The following Fedora 14 Security updates need testing:
https://admin.fedoraproject.org/updates/phpMyAdmin-3.4.4-1.fc14
https://admin.fedoraproject.org/updates/cups-1.4.8-2.fc14
https://admin.fedoraproject.org/updates/libcap-2.22-1.fc14
https://admin.fedoraproject.org/updates/libvpx-0.9.7.1-1.fc14
https://admin.fedoraproject.org/updates/ecryptfs-utils-90-2.fc14
https://admin.fedoraproject.org/updates/php-5.3.8-1.fc14,maniadrive-1.2-32.fc14,php-eaccelerator-0.9.6.1-9.fc14
https://admin.fedoraproject.org/updates/libsoup-2.32.2-2.fc14
https://admin.fedoraproject.org/updates/foomatic-4.0.8-3.fc14
https://admin.fedoraproject.org/updates/hplip-3.11.7-2.fc14
https://admin.fedoraproject.org/updates/avahi-0.6.27-8.fc14
https://admin.fedoraproject.org/updates/zabbix-1.8.7-1.fc14
https://admin.fedoraproject.org/updates/tomcat6-6.0.26-21.fc14
https://admin.fedoraproject.org/updates/system-config-firewall-1.2.27-2.fc14
https://admin.fedoraproject.org/updates/openldap-2.4.23-10.fc14
https://admin.fedoraproject.org/updates/xulrunner-1.9.2.22-1.fc14,thunderbird-3.1.14-1.fc14,firefox-3.6.22-1.fc14,mozvoikko-1.0-24.fc14.1,gnome-web-photo-0.9-23.fc14.1,perl-Gtk2-MozEmbed-0.08-6.fc14.29,gnome-python2-extras-2.25.3-33.fc14.1,galeon-2.0.7-43.fc14.1
https://admin.fedoraproject.org/updates/openssl-1.0.0e-1.fc14
https://admin.fedoraproject.org/updates/rsyslog-4.6.3-3.fc14
https://admin.fedoraproject.org/updates/librsvg2-2.32.0-4.fc14
https://admin.fedoraproject.org/updates/nss-3.12.10-4.fc14
https://admin.fedoraproject.org/updates/bcfg2-1.1.2-2.fc14
The following Fedora 14 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/openssl-1.0.0e-1.fc14
https://admin.fedoraproject.org/updates/librsvg2-2.32.0-4.fc14
https://admin.fedoraproject.org/updates/rsyslog-4.6.3-3.fc14
https://admin.fedoraproject.org/updates/nss-3.12.10-4.fc14
https://admin.fedoraproject.org/updates/livecd-tools-14.3-1.fc14
https://admin.fedoraproject.org/updates/avahi-0.6.27-8.fc14
https://admin.fedoraproject.org/updates/setup-2.8.28-2.fc14
https://admin.fedoraproject.org/updates/curl-7.21.0-10.fc14
https://admin.fedoraproject.org/updates/system-config-users-1.2.110-1.fc14
https://admin.fedoraproject.org/updates/ModemManager-0.4.998-1.git20110706.fc14
https://admin.fedoraproject.org/updates/unique-1.1.6-3.fc14
https://admin.fedoraproject.org/updates/xorg-x11-drv-savage-2.3.2-3.fc14
https://admin.fedoraproject.org/updates/mash-0.5.22-1.fc14
https://admin.fedoraproject.org/updates/policycoreutils-2.0.85-30.3.fc14
https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-8.fc14.2
https://admin.fedoraproject.org/updates/xorg-x11-drv-qxl-0.0.21-3.fc14
https://admin.fedoraproject.org/updates/xorg-x11-drv-nouveau-0.0.16-14.20101010git8c8f15c.fc14
https://admin.fedoraproject.org/updates/libconcord-0.23-5.fc14,udev-161-9.fc14,concordance-0.23-2.fc14
https://admin.fedoraproject.org/updates/openldap-2.4.23-10.fc14
The following builds have been pushed to Fedora 14 updates-testing
389-ds-base-1.2.9.10-1.fc14
389-ds-base-1.2.9.10-2.fc14
bcfg2-1.1.2-2.fc14
bfa-firmware-3.0.0.0-1.fc14
firefox-3.6.22-1.fc14
galeon-2.0.7-43.fc14.1
ghc-enumerator-0.4.13.1-1.fc14
gnome-python2-extras-2.25.3-33.fc14.1
gnome-web-photo-0.9-23.fc14.1
librsvg2-2.32.0-4.fc14
mozvoikko-1.0-24.fc14.1
nss-3.12.10-4.fc14
ntfs-3g-2011.4.12-4.fc14
olpc-powerd-36-1.fc14
openssl-1.0.0e-1.fc14
pacemaker-1.1.6-1.fc14
perl-Gtk2-MozEmbed-0.08-6.fc14.29
pipebench-0.40-5.fc14
plowshare-0.9.4-0.14.20110904git.fc14
policycoreutils-2.0.85-30.3.fc14
pwsafe-0.2.0-11.fc14
pyrit-0.4.0-4.fc14
python-oauth2-1.2.1-2.fc14
ql2400-firmware-5.06.01-1.fc14
ql2500-firmware-5.06.01-1.fc14
rsyslog-4.6.3-3.fc14
sysbench-0.4.12-5.fc14
thunderbird-3.1.14-1.fc14
xs-0.1-2.git9c19777.fc14
xulrunner-1.9.2.22-1.fc14
yagf-0.8.7-1.fc14
Details about builds:
================================================================================
389-ds-base-1.2.9.10-1.fc14 (FEDORA-2011-12274)
389 Directory Server (base)
--------------------------------------------------------------------------------
Update Information:
Fix for managed entry
Couple of bug fixes
a handful of bug fixes and a new feature to allow the server to start with an expired cert
Fixes for update, winsync, ruv/counters
Fix another coverity NULL deref in previous patch
Fix coverity NULL deref defect in 1.2.9.3
A few bug fixes
The 1.2.9.0 release - several bug fixes found during alpha testing
389-ds-base-1.2.9.a2 - several bug fixes - automember improvements
look for separate openldap ldif library
Split automember regex rules into separate entries
writing Inf file shows SchemaFile = ARRAY(0xhexnum)
add support for ldif files with changetype: add
Auto Membership
More Coverity fixes
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 7 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.9.10-1
- Bug 735114 - renaming a managed entry does not update mepmanagedby
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #735114 - renaming a managed entry does not update mepmanagedby
https://bugzilla.redhat.com/show_bug.cgi?id=735114
--------------------------------------------------------------------------------
================================================================================
389-ds-base-1.2.9.10-2.fc14 (FEDORA-2011-12291)
389 Directory Server (base)
--------------------------------------------------------------------------------
Update Information:
Fixed source tarball
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 7 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.9.10-2
- corrected source
* Wed Sep 7 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.9.10-1
- Bug 735114 - renaming a managed entry does not update mepmanagedby
--------------------------------------------------------------------------------
================================================================================
bcfg2-1.1.2-2.fc14 (FEDORA-2011-12303)
Configuration management system
--------------------------------------------------------------------------------
Update Information:
* Wed Sep 07 2011 Fabian Affolter <fabian@xxxxxxxxxxxxxxxxx> - 1.1.2-2
- Added patch to fix CVE-2011-3211
* Thu Jun 02 2011 Fabian Affolter <fabian@xxxxxxxxxxxxxxxxx> - 1.1.2-1
- Updated to new upstream version 1.1.2
- Fixed #683239
* Mon Sep 27 2010 Jeffrey C. Ollie <jeff@xxxxxxxxxx> - 1.1.0-2 - Update to final version
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 7 2011 Fabian Affolter <fabian@xxxxxxxxxxxxxxxxx> - 1.1.2-2
- Added patch to fix CVE-2011-3211
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #736279 - CVE-2011-3211 bcfg2 (bcfg2-server): Privilege escalation due to improper escaping of shell command data sent from client, when SSHbase plug-in enabled
https://bugzilla.redhat.com/show_bug.cgi?id=736279
--------------------------------------------------------------------------------
================================================================================
bfa-firmware-3.0.0.0-1.fc14 (FEDORA-2011-12286)
Brocade Fibre Channel HBA Firmware
--------------------------------------------------------------------------------
Update Information:
Update bfa-firmware to 3.0.0.0. Does stuff and things.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 7 2011 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> 3.0.0.0-1
- update to 3.0.0.0
* Mon Feb 7 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.3.2.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
firefox-3.6.22-1.fc14 (FEDORA-2011-12275)
Mozilla Firefox Web browser
--------------------------------------------------------------------------------
Update Information:
The latest version of Firefox and Thunderbird has the following changes:
- Removed trust exceptions for certificates issued by Staat der Nederlanden (see bug mozbz#683449 and the security advisory)
- Resolved an issue with gov.uk websites (see bug mozbz#669792)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 6 2011 Jan Horak <jhorak@xxxxxxxxxx> - 3.6.22-1
- Update to 3.6.22
--------------------------------------------------------------------------------
================================================================================
galeon-2.0.7-43.fc14.1 (FEDORA-2011-12275)
GNOME2 Web browser based on Mozilla
--------------------------------------------------------------------------------
Update Information:
The latest version of Firefox and Thunderbird has the following changes:
- Removed trust exceptions for certificates issued by Staat der Nederlanden (see bug mozbz#683449 and the security advisory)
- Resolved an issue with gov.uk websites (see bug mozbz#669792)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 6 2011 Jan Horak <jhorak@xxxxxxxxxx> - 2.0.7-43.1
- Rebuild against newer gecko
--------------------------------------------------------------------------------
================================================================================
ghc-enumerator-0.4.13.1-1.fc14 (FEDORA-2011-12270)
Implementation of Oleg Kiselyov's left-fold enumerators
--------------------------------------------------------------------------------
Update Information:
Update to 0.4.13.1.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 22 2011 Jens Petersen <petersen@xxxxxxxxxx> - 0.4.13.1-1
- update to 0.4.13.1
* Thu Jun 23 2011 Jens Petersen <petersen@xxxxxxxxxx> - 0.4.10-3
- BR ghc-Cabal-devel instead of ghc-prof and use ghc_arches (cabal2spec-0.23.2)
* Wed May 11 2011 Ben Boeckel <mathstuf@xxxxxxxxx> - 0.4.10-2
- Add missing ppc64 ExclusiveArch
* Wed May 11 2011 Ben Boeckel <mathstuf@xxxxxxxxx> - 0.4.10-1
- Update to cabal2spec-0.22.7
- Update to 0.4.10
* Thu Mar 10 2011 Fabio M. Di Nitto <fdinitto@xxxxxxxxxx> - 0.4.7-2
- Enable build on sparcv9
* Thu Feb 17 2011 Ben Boeckel <mathstuf@xxxxxxxxx> - 0.4.7-1
- Update to 0.4.7
* Thu Feb 17 2011 Ben Boeckel <mathstuf@xxxxxxxxx> - 0.4.5-3
- Rebuild for broken dependencies
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.4.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Sat Jan 15 2011 Ben Boeckel <mathstuf@xxxxxxxxx> - 0.4.5-1
- Update to 0.4.5
* Sat Jan 15 2011 Ben Boeckel <mathstuf@xxxxxxxxx> - 0.4.4-2
- Update to cabal2spec-0.22.4
- Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #720283 - ghc-enumerator-0.4.13.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=720283
--------------------------------------------------------------------------------
================================================================================
gnome-python2-extras-2.25.3-33.fc14.1 (FEDORA-2011-12275)
Additional PyGNOME Python extension modules
--------------------------------------------------------------------------------
Update Information:
The latest version of Firefox and Thunderbird has the following changes:
- Removed trust exceptions for certificates issued by Staat der Nederlanden (see bug mozbz#683449 and the security advisory)
- Resolved an issue with gov.uk websites (see bug mozbz#669792)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 6 2011 Jan Horak <jhorak@xxxxxxxxxx> - 2.25.3-33.1
- Rebuild against newer gecko
--------------------------------------------------------------------------------
================================================================================
gnome-web-photo-0.9-23.fc14.1 (FEDORA-2011-12275)
HTML pages thumbnailer
--------------------------------------------------------------------------------
Update Information:
The latest version of Firefox and Thunderbird has the following changes:
- Removed trust exceptions for certificates issued by Staat der Nederlanden (see bug mozbz#683449 and the security advisory)
- Resolved an issue with gov.uk websites (see bug mozbz#669792)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 6 2011 Jan Horak <jhorak@xxxxxxxxxx> - 0.9-23.1
- Rebuild against newer gecko
--------------------------------------------------------------------------------
================================================================================
librsvg2-2.32.0-4.fc14 (FEDORA-2011-12301)
An SVG library based on cairo
--------------------------------------------------------------------------------
Update Information:
This update fixes CVE-2011-3146.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 7 2011 Marek Kasik <mkasik@xxxxxxxxxx> - 2.32.0-4
- Fix for CVE-2011-3146 (#736237)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #736237 - CVE-2011-3146 librsvg: NULL pointer dereference flaw [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=736237
--------------------------------------------------------------------------------
================================================================================
mozvoikko-1.0-24.fc14.1 (FEDORA-2011-12275)
Finnish Voikko spell-checker extension for Mozilla programs
--------------------------------------------------------------------------------
Update Information:
The latest version of Firefox and Thunderbird has the following changes:
- Removed trust exceptions for certificates issued by Staat der Nederlanden (see bug mozbz#683449 and the security advisory)
- Resolved an issue with gov.uk websites (see bug mozbz#669792)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 6 2011 Jan Horak <jhorak@xxxxxxxxxx> - 1.0-24.1
- Rebuild against newer gecko
--------------------------------------------------------------------------------
================================================================================
nss-3.12.10-4.fc14 (FEDORA-2011-12300)
Network Security Services
--------------------------------------------------------------------------------
Update Information:
Update to most recent root CA module, version 1.87
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 6 2011 Kai Engert <kaie@xxxxxxxxxx> - 3.12.10-4
- Update builtins certs to those from NSSCKBI_1_87_RTM
* Fri May 20 2011 Dennis Gilmore <dennis@xxxxxxxx> - 3.12.10-3
- make the testsuite non fatal on arm arches
* Tue May 17 2011 Elio Maldonado <emaldona@xxxxxxxxxx> - 3.12.10-2
- Fix crmf hard-coded maximum size for wrapped private keys (#703658)
--------------------------------------------------------------------------------
================================================================================
ntfs-3g-2011.4.12-4.fc14 (FEDORA-2011-12266)
Linux NTFS userspace driver
--------------------------------------------------------------------------------
Update Information:
* fix issue preventing some volume types from not working properly (bz735862)
* create fsck.ntfs symlink to ntfsck (bz735612).
* apply cleanups from git trunk for ntfsck (bz 706638)
* apply cleanups from git trunk for ntfsfix (bz 711662, 723562)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 7 2011 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 2:2011.4.12-4
- fix issue preventing some volume types from not working properly (bz735862)
- create fsck.ntfs symlink to ntfsck (bz735612).
- apply cleanups from git trunk for ntfsck (bz 706638)
- apply cleanups from git trunk for ntfsfix (bz 711662, 723562)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #735862 - ntfs volumes do not work with truecrypt/realcrypt
https://bugzilla.redhat.com/show_bug.cgi?id=735862
[ 2 ] Bug #735612 - ntfsprogs does not provide fsck.ntfs
https://bugzilla.redhat.com/show_bug.cgi?id=735612
[ 3 ] Bug #706638 - [abrt] ntfsprogs-2:2011.4.12-3.fc14: ntfs_boot_sector_parse: Process /bin/ntfsck was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=706638
[ 4 ] Bug #711662 - [abrt] ntfsprogs-2011.4.12-3.fc15: __libc_free: Process /bin/ntfsfix was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=711662
[ 5 ] Bug #723562 - [abrt] ntfsprogs-2011.4.12-3.fc15: __GI_raise: Process /bin/ntfsfix was killed by signal 6 (SIGABRT)
https://bugzilla.redhat.com/show_bug.cgi?id=723562
--------------------------------------------------------------------------------
================================================================================
olpc-powerd-36-1.fc14 (FEDORA-2011-12264)
OLPC XO power management
--------------------------------------------------------------------------------
Update Information:
Use evtest for querying of XO-1.75 switches. Inhibit suspend while connecting to wifi networks.
