Fedora 14 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 14 Security updates need testing:

    https://admin.fedoraproject.org/updates/FEDORA-2011-13795
    https://admin.fedoraproject.org/updates/FEDORA-2011-13499
    https://admin.fedoraproject.org/updates/FEDORA-2011-13401
    https://admin.fedoraproject.org/updates/FEDORA-2011-13181
    https://admin.fedoraproject.org/updates/FEDORA-2011-13457
    https://admin.fedoraproject.org/updates/FEDORA-2011-12874
    https://admin.fedoraproject.org/updates/FEDORA-2011-13458
    https://admin.fedoraproject.org/updates/FEDORA-2011-13633
    https://admin.fedoraproject.org/updates/FEDORA-2011-13450
    https://admin.fedoraproject.org/updates/FEDORA-2011-13805
    https://admin.fedoraproject.org/updates/FEDORA-2011-13869
    https://admin.fedoraproject.org/updates/FEDORA-2011-13864
    https://admin.fedoraproject.org/updates/FEDORA-2011-13874


The following Fedora 14 Critical Path updates have yet to be approved:

    https://admin.fedoraproject.org/updates/FEDORA-2011-13874
    https://admin.fedoraproject.org/updates/FEDORA-2011-13795
    https://admin.fedoraproject.org/updates/FEDORA-2011-13515
    https://admin.fedoraproject.org/updates/FEDORA-2011-13401
    https://admin.fedoraproject.org/updates/FEDORA-2011-12717
    https://admin.fedoraproject.org/updates/FEDORA-2011-9266
    https://admin.fedoraproject.org/updates/FEDORA-2011-8835
    https://admin.fedoraproject.org/updates/FEDORA-2011-8401
    https://admin.fedoraproject.org/updates/FEDORA-2011-8116
    https://admin.fedoraproject.org/updates/FEDORA-2011-5868
    https://admin.fedoraproject.org/updates/FEDORA-2011-5174
    https://admin.fedoraproject.org/updates/FEDORA-2011-3923


The following builds have been pushed to Fedora 14 updates-testing

    cyrus-imapd-2.3.18-1.fc14
    openswan-2.6.33-2.fc14
    perl-5.12.4-147.fc14
    perl-MooseX-Types-Structured-0.28-1.fc14
    postgis-1.5.3-1.fc14
    zabbix-1.8.8-1.fc14

Details about builds:


================================================================================
 cyrus-imapd-2.3.18-1.fc14 (FEDORA-2011-13869)
 A high-performance mail server with IMAP, POP3, NNTP and SIEVE support
--------------------------------------------------------------------------------
Update Information:

- cyrus-imapd updated to 2.3.18
- fixes incomplete authentication checks in nntpd (Secunia SA46093)
- fix CVE-2011-3208: a remotely exploitable buffer overflow in nntpd
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct  5 2011 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 2.3.18-1
- cyrus-imapd updated to 2.3.18
- fixes incomplete authentication checks in nntpd (Secunia SA46093)
* Mon Sep 19 2011 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 2.3.17-1
- updated to 2.3.17
--------------------------------------------------------------------------------


================================================================================
 openswan-2.6.33-2.fc14 (FEDORA-2011-13864)
 IPSEC implementation with IKEv1 and IKEv2 keying protocols
--------------------------------------------------------------------------------
Update Information:

Fixes for cve-2011-3380.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct  5 2011 Avesh Agarwal <avagarwa@xxxxxxxxxx> - 2.6.33-2
- Fixes for cve-2011-3380
--------------------------------------------------------------------------------


================================================================================
 perl-5.12.4-147.fc14 (FEDORA-2011-13874)
 Practical Extraction and Report Language
--------------------------------------------------------------------------------
Update Information:

This update fixes security bug in Digest object constructor (CVE-2011-3597) and in decoding Unicode string by interpreter (CVE-2011-2939).
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct  5 2011 Petr Pisar <ppisar@xxxxxxxxxx> - 4:5.12.4-147
- Fix CVE-2011-3597 (code injection in Digest) (bug #743010)
- Fix CVE-2011-2939 (heap overflow while decoding Unicode string) (bug #731246)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #743010 - CVE-2011-3597 perl: code injection vulnerability in Digest->new()
        https://bugzilla.redhat.com/show_bug.cgi?id=743010
  [ 2 ] Bug #731246 - CVE-2011-2939 Perl 5.{10,12,14} heap overflow while decoding Unicode string
        https://bugzilla.redhat.com/show_bug.cgi?id=731246
--------------------------------------------------------------------------------


================================================================================
 perl-MooseX-Types-Structured-0.28-1.fc14 (FEDORA-2011-13856)
 Structured Type Constraints for Moose
--------------------------------------------------------------------------------
Update Information:

This update fixes a regression where mixed type constraints (MX:Types style and 'classic' Stringy style) used in a single structured type doesn't work.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct  5 2011 Iain Arnell <iarnell@xxxxxxxxx> 0.28-1
- update to latest upstream version
* Wed Jul 20 2011 Petr Sabata <contyk@xxxxxxxxxx> - 0.27-2
- Perl mass rebuild
* Wed May  4 2011 Iain Arnell <iarnell@xxxxxxxxx> 0.27-1
- update to latest upstream version
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.26-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Sun Jan 16 2011 Iain Arnell <iarnell@xxxxxxxxx> 0.26-2
- additional provides for packages hidden from PAUSE
* Sun Jan 16 2011 Iain Arnell <iarnell@xxxxxxxxx> 0.26-1
- update to latest upstream version
--------------------------------------------------------------------------------


================================================================================
 postgis-1.5.3-1.fc14 (FEDORA-2011-13855)
 Geographic Information Systems Extensions to PostgreSQL
--------------------------------------------------------------------------------
Update Information:

Update to 1.5.3, per changes described at:

http://postgis.org/news/20110625/
--------------------------------------------------------------------------------
ChangeLog:

* Tue Oct  4 2011 Devrim GÜNDÜZ <devrim@xxxxxxxxxx> - 1.5.3-1
- Update to 1.5.3
--------------------------------------------------------------------------------


================================================================================
 zabbix-1.8.8-1.fc14 (FEDORA-2011-13867)
 Open-source monitoring solution for your IT infrastructure
--------------------------------------------------------------------------------
Update Information:

- update to 1.8.8
- upstream changelog at http://www.zabbix.com/rn1.8.8.php


--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct  5 2011 Dan Horák <dan[at]danny.cz> - 1.8.8-1
- Update for 1.8.8
- Drop the ZBX-4099 patch, that's now obsolete
- Remove two further htaccess files and put the configuration in
  the main configuration file
- thanks to Volker Fröhlich for the changes above
- move zabbix_get to the server and proxy subpackages (#734512)
- remove prebuilt Windows binaries (#737341)
- remove flash clock applet (#737337)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #734512 - Package zabbix_get with servers and proxies instead of with agents
        https://bugzilla.redhat.com/show_bug.cgi?id=734512
  [ 2 ] Bug #737341 - Delete pre-built binaries
        https://bugzilla.redhat.com/show_bug.cgi?id=737341
  [ 3 ] Bug #737337 - Flash clock
        https://bugzilla.redhat.com/show_bug.cgi?id=737337
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe: 
https://admin.fedoraproject.org/mailman/listinfo/test



[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux