The following Fedora 16 Security updates need testing:
https://admin.fedoraproject.org/updates/FEDORA-2011-14715
https://admin.fedoraproject.org/updates/FEDORA-2011-14440
https://admin.fedoraproject.org/updates/FEDORA-2011-14727
https://admin.fedoraproject.org/updates/FEDORA-2011-13893
https://admin.fedoraproject.org/updates/FEDORA-2011-13989
https://admin.fedoraproject.org/updates/FEDORA-2011-14288
https://admin.fedoraproject.org/updates/FEDORA-2011-14335
https://admin.fedoraproject.org/updates/FEDORA-2011-14480
https://admin.fedoraproject.org/updates/FEDORA-2011-14622
https://admin.fedoraproject.org/updates/FEDORA-2011-14719
https://admin.fedoraproject.org/updates/FEDORA-2011-14691
https://admin.fedoraproject.org/updates/FEDORA-2011-14694
The following Fedora 16 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/FEDORA-2011-14723
https://admin.fedoraproject.org/updates/FEDORA-2011-14704
https://admin.fedoraproject.org/updates/FEDORA-2011-14722
https://admin.fedoraproject.org/updates/FEDORA-2011-14694
https://admin.fedoraproject.org/updates/FEDORA-2011-14682
https://admin.fedoraproject.org/updates/FEDORA-2011-14614
https://admin.fedoraproject.org/updates/FEDORA-2011-14625
https://admin.fedoraproject.org/updates/FEDORA-2011-14607
https://admin.fedoraproject.org/updates/FEDORA-2011-14581
https://admin.fedoraproject.org/updates/FEDORA-2011-14585
https://admin.fedoraproject.org/updates/FEDORA-2011-14572
https://admin.fedoraproject.org/updates/FEDORA-2011-14469
https://admin.fedoraproject.org/updates/FEDORA-2011-14421
https://admin.fedoraproject.org/updates/FEDORA-2011-14359
https://admin.fedoraproject.org/updates/FEDORA-2011-14328
https://admin.fedoraproject.org/updates/FEDORA-2011-14244
https://admin.fedoraproject.org/updates/FEDORA-2011-14264
https://admin.fedoraproject.org/updates/FEDORA-2011-14071
https://admin.fedoraproject.org/updates/FEDORA-2011-13971
https://admin.fedoraproject.org/updates/FEDORA-2011-13954
https://admin.fedoraproject.org/updates/FEDORA-2011-13774
https://admin.fedoraproject.org/updates/FEDORA-2011-12648
https://admin.fedoraproject.org/updates/FEDORA-2011-12550
https://admin.fedoraproject.org/updates/FEDORA-2011-11709
https://admin.fedoraproject.org/updates/FEDORA-2011-11424
https://admin.fedoraproject.org/updates/FEDORA-2011-10886
The following builds have been pushed to Fedora 16 updates-testing
389-ds-base-1.2.10-0.4.a4.fc16
NetworkManager-0.9.1.90-4.git20110927.fc16
apiextractor-0.10.8-1.fc16
arora-0.11.0-3.fc16
audacious-3.0.4-1.fc16
audacious-plugins-3.0.4-1.fc16
bibletime-2.8.2-1.fc16
cln-1.3.2-2.fc16
deltacloud-core-0.4.1-3.fc16
dracut-013-16.fc16
flashrom-0.9.4-2.svn1455.fc16
freeipa-2.1.3-4.fc16
generatorrunner-0.6.14-1.fc16
ghc-7.0.4-31.1.fc16
gparted-0.9.1-1.fc16
gsoap-2.8.3-2.fc16
hardlink-1.0-12.fc16
hekafs-0.7-16.fc16
ibus-1.4.0-5.fc16
iwhd-0.991-1.fc16
jss-4.2.6-21.fc16
konversation-1.3.1-5.fc16
libdrm-2.4.26-2.fc16
libpinyin-0.2.99.2-1.fc16
matahari-0.5.0-1.fc16
mingw32-matahari-0.5.0-1.fc16
moodle-2.0.5-1.fc16
mozilla-https-everywhere-1.1-1.fc16
perl-Tk-804.029-4.fc16
pygobject3-3.0.2-1.fc16
python-pyside-1.0.8-1.fc16
python-requests-0.6.6-1.fc16
qemu-0.15.1-1.fc16
selinux-policy-3.10.0-45.1.fc16
selinux-policy-3.10.0-46.fc16
shiboken-1.0.9-1.fc16
sigar-1.6.5-0.5.git58097d9.fc16
smartmontools-5.42-1.fc16
soprano-2.7.2-1.fc16
spin-kickstarts-0.16.3-1.fc16
sssd-1.6.2-3.fc16
telepathy-salut-0.6.0-1.fc16
zeitgeist-0.8.2-1.fc16
Details about builds:
================================================================================
389-ds-base-1.2.10-0.4.a4.fc16 (FEDORA-2011-14614)
389 Directory Server (base)
--------------------------------------------------------------------------------
Update Information:
2011-10-21: Added selinux-policy and updated SSSD with explicit Requires
FreeIPA:
== What happened to 2.1.2!? ==
Right after tagging 2.1.2 we found an upgrade issue that would have
affected any users using the selfsign CA (installed with --selfsign). We
decided to hold back the release, fix a few more bugs, and just push out
2.1.3 instead about a week later. So here we are.
== Highlights in 2.1.3 ==
* Enforce that system hostname matches hostname of IPA server.
* Require that /etc/hosts is sane even when configuring DNS.
* Increase default server-side LDAP search limits.
* Client enrollment improvements including longer wait for sssd to
start, recovery if discovered IPA server is not responsive and when
anonymous bind is disabled in 389-ds.
== Highlights in 2.1.2 ==
* Upgrade older dogtag installs to use new PKI proxy configuration
* hbactest improvements
* Added platform-independent code to make ipa-client-install more portable
* Make client uninstaller more robust, should restore state more completely.
* UI usability improvements
* Tool for Enabling/Disabling Managed Entry Plugins
* Managed Entries configuration is now replicated
* IPv6 client enrollment improvements
* Man page improvements
* Performance improvements when calculating indirect membership
* Improved handling of disabled anonymous binds in 389-ds
* user is now prompted to enter current password when changing to a new
password
* ipa server now support multiple namingContexts. ipa-client-install and
password migration were fixed
== Upgrading ==
=== Server ===
To upgrade a 2.0.0, 2.0.1 or 2.1.0 server do the following:
# yum update freeipa-server --enablerepo=updates-testing
This will pull in updated freeIPA, 389-ds, dogtag, libcurl and xmlrpc-c
packages (and perhaps some others). A script will be executed in the rpm
postinstall phase to update the IPA LDAP server with any required changes.
There is a bug reported against 389-ds,
https://bugzilla.redhat.com/show_bug.cgi?id=730387, related to
read-write locks. The NSPR RW lock implementation does not safely allow
re-entrant use of reader
locks. This is a timing issue so it is difficult to predict. During
testing one user experienced this and the upgrade hung. To break the
hang kill the ns-slapd process for your realm, wait for the yum
transaction to complete, then restart 389-ds and manually run the update
process:
# service dirsrv start
# ipa-ldap-updater --update
=== Client ===
The ipa-client-install tool in the ipa-client package is just a
configuration tool. There should be no need to re-run this on every
client already enrolled.
SSSD:
== Highlights ==
* Improved handling of users and groups with multi-valued name
attributes (aliases)
* Performance enhancements
* Initgroups on RFC2307bis/FreeIPA
* HBAC rule processing
* Improved process-hang detection and restarting
* Enabled the midpoint cache refresh by default (fewer cache misses on
commonly-used entries)
* Cleaned up the example configuration
389-ds-base:
* fix config del/add mods
* memberof is transaction aware resource
* limits for simple paged results
* Native systemd support
* Fix for managed entry
* Fixed source tarball
* fix transaction support in ldbm_delete
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 7 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.10-0.4.a4
- Bug 741744 - part3 - MOD operations with chained delete/add get back error 53
- 1d2f5a0 make memberof transaction aware and able to be a betxnpostoperation plug in
- b6d3ba7 pass the plugin config entry to the plugin init function
- 28f7bfb set the ENTRY_POST_OP for modrdn betxnpostoperation plugins
- Bug 743966 - Compiler warnings in account usability plugin
* Wed Oct 5 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.10.a3-0.3
- 498c42b fix transaction support in ldbm_delete
* Wed Oct 5 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.10.a2-0.2
- Bug 740942 - allow resource limits to be set for paged searches independently of limits for other searches/operations
- Bug 741744 - MOD operations with chained delete/add get back error 53 on backend config
- Bug 742324 - allow nsslapd-idlistscanlimit to be set dynamically and per-user
* Wed Sep 21 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.10.a1-0.1
- Bug 695736 - Providing native systemd file
* Wed Sep 7 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.9.10-2
- corrected source
* Wed Sep 7 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.9.10-1
- Bug 735114 - renaming a managed entry does not update mepmanagedby
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #699785 - Providing Native systemd service file for IPA
https://bugzilla.redhat.com/show_bug.cgi?id=699785
[ 2 ] Bug #741744 - MOD operations with chained delete/add get back error 53 on backend config
https://bugzilla.redhat.com/show_bug.cgi?id=741744
[ 3 ] Bug #743966 - Compiler warnings in account usability plugin
https://bugzilla.redhat.com/show_bug.cgi?id=743966
[ 4 ] Bug #740942 - allow resource limits to be set for paged searches independently of limits for other searches/operations
https://bugzilla.redhat.com/show_bug.cgi?id=740942
[ 5 ] Bug #742324 - allow nsslapd-idlistscanlimit to be set dynamically and per-user
https://bugzilla.redhat.com/show_bug.cgi?id=742324
[ 6 ] Bug #695736 - Providing native systemd file
https://bugzilla.redhat.com/show_bug.cgi?id=695736
[ 7 ] Bug #735114 - renaming a managed entry does not update mepmanagedby
https://bugzilla.redhat.com/show_bug.cgi?id=735114
--------------------------------------------------------------------------------
================================================================================
NetworkManager-0.9.1.90-4.git20110927.fc16 (FEDORA-2011-14722)
Network connection manager and user applications
--------------------------------------------------------------------------------
Update Information:
This update fixes setting host-name obtained from DHCP server.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 21 2011 Jiří Klimeš <jklimes@xxxxxxxxxx> - 0.9.1.90-4.git20110927
- core: fix setting hostname from DHCP options (rh #719100)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #719100 - NetworkManager doesn't set hostname to value return from dhclient
https://bugzilla.redhat.com/show_bug.cgi?id=719100
--------------------------------------------------------------------------------
================================================================================
apiextractor-0.10.8-1.fc16 (FEDORA-2011-14707)
Library headers parser to extract API information
--------------------------------------------------------------------------------
Update Information:
PySide 1.0.8 bug fix release with initial Qt 4.8 support.
Detailed changelog is available from upstream announcements:
- http://lists.pyside.org/pipermail/pyside/2011-September/002935.html
- http://lists.pyside.org/pipermail/pyside/2011-October/003016.html
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 21 2011 Kalev Lember <kalevlember@xxxxxxxxx> - 0.10.8-1
- Update to 0.10.8
--------------------------------------------------------------------------------
================================================================================
arora-0.11.0-3.fc16 (FEDORA-2011-14719)
A cross platform web browser
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2011-3367, an input validation flaw.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 20 2011 Jaroslav Reznik <jreznik@xxxxxxxxxx> - 0.11.0-3
- CVE-2011-3367 - input validation flaw (rhbz#746875)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #746875 - CVE-2011-3367 arora: input validation flaw
https://bugzilla.redhat.com/show_bug.cgi?id=746875
--------------------------------------------------------------------------------
================================================================================
audacious-3.0.4-1.fc16 (FEDORA-2011-14699)
Advanced audio player
--------------------------------------------------------------------------------
Update Information:
Update from 3.0.2 to 3.0.4 for a few more fixes and translation updates.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 21 2011 Michael Schwendt <mschwendt@xxxxxxxxxxxxxxxxx> - 3.0.4-1
- Update to 3.0.4 (a few fixes, 5k diff).
* Mon Sep 19 2011 Michael Schwendt <mschwendt@xxxxxxxxxxxxxxxxx> - 3.0.3-1
- Update to 3.0.3 (just a few spelling fixes and translation updates).
* Sat Sep 17 2011 Michael Schwendt <mschwendt@xxxxxxxxxxxxxxxxx> - 3.0.2-3
- Add audacious(plugin-api)%{?_isa} Provides which plugin packages
may use for an arch-specific dependency (albeit not before builds of
this base package become available for the target dist).
* Fri Sep 16 2011 Michael Schwendt <mschwendt@xxxxxxxxxxxxxxxxx> - 3.0.2-2
- Use %_isa in more dependencies.
- Drop unneeded BuildRoot stuff.
- Drop %defattr lines.
- Drop explicit pkgconfig dependency.
--------------------------------------------------------------------------------
================================================================================
audacious-plugins-3.0.4-1.fc16 (FEDORA-2011-14699)
Plugins for the Audacious audio player
--------------------------------------------------------------------------------
Update Information:
Update from 3.0.2 to 3.0.4 for a few more fixes and translation updates.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 21 2011 Michael Schwendt <mschwendt@xxxxxxxxxxxxxxxxx> - 3.0.4-1
- Update to 3.0.4 (maintenance release in stable branch, 15k diff).
* Mon Sep 19 2011 Michael Schwendt <mschwendt@xxxxxxxxxxxxxxxxx> - 3.0.3-1
- Update to 3.0.3 (some more translation updates).
- Let the plugin pkgs depend on audacious(plugin-api)%{?_isa}.
* Fri Sep 16 2011 Michael Schwendt <mschwendt@xxxxxxxxxxxxxxxxx> - 3.0.2-3
- Use %_isa in more dependencies.
- Drop unneeded BuildRoot stuff.
- Drop %defattr lines.
- Drop old -wavpack and -vortex Obsoletes/Provides.
--------------------------------------------------------------------------------
================================================================================
bibletime-2.8.2-1.fc16 (FEDORA-2011-14702)
An easy to use Bible study tool
--------------------------------------------------------------------------------
Update Information:
Fix build for clucene2 and update to 2.8.2
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 20 2011 Deji Akingunola <dakingun@xxxxxxxxx> - 2.8.2-1
- Update to 2.8.2
- Add patch by Jonathan Dieter (jdieter@xxxxxxxxx) so it builds
against CLucene-2.3.3
--------------------------------------------------------------------------------
================================================================================
cln-1.3.2-2.fc16 (FEDORA-2011-14714)
Class Library for Numbers
--------------------------------------------------------------------------------
Update Information:
Update to latest stable release and fix arm build.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 19 2011 Deji Akingunola <dakingun@xxxxxxxxx> - 1.3.2-2
- Also add -DNO_ASM to CFLAGS for arm archs.
* Sun Oct 9 2011 Deji Akingunola <dakingun@xxxxxxxxx> - 1.3.2-1
- New upstream version
- Add -DNO_ASM flag for arm archs.
--------------------------------------------------------------------------------
================================================================================
deltacloud-core-0.4.1-3.fc16 (FEDORA-2011-14708)
Deltacloud REST API
--------------------------------------------------------------------------------
Update Information:
Bugfix for VSphere driver
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 21 2011 Michal Fojtik <mfojtik@xxxxxxxxxx> - 0.4.1-3
- Backported fix for VSphere driver
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #747634 - deltacloud error: NoMethodError: undefined method `validate_instance_profile!' for #<Deltacloud::Drivers::VSphere::VSphereDriver:0x7f90fdb8f818>
https://bugzilla.redhat.com/show_bug.cgi?id=747634
--------------------------------------------------------------------------------
================================================================================
dracut-013-16.fc16 (FEDORA-2011-14704)
Initramfs generator using udev
--------------------------------------------------------------------------------
Update Information:
- fixed livenet module wget bug
Resolves: rhbz#747632
- fixed relative symlink bugs
- speedup image creation
- protect against files in current directory
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 21 2011 Harald Hoyer <harald@xxxxxxxxxx> 013-16
- fixed livenet module wget bug
Resolves: rhbz#747632
- fixed relative symlink bugs
- speedup image creation
- protect against files in current directory
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #747632 - using iSCSI target as root filesystem results in kernel panic at boot
https://bugzilla.redhat.com/show_bug.cgi?id=747632
--------------------------------------------------------------------------------
================================================================================
flashrom-0.9.4-2.svn1455.fc16 (FEDORA-2011-14729)
Simple program for reading/writing BIOS chips content
--------------------------------------------------------------------------------
Update Information:
- Updated to latest svn ver. 1455 (post-release snapshot for 0.9.4)
- Added lots of new boards and several chipsets and flashchips
- Lots of other cleanups and enhancements
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 21 2011 Peter Lemenkov <lemenkov@xxxxxxxxx> - 0.9.4-2.svn1455
- Updated to latest svn ver. 1455 (post-release snapshot for 0.9.4)
- Added lots of new boards and several chipsets and flashchips
- Lots of other cleanups and enhancements
--------------------------------------------------------------------------------
================================================================================
freeipa-2.1.3-4.fc16 (FEDORA-2011-14614)
The Identity, Policy and Audit system
--------------------------------------------------------------------------------
Update Information:
2011-10-21: Added selinux-policy and updated SSSD with explicit Requires
FreeIPA:
== What happened to 2.1.2!? ==
Right after tagging 2.1.2 we found an upgrade issue that would have
affected any users using the selfsign CA (installed with --selfsign). We
decided to hold back the release, fix a few more bugs, and just push out
2.1.3 instead about a week later. So here we are.
== Highlights in 2.1.3 ==
* Enforce that system hostname matches hostname of IPA server.
* Require that /etc/hosts is sane even when configuring DNS.
* Increase default server-side LDAP search limits.
* Client enrollment improvements including longer wait for sssd to
start, recovery if discovered IPA server is not responsive and when
anonymous bind is disabled in 389-ds.
== Highlights in 2.1.2 ==
* Upgrade older dogtag installs to use new PKI proxy configuration
* hbactest improvements
* Added platform-independent code to make ipa-client-install more portable
* Make client uninstaller more robust, should restore state more completely.
* UI usability improvements
* Tool for Enabling/Disabling Managed Entry Plugins
* Managed Entries configuration is now replicated
* IPv6 client enrollment improvements
* Man page improvements
* Performance improvements when calculating indirect membership
* Improved handling of disabled anonymous binds in 389-ds
* user is now prompted to enter current password when changing to a new
password
* ipa server now support multiple namingContexts. ipa-client-install and
password migration were fixed
== Upgrading ==
=== Server ===
To upgrade a 2.0.0, 2.0.1 or 2.1.0 server do the following:
# yum update freeipa-server --enablerepo=updates-testing
This will pull in updated freeIPA, 389-ds, dogtag, libcurl and xmlrpc-c
packages (and perhaps some others). A script will be executed in the rpm
postinstall phase to update the IPA LDAP server with any required changes.
There is a bug reported against 389-ds,
https://bugzilla.redhat.com/show_bug.cgi?id=730387, related to
read-write locks. The NSPR RW lock implementation does not safely allow
re-entrant use of reader
locks. This is a timing issue so it is difficult to predict. During
testing one user experienced this and the upgrade hung. To break the
hang kill the ns-slapd process for your realm, wait for the yum
transaction to complete, then restart 389-ds and manually run the update
process:
# service dirsrv start
# ipa-ldap-updater --update
=== Client ===
The ipa-client-install tool in the ipa-client package is just a
configuration tool. There should be no need to re-run this on every
client already enrolled.
SSSD:
== Highlights ==
* Improved handling of users and groups with multi-valued name
attributes (aliases)
* Performance enhancements
* Initgroups on RFC2307bis/FreeIPA
* HBAC rule processing
* Improved process-hang detection and restarting
* Enabled the midpoint cache refresh by default (fewer cache misses on
commonly-used entries)
* Cleaned up the example configuration
389-ds-base:
* fix config del/add mods
* memberof is transaction aware resource
* limits for simple paged results
* Native systemd support
* Fix for managed entry
* Fixed source tarball
* fix transaction support in ldbm_delete
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 19 2011 Alexander Bokovoy <abokovoy@xxxxxxxxxx> - 2.1.3-4
- clean up spec
- Depend on sssd >= 1.6.2 for better user experience
* Tue Oct 18 2011 Alexander Bokovoy <abokovoy@xxxxxxxxxx> - 2.1.3-3
- Fix Fedora package changelog after merging systemd changes
* Tue Oct 18 2011 Alexander Bokovoy <abokovoy@xxxxxxxxxx> - 2.1.3-2
- Fix postin scriplet for F-15/F-16
* Tue Oct 18 2011 Alexander Bokovoy <abokovoy@xxxxxxxxxx> - 2.1.3-1
- 2.1.3
* Mon Oct 17 2011 Alexander Bokovoy <abokovoy@xxxxxxxxxx> - 2.1.2-1
- Default to systemd for Fedora 16 and onwards
* Tue Aug 16 2011 Rob Crittenden <rcritten@xxxxxxxxxx> - 2.1.0-1
- Update to upstream 2.1.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #699785 - Providing Native systemd service file for IPA
https://bugzilla.redhat.com/show_bug.cgi?id=699785
[ 2 ] Bug #741744 - MOD operations with chained delete/add get back error 53 on backend config
https://bugzilla.redhat.com/show_bug.cgi?id=741744
[ 3 ] Bug #743966 - Compiler warnings in account usability plugin
https://bugzilla.redhat.com/show_bug.cgi?id=743966
[ 4 ] Bug #740942 - allow resource limits to be set for paged searches independently of limits for other searches/operations
https://bugzilla.redhat.com/show_bug.cgi?id=740942
[ 5 ] Bug #742324 - allow nsslapd-idlistscanlimit to be set dynamically and per-user
https://bugzilla.redhat.com/show_bug.cgi?id=742324
[ 6 ] Bug #695736 - Providing native systemd file
https://bugzilla.redhat.com/show_bug.cgi?id=695736
[ 7 ] Bug #735114 - renaming a managed entry does not update mepmanagedby
https://bugzilla.redhat.com/show_bug.cgi?id=735114
--------------------------------------------------------------------------------
================================================================================
generatorrunner-0.6.14-1.fc16 (FEDORA-2011-14707)
Plugin-based application to run apiextractor-based generators
--------------------------------------------------------------------------------
Update Information:
PySide 1.0.8 bug fix release with initial Qt 4.8 support.
Detailed changelog is available from upstream announcements:
- http://lists.pyside.org/pipermail/pyside/2011-September/002935.html
- http://lists.pyside.org/pipermail/pyside/2011-October/003016.html
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 21 2011 Kalev Lember <kalevlember@xxxxxxxxx> - 0.6.14-1
- Update to 0.6.14
--------------------------------------------------------------------------------
================================================================================
ghc-7.0.4-31.1.fc16 (FEDORA-2011-14724)
Glasgow Haskell Compiler
--------------------------------------------------------------------------------
Update Information:
- Include the ghc (ghci) library in ghc-devel (Narasim)
- Support armv5tel arch (Henrik Nordström)
- Dependency autogeneration for bootstrap builds
- Use system libffi also on secondary archs (except ppc for now)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 20 2011 Jens Petersen <petersen@xxxxxxxxxx> - 7.0.4-31.1
- setup ghc-deps.sh after ghc_version_override for bootstrapping
- add armv5tel (ported by Henrik Nordström)
- also use ghc-deps.sh when bootstrapping (ghc-rpm-macros-0.13.13)
- replace libffi_archs with libffi_copy_archs for ppc just for now
- include the ghc (ghci) library in ghc-devel
--------------------------------------------------------------------------------
================================================================================
gparted-0.9.1-1.fc16 (FEDORA-2011-14725)
Gnome Partition Editor
--------------------------------------------------------------------------------
Update Information:
Update to 0.9.1. Fix a couple of NTFS bugs.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 19 2011 Deji Akingunola <dakingun@xxxxxxxxx> - 0.9.1-1
- Update to version 0.9.1
--------------------------------------------------------------------------------
================================================================================
gsoap-2.8.3-2.fc16 (FEDORA-2011-14721)
Generator Tools for Coding SOAP/XML Web Services in C and C++
--------------------------------------------------------------------------------
Update Information:
This update fixes a problem with IPv4 only sockets.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 21 2011 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 2.8.3-2
- Fix an issue with IPv4 only sockets when IPv6 support is enabled
--------------------------------------------------------------------------------
================================================================================
hardlink-1.0-12.fc16 (FEDORA-2011-14727)
Create a tree of hardlinks
--------------------------------------------------------------------------------
Update Information:
fix possible buffer overflows, integer overflows (CVE-2011-3630 CVE-2011-3631 CVE-2011-3632)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 21 2011 Jindrich Novy <jnovy@xxxxxxxxxx> - 1:1.0-12
- fix possible buffer overflows, integer overflows (CVE-2011-3630 CVE-2011-3631 CVE-2011-3632)
- update man page
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #746709 - CVE-2011-3630 hardlink: Multiple stack-based buffer overflows when run on a tree with deeply nested directories
https://bugzilla.redhat.com/show_bug.cgi?id=746709
[ 2 ] Bug #746710 - CVE-2011-3631 hardlink: Multiple integer overflows, when adding string lengths
https://bugzilla.redhat.com/show_bug.cgi?id=746710
[ 3 ] Bug #746713 - CVE-2011-3632 hardlink: Prone to symlink attacks
https://bugzilla.redhat.com/show_bug.cgi?id=746713
--------------------------------------------------------------------------------
================================================================================
hekafs-0.7-16.fc16 (FEDORA-2011-14711)
Heka File System
--------------------------------------------------------------------------------
Update Information:
fixes tenant root dir not writable
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 21 2011 Kaleb S. KEITHLEY <kkeithle@xxxxxxxxxx> - 0.7-16
- fix for BZ 747112
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #747112 - tenant's root dir is not writeable by default
https://bugzilla.redhat.com/show_bug.cgi?id=747112
--------------------------------------------------------------------------------
================================================================================
ibus-1.4.0-5.fc16 (FEDORA-2011-14726)
Intelligent Input Bus for Linux OS
--------------------------------------------------------------------------------
Update Information:
ibus panel status icon cannot open menu item on gnome-shell without this update. Updated ibus-gnome3.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 21 2011 Takao Fujiwara <tfujiwar@xxxxxxxxxx> - 1.4.0-5
- Fixed Bug 747845 - ibus icon cannot open menu item on gnome-shell
* Thu Oct 20 2011 Takao Fujiwara <tfujiwar@xxxxxxxxxx> - 1.4.0-4
- Fixed Bug 746869 - no keymaps if the XKB has no group and no variant
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #747845 - ibus panel status icon cannot open menu item on gnome-shell
https://bugzilla.redhat.com/show_bug.cgi?id=747845
--------------------------------------------------------------------------------
================================================================================
iwhd-0.991-1.fc16 (FEDORA-2011-14728)
Image WareHouse Daemon
--------------------------------------------------------------------------------
Update Information:
better oauth support
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 20 2011 Jim Meyering <meyering@xxxxxxxxxx> - 0.991-1
- new release
--------------------------------------------------------------------------------
================================================================================
jss-4.2.6-21.fc16 (FEDORA-2011-14717)
Java Security Services (JSS)
--------------------------------------------------------------------------------
Update Information:
Bugzilla Bug #737122 - DRM: during archiving and recovering, wrapping
unwrapping keys should be done in the token
support for PKCS5v2; support for secure PKCS12
Bugzilla Bug #744797 - KRA key recovery (retrieve pkcs#12) fails after the
in-place upgrade( CS 8.0->8.1)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 19 2011 Christina Fu <cfu@xxxxxxxxxx> - 4.2.6-21
- Bugzilla Bug #737122 - DRM: during archiving and recovering, wrapping
unwrapping keys should be done in the token
- support for PKCS5v2; support for secure PKCS12
- Bugzilla Bug #744797 - KRA key recovery (retrieve pkcs#12) fails after the
in-place upgrade( CS 8.0->8.1)
--------------------------------------------------------------------------------
================================================================================
konversation-1.3.1-5.fc16 (FEDORA-2011-14703)
A user friendly IRC client
--------------------------------------------------------------------------------
Update Information:
Upstream patch to workaround crashes introduced with the option
"Mark the last position in a chat window when it is hidden" used
with newer qt releases. See also http://bugs.kde.org/210106
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 21 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.3.1-5
- Crash in marker cleanup code (kde#210106)
--------------------------------------------------------------------------------
================================================================================
libdrm-2.4.26-2.fc16 (FEDORA-2011-14723)
Direct Rendering Manager runtime library
--------------------------------------------------------------------------------
Update Information:
fix permissions on control device file
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 21 2011 Dave Airlie <airlied@xxxxxxxxxx> 2.4.26-2
- fix perms on control node in udev rule
--------------------------------------------------------------------------------
================================================================================
libpinyin-0.2.99.2-1.fc16 (FEDORA-2011-14697)
Library to deal with pinyin
--------------------------------------------------------------------------------
Update Information:
libpinyin - Library to deal with pinyin
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #741824 - Review Request: libpinyin - Library to deal with pinyin
https://bugzilla.redhat.com/show_bug.cgi?id=741824
--------------------------------------------------------------------------------
================================================================================
matahari-0.5.0-1.fc16 (FEDORA-2011-14712)
Matahari QMF Agents for Linux guests
--------------------------------------------------------------------------------
Update Information:
New upstream release
Only require dmidecode on archs where it exists.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 21 2011 Adam Stokes <astokes@xxxxxxxxxxxxxxxxx> 0.5.0
- New upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #745386 - matahari-host requires dmidecode
https://bugzilla.redhat.com/show_bug.cgi?id=745386
--------------------------------------------------------------------------------
================================================================================
mingw32-matahari-0.5.0-1.fc16 (FEDORA-2011-14720)
Matahari QMF Agents for Windows guests
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 21 2011 Adam Stokes <astokes@xxxxxxxxxxxxxxxxx> matahari-0.5.0
- New 0.5.0 release
* Wed Sep 14 2011 Adam Stokes <astokes@xxxxxxxxxxxxxxxxx> matahari-0.4.5-0.1.9bb41cb.git
- New upstream Release.
* Mon Aug 29 2011 Adam Stokes <astokes@xxxxxxxxxxxxxxxxx> matahari-0.4.2-0.1.67227ab.git
- New upstream release.
* Fri Jul 29 2011 Adam Stokes <astokes@xxxxxxxxxxxxxxxxx> matahari-0.4.2-0.1.cb3faf4.git
- New upstream release.
--------------------------------------------------------------------------------
================================================================================
moodle-2.0.5-1.fc16 (FEDORA-2011-14715)
A Course Management System
--------------------------------------------------------------------------------
Update Information:
Multiple security fixes.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 21 2011 Jon Ciesla <limb@xxxxxxxxxxxx> - 2.0.5-1
- New upstream, BZ 747445.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #747445 - moodle: Multiple security fixes in 2.1.2, 2.0.5, and 1.9.14 [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=747445
[ 2 ] Bug #747446 - moodle: Multiple security fixes in 2.1.2, 2.0.5, and 1.9.14 [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=747446
--------------------------------------------------------------------------------
================================================================================
mozilla-https-everywhere-1.1-1.fc16 (FEDORA-2011-14716)
HTTPS/HSTS enforcement extension for Mozilla Firefox and SeaMonkey
--------------------------------------------------------------------------------
Update Information:
Here is where you
give an explanation of
your update.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 20 2011 Russell Golden <niveusluna@xxxxxxxxxxxxxx> - 1.1-1
- Further tweaks to internals, will hopefully fix a number of weird issues:
-- https://trac.torproject.org/projects/tor/ticket/4194
-- https://trac.torproject.org/projects/tor/ticket/4149
-- https://mail1.eff.org/pipermail/https-everywhere/2011-October/001208.html
- YouTube is enabled by default!
- Fixes: Yandex, Statcounter, Polldaddy, SBB.ch
- Improvements: Facebook+
- Disable broken: Bloglines, EPEAT
--------------------------------------------------------------------------------
================================================================================
perl-Tk-804.029-4.fc16 (FEDORA-2011-14700)
Perl Graphical User Interface ToolKit
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 21 2011 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> 804.029-4
- Split out Tk/MMutil.pm, Tk/install.pm, Tk/MakeDepend.pm into perl-Tk-devel.
(Avoid dependency on perl-devel - BZ 741777).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #741777 - Bogus requires on perl-devel from perl-tk
https://bugzilla.redhat.com/show_bug.cgi?id=741777
--------------------------------------------------------------------------------
================================================================================
pygobject3-3.0.2-1.fc16 (FEDORA-2011-14718)
Python 2 bindings for GObject Introspection
--------------------------------------------------------------------------------
Update Information:
This release makes the snippets plugin of gedit to work again.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 22 2011 Ignacio Casal Quinteiro <icq@xxxxxxxxx> - 3.0.2-1
- udpate to 3.0.2
--------------------------------------------------------------------------------
================================================================================
python-pyside-1.0.8-1.fc16 (FEDORA-2011-14707)
Python bindings for Qt4
--------------------------------------------------------------------------------
Update Information:
PySide 1.0.8 bug fix release with initial Qt 4.8 support.
Detailed changelog is available from upstream announcements:
- http://lists.pyside.org/pipermail/pyside/2011-September/002935.html
- http://lists.pyside.org/pipermail/pyside/2011-October/003016.html
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 21 2011 Kalev Lember <kalevlember@xxxxxxxxx> - 1.0.8-1
- Update to 1.0.8
- Dropped the Qt 4.8 patch that was merged upstream
--------------------------------------------------------------------------------
================================================================================
python-requests-0.6.6-1.fc16 (FEDORA-2011-14709)
HTTP library, written in Python, for human beings
--------------------------------------------------------------------------------
Update Information:
Latest bug fix
release from upstream
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 20 2011 Arun SAG <sagarun@xxxxxxxxx> - 0.6.6-1
- Updated to version 0.6.6
--------------------------------------------------------------------------------
================================================================================
qemu-0.15.1-1.fc16 (FEDORA-2011-14698)
QEMU is a FAST! processor emulator
--------------------------------------------------------------------------------
Update Information:
Update qemu to 0.15.1 stable for multiple bug fixes.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 21 2011 Justin M. Forbes <jforbes@xxxxxxxxxx> - 2:0.15.1-1
- Require seabios-bin >= 0.6.0-2 (#741992)
- Replace init scripts with systemd units (#741920)
- Update to 0.15.1 stable upstream
* Fri Oct 21 2011 Paul Moore <pmoore@xxxxxxxxxx>
- Enable full relro and PIE (rhbz #738812)
* Wed Oct 12 2011 Daniel P. Berrange <berrange@xxxxxxxxxx> - 2:0.15.0-6
- Add BR on ceph-devel to enable RBD block device
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #741992 - qemu-kvm should require seabios-bin >= 0.6.2
https://bugzilla.redhat.com/show_bug.cgi?id=741992
[ 2 ] Bug #741920 - switch ksm and binfmt to use systemd
https://bugzilla.redhat.com/show_bug.cgi?id=741920
[ 3 ] Bug #738812 - qemu-kvm should be built with full relro and PIE support
https://bugzilla.redhat.com/show_bug.cgi?id=738812
[ 4 ] Bug #719655 - Provide native systemd unit file
https://bugzilla.redhat.com/show_bug.cgi?id=719655
--------------------------------------------------------------------------------
================================================================================
selinux-policy-3.10.0-45.1.fc16 (FEDORA-2011-14618)
SELinux policy configuration
--------------------------------------------------------------------------------
Update Information:
- Allow svirt_lxc_domain to chr_file and blk_file devices if they are in the domain
- Allow init process to setrlimit on itself
- Take away transition rules for users executing ssh-keygen
- Allow setroubleshoot_fixit_t to read /dev/urand
- Allow sshd to relbale tunnel sockets
- Allow fail2ban domtrans to shorewall in the same way as with iptables
- Add support for lnk files in the /var/lib/sssd directory
- Allow system mail to connect to courier-authdaemon over an unix stream socket
- Add policies for nova openstack
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 20 2011 Dan Walsh <dwalsh@xxxxxxxxxx> 3.10.0-45.1
- Allow systemd_passwd to talk to sock_files in systemd_passwd_var_run_t directories
* Thu Oct 20 2011 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.10.0-45
- Remove tzdata policy
* Thu Oct 20 2011 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.10.0-44
- Add labeling for udev
- Add cloudform policy
- Fixes for bootloader policy
* Wed Oct 19 2011 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.10.0-43
- Add policies for nova openstack
* Tue Oct 18 2011 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.10.0-42
- Add fixes for nova-stack policy
* Tue Oct 18 2011 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.10.0-41
- Allow svirt_lxc_domain to chr_file and blk_file devices if they are in the domain
- Allow init process to setrlimit on itself
- Take away transition rules for users executing ssh-keygen
- Allow setroubleshoot_fixit_t to read /dev/urand
- Allow sshd to relbale tunnel sockets
- Allow fail2ban domtrans to shorewall in the same way as with iptables
- Add support for lnk files in the /var/lib/sssd directory
- Allow system mail to connect to courier-authdaemon over an unix stream socket
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #747012 - SELinux is preventing /bin/systemd-tty-ask-password-agent from read access on the fifo_file 136:2.
https://bugzilla.redhat.com/show_bug.cgi?id=747012
[ 2 ] Bug #747653 - SELinux is preventing systemd-tty-ask from 'read' accesses on the file ask.lIE7zh.
https://bugzilla.redhat.com/show_bug.cgi?id=747653
[ 3 ] Bug #745272 - Surprising statuses when verifying selinux-policy-targeted
https://bugzilla.redhat.com/show_bug.cgi?id=745272
[ 4 ] Bug #734346 - SELinux policy for nova
https://bugzilla.redhat.com/show_bug.cgi?id=734346
[ 5 ] Bug #746358 - SELinux is preventing /usr/sbin/gpsd from read, write access on the chr_file ttyUSB2.
https://bugzilla.redhat.com/show_bug.cgi?id=746358
[ 6 ] Bug #746559 - SELinux is preventing /usr/bin/python from 'getattr' accesses on the chr_file /dev/urandom.
https://bugzilla.redhat.com/show_bug.cgi?id=746559
[ 7 ] Bug #746561 - SELinux is preventing /usr/bin/python from 'read' accesses on the file online.
https://bugzilla.redhat.com/show_bug.cgi?id=746561
[ 8 ] Bug #747006 - SELinux is preventing abrt-dump-oops from 'open' accesses on the file /etc/abrt/abrt.conf.
https://bugzilla.redhat.com/show_bug.cgi?id=747006
--------------------------------------------------------------------------------
================================================================================
selinux-policy-3.10.0-46.fc16 (FEDORA-2011-14614)
SELinux policy configuration
--------------------------------------------------------------------------------
Update Information:
2011-10-21: Added selinux-policy and updated SSSD with explicit Requires
FreeIPA:
== What happened to 2.1.2!? ==
Right after tagging 2.1.2 we found an upgrade issue that would have
affected any users using the selfsign CA (installed with --selfsign). We
decided to hold back the release, fix a few more bugs, and just push out
2.1.3 instead about a week later. So here we are.
== Highlights in 2.1.3 ==
* Enforce that system hostname matches hostname of IPA server.
* Require that /etc/hosts is sane even when configuring DNS.
* Increase default server-side LDAP search limits.
* Client enrollment improvements including longer wait for sssd to
start, recovery if discovered IPA server is not responsive and when
anonymous bind is disabled in 389-ds.
== Highlights in 2.1.2 ==
* Upgrade older dogtag installs to use new PKI proxy configuration
* hbactest improvements
* Added platform-independent code to make ipa-client-install more portable
* Make client uninstaller more robust, should restore state more completely.
* UI usability improvements
* Tool for Enabling/Disabling Managed Entry Plugins
* Managed Entries configuration is now replicated
* IPv6 client enrollment improvements
* Man page improvements
* Performance improvements when calculating indirect membership
* Improved handling of disabled anonymous binds in 389-ds
* user is now prompted to enter current password when changing to a new
password
* ipa server now support multiple namingContexts. ipa-client-install and
password migration were fixed
== Upgrading ==
=== Server ===
To upgrade a 2.0.0, 2.0.1 or 2.1.0 server do the following:
# yum update freeipa-server --enablerepo=updates-testing
This will pull in updated freeIPA, 389-ds, dogtag, libcurl and xmlrpc-c
packages (and perhaps some others). A script will be executed in the rpm
postinstall phase to update the IPA LDAP server with any required changes.
There is a bug reported against 389-ds,
https://bugzilla.redhat.com/show_bug.cgi?id=730387, related to
read-write locks. The NSPR RW lock implementation does not safely allow
re-entrant use of reader
locks. This is a timing issue so it is difficult to predict. During
testing one user experienced this and the upgrade hung. To break the
hang kill the ns-slapd process for your realm, wait for the yum
transaction to complete, then restart 389-ds and manually run the update
process:
# service dirsrv start
# ipa-ldap-updater --update
=== Client ===
The ipa-client-install tool in the ipa-client package is just a
configuration tool. There should be no need to re-run this on every
client already enrolled.
SSSD:
== Highlights ==
* Improved handling of users and groups with multi-valued name
attributes (aliases)
* Performance enhancements
* Initgroups on RFC2307bis/FreeIPA
* HBAC rule processing
* Improved process-hang detection and restarting
* Enabled the midpoint cache refresh by default (fewer cache misses on
commonly-used entries)
* Cleaned up the example configuration
389-ds-base:
* fix config del/add mods
* memberof is transaction aware resource
* limits for simple paged results
* Native systemd support
* Fix for managed entry
* Fixed source tarball
* fix transaction support in ldbm_delete
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 20 2011 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.10.0-46
- Policy update should not modify local contexts
* Thu Oct 20 2011 Dan Walsh <dwalsh@xxxxxxxxxx> 3.10.0-45.1
- Allow systemd_passwd to talk to sock_files in systemd_passwd_var_run_t directories
* Thu Oct 20 2011 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.10.0-45
- Remove tzdata policy
* Thu Oct 20 2011 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.10.0-44
- Add labeling for udev
- Add cloudform policy
- Fixes for bootloader policy
* Wed Oct 19 2011 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.10.0-43
- Add policies for nova openstack
* Tue Oct 18 2011 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.10.0-42
- Add fixes for nova-stack policy
* Tue Oct 18 2011 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.10.0-41
- Allow svirt_lxc_domain to chr_file and blk_file devices if they are in the domain
- Allow init process to setrlimit on itself
- Take away transition rules for users executing ssh-keygen
- Allow setroubleshoot_fixit_t to read /dev/urand
- Allow sshd to relbale tunnel sockets
- Allow fail2ban domtrans to shorewall in the same way as with iptables
- Add support for lnk files in the /var/lib/sssd directory
- Allow system mail to connect to courier-authdaemon over an unix stream socket
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #699785 - Providing Native systemd service file for IPA
https://bugzilla.redhat.com/show_bug.cgi?id=699785
[ 2 ] Bug #741744 - MOD operations with chained delete/add get back error 53 on backend config
https://bugzilla.redhat.com/show_bug.cgi?id=741744
[ 3 ] Bug #743966 - Compiler warnings in account usability plugin
https://bugzilla.redhat.com/show_bug.cgi?id=743966
[ 4 ] Bug #740942 - allow resource limits to be set for paged searches independently of limits for other searches/operations
https://bugzilla.redhat.com/show_bug.cgi?id=740942
[ 5 ] Bug #742324 - allow nsslapd-idlistscanlimit to be set dynamically and per-user
https://bugzilla.redhat.com/show_bug.cgi?id=742324
[ 6 ] Bug #695736 - Providing native systemd file
https://bugzilla.redhat.com/show_bug.cgi?id=695736
[ 7 ] Bug #735114 - renaming a managed entry does not update mepmanagedby
https://bugzilla.redhat.com/show_bug.cgi?id=735114
--------------------------------------------------------------------------------
================================================================================
shiboken-1.0.9-1.fc16 (FEDORA-2011-14707)
CPython bindings generator for C++ libraries
--------------------------------------------------------------------------------
Update Information:
PySide 1.0.8 bug fix release with initial Qt 4.8 support.
Detailed changelog is available from upstream announcements:
- http://lists.pyside.org/pipermail/pyside/2011-September/002935.html
- http://lists.pyside.org/pipermail/pyside/2011-October/003016.html
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 21 2011 Kalev Lember <kalevlember@xxxxxxxxx> - 1.0.9-1
- Update to 1.0.9
--------------------------------------------------------------------------------
================================================================================
sigar-1.6.5-0.5.git58097d9.fc16 (FEDORA-2011-14706)
System Information Gatherer And Reporter
--------------------------------------------------------------------------------
Update Information:
Give more accurate CPU counts using /proc/cpuinfo
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 21 2011 Zane Bitter <zbitter@xxxxxxxxxx> - 1.6.4-0.5.git833ca18
- Get correct CPU counts on non-x86 architectures
* Mon Aug 29 2011 Zane Bitter <zbitter@xxxxxxxxxx> - 1.6.5-0.4.git833ca18
- Get CPU counts from /proc/cpuinfo
Resolves: #714249
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #747977 - matahari host agent reports wrong cpu core count
https://bugzilla.redhat.com/show_bug.cgi?id=747977
--------------------------------------------------------------------------------
================================================================================
smartmontools-5.42-1.fc16 (FEDORA-2011-14713)
Tools for monitoring SMART capable hard disks
--------------------------------------------------------------------------------
Update Information:
- new smartctl option '-l devstat' (Device Statistics).
- new smartctl option '-l ssd' (SSD endurance indicator).
- smartd logs identify information of each SCSI/SAS device.
- smartd resends warning emails if problem reappears.
- new smartd directives '-l offlinests' and '-l selfteststs'.
- Many HDD, SSD and USB additions to drive database.
- Platform-specific man pages.
- smartd.8 man page no longer includes smartd.conf.5.
- Linux: Support for Areca controllers enhanced.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 21 2011 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 1:5.42-1
- smartmontools updated to 5.42
--------------------------------------------------------------------------------
================================================================================
soprano-2.7.2-1.fc16 (FEDORA-2011-14705)
Qt wrapper API to different RDF storage solutions
--------------------------------------------------------------------------------
Update Information:
New upstream bugfix release, build includes measures to reduce/limit debug log output
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 21 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.7.2-1
- soprano-2.7.2 (#747906)
- disable DEBUG for pre-rawhide builds (#746499)
* Sun Sep 25 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.7.1-1
- soprano-2.7.1 is available (#741005)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #747906 - soprano-2.7.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=747906
[ 2 ] Bug #746499 - soprano-virtuoso.log becoming *huge* > 10GB
https://bugzilla.redhat.com/show_bug.cgi?id=746499
--------------------------------------------------------------------------------
================================================================================
spin-kickstarts-0.16.3-1.fc16 (FEDORA-2011-14701)
Kickstart files and templates for creating your own Fedora Spins
--------------------------------------------------------------------------------
Update Information:
The security spin had a late change that I'd let to get on to the f16 final media.
Mostly this is to catch up the spin-kickstarts package with the spin-kickstarts repo before final freeze. But a couple of fixes for bugs have been committed to the repo that should be closed now.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 20 2011 Bruno Wolff III <bruno@xxxxxxxx> 0.16.3-1
- Try to get updated security spin ks into f16 final
* Sat Oct 15 2011 Bruno Wolff III <bruno@xxxxxxxx> 0.16.2-1
- Get an up to date version now that we are near f16 final freeze
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #739334 - Adjust service disabling for systemd, and remove some dead wood
https://bugzilla.redhat.com/show_bug.cgi?id=739334
[ 2 ] Bug #743386 - Ensure grub2 and grub-efi are both on the install media without making them 'default' in comps
https://bugzilla.redhat.com/show_bug.cgi?id=743386
--------------------------------------------------------------------------------
================================================================================
sssd-1.6.2-3.fc16 (FEDORA-2011-14614)
System Security Services Daemon
--------------------------------------------------------------------------------
Update Information:
2011-10-21: Added selinux-policy and updated SSSD with explicit Requires
FreeIPA:
== What happened to 2.1.2!? ==
Right after tagging 2.1.2 we found an upgrade issue that would have
affected any users using the selfsign CA (installed with --selfsign). We
decided to hold back the release, fix a few more bugs, and just push out
2.1.3 instead about a week later. So here we are.
== Highlights in 2.1.3 ==
* Enforce that system hostname matches hostname of IPA server.
* Require that /etc/hosts is sane even when configuring DNS.
* Increase default server-side LDAP search limits.
* Client enrollment improvements including longer wait for sssd to
start, recovery if discovered IPA server is not responsive and when
anonymous bind is disabled in 389-ds.
== Highlights in 2.1.2 ==
* Upgrade older dogtag installs to use new PKI proxy configuration
* hbactest improvements
* Added platform-independent code to make ipa-client-install more portable
* Make client uninstaller more robust, should restore state more completely.
* UI usability improvements
* Tool for Enabling/Disabling Managed Entry Plugins
* Managed Entries configuration is now replicated
* IPv6 client enrollment improvements
* Man page improvements
* Performance improvements when calculating indirect membership
* Improved handling of disabled anonymous binds in 389-ds
* user is now prompted to enter current password when changing to a new
password
* ipa server now support multiple namingContexts. ipa-client-install and
password migration were fixed
== Upgrading ==
=== Server ===
To upgrade a 2.0.0, 2.0.1 or 2.1.0 server do the following:
# yum update freeipa-server --enablerepo=updates-testing
This will pull in updated freeIPA, 389-ds, dogtag, libcurl and xmlrpc-c
packages (and perhaps some others). A script will be executed in the rpm
postinstall phase to update the IPA LDAP server with any required changes.
There is a bug reported against 389-ds,
https://bugzilla.redhat.com/show_bug.cgi?id=730387, related to
read-write locks. The NSPR RW lock implementation does not safely allow
re-entrant use of reader
locks. This is a timing issue so it is difficult to predict. During
testing one user experienced this and the upgrade hung. To break the
hang kill the ns-slapd process for your realm, wait for the yum
transaction to complete, then restart 389-ds and manually run the update
process:
# service dirsrv start
# ipa-ldap-updater --update
=== Client ===
The ipa-client-install tool in the ipa-client package is just a
configuration tool. There should be no need to re-run this on every
client already enrolled.
SSSD:
== Highlights ==
* Improved handling of users and groups with multi-valued name
attributes (aliases)
* Performance enhancements
* Initgroups on RFC2307bis/FreeIPA
* HBAC rule processing
* Improved process-hang detection and restarting
* Enabled the midpoint cache refresh by default (fewer cache misses on
commonly-used entries)
* Cleaned up the example configuration
389-ds-base:
* fix config del/add mods
* memberof is transaction aware resource
* limits for simple paged results
* Native systemd support
* Fix for managed entry
* Fixed source tarball
* fix transaction support in ldbm_delete
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 21 2011 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 1.6.2-3
- Add explicit requirement on selinux-policy version to address new SBUS
symlinks.
* Wed Oct 19 2011 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 1.6.2-2
- Remove %files reference to sss_debuglevel copied from wrong upstreeam
spec file.
* Tue Oct 18 2011 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 1.6.2-1
- Improved handling of users and groups with multi-valued name attributes
(aliases)
- Performance enhancements
Initgroups on RFC2307bis/FreeIPA
HBAC rule processing
- Improved process-hang detection and restarting
- Enabled the midpoint cache refresh by default (fewer cache misses on
commonly-used entries)
- Cleaned up the example configuration
- New tool to change debug level on the fly
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #699785 - Providing Native systemd service file for IPA
https://bugzilla.redhat.com/show_bug.cgi?id=699785
[ 2 ] Bug #741744 - MOD operations with chained delete/add get back error 53 on backend config
https://bugzilla.redhat.com/show_bug.cgi?id=741744
[ 3 ] Bug #743966 - Compiler warnings in account usability plugin
https://bugzilla.redhat.com/show_bug.cgi?id=743966
[ 4 ] Bug #740942 - allow resource limits to be set for paged searches independently of limits for other searches/operations
https://bugzilla.redhat.com/show_bug.cgi?id=740942
[ 5 ] Bug #742324 - allow nsslapd-idlistscanlimit to be set dynamically and per-user
https://bugzilla.redhat.com/show_bug.cgi?id=742324
[ 6 ] Bug #695736 - Providing native systemd file
https://bugzilla.redhat.com/show_bug.cgi?id=695736
[ 7 ] Bug #735114 - renaming a managed entry does not update mepmanagedby
https://bugzilla.redhat.com/show_bug.cgi?id=735114
--------------------------------------------------------------------------------
================================================================================
telepathy-salut-0.6.0-1.fc16 (FEDORA-2011-14710)
Link-local XMPP telepathy connection manager
--------------------------------------------------------------------------------
Update Information:
Latest stable release.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Oct 18 2011 Brian Pepple <bpepple@xxxxxxxxxxxxxxxxx> - 0.6.0-1
- Update to 0.6.0.
--------------------------------------------------------------------------------
================================================================================
zeitgeist-0.8.2-1.fc16 (FEDORA-2011-14696)
Framework providing Desktop activity awareness
--------------------------------------------------------------------------------
Update Information:
Update to 0.8.2 release.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Oct 18 2011 Deji Akingunola <dakingun@xxxxxxxxx> - 0.8.2-1
- Update to 0.8.2
- Restart the zeitgeist daemon on update (BZ #627982)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #746617 - Update to zeitgeist .0.82
https://bugzilla.redhat.com/show_bug.cgi?id=746617
--------------------------------------------------------------------------------
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
