The following Fedora 15 Security updates need testing:
https://admin.fedoraproject.org/updates/ecryptfs-utils-90-1.fc15
https://admin.fedoraproject.org/updates/foomatic-4.0.7-3.fc15
https://admin.fedoraproject.org/updates/samba-3.5.11-71.fc15.1
https://admin.fedoraproject.org/updates/freetype-2.4.4-5.fc15
https://admin.fedoraproject.org/updates/clamav-0.97.2-1500.fc15
https://admin.fedoraproject.org/updates/bugzilla-3.6.6-1.fc15
https://admin.fedoraproject.org/updates/libmodplug-0.8.8.4-1.fc15
https://admin.fedoraproject.org/updates/cgit-0.9.0.2-2.fc15
https://admin.fedoraproject.org/updates/libvpx-0.9.7-1.fc15
https://admin.fedoraproject.org/updates/zabbix-1.8.6-1.fc15
https://admin.fedoraproject.org/updates/dhcp-4.2.1-10.P1.fc15
The following Fedora 15 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/gnome-settings-daemon-3.0.1-8.fc15
https://admin.fedoraproject.org/updates/libdb-5.1.25-3.fc15
https://admin.fedoraproject.org/updates/tzdata-2011h-2.fc15
https://admin.fedoraproject.org/updates/yum-utils-1.1.31-1.fc15
https://admin.fedoraproject.org/updates/xfce4-notifyd-0.2.2-1.fc15
https://admin.fedoraproject.org/updates/libtalloc-2.0.6-1.fc15
https://admin.fedoraproject.org/updates/selinux-policy-3.9.16-38.fc15
https://admin.fedoraproject.org/updates/perl-Compress-Raw-Lzma-2.036-2.fc15,xz-5.0.3-1.fc15
https://admin.fedoraproject.org/updates/kernel-2.6.40-3.fc15
https://admin.fedoraproject.org/updates/cyrus-sasl-2.1.23-18.fc15
https://admin.fedoraproject.org/updates/pinentry-0.8.1-4.fc15
https://admin.fedoraproject.org/updates/sendmail-8.14.5-3.fc15
https://admin.fedoraproject.org/updates/nspr-4.8.8-4.fc15
https://admin.fedoraproject.org/updates/nss-softokn-3.12.10-4.fc15
https://admin.fedoraproject.org/updates/mash-0.5.22-1.fc15
https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-14.fc15.1
https://admin.fedoraproject.org/updates/lldpad-0.9.41-3.fc15
https://admin.fedoraproject.org/updates/libfprint-0.4.0-1.fc15,fprintd-0.4.1-1.fc15
The following builds have been pushed to Fedora 15 updates-testing
389-admin-1.1.22-1.fc15
389-admin-1.1.23-1.fc15
certmonger-0.45-1.fc15
dhcp-4.2.1-10.P1.fc15
ecryptfs-utils-90-1.fc15
florist-2011-6.fc15
freewrl-1.22.12-0.3.pre2.fc15
ghostscript-9.04-1.fc15
gkrellm-weather-2.0.8-1.fc15
gnome-settings-daemon-3.0.1-8.fc15
jopt-simple-3.3-3.fc15
libdb-5.1.25-3.fc15
libmx-1.2.1-1.fc15
netcdf-4.1.1-6.fc15
papi-4.1.3-2.fc15
pekwm-0.1.13-1.fc15
perl-Dancer-1.3071-1.fc15
perl-Hash-Diff-0.005-1.fc15
perl-IO-Stty-0.03-2.fc15
perl-Test-Spelling-0.14-1.fc15
php-libvirt-0.4.3-1.fc15
php-pear-Mail-Mime-1.8.2-1.fc15
python-fedora-0.3.24-3.fc15
selinux-policy-3.9.16-38.fc15
shorewall-4.4.22-2.fc15
tzdata-2011h-2.fc15
volumeicon-0.4.1-3.fc15
wicd-1.7.0-9.fc15
xmlrpc-c-1.25.4-1500.svn2077.fc15
Details about builds:
================================================================================
389-admin-1.1.22-1.fc15 (FEDORA-2011-10708)
389 Administration Server (admin)
--------------------------------------------------------------------------------
Update Information:
Bug 724808 - startup CGIs write temp file to /
add man pages for ds_removal and ds_unregister
fixes for the makeUpgradeTar.sh script
bugfix
several tls/ssl and migration bug fixes
Rebuild with 389-adminutil-1.1.14
look for separate openldap ldif library
skip rebranding current brand - add support for different skins
Explicitly disable the use of systemd in 389 initscripts
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 11 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.22-1
- Bug 724808 - startup CGIs write temp file to /
- add man pages for ds_removal and ds_unregister
- fixes for the makeUpgradeTar.sh script
* Tue Aug 2 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.21-1
- Bug 476925 - Admin Server: Do not allow 8-bit passwords for the admin user
* Tue Jul 5 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.20-2
- bump rel to rebuild with 389-adminutil-1.1.14
* Tue Jul 5 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.20-1
- Bug 719056 - migrate-ds-admin.pl needs to update SELinux policy
- Bug 718285 - AdminServer should use "service" command instead of start/stop/restart scripts
- Bug 718079 - Perl errors when running migrate-ds-admin.pl
- Bug 713000 - Migration stops if old admin server cannot be stopped
- added tests for the security cgi
- fix typo in NSS_Shutdown warning message
- better NSS error handling - reduce memory leaks
- Bug 710372 - Not able to open the Manage Certificate from DS-console
* Thu Jun 30 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.19-2
- bump rev to rebuild with 389-adminutil-1.1.14
* Tue Jun 28 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.19-1
- look for separate openldap ldif library
* Tue Jun 21 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.18-1
- skip rebranding current brand
- support for skins
* Fri May 13 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.17-1
