Fedora 14 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 14 Security updates need testing:

    https://admin.fedoraproject.org/updates/libvoikko-3.0-3.fc14
    https://admin.fedoraproject.org/updates/subversion-1.6.17-1.fc14
    https://admin.fedoraproject.org/updates/tomcat6-6.0.26-21.fc14
    https://admin.fedoraproject.org/updates/openldap-2.4.23-10.fc14
    https://admin.fedoraproject.org/updates/xen-4.0.2-1.fc14
    https://admin.fedoraproject.org/updates/oprofile-0.9.6-21.fc14
    https://admin.fedoraproject.org/updates/ejabberd-2.1.8-2.fc14
    https://admin.fedoraproject.org/updates/blender-2.49b-14.fc14
    https://admin.fedoraproject.org/updates/curl-7.21.0-8.fc14
    https://admin.fedoraproject.org/updates/weechat-0.3.5-1.fc14
    https://admin.fedoraproject.org/updates/libxml-1.8.17-27.fc14
    https://admin.fedoraproject.org/updates/syslog-ng-3.1.4-4.fc14
    https://admin.fedoraproject.org/updates/NetworkManager-0.8.4-2.git20110622.fc14
    https://admin.fedoraproject.org/updates/xulrunner-1.9.2.18-1.fc14,firefox-3.6.18-1.fc14,mozvoikko-1.0-22.fc14.1,perl-Gtk2-MozEmbed-0.08-6.fc14.27,gnome-web-photo-0.9-21.fc14.1,galeon-2.0.7-41.fc14.1,gnome-python2-extras-2.25.3-31.fc14.1,thunderbird-3.1.11-1.fc14
    https://admin.fedoraproject.org/updates/gdk-pixbuf2-2.22.0-2.fc14


The following Fedora 14 Critical Path updates have yet to be approved:

    https://admin.fedoraproject.org/updates/gdk-pixbuf2-2.22.0-2.fc14
    https://admin.fedoraproject.org/updates/curl-7.21.0-8.fc14
    https://admin.fedoraproject.org/updates/NetworkManager-0.8.4-2.git20110622.fc14
    https://admin.fedoraproject.org/updates/bash-4.1.7-4.fc14
    https://admin.fedoraproject.org/updates/python-slip-0.2.16-1.fc14
    https://admin.fedoraproject.org/updates/policycoreutils-2.0.85-30.1.fc14
    https://admin.fedoraproject.org/updates/system-config-keyboard-1.3.1-5.fc14
    https://admin.fedoraproject.org/updates/fedora-logos-14.0.2-1.fc14
    https://admin.fedoraproject.org/updates/gtk2-2.22.0-2.fc14
    https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-8.fc14.2
    https://admin.fedoraproject.org/updates/pygobject2-2.21.5-4.fc14
    https://admin.fedoraproject.org/updates/pcre-8.10-2.fc14
    https://admin.fedoraproject.org/updates/libpcap-1.1.1-3.fc14
    https://admin.fedoraproject.org/updates/xorg-x11-drv-qxl-0.0.21-3.fc14
    https://admin.fedoraproject.org/updates/evolution-exchange-2.32.3-1.fc14,evolution-data-server-2.32.3-1.fc14,evolution-2.32.3-1.fc14
    https://admin.fedoraproject.org/updates/xorg-x11-drv-nouveau-0.0.16-14.20101010git8c8f15c.fc14
    https://admin.fedoraproject.org/updates/libconcord-0.23-5.fc14,udev-161-9.fc14,concordance-0.23-2.fc14
    https://admin.fedoraproject.org/updates/openldap-2.4.23-10.fc14


The following builds have been pushed to Fedora 14 updates-testing

    boswars-addons-2.6-2
    freeradius-2.1.11-2.fc14
    gdk-pixbuf2-2.22.0-2.fc14
    ghc-cmdargs-0.7-2.fc14
    libvirt-qpid-0.2.22-3.fc14
    photoprint-0.4.2-0.2.pre2.fc14
    subversion-api-docs-1.6.17-1.fc14
    sysprof-1.1.6-3.fc14
    xneur-0.13.0-1.fc14
    xsane-0.998-4.fc14

Details about builds:


================================================================================
 boswars-addons-2.6-2 (FEDORA-2011-8658)
 Addon maps for Bos Wars real-time strategy game
--------------------------------------------------------------------------------
Update Information:

boswars-addons version needs to match boswars version.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jun 24 2011 Bruno Wolff III <bruno@xxxxxxxx> - 2.6-2
- Bump release to put in f14 updates.
* Tue May 31 2011 Bruno Wolff III <bruno@xxxxxxxx> - 2.6-1
- Use 2.6 compatible maps (resolves 659989)
- Correct license from GPLv2 to GPLv2+
- Require a compatible version of boswars
- Fix upstream URL
* Mon Feb  7 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.5-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 freeradius-2.1.11-2.fc14 (FEDORA-2011-8677)
 High-performance and highly configurable free RADIUS server
--------------------------------------------------------------------------------
Update Information:

Upgrade to latest upstream 2.1.11 release.

Plus fix logrotate script to perform reload (i.e. HUP) after log file is rotated.
Upgrade to latest upstream release, 2.1.11
See changelog for details

--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun 23 2011 John Dennis <jdennis@xxxxxxxxxx> - 2.1.11-2
- reload the server (i.e. HUP) after logrotate
* Wed Jun 22 2011 John Dennis <jdennis@xxxxxxxxxx> - 2.1.11-1
- Upgrade to latest upstream release: 2.1.11
- Remove the following two patches as upstream has incorporated them:
    freeradius-radtest-ipv6.patch
    freeradius-lt-dladvise.patch
- Upstream changelog for 2.1.11:
  Feature improvements
  * Added doc/rfc/rfc6158.txt: RADIUS Design Guidelines.
    All vendors need to read it and follow its directions.
  * Microsoft SoH support for PEAP from Phil Mayers.
    See doc/SoH.txt
  * Certificate "bootstrap" script now checks for certificate expiry.
    See comments in raddb/eap.conf, and then "make_cert_command".
  * Support for dynamic expansion of EAP-GTC challenges.
    Patch from Alexander Clouter.
  * OCSP support from Alex Bergmann.  See raddb/eap.conf, "ocsp"
    section.
  * Updated dictionary.huawei, dictionary.3gpp, dictionary.3gpp3.
  * Added dictionary.eltex, dictionary.motorola, and dictionary.ukerna.
  * Experimental redis support from Gabriel Blanchard.
    See raddb/modules/redis and raddb/modules/rediswho
  * Add "key" to rlm_fastusers.  Closes bug #126.
  * Added scripts/radtee from original software at
    http://horde.net/~jwm/software/misc/comparison-tee
  * Updated radmin "man" page for new commands.
  * radsniff now prints the hex decoding of the packet (-x -x -x)
  * mschap module now reloads its configuration on HUP
  * Added experimental "replicate" module.  See raddb/modules/replicate
  * Policy "foo" can now refer to module "foo".  This lets you
    over-ride the behavior of a module.
  * Policy "foo.authorize" can now over-ride the behavior of module
    "foo", "authorize" method.
  * Produce errors in more situations when the configuration files
    have invalid syntax.

