layout option" after logout-login on SLIM https://bugzilla.redhat.com/show_bug.cgi?id=608230 [ 2 ] Bug #614158 - [abrt] crash in xfce4-xkb-plugin-0.5.3.3-3.fc13: xkb_util_get_flag_filename: Process /usr/libexec/xfce4/panel-plugins/xfce4-xkb-plugin was killed by signal 6 (SIGABRT) https://bugzilla.redhat.com/show_bug.cgi?id=614158 [ 3 ] Bug #664662 - [abrt] xfce4-xkb-plugin-0.5.3.3-4.fc14: __strlen_sse2_bsf: Process /usr/libexec/xfce4/panel-plugins/xfce4-xkb-plugin was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=664662 [ 4 ] Bug #675033 - [abrt] xfce4-xkb-plugin-0.5.3.3-4.fc14: strlen: Process /usr/libexec/xfce4/panel-plugins/xfce4-xkb-plugin was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=675033 [ 5 ] Bug #704964 - Plugin leaks memory. Fixed by upstream. https://bugzilla.redhat.com/show_bug.cgi?id=704964 -------------------------------------------------------------------------------- ================================================================================ xmonad-0.9.2-8.fc15 (FEDORA-2011-7590) A tiling window manager -------------------------------------------------------------------------------- Update Information: Add new xmonad-gnome and xmonad-core subpackages. The base package now pulls in ghc-monad-devel again and also ghc-xmonad-contrib-devel for user customization. -------------------------------------------------------------------------------- ChangeLog: * Fri May 13 2011 Jens Petersen <petersen@xxxxxxxxxx> - 0.9.2-8 - add a core subpackage and let the base package can pull in ghc-xmonad*-devel - add a gnome subpackage for the gnome session - more README.fedore improvements - xmonad-start: quote the xterm commands and support ~/.xmonad/session - fix doc files conflicts by having xmonad-core require ghc-xmonad -------------------------------------------------------------------------------- References: [ 1 ] Bug #707569 - xmonad GNOME session fails to start properly https://bugzilla.redhat.com/show_bug.cgi?id=707569 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test