- 1.1.17
- support "in-place" upgrade and rebranding from Red Hat to 389
- many fixes for coverity issues
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #724808 - startup CGIs write temp file to /
https://bugzilla.redhat.com/show_bug.cgi?id=724808
[ 2 ] Bug #476925 - Admin Server: Do not allow 8-bit passwords for the admin user
https://bugzilla.redhat.com/show_bug.cgi?id=476925
[ 3 ] Bug #719056 - migrate-ds-admin.pl needs to update SELinux policy
https://bugzilla.redhat.com/show_bug.cgi?id=719056
[ 4 ] Bug #718285 - AdminServer should use "service" command instead of start/stop/restart scripts
https://bugzilla.redhat.com/show_bug.cgi?id=718285
[ 5 ] Bug #718079 - Perl errors when running migrate-ds-admin.pl
https://bugzilla.redhat.com/show_bug.cgi?id=718079
[ 6 ] Bug #713000 - Migration stops if old admin server cannot be stopped
https://bugzilla.redhat.com/show_bug.cgi?id=713000
[ 7 ] Bug #710372 - Not able to open the Manage Certificate from DS-console
https://bugzilla.redhat.com/show_bug.cgi?id=710372
[ 8 ] Bug #699835 - service command is not fully backwards compatible with 389-ds-base
https://bugzilla.redhat.com/show_bug.cgi?id=699835
--------------------------------------------------------------------------------
================================================================================
389-admin-1.1.23-1.fc15 (FEDORA-2011-10735)
389 Administration Server (admin)
--------------------------------------------------------------------------------
Update Information:
fix selinux policy during upgrade
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 11 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.23-1
- Bug 730079 - Update SELinux policy during upgrades
* Thu Aug 11 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.22-1
- Bug 724808 - startup CGIs write temp file to /
- add man pages for ds_removal and ds_unregister
- fixes for the makeUpgradeTar.sh script
* Tue Aug 2 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.21-1
- Bug 476925 - Admin Server: Do not allow 8-bit passwords for the admin user
* Tue Jul 5 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.20-2
- bump rel to rebuild with 389-adminutil-1.1.14
* Tue Jul 5 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.20-1
- Bug 719056 - migrate-ds-admin.pl needs to update SELinux policy
- Bug 718285 - AdminServer should use "service" command instead of start/stop/restart scripts
- Bug 718079 - Perl errors when running migrate-ds-admin.pl
- Bug 713000 - Migration stops if old admin server cannot be stopped
- added tests for the security cgi
- fix typo in NSS_Shutdown warning message
- better NSS error handling - reduce memory leaks
- Bug 710372 - Not able to open the Manage Certificate from DS-console
* Thu Jun 30 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.19-2
- bump rev to rebuild with 389-adminutil-1.1.14
* Tue Jun 28 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.19-1
- look for separate openldap ldif library
* Tue Jun 21 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.18-1
- skip rebranding current brand
- support for skins
* Fri May 13 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.17-1
- 1.1.17
- support "in-place" upgrade and rebranding from Red Hat to 389
- many fixes for coverity issues
--------------------------------------------------------------------------------
================================================================================
certmonger-0.45-1.fc15 (FEDORA-2011-10721)
Certificate status monitor and PKI enrollment client
--------------------------------------------------------------------------------
Update Information:
This update rolls up a large number of bug fixes, but the main user-visible changes are:
* the "getcert" command now suppresses the technical details of certain error messages unless it is now invoked with the "-v" flag
* if key generation fails because the daemon can't access an NSS database due to an incorrect or missing PIN, the daemon will now recover if the correct PIN is supplied via the "getcert resubmit" command
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 11 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> 0.45-1
- modify the systemd .service file to be a proper 'dbus' service (more
of #718172)
* Thu Aug 11 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> 0.44-1
- check specifically for cases where a specified token that we need to
use just isn't present for whatever reason (#697058)
* Wed Aug 10 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> 0.43-1
- add a -K option to ipa-submit, to use the current ccache, which makes
it easier to test
* Fri Aug 5 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx>
- if xmlrpc-c's struct xmlrpc_curl_xportparms has a gss_delegate field, set
it to TRUE when we're doing Negotiate auth (#727864, #727863, #727866)
* Wed Jul 13 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx>
- treat the ability to access keys in an NSS database without using a PIN,
when we've been told we need one, as an error (#692766)
- when handling "getcert resubmit" requests, if we don't have a key yet,
make sure we go all the way back to generating one (#694184)
- getcert: try to clean up tests for NSS and PEM file locations (#699059)
- don't try to set reconnect-on-exit policy unless we managed to connect
to the bus (#712500)
- handle cases where we specify a token but the storage token isn't
known (#699552)
- getcert: recognize -i and storage options to narrow down which requests
the user wants to know about (#698772)
- output hints when the daemon has startup problems, too (#712075)
- add flags to specify whether we're bus-activated or not, so that we can
exit if we have nothing to do after handling a request received over
the bus if some specified amount of time has passed
- explicitly disallow non-root access in the D-Bus configuration (#712072)
- migrate to systemd on releases newer than Fedora 15 or RHEL 6 (#718172)
- fix a couple of incorrect calls to talloc_asprintf() (#721392)
* Wed Apr 13 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> 0.42-1
- getcert: fix a buffer overrun preparing a request for the daemon when
there are more parameters to encode than space in the array (#696185)
- updated translations: de, es, id, pl, ru, uk
* Mon Apr 11 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> 0.41-1
- read information about the keys we've just generated before proceeding
to generating a CSR (part of #694184, part of #695675)
- when processing a "resubmit" request from getcert, go back to key
generation if we don't have keys yet, else go back to CSR generation as
before (#694184, #695675)
- configure with --with-tmpdir=/var/run/certmonger and own /var/run/certmonger
(#687899), and add a systemd tmpfiles.d control file for creating
/var/run/certmonger on Fedora 15 and later
- let session instances exit when they get disconnected from the bus
- use a lock file to make sure there's only one session instance messing
around with the user's files at a time
- fix errors saving certificates to NSS databases when there's already a
certificate there with the same nickname (#695672)
- make key and certificate location output from 'getcert list' more properly
translatable (#7)
* Mon Mar 28 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> 0.40-1
- update to 0.40
- fix validation check on EKU OIDs in getcert (#691351)
- get session bus mode sorted
- add a list of recognized EKU values to the getcert-request man page
* Fri Mar 25 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> 0.39-1
- update to 0.39
- fix use of an uninitialized variable in the xmlrpc-based submission
helpers (#690886)
* Thu Mar 24 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> 0.38-1
- update to 0.38
- catch cases where we can't read a PIN file, but we never have to log
in to the token to access the private key (more of #688229)
* Tue Mar 22 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> 0.37-1
- update to 0.37
- be more careful about checking if we can read a PIN file successfully
before we even call an API that might need us to try (#688229)
- fix strict aliasing warnings
* Tue Mar 22 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> 0.36-1
- update to 0.36
- fix some use-after-free bugs in the daemon (#689776)
- fix a copy/paste error in certmonger-ipa-submit(8)
- getcert now suppresses error details when not given its new -v option
(#683926, more of #681641/#652047)
- updated translations
- de, es, pl, ru, uk
- indonesian translation is now for "id" rather than "in"
--------------------------------------------------------------------------------
================================================================================
dhcp-4.2.1-10.P1.fc15 (FEDORA-2011-10740)
Dynamic host configuration protocol software
--------------------------------------------------------------------------------
Update Information:
This update fixes a pair of defects that could cause the server to halt upon processing certain packets.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 11 2011 Jiri Popelka <jpopelka@xxxxxxxxxx> - 12:4.2.1-10.P1
- A pair of defects cause the server to halt upon processing certain packets
(CVE-2011-2748, CVE-2011-2749, #729850)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #729382 - CVE-2011-2748 CVE-2011-2749 dhcp: denial of service flaws
https://bugzilla.redhat.com/show_bug.cgi?id=729382
--------------------------------------------------------------------------------
================================================================================
ecryptfs-utils-90-1.fc15 (FEDORA-2011-10733)
The eCryptfs mount helper and support libraries
--------------------------------------------------------------------------------
Update Information:
- privilege escalation via mountpoint race conditions (CVE-2011-1831, CVE-2011-1832)
- race condition when checking source during mount (CVE-2011-1833)
- mtab corruption via improper handling (CVE-2011-1834)
- key poisoning via insecure temp directory handling (CVE-2011-1835)
- information disclosure via recovery mount in /tmp (CVE-2011-1836)
- arbitrary file overwrite via lock counter race (CVE-2011-1837)
- improve logging messages of ecryptfs pam module
- keep own copy of passphrase, pam clears it too early
- keyring from auth stack does not survive, use pam_data and delayed keyring initialization
- keyring from auth stack does not survive, use pam_data and delayed keyring initialization
- keyring from auth stack does not survive, use pam_data and delayed keyring initialization
- improve logging messages of ecryptfs pam module
- keep own copy of passphrase, pam clears it too early
- keyring from auth stack does not survive, use pam_data and delayed keyring initialization
- keyring from auth stack does not survive, use pam_data and delayed keyring initialization
- keyring from auth stack does not survive, use pam_data and delayed keyring initialization
- improve logging messages of ecryptfs pam module
- keep own copy of passphrase, pam clears it too early
- keyring from auth stack does not survive, use pam_data and delayed keyring initialization
- keyring from auth stack does not survive, use pam_data and delayed keyring initialization
- keyring from auth stack does not survive, use pam_data and delayed keyring initialization
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 11 2011 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 90-1
- security fixes:
- privilege escalation via mountpoint race conditions (CVE-2011-1831, CVE-2011-1832)
- race condition when checking source during mount (CVE-2011-1833)
- mtab corruption via improper handling (CVE-2011-1834)
- key poisoning via insecure temp directory handling (CVE-2011-1835)
- information disclosure via recovery mount in /tmp (CVE-2011-1836)
- arbitrary file overwrite via lock counter race (CVE-2011-1837)
* Tue Aug 9 2011 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 87-9
- improve logging messages of ecryptfs pam module
- keep own copy of passphrase, pam clears it too early
* Wed Aug 3 2011 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 87-8
- keyring from auth stack does not survive, use pam_data and delayed
keyring initialization
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #729465 - CVE-2011-1831 CVE-2011-1832 CVE-2011-1833 CVE-2011-1834 CVE-2011-1835 CVE-2011-1836 CVE-2011-1837 ecryptfs: multiple flaws to mount/umount arbitrary locations and possibly disclose confidential information
https://bugzilla.redhat.com/show_bug.cgi?id=729465
--------------------------------------------------------------------------------
================================================================================
florist-2011-6.fc15 (FEDORA-2011-10745)
Open-source implementation of IEEE Standard 1003.5b-1996
--------------------------------------------------------------------------------
Update Information:
Initial package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #727664 - Review Request: florist - Open-source implementation of IEEE Standard 1003.5b-1996
https://bugzilla.redhat.com/show_bug.cgi?id=727664
--------------------------------------------------------------------------------
================================================================================
freewrl-1.22.12-0.3.pre2.fc15 (FEDORA-2011-10714)
X3D / VRML visualization program
--------------------------------------------------------------------------------
Update Information:
New package - freewrl
FreeWRL is an X3D / VRML visualization program.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #726210 - Review Request: freewrl - X3D / VRML visualization program
https://bugzilla.redhat.com/show_bug.cgi?id=726210
--------------------------------------------------------------------------------
================================================================================
ghostscript-9.04-1.fc15 (FEDORA-2011-10730)
A PostScript interpreter and renderer
--------------------------------------------------------------------------------
Update Information:
New upstream release fixing several bugs.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 1 2011 Tim Waugh <twaugh@xxxxxxxxxx> 9.04-1
- 9.04.
* Mon Aug 1 2011 Tim Waugh <twaugh@xxxxxxxxxx> 9.02-5
- No longer need jbig2-image-refcount patch.
- Fixed error reporting in the gstoraster filter.
* Wed May 25 2011 Tim Waugh <twaugh@xxxxxxxxxx> 9.02-4
- colord is optional (bug #706619).
* Tue Apr 12 2011 Tim Waugh <twaugh@xxxxxxxxxx> 9.02-3
- Prevent segfault when running gstoraster outside CUPS.
* Thu Apr 7 2011 Tim Waugh <twaugh@xxxxxxxxxx>
- Remove bundled expat directory. Not used, but this makes it
clearer.
* Wed Apr 6 2011 Tim Waugh <twaugh@xxxxxxxxxx> 9.02-2
- pxl: match landscape page sizes (bug #692165).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #652152 - gs -sDEVICE=x11alpha pdf crashes
https://bugzilla.redhat.com/show_bug.cgi?id=652152
[ 2 ] Bug #667930 - missing directory owner
https://bugzilla.redhat.com/show_bug.cgi?id=667930
[ 3 ] Bug #589569 - [abrt] crash in ghostscript-8.71-9.fc13: __memcpy_ssse3: Process /usr/bin/gs was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=589569
[ 4 ] Bug #640264 - gv barfs on some PDFs from Adobe InDesign
https://bugzilla.redhat.com/show_bug.cgi?id=640264
--------------------------------------------------------------------------------
================================================================================
gkrellm-weather-2.0.8-1.fc15 (FEDORA-2011-10723)
Weather plugin for GKrellM
--------------------------------------------------------------------------------
Update Information:
* fixed sprintf buffer overflows
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 10 2011 Adam Goode <adam@xxxxxxxxxxxxx> - 2.0.8-1
- New upstream release
* fixed sprintf buffer overflows
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #680888 - gkrellm-weather-2.0.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=680888
[ 2 ] Bug #724013 - Incorrect URL in 'rpm -qi' output
https://bugzilla.redhat.com/show_bug.cgi?id=724013
--------------------------------------------------------------------------------
================================================================================
gnome-settings-daemon-3.0.1-8.fc15 (FEDORA-2011-10732)
The daemon sharing settings from GNOME to GTK+/KDE applications
--------------------------------------------------------------------------------
Update Information:
Invert the handling of the Tablet PC gsettings key. The driver expects the property to be enabled when TPC is disabled and the other way round.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 12 2011 Peter Hutterer <peter.hutterer@xxxxxxxxxx> 3.0.1-7
- Invert TPCButton behaviour in wacom (#708894)
* Mon Jun 13 2011 Marek Kasik <mkasik@xxxxxxxxxx> 3.0.1-7
- Remove requirement of system-config-printer-udev (#704381)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #708894 - TabletPCButton parameter is on by default
https://bugzilla.redhat.com/show_bug.cgi?id=708894
--------------------------------------------------------------------------------
================================================================================
jopt-simple-3.3-3.fc15 (FEDORA-2011-10724)
A Java command line parser
--------------------------------------------------------------------------------
Update Information:
A Java library for parsing command line options.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #700427 - Review Request: jopt-simple - A Java command line parser
https://bugzilla.redhat.com/show_bug.cgi?id=700427
--------------------------------------------------------------------------------
================================================================================
libdb-5.1.25-3.fc15 (FEDORA-2011-10707)
The Berkeley DB database library for C
--------------------------------------------------------------------------------
Update Information:
An update to provide libdb as a multilib'd library.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 9 2011 Jindrich Novy <jnovy@xxxxxxxxxx> 5.1.25-3
- bump and rebuild because of multilib issues (#729250)
--------------------------------------------------------------------------------
================================================================================
libmx-1.2.1-1.fc15 (FEDORA-2011-10744)
A clutter widget toolkit
--------------------------------------------------------------------------------
Update Information:
1.2.1 bugfix release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 11 2011 Peter Robinson <pbrobinson@xxxxxxxxx> 1.2.1-1
- 1.2.1
--------------------------------------------------------------------------------
================================================================================
netcdf-4.1.1-6.fc15 (FEDORA-2011-10737)
Libraries for the Unidata network Common Data Form
--------------------------------------------------------------------------------
Update Information:
Fix arm build
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 11 2011 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - 4.1.1-6
- Add ARM to valgrind excludes
--------------------------------------------------------------------------------
================================================================================
papi-4.1.3-2.fc15 (FEDORA-2011-10715)
Performance Application Programming Interface
--------------------------------------------------------------------------------
Update Information:
Rebase on papi-4.1.3.
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 12 2011 William Cohen <wcohen@xxxxxxxxxx> - 4.1.3-2
- Use corrected papi-4.1.3.
* Thu May 12 2011 William Cohen <wcohen@xxxxxxxxxx> - 4.1.3-1
- Rebase to papi-4.1.3
--------------------------------------------------------------------------------
================================================================================
pekwm-0.1.13-1.fc15 (FEDORA-2011-10728)
A small and flexible window manager
--------------------------------------------------------------------------------
Update Information:
Pekwm is a window manager that once up on a time was based on the aewm++ window
manager, but it has evolved enough that it no longer resembles aewm++ at all.
It has a much expanded feature-set, including window grouping (similar to ion,
pwm, or fluxbox), autoproperties, xinerama, keygrabber that supports keychains,
and much more.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 10 2011 Germán A. Racca <skytux@xxxxxxxxxxxxxxxxx> 0.1.13-1
- Updated to new version
- Removed the old patch and applied a new one to fix a similar issue
- Removed indentation of list items in %{description}
--------------------------------------------------------------------------------
================================================================================
perl-Dancer-1.3071-1.fc15 (FEDORA-2011-10703)
Lightweight yet powerful web application framework
--------------------------------------------------------------------------------
Update Information:
1.3071 26.07.2011 Security release based on 1.3070 [ SECURITY ] * FIX directory traversal issue Since 1.3070, it was possible to abuse the static file serving feature to obtain files from a directory immediately above the directory configured to serve static files from.
Full log at:
http://cpansearch.perl.org/src/SUKRIA/Dancer-1.3071/CHANGES
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #729504 - perl-Dancer: please update to version 1.3071
https://bugzilla.redhat.com/show_bug.cgi?id=729504
--------------------------------------------------------------------------------
================================================================================
perl-Hash-Diff-0.005-1.fc15 (FEDORA-2011-10702)
Return difference between to hashes as a hash
--------------------------------------------------------------------------------
Update Information:
This perl modules returns the difference between two hashes as a hash.
--------------------------------------------------------------------------------
================================================================================
perl-IO-Stty-0.03-2.fc15 (FEDORA-2011-10706)
Change and print terminal line settings
--------------------------------------------------------------------------------
Update Information:
This is the PERL POSIX compliant stty.
This has not been tailored to the IO::File stuff but will work with it as indicated. Before you go futzing with term parameters it's a good idea to grab the current settings and restore them when you finish.
stty accepts the following non-option arguments that change aspects of the terminal line operation. A `[-]' before a capability means that it can be turned off by preceding it with a `-'.
--------------------------------------------------------------------------------
================================================================================
perl-Test-Spelling-0.14-1.fc15 (FEDORA-2011-10731)
Check for spelling errors in POD files
--------------------------------------------------------------------------------
Update Information:
This is an update to the latest upstream release, containing a large number of bug fixes and enhancements:
* Remove temporary files more aggressively (CPAN RT#41586)
* Add set_pod_file_filter for skipping translations, etc. (CPAN RT#63755)
* Skip tests in all_pod_files_spelling_ok if there is no working spellchecker
* Provide a has_working_spellchecker so you can skip your own tests if there's no working spellchecker
* Rewrite and modernize a lot of the documentation
* Decruftify code, such as by using Exporter and lexical filehandles
* Support .plx files
* Make alternatives checking more robust by reading the spellchecker's STDERR
* Fix an error when using add_stopwords("constant","strings") (CPAN RT#68471)
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 27 2011 Paul Howarth <paul@xxxxxxxxxxxx> - 0.14-1
- Update to 0.14:
- Fix an error when using add_stopwords("constant","strings") (CPAN RT#68471)
* Wed Apr 27 2011 Paul Howarth <paul@xxxxxxxxxxxx> - 0.13-1
- Update to 0.13:
- Make alternatives checking more robust by reading the spellchecker's STDERR
* Tue Apr 26 2011 Paul Howarth <paul@xxxxxxxxxxxx> - 0.12-1
- Update to 0.12:
- Best Practical has taken over maintainership of this module
- Try various spellcheck programs instead of hardcoding the ancient `spell`
(CPAN RT#56483)
- Remove temporary files more aggressively (CPAN RT#41586)
- Fixed by not creating them at all - instead we now use IPC::Open3
- Remove suggestion to use broken `aspell -l` (CPAN RT#28967)
- Add set_pod_file_filter for skipping translations, etc. (CPAN RT#63755)
- Skip tests in all_pod_files_spelling_ok if there is no working spellchecker
- Provide a has_working_spellchecker so you can skip your own tests if
there's no working spellchecker
- Switch to Module::Install
- Rewrite and modernize a lot of the documentation
- Decruftify code, such as by using Exporter and lexical filehandles
- Support .plx files
- This release by SARTAK -> update source URL
- Rewrite hunspell patch to just favour hunspell over aspell
- BR: perl(IPC::Open3)
--------------------------------------------------------------------------------
================================================================================
php-libvirt-0.4.3-1.fc15 (FEDORA-2011-10709)
PHP language binding for Libvirt
--------------------------------------------------------------------------------
Update Information:
Here is where you
give an explanation of
your update.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 11 2011 Michal Novotny <minovotn@xxxxxxxxxx> - 0.4.3
- Rebase to 0.4.3 from master branch
--------------------------------------------------------------------------------
================================================================================
php-pear-Mail-Mime-1.8.2-1.fc15 (FEDORA-2011-10725)
Classes to create MIME messages
--------------------------------------------------------------------------------
Update Information:
Upstream changelog:
* #18426: Fixed backward compatibility for "dfilename" parameter [alec]
* Removed xmail.dtd, xmail.xsl from the package [alec]
* Fixed handling of email addresses with quoted local part [alec]
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 11 2011 Remi Collet <Fedora@xxxxxxxxxxxxxxxxx> 1.8.2-1
- Version 1.8.2 (stable) - API 1.4.1 (stable)
- doc in /usr/share/doc/pear
--------------------------------------------------------------------------------
================================================================================
python-fedora-0.3.24-3.fc15 (FEDORA-2011-10738)
Python modules for talking to Fedora Infrastructure Services
--------------------------------------------------------------------------------
Update Information:
* Update splits off server packages and sets proper dependencies on web application frameworks in those subpackages.
* Fix a bug with auth for TG2 servers
* Fix a bug in client auth using F15+ pycurl
* Fix a bug with auth for TG2 servers
* Fix a bug in client auth using F15+ pycurl
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 9 2011 Toshio Kuratomi <toshio@xxxxxxxxxxxxxxxxx> - 0.3.24-3
- Get the PYTHONPATH for building docs correct
* Tue Aug 9 2011 Toshio Kuratomi <toshio@xxxxxxxxxxxxxxxxx> - 0.3.24-2
- Rework package to provide the turbogears and django code in subpackages with
full dependencies for each of those.
--------------------------------------------------------------------------------
================================================================================
selinux-policy-3.9.16-38.fc15 (FEDORA-2011-10410)
SELinux policy configuration
--------------------------------------------------------------------------------
Update Information:
- Fixes for zarafa, postfix policy
- Backport collect policy
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 11 2011 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.9.16-38
- Allow hostname read network state
- Allow syslog to manage all log files
- Add use_fusefs_home_dirs boolean for chrome
- Make vdagent working with confined users
- Fix syslog port definition
- Allow openvpn to set its process priority when the nice parameter is used
- Restorecond should be able to watch and relabel devices in /dev
- Alow hddtemp to perform DNS name resolution
* Fri Aug 5 2011 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.9.16-37
- Fixes for zarafa, postfix policy
- Backport collect policy
* Wed Jul 27 2011 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.9.16-36
- Backport ABRT changes
- Make tmux working with scree policy
- Allow root cron jobs can't run without unconfined
- add interface to dontaudit writes to urand, needed by libra
- Add label for /var/cache/krb5rcache directory
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #726303 - SELinux is preventing 72733A6D61696E20513A526567 from 'open' accesses on the file /var/log/ntpd.log.
https://bugzilla.redhat.com/show_bug.cgi?id=726303
[ 2 ] Bug #728485 - SELinux is preventing /bin/hostname from 'read' accesses on the file unix.
https://bugzilla.redhat.com/show_bug.cgi?id=728485
[ 3 ] Bug #728554 - SELinux is preventing /usr/sbin/lircd (deleted) from 'read' accesses on the lnk_file usb1.
https://bugzilla.redhat.com/show_bug.cgi?id=728554
[ 4 ] Bug #728566 - SELinux is preventing /usr/bin/perl from 'write' accesses on the directory /var/lib/pnp4nagios.
https://bugzilla.redhat.com/show_bug.cgi?id=728566
[ 5 ] Bug #728994 - SELinux is preventing /usr/sbin/lircd from 'read' accesses on the file busnum.
https://bugzilla.redhat.com/show_bug.cgi?id=728994
[ 6 ] Bug #729752 - SELinux is preventing /opt/google/chrome/chrome from 'read' accesses on the file /home/wjbealer/.gvfs/new_volume%28a3%29 on bk-hb6b5c44.local/PUBLIC/Fonts/ARIALN.TTF.
https://bugzilla.redhat.com/show_bug.cgi?id=729752
[ 7 ] Bug #707157 - SELinux is preventing /usr/sbin/lircd from using the 'signal' accesses on a process.
https://bugzilla.redhat.com/show_bug.cgi?id=707157
[ 8 ] Bug #722747 - SELinux is preventing abrt-dump-oops from 'syslog_read' accesses on the system Unknown.
https://bugzilla.redhat.com/show_bug.cgi?id=722747
[ 9 ] Bug #723391 - tmux doesn't work without unconfined, but this may be a tmux behaviour issue
https://bugzilla.redhat.com/show_bug.cgi?id=723391
[ 10 ] Bug #723403 - Root cron jobs can't run without unconfined
https://bugzilla.redhat.com/show_bug.cgi?id=723403
[ 11 ] Bug #726180 - SELinux is preventing /usr/libexec/gdm-crash-logger from 'append' accesses on the file /var/log/gdm/:0-slave.log.
https://bugzilla.redhat.com/show_bug.cgi?id=726180
[ 12 ] Bug #727052 - SELinux is preventing /bin/systemctl from using the 'signal' accesses on a process.
https://bugzilla.redhat.com/show_bug.cgi?id=727052
[ 13 ] Bug #727999 - SELinux is preventing /usr/sbin/lircd from 'read' accesses on the directory devices.
https://bugzilla.redhat.com/show_bug.cgi?id=727999
[ 14 ] Bug #725117 - SELinux is preventing /bin/hostname from read access on the chr_file /dev/null
https://bugzilla.redhat.com/show_bug.cgi?id=725117
--------------------------------------------------------------------------------
================================================================================
shorewall-4.4.22-2.fc15 (FEDORA-2011-10729)
An iptables front end for firewall configuration
--------------------------------------------------------------------------------
Update Information:
- Update to 4.4.22
- Release notes: http://www1.shorewall.net/pub/shorewall/4.4/shorewall-4.4.22/releasenotes.txt
- Fix executable permission on helper programs
Fix executable permission on helper programs
Release notes:
http://www1.shorewall.net/pub/shorewall/4.4/shorewall-4.4.21/releasenotes.txt
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 3 2011 Orion Poplawski <orion@xxxxxxxxxxxxx> - 4.4.22-2
- Add upstream ALL patch to fix handling zones that begin with 'all'
- Add patch to close stdin to prevent some SELinux denial messages (bug 727648)
- Make libexec files executable
* Tue Aug 2 2011 Orion Poplawski <orion@xxxxxxxxxxxxx> - 4.4.22-1
- Update to 4.4.22
* Sat Jul 23 2011 Jonathan G. Underwood <jonathan.underwood@xxxxxxxxx> - 4.4.21.1-3.1
- Make files in libexec directory executable
* Thu Jul 21 2011 Jonathan G. Underwood <jonathan.underwood@xxxxxxxxx> - 4.4.21-3
- Properly use PERLLIB environment variable for installation of the perl libraries
* Thu Jul 21 2011 Jonathan G. Underwood <jonathan.underwood@xxxxxxxxx> - 4.4.21-2
- Fix Source URL versioning in spec file
* Thu Jul 21 2011 Jonathan G. Underwood <jonathan.underwood@xxxxxxxxx> - 4.4.21-1
- Update to 4.4.21.1
- Fix BZ 720713 (incorrect init file LSB headers)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #654787 - shorewall-4.4.21 is available
https://bugzilla.redhat.com/show_bug.cgi?id=654787
[ 2 ] Bug #720713 - Copy-and-paste error in /etc/rc.d/init.d/shorewall6
https://bugzilla.redhat.com/show_bug.cgi?id=720713
[ 3 ] Bug #727648 - shorewall denials
https://bugzilla.redhat.com/show_bug.cgi?id=727648
--------------------------------------------------------------------------------
================================================================================
tzdata-2011h-2.fc15 (FEDORA-2011-10726)
Timezone data
--------------------------------------------------------------------------------
Update Information:
This update adds a patch for upcoming change in Newfoundland. The transition time changes from 12:01 AM to 2:00 AM.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 10 2011 Petr Machata <pmachata@xxxxxxxxxx> - 2011h-2
- Patch for upcoming change in Newfoundland. The transition time
changes from 12:01 AM to 2:00 AM.
--------------------------------------------------------------------------------
================================================================================
volumeicon-0.4.1-3.fc15 (FEDORA-2011-10720)
Lightweight volume control for the system tray
--------------------------------------------------------------------------------
Update Information:
This update fixes the name of the application in the autostart for the session properties dialog.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 11 2011 Christoph Wickert <cwickert@xxxxxxxxxxxxxxxxx> - 0.4.1-3
- Fix application name in desktop file
--------------------------------------------------------------------------------
================================================================================
wicd-1.7.0-9.fc15 (FEDORA-2011-10741)
Wireless and wired network connection manager
--------------------------------------------------------------------------------
Update Information:
This update includes a [hopefully] working systemd unit file and D-Bus control files. Please help me out if you use wicd and test this package. I need to know if systemd can start wicd, stop it, restart it, and if the clients can successfully connect to it.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 11 2011 David Cantrell <dcantrell@xxxxxxxxxx> - 1.7.0-9
- Correct systemd unit file for wicd, add D-Bus service file (#699116)
- Move docs to the wicd-common subpackage
- Correct /etc/dbus-1/system.d/wicd.conf (#699116)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #699116 - wicd shuts down when started by systemd
https://bugzilla.redhat.com/show_bug.cgi?id=699116
--------------------------------------------------------------------------------
================================================================================
xmlrpc-c-1.25.4-1500.svn2077.fc15 (FEDORA-2011-10712)
A lightweight RPC library based on XML and HTTP
--------------------------------------------------------------------------------
Update Information:
.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Aug 7 2011 Enrico Scholz <enrico.scholz@xxxxxxxxxxxxxxxxxxxxxxxxx> - 1.25.4-1500.svn2077
- updated to 1.25.4
- backported GSSAPI_DELEGATION patch from 1.27.3; added BuildConflict
for old curl-devel
* Tue May 10 2011 Karsten Hopp <karsten@xxxxxxxxxx> 1.25.1-1501.1.svn2077
- apply Enrico's default constructor patch to F-15 for the PPC rebuild (#703469)
* Mon Feb 7 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.25.1-1501.svn2077
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #719950 - Add support for Kerberos ticket delegation
https://bugzilla.redhat.com/show_bug.cgi?id=719950
--------------------------------------------------------------------------------
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