Initial XO-1.75 support
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 6 2011 Daniel Drake <dsd@xxxxxxxxxx> - 36-1
- Use evtest for switch state querying
- powerd-dbus now inhibits suspend while connecting to wireless networks
* Thu Sep 1 2011 Daniel Drake <pgf@xxxxxxxxxx> - 35-1
- Initial XO-1.75 support
--------------------------------------------------------------------------------
================================================================================
openssl-1.0.0e-1.fc14 (FEDORA-2011-12281)
A general purpose cryptography library with TLS implementation
--------------------------------------------------------------------------------
Update Information:
New upstream release fixing CVE-2011-3207 and a few other minor bugs.
It also improves performance of AES, SHA1 and RC4 on new Intel CPUs and enables VIA Padlock HW acceleration support on 64 bit architecture.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 7 2011 Tomas Mraz <tmraz@xxxxxxxxxx> 1.0.0e-1
- new upstream release fixing CVE-2011-3207 (#736088)
* Wed Aug 24 2011 Tomas Mraz <tmraz@xxxxxxxxxx> 1.0.0d-8
- drop the separate engine for Intel acceleration improvements
and merge in the AES-NI, SHA1, and RC4 optimizations
- add support for OPENSSL_DISABLE_AES_NI environment variable
that disables the AES-NI support
* Tue Jul 26 2011 Tomas Mraz <tmraz@xxxxxxxxxx> 1.0.0d-7
- correct openssl cms help output (#636266)
- more tolerant starttls detection in XMPP protocol (#608239)
* Wed Jul 20 2011 Tomas Mraz <tmraz@xxxxxxxxxx> 1.0.0d-6
- add support for newest Intel acceleration improvements backported
from upstream by Intel in form of a separate engine
* Thu Jun 9 2011 Tomas Mraz <tmraz@xxxxxxxxxx> 1.0.0d-5
- allow the AES-NI engine in the FIPS mode
* Tue May 24 2011 Tomas Mraz <tmraz@xxxxxxxxxx> 1.0.0d-4
- add API necessary for CAVS testing of the new DSA parameter generation
* Thu Apr 28 2011 Tomas Mraz <tmraz@xxxxxxxxxx> 1.0.0d-3
- add support for VIA Padlock on 64bit arch from upstream (#617539)
- do not return bogus values from load_certs (#652286)
* Tue Apr 5 2011 Tomas Mraz <tmraz@xxxxxxxxxx> 1.0.0d-2
- clarify apps help texts for available digest algorithms (#693858)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #736088 - CVE-2011-3207 openssl: CRL verification vulnerability [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=736088
--------------------------------------------------------------------------------
================================================================================
pacemaker-1.1.6-1.fc14 (FEDORA-2011-12293)
Scalable High-Availability cluster resource manager
--------------------------------------------------------------------------------
Update Information:
New upstream release: 1.1.6.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 7 2011 Andrew Beekhof <andrew@xxxxxxxxxxx> 1.1.6-1
- Upstream release of 1.1.6
- See included ChangeLog file or http://hg.clusterlabs.org/pacemaker/1.1/file/tip/ChangeLog for details
- Disabled eSMTP and SNMP support. Painful to configure and rarely used.
