The following Fedora 14 Security updates need testing: https://admin.fedoraproject.org/updates/libvoikko-3.0-3.fc14 https://admin.fedoraproject.org/updates/subversion-1.6.17-1.fc14 https://admin.fedoraproject.org/updates/tomcat6-6.0.26-21.fc14 https://admin.fedoraproject.org/updates/openldap-2.4.23-10.fc14 https://admin.fedoraproject.org/updates/xen-4.0.2-1.fc14 https://admin.fedoraproject.org/updates/oprofile-0.9.6-21.fc14 https://admin.fedoraproject.org/updates/ejabberd-2.1.8-2.fc14 https://admin.fedoraproject.org/updates/blender-2.49b-14.fc14 https://admin.fedoraproject.org/updates/curl-7.21.0-8.fc14 https://admin.fedoraproject.org/updates/weechat-0.3.5-1.fc14 https://admin.fedoraproject.org/updates/libxml-1.8.17-27.fc14 https://admin.fedoraproject.org/updates/syslog-ng-3.1.4-4.fc14 https://admin.fedoraproject.org/updates/NetworkManager-0.8.4-2.git20110622.fc14 https://admin.fedoraproject.org/updates/xulrunner-1.9.2.18-1.fc14,firefox-3.6.18-1.fc14,mozvoikko-1.0-22.fc14.1,perl-Gtk2-MozEmbed-0.08-6.fc14.27,gnome-web-photo-0.9-21.fc14.1,galeon-2.0.7-41.fc14.1,gnome-python2-extras-2.25.3-31.fc14.1,thunderbird-3.1.11-1.fc14 https://admin.fedoraproject.org/updates/gdk-pixbuf2-2.22.0-2.fc14 The following Fedora 14 Critical Path updates have yet to be approved: https://admin.fedoraproject.org/updates/gdk-pixbuf2-2.22.0-2.fc14 https://admin.fedoraproject.org/updates/curl-7.21.0-8.fc14 https://admin.fedoraproject.org/updates/NetworkManager-0.8.4-2.git20110622.fc14 https://admin.fedoraproject.org/updates/bash-4.1.7-4.fc14 https://admin.fedoraproject.org/updates/python-slip-0.2.16-1.fc14 https://admin.fedoraproject.org/updates/policycoreutils-2.0.85-30.1.fc14 https://admin.fedoraproject.org/updates/system-config-keyboard-1.3.1-5.fc14 https://admin.fedoraproject.org/updates/fedora-logos-14.0.2-1.fc14 https://admin.fedoraproject.org/updates/gtk2-2.22.0-2.fc14 https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-8.fc14.2 https://admin.fedoraproject.org/updates/pygobject2-2.21.5-4.fc14 https://admin.fedoraproject.org/updates/pcre-8.10-2.fc14 https://admin.fedoraproject.org/updates/libpcap-1.1.1-3.fc14 https://admin.fedoraproject.org/updates/xorg-x11-drv-qxl-0.0.21-3.fc14 https://admin.fedoraproject.org/updates/evolution-exchange-2.32.3-1.fc14,evolution-data-server-2.32.3-1.fc14,evolution-2.32.3-1.fc14 https://admin.fedoraproject.org/updates/xorg-x11-drv-nouveau-0.0.16-14.20101010git8c8f15c.fc14 https://admin.fedoraproject.org/updates/libconcord-0.23-5.fc14,udev-161-9.fc14,concordance-0.23-2.fc14 https://admin.fedoraproject.org/updates/openldap-2.4.23-10.fc14 The following builds have been pushed to Fedora 14 updates-testing boswars-addons-2.6-2 freeradius-2.1.11-2.fc14 gdk-pixbuf2-2.22.0-2.fc14 ghc-cmdargs-0.7-2.fc14 libvirt-qpid-0.2.22-3.fc14 photoprint-0.4.2-0.2.pre2.fc14 subversion-api-docs-1.6.17-1.fc14 sysprof-1.1.6-3.fc14 xneur-0.13.0-1.fc14 xsane-0.998-4.fc14 Details about builds: ================================================================================ boswars-addons-2.6-2 (FEDORA-2011-8658) Addon maps for Bos Wars real-time strategy game -------------------------------------------------------------------------------- Update Information: boswars-addons version needs to match boswars version. -------------------------------------------------------------------------------- ChangeLog: * Fri Jun 24 2011 Bruno Wolff III <bruno@xxxxxxxx> - 2.6-2 - Bump release to put in f14 updates. * Tue May 31 2011 Bruno Wolff III <bruno@xxxxxxxx> - 2.6-1 - Use 2.6 compatible maps (resolves 659989) - Correct license from GPLv2 to GPLv2+ - Require a compatible version of boswars - Fix upstream URL * Mon Feb 7 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.5-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ freeradius-2.1.11-2.fc14 (FEDORA-2011-8677) High-performance and highly configurable free RADIUS server -------------------------------------------------------------------------------- Update Information: Upgrade to latest upstream 2.1.11 release. Plus fix logrotate script to perform reload (i.e. HUP) after log file is rotated. Upgrade to latest upstream release, 2.1.11 See changelog for details -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 23 2011 John Dennis <jdennis@xxxxxxxxxx> - 2.1.11-2 - reload the server (i.e. HUP) after logrotate * Wed Jun 22 2011 John Dennis <jdennis@xxxxxxxxxx> - 2.1.11-1 - Upgrade to latest upstream release: 2.1.11 - Remove the following two patches as upstream has incorporated them: freeradius-radtest-ipv6.patch freeradius-lt-dladvise.patch - Upstream changelog for 2.1.11: Feature improvements * Added doc/rfc/rfc6158.txt: RADIUS Design Guidelines. All vendors need to read it and follow its directions. * Microsoft SoH support for PEAP from Phil Mayers. See doc/SoH.txt * Certificate "bootstrap" script now checks for certificate expiry. See comments in raddb/eap.conf, and then "make_cert_command". * Support for dynamic expansion of EAP-GTC challenges. Patch from Alexander Clouter. * OCSP support from Alex Bergmann. See raddb/eap.conf, "ocsp" section. * Updated dictionary.huawei, dictionary.3gpp, dictionary.3gpp3. * Added dictionary.eltex, dictionary.motorola, and dictionary.ukerna. * Experimental redis support from Gabriel Blanchard. See raddb/modules/redis and raddb/modules/rediswho * Add "key" to rlm_fastusers. Closes bug #126. * Added scripts/radtee from original software at http://horde.net/~jwm/software/misc/comparison-tee * Updated radmin "man" page for new commands. * radsniff now prints the hex decoding of the packet (-x -x -x) * mschap module now reloads its configuration on HUP * Added experimental "replicate" module. See raddb/modules/replicate * Policy "foo" can now refer to module "foo". This lets you over-ride the behavior of a module. * Policy "foo.authorize" can now over-ride the behavior of module "foo", "authorize" method. * Produce errors in more situations when the configuration files have invalid syntax. Bug fixes * Ignore pre/post-proxy sections if proxying is disabled * Add configure checks for pcap_fopen*. * Fix call to otp_write in rlm_otp * Fix issue with Access-Challenge checking from 2.1.10, when the debug flag was set after server startup. Closes #116 and #117. * Fix typo in zombie period start time. * Fix leak in src/main/valuepair.c. Patch from James Ballantine. * Allow radtest to use spaces in shared secret. Patch from Cedric Carree. * Remove extra calls to HMAC_CTX_init() in rlm_wimax, fixing leak. Patch from James Ballantine. * Remove MN-FA key generation. The NAS does this, not AAA. Patch from Ben Weichman. * Include dictionary.mikrotik by default. Closes bug #121. * Add group membership query to MS-SQL examples. Closes bug #120. * Don't cast NAS-Port to integer in Postgresql queries. Closes bug #112. * Fixes for libtool and autoconf from Sam Hartman. * radsniff should read the dictionaries in more situations. * Use fnmatch to check for detail file reader==writer. Closes bug #128. * Check for short writes (i.e. disk full) in rlm_detail. Closes bug #130. Patches and testing from John Morrissey. * Fix typo in src/lib/token.c. Closes bug #124 * Allow workstation trust accounts to use MS-CHAP. Closes bug #123. * Assigning foo=`/bin/echo hello` now produces a syntax error if it is done outside of an "update" section. * Fix "too many open file descriptors" problem when using "verify client" in eap.conf. * Many fixes to dialup_admin for PHP5, by Stefan Winter. * Allow preprocess module to have "hints = " and "huntgroups =", which allows them to be empty or non-existent. * Renamed "php3" files to "php" in dialup_admin/ * Produce error when sub-TLVs are used in a dictionary. They are supported only in the "master" branch, and not in 2.1.x. * Minor fix in dictionary.redback. Closes bug #138. * Fixed MySQL "NULL" issues in ippool.conf. Closes bug #129. * Fix to Access-Challenge warning from Ken-ichirou Matsuzawa. Closes bug #118. * DHCP fixes to send unicast packets in more situations. * Fix to udpfromto, to enable it to work on IPv6 networks. * Fixes to the Oracle accounting_onoff_query. * When using both IPv4 and IPv6 home servers, ensure that we use the correct local socket for proxying. Closes bug #143. * Suppress messages when thread pool is nearly full, all threads are busy, and we can't create new threads. * IPv6 is now enabled for udpfromto. Closes bug #141 * Make sqlippool query buffer the same size as sql module. Closes bug #139. * Make Coa / Disconnect proxying work again. * Configure scripts for rlm_caching from Nathaniel McCallum * src/lib/dhcp.c and src/include/libradius.h are LGPL, not GPL. * Updated password routines to use time-insensitive comparisons. This prevents timing attacks (though none are known). * Allow sqlite module to do normal SELECT queries. * rlm_wimax now has a configure script * Moved Ascend, USR, and Motorola "illegal" dictionaries to separate files. See share/dictionary for explanations. * Check for duplicate module definitions in the modules{} section, and refuse to start if duplicates are found. * Check for duplicate virtual servers, and refuse to start if duplicates are found. * Don't use udpfromto if source is INADDR_ANY. Closes bug #148. * Check pre-conditions before running radmin "inject file". * Don't over-ride "no match" with "match" for regexes. Closes bug #152. * Make retry and error message configurable in mschap. See raddb/modules/mschap * Allow EAP-MSCHAPv2 to send error message to client. This change allows some clients to prompt the user for a new password. See raddb/eap.conf, mschapv2 section, "send_error". * Load the default virtual server before any others. This matches what users expect, and reduces confusion. * Fix configure checks for udpfromto. Fixes Debian bug #606866 * Definitive fix for bug #35, where the server could crash under certain loads. Changes src/lib/packet.c to use RB trees. * Updated "configure" checks to allow IPv6 udpfromto on Linux. * SQL module now returns NOOP if the accounting start/interim/stop queries don't do anything. * Allow %{outer.control: ... } in string expansions * home_server coa config now matches raddb/proxy.conf * Never send a reply to a DHCP Release. * Sat Jan 1 2011 John Dennis <jdennis@xxxxxxxxxx> - 2.1.10-3 - bug 666589 - removing freeradius from system does not delete the user "radiusd" fix scriptlet argument testing, simplify always exiting with zero -------------------------------------------------------------------------------- ================================================================================ gdk-pixbuf2-2.22.0-2.fc14 (FEDORA-2011-8667) An image loading library -------------------------------------------------------------------------------- Update Information: It was found that gdk-pixbuf GIF image loader gdk_pixbuf__gif_image_load() routine did not properly handle certain return values from their subroutines. A remote attacker could provide a specially-crafted GIF image, which once opened in an application, linked against gdk-pixbuf would lead to gdk-pixbuf to return partially initialized pixbuf structure, possibly having huge width and height, leading to that particular application termination due excessive memory use. The CVE identifier of CVE-2011-2485 has been assigned to this issue. -------------------------------------------------------------------------------- ChangeLog: * Fri Jun 24 2011 Matthias Clasen <mclasen@xxxxxxxxxx> 2.22.0-2 - Don't return a partially initialized pixbuf structure from the GIF loader (CVE-2011-2485) * Wed Sep 29 2010 jkeating - 2.22.0-1.1 - Rebuilt for gcc bug 634757 -------------------------------------------------------------------------------- ================================================================================ ghc-cmdargs-0.7-2.fc14 (FEDORA-2011-8680) Haskell cmdargs -------------------------------------------------------------------------------- Update Information: Update to 0.7 -------------------------------------------------------------------------------- ChangeLog: * Wed May 11 2011 Ben Boeckel <mathstuf@xxxxxxxxx> - 0.7-2 - Update to cabal2spec-0.22.7 * Tue May 10 2011 Ben Boeckel <mathstuf@xxxxxxxxx> - 0.7-1 - Update to cabal2spec-0.22.6 * Thu Mar 10 2011 Fabio M. Di Nitto <fdinitto@xxxxxxxxxx> - 0.6.8-2 - Enable build on sparcv9 * Thu Feb 17 2011 Ben Boeckel <mathstuf@xxxxxxxxx> - 0.6.8-1 - Update to 0.6.8 * Tue Feb 8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.6.7-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild * Sat Jan 15 2011 Ben Boeckel <mathstuf@xxxxxxxxx> - 0.6.7-1 - Update to 0.6.7 * Sat Jan 15 2011 Ben Boeckel <mathstuf@xxxxxxxxx> - 0.6.5-2 - Update to cabal2spec-0.22.4 - Rebuild * Fri Dec 17 2010 Ben Boeckel <mathstuf@xxxxxxxxx> - 0.6.5-1 - Update to 0.6.5 -------------------------------------------------------------------------------- References: [ 1 ] Bug #693312 - ghc-cmdargs-0.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=693312 -------------------------------------------------------------------------------- ================================================================================ libvirt-qpid-0.2.22-3.fc14 (FEDORA-2011-8671) QPid QMF interface to Libvirt -------------------------------------------------------------------------------- Update Information: Fix package after ABI breakage of qpid-cpp-client -------------------------------------------------------------------------------- ChangeLog: * Thu May 5 2011 Daniel P. Berrange <berrange@xxxxxxxxxx> - 0.2.22-3 - Add fix for parallel make race condition - Add missing qpidtypes link flag * Thu May 5 2011 Daniel P. Berrange <berrange@xxxxxxxxxx> - Rebuild for QPid soname change * Tue Feb 8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.22-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ photoprint-0.4.2-0.2.pre2.fc14 (FEDORA-2011-8676) Utility for printing digital photographs -------------------------------------------------------------------------------- Update Information: bugfix update to latest upstream release, obsoleting the photoprint-borders package, whose content is included herein. -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 23 2011 Matt Domsch <mdomsch@xxxxxxxxxxxxxxxxx> - 0.4.2-0.2.pre2 - obsolete photoprint-borders, content is merged into photoprint by upstream * Thu Jun 23 2011 Matt Domsch <mdomsch@xxxxxxxxxxxxxxxxx> - 0.4.2-0.1.pre2 - update to 0.4.2-pre2, fixes FTBFS (BZ#599755) - requires updating gettext, libtool, autoreconf as well (done on Fedora 14) * Wed Feb 9 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.4.0-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #599755 - FTBFS photoprint-0.4.0-7.fc12 https://bugzilla.redhat.com/show_bug.cgi?id=599755 [ 2 ] Bug #694999 - [abrt] photoprint-0.4.0-7.fc12: ParseOptions: Process /usr/bin/photoprint was killed by signal 6 (SIGABRT) https://bugzilla.redhat.com/show_bug.cgi?id=694999 -------------------------------------------------------------------------------- ================================================================================ subversion-api-docs-1.6.17-1.fc14 (FEDORA-2011-8682) Subversion API documentation -------------------------------------------------------------------------------- Update Information: Docs update. -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 23 2011 Bojan Smojver <bojan@xxxxxxxxxxxxx> 1.6.17-1 - bump up to 1.6.17 -------------------------------------------------------------------------------- ================================================================================ sysprof-1.1.6-3.fc14 (FEDORA-2011-8670) A system-wide Linux profiler -------------------------------------------------------------------------------- Update Information: Add missing application icon -------------------------------------------------------------------------------- ChangeLog: * Fri Jun 24 2011 Gianluca Sforna <giallu@xxxxxxxxx> 1.1.6.3 - Fix missing icon (#558089) * Wed Feb 9 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.1.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #558089 - no icon in sysprof's menu entry https://bugzilla.redhat.com/show_bug.cgi?id=558089 -------------------------------------------------------------------------------- ================================================================================ xneur-0.13.0-1.fc14 (FEDORA-2011-8666) X Neural Switcher -------------------------------------------------------------------------------- Update Information: Update to 0.13 version -------------------------------------------------------------------------------- ChangeLog: * Fri Jun 24 2011 Pavel Alexeev <Pahan@xxxxxxxxxxxxx> - 0.13.0-1 - Update to 0.13 version (request bz#708922). -------------------------------------------------------------------------------- References: [ 1 ] Bug #708922 - Need update xneur to version 0.13 https://bugzilla.redhat.com/show_bug.cgi?id=708922 -------------------------------------------------------------------------------- ================================================================================ xsane-0.998-4.fc14 (FEDORA-2011-8681) X Window System front-end for the SANE scanner interface -------------------------------------------------------------------------------- Update Information: This update contains a fix for selecting the scan area in the preview window. -------------------------------------------------------------------------------- ChangeLog: * Wed Jun 1 2011 Nils Philippsen <nils@xxxxxxxxxx> - 0.998-4 - fix a problem in mouse event processing that interferes with selecting the scan rectangle in the preview window (#624190, patch by Reinhard Fössmeier) -------------------------------------------------------------------------------- References: [ 1 ] Bug #624190 - preview window: scan area selection broken https://bugzilla.redhat.com/show_bug.cgi?id=624190 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test