The following Fedora 15 Security updates need testing:
https://admin.fedoraproject.org/updates/FEDORA-2012-0623/openttd-1.1.5-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-0626/rubygem-actionpack-3.0.5-5.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-0702/openssl-1.0.0g-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-0709/xkeyboard-config-2.3-3.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-15560/nss-3.12.10-7.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-0440/wireshark-1.4.11-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-16284/krb5-1.9.2-4.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-0752/jetty-6.1.26-7.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-0813/smokeping-2.4.2-13.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-0826/BackupPC-3.2.1-7.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-0849/polipo-1.0.4.1-6.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-0420/php-5.3.9-1.fc15,maniadrive-1.2-32.fc15.1,php-eaccelerator-0.9.6.1-9.fc15.1
https://admin.fedoraproject.org/updates/FEDORA-2011-17565/qt-4.7.4-10.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-17233/tor-0.2.1.32-1500.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-0353/pdns-2.9.22.5-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-0266/t1lib-5.1.2-9.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-16980/asterisk-1.8.7.2-1.fc15
The following Fedora 15 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/FEDORA-2012-0844/dnsperf-1.0.1.0-26.fc15,bind-9.8.2-0.2.rc1.fc15,bind-dyndb-ldap-1.1.0-0.6.a1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-0762/redhat-rpm-config-9.1.0-16.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-0702/openssl-1.0.0g-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-0704/selinux-policy-3.9.16-51.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-0659/virtuoso-opensource-6.1.4-4.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-0634/systemd-26-14.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-0597/zlib-1.2.5-6.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-0475/python-kitchen-1.1.0-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-0433/mdadm-3.2.3-3.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-0327/orc-0.4.16-5.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-17565/qt-4.7.4-10.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-13190/phonon-backend-gstreamer-4.5.90-2.fc15,phonon-4.5.57-1.20110914.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-11955/evolution-mapi-3.0.3-2.fc15,evolution-exchange-3.0.3-1.fc15,evolution-3.0.3-1.fc15,evolution-data-server-3.0.3-1.fc15,gtkhtml3-4.0.2-1.fc15
The following builds have been pushed to Fedora 15 updates-testing
BackupPC-3.2.1-7.fc15
avrdude-5.11.1-1.fc15
bind-9.8.2-0.2.rc1.fc15
bind-dyndb-ldap-1.1.0-0.6.a1.fc15
dnsperf-1.0.1.0-26.fc15
imsettings-1.2.7.1-1.fc15
libmkv-0.6.5.1-1.fc15
mod_fcgid-2.3.6-5.fc15
packmol-1.1.2.023-1.fc15
polipo-1.0.4.1-6.fc15
rubygem-gem2rpm-0.8.0-1.fc15
rubygem-raindrops-0.8.0-3.fc15
rxvt-unicode-9.15-1.fc15
sugar-maze-15-1.fc15
tclx-8.4.0-18.fc15
Details about builds:
================================================================================
BackupPC-3.2.1-7.fc15 (FEDORA-2012-0826)
High-performance backup system
--------------------------------------------------------------------------------
Update Information:
- change %%{_sharedstatedir} to %%{_localstatedir}/lib as these expand
differently on EL (bz #767719)
- fix XSS vulnerability (bz #749846, bz #749847, bz #749848) CVE-2011-3361
- additional documentation about enabling correct channels in RHEL to resolve
all dependencies (bz #749627)
- fix bug with missing tmpfiles.d directory
- add perl(Digest::MD5) to list of build and install dependencies
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jan 22 2012 Bernard Johnson <bjohnson@xxxxxxxxxxxx> - 3.2.1-7
- change %{_sharedstatedir} to %{_localstatedir}/lib as these expand
differently on EL (bz #767719)
- fix XSS vulnerability (bz #749846, bz #749847, bz #749848) CVE-2011-3361
- additional documentation about enabling correct channels in RHEL to resolve
all dependencies (bz #749627)
- fix bug with missing tmpfiles.d directory
- add perl(Digest::MD5) to list of build and install dependencies
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #767719 - /etc/updatedb.conf entry error
https://bugzilla.redhat.com/show_bug.cgi?id=767719
[ 2 ] Bug #749846 - BackupPC: XSS in View.pm [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=749846
[ 3 ] Bug #749847 - BackupPC: XSS in View.pm [epel-5]
https://bugzilla.redhat.com/show_bug.cgi?id=749847
[ 4 ] Bug #749848 - BackupPC: XSS in View.pm [epel-6]
https://bugzilla.redhat.com/show_bug.cgi?id=749848
[ 5 ] Bug #749627 - BackupPC install documentation for RHEL/EPEL needs update.
https://bugzilla.redhat.com/show_bug.cgi?id=749627
--------------------------------------------------------------------------------
================================================================================
avrdude-5.11.1-1.fc15 (FEDORA-2012-0848)
Software for programming Atmel AVR Microcontroller
--------------------------------------------------------------------------------
Update Information:
Update to Bugfix release 5.11.1
Fix regression in 5.11, and add support for FTDI devices.
The Arduino reset fix from #726919 should be about as fixed as in 5.11, but that still has had mixed responses.
Update to Bugfix release 5.11
This release just re-syncs the git source with the actual packages. It should not change the actual package content except for changelogs and package version number.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jan 22 2012 ndim <hun@xxxxxxxxxxxxxxxx> - 5.11.1-1
- Update to avrdude-5.11.1
- Build support for FTDI based devices (#742044)
- Use mktemp based BuildRoot for improved local .rpm building
* Thu Jan 12 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 5.11-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Mon Sep 12 2011 Hans Ulrich Niedermann <hun@xxxxxxxxxxxxxxxx> - 5.11-1
- Update to avrdude-5.11
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #736164 - avrdude 5.11 is available
https://bugzilla.redhat.com/show_bug.cgi?id=736164
[ 2 ] Bug #742044 - add support for new avrftdi devices to avrdude
https://bugzilla.redhat.com/show_bug.cgi?id=742044
[ 3 ] Bug #726919 - Automatic reset (DTR / RTS toggling) fails for "arduino" programmer type under Linux.
https://bugzilla.redhat.com/show_bug.cgi?id=726919
--------------------------------------------------------------------------------
================================================================================
bind-9.8.2-0.2.rc1.fc15 (FEDORA-2012-0844)
The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server
--------------------------------------------------------------------------------
Update Information:
BIND package was updated to the 9.8.2rc1 release which fixes various bugs.
The bind-dyndb-ldap package was updated to the 1.1.0a1 release which fixes bugs and adds many enhancements. Check /usr/share/doc/bind-dyndb-ldap-1.1.0/NEWS for more details.
Package dnsperf was rebuilt against updated bind-libs package.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 23 2012 Adam Tkac <atkac redhat com> 32:9.8.2-0.2.rc1
- update to 9.8.2rc1
* Wed Dec 14 2011 Adam Tkac <atkac redhat com> 32:9.8.2-0.1.b1
- update to 9.8.2b1
- patches merged
- bind97-rh700097.patch
* Wed Dec 7 2011 Adam Tkac <atkac redhat com> 32:9.8.1-4.P1
- ship dns/forward.h in -devel subpkg
--------------------------------------------------------------------------------
================================================================================
bind-dyndb-ldap-1.1.0-0.6.a1.fc15 (FEDORA-2012-0844)
LDAP back-end plug-in for BIND
--------------------------------------------------------------------------------
Update Information:
BIND package was updated to the 9.8.2rc1 release which fixes various bugs.
The bind-dyndb-ldap package was updated to the 1.1.0a1 release which fixes bugs and adds many enhancements. Check /usr/share/doc/bind-dyndb-ldap-1.1.0/NEWS for more details.
Package dnsperf was rebuilt against updated bind-libs package.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 18 2012 Adam Tkac <atkac redhat com> - 1.1.0-0.6.a1
- update to 1.1.0a1
* Thu Jan 12 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0.0-0.5.rc1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Mon Nov 14 2011 Adam Tkac <atkac redhat com> - 1.0.0-0.4.rc1
- update to 1.0.0rc1
* Mon Nov 14 2011 Adam Tkac <atkac redhat com> - 1.0.0-0.3.b1
- rebuild against new bind
--------------------------------------------------------------------------------
================================================================================
dnsperf-1.0.1.0-26.fc15 (FEDORA-2012-0844)
Benchmarking authorative and recursing DNS servers
--------------------------------------------------------------------------------
Update Information:
BIND package was updated to the 9.8.2rc1 release which fixes various bugs.
The bind-dyndb-ldap package was updated to the 1.1.0a1 release which fixes bugs and adds many enhancements. Check /usr/share/doc/bind-dyndb-ldap-1.1.0/NEWS for more details.
Package dnsperf was rebuilt against updated bind-libs package.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 18 2012 Adam Tkac <atkac redhat com> - 1.0.1.0-26
- rebuild against new bind
--------------------------------------------------------------------------------
================================================================================
imsettings-1.2.7.1-1.fc15 (FEDORA-2012-0831)
Delivery framework for general Input Method configuration
--------------------------------------------------------------------------------
Update Information:
bug fixes release
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 23 2012 Akira TAGOH <tagoh@xxxxxxxxxx> - 1.2.7.1-1
- New upstream release.
* Thu Jan 19 2012 Akira TAGOH <tagoh@xxxxxxxxxx> - 1.2.7-1
- New upstream release.
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.2.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
libmkv-0.6.5.1-1.fc15 (FEDORA-2012-0836)
An alternative to the official libmatroska library
--------------------------------------------------------------------------------
Update Information:
- v 0.6.5.1
+ Fix offset calculation for track private data
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jan 22 2012 Bernard Johnson <bjohnson@xxxxxxxxxxxx> - 0.6.5.1-1
- v 0.6.5.1
+ Fix offset calculation for track private data
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.6.4.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
mod_fcgid-2.3.6-5.fc15 (FEDORA-2012-0819)
FastCGI interface module for Apache 2
--------------------------------------------------------------------------------
Update Information:
This update fixes a regression in 2.3.6 that broke process controls when using vhost-specific configuration.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jan 22 2012 Paul Howarth <paul@xxxxxxxxxxxx> 2.3.6-5
- Fix regression in 2.3.6 that broke process controls when using vhost-specific
configuration (upstream issue 49902, #783742)
* Fri Jan 6 2012 Paul Howarth <paul@xxxxxxxxxxxx> 2.3.6-4
- Nobody else likes macros for commands
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #783742 - Max Processes Per Class not honored in 2.3.6
https://bugzilla.redhat.com/show_bug.cgi?id=783742
--------------------------------------------------------------------------------
================================================================================
packmol-1.1.2.023-1.fc15 (FEDORA-2012-0816)
Packing optimization for molecular dynamics simulations
--------------------------------------------------------------------------------
Update Information:
First release in Fedora.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #741626 - Review Request: packmol - Packing optimization for molecular dynamics simulations
https://bugzilla.redhat.com/show_bug.cgi?id=741626
--------------------------------------------------------------------------------
================================================================================
polipo-1.0.4.1-6.fc15 (FEDORA-2012-0849)
Lightweight caching web proxy
--------------------------------------------------------------------------------
Update Information:
- add daily cache cleanup
- fix missing creation of /var/run directory (bz #755198)
- make sure log directory context is set correctly (bz #741779)
- fix denial of service vulnerability CVE-2011-3596 (bz #742897)
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jan 22 2012 Bernard Johnson <bjohnson@xxxxxxxxxxxx> - 1.0.4.1-6
- add daily cache cleanup
- fix missing creation of /var/run directory (bz #755198)
- make sure log directory context is set correctly (bz #741779)
- fix denial of service vulnerability CVE-2011-3596 (bz #742897)
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0.4.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #755198 - polipo do not work after installation
https://bugzilla.redhat.com/show_bug.cgi?id=755198
[ 2 ] Bug #741779 - polipo installs /var/log/polipo but does not own it
https://bugzilla.redhat.com/show_bug.cgi?id=741779
[ 3 ] Bug #742897 - CVE-2011-3596 polipo: Assertion failure by processing certain HTTP POST / PUT requests [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=742897
--------------------------------------------------------------------------------
================================================================================
rubygem-gem2rpm-0.8.0-1.fc15 (FEDORA-2012-0839)
Generate rpm specfiles from gems
--------------------------------------------------------------------------------
Update Information:
Upgrade to gem2rpm 0.8.0.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 23 2012 Vít Ondruch <vondruch@xxxxxxxxxx> - 0.8.0-1
- Updated to gem2rpm 0.8.0.
--------------------------------------------------------------------------------
================================================================================
rubygem-raindrops-0.8.0-3.fc15 (FEDORA-2012-0827)
Real-time stats for preforking Rack servers
--------------------------------------------------------------------------------
Update Information:
Initial package for rubygem-raindrops.
--------------------------------------------------------------------------------
================================================================================
rxvt-unicode-9.15-1.fc15 (FEDORA-2012-0837)
Unicode version of rxvt
--------------------------------------------------------------------------------
Update Information:
* fix finding a matching font (e.g. bold version of the base font)
* fix parsing of bg image styles
* fix blurring of bg image borders when using xrender
* fix xrender blur
* fix regression that caused tabbed to compute the wrong size for tabs
* allow again an empty suffix in a keysym list spec
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jan 22 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
- 9.15-1
- version upgrade
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 9.14-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
sugar-maze-15-1.fc15 (FEDORA-2012-0828)
Maze for Sugar
--------------------------------------------------------------------------------
Update Information:
v15
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jan 22 2012 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - 15-1
- Release 15
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 14-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
tclx-8.4.0-18.fc15 (FEDORA-2012-0845)
Extensions for Tcl and Tk
--------------------------------------------------------------------------------
Update Information:
This is an update that fixes tcl/tk deps on multilib.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 23 2012 Jaroslav Škarvada <jskarvad@xxxxxxxxxx> - 8.4.0-18
- Fixed multilib deps
Resolves: rhbz#783891
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 8.4.0-17
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #783891 - tclx.i686 depends on tcl.x86_64 rather than tcl.i686, repeat with yum install tcl.i686
https://bugzilla.redhat.com/show_bug.cgi?id=783891
--------------------------------------------------------------------------------
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