- Created cli sub-package for non-cluster usage
* Thu Jul 21 2011 Petr Sabata <contyk@xxxxxxxxxx> - 1.1.5-3.2
- Perl mass rebuild
* Wed Jul 20 2011 Petr Sabata <contyk@xxxxxxxxxx> - 1.1.5-3.1
- Perl mass rebuild
* Mon Jul 11 2011 Andrew Beekhof <andrew@xxxxxxxxxxx> 1.1.5-3
- Rebuild for new snmp .so
* Fri Jun 17 2011 Marcela Mašláňová <mmaslano@xxxxxxxxxx> - 1.1.5-2.2
- Perl mass rebuild
* Fri Jun 10 2011 Marcela Mašláňová <mmaslano@xxxxxxxxxx> - 1.1.5-2.1
- Perl 5.14 mass rebuild
--------------------------------------------------------------------------------
================================================================================
perl-Gtk2-MozEmbed-0.08-6.fc14.29 (FEDORA-2011-12275)
Interface to the Mozilla embedding widget
--------------------------------------------------------------------------------
Update Information:
The latest version of Firefox and Thunderbird has the following changes:
- Removed trust exceptions for certificates issued by Staat der Nederlanden (see bug mozbz#683449 and the security advisory)
- Resolved an issue with gov.uk websites (see bug mozbz#669792)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 6 2011 Jan Horak <jhorak@xxxxxxxxxx> - 0.08-6.29
- Rebuild against newer gecko
--------------------------------------------------------------------------------
================================================================================
pipebench-0.40-5.fc14 (FEDORA-2011-12288)
Measures the speed of STDIN/STDOUT communication
--------------------------------------------------------------------------------
Update Information:
This is a new package for Fedora.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #731219 - Review Request: pipebench - Measures the speed of stdin/stdout communication
https://bugzilla.redhat.com/show_bug.cgi?id=731219
--------------------------------------------------------------------------------
================================================================================
plowshare-0.9.4-0.14.20110904git.fc14 (FEDORA-2011-12305)
Download and upload files from file-sharing websites
--------------------------------------------------------------------------------
Update Information:
New upstream snapshot
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 6 2011 Elder Marco <eldermarco@xxxxxxxxxxxxxxxxx> - 0.9.4-0.14.20110904git
- New upstream snapshot
* Mon Aug 29 2011 Elder Marco <eldermarco@xxxxxxxxxxxxxxxxx> - 0.9.4-0.13.20110828git
- New upstream snapshot
--------------------------------------------------------------------------------
================================================================================
policycoreutils-2.0.85-30.3.fc14 (FEDORA-2011-8401)
SELinux policy core utilities
--------------------------------------------------------------------------------
Update Information:
Fixes for sandbox to cleanup processes, as well as back porting fixes from F15
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 6 2011 Dan Walsh <dwalsh@xxxxxxxxxx> 2.0.86-7.3
- Backport sandbox fixes from F16
* Thu Jul 7 2011 Dan Walsh <dwalsh@xxxxxxxxxx> 2.0.86-7.2
- Change seunshare to send kill signals to the childs session.
- Also add signal handler to catch sigint, so if user enters ctrl-C sandbox will shutdown.
- Add -k qualifier to seunshare to have it attempt to kill all processes with
the matching MCS label.
- Add -C option to sandbox and seunshare to maintain capabilities, otherwise
the bounding set will be dropped.
- Change --cgroups short name -c rather then -C for consistancy
- Fix memory and fd leaks in seunshare
* Fri Jun 17 2011 Dan Walsh <dwalsh@xxxxxxxxxx> 2.0.86-30.1
- Backport lots of fixes from F15 including:
- Do not drop capability bounding set in seunshare, this allows sandbox to
- run setuid apps.
- Cleanup policy generation template
- Pass dpi settings to sandbox
- Add .config/* to restorecond_users.conf
- Clean up some of the templates for sepolgen
- Apply patches from Christoph A.
* fix sandbox title
* stop xephyr from li
- Also ignore errors on sandbox include of directory missing files
- Change fixfiles restore to delete unlabeled sockets in /tmp
* Mon Apr 11 2011 Dan Walsh <dwalsh@xxxxxxxxxx> 2.0.85-30
- Add Elia Pinto patches to allow user to specify directories to ignore
* Tue Apr 5 2011 Dan Walsh <dwalsh@xxxxxxxxxx> 2.0.85-29
- Fix policycoreutils-sandbox description
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #714152 - sandbox leaves process running after closing the sandbox (/usr/bin/pulseaudio)
https://bugzilla.redhat.com/show_bug.cgi?id=714152
--------------------------------------------------------------------------------
================================================================================
pwsafe-0.2.0-11.fc14 (FEDORA-2011-12297)
A unix commandline program that manages encrypted password databases
--------------------------------------------------------------------------------
Update Information:
Fix pasting from CLIPBOARD to gnome-terminal
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 7 2011 Ralf Ertzinger <ralf@xxxxxxxxxxx> - 0.2.0-11
- Apply patch from BZ667541
* Wed Feb 9 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.0-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #667541 - Pasting to gnome-terminal via CLIPBOARD is broken.
https://bugzilla.redhat.com/show_bug.cgi?id=667541
--------------------------------------------------------------------------------
================================================================================
pyrit-0.4.0-4.fc14 (FEDORA-2011-12289)
A GPGPU-driven WPA/WPA2-PSK key cracker
--------------------------------------------------------------------------------
Update Information:
New package - pyrit - A GPGPU-driven WPA/WPA2-PSK key cracker
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #691894 - Review Request: pyrit - A GPGPU-driven WPA/WPA2-PSK key cracker
https://bugzilla.redhat.com/show_bug.cgi?id=691894
--------------------------------------------------------------------------------
================================================================================
python-oauth2-1.2.1-2.fc14 (FEDORA-2011-12287)
Python support for improved oauth
--------------------------------------------------------------------------------
Update Information:
Fix missing Requires: python-httplib2
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #736133 - Missing dependency on python-httplib2
https://bugzilla.redhat.com/show_bug.cgi?id=736133
--------------------------------------------------------------------------------
================================================================================
ql2400-firmware-5.06.01-1.fc14 (FEDORA-2011-12302)
Firmware for qlogic 2400 devices
--------------------------------------------------------------------------------
Update Information:
THIS ERRATA IS CLASSIFIED MAGINOT BLUE STARS.
YOU DO NOT POSSESS NECESSARY CLEARANCE TO VIEW FULL ERRATA.
VIEW REDACTED ERRATA (Y/N)? Y
QLOGIC 2400 FIRMWARE CODE NAME ███ ██████ ██████ AND QLOGIC 2500 FIRMWARE CODE NAME ████████ ██████ HAVE BEEN UPDATED TO 5.06.01. THIS CHANGE WAS NECESSARY BECAUSE OF ██████ MOVEMENT IN ███ ██████ AND UNEXPECTED EVOLUTION ON PHASE ████ OF SCORPION STARE. ALSO, MINOR CHANGES DUE TO ███████ DISCOVERY AT ████████ BUILDING OF GROOM LAKE (SEE ███████-██████████ ERRATA FOR DETAILS).
SPECIFIC CHANGES:
* ██████████ FIXED
* NON-NEWTONIAN ██████████ CONFLICTS RESOLVED WITH ADDITIONAL █████ █████████
* TACTICAL YIELD OF ██████████ INCREASED BY ███████ IN CORNER CASES INVOLVING ██████████ (SEE █████████)
* ████ ████ ████ █████████████ █████
* RESOLVED ISSUES RELATING TO CASE NIGHTMARE GREEN
* ADDED █████ ████ ███ ████ OXCART ████████ SPYWARE ████ REMOTE ████████ CAMERA ████ CONTAINMENT (SEE ███ ███ ██████)
* ROTATED ███████████ CODE WHEEL (SEE ████ MANUAL)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 7 2011 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 5.06.01-1
- update to 5.06.01
--------------------------------------------------------------------------------
================================================================================
ql2500-firmware-5.06.01-1.fc14 (FEDORA-2011-12302)
Firmware for qlogic 2500 devices
--------------------------------------------------------------------------------
Update Information:
THIS ERRATA IS CLASSIFIED MAGINOT BLUE STARS.
YOU DO NOT POSSESS NECESSARY CLEARANCE TO VIEW FULL ERRATA.
VIEW REDACTED ERRATA (Y/N)? Y
QLOGIC 2400 FIRMWARE CODE NAME ███ ██████ ██████ AND QLOGIC 2500 FIRMWARE CODE NAME ████████ ██████ HAVE BEEN UPDATED TO 5.06.01. THIS CHANGE WAS NECESSARY BECAUSE OF ██████ MOVEMENT IN ███ ██████ AND UNEXPECTED EVOLUTION ON PHASE ████ OF SCORPION STARE. ALSO, MINOR CHANGES DUE TO ███████ DISCOVERY AT ████████ BUILDING OF GROOM LAKE (SEE ███████-██████████ ERRATA FOR DETAILS).
