The following Fedora 15 Security updates need testing:
https://admin.fedoraproject.org/updates/FEDORA-2011-14216
https://admin.fedoraproject.org/updates/FEDORA-2011-13456
https://admin.fedoraproject.org/updates/FEDORA-2011-13504
https://admin.fedoraproject.org/updates/FEDORA-2011-14199
https://admin.fedoraproject.org/updates/FEDORA-2011-14201
https://admin.fedoraproject.org/updates/FEDORA-2011-13999
https://admin.fedoraproject.org/updates/FEDORA-2011-12981
https://admin.fedoraproject.org/updates/FEDORA-2011-13636
https://admin.fedoraproject.org/updates/FEDORA-2011-13861
https://admin.fedoraproject.org/updates/FEDORA-2011-13929
https://admin.fedoraproject.org/updates/FEDORA-2011-14308
https://admin.fedoraproject.org/updates/FEDORA-2011-14036
https://admin.fedoraproject.org/updates/FEDORA-2011-14022
https://admin.fedoraproject.org/updates/FEDORA-2011-14210
The following Fedora 15 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/FEDORA-2011-14309
https://admin.fedoraproject.org/updates/FEDORA-2011-14192
https://admin.fedoraproject.org/updates/FEDORA-2011-14143
https://admin.fedoraproject.org/updates/FEDORA-2011-14140
https://admin.fedoraproject.org/updates/FEDORA-2011-13937
https://admin.fedoraproject.org/updates/FEDORA-2011-13859
https://admin.fedoraproject.org/updates/FEDORA-2011-13512
https://admin.fedoraproject.org/updates/FEDORA-2011-13399
https://admin.fedoraproject.org/updates/FEDORA-2011-13246
https://admin.fedoraproject.org/updates/FEDORA-2011-13073
https://admin.fedoraproject.org/updates/FEDORA-2011-12797
https://admin.fedoraproject.org/updates/FEDORA-2011-12720
https://admin.fedoraproject.org/updates/FEDORA-2011-12576
https://admin.fedoraproject.org/updates/FEDORA-2011-12372
https://admin.fedoraproject.org/updates/FEDORA-2011-11955
https://admin.fedoraproject.org/updates/FEDORA-2011-9651
https://admin.fedoraproject.org/updates/FEDORA-2011-8822
https://admin.fedoraproject.org/updates/FEDORA-2011-6791
https://admin.fedoraproject.org/updates/FEDORA-2011-5583
The following builds have been pushed to Fedora 15 updates-testing
abrt-2.0.3-6.fc15
asterisk-sounds-core-1.4.22-1.fc15
esteid-browser-plugin-1.3.1-1.fc15
ghc-colour-2.3.1-11.fc15
hplip-3.11.10-3.fc15
initscripts-9.30.1-1.fc15
jemalloc-2.2.3-1.fc15
kpackagekit-0.6.3.3-4.fc15
krb5-1.9.1-13.fc15
matahari-0.4.7-0.2.94a4de1.git.fc15
openscap-0.8.0-1.fc15
perl-Carp-REPL-0.15-2.fc15
perl-Catalyst-Plugin-Session-Store-DBIC-0.12-1.fc15
perl-CatalystX-Profile-0.02-1.fc15
perl-CatalystX-SimpleLogin-0.15-2.fc15
perl-File-Find-Rule-0.33-1.fc15
perl-Moo-0.009011-1.fc15
perl-Number-Compare-0.03-1.fc15
perl-libwww-perl-5.837-4.fc15
qesteidutil-0.3.1-1.fc15
rpmlint-1.3-2.fc15
rrdtool-1.4.4-4.fc15
smartcardpp-0.3.0-1.fc15
Details about builds:
================================================================================
abrt-2.0.3-6.fc15 (FEDORA-2011-14314)
Automatic bug detection and reporting tool
--------------------------------------------------------------------------------
Update Information:
everyone must update
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 13 2011 Nikola Pajkovsky <npajkovs@xxxxxxxxxx> - 2.0.3-6
- 'invalid number '/var/spool/abrt'' when an app crashes on a minimal system
- Resolves: 745286
* Fri Oct 7 2011 Nikola Pajkovsky <npajkovs@xxxxxxxxxx> - 2.0.3-5
- don't file kernel bugs if "tainted: B" is set.
- don't file bugs about BIOS bugs.
- incorrect TAINTED description in bugs.
- Resoves: #718097 #708534 724838
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #745286 - 'invalid number '/var/spool/abrt'' when an app crashes on a minimal system
https://bugzilla.redhat.com/show_bug.cgi?id=745286
--------------------------------------------------------------------------------
================================================================================
asterisk-sounds-core-1.4.22-1.fc15 (FEDORA-2011-14319)
Core sounds for Asterisk
--------------------------------------------------------------------------------
Update Information:
Update the English (American), Spanish, and French sounds.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 12 2011 Jeffrey C. Ollie <jeff@xxxxxxxxxx> - 1.4.22-1
- Update to 1.4.22
- Add some macros to allow different languages to be at different versions
* Tue Jun 28 2011 Jeffrey C. Ollie <jeff@xxxxxxxxxx> - 1.4.21-1
- Add Russian (ru) sounds
--------------------------------------------------------------------------------
================================================================================
esteid-browser-plugin-1.3.1-1.fc15 (FEDORA-2011-14306)
Estonian ID card digital signing browser plugin
--------------------------------------------------------------------------------
Update Information:
This update adds support to ESTEID 2011 smart cards and other misc bug fixes.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 12 2011 Kalev Lember <kalevlember@xxxxxxxxx> - 1.3.1-1
- Update to 1.3.1
--------------------------------------------------------------------------------
================================================================================
ghc-colour-2.3.1-11.fc15 (FEDORA-2011-14320)
A model for human color perception
--------------------------------------------------------------------------------
Update Information:
Fix build without shared libraries.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 13 2011 Jens Petersen <petersen@xxxxxxxxxx> - 2.3.1-11
- move readme and changelog files into devel doc (#744635)
- BR base library
* Sat Jul 9 2011 Ben Boeckel <mathstuf@xxxxxxxxx> - 2.3.1-10
- Update to cabal2spec-0.24
* Fri Jun 24 2011 Jens Petersen <petersen@xxxxxxxxxx> - 2.3.1-9
- BR ghc-Cabal-devel instead of ghc-prof and use ghc_arches (cabal2spec-0.23.2)
* Wed May 11 2011 Ben Boeckel <mathstuf@xxxxxxxxx> - 2.3.1-8
- Update to cabal2spec-0.22.7
* Tue May 10 2011 Ben Boeckel <mathstuf@xxxxxxxxx> - 2.3.1-7
- Update to cabal2spec-0.22.6
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #744635 - without shared builds fail on unpackaged data files
https://bugzilla.redhat.com/show_bug.cgi?id=744635
--------------------------------------------------------------------------------
================================================================================
hplip-3.11.10-3.fc15 (FEDORA-2011-13820)
HP Linux Imaging and Printing Project
--------------------------------------------------------------------------------
Update Information:
New upstream release that fixes several bugs and adds support for new printers.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 12 2011 Tim Waugh <twaugh@xxxxxxxxxx> 3.11.10-3
- Corrected IEEE 1284 Device ID for LaserJet M1522nf MFP (bug #745498).
* Fri Oct 7 2011 Tim Waugh <twaugh@xxxxxxxxxx> 3.11.10-2
- Corrected IEEE 1284 Device IDs:
- LaserJet M1536dnf MFP (bug #743915)
- PSC 1600 series (bug #743821)
* Tue Oct 4 2011 Jiri Popelka <jpopelka@xxxxxxxxxx> 3.11.10-1
- 3.11.10
- Use _cups_serverbin macro from cups-devel for where to put driver executables.
- No need to define BuildRoot and clean it in clean and install section anymore.
- Corrected IEEE 1284 Device IDs:
Officejet 6300 series (bug #689378)
LaserJet Professional M1212nf MFP (bug #742490)
* Fri Sep 23 2011 Tim Waugh <twaugh@xxxxxxxxxx> 3.11.7-5
- Fixed broken patch for pstotiff.
* Tue Sep 6 2011 Jiri Popelka <jpopelka@xxxxxxxxxx> 3.11.7-4
- Fixed xsane crash when doing a multi-image scan (bug #725878)
* Fri Sep 2 2011 Tim Waugh <twaugh@xxxxxxxxxx> 3.11.7-3
- Fixed hpcups crash when required plugin missing (bug #733461).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #742490 - Incorrect IEEE 1284 Device ID, HP LaserJet Professional M1212nf MFP
https://bugzilla.redhat.com/show_bug.cgi?id=742490
[ 2 ] Bug #733461 - [abrt] hpijs-1:3.11.7-2.fc14: __libc_start_main: Process /usr/lib/cups/filter/hpcups was killed by signal 6 (SIGABRT)
https://bugzilla.redhat.com/show_bug.cgi?id=733461
[ 3 ] Bug #725878 - [abrt] xsane-0.998-4.fc15: bb_start_scan: Process /usr/bin/xsane was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=725878
[ 4 ] Bug #689378 - Missing Device ID for HP Officejet 6300 series
https://bugzilla.redhat.com/show_bug.cgi?id=689378
[ 5 ] Bug #743821 - Missing Device ID for HP PSC 1600 series
https://bugzilla.redhat.com/show_bug.cgi?id=743821
[ 6 ] Bug #743915 - Incorrect IEEE 1284 Device ID for HP LaserJet M1536dnf MFP
https://bugzilla.redhat.com/show_bug.cgi?id=743915
[ 7 ] Bug #745498 - Missing Device ID for HP LaserJet M1522nf MFP
https://bugzilla.redhat.com/show_bug.cgi?id=745498
--------------------------------------------------------------------------------
================================================================================
initscripts-9.30.1-1.fc15 (FEDORA-2011-14309)
The inittab file and the /etc/init.d scripts
--------------------------------------------------------------------------------
Update Information:
This update fixes assorted bugs in initscripts. See the referenced bugs for details.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 12 2011 Bill Nottingham <notting@xxxxxxxxxx> - 9.30.1-1
- netconsole: only use the first ARP response (#744309, <doug.knight@xxxxxxxxxx>)
- assorted: plymouth lives in /bin (#702814)
- ifdown-eth: fix dhclient pid file for IPv6 (#729292, <daveg@xxxxxxxxxxxxxx>)
- console_*: add freescale ttymx ports (#728730, <ndevos@xxxxxxxxxx>)
- rwtab: update for systemd (#704783)
- lang.csh/debug.csh: fix character classes
- ifup-aliases: if IPv6 is configured on the alias, configure it. (#583409)
- ifup-eth: ensure DHCP_HOSTNAME is a short hostname, seed it from HOSTNAME if needed. (#697877)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #744309 - netconsole init script crashes if arping receives multiple responses
https://bugzilla.redhat.com/show_bug.cgi?id=744309
--------------------------------------------------------------------------------
================================================================================
jemalloc-2.2.3-1.fc15 (FEDORA-2011-14313)
General-purpose scalable concurrent malloc implementation
--------------------------------------------------------------------------------
Update Information:
New upstream release
>From the upstream release notes:
jemalloc 2.2.3 is now available. This version fixes numerous bugs related to heap profiling.
For the complete ChangeLog, see:
http://www.canonware.com/jemalloc/ChangeLog.html
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 13 2011 Ingvar Hagelund <ingvar@xxxxxxxxxxxxxxxxxx> - 2.2.3-1
- New upstream release, closes #735057
--------------------------------------------------------------------------------
================================================================================
kpackagekit-0.6.3.3-4.fc15 (FEDORA-2011-14304)
KDE interface for PackageKit
--------------------------------------------------------------------------------
Update Information:
sets AUTOREMOVE=OFF build option
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 12 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.6.3.3-4
- -DAUTOREMOVE:BOOL=OFF (#727788)
* Mon Aug 1 2011 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> 0.6.3.3-3
- support the InstallResources interface, in particular for Plasma services
- bump minimum PackageKit version to 0.6.16 to support the above
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #727788 - Error autoremove not available on every uninstall using kpackagekit
https://bugzilla.redhat.com/show_bug.cgi?id=727788
--------------------------------------------------------------------------------
================================================================================
krb5-1.9.1-13.fc15 (FEDORA-2011-12859)
The Kerberos network authentication system
--------------------------------------------------------------------------------
Update Information:
This update primarily rolls up mostly-minor fixes, some of which were backported from upstream to the Fedora 16 branch. The main user-visible change is a fix for cross-realm authentication in the client libraries.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 12 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> 1.9.1-13
- handle a harder-to-trigger assertion failure that starts cropping up when we
exit the transmit loop on time (#739853)
* Tue Sep 6 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> 1.9.1-12
- pull in upstream patch for RT#6952, confusion following referrals for
cross-realm auth (#734341)
- pull in build-time deps for the tests
* Thu Sep 1 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> 1.9.1-11
- switch to the upstream patch for #727829
* Wed Aug 31 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> 1.9.1-10
- handle an assertion failure that starts cropping up when the patch for
using poll (#701446) meets servers that aren't running KDCs or against
which the connection fails for other reasons (#727829, #734172)
* Mon Aug 8 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> 1.9.1-9
- override the default build rules to not delete temporary y.tab.c files,
so that they can be packaged, allowing debuginfo files which point to them
do so usefully (#729044)
* Fri Jul 22 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> 1.9.1-8
- build shared libraries with partial RELRO support (#723995)
- filter out potentially multiple instances of -Wl,-z,relro from krb5-config
output, now that it's in the buildroot's default LDFLAGS
- pull in a patch to fix losing track of the replay cache FD, from SVN by
way of Kevin Coffman
* Wed Jul 20 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> 1.9.1-7
- kadmind.init: drop the attempt to detect no-database-present errors (#723723)
* Tue Jul 19 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> 1.9.1-6
- backport fixes to teach libkrb5 to use descriptors higher than FD_SETSIZE
to talk to a KDC by using poll() if it's detected at compile-time (#701446,
RT#6905)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #723723 - kadmin fails to start when using a custom DAL driver
https://bugzilla.redhat.com/show_bug.cgi?id=723723
[ 2 ] Bug #739853 - [abrt] evolution-3.1.91-2.fc16: __GI_raise, cm_get_ssflags, krb5int_sendto, krb5_sendto_kdc, krb5_tkt_creds_get
https://bugzilla.redhat.com/show_bug.cgi?id=739853
--------------------------------------------------------------------------------
================================================================================
matahari-0.4.7-0.2.94a4de1.git.fc15 (FEDORA-2011-14322)
Matahari QMF Agents for Linux guests
--------------------------------------------------------------------------------
Update Information:
Only depend on dmidecode for archs where dmidecode exists.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #745386 - matahari-host requires dmidecode
https://bugzilla.redhat.com/show_bug.cgi?id=745386
--------------------------------------------------------------------------------
================================================================================
openscap-0.8.0-1.fc15 (FEDORA-2011-14303)
Set of open source libraries enabling integration of the SCAP line of standards
--------------------------------------------------------------------------------
Update Information:
Upgrade to new upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Tue Oct 11 2011 Peter Vrabec <pvrabec@xxxxxxxxxx> 0.8.0-1
- upgrade
--------------------------------------------------------------------------------
================================================================================
perl-Carp-REPL-0.15-2.fc15 (FEDORA-2011-14316)
Read-eval-print-loop on die and/or warn
--------------------------------------------------------------------------------
Update Information:
New package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #742556 - Review Request: perl-Carp-REPL - Read-eval-print-loop on die and/or warn
https://bugzilla.redhat.com/show_bug.cgi?id=742556
--------------------------------------------------------------------------------
================================================================================
perl-Catalyst-Plugin-Session-Store-DBIC-0.12-1.fc15 (FEDORA-2011-14301)
Store your sessions via DBIx::Class
--------------------------------------------------------------------------------
Update Information:
New package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #742555 - Review Request: perl-Catalyst-Plugin-Session-Store-DBIC - Store your sessions via DBIx::Class
https://bugzilla.redhat.com/show_bug.cgi?id=742555
--------------------------------------------------------------------------------
================================================================================
perl-CatalystX-Profile-0.02-1.fc15 (FEDORA-2011-14307)
Profile your Catalyst application with Devel::NYTProf
--------------------------------------------------------------------------------
Update Information:
New package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #742557 - Review Request: perl-CatalystX-Profile - Profile your Catalyst application with Devel::NYTProf
https://bugzilla.redhat.com/show_bug.cgi?id=742557
--------------------------------------------------------------------------------
================================================================================
perl-CatalystX-SimpleLogin-0.15-2.fc15 (FEDORA-2011-14317)
Provide a simple Login controller which can be reused
--------------------------------------------------------------------------------
Update Information:
New package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #742560 - Review Request: perl-CatalystX-SimpleLogin - Provide a simple Login controller which can be reused
https://bugzilla.redhat.com/show_bug.cgi?id=742560
--------------------------------------------------------------------------------
================================================================================
perl-File-Find-Rule-0.33-1.fc15 (FEDORA-2011-14321)
Perl module implementing an alternative interface to File::Find
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 13 2011 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 0.33-1
- Upstream update.
- Modernize spec file.
--------------------------------------------------------------------------------
================================================================================
perl-Moo-0.009011-1.fc15 (FEDORA-2011-14311)
Minimalist Object Orientation (with Moose compatibility)
--------------------------------------------------------------------------------
Update Information:
New package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #744522 - Review Request: perl-Moo - Minimalist Object Orientation (with Moose compatibility)
https://bugzilla.redhat.com/show_bug.cgi?id=744522
--------------------------------------------------------------------------------
================================================================================
perl-Number-Compare-0.03-1.fc15 (FEDORA-2011-14305)
Perl module for numeric comparisons
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 13 2011 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 0.03-1
- Upstream update.
--------------------------------------------------------------------------------
================================================================================
perl-libwww-perl-5.837-4.fc15 (FEDORA-2011-14308)
A Perl interface to the World-Wide Web
--------------------------------------------------------------------------------
Update Information:
Fix CVE-2011-0633 by enabling hostname verification by default. If you insist on no checking (the insecure way), set PERL_LWP_SSL_VERIFY_HOSTNAME=0 environment variable or modify your application to set ssl_opts correctly. See LWP::UserAgent POD for more details.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 13 2011 Petr Pisar <ppisar@xxxxxxxxxx> - 5.837-4
- Fix CVE-2011-0633 by enabling hostname verification by default. If you insist
on no checking (the insecure way), set PERL_LWP_SSL_VERIFY_HOSTNAME=0
environment variable or modify your application to set ssl_opts correctly.
See LWP::UserAgent POD for more details. (bug #705044)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #705044 - CVE-2011-0633 perl-libwww-perl: no hostname check against SSL certificate name by default
https://bugzilla.redhat.com/show_bug.cgi?id=705044
--------------------------------------------------------------------------------
================================================================================
qesteidutil-0.3.1-1.fc15 (FEDORA-2011-14306)
Estonian ID card utility
--------------------------------------------------------------------------------
Update Information:
This update adds support to ESTEID 2011 smart cards and other misc bug fixes.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 12 2011 Kalev Lember <kalevlember@xxxxxxxxx> - 0.3.1-1
- Update to 0.3.1
- Dropped upstreamed patch
--------------------------------------------------------------------------------
================================================================================
rpmlint-1.3-2.fc15 (FEDORA-2011-14299)
Tool for checking common errors in RPM packages
--------------------------------------------------------------------------------
Update Information:
* Add new licenses to the rpmlint.config list
* Apply patch from upstream to handle case where rpmlint was trying to run a check on a %ghost file. Spooky!
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 12 2011 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 1.3-2
- apply upstream fix for false error on checking ghosted man pages for
encoding (bz745446)
- update config to reflect new licenses (bz741298)
* Tue Jul 12 2011 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 1.3-1
- update to 1.3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #741298 - rpmlint is unaware of "BSD with attribution" License
https://bugzilla.redhat.com/show_bug.cgi?id=741298
[ 2 ] Bug #745446 - rpmlint-1.2-1.fc15.noarch check ghost manual pages for encoding
https://bugzilla.redhat.com/show_bug.cgi?id=745446
--------------------------------------------------------------------------------
================================================================================
rrdtool-1.4.4-4.fc15 (FEDORA-2011-14323)
Round Robin Database Tool to store and display time-series data
--------------------------------------------------------------------------------
Update Information:
This is an update that fixes failure during rebuild from SRPM
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 13 2011 Jaroslav Škarvada <jskarvad@xxxxxxxxxx> - 1.4.4-4
- Fixed build failure due to change in php_zend_api macro type
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #745736 - rrdtool is FTBFS in F15, fixed in F16
https://bugzilla.redhat.com/show_bug.cgi?id=745736
--------------------------------------------------------------------------------
================================================================================
smartcardpp-0.3.0-1.fc15 (FEDORA-2011-14306)
Library for accessing smart cards
--------------------------------------------------------------------------------
Update Information:
This update adds support to ESTEID 2011 smart cards and other misc bug fixes.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 12 2011 Kalev Lember <kalevlember@xxxxxxxxx> - 0.3.0-1
- Update to 0.3.0
- Dropped upstreamed patch
--------------------------------------------------------------------------------
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
