The following Fedora 15 Security updates need testing:
https://admin.fedoraproject.org/updates/FEDORA-2011-15560/nss-3.12.10-7.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-15006/kdeutils-4.6.5-3.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-16859/perl-PAR-1.002-4.fc15,perl-PAR-Packer-1.008-4.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-16712/zabbix-1.8.9-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-14756/arora-0.11.0-3.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-16282/ejabberd-2.1.9-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-16234/dovecot-2.0.16-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-16786/phpMyAdmin-3.4.8-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-16284/krb5-1.9.2-4.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-16893/freeipa-2.1.4-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-16903/moodle-1.9.15-1.fc15
The following Fedora 15 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/FEDORA-2011-16923/mesa-7.11.2-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-16858/phonon-4.5.1-2.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-16872/xdg-utils-1.1.0-0.10.20111207.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-16890/procmail-3.22-27.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-16593/perl-Glib-1.241-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-16540/python-slip-0.2.20-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-16286/pcre-8.12-5.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-16284/krb5-1.9.2-4.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-14053/glibc-2.14.1-1
https://admin.fedoraproject.org/updates/FEDORA-2011-13190/phonon-backend-gstreamer-4.5.90-2.fc15,phonon-4.5.57-1.20110914.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-11955/evolution-mapi-3.0.3-2.fc15,evolution-exchange-3.0.3-1.fc15,evolution-3.0.3-1.fc15,evolution-data-server-3.0.3-1.fc15,gtkhtml3-4.0.2-1.fc15
The following builds have been pushed to Fedora 15 updates-testing
PyOpenGL-3.0.1-3.fc15
ast-6.0.1-1.fc15
augeas-0.10.0-2.fc15
certmonger-0.51-1.fc15
cntlm-0.92-1.fc15
fped-0-0.6.r6006.fc15
freeipa-2.1.4-1.fc15
gallery2-2.3.1-4.fc15
gambas3-2.99.6-2.fc15
ganyremote-5.13-1.fc15
glances-1.1.3-1.fc15
gnome-commander-1.2.8.15-1.fc15
gplcver-2.12a-3.fc15
ibus-indic-table-1.3.1-17.fc15
idjc-0.8.6-4.fc15
kanyremote-5.13-1.fc15
konversation-1.4-1.fc15
krb5-1.9.2-4.fc15
mesa-7.11.2-1.fc15
minetest-0.3.1-6.fc15
moodle-1.9.15-1.fc15
mtr-0.82-1.fc15
nogravity-2.00-14.fc15
openfst-1.2.9-1.fc15
openscada-0.7.2-1.fc15
perl-PAR-1.002-4.fc15
perl-PAR-Packer-1.008-4.fc15
perl-ZeroMQ-0.19-1.fc15
phonon-4.5.1-2.fc15
picard-0.16-1.fc15
plowshare-0.9.4-0.22.20111206git.fc15
procmail-3.22-27.fc15
python-rhsm-0.98.3-1.fc15
qbzr-0.20.3-1.fc15
ricci-0.18.7-2.fc15
rpmlint-1.4-1.fc15
scap-workbench-0.5.3-1.fc15
slapi-nis-0.27-1.fc15
suricata-1.1.1-1.fc15
vnstat-1.11-3.fc15
xdg-utils-1.1.0-0.10.20111207.fc15
xl2tpd-1.3.1-1.fc15
yad-0.16.3-1.fc15
Details about builds:
================================================================================
PyOpenGL-3.0.1-3.fc15 (FEDORA-2011-16869)
Python bindings for OpenGL
--------------------------------------------------------------------------------
Update Information:
No user impact. Remove binary blob from the source package.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 6 2011 Nikolay Vladimirov <nikolay@xxxxxxxxxxxxxxx> - 3.0.1-3
- Upload new archive with removed binary blobs - RHB #760366
* Sat Apr 16 2011 Nikolay Vladimirov <nikolay@xxxxxxxxxxxxxxx> - 3.0.1-2
- Fix date in previous changelog entry
- specfile fixes
* Fri Apr 15 2011 Nikolay Vladimirov <nikolay@xxxxxxxxxxxxxxx> - 3.0.1-1
- New upstream release
- Fix BZ # 635496 - PyOpenGL crashes on every program
- Update the shebang patch to work on the latest version
- Upstream restored license.txt to their distribution
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #760366 - Packaging issues
https://bugzilla.redhat.com/show_bug.cgi?id=760366
--------------------------------------------------------------------------------
================================================================================
ast-6.0.1-1.fc15 (FEDORA-2011-16912)
A Library for Handling World Coordinate Systems in Astronomy
--------------------------------------------------------------------------------
Update Information:
The AST library provides a comprehensive range of facilities for attaching
world coordinate systems to astronomical data, for retrieving and interpreting
that information and for generating graphical output based on it. It's main
selling points are:
* Ease of use.
* Facilities for generating plots of generalized non-linear, potentially
discontinuous 2-D or 3-D coordinate systems, with detailed control of the
appearance of the plot.
* Facilities for converting transparently between different coordinate
systems, including a wide range of celestial, spectral and time coordinate
systems.
* Facilities for searching a general collection of connected coordinate
systems for a coordinate system with any given set of characteristics.
* Allows code for handling WCS information to be written in a general way
without regard to the specific nature of the coordinate systems being
handled (i.e. whether they represent sky positions, spectral positions,
focal plane positions, pixel positions, etc).
* Flexible system for saving and retrieving WCS information, including (but
not limited to) a range of different popular FITS descriptions.
* Written in C but has interfaces for C, Fortran, Java (via JNI), Perl, and
UNIX shell.
* Extensive documentation.
--------------------------------------------------------------------------------
================================================================================
augeas-0.10.0-2.fc15 (FEDORA-2011-16881)
A library for changing configuration files
--------------------------------------------------------------------------------
Update Information:
See http://augeas.net/news.html for details
See http://augeas.net/news.html for details
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 3 2011 Richard W.M. Jones <rjones@xxxxxxxxxx> - 0.10.0-2
- Add patch to resolve missing libxml2 requirement in augeas.pc.
* Fri Dec 2 2011 David Lutterkort <lutter@xxxxxxxxxx> - 0.10.0-1
- New version
--------------------------------------------------------------------------------
================================================================================
certmonger-0.51-1.fc15 (FEDORA-2011-16904)
Certificate status monitor and PKI enrollment client
--------------------------------------------------------------------------------
Update Information:
This update incorporates a fix to continue being compatible with newer versions of IPA and collects assorted other fixes.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 6 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> 0.51-1
- api: lift restrictions on characters used in request and CA nicknames by
making their object names not incorporate their nicknames
- api: add find_request_by_nickname and find_ca_by_nickname
- certmonger-ipa-submit.8: list -k, -K, -t in the summary, document -K
- getcert: print "invalid option" error messages ourselves (#756291)
- ipa-submit: supply a Referer: header when submitting requests to IPA
(#750617, needed for #747710)
* Fri Oct 14 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> 0.50-1
- really fix these this time:
- getcert: error out when "list -c" finds no matching CA (#743488)
- getcert: error out when "list -i" finds no matching request (#743485)
* Wed Oct 12 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> 0.49-1
- when using an NSS database, skip loading the module database (#743042)
- when using an NSS database, skip loading root certs
- generate SPKAC values when generating CSRs, though we don't do anything
with SPKAC values yet
- internally maintain and use challenge passwords, if we have them
- behave better when certificates have shorter lifetimes
- add/recognize/handle notification type "none"
- getcert: error out when "list -c" finds no matching CA (#743488)
- getcert: error out when "list -i" finds no matching request (#743485)
* Thu Sep 29 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> 0.48-1
- don't incorrectly assume that CERT_ImportCerts() returns a NULL-terminated
array (#742348)
* Tue Sep 27 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> 0.47-1
- getcert: distinguish between {stat() succeeds but isn't a directory} and
{stat() failed} when printing an error message (#739903)
- getcert resubmit/start-tracking: when we're looking for an existing request
by ID, and we don't find one, note that specifically (#741262)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #756291 - RFE - Add single quote around switches when help text for switch usage is displayed
https://bugzilla.redhat.com/show_bug.cgi?id=756291
[ 2 ] Bug #750617 - certmonger: Requires client-side changes for server-side fixes (due to CVE-2011-3636) [rhel-6.2]
https://bugzilla.redhat.com/show_bug.cgi?id=750617
--------------------------------------------------------------------------------
================================================================================
cntlm-0.92-1.fc15 (FEDORA-2011-16866)
Fast NTLM authentication proxy with tunneling
--------------------------------------------------------------------------------
Update Information:
Several bugfixes and many changes and features since the last stable version.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 5 2011 Matt Domsch <mdomsch@xxxxxxxxxxxxxxxxx> - 0.92-1
- update to new bugfix release (BZ760164)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #760164 - Update cntlm from 0.35.1 to latest stable version 0.92
https://bugzilla.redhat.com/show_bug.cgi?id=760164
--------------------------------------------------------------------------------
================================================================================
fped-0-0.6.r6006.fc15 (FEDORA-2011-16925)
A footprint editor used by openmoko developers
--------------------------------------------------------------------------------
Update Information:
New upstream snapshot
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 6 2011 Chitlesh Goorah <chitlesh [AT] fedoraproject DOT org> 0-0.6.r6006
- new upstream snapshot
* Tue Dec 6 2011 Adam Jackson <ajax@xxxxxxxxxx> - 0-0.5.r5760
- Rebuild for new libpng
* Tue Jun 28 2011 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 0-0.4.r5760
- Add BR: flex-static (Fix FTBFS BZ#715897).
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0-0.3.r5760
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
freeipa-2.1.4-1.fc15 (FEDORA-2011-16893)
The Identity, Policy and Audit system
--------------------------------------------------------------------------------
Update Information:
A Cross-Site Request Forgery (CSRF) flaw was found in FreeIPA due to a lack of checking the Referer Header in the server (it is not set in the CLI utilities). If a remote attacker could trick a user, who was logged into the FreeIPA management interface, into visiting a specially-crafted URL, the attacker could perform FreeIPA oonfiguration changes with the privileges of the logged in
user.
CVE-2011-3636
Fixes SELinux issue in ipa_kpasswd preventing users from changing passwords.
Introduced upgrade script to recover existing configuration after systemd migration
as user has no means to recover FreeIPA from systemd migration
- Upgrade script:
- recovers symlinks in Dogtag instance install
- recovers systemd configuration for FreeIPA's directory server instances
- recovers freeipa.service
- migrates directory server and KDC configs to use proper keytabs for systemd services
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 6 2011 Rob Crittenden <rcritten@xxxxxxxxxx> - 2.1.4-1
- Update to upstream 2.1.4 (CVE-2011-3636)
* Fri Oct 21 2011 Rob Crittenden <rcritten@xxxxxxxxxx> - 2.1.3-3
- Set minimum nvr of selinux-policy to 3.9.16-38
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #759679 - ipa_kpasswd does not work with selinux in enforcing mode
https://bugzilla.redhat.com/show_bug.cgi?id=759679
--------------------------------------------------------------------------------
================================================================================
gallery2-2.3.1-4.fc15 (FEDORA-2011-16886)
Customizable photo gallery web site
--------------------------------------------------------------------------------
Update Information:
Adapt to new jpegtran output format.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 7 2011 Jon Ciesla <limburgher@xxxxxxxxx> - 2.3.1-4
- Patch for jpegtran output, BZ 712558.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #712558 - Gallery2 fails to save path to jpegtran in module.
https://bugzilla.redhat.com/show_bug.cgi?id=712558
--------------------------------------------------------------------------------
================================================================================
gambas3-2.99.6-2.fc15 (FEDORA-2011-16896)
IDE based on a basic interpreter with object extensions
--------------------------------------------------------------------------------
Update Information:
Update to 2.99.6 (3.0 rc6).
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 6 2011 Adam Jackson <ajax@xxxxxxxxxx> - 2.99.6-2
- Rebuild for new libpng
* Fri Nov 4 2011 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 2.99.6-1
- update to 2.99.6
* Fri Oct 28 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 2.99.5-2
- rebuild(poppler)
--------------------------------------------------------------------------------
================================================================================
ganyremote-5.13-1.fc15 (FEDORA-2011-16894)
GTK frontend for anyRemote
--------------------------------------------------------------------------------
Update Information:
fix 758414
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 4 2011 Mikhail Fedotov <anyremote at mail.ru> - 5.12.1
- Fix redhat bug 758414, fix to work properly with pygtk 2.10
add --tray commandline option
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #758414 - [abrt] ganyremote-5.12-1.fc16: browseDevices() takes exactly 1 argument (0 given)
https://bugzilla.redhat.com/show_bug.cgi?id=758414
--------------------------------------------------------------------------------
================================================================================
glances-1.1.3-1.fc15 (FEDORA-2011-16939)
CLI curses based monitoring tool
--------------------------------------------------------------------------------
Update Information:
Glances is a CLI curses based monitoring tool
--------------------------------------------------------------------------------
================================================================================
gnome-commander-1.2.8.15-1.fc15 (FEDORA-2011-16846)
A nice and fast file manager for the GNOME desktop
--------------------------------------------------------------------------------
Update Information:
New version 1.2.8.15 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 7 2011 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxx> - 3:1.2.8.15-1
- Update to 1.2.8.15
--------------------------------------------------------------------------------
================================================================================
gplcver-2.12a-3.fc15 (FEDORA-2011-16949)
An interpreted Verilog HDL simulator
--------------------------------------------------------------------------------
Update Information:
Rebuild for fix.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 6 2011 Shakthi Kannan <shakthimaan [AT] fedoraproject DOT org> 2.12a-3
- Rebuild for bz#722264
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #722264 - gplcver segmentation fault at startup
https://bugzilla.redhat.com/show_bug.cgi?id=722264
--------------------------------------------------------------------------------
================================================================================
ibus-indic-table-1.3.1-17.fc15 (FEDORA-2011-16879)
The Table engine for IBus platform
--------------------------------------------------------------------------------
Update Information:
Fixed bugs such as help,space and inscript key issues
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 5 2011 Anish Patil <apatil@xxxxxxxxxx> - 1.3.1-17
- Fixed th bug-750727.patch
* Mon Nov 21 2011 Anish Patil <apatil@xxxxxxxxxx> - 1.3.1-16
- Fixed th bug-750730.patch
* Thu Nov 10 2011 Anish Patil <apatil@xxxxxxxxxx> - 1.3.1-15
- Fixed the #bug-750735.patch
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #750727 - inscript keys not allowed when there is no word in suggestion box
https://bugzilla.redhat.com/show_bug.cgi?id=750727
[ 2 ] Bug #750730 - need help button support for each ime
https://bugzilla.redhat.com/show_bug.cgi?id=750730
[ 3 ] Bug #750735 - need to press space key twice
https://bugzilla.redhat.com/show_bug.cgi?id=750735
--------------------------------------------------------------------------------
================================================================================
idjc-0.8.6-4.fc15 (FEDORA-2011-16936)
DJ application for streaming audio
--------------------------------------------------------------------------------
Update Information:
DJ application with streaming capabilities
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #754698 - Review Request: idjc - DJ application with streaming capabilities
https://bugzilla.redhat.com/show_bug.cgi?id=754698
--------------------------------------------------------------------------------
================================================================================
kanyremote-5.13-1.fc15 (FEDORA-2011-16929)
KDE frontend for anyRemote
--------------------------------------------------------------------------------
Update Information:
add --tray option
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 4 2011 Mikhail Fedotov <anyremote at mail.ru> - 5.13
- Add --tray commandline option
--------------------------------------------------------------------------------
================================================================================
konversation-1.4-1.fc15 (FEDORA-2011-16926)
A user friendly IRC client
--------------------------------------------------------------------------------
Update Information:
The dominant theme in Konversation v1.4 is improvements and feature additions to the user interface, particularly to text views, dialogs, (context) menus and input line commands. However, nearly all areas of the application have seen some amount of improvements in this release, as is to be expected given the relatively long release cycle: Connection behavior, IRC protocol handling, scripting support, encryption support, user documentation - new features, polish and certainly also bug fixes are to be found in all of them.
See also, http://konversation.kde.org/
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 4 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.4-1
- 1.4 (final)
* Tue Nov 1 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.4-0.1.beta1
- 1.4-beta1
- pkgconfig-style deps
* Wed Oct 26 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3.1-6
- Rebuilt for glibc bug#747377
--------------------------------------------------------------------------------
================================================================================
krb5-1.9.2-4.fc15 (FEDORA-2011-16284)
The Kerberos network authentication system
--------------------------------------------------------------------------------
Update Information:
This update rebases Fedora 15 and 16 from version 1.9.1 to version 1.9.2, incorporating a recent security update and some of the fixes we were previously backporting, among others. It also incorporates fixes for null pointer dereferences which the KDC could make while processing TGS requests (CVE-2011-1530).
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 6 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> 1.9.2-4
- apply upstream patch to fix a null pointer dereference when processing
TGS requests (CVE-2011-1530, #753748)
* Wed Nov 30 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> 1.9.2-3
- correct a bug in the fix for #754001 so that the file creation context is
consistently reset
* Tue Nov 22 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> 1.9.2-2
- pull patch from trunk so that when computing an HMAC, we don't assume that
the HMAC output size is the same as the input key length (RT#6994, #756139)
* Tue Nov 15 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> 1.9.2-1
- update to 1.9.2, incorporating the recent security update and some of the
things we were previously backporting, among other fixes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #754001 - ssh_selinux_change_context: setcon failed with Invalid argument (openssh, krb5)
https://bugzilla.redhat.com/show_bug.cgi?id=754001
[ 2 ] Bug #756139 - krb5_pac_verify() fail with AES keys
https://bugzilla.redhat.com/show_bug.cgi?id=756139
--------------------------------------------------------------------------------
================================================================================
mesa-7.11.2-1.fc15 (FEDORA-2011-16923)
Mesa graphics libraries
--------------------------------------------------------------------------------
Update Information:
Upstream 7.11.2 stable release.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 28 2011 Adam Jackson <ajax@xxxxxxxxxx> 7.11.2-1
- Mesa 7.11.2
- Pull in archful -dri-drivers for libGL to pacify wine (#757464)
* Wed Nov 9 2011 Adam Jackson <ajax@xxxxxxxxxx> 7.11-11
- Obsolete more -llvmcore (#752152)
* Thu Nov 3 2011 Dave Airlie <airlied@xxxxxxxxxx> 7.11-10
- snapshot latest mesa 7.11 stable branch (what will be 7.11.1)
* Thu Nov 3 2011 Adam Jackson <ajax@xxxxxxxxxx> 7.11-9
- mesa-7.11-fix-sw-24bpp.patch: Fix software rendering in 24bpp.
* Fri Oct 28 2011 Adam Jackson <ajax@xxxxxxxxxx> 7.11-8
- mesa-7.11-intel-swap-event.patch: Disable GLX_INTEL_swap_event by default;
DRI2 enables it explicitly, but swrast doesn't and oughtn't. (#748747)
* Mon Oct 24 2011 Adam Jackson <ajax@xxxxxxxxxx> 7.11-6
- 0001-nv50-fix-max-texture-levels.patch: Fix maximum texture size on
nouveau (and thus, gnome-shell init on wide display setups) (#748540)
* Mon Oct 24 2011 Adam Jackson <ajax@xxxxxxxxxx> 7.11-5
- mesa-7.11-drisw-glx13.patch: Fix GLX 1.3 ctors with swrast (#747276)
* Fri Sep 9 2011 Adam Jackson <ajax@xxxxxxxxxx> 7.11-4
- mesa-7.11-generic-wmb.patch: Add generic write memory barrier macro for
non-PC arches.
* Thu Sep 8 2011 Adam Jackson <ajax@xxxxxxxxxx> 7.11-3
- Add khrplatform-devel subpackage so {EGL,GLES}-devel are usable
* Wed Aug 3 2011 Michel Salim <salimma@xxxxxxxxxxxxxxxxx> - 7.11-2
- Rebuild against final LLVM 2.9 release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #688667 - [abrt] xscreensaver-gl-extras-1:5.12-12.fc15.1: __memcpy_ssse3_back: Process /usr/libexec/xscreensaver/boxed was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=688667
[ 2 ] Bug #698896 - [abrt] compiz-0.9.4-2.fc15: _mesa_base_fbo_format: Process /usr/bin/compiz was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=698896
[ 3 ] Bug #709196 - [abrt] xscreensaver-gl-extras-5.13-3.fc15: Process /usr/libexec/xscreensaver/hypertorus was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=709196
[ 4 ] Bug #709621 - [abrt] rss-glx-0.9.1.p-7.fc15: Process /usr/bin/rss-glx-lorenz was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=709621
[ 5 ] Bug #714280 - libllvmcore-2.8.so.debug has no usable debug info
https://bugzilla.redhat.com/show_bug.cgi?id=714280
[ 6 ] Bug #728704 - [abrt] xscreensaver-gl-extras-5.14-1.fc15: Process /usr/libexec/xscreensaver/superquadrics was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=728704
[ 7 ] Bug #732210 - [abrt] compiz-0.9.5.0-1.fc15: _int_free: Process /usr/bin/compiz was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=732210
[ 8 ] Bug #739901 - [abrt] xscreensaver-gl-extras-5.13-1.fc15: Process /usr/libexec/xscreensaver/rubikblocks was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=739901
--------------------------------------------------------------------------------
================================================================================
minetest-0.3.1-6.fc15 (FEDORA-2011-16836)
Multiplayer infinite-world block sandbox with survival mode
--------------------------------------------------------------------------------
Update Information:
Game of mining, crafting and building in the infinite world of cubic blocks with optional hostile creatures, features both single and the network multiplayer mode. There are no in-game sounds yet
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #753513 - Review Request: minetest - Multiplayer infinite-world block sandbox with survival mode
https://bugzilla.redhat.com/show_bug.cgi?id=753513
--------------------------------------------------------------------------------
================================================================================
moodle-1.9.15-1.fc15 (FEDORA-2011-16903)
A Course Management System
--------------------------------------------------------------------------------
Update Information:
CVE-2011-4581 CVE-2011-4582 CVE-2011-4583 CVE-2011-4584 CVE-2011-4585 CVE-2011-4586 CVE-2011-4587 CVE-2011-4588 CVE-2011-4589 CVE-2011-4590 CVE-2011-4591 CVE-2011-4592 CVE-2011-4593
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 9 2011 Jon Ciesla <limburgher@xxxxxxxxx> - 1.9.15-1
- New upstream, security fixes, 761249.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #761249 - moodle: multiple security fixes in 2.1.3, 2.0.6, and 1.9.15 [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=761249
[ 2 ] Bug #761250 - moodle: multiple security fixes in 2.1.3, 2.0.6, and 1.9.15 [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=761250
--------------------------------------------------------------------------------
================================================================================
mtr-0.82-1.fc15 (FEDORA-2011-16937)
A network diagnostic tool
--------------------------------------------------------------------------------
Update Information:
Update to the 0.82 release which contains following enhancement:
* enable decoding of ICMP extensions for MPLS for curses and report interfaces. Use the -e flag or press 'e' to enable it.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 7 2011 Adam Tkac <atkac redhat com> - 2:0.82-1
- update to 0.82
--------------------------------------------------------------------------------
================================================================================
nogravity-2.00-14.fc15 (FEDORA-2011-16834)
Space shooter in 3D
--------------------------------------------------------------------------------
Update Information:
Fix a race condition which would sometimes cause the game to crash.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 6 2011 Hans de Goede <hdegoede@xxxxxxxxxx> - 2.00-14
- Take a stab at fixing the crash reported in rhbz#699274
(race condition, cannot reproduce)
- Fix building with libpng-1.5
* Tue Dec 6 2011 Adam Jackson <ajax@xxxxxxxxxx> - 2.00-13
- Rebuild for new libpng
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #699274 - [abrt] nogravity-2.00-11.fc13: render_line: Process /usr/bin/nogravity-opengl was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=699274
--------------------------------------------------------------------------------
================================================================================
openfst-1.2.9-1.fc15 (FEDORA-2011-16910)
Weighted finite-state transducer library
--------------------------------------------------------------------------------
Update Information:
This release fixes the following bugs:
- Added FST_LL_FORMAT to fix 64-bit integer printf issues
- Fixed missing <functional> includes
- Fixed reused local variable names
- Fixed passing string by reference in FstDraw args
In addition, this release contains the following changes:
- Added StateMap/StateMapFst; renamed Map/MapFst to ArcMap/ArcMapFst; map/MapFst retained (but deprecated)
- Deleted ArcSum() and ArcMerge; use StateMap w/ ArcSumMapper and ArcUniqueMapper
- Incremented version of ConstFst/CompactFsts to stop memory alignment that fails on pipes. Made old version raises errors when read on pipes.
- Improved determinize hash
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 6 2011 Jerry James <loganjerry@xxxxxxxxx> - 1.2.9-1
- New upstream version
- Drop upstreamed format patch
--------------------------------------------------------------------------------
================================================================================
openscada-0.7.2-1.fc15 (FEDORA-2011-16934)
Open SCADA system project
--------------------------------------------------------------------------------
Update Information:
Ver 0.7.2
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 7 2011 Aleksey Popkov <aleksey@xxxxxxxxxx> - 0.7.2-1
- Build reliase 0.7.2.
- Removed to patch for init script.
--------------------------------------------------------------------------------
================================================================================
perl-PAR-1.002-4.fc15 (FEDORA-2011-16859)
Perl Archive Toolkit
--------------------------------------------------------------------------------
Update Information:
This update fixes CVE-2011-4114 (insecure temporary directory handling). See bug #753955 for tests.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 1 2011 Petr Pisar <ppisar@xxxxxxxxxx> - 1.002-4
- Fix CVE-2011-4114 (insecure temporary directory handling) (bug #760132)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #753955 - CVE-2011-4114 perl-PAR-Packer: insecure temporary directory handling
https://bugzilla.redhat.com/show_bug.cgi?id=753955
--------------------------------------------------------------------------------
================================================================================
perl-PAR-Packer-1.008-4.fc15 (FEDORA-2011-16859)
PAR Packager
--------------------------------------------------------------------------------
Update Information:
This update fixes CVE-2011-4114 (insecure temporary directory handling). See bug #753955 for tests.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 6 2011 Petr Pisar <ppisar@xxxxxxxxxx> - 1.008-4
- Fix CVE-2011-4114 (insecure temporary directory handling) (bug #753957)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #753955 - CVE-2011-4114 perl-PAR-Packer: insecure temporary directory handling
https://bugzilla.redhat.com/show_bug.cgi?id=753955
--------------------------------------------------------------------------------
================================================================================
perl-ZeroMQ-0.19-1.fc15 (FEDORA-2011-16871)
ZeroMQ2 wrapper for Perl
--------------------------------------------------------------------------------
Update Information:
Update to 0.19
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 8 2011 Jose Pedro Oliveira <jpo at di.uminho.pt> - 0.19-1
- Update to 0.19.
- New BR: perl(Test::Fatal) - replaces perl(Test::Exception).
--------------------------------------------------------------------------------
================================================================================
phonon-4.5.1-2.fc15 (FEDORA-2011-16858)
Multimedia framework api
--------------------------------------------------------------------------------
Update Information:
Fixes loading of phonon backend when not in KDE and QT_PLUGIN_PATH is undefined
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 7 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.5.1-2
- fix plugindir usage (#760039)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #760039 - phonon_backend gstreamer could not be loaded
https://bugzilla.redhat.com/show_bug.cgi?id=760039
--------------------------------------------------------------------------------
================================================================================
picard-0.16-1.fc15 (FEDORA-2011-16948)
MusicBrainz-based audio tagger
--------------------------------------------------------------------------------
Update Information:
This updates to latest upstream, 0.16, which fixes some bugs, as well as introducing support for a new open-source tagger, AcoustID (currently chromaprint is not yet packaged).
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 14 2011 <alex@xxxxxxxxxxxxxxxxxxxxxx> - 0.16-1
- Update to 0.16
- Update plugins, add titlesort, titleversion plugins.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #752860 - New version of Picard
https://bugzilla.redhat.com/show_bug.cgi?id=752860
--------------------------------------------------------------------------------
================================================================================
plowshare-0.9.4-0.22.20111206git.fc15 (FEDORA-2011-16951)
Download and upload files from file-sharing websites
--------------------------------------------------------------------------------
Update Information:
Update to new upstream snapshot.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 6 2011 Elder Marco <eldermarco@xxxxxxxxxxxxxxxxx> - 0.9.4-0.22.20111206git
- New upstream snapshot
--------------------------------------------------------------------------------
================================================================================
procmail-3.22-27.fc15 (FEDORA-2011-16890)
Mail processing program
--------------------------------------------------------------------------------
Update Information:
Fix FTBFS that should have happened as part of mass rebuild
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 25 2011 Jaroslav Škarvada <jskarvad@xxxxxxxxxx> - 3.22-27
- Defuzzification of ipv6 patch
* Wed Feb 9 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.22-26
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-rhsm-0.98.3-1.fc15 (FEDORA-2011-16924)
A Python library to communicate with a Red Hat Unified Entitlement Platform
--------------------------------------------------------------------------------
Update Information:
Substantial bug fix and enhancement update. New features include healing API calls, host/guest associations and management, and features related to integration with Katello.
Small new features and bug fixes:
- Submit a Content-Length when body of request is empty.
- Support installed products when registering.
- Add ability to update a consumer's installed products list.
- Support for new bind method
Small new features and bug fixes:
- Submit a Content-Length when body of request is empty.
- Support installed products when registering.
- Add ability to update a consumer's installed products list.
- Support for new bind method
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 17 2011 William Poteat <wpoteat@xxxxxxxxxx> 0.98.3-1
- 752854: Fixing error in iniparser around unpacking of a dictionary for
default values. (awood@xxxxxxxxxx)
- 708362: remove entitlement keys on delete as well (alikins@xxxxxxxxxx)
- 734114: registering with --org="foo bar" throws a NetworkException instead of
a RestlibException (awood@xxxxxxxxxx)
* Fri Oct 28 2011 William Poteat <wpoteat@xxxxxxxxxx> 0.98.2-1
- 749853: backport new python-rhsm API calls present in 6.2 for 5.8
(cduryee@xxxxxxxxxx)
- rev python-rhsm version to match sub-mgr (cduryee@xxxxxxxxxx)
- point master to rhel5 builder (cduryee@xxxxxxxxxx)
- fix python syntax for older versions (jbowes@xxxxxxxxxx)
- Fix yum repo location for EL6. (dgoodwin@xxxxxxxxxx)
* Mon Oct 17 2011 Devan Goodwin <dgoodwin@xxxxxxxx> 0.97.1-1
- 746241: UEPConnection.updateConsumer now passes empty list in POST request
(mstead@xxxxxxxxxx)
- 737935: overcome 255 char limit in uuid list (cduryee@xxxxxxxxxx)
* Tue Sep 13 2011 Devan Goodwin <dgoodwin@xxxxxxxx> 0.96.12-1
- Add makefile and targets for coverage and "stylish" checks
(alikins@xxxxxxxxxx)
- Add tests for config parsing (cduryee@xxxxxxxxxx)
- 736166: move certs from subscription-manager to python-rhsm
(cduryee@xxxxxxxxxx)
* Wed Sep 7 2011 James Bowes <jbowes@xxxxxxxxxx> 0.96.11-1
- add future date bind (jesusr@xxxxxxxxxx)
- 735226: allow Keys to validate themselves (bkearney@xxxxxxxxxx)
- Add getVirtOnly() (cduryee@xxxxxxxxxx)
* Wed Aug 24 2011 Devan Goodwin <dgoodwin@xxxxxxxx> 0.96.10-1
- Submit a Content-Length when body of request is empty. (dgoodwin@xxxxxxxxxx)
- Support installed products when registering. (dgoodwin@xxxxxxxxxx)
- Add ability to update a consumer's installed products list.
(dgoodwin@xxxxxxxxxx)
- Support for new bind method (cduryee@xxxxxxxxxx)
* Wed Aug 17 2011 James Bowes <jbowes@xxxxxxxxxx> 0.96.9-1
- self.sanitize, and add support for quote_plus. (cduryee@xxxxxxxxxx)
- Enhance the insecure mode to not do peer checks. (bkearney@xxxxxxxxxx)
- Wrap urllib.quote in a helper method to cast int to str as needed.
(cduryee@xxxxxxxxxx)
- 728266: Unsubscribe from subscription manager GUI is broken
(cduryee@xxxxxxxxxx)
- Remove quantity for bind by product. (dgoodwin@xxxxxxxxxx)
--------------------------------------------------------------------------------
================================================================================
qbzr-0.20.3-1.fc15 (FEDORA-2011-16864)
Bazaar plugin for Qt interface to most Bazaar operations
--------------------------------------------------------------------------------
Update Information:
Variety of upstream bug fixes:
https://launchpad.net/qbzr/0.20/0.20.3
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 7 2011 Toshio Kuratomi <toshio@xxxxxxxxxxxxxxxxx> - 0.20.3-1
- Upstream bugfix
--------------------------------------------------------------------------------
================================================================================
ricci-0.18.7-2.fc15 (FEDORA-2011-16841)
Remote Cluster and Storage Management System
--------------------------------------------------------------------------------
Update Information:
Here is where you give an explanation of your update.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 6 2011 Chris Feist <cfeist@xxxxxxxxxx> - 0.18.7-2
- Required modcluster package to prevent errors due to missing clutsermon package.
--------------------------------------------------------------------------------
================================================================================
rpmlint-1.4-1.fc15 (FEDORA-2011-16851)
Tool for checking common errors in RPM packages
--------------------------------------------------------------------------------
Update Information:
Update to 1.4.
