Fedora 13 updates-testing report

updates@xxxxxxxxxxxxxxxxx · Fri, 27 May 2011 20:30:04 +0000

The following Fedora 13 Security updates need testing:

    https://admin.fedoraproject.org/updates/php-ZendFramework-1.11.6-1.fc13
    https://admin.fedoraproject.org/updates/gimp-2.6.11-14.fc13
    https://admin.fedoraproject.org/updates/tor-0.2.1.29-1300.fc13
    https://admin.fedoraproject.org/updates/libmodplug-0.8.7-3.fc13
    https://admin.fedoraproject.org/updates/openldap-2.4.21-12.fc13
    https://admin.fedoraproject.org/updates/polkit-0.96-2.fc13
    https://admin.fedoraproject.org/updates/xorg-x11-server-utils-7.4-17.fc13
    https://admin.fedoraproject.org/updates/kernel-2.6.34.9-69.fc13
    https://admin.fedoraproject.org/updates/drupal-6.22-1.fc13
    https://admin.fedoraproject.org/updates/cyrus-imapd-2.3.16-5.fc13
    https://admin.fedoraproject.org/updates/xen-3.4.3-3.fc13
    https://admin.fedoraproject.org/updates/libtiff-3.9.5-1.fc13
    https://admin.fedoraproject.org/updates/bind-9.7.3-2.P1.fc13
    https://admin.fedoraproject.org/updates/dovecot-1.2.17-1.fc13
    https://admin.fedoraproject.org/updates/apr-1.4.5-1.fc13

The following Fedora 13 Critical Path updates have yet to be approved:

    https://admin.fedoraproject.org/updates/libcdio-0.82-4.fc13
    https://admin.fedoraproject.org/updates/kernel-2.6.34.9-69.fc13
    https://admin.fedoraproject.org/updates/polkit-0.96-2.fc13
    https://admin.fedoraproject.org/updates/python-ethtool-0.7-2.fc13
    https://admin.fedoraproject.org/updates/libtiff-3.9.5-1.fc13
    https://admin.fedoraproject.org/updates/pygtk2-2.17.0-9.fc13
    https://admin.fedoraproject.org/updates/dosfstools-3.0.9-5.fc13
    https://admin.fedoraproject.org/updates/libimobiledevice-1.0.6-1.fc13
    https://admin.fedoraproject.org/updates/usbmuxd-1.0.7-1.fc13
    https://admin.fedoraproject.org/updates/fuse-2.8.5-5.fc13
    https://admin.fedoraproject.org/updates/openldap-2.4.21-12.fc13
    https://admin.fedoraproject.org/updates/livecd-tools-13.2-1.fc13
    https://admin.fedoraproject.org/updates/lua-5.1.4-7.fc13
    https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-7.fc13
    https://admin.fedoraproject.org/updates/lldpad-0.9.26-2.fc13

The following builds have been pushed to Fedora 13 updates-testing

    bind-9.7.3-2.P1.fc13
    dovecot-1.2.17-1.fc13
    libcdio-0.82-4.fc13

Details about builds:

================================================================================
 bind-9.7.3-2.P1.fc13 (FEDORA-2011-7621)
 The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server
--------------------------------------------------------------------------------
Update Information:

Update to 9.7.3-P1 which fixes CVE-2011-1910:

* large RRSIG RRsets and negative caching can crash named
--------------------------------------------------------------------------------
ChangeLog:

* Fri May 27 2011 Adam Tkac <atkac redhat com> 32:9.7.3-2.P1
- update to 9.7.3-P1 (CVE-2011-1910)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #708301 - CVE-2011-1910 Large RRSIG RRsets and Negative Caching can crash named
        https://bugzilla.redhat.com/show_bug.cgi?id=708301
--------------------------------------------------------------------------------

================================================================================
 dovecot-1.2.17-1.fc13 (FEDORA-2011-7612)
 Secure imap and pop3 server
--------------------------------------------------------------------------------
Update Information:

- Fixed potential crashes and other problems when parsing header names that contained NUL characters.
- IMAP: Fixed a memory leak with ESEARCH command handling
- Quota warnings could have been executed at incorrect times with some configs.
--------------------------------------------------------------------------------
ChangeLog:

* Thu May 12 2011 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 1:1.2.17-1
- Fixed potential crashes and other problems when parsing header names
  that contained NUL characters
- IMAP: Fixed a memory leak with ESEARCH command handling
- Quota warnings could have been executed at incorrect times with some configs
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #706286 - CVE-2011-1929 dovecot: potential crash when parsing header names that contain NUL characters
        https://bugzilla.redhat.com/show_bug.cgi?id=706286
--------------------------------------------------------------------------------

================================================================================
 libcdio-0.82-4.fc13 (FEDORA-2011-7593)
 CD-ROM input and control library
--------------------------------------------------------------------------------
Update Information:

This update fixes one buffer overflow error in cdda-player and several other unprotected sprintf calls.
--------------------------------------------------------------------------------
ChangeLog:

* Thu May 19 2011 Honza Horak <hhorak@xxxxxxxxxx> - 0.82-4
- fixed #705673 buffer overflow and other unprotected sprintf calls
* Mon Feb  7 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.82-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #705673 - [abrt] libcdio-0.82-2.fc13: _IO_str_chk_overflow: Process /usr/bin/cdda-player was killed by signal 6 (SIGABRT)
        https://bugzilla.redhat.com/show_bug.cgi?id=705673
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe: 
https://admin.fedoraproject.org/mailman/listinfo/test