The following Fedora 14 Security updates need testing:
https://admin.fedoraproject.org/updates/quagga-0.99.19-1.fc14
https://admin.fedoraproject.org/updates/perl-FCGI-0.74-1.fc14
https://admin.fedoraproject.org/updates/drupal6-views_bulk_operations-1.11-1.fc14
https://admin.fedoraproject.org/updates/NetworkManager-0.8.5.92-1.git20110927.fc14
https://admin.fedoraproject.org/updates/bcfg2-1.1.3-1.fc14
https://admin.fedoraproject.org/updates/tomcat6-6.0.26-27.fc14
https://admin.fedoraproject.org/updates/kernel-2.6.35.14-97.fc14
https://admin.fedoraproject.org/updates/puppet-2.6.6-2.fc14
https://admin.fedoraproject.org/updates/cyrus-imapd-2.3.17-1.fc14
https://admin.fedoraproject.org/updates/php-5.3.8-3.fc14
https://admin.fedoraproject.org/updates/thunderbird-3.1.15-1.fc14
https://admin.fedoraproject.org/updates/firefox-3.6.23-1.fc14,xulrunner-1.9.2.23-1.fc14,gnome-web-photo-0.9-24.fc14.1,perl-Gtk2-MozEmbed-0.08-6.fc14.30,gnome-python2-extras-2.25.3-34.fc14.1,galeon-2.0.7-44.fc14.1,mozvoikko-1.0-25.fc14.1
The following Fedora 14 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/livecd-tools-14.5-1.fc14
https://admin.fedoraproject.org/updates/NetworkManager-0.8.5.92-1.git20110927.fc14
https://admin.fedoraproject.org/updates/lldpad-0.9.41-4.fc14
https://admin.fedoraproject.org/updates/ModemManager-0.4.998-1.git20110706.fc14
https://admin.fedoraproject.org/updates/mash-0.5.22-1.fc14
https://admin.fedoraproject.org/updates/policycoreutils-2.0.85-30.3.fc14
https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-8.fc14.2
https://admin.fedoraproject.org/updates/xorg-x11-drv-qxl-0.0.21-3.fc14
https://admin.fedoraproject.org/updates/xorg-x11-drv-nouveau-0.0.16-14.20101010git8c8f15c.fc14
https://admin.fedoraproject.org/updates/libconcord-0.23-5.fc14,udev-161-9.fc14,concordance-0.23-2.fc14
The following builds have been pushed to Fedora 14 updates-testing
ghc-attoparsec-enumerator-0.2.0.4-2.fc14
livecd-tools-14.5-1.fc14
mc-4.7.5.5-1.fc14
puppet-2.6.6-2.fc14
quagga-0.99.19-1.fc14
shorewall-4.4.23.3-1.fc14
xscreensaver-5.15-1.fc14
Details about builds:
================================================================================
ghc-attoparsec-enumerator-0.2.0.4-2.fc14 (FEDORA-2011-13502)
Haskell attoparsec to iteree library
--------------------------------------------------------------------------------
Update Information:
Haskell attoparsec to iteree library
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #740283 - Review Request: ghc-attoparsec-enumerator - Haskell attoparsec to enumerator library
https://bugzilla.redhat.com/show_bug.cgi?id=740283
--------------------------------------------------------------------------------
================================================================================
livecd-tools-14.5-1.fc14 (FEDORA-2011-13515)
Tools for building live CDs
--------------------------------------------------------------------------------
Update Information:
Add the rest of the patches needed to get EFI USB stick creation working.
Make sure F14 can make USB EFI sticks with F16 DVD iso
- Ensure previous filesystems are wiped when formatting (#712553) (bcl)
- Use copyFile on the iso (bcl)
- Use rsync to copy if available (bcl)
- Turn on the legacy_boot flag for EFI (#680563) (bcl)
- Add initial support for ARM architectures (martin.langhoff)
- gptmbr can be written directly to the mbr (bcl)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 29 2011 Brian C. Lane <bcl@xxxxxxxxxx> - 14.5-1
- Version 14.5 (bcl)
- Images go into $SYSLINUXPATH (bcl)
- Add extracting BOOTX64.efi from iso (#688258) (bcl)
- Add repo to DVD EFI install config file (#688258) (bcl)
- Add EFI support to netboot (#688258) (bcl)
* Tue Sep 27 2011 Brian C. Lane <bcl@xxxxxxxxxx> - 14.4-1
- Version 14.4 (bcl)
- Support /EFI/BOOT or /EFI/boot (#688258) (bcl)
* Tue Aug 30 2011 Brian C. Lane <bcl@xxxxxxxxxx> - 14.3-1
- Version 14.3 (bcl)
- Ensure previous filesystems are wiped when formatting (#712553) (bcl)
- Use copyFile on the iso (bcl)
- Use rsync to copy if available (bcl)
- Add initial support for ARM architectures (martin.langhoff)
- gptmbr can be written directly to the mbr (bcl)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #688258 - Looks for /EFI/boot instead of /EFI/BOOT
https://bugzilla.redhat.com/show_bug.cgi?id=688258
--------------------------------------------------------------------------------
================================================================================
mc-4.7.5.5-1.fc14 (FEDORA-2011-13513)
User-friendly text console file manager and visual shell
--------------------------------------------------------------------------------
Update Information:
update to 4.7.5.5
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 29 2011 Jindrich Novy <jnovy@xxxxxxxxxx> 4.7.5.5-1
- update to 4.7.5.5
* Thu Sep 15 2011 Jindrich Novy <jnovy@xxxxxxxxxx> 4.7.5.4-1
- update to 4.7.5.4
--------------------------------------------------------------------------------
================================================================================
puppet-2.6.6-2.fc14 (FEDORA-2011-13501)
A network tool for managing many disparate systems
--------------------------------------------------------------------------------
Update Information:
A vulnerability was discovered in puppet that would allow an attacker to install a valid X509 Certificate Signing Request at any location on disk, with the privileges of the Puppet Master application. For Fedora and EPEL, this is the puppet user.
Further details can be found in the upstream announcement:
http://groups.google.com/group/puppet-users/browse_thread/thread/e57ce2740feb9406
Unless you enable puppet's listen mode on clients, only the puppet master is vulnerable to this issue.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 27 2011 Todd Zullinger <tmz@xxxxxxxxx> - 2.6.6-2
- Apply upstream patch for CVE-2011-3848
--------------------------------------------------------------------------------
================================================================================
quagga-0.99.19-1.fc14 (FEDORA-2011-13499)
Routing daemon
--------------------------------------------------------------------------------
Update Information:
fixes CVE-2011-332{3..7}
update to latest upstream 0.99.19
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 29 2011 Jiri Skala <jskala@xxxxxxxxxx> - 0.99.19-1
- fixes #741343 - CVE-2011-3323 CVE-2011-3324 CVE-2011-3325 CVE-2011-3326 CVE-2011-3327
- fixes #741580 - updated to latest upstream version 0.99.19
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #738393 - CVE-2011-3323 Quagga (ospf6d): Stack-based buffer overflow while decoding Link State Update packet with malformed Inter Area Prefix LSA
https://bugzilla.redhat.com/show_bug.cgi?id=738393
[ 2 ] Bug #738394 - CVE-2011-3324 Quagga (ospf6d): Denial of service by decoding malformed Database Description packet headers
https://bugzilla.redhat.com/show_bug.cgi?id=738394
[ 3 ] Bug #738396 - CVE-2011-3325 Quagga (ospfd): Denial of service by decoding too short Hello packet or Hello packet with invalid OSPFv2 header type
https://bugzilla.redhat.com/show_bug.cgi?id=738396
[ 4 ] Bug #738398 - CVE-2011-3326 Quagga (ospfd): Denial of service by decoding Link State Update LSAs of unknown type
https://bugzilla.redhat.com/show_bug.cgi?id=738398
[ 5 ] Bug #738400 - CVE-2011-3327 Quagga (bgpd): Heap-based buffer overflow by decoding BGP UPDATE message with unknown AS_PATH attributes
https://bugzilla.redhat.com/show_bug.cgi?id=738400
--------------------------------------------------------------------------------
================================================================================
shorewall-4.4.23.3-1.fc14 (FEDORA-2011-13507)
An iptables front end for firewall configuration
--------------------------------------------------------------------------------
Update Information:
Update to 4.4.23.3. Release notes:
http://www1.shorewall.net/pub/shorewall/4.4/shorewall-4.4.23/releasenotes.txt
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
xscreensaver-5.15-1.fc14 (FEDORA-2011-13516)
X screen saver and locker
--------------------------------------------------------------------------------
Update Information:
New version 5.15 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 30 2011 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxx> - 1:5.15-1
- Update to 5.15
--------------------------------------------------------------------------------
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