  Bug fixes
  * Ignore pre/post-proxy sections if proxying is disabled
  * Add configure checks for pcap_fopen*.
  * Fix call to otp_write in rlm_otp
  * Fix issue with Access-Challenge checking from 2.1.10, when the
    debug flag was set after server startup.  Closes #116 and #117.
  * Fix typo in zombie period start time.
  * Fix leak in src/main/valuepair.c.  Patch from James Ballantine.
  * Allow radtest to use spaces in shared secret.
    Patch from Cedric Carree.
  * Remove extra calls to HMAC_CTX_init() in rlm_wimax, fixing leak.
    Patch from James Ballantine.
  * Remove MN-FA key generation.  The NAS does this, not AAA.
    Patch from Ben Weichman.
  * Include dictionary.mikrotik by default.  Closes bug #121.
  * Add group membership query to MS-SQL examples.  Closes bug #120.
  * Don't cast NAS-Port to integer in Postgresql queries.
    Closes bug #112.
  * Fixes for libtool and autoconf from Sam Hartman.
  * radsniff should read the dictionaries in more situations.
  * Use fnmatch to check for detail file reader==writer.
    Closes bug #128.
  * Check for short writes (i.e. disk full) in rlm_detail.
    Closes bug #130.  Patches and testing from John Morrissey.
  * Fix typo in src/lib/token.c.  Closes bug #124
  * Allow workstation trust accounts to use MS-CHAP.
    Closes bug #123.
  * Assigning foo=`/bin/echo hello` now produces a syntax error
    if it is done outside of an "update" section.
  * Fix "too many open file descriptors" problem when using
    "verify client" in eap.conf.
  * Many fixes to dialup_admin for PHP5, by Stefan Winter.
  * Allow preprocess module to have "hints = " and "huntgroups =",
    which allows them to be empty or non-existent.
  * Renamed "php3" files to "php" in dialup_admin/
  * Produce error when sub-TLVs are used in a dictionary.  They are
    supported only in the "master" branch, and not in 2.1.x.
  * Minor fix in dictionary.redback.  Closes bug #138.
  * Fixed MySQL "NULL" issues in ippool.conf.  Closes bug #129.
  * Fix to Access-Challenge warning from Ken-ichirou Matsuzawa.
    Closes bug #118.
  * DHCP fixes to send unicast packets in more situations.
  * Fix to udpfromto, to enable it to work on IPv6 networks.
  * Fixes to the Oracle accounting_onoff_query.
  * When using both IPv4 and IPv6 home servers, ensure that we use the
    correct local socket for proxying.  Closes bug #143.
  * Suppress messages when thread pool is nearly full, all threads
    are busy, and we can't create new threads.
  * IPv6 is now enabled for udpfromto.  Closes bug #141
  * Make sqlippool query buffer the same size as sql module.
    Closes bug #139.
  * Make Coa / Disconnect proxying work again.
  * Configure scripts for rlm_caching from Nathaniel McCallum
  * src/lib/dhcp.c and src/include/libradius.h are LGPL, not GPL.
  * Updated password routines to use time-insensitive comparisons.
    This prevents timing attacks (though none are known).
  * Allow sqlite module to do normal SELECT queries.
  * rlm_wimax now has a configure script
  * Moved Ascend, USR, and Motorola "illegal" dictionaries to separate
    files.  See share/dictionary for explanations.
  * Check for duplicate module definitions in the modules{} section,
    and refuse to start if duplicates are found.
  * Check for duplicate virtual servers, and refuse to start if
    duplicates are found.
  * Don't use udpfromto if source is INADDR_ANY.  Closes bug #148.
  * Check pre-conditions before running radmin "inject file".
  * Don't over-ride "no match" with "match" for regexes.
    Closes bug #152.
  * Make retry and error message configurable in mschap.
    See raddb/modules/mschap
  * Allow EAP-MSCHAPv2 to send error message to client.  This change
    allows some clients to prompt the user for a new password.
    See raddb/eap.conf, mschapv2 section, "send_error".
  * Load the default virtual server before any others.
    This matches what users expect, and reduces confusion.
  * Fix configure checks for udpfromto.  Fixes Debian bug #606866
  * Definitive fix for bug #35, where the server could crash under
    certain loads.  Changes src/lib/packet.c to use RB trees.
  * Updated "configure" checks to allow IPv6 udpfromto on Linux.
  * SQL module now returns NOOP if the accounting start/interim/stop
    queries don't do anything.
  * Allow %{outer.control: ... } in string expansions
  * home_server coa config now matches raddb/proxy.conf
  * Never send a reply to a DHCP Release.
* Sat Jan  1 2011 John Dennis <jdennis@xxxxxxxxxx> - 2.1.10-3
- bug 666589 - removing freeradius from system does not delete the user "radiusd"
  fix scriptlet argument testing, simplify always exiting with zero
--------------------------------------------------------------------------------


================================================================================
 gdk-pixbuf2-2.22.0-2.fc14 (FEDORA-2011-8667)
 An image loading library
--------------------------------------------------------------------------------
Update Information:

It was found that gdk-pixbuf GIF image loader gdk_pixbuf__gif_image_load() routine did not properly handle certain return values from their subroutines. A remote attacker could provide a specially-crafted GIF image, which once opened in an application, linked against gdk-pixbuf would lead to gdk-pixbuf
to return partially initialized pixbuf structure, possibly having huge width and height, leading to that particular application termination due excessive memory use.

The CVE identifier of CVE-2011-2485 has been assigned to this issue.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jun 24 2011 Matthias Clasen <mclasen@xxxxxxxxxx> 2.22.0-2
- Don't return a partially initialized pixbuf structure
  from the GIF loader (CVE-2011-2485)
* Wed Sep 29 2010 jkeating - 2.22.0-1.1
- Rebuilt for gcc bug 634757
--------------------------------------------------------------------------------


================================================================================
 ghc-cmdargs-0.7-2.fc14 (FEDORA-2011-8680)
 Haskell cmdargs
--------------------------------------------------------------------------------
Update Information:

Update to 0.7
--------------------------------------------------------------------------------
ChangeLog:

* Wed May 11 2011 Ben Boeckel <mathstuf@xxxxxxxxx> - 0.7-2
- Update to cabal2spec-0.22.7
* Tue May 10 2011 Ben Boeckel <mathstuf@xxxxxxxxx> - 0.7-1
- Update to cabal2spec-0.22.6
* Thu Mar 10 2011 Fabio M. Di Nitto <fdinitto@xxxxxxxxxx> - 0.6.8-2
- Enable build on sparcv9
* Thu Feb 17 2011 Ben Boeckel <mathstuf@xxxxxxxxx> - 0.6.8-1
- Update to 0.6.8
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.6.7-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Sat Jan 15 2011 Ben Boeckel <mathstuf@xxxxxxxxx> - 0.6.7-1
- Update to 0.6.7
* Sat Jan 15 2011 Ben Boeckel <mathstuf@xxxxxxxxx> - 0.6.5-2
- Update to cabal2spec-0.22.4
- Rebuild
* Fri Dec 17 2010 Ben Boeckel <mathstuf@xxxxxxxxx> - 0.6.5-1
- Update to 0.6.5
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #693312 - ghc-cmdargs-0.7 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=693312
--------------------------------------------------------------------------------


================================================================================
 libvirt-qpid-0.2.22-3.fc14 (FEDORA-2011-8671)
 QPid QMF interface to Libvirt
--------------------------------------------------------------------------------
Update Information:

Fix package after ABI breakage of qpid-cpp-client
--------------------------------------------------------------------------------
ChangeLog:

* Thu May  5 2011 Daniel P. Berrange <berrange@xxxxxxxxxx> - 0.2.22-3
- Add fix for parallel make race condition
- Add missing qpidtypes link flag
* Thu May  5 2011 Daniel P. Berrange <berrange@xxxxxxxxxx>
- Rebuild for QPid soname change
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.22-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 photoprint-0.4.2-0.2.pre2.fc14 (FEDORA-2011-8676)
 Utility for printing digital photographs
--------------------------------------------------------------------------------
Update Information:

bugfix update to latest upstream release, obsoleting the
photoprint-borders package, whose content is included herein.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun 23 2011 Matt Domsch <mdomsch@xxxxxxxxxxxxxxxxx> - 0.4.2-0.2.pre2
- obsolete photoprint-borders, content is merged into photoprint by upstream
* Thu Jun 23 2011 Matt Domsch <mdomsch@xxxxxxxxxxxxxxxxx> - 0.4.2-0.1.pre2
- update to 0.4.2-pre2, fixes FTBFS (BZ#599755)
- requires updating gettext, libtool, autoreconf as well (done on Fedora 14)
* Wed Feb  9 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.4.0-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #599755 - FTBFS photoprint-0.4.0-7.fc12
        https://bugzilla.redhat.com/show_bug.cgi?id=599755
  [ 2 ] Bug #694999 - [abrt] photoprint-0.4.0-7.fc12: ParseOptions: Process /usr/bin/photoprint was killed by signal 6 (SIGABRT)
        https://bugzilla.redhat.com/show_bug.cgi?id=694999
--------------------------------------------------------------------------------


================================================================================
 subversion-api-docs-1.6.17-1.fc14 (FEDORA-2011-8682)
 Subversion API documentation
--------------------------------------------------------------------------------
Update Information:

Docs update.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun 23 2011 Bojan Smojver <bojan@xxxxxxxxxxxxx> 1.6.17-1
- bump up to 1.6.17
--------------------------------------------------------------------------------


================================================================================
 sysprof-1.1.6-3.fc14 (FEDORA-2011-8670)
 A system-wide Linux profiler
--------------------------------------------------------------------------------
Update Information:

Add missing application icon
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jun 24 2011 Gianluca Sforna <giallu@xxxxxxxxx> 1.1.6.3
- Fix missing icon (#558089)
* Wed Feb  9 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.1.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #558089 - no icon in sysprof's menu entry
        https://bugzilla.redhat.com/show_bug.cgi?id=558089
--------------------------------------------------------------------------------


================================================================================
 xneur-0.13.0-1.fc14 (FEDORA-2011-8666)
 X Neural Switcher
--------------------------------------------------------------------------------
Update Information:

Update to 0.13 version
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jun 24 2011 Pavel Alexeev <Pahan@xxxxxxxxxxxxx> - 0.13.0-1
- Update to 0.13 version (request bz#708922).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #708922 - Need update xneur to version 0.13
        https://bugzilla.redhat.com/show_bug.cgi?id=708922
--------------------------------------------------------------------------------


================================================================================
 xsane-0.998-4.fc14 (FEDORA-2011-8681)
 X Window System front-end for the SANE scanner interface
--------------------------------------------------------------------------------
Update Information:

This update contains a fix for selecting the scan area in the preview window.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun  1 2011 Nils Philippsen <nils@xxxxxxxxxx> - 0.998-4
- fix a problem in mouse event processing that interferes with selecting the
  scan rectangle in the preview window (#624190, patch by Reinhard Fössmeier)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #624190 - preview window: scan area selection broken
        https://bugzilla.redhat.com/show_bug.cgi?id=624190
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe: 
https://admin.fedoraproject.org/mailman/listinfo/test



[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux