The following Fedora 14 Security updates need testing: https://admin.fedoraproject.org/updates/FEDORA-2011-13795 https://admin.fedoraproject.org/updates/FEDORA-2011-14180 https://admin.fedoraproject.org/updates/FEDORA-2011-14000 https://admin.fedoraproject.org/updates/FEDORA-2011-13499 https://admin.fedoraproject.org/updates/FEDORA-2011-14202 https://admin.fedoraproject.org/updates/FEDORA-2011-14183 https://admin.fedoraproject.org/updates/FEDORA-2011-13457 https://admin.fedoraproject.org/updates/FEDORA-2011-13633 https://admin.fedoraproject.org/updates/FEDORA-2011-13874 https://admin.fedoraproject.org/updates/FEDORA-2011-13915 https://admin.fedoraproject.org/updates/FEDORA-2011-14025 https://admin.fedoraproject.org/updates/FEDORA-2011-14049 https://admin.fedoraproject.org/updates/FEDORA-2011-14176 https://admin.fedoraproject.org/updates/FEDORA-2011-14214 https://admin.fedoraproject.org/updates/FEDORA-2011-14318 The following Fedora 14 Critical Path updates have yet to be approved: https://admin.fedoraproject.org/updates/FEDORA-2011-14189 https://admin.fedoraproject.org/updates/FEDORA-2011-13933 https://admin.fedoraproject.org/updates/FEDORA-2011-13874 https://admin.fedoraproject.org/updates/FEDORA-2011-13515 https://admin.fedoraproject.org/updates/FEDORA-2011-12717 https://admin.fedoraproject.org/updates/FEDORA-2011-9266 https://admin.fedoraproject.org/updates/FEDORA-2011-8835 https://admin.fedoraproject.org/updates/FEDORA-2011-8401 https://admin.fedoraproject.org/updates/FEDORA-2011-8116 https://admin.fedoraproject.org/updates/FEDORA-2011-5174 https://admin.fedoraproject.org/updates/FEDORA-2011-3923 The following builds have been pushed to Fedora 14 updates-testing asterisk-sounds-core-1.4.22-1.fc14 hplip-3.11.10-3.fc14 jemalloc-2.2.3-1.fc14 perl-File-Find-Rule-0.33-1.fc14 perl-Number-Compare-0.03-1.fc14 perl-libwww-perl-5.837-3.fc14 rpmlint-1.3-2.fc14 xorg-x11-server-1.9.5-2.fc14 Details about builds: ================================================================================ asterisk-sounds-core-1.4.22-1.fc14 (FEDORA-2011-14302) Core sounds for Asterisk -------------------------------------------------------------------------------- Update Information: Update the English (American), Spanish, and French sounds. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 12 2011 Jeffrey C. Ollie <jeff@xxxxxxxxxx> - 1.4.22-1 - Update to 1.4.22 - Add some macros to allow different languages to be at different versions * Tue Jun 28 2011 Jeffrey C. Ollie <jeff@xxxxxxxxxx> - 1.4.21-1 - Add Russian (ru) sounds * Mon Feb 7 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.4.20-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ hplip-3.11.10-3.fc14 (FEDORA-2011-13807) HP Linux Imaging and Printing Project -------------------------------------------------------------------------------- Update Information: New upstream release that fixes several bugs and adds support for new printers. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 12 2011 Tim Waugh <twaugh@xxxxxxxxxx> 3.11.10-3 - Corrected IEEE 1284 Device ID for LaserJet M1522nf MFP (bug #745498). * Fri Oct 7 2011 Tim Waugh <twaugh@xxxxxxxxxx> 3.11.10-2 - Corrected IEEE 1284 Device IDs: - LaserJet M1536dnf MFP (bug #743915) - PSC 1600 series (bug #743821) * Tue Oct 4 2011 Jiri Popelka <jpopelka@xxxxxxxxxx> 3.11.10-1 - 3.11.10 - Use _cups_serverbin macro from cups-devel for where to put driver executables. - No need to define BuildRoot and clean it in clean and install section anymore. - Corrected IEEE 1284 Device IDs: Officejet 6300 series (bug #689378) LaserJet Professional M1212nf MFP (bug #742490) * Fri Sep 23 2011 Tim Waugh <twaugh@xxxxxxxxxx> 3.11.7-5 - Fixed broken patch for pstotiff. * Tue Sep 6 2011 Jiri Popelka <jpopelka@xxxxxxxxxx> 3.11.7-4 - Fixed xsane crash when doing a multi-image scan (bug #725878) * Fri Sep 2 2011 Tim Waugh <twaugh@xxxxxxxxxx> 3.11.7-3 - Fixed hpcups crash when required plugin missing (bug #733461). -------------------------------------------------------------------------------- References: [ 1 ] Bug #742490 - Incorrect IEEE 1284 Device ID, HP LaserJet Professional M1212nf MFP https://bugzilla.redhat.com/show_bug.cgi?id=742490 [ 2 ] Bug #733461 - [abrt] hpijs-1:3.11.7-2.fc14: __libc_start_main: Process /usr/lib/cups/filter/hpcups was killed by signal 6 (SIGABRT) https://bugzilla.redhat.com/show_bug.cgi?id=733461 [ 3 ] Bug #725878 - [abrt] xsane-0.998-4.fc15: bb_start_scan: Process /usr/bin/xsane was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=725878 [ 4 ] Bug #689378 - Missing Device ID for HP Officejet 6300 series https://bugzilla.redhat.com/show_bug.cgi?id=689378 [ 5 ] Bug #743821 - Missing Device ID for HP PSC 1600 series https://bugzilla.redhat.com/show_bug.cgi?id=743821 [ 6 ] Bug #743915 - Incorrect IEEE 1284 Device ID for HP LaserJet M1536dnf MFP https://bugzilla.redhat.com/show_bug.cgi?id=743915 [ 7 ] Bug #745498 - Missing Device ID for HP LaserJet M1522nf MFP https://bugzilla.redhat.com/show_bug.cgi?id=745498 -------------------------------------------------------------------------------- ================================================================================ jemalloc-2.2.3-1.fc14 (FEDORA-2011-14315) General-purpose scalable concurrent malloc implementation -------------------------------------------------------------------------------- Update Information: New upstream release >From the upstream release notes: jemalloc 2.2.3 is now available. This version fixes numerous bugs related to heap profiling. For the complete ChangeLog, see: http://www.canonware.com/jemalloc/ChangeLog.html -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 13 2011 Ingvar Hagelund <ingvar@xxxxxxxxxxxxxxxxxx> - 2.2.3-1 - New upstream release, closes #735057 -------------------------------------------------------------------------------- ================================================================================ perl-File-Find-Rule-0.33-1.fc14 (FEDORA-2011-14310) Perl module implementing an alternative interface to File::Find -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 13 2011 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 0.33-1 - Upstream update. - Modernize spec file. -------------------------------------------------------------------------------- ================================================================================ perl-Number-Compare-0.03-1.fc14 (FEDORA-2011-14300) Perl module for numeric comparisons -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 13 2011 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 0.03-1 - Upstream update. -------------------------------------------------------------------------------- ================================================================================ perl-libwww-perl-5.837-3.fc14 (FEDORA-2011-14318) A Perl interface to the World-Wide Web -------------------------------------------------------------------------------- Update Information: Fix CVE-2011-0633 by enabling hostname verification by default. If you insist on no checking (the insecure way), set PERL_LWP_SSL_VERIFY_HOSTNAME=0 environment variable or modify your application to set ssl_opts correctly. See LWP::UserAgent POD for more details. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 13 2011 Petr Pisar <ppisar@xxxxxxxxxx> - 5.837-3 - Fix CVE-2011-0633 by enabling hostname verification by default. If you insist on no checking (the insecure way), set PERL_LWP_SSL_VERIFY_HOSTNAME=0 environment variable or modify your application to set ssl_opts correctly. See LWP::UserAgent POD for more details. (bug #705044) -------------------------------------------------------------------------------- References: [ 1 ] Bug #705044 - CVE-2011-0633 perl-libwww-perl: no hostname check against SSL certificate name by default https://bugzilla.redhat.com/show_bug.cgi?id=705044 -------------------------------------------------------------------------------- ================================================================================ rpmlint-1.3-2.fc14 (FEDORA-2011-14312) Tool for checking common errors in RPM packages -------------------------------------------------------------------------------- Update Information: * Add new licenses to the rpmlint.config list * Apply patch from upstream to handle case where rpmlint was trying to run a check on a %ghost file. Spooky! -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 12 2011 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 1.3-2 - apply upstream fix for false error on checking ghosted man pages for encoding (bz745446) - update config to reflect new licenses (bz741298) * Tue Jul 12 2011 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 1.3-1 - update to 1.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #741298 - rpmlint is unaware of "BSD with attribution" License https://bugzilla.redhat.com/show_bug.cgi?id=741298 [ 2 ] Bug #745446 - rpmlint-1.2-1.fc15.noarch check ghost manual pages for encoding https://bugzilla.redhat.com/show_bug.cgi?id=745446 -------------------------------------------------------------------------------- ================================================================================ xorg-x11-server-1.9.5-2.fc14 (FEDORA-2011-14324) X.Org X11 X server -------------------------------------------------------------------------------- Update Information: Fix abuse of memcpy() in software blit fast path -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 13 2011 Adam Jackson <ajax@xxxxxxxxxx> 1.9.5-2 - xserver-1.10.1-memcpy-abuse.patch: Fix memcpy abuse. (#730797) -------------------------------------------------------------------------------- References: [ 1 ] Bug #730797 - Nvidia hardware X video scramble https://bugzilla.redhat.com/show_bug.cgi?id=730797 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test