The following Fedora 13 Security updates need testing: https://admin.fedoraproject.org/updates/gimp-2.6.11-14.fc13 https://admin.fedoraproject.org/updates/tor-0.2.1.29-1300.fc13 https://admin.fedoraproject.org/updates/libmodplug-0.8.7-3.fc13 https://admin.fedoraproject.org/updates/openldap-2.4.21-12.fc13 https://admin.fedoraproject.org/updates/polkit-0.96-2.fc13 https://admin.fedoraproject.org/updates/xorg-x11-server-utils-7.4-17.fc13 https://admin.fedoraproject.org/updates/kernel-2.6.34.9-69.fc13 https://admin.fedoraproject.org/updates/drupal-6.22-1.fc13 https://admin.fedoraproject.org/updates/cyrus-imapd-2.3.16-5.fc13 https://admin.fedoraproject.org/updates/jabberd-2.2.11-4.fc13 https://admin.fedoraproject.org/updates/phpMyAdmin-3.4.1-1.fc13 https://admin.fedoraproject.org/updates/libtiff-3.9.5-1.fc13 https://admin.fedoraproject.org/updates/bind-9.7.3-2.P1.fc13 https://admin.fedoraproject.org/updates/dovecot-1.2.17-1.fc13 https://admin.fedoraproject.org/updates/mutt-1.5.21-5.fc13 https://admin.fedoraproject.org/updates/rdesktop-1.6.0-10.fc13 https://admin.fedoraproject.org/updates/weechat-0.3.5-1.fc13 https://admin.fedoraproject.org/updates/libxml-1.8.17-26.fc13 https://admin.fedoraproject.org/updates/wireshark-1.2.17-1.fc13 The following Fedora 13 Critical Path updates have yet to be approved: https://admin.fedoraproject.org/updates/livecd-tools-13.3-1.fc13 https://admin.fedoraproject.org/updates/module-init-tools-3.11.1-4.fc13 https://admin.fedoraproject.org/updates/libcdio-0.82-4.fc13 https://admin.fedoraproject.org/updates/kernel-2.6.34.9-69.fc13 https://admin.fedoraproject.org/updates/polkit-0.96-2.fc13 https://admin.fedoraproject.org/updates/python-ethtool-0.7-2.fc13 https://admin.fedoraproject.org/updates/libtiff-3.9.5-1.fc13 https://admin.fedoraproject.org/updates/pygtk2-2.17.0-9.fc13 https://admin.fedoraproject.org/updates/dosfstools-3.0.9-5.fc13 https://admin.fedoraproject.org/updates/libimobiledevice-1.0.6-1.fc13 https://admin.fedoraproject.org/updates/usbmuxd-1.0.7-1.fc13 https://admin.fedoraproject.org/updates/fuse-2.8.5-5.fc13 https://admin.fedoraproject.org/updates/openldap-2.4.21-12.fc13 https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-7.fc13 https://admin.fedoraproject.org/updates/lldpad-0.9.26-2.fc13 The following builds have been pushed to Fedora 13 updates-testing etckeeper-0.54-1.fc13 iproute-2.6.33-9.fc13 jabberd-2.2.11-4.fc13 libxml-1.8.17-26.fc13 livecd-tools-13.3-1.fc13 perl-IO-Socket-INET6-2.66-1.fc13 qbittorrent-2.8.0-1.fc13 roundup-1.4.18-1.fc13 rpld-1.8-0.8.beta1.fc13 weechat-0.3.5-1.fc13 wireshark-1.2.17-1.fc13 wordpress-3.1.3-3.fc13 x509watch-0.4.0-1.fc13 Details about builds: ================================================================================ etckeeper-0.54-1.fc13 (FEDORA-2011-7787) Store /etc in a SCM system (git, mercurial, bzr or darcs) -------------------------------------------------------------------------------- Update Information: Update to 0.54, a bugfix version. From the upstream changelog: * Ignore inssev's FHS violating /etc/init.d/.depend.* files. * Use hg pre-commit hook, rather than its precommit hook, as the latter is run after the files staged for commit are determined and so .etckeeper cannot be staged as part of the current commit. Furthermore, we include a patch to fix error propagation to yum, which makes AVOID_COMMIT_BEFORE_INSTALL work (bz 709487). -------------------------------------------------------------------------------- ChangeLog: * Wed Jun 1 2011 Thomas Moschny <thomas.moschny@xxxxxx> - 0.54-1 - Update to 0.54. - Add patch for bz 709487. -------------------------------------------------------------------------------- References: [ 1 ] Bug #709487 - yum fails to honor AVOID_COMMIT_BEFORE_INSTALL https://bugzilla.redhat.com/show_bug.cgi?id=709487 -------------------------------------------------------------------------------- ================================================================================ iproute-2.6.33-9.fc13 (FEDORA-2011-7836) Advanced IP routing and network device configuration tools -------------------------------------------------------------------------------- Update Information: Fix GRED options clearing -------------------------------------------------------------------------------- ChangeLog: * Wed Jun 1 2011 Petr Sabata <contyk@xxxxxxxxxx> - 2.6.33-9 - Include cb4bd0ec8 (#707984) -------------------------------------------------------------------------------- References: [ 1 ] Bug #707984 - TC: GRED in grio mode VQs prio parameter does not work (value doesn't change) https://bugzilla.redhat.com/show_bug.cgi?id=707984 -------------------------------------------------------------------------------- ================================================================================ jabberd-2.2.11-4.fc13 (FEDORA-2011-7818) OpenSource server implementation of the Jabber protocols -------------------------------------------------------------------------------- Update Information: This update fixes an important security issue (CVE-2011-1755), for more information, please see https://bugzilla.redhat.com/show_bug.cgi?id=700390. -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 2 2011 Dominic Hopf <dmaphy@xxxxxxxxxxxxxxxxx> - 2.2.11-4 - backported patch to fix the billion laughs issue from 2.2.14 (#700390, CVE-2011-1755) -------------------------------------------------------------------------------- References: [ 1 ] Bug #700390 - CVE-2011-1755 jabberd: DoS via the XML "billion laughs attack" https://bugzilla.redhat.com/show_bug.cgi?id=700390 -------------------------------------------------------------------------------- ================================================================================ libxml-1.8.17-26.fc13 (FEDORA-2011-7810) Old XML library for Gnome-1 application compatibility -------------------------------------------------------------------------------- Update Information: This update addresses CVE-2011-1944 (heap-based buffer overflow by adding a new namespace node to an existing nodeset or merging nodesets). It is described in detail at http://scarybeastsecurity.blogspot.com/2011/05/libxml-vulnerability-and-interesting.html -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 2 2011 Paul Howarth <paul@xxxxxxxxxxxx> 1:1.8.17-26 - add patch for CVE-2011-1944 (#709751) - add %check section and run regression tests (note that diffs appearing in the output do not cause the build to fail) - nobody else likes macros for commands * Tue Feb 8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1:1.8.17-25 - rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #709747 - CVE-2011-1944 libxml, libxml2: Heap-based buffer overflow by adding new namespace node to an existing nodeset or merging nodesets https://bugzilla.redhat.com/show_bug.cgi?id=709747 -------------------------------------------------------------------------------- ================================================================================ livecd-tools-13.3-1.fc13 (FEDORA-2011-7785) Tools for building live CDs -------------------------------------------------------------------------------- Update Information: - extlinux doesn't support ext4 or btrfs on F13 (#709778) (bcl) - Print reason for sudden exit (bcl) - Fix skipcopy usage with DVD iso (#644194) (bmj001) - Move selinux relabel to after %post (#648591) (bcl) - Add support for virtio disks to livecd (#672936) (bcl) - Check return value on udevadm (#637258) (bcl) - Source may be a file or a block device, mount accordingly (bcl) - Align start of partition at 1MiB (#668967) (bcl) - Check for one big initrd.img (#671900) (bcl) - Update documentation for xz availability. (bruno) - Change releasever to a command line option (#667474) (bcl) - Assign a device-mapper UUID w/ subsystem prefix to the dm snapshot. (dlehman) - Fix git URLs to match reality. (dlehman) - Trap copyFile errors (#663849) (fgrose) - Create tmpdir if it doesn't exist (#658632) (bcl) - Fix partition number selection for MMC bus devices (#587411) (fgrose) - Tolerate empty transactions (lkundrak) - Change version for f13-branch (bcl) - Misc. fixups (#652522) (fgrose) - Set indentation to 4 spaces (#652522) (fgrose) - Add a release target (bcl) - Pass dracut args during check (#589778) (bcl) - Cleanup EOL spaces (#652522) (fgrose) - Typo. Need space before ]. (bruno) - Add support for timeout and totaltimeout to livecd-iso-to-disk (#531566) (bcl) Update f13 branch to track master in order to make future changes easier. -------------------------------------------------------------------------------- References: [ 1 ] Bug #709778 - livecd-iso-to-disk will not created bootable F15 install usb key. https://bugzilla.redhat.com/show_bug.cgi?id=709778 [ 2 ] Bug #663849 - copyFile failures not trapped in livecd-iso-to-disk https://bugzilla.redhat.com/show_bug.cgi?id=663849 [ 3 ] Bug #658632 - --tmpdir option expects a prexisting directory https://bugzilla.redhat.com/show_bug.cgi?id=658632 [ 4 ] Bug #587411 - livecd-iso-to-disk --format fails with SD/MMC partitions https://bugzilla.redhat.com/show_bug.cgi?id=587411 -------------------------------------------------------------------------------- ================================================================================ perl-IO-Socket-INET6-2.66-1.fc13 (FEDORA-2011-7789) Perl Object interface for AF_INET|AF_INET6 domain sockets -------------------------------------------------------------------------------- Update Information: A new, bugfix version of IO::Socket::INET6 is available. -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 13 2011 Paul Howarth <paul@xxxxxxxxxxxx> - 2.66-1 - Update to 2.66 - Fix inet_pton/inet_ntop import warnings (CPAN RT#55901) - Fix listening on :: or 0.0.0.0 (CPAN RT#54656) - Add test listen_port_only.t - Solved problems with multihomed and family order (CPAN RT#57676) - Fix select timeout issue in t/io_multihomed6.t - Fix t/io_multihomed6.t on systems with broken getaddrinfo() (CPAN RT#58198) - Made the "use Socket" call import constants selectively, and not rely on @EXPORT's whims * Thu Jan 13 2011 Paul Howarth <paul@xxxxxxxxxxxx> - 2.57-4 - s/PERL_INSTALL_ROOT/DESTDIR/ - re-enable the test suite - BR: perl(Test::More), perl(Test::Pod), perl(Test::Pod::Coverage) * Mon Dec 20 2010 Marcela Maslanova <mmaslano@xxxxxxxxxx> - 2.57-3 - Rebuild to fix problems with vendorarch/lib (#661697) * Sun May 2 2010 Marcela Maslanova <mmaslano@xxxxxxxxxx> - 2.57-2 - Mass rebuild with perl-5.12.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #619785 - Please update to 2.65 https://bugzilla.redhat.com/show_bug.cgi?id=619785 -------------------------------------------------------------------------------- ================================================================================ qbittorrent-2.8.0-1.fc13 (FEDORA-2011-7845) A Bittorrent Client -------------------------------------------------------------------------------- Update Information: * Thu Jun 02 2011 - Christophe Dumez <chris@xxxxxxxxxxxxxxx> - v2.8.0 - FEATURE: Added full libtorrent v0.16 support (uTP, ...) - FEATURE: Proxy can be disabled for peer connections - FEATURE: Added support for secure SMTP connection (SSL) - FEATURE: Added support for SMTP authentication - FEATURE: Added UPnP/NAT-PMP port forward for the Web UI port - FEATURE: qBittorrent can update dynamic DNS services (DynDNS, no-ip) - FEATURE: Display peer connection type in peer list (BT, uTP, Web) - FEATURE: Added full regex support to RSS downloader - FEATURE: Added regex help and validation in RSS downloader - FEATURE: Added HTTPS support to Web UI (Ishan Arora) - BUGFIX: Change systray icon on the fly (no restart needed) - BUGFIX: Remember peer-level rate limits (requires libtorrent v0.16) - BUGFIX: Stop annoncing to trackers an all tiers (more respectful) - BUGFIX: Stop sharing private trackers with other peers - BUGFIX: Tracker exchange extension can be disabled - BUGFIX: Cleaner program exit on system log out - BUGFIX: Fix possible magnet link parsing problems - BUGFIX: Fix possible RSS URL parsing problems - COSMETIC: Added monochrome icon for light themes -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 2 2011 Leigh Scott <leigh123linux@xxxxxxxxxxxxxx> - 1:2.8.0-1 - update to 2.8.0 -------------------------------------------------------------------------------- ================================================================================ roundup-1.4.18-1.fc13 (FEDORA-2011-7813) Simple and flexible issue-tracking system -------------------------------------------------------------------------------- Update Information: Update to 1.4.18. -------------------------------------------------------------------------------- ChangeLog: * Wed Jun 1 2011 John Khvatov <ivaxer@xxxxxxxxxxxxxxxxx> - 1.4.18-1 - updated to 1.4.18 - added roundup-doc subpackage for documentation * Wed Feb 9 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.4.15-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #700053 - roundup-1.4.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=700053 -------------------------------------------------------------------------------- ================================================================================ rpld-1.8-0.8.beta1.fc13 (FEDORA-2011-7808) RPL/RIPL remote boot daemon -------------------------------------------------------------------------------- Update Information: Added standard initscript. -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 2 2011 Paul P. Komkoff Jr <i@xxxxxxxxxx> - 1.8-0.8.beta1 - add initscript * Wed Feb 9 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.8-0.7.beta1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #487226 - [RFE] No Startup Script for RPL boot daemon https://bugzilla.redhat.com/show_bug.cgi?id=487226 -------------------------------------------------------------------------------- ================================================================================ weechat-0.3.5-1.fc13 (FEDORA-2011-7849) Portable, fast, light and extensible IRC client -------------------------------------------------------------------------------- Update Information: Update to most recent + spell->aspell rename. -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 2 2011 Paul P. Komkoff Jr <i@xxxxxxxxxx> - 0.3.5-1 - new upstream version * Mon Feb 7 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.3.3-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #688751 - CVE-2011-1428 weechat: improper verification of X.509 certificates can lead to MITM attacks https://bugzilla.redhat.com/show_bug.cgi?id=688751 -------------------------------------------------------------------------------- ================================================================================ wireshark-1.2.17-1.fc13 (FEDORA-2011-7858) Network traffic analyzer -------------------------------------------------------------------------------- Update Information: Upgrade to latest release, fixing few security bugs. See http://www.wireshark.org/docs/relnotes/wireshark-1.2.17.html. -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 2 2011 Jan Safranek <jsafrane@xxxxxxxxxx> - 1.2.17-1 - upgrade to 1.2.17 - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.17.html -------------------------------------------------------------------------------- References: [ 1 ] Bug #710109 - CVE-2011-2175 wireshark: Heap-based buffer over-read in Visual Networks dissector https://bugzilla.redhat.com/show_bug.cgi?id=710109 [ 2 ] Bug #710097 - CVE-2011-2174 wireshark: Double-free flaw by uncompressing of a zlib compressed packet https://bugzilla.redhat.com/show_bug.cgi?id=710097 [ 3 ] Bug #710039 - CVE-2011-1959 wireshark: Stack-based buffer over-read from tvbuff buffer https://bugzilla.redhat.com/show_bug.cgi?id=710039 [ 4 ] Bug #710021 - CVE-2011-1957 wireshark: Infinite loop in the DICOM dissector https://bugzilla.redhat.com/show_bug.cgi?id=710021 -------------------------------------------------------------------------------- ================================================================================ wordpress-3.1.3-3.fc13 (FEDORA-2011-7838) Blog tool and publishing platform -------------------------------------------------------------------------------- Update Information: Fix old FSF address and Summary to make rpmlint happy. Make wp-content directory owned by apache:apache. Correctly Provides/Obsoletes (with versions). Upgrade to the latest upstream version (security fixes and enhancements, BZ 707772). Move wp-content directory to /var/www/wordpress/ (BZ 522897). Simplify overly detailed files list. Actually, we just don't need gettext.php at all, it is provided by php itself. Just remove the file, don't make a symlink. Revert back to wp-content in /usr/share/wordpress, I am not able to make it work. Not fixing BZ 522897. -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 2 2011 MatÄj Cepl <mcepl@xxxxxxxxxx> - 3.1.3-3 - Actually, we just don't need gettext.php at all, it is provided by php itself. Just remove the file, don't make a symlink. - revert back to wp-content in /usr/share/wordpress, I am not able to make it work. Not fixing BZ 522897. * Wed Jun 1 2011 MatÄj Cepl <mcepl@xxxxxxxxxx> - 3.1.3-2 - Fix old FSF address and Summary to make rpmlint happy. - Make wp-content directory owned by apache:apache - Correctly Provides/Obsoletes (with versions) * Wed May 25 2011 MatÄj Cepl <mcepl@xxxxxxxxxx> - 3.1.3-1 - Upgrade to the latest upstream version (security fixes and enhancements, BZ 707772) - Move wp-content directory to /var/www/wordpress/ (BZ 522897) - Simplify overly detailed %files -------------------------------------------------------------------------------- References: [ 1 ] Bug #707772 - New upstream version 3.1.3 has been released https://bugzilla.redhat.com/show_bug.cgi?id=707772 [ 2 ] Bug #522897 - Unable To Upload Images To /usr/share/wordpress/wp-content/uploads/ https://bugzilla.redhat.com/show_bug.cgi?id=522897 -------------------------------------------------------------------------------- ================================================================================ x509watch-0.4.0-1.fc13 (FEDORA-2011-7841) Simple tool to list expiring or expired X.509 certificates -------------------------------------------------------------------------------- Update Information: Upstream changes for 0.4.0: - Mail from cronjob with x509watch output has now logwatch style -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 2 2011 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 0.4.0-1 - Upgrade to 0.4.0 * Mon Feb 7 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.3.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test