Filter non-ghost-in-var-(lock|run) for F15+
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 5 2011 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 1.4-1
- update to 1.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #757141 - RFE: filter non-ghost-in-var-(lock|run)
https://bugzilla.redhat.com/show_bug.cgi?id=757141
--------------------------------------------------------------------------------
================================================================================
scap-workbench-0.5.3-1.fc15 (FEDORA-2011-16844)
Scanning, tailoring, editing and validation tool for SCAP content
--------------------------------------------------------------------------------
Update Information:
Critical bugfix, the previous RPM was missing several glade files because of a faulty Makefile from upstream. This results in exceptions when performing many actions.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 7 2011 Martin Preisler <mpreisle@xxxxxxxxxx> 0.5.3-1
- New upstream version 0.5.3
--------------------------------------------------------------------------------
================================================================================
slapi-nis-0.27-1.fc15 (FEDORA-2011-16867)
NIS Server and Schema Compatibility plugins for Directory Server
--------------------------------------------------------------------------------
Update Information:
This update switches the locking method used from NSPR's read-write locks to those provided by libpthread or by the directory server itself. It also makes slightly better use of tcp-wrappers when performing access control checks for NIS clients which connect to the NIS service over TCP, and corrects a copy-paste error in an error message.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 6 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> - 0.27-1
- when building for 389-ds, use Slapi_RWLocks if they appear to be available
(the rest of #730394/#730403)
* Fri Aug 12 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> - 0.26-1
- when building for 389-ds, use libpthread's read-write locks instead of
NSPR's (part of #730394/#730403)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #730394 - use slapi_rwlock instead of NSPR PR_RWLock directly
https://bugzilla.redhat.com/show_bug.cgi?id=730394
--------------------------------------------------------------------------------
================================================================================
suricata-1.1.1-1.fc15 (FEDORA-2011-16842)
Intrusion Detection System
--------------------------------------------------------------------------------
Update Information:
This update brings significant gains in performance, stability and accuracy. The configuration file has evolved but backward compatibility is provided. You are encouraged to update your Suricata configuration file. A migration guide is here:
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Upgrading_Suricata_10_to_Suricata_11
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 7 2011 Steve Grubb <sgrubb@xxxxxxxxxx> 1.1.1-1
- New upstream release
--------------------------------------------------------------------------------
================================================================================
vnstat-1.11-3.fc15 (FEDORA-2011-16902)
Console-based network traffic monitor
--------------------------------------------------------------------------------
Update Information:
uid fix
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 29 2011 Adrian Reber <adrian@xxxxxxxx> - 1.11-3
- create file in tmpfiles.d for pidfile (#750141)
* Tue Jun 28 2011 Adrian Reber <adrian@xxxxxxxx> - 1.11-2
- do not run vnstatd as the root user but as the vnstat user (#711995)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #559883 - vnstat runtime files mislabeled
https://bugzilla.redhat.com/show_bug.cgi?id=559883
--------------------------------------------------------------------------------
================================================================================
xdg-utils-1.1.0-0.10.20111207.fc15 (FEDORA-2011-16872)
Basic desktop integration functions
--------------------------------------------------------------------------------
Update Information:
Fixes gnome-screensaver detection namely, as well as a couple other mostly cosmetic bugs.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 7 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.1.0-0.10.20110714git
- fix gnome-screensaver detection bogosity (#702540,#736159)
- xdg-open: x-www-browser: command not found (#755553)
- drop htmlview hackage
* Thu Jul 14 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.1.0-0.9.20110714
- 20110714 snapshot
- xdg-mime : use 'file --mime-type' instead of 'file -i'
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #702540 - xdg-screensaver thinks I'm in gnome when in KDE
https://bugzilla.redhat.com/show_bug.cgi?id=702540
[ 2 ] Bug #736159 - xdg-screensaver thinks I'm in gnome when xscreensaver is running
https://bugzilla.redhat.com/show_bug.cgi?id=736159
[ 3 ] Bug #755553 - xdg-open: x-www-browser: command not found
https://bugzilla.redhat.com/show_bug.cgi?id=755553
--------------------------------------------------------------------------------
================================================================================
xl2tpd-1.3.1-1.fc15 (FEDORA-2011-16941)
Layer 2 Tunnelling Protocol Daemon (RFC 2661)
--------------------------------------------------------------------------------
Update Information:
Updated to 1.3.1 which has 'saref refinfo' support
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 6 2011 Paul Wouters <paul@xxxxxxxxxxxxx> - 1.3.1-1
- Upgraded to 1.3.1 that has 'saref refinfo' support
* Sat Jul 23 2011 Paul Wouters <paul@xxxxxxxxxxxxx> - 1.3.0-1
- Upgraded to 1.3.0 with better NetworkManager support
- Compiled without DEBUG per default to gain more performance
- Added xl2tpd-control
* Wed Feb 23 2011 Paul Wouters <paul@xxxxxxxxxxxxx> - 1.2.8-1
- Updated to 1.2.8
- Add ghosting for l2tp pipe (bz#656725)
--------------------------------------------------------------------------------
================================================================================
yad-0.16.3-1.fc15 (FEDORA-2011-16953)
Display graphical dialogs from shell scripts or command line
--------------------------------------------------------------------------------
Update Information:
Update to 0.16.3.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 6 2011 Elder Marco <eldermarco@xxxxxxxxxxxxxxxxx> - 0.16.3-1
- Update to new version
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #755914 - yad-0.16.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=755914
--------------------------------------------------------------------------------
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