SPECIFIC CHANGES:
* ██████████ FIXED
* NON-NEWTONIAN ██████████ CONFLICTS RESOLVED WITH ADDITIONAL █████ █████████
* TACTICAL YIELD OF ██████████ INCREASED BY ███████ IN CORNER CASES INVOLVING ██████████ (SEE █████████)
* ████ ████ ████ █████████████ █████
* RESOLVED ISSUES RELATING TO CASE NIGHTMARE GREEN
* ADDED █████ ████ ███ ████ OXCART ████████ SPYWARE ████ REMOTE ████████ CAMERA ████ CONTAINMENT (SEE ███ ███ ██████)
* ROTATED ███████████ CODE WHEEL (SEE ████ MANUAL)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 7 2011 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 5.06.01-1
- update to 5.06.01
--------------------------------------------------------------------------------
================================================================================
rsyslog-4.6.3-3.fc14 (FEDORA-2011-12282)
Enhanced system logging and kernel message trapping daemon
--------------------------------------------------------------------------------
Update Information:
updated package which fixes CVE-2011-3200
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 6 2011 Tomas Heinrich <theinric@xxxxxxxxxx> 4.6.3-3
- add patch to resolve buffer overflow (CVE-2011-3200)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #727644 - CVE-2011-3200 rsyslog: parseLegacySyslogMsg off-by-two buffer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=727644
--------------------------------------------------------------------------------
================================================================================
sysbench-0.4.12-5.fc14 (FEDORA-2011-12283)
System performance benchmark
--------------------------------------------------------------------------------
Update Information:
Add support for libaio.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 6 2011 Xavier Bachelot <xavier@xxxxxxxxxxxx> 0.4.12-5
- Add BR: libaio-devel (rhbz#735882).
* Wed Mar 23 2011 Dan Horák <dan@xxxxxxxx> - 0.4.12-4
- rebuilt for mysql 5.5.10 (soname bump in libmysqlclient)
* Wed Feb 9 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.4.12-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Fri Dec 24 2010 Xavier Bachelot <xavier@xxxxxxxxxxxx> 0.4.12-2
- Rebuild against new mysql.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #735882 - sysbench not compiled with libaio-devel installed
https://bugzilla.redhat.com/show_bug.cgi?id=735882
--------------------------------------------------------------------------------
================================================================================
thunderbird-3.1.14-1.fc14 (FEDORA-2011-12275)
Mozilla Thunderbird mail/newsgroup client
--------------------------------------------------------------------------------
Update Information:
The latest version of Firefox and Thunderbird has the following changes:
- Removed trust exceptions for certificates issued by Staat der Nederlanden (see bug mozbz#683449 and the security advisory)
- Resolved an issue with gov.uk websites (see bug mozbz#669792)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 6 2011 Jan Horak <jhorak@xxxxxxxxxx> - 3.1.14-1
- Update to 3.1.14
--------------------------------------------------------------------------------
================================================================================
xs-0.1-2.git9c19777.fc14 (FEDORA-2011-12290)
Shell supporting functional programming
--------------------------------------------------------------------------------
Update Information:
XS is a shell supporting functional programming, based on es.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #735705 - Review Request: xs - Shell supporting functional programming
https://bugzilla.redhat.com/show_bug.cgi?id=735705
--------------------------------------------------------------------------------
================================================================================
xulrunner-1.9.2.22-1.fc14 (FEDORA-2011-12275)
XUL Runtime for Gecko Applications
--------------------------------------------------------------------------------
Update Information:
The latest version of Firefox and Thunderbird has the following changes:
- Removed trust exceptions for certificates issued by Staat der Nederlanden (see bug mozbz#683449 and the security advisory)
- Resolved an issue with gov.uk websites (see bug mozbz#669792)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 6 2011 Jan Horak <jhorak@xxxxxxxxxx> - 1.9.2.22-1
- Update to 1.9.2.22
--------------------------------------------------------------------------------
================================================================================
yagf-0.8.7-1.fc14 (FEDORA-2011-12269)
Graphical front-end for cuneiform
--------------------------------------------------------------------------------
Update Information:
Update to 0.8.7.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 5 2011 Dmitrij S. Kryzhevich <krege@xxxxxxx> 0.8.7-1
- Update to 0.8.7.
- Permissions for files including into debug package are OK now.
--------------------------------------------------------------------------------
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
