Fedora 15 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 15 Security updates need testing:

    https://admin.fedoraproject.org/updates/FEDORA-2011-13785
    https://admin.fedoraproject.org/updates/FEDORA-2011-13456
    https://admin.fedoraproject.org/updates/FEDORA-2011-13504
    https://admin.fedoraproject.org/updates/FEDORA-2011-13214
    https://admin.fedoraproject.org/updates/FEDORA-2011-13446
    https://admin.fedoraproject.org/updates/FEDORA-2011-12981
    https://admin.fedoraproject.org/updates/FEDORA-2011-13801
    https://admin.fedoraproject.org/updates/FEDORA-2011-13636
    https://admin.fedoraproject.org/updates/FEDORA-2011-13861
    https://admin.fedoraproject.org/updates/FEDORA-2011-13862
    https://admin.fedoraproject.org/updates/FEDORA-2011-13860


The following Fedora 15 Critical Path updates have yet to be approved:

    https://admin.fedoraproject.org/updates/FEDORA-2011-13861
    https://admin.fedoraproject.org/updates/FEDORA-2011-13859
    https://admin.fedoraproject.org/updates/FEDORA-2011-13785
    https://admin.fedoraproject.org/updates/FEDORA-2011-13512
    https://admin.fedoraproject.org/updates/FEDORA-2011-13454
    https://admin.fedoraproject.org/updates/FEDORA-2011-13399
    https://admin.fedoraproject.org/updates/FEDORA-2011-13246
    https://admin.fedoraproject.org/updates/FEDORA-2011-13227
    https://admin.fedoraproject.org/updates/FEDORA-2011-13073
    https://admin.fedoraproject.org/updates/FEDORA-2011-12797
    https://admin.fedoraproject.org/updates/FEDORA-2011-12720
    https://admin.fedoraproject.org/updates/FEDORA-2011-12576
    https://admin.fedoraproject.org/updates/FEDORA-2011-12372
    https://admin.fedoraproject.org/updates/FEDORA-2011-11955
    https://admin.fedoraproject.org/updates/FEDORA-2011-9651
    https://admin.fedoraproject.org/updates/FEDORA-2011-9592
    https://admin.fedoraproject.org/updates/FEDORA-2011-8822
    https://admin.fedoraproject.org/updates/FEDORA-2011-6791
    https://admin.fedoraproject.org/updates/FEDORA-2011-5583


The following builds have been pushed to Fedora 15 updates-testing

    clusterPy-0.9.9-3.fc15
    cyrus-imapd-2.4.12-1.fc15
    hwloc-1.2.2-0.fc15
    mozilla-adblockplus-1.3.10-1.fc15
    nagios-plugins-check-updates-1.5.0-1.fc15
    openswan-2.6.36-1.fc15
    pem-0.7.9-1.fc15
    perl-5.12.4-162.fc15
    perl-MooseX-Types-Structured-0.28-1.fc15
    perl-Sys-CPU-0.51-7.fc15
    postgis-1.5.3-1.fc15
    strigi-0.7.6-1.fc15
    sugar-clock-7-1.fc15
    sugar-moon-13-1.fc15
    xnoise-0.1.29-1.fc15
    xorg-x11-drv-ati-6.14.2-1.20110921gitd78860ba5.fc15
    zabbix-1.8.8-1.fc15

Details about builds:


================================================================================
 clusterPy-0.9.9-3.fc15 (FEDORA-2011-13873)
 Library of spatially constrained clustering algorithms
--------------------------------------------------------------------------------
Update Information:

ClusterPy is a library of spatial clustering algorithms.

It works on raster and vector data.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #710648 - Review Request: clusterPy - Custom analytical geographic regionalization
        https://bugzilla.redhat.com/show_bug.cgi?id=710648
--------------------------------------------------------------------------------


================================================================================
 cyrus-imapd-2.4.12-1.fc15 (FEDORA-2011-13860)
 A high-performance mail server with IMAP, POP3, NNTP and SIEVE support
--------------------------------------------------------------------------------
Update Information:

- security fix:
* fixes incomplete authentication checks in nntpd (Secunia SA46093)
- other fixed bugs:
* delayed delete can fail because of invalid names	 
* cyradm cannot wildcard delete ACLs from a mailbox	 
* Wrong ENABLE result (doubled names)	 
* mbpath output changed from 2.3 to 2.4 for remote mailboxes	 
* xfer fails on unlimited quota (-1)	 

CVE-2011-3208 cyrus-imapd: nntpd buffer overflow in split_wildmats()

Bugs Fixed:

3495	P1	enhancement	2.4.10	Cyrus IMAP	Improved duplicate suppression	 
3498	P1	bug	2.4.10	Cyrus IMAP	quota command deletes users quota files	 
2772	P2	bug	2.4.x (next)	Cyrus IMAP	cmd_thread cores with bogus ids in references header	 
3300	P3	bug	2.4.2	Cyrus IMAP	SOL_TCP is not defined on NetBSD	 
3439	P3	bug	2.3.16	Cyrus IMAP	formatting issue on logging (or memory corruption ?)	 
3454	P3	bug	2.4.8	Cyrus IMAP	ID with unquoted id_param_list keys not accepted	 
3463	P3	bug	2.4.x (next)	Cyrus IMAP	Certain mails will crash imapd if using server side threading	 
3489	P3	bug	2.4.10	Cyrus IMAP	2.4.10 and quota problem	 
3491	P3	enhancement	2.4.10	Cyrus IMAP	UNAUTHENTICATE and NOOP in timsieved	 
3492	P3	bug	2.4.10	Cyrus IMAP	Add response codes to timsieved	 
3497	P3	bug	2.4.10	Cyrus IMAP	In master/master.c:add_service the variable "cmd" is set to NULL before syslogging	 
3503	P3	bug	2.4.10	Cyrus IMAP	DragonFly BSD also require PIC objects for perl	 
3505	P3	bug	2.4.x (next)	Cyrus IMAP	sync_reset is broken	 
3506	P3	bug	2.4.x (next)	Cyrus IMAP	dlist.c uses synchronizing IMAP LITERALS without backchannel.	 
3507	P3	bug	2.4.x (next)	Cyrus IMAP	Replication reconciliation fails in default/immediate expunge mode	 
3526	P3	bug	2.4.10	Cyrus IMAP	AFS ptloader reinitialization uses local cell instead of afspts_mycell config option	 
3532	P3	enhancement	2.5.x (next)	Cyrus IMAP	Fix file descriptor cleanup	 
3279	P5	bug	2.4.2	Cyrus IMAP	sync_client crashes with empty mech_list before TLS starts	 
3451	P5	enhancement	2.4.8	Cyrus IMAP	config2header assume CC has no spaces
- rebuild to match db library update
- do not conflict with db4-utils
- rebuild to match db library update
CVE-2011-3208 cyrus-imapd: nntpd buffer overflow in split_wildmats()

Bugs Fixed:

3495	P1	enhancement	2.4.10	Cyrus IMAP	Improved duplicate suppression	 
3498	P1	bug	2.4.10	Cyrus IMAP	quota command deletes users quota files	 
2772	P2	bug	2.4.x (next)	Cyrus IMAP	cmd_thread cores with bogus ids in references header	 
3300	P3	bug	2.4.2	Cyrus IMAP	SOL_TCP is not defined on NetBSD	 
3439	P3	bug	2.3.16	Cyrus IMAP	formatting issue on logging (or memory corruption ?)	 
3454	P3	bug	2.4.8	Cyrus IMAP	ID with unquoted id_param_list keys not accepted	 
3463	P3	bug	2.4.x (next)	Cyrus IMAP	Certain mails will crash imapd if using server side threading	 
3489	P3	bug	2.4.10	Cyrus IMAP	2.4.10 and quota problem	 
3491	P3	enhancement	2.4.10	Cyrus IMAP	UNAUTHENTICATE and NOOP in timsieved	 
3492	P3	bug	2.4.10	Cyrus IMAP	Add response codes to timsieved	 
3497	P3	bug	2.4.10	Cyrus IMAP	In master/master.c:add_service the variable "cmd" is set to NULL before syslogging	 
3503	P3	bug	2.4.10	Cyrus IMAP	DragonFly BSD also require PIC objects for perl	 
3505	P3	bug	2.4.x (next)	Cyrus IMAP	sync_reset is broken	 
3506	P3	bug	2.4.x (next)	Cyrus IMAP	dlist.c uses synchronizing IMAP LITERALS without backchannel.	 
3507	P3	bug	2.4.x (next)	Cyrus IMAP	Replication reconciliation fails in default/immediate expunge mode	 
3526	P3	bug	2.4.10	Cyrus IMAP	AFS ptloader reinitialization uses local cell instead of afspts_mycell config option	 
3532	P3	enhancement	2.5.x (next)	Cyrus IMAP	Fix file descriptor cleanup	 
3279	P5	bug	2.4.2	Cyrus IMAP	sync_client crashes with empty mech_list before TLS starts	 
3451	P5	enhancement	2.4.8	Cyrus IMAP	config2header assume CC has no spaces
- rebuild to match db library update
- do not conflict with db4-utils
- rebuild to match db library update
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct  5 2011 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 2.4.12-1
- cyrus-imapd updated to 2.4.12
- fixes incomplete authentication checks in nntpd (Secunia SA46093)
* Fri Sep  9 2011 Jeroen van Meeuwen <vanmeeuwen@xxxxxxxxxxxx> - 2.4.11-1
- Updated to 2.4.11
- Fix CVE-2011-3208 (#734926, #736838)
* Thu Aug 25 2011 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 2.4.10-3
- do not conflict with db4-utils
* Mon Aug 15 2011 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 2.4.10-2
- rebuild with db5
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #736838 - CVE-2011-3208 cyrus-imapd: nntpd buffer overflow in split_wildmats() [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=736838
  [ 2 ] Bug #729767 - imaps[9563]: unable to open Berkeley db /etc/sasldb2: Invalid argument after fixing sendmail from bug 712943
        https://bugzilla.redhat.com/show_bug.cgi?id=729767
--------------------------------------------------------------------------------


================================================================================
 hwloc-1.2.2-0.fc15 (FEDORA-2011-13875)
 Portable Hardware Locality - portable abstraction of hierarchical architectures
--------------------------------------------------------------------------------
Update Information:

Update to version 1.2.2
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct  5 2011 Jirka Hladky <hladky.jiri@xxxxxxxxx> - 1.2.2
- 1.2.2 release
- Fix for BZ https://bugzilla.redhat.com/show_bug.cgi?id=724937 for 32-bit PPC
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #724937 - hwloc-1.2-0.fc16 fails xmlbuffer self check on PPC,  but passes on PPC64
        https://bugzilla.redhat.com/show_bug.cgi?id=724937
--------------------------------------------------------------------------------


================================================================================
 mozilla-adblockplus-1.3.10-1.fc15 (FEDORA-2011-13872)
 Adblocking extension for Mozilla Firefox
--------------------------------------------------------------------------------
Update Information:

This update adds compatibility for Firefox 7.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct  5 2011 Christoph Wickert <cwickert@xxxxxxxxxxxxxxxxx> - 1.3.10-1
- Update to 1.3.9 for FF7
* Thu Aug 18 2011 Christoph Wickert <cwickert@xxxxxxxxxxxxxxxxx> - 1.3.9-1
- Update to 1.3.9 for FF6
--------------------------------------------------------------------------------


================================================================================
 nagios-plugins-check-updates-1.5.0-1.fc15 (FEDORA-2011-13870)
 A Nagios plugin to check if Red Hat or Fedora system is up-to-date
--------------------------------------------------------------------------------
Update Information:

Update to 1.5.0.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Oct  4 2011 Jose Pedro Oliveira <jpo at di.uminho.pt> - 1.5.0-1
- Update to 1.5.0.
* Wed May 25 2011 Jose Pedro Oliveira <jpo at di.uminho.pt> - 1.4.14-1
- Update to 1.4.14.
* Tue May 24 2011 Jose Pedro Oliveira <jpo at di.uminho.pt> - 1.4.13-1
- Update to 1.4.13.
- Fixes a build problem in EPEL5 (test script failure).
* Tue May 24 2011 Jose Pedro Oliveira <jpo at di.uminho.pt> - 1.4.12-1
- Update to 1.4.12.
- Upstream added a test suite.
--------------------------------------------------------------------------------


================================================================================
 openswan-2.6.36-1.fc15 (FEDORA-2011-13862)
 IPSEC implementation with IKEv1 and IKEv2 keying protocols
--------------------------------------------------------------------------------
Update Information:

Fixes for cve-2011-3380
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct  5 2011 Avesh Agarwal <avagarwa@xxxxxxxxxx> - 2.6.36-1
- new upstream release
- fixes for cve-2011-3380
--------------------------------------------------------------------------------


================================================================================
 pem-0.7.9-1.fc15 (FEDORA-2011-13863)
 Personal Expenses Manager
--------------------------------------------------------------------------------
Update Information:

Built a new update - 0.7.9.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Sep 17 2011 P J P <pj.pandit@xxxxxxxxxxx> - 0.7.9-1
- New option -b --bare to generate a daily report formatted for small(40x15)
  screen of NanoNote - http://en.qi-hardware.com/wiki/Ben_NanoNote.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #730944 - pem-0.7.9 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=730944
--------------------------------------------------------------------------------


================================================================================
 perl-5.12.4-162.fc15 (FEDORA-2011-13861)
 Practical Extraction and Report Language
--------------------------------------------------------------------------------
Update Information:

This update fixes security bug in Digest object constructor (CVE-2011-3597) and in decoding Unicode string by interpreter (CVE-2011-2939).
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct  5 2011 Petr Pisar <ppisar@xxxxxxxxxx> - 4:5.12.4-161
- Fix CVE-2011-3597 (code injection in Digest) (bug #743010)
- Fix CVE-2011-2939 (heap overflow while decoding Unicode string) (bug #731246)
* Sun Aug 14 2011 Iain Arnell <iarnell@xxxxxxxxx> 4:5.12.4-161
- perl needs to own vendorarch/auto directory
- fix version number in last two changelog entries
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #743010 - CVE-2011-3597 perl: code injection vulnerability in Digest->new()
        https://bugzilla.redhat.com/show_bug.cgi?id=743010
  [ 2 ] Bug #731246 - CVE-2011-2939 Perl 5.{10,12,14} heap overflow while decoding Unicode string
        https://bugzilla.redhat.com/show_bug.cgi?id=731246
--------------------------------------------------------------------------------


================================================================================
 perl-MooseX-Types-Structured-0.28-1.fc15 (FEDORA-2011-13857)
 Structured Type Constraints for Moose
--------------------------------------------------------------------------------
Update Information:

This update fixes a regression where mixed type constraints (MX:Types style and 'classic' Stringy style) used in a single structured type doesn't work.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct  5 2011 Iain Arnell <iarnell@xxxxxxxxx> 0.28-1
- update to latest upstream version
* Wed Jul 20 2011 Petr Sabata <contyk@xxxxxxxxxx> - 0.27-2
- Perl mass rebuild
* Wed May  4 2011 Iain Arnell <iarnell@xxxxxxxxx> 0.27-1
- update to latest upstream version
--------------------------------------------------------------------------------


================================================================================
 perl-Sys-CPU-0.51-7.fc15 (FEDORA-2011-13871)
 Getting CPU information
--------------------------------------------------------------------------------
Update Information:

Updated .spec file to use %{perl_vendorarch}/auto
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct  5 2011 Shakthi Kannan <shakthimaan@xxxxxxxxxxxxxxxxx> - 0.51-7
- Used perl_vendorarch/auto, perl_vendorarch/Sys in files section.
* Fri Jun 17 2011 Marcela Mašláňová <mmaslano@xxxxxxxxxx> - 0.51-6
- Perl mass rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #743015 - perl-Sys-CPU should not own /usr/lib*/perl5/auto
        https://bugzilla.redhat.com/show_bug.cgi?id=743015
--------------------------------------------------------------------------------


================================================================================
 postgis-1.5.3-1.fc15 (FEDORA-2011-13866)
 Geographic Information Systems Extensions to PostgreSQL
--------------------------------------------------------------------------------
Update Information:

Update to 1.5.3, per changes described at:

http://postgis.org/news/20110625/
--------------------------------------------------------------------------------
ChangeLog:

* Tue Oct  4 2011 Devrim GÜNDÜZ <devrim@xxxxxxxxxx> - 1.5.3-1
- Update to 1.5.3
* Tue Apr 19 2011 Devrim GÜNDÜZ <devrim@xxxxxxxxxx> - 1.5.2-1
- Update to 1.5.2
--------------------------------------------------------------------------------


================================================================================
 strigi-0.7.6-1.fc15 (FEDORA-2011-13868)
 A desktop search program
--------------------------------------------------------------------------------
Update Information:

Bugfix release, recommended per http://trueg.wordpress.com/2011/09/22/about-strigi-soprano-virtuoso-clucene-and-libstreamanalyzer/
--------------------------------------------------------------------------------
ChangeLog:

* Tue Oct  4 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.7.6-1
- 0.7.6
- BR: boost-devel
- pkgconfig-style deps
* Tue Aug 16 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.7.5-5
- libstreams rpm analyzer fixed upstream
--------------------------------------------------------------------------------


================================================================================
 sugar-clock-7-1.fc15 (FEDORA-2011-13858)
 Clock activity for Sugar
--------------------------------------------------------------------------------
Update Information:

Activity updates
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct  5 2011 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - 7-1
- Release 7
--------------------------------------------------------------------------------


================================================================================
 sugar-moon-13-1.fc15 (FEDORA-2011-13858)
 Moon phases activity for sugar
--------------------------------------------------------------------------------
Update Information:

Activity updates
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct  5 2011 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - 12-1
- Release 12
--------------------------------------------------------------------------------


================================================================================
 xnoise-0.1.29-1.fc15 (FEDORA-2011-13865)
 Tracklist-centric Media Player
--------------------------------------------------------------------------------
Update Information:

* redo import and use of streams 
* add mpris v1 plugin 
* update translations for german, hebrew, italian, polish, 
  portugese, russian 
* use a recent vala version 
* bug fixes 
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct  5 2011 Michel Salim <salimma@xxxxxxxxxxxxxxxxx> - 0.1.29-1
- Update to 0.1.29
* Wed Sep 21 2011 Michel Salim <salimma@xxxxxxxxxxxxxxxxx> - 0.1.28-1
- Update to 0.1.28
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #739374 - xnoise-0.1.29 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=739374
--------------------------------------------------------------------------------


================================================================================
 xorg-x11-drv-ati-6.14.2-1.20110921gitd78860ba5.fc15 (FEDORA-2011-13859)
 Xorg X11 ati video driver
--------------------------------------------------------------------------------
Update Information:

Adds support for newer chipsets.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Sep 21 2011 Dave Airlie <airlied@xxxxxxxxxx> 6.14.2-1.20110921gitd78860ba5
- Latest upstream sources for llano/ni support
--------------------------------------------------------------------------------


================================================================================
 zabbix-1.8.8-1.fc15 (FEDORA-2011-13876)
 Open-source monitoring solution for your IT infrastructure
--------------------------------------------------------------------------------
Update Information:

- update to 1.8.8
- upstream changelog at http://www.zabbix.com/rn1.8.8.php


--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct  5 2011 Dan Horák <dan[at]danny.cz> - 1.8.8-1
- Update for 1.8.8
- Drop the ZBX-4099 patch, that's now obsolete
- Remove two further htaccess files and put the configuration in
  the main configuration file
- thanks to Volker Fröhlich for the changes above
- move zabbix_get to the server and proxy subpackages (#734512)
- remove prebuilt Windows binaries (#737341)
- remove flash clock applet (#737337)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #734512 - Package zabbix_get with servers and proxies instead of with agents
        https://bugzilla.redhat.com/show_bug.cgi?id=734512
  [ 2 ] Bug #737341 - Delete pre-built binaries
        https://bugzilla.redhat.com/show_bug.cgi?id=737341
  [ 3 ] Bug #737337 - Flash clock
        https://bugzilla.redhat.com/show_bug.cgi?id=737337
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe: 
https://admin.fedoraproject.org/mailman/listinfo/test



[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux