The following Fedora 14 Security updates need testing:
https://admin.fedoraproject.org/updates/perl-FCGI-0.74-1.fc14
https://admin.fedoraproject.org/updates/tomcat6-6.0.26-21.fc14
https://admin.fedoraproject.org/updates/drupal6-views_bulk_operations-1.11-1.fc14
https://admin.fedoraproject.org/updates/NetworkManager-0.8.5.92-1.git20110927.fc14
https://admin.fedoraproject.org/updates/bcfg2-1.1.3-1.fc14
https://admin.fedoraproject.org/updates/kernel-2.6.35.14-97.fc14
https://admin.fedoraproject.org/updates/cyrus-imapd-2.3.17-1.fc14
The following Fedora 14 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/NetworkManager-0.8.5.92-1.git20110927.fc14
https://admin.fedoraproject.org/updates/kernel-2.6.35.14-97.fc14
https://admin.fedoraproject.org/updates/lldpad-0.9.41-4.fc14
https://admin.fedoraproject.org/updates/ModemManager-0.4.998-1.git20110706.fc14
https://admin.fedoraproject.org/updates/mash-0.5.22-1.fc14
https://admin.fedoraproject.org/updates/policycoreutils-2.0.85-30.3.fc14
https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-8.fc14.2
https://admin.fedoraproject.org/updates/xorg-x11-drv-qxl-0.0.21-3.fc14
https://admin.fedoraproject.org/updates/xorg-x11-drv-nouveau-0.0.16-14.20101010git8c8f15c.fc14
https://admin.fedoraproject.org/updates/libconcord-0.23-5.fc14,udev-161-9.fc14,concordance-0.23-2.fc14
The following builds have been pushed to Fedora 14 updates-testing
BackupPC-3.2.1-6.fc14
NetworkManager-0.8.5.92-1.git20110927.fc14
UpTools-8.6.1-1.fc14
cluster-3.1.7-1.fc14
exiv2-0.21.1-3.fc14
perl-DateTime-TimeZone-1.39-1.fc14
perl-Image-ExifTool-8.65-1.fc14
postgresql-8.4.9-1.fc14
proftpd-1.3.3f-1.fc14
rgmanager-3.1.7-1.fc14
teeworlds-0.6.1-2.fc14
Details about builds:
================================================================================
BackupPC-3.2.1-6.fc14 (FEDORA-2011-13387)
High-performance backup system
--------------------------------------------------------------------------------
Update Information:
- fix postun scriptlet error (bz #736946)
- make postun scriptlet more coherent
- change selinux context on log files to httpd_log_t and allow access
to them (bz #730704)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 21 2011 Bernard Johnson <bjohnson@xxxxxxxxxxxx> - 3.2.1-6
- fix postun scriptlet error (bz #736946)
- make postun scriptlet more coherent
- change selinux context on log files to httpd_log_t and allow access
to them (bz #730704)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #736946 - %post scriptlet broken
https://bugzilla.redhat.com/show_bug.cgi?id=736946
[ 2 ] Bug #730704 - BackupPC SELinux Denial of access to log from cgi interface
https://bugzilla.redhat.com/show_bug.cgi?id=730704
--------------------------------------------------------------------------------
================================================================================
NetworkManager-0.8.5.92-1.git20110927.fc14 (FEDORA-2011-13401)
Network connection manager and user applications
--------------------------------------------------------------------------------
Update Information:
This update fixes security issue in ifcfg-rh plugin (CVE-2011-3364). In addition, it updates to 0.8.6-rc1.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 27 2011 Jiří Klimeš <jklimes@xxxxxxxxxx> - 0.8.5.92-1.git20110927
- Update to 0.8.5.92 (0.8.6-rc1) + git snapshot
- core: ifcfg-rh: remove newlines when writing to ifcfg files (CVE-2011-3364) (rh #737338)
- core: use '@interface' for link-local DNS servers in the dnsmasq config
- core: ensure NM can talk to newly installed VPN plugins (fdo #39463)
- core: fix crash in ifcfg-rh plugin when system bus isn't around
- core: add "Uuid" property to ActiveConnection interface
- core: add 802.1X setting properties for subject and altsubject matches
* Tue Jul 19 2011 Dan Williams <dcbw@xxxxxxxxxx> - 0.8.5.91-1
- Update to 0.8.6-beta2
- core: append interface name for IPv6 link-local DNS server addresses (rh #720001)
- core: read anonymous identify for 802.1x PEAP connections (rh #708436)
- core: fix setting hostname from DHCP options (rh #719100)
- applet: don't show irrelevant security options during password requests
- applet: show notifications on CDMA home/roaming changes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #737338 - CVE-2011-3364 NetworkManager: Console user can escalate to root via newlines in ifcfg-rh connection name
https://bugzilla.redhat.com/show_bug.cgi?id=737338
--------------------------------------------------------------------------------
================================================================================
UpTools-8.6.1-1.fc14 (FEDORA-2011-13393)
C++ library for HPC, parallel processing, networking, DB, memory, etc
--------------------------------------------------------------------------------
Update Information:
- A new class UpRoute is added to make very fast route table lookups both in
IPv4 and IPv6
- UpAddress and UpSockAddr IPv6 handling is optimized for 64
bits processors
- License tag fixed, now is "BSD with attribution"
- Replaced inet_net_pton in AC_SEARCH_LIBS for resolv library
because there was a dependency issue creating RPM in epel5
- Moved "-no-install" from configure.ac to Makefile.am
- Fixed conditional for postgresql
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 19 2011 Sergio Belkin <sebelk@xxxxxxxxxxxxxxxxx> - 8.6.1-1
- A new class UpRoute is added to make very fast route table lookups both in
IPv4 and IPv6
- UpAddress and UpSockAddr IPv6 handling is optimized for 64
bits processors
- License tag fixed, now is "BSD with attribution"
- Replaced inet_net_pton in AC_SEARCH_LIBS for resolv library
because there was a dependency issue creating RPM in epel5
- Moved "-no-install" from configure.ac to Makefile.am
- Fixed conditional for postgresql
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #673589 - Review Request: UpTools - C++ library for hpc, networking, db, memory, etc.
https://bugzilla.redhat.com/show_bug.cgi?id=673589
--------------------------------------------------------------------------------
================================================================================
cluster-3.1.7-1.fc14 (FEDORA-2011-13396)
Red Hat Cluster
--------------------------------------------------------------------------------
Update Information:
this update addresses a few major issues that can potentially affect stability of the cluster. update is strongly recommended as soon as possible.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 27 2011 Fabio M. Di Nitto <fdinitto@xxxxxxxxxx> - 3.1.7-1
- new upstream release
- spec file update:
Update BuildRequires and Requires to match current requirements
--------------------------------------------------------------------------------
================================================================================
exiv2-0.21.1-3.fc14 (FEDORA-2011-13405)
Exif and Iptc metadata manipulation library
--------------------------------------------------------------------------------
Update Information:
Backport patches to fix a crash bug and support a new camera/lens.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 27 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.21.1-3
- New Tamron 70-300 mm lens improperly recognized (#708403)
* Mon Sep 26 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.21.1-2
- gthumb crashes because of bug in exiv2 0.21.1 (#741429)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #708403 - New Tamron 70-300 mm lens improperly recognized
https://bugzilla.redhat.com/show_bug.cgi?id=708403
[ 2 ] Bug #741429 - gthumb crashes because of bug in exiv2 0.21.1
https://bugzilla.redhat.com/show_bug.cgi?id=741429
--------------------------------------------------------------------------------
================================================================================
perl-DateTime-TimeZone-1.39-1.fc14 (FEDORA-2011-13403)
Time zone object base class and factory
--------------------------------------------------------------------------------
Update Information:
This release is based on version 2011k of the Olson database and includes contemporary changes for Palestine, Belarus, and Ukraine.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 27 2011 Iain Arnell <iarnell@xxxxxxxxx> 1.39-1
- update to latest upstream - Olson 2011k
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #741576 - perl-DateTime-TimeZone-1.39 is available
https://bugzilla.redhat.com/show_bug.cgi?id=741576
--------------------------------------------------------------------------------
================================================================================
perl-Image-ExifTool-8.65-1.fc14 (FEDORA-2011-13400)
Utility for reading and writing image meta info
--------------------------------------------------------------------------------
Update Information:
Updated to 8.65.
For a full list of the changes between 8.65 and the previous production release (8.60), see:
http://owl.phy.queensu.ca/~phil/exiftool/history.html
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 26 2011 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 8.65-1
- update to 8.65
* Thu Jul 21 2011 Petr Sabata <contyk@xxxxxxxxxx> - 8.60-3
- Perl mass rebuild
* Wed Jul 20 2011 Petr Sabata <contyk@xxxxxxxxxx> - 8.60-2
- Perl mass rebuild
--------------------------------------------------------------------------------
================================================================================
postgresql-8.4.9-1.fc14 (FEDORA-2011-13385)
PostgreSQL client programs
--------------------------------------------------------------------------------
Update Information:
Update to PostgreSQL 8.4.9, for various fixes described at
http://www.postgresql.org/docs/8.4/static/release-8-4-9.html
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 26 2011 Tom Lane <tgl@xxxxxxxxxx> 8.4.9-1
- Update to PostgreSQL 8.4.9, for various fixes described at
http://www.postgresql.org/docs/8.4/static/release-8-4-9.html
--------------------------------------------------------------------------------
================================================================================
proftpd-1.3.3f-1.fc14 (FEDORA-2011-13384)
Flexible, stable and highly-configurable FTP server
--------------------------------------------------------------------------------
Update Information:
This update, to the current upstream maintenance release, fixes a number of bugs as described in the changelog.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 27 2011 Paul Howarth <paul@xxxxxxxxxxxx> 1.3.3f-1
- Update to 1.3.3f, fixing a large number of bugs reported upstream:
- Avoid spinning proftpd process if read(2) returns EAGAIN (bug 3639)
- Segfault seen in mod_sql_mysql if "SQLAuthenticate groupsetfast" used
(bug 3642)
- Disable signal handling for exiting session processes (bug 3644)
- TCPAccessSyslogLevel directive broken by Bug#3317 (bug 3652)
- TLSVerifyOrder directive is broken (bug 3658)
- Segmentation fault if there is regex <IfUser> section in a <VirtualHost>
section; this is a regression caused by a bad backport of the fix for
Bug#3625 to the 1.3.3 branch (bug 3659)
- Filenames with embedded IAC do not get processed correctly (bug 3697)
- Drop upstreamed nostrip patch
- Use new --disable-strip option to retain debugging symbols
- Use upstream LDAP quota table schema rather than our own copy
--------------------------------------------------------------------------------
================================================================================
rgmanager-3.1.7-1.fc14 (FEDORA-2011-13396)
Open Source HA Resource Group Failover for Red Hat Cluster
--------------------------------------------------------------------------------
Update Information:
this update addresses a few major issues that can potentially affect stability of the cluster. update is strongly recommended as soon as possible.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 27 2011 Fabio M. Di Nitto <fdinitto@xxxxxxxxxx> - 3.1.7-1
- new upstream release
--------------------------------------------------------------------------------
================================================================================
teeworlds-0.6.1-2.fc14 (FEDORA-2011-13392)
Online multi-player platform 2D shooter
--------------------------------------------------------------------------------
Update Information:
Patch to correct sound loading issue.
New upstream version.
New upstream version.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 27 2011 Jon Ciesla <limb@xxxxxxxxxxxx> - 0.6.1-2
- Fix to extlib patch to correct sound loading issue.
* Mon Aug 22 2011 Jon Ciesla <limb@xxxxxxxxxxxx> - 0.6.1-1
- New upstream release
* Tue Apr 26 2011 Jon Ciesla <limb@xxxxxxxxxxxx> - 0.6.0-1
- New upstream release
* Wed Feb 9 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.5.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #701197 - Teeworlds update
https://bugzilla.redhat.com/show_bug.cgi?id=701197
--------------------------------------------------------------------------------
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
