The following Fedora 15 Security updates need testing:
https://admin.fedoraproject.org/updates/FEDORA-2012-6996/expat-2.1.0-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-7567/php-5.3.13-1.fc15,maniadrive-1.2-32.fc15.5,php-eaccelerator-0.9.6.1-9.fc15.5
https://admin.fedoraproject.org/updates/FEDORA-2012-6630/dokuwiki-0-0.10.20110525.a.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-7246/libsoup-2.34.3-2.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-6629/gdb-7.3.1-50.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-6759/bind-dyndb-ldap-1.1.0-0.11.rc1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-17233/tor-0.2.1.32-1500.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-7594/kernel-2.6.43.5-2.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-7131/seamonkey-2.9.1-1.fc15
The following Fedora 15 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/FEDORA-2012-7594/kernel-2.6.43.5-2.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-7537/livecd-tools-15.13-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-7246/libsoup-2.34.3-2.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-7117/mdadm-3.2.3-9.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-7149/thunderbird-12.0.1-1.fc15,thunderbird-lightning-1.4-2.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-6996/expat-2.1.0-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-6919/mysql-5.5.23-1.fc15
https://admin.fedoraproject.org/updates/dracut-009-15.fc15
The following builds have been pushed to Fedora 15 updates-testing
erlang-amf-0-0.6.20110224gitb36dfb6.fc15
fcitx-4.2.3-1.fc15
gfal2-2.0.0-0.7.2012050413snap.fc15
git-cola-1.7.7-1.fc15
kernel-2.6.43.5-2.fc15
kile-2.1.2-2.fc15
libsvm-3.12-1.fc15
livecd-tools-15.13-1.fc15
maniadrive-1.2-32.fc15.5
novacom-client-1.1.0-0.4.rc1.git.ff7641193a.fc15
novacom-server-1.1.0-0.6.rc1.fc15
php-5.3.13-1.fc15
php-eaccelerator-0.9.6.1-9.fc15.5
pki-core-9.0.20-1.fc15
qbittorrent-2.9.8-1.fc15
scribus-1.4.1-1.fc15
subversion-api-docs-1.6.18-1.fc15
texworks-0.4.4-1.fc15
xca-0.9.2-1.fc15
xscreensaver-5.15-6.fc15
Details about builds:
================================================================================
erlang-amf-0-0.6.20110224gitb36dfb6.fc15 (FEDORA-2012-7571)
Erlang Action Message Format Library
--------------------------------------------------------------------------------
Update Information:
* Updated to the next git tag and dropped upstreamed patch
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 7 2012 Peter Lemenkov <lemenkov@xxxxxxxxx> - 0-0.6.20110224gitb36dfb6
- Updated to the next git tag and dropped upstreamed patch
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0-0.5.20100908git27329144
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
fcitx-4.2.3-1.fc15 (FEDORA-2012-7566)
Free Chinese Input Toy for X (XIM)
--------------------------------------------------------------------------------
Update Information:
Upgrade to fcitx-4.2.3
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 7 2012 Liang Suilong <liangsuilong@xxxxxxxxx> - 4.2.3-1
- Upgrade to fcitx-4.2.3
--------------------------------------------------------------------------------
================================================================================
gfal2-2.0.0-0.7.2012050413snap.fc15 (FEDORA-2012-7555)
Grid file access library 2.0
--------------------------------------------------------------------------------
Update Information:
update 2012050413snap
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
git-cola-1.7.7-1.fc15 (FEDORA-2012-7588)
A highly caffeinated git gui
--------------------------------------------------------------------------------
Update Information:
An update of git-cola to the latest upstream release, with the following improvements:
* New and improved `grep` mode lets you instantly find and edit files.
* New `git cola grep` standalone mode.
* Support for passing arguments to the configured editors, e.g. `gvim -p` This makes it possible to select multiple files in the status window and use Ctrl-e to edit them all at once.
* Remote operations now prompt on errors only.
* The Tab key now jumps to the extended description when editing the summary.
* More shortcut key labels and misc. UX improvements.
* Bugfix: Selecting an item no longer copies its filename to the copy/paste buffer. Ctrl-c or the “Copy” context-menu action can be used instead.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 8 2012 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> - 1.7.7-1
- Update to 1.7.7 (#819165)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #819165 - git-cola-1.7.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=819165
--------------------------------------------------------------------------------
================================================================================
kernel-2.6.43.5-2.fc15 (FEDORA-2012-7594)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
Fix a DVB-S zig-zag regression on kernel 3.3. Without this patch, some DVB-S channels may not be successfully detected.
Linux 3.3.4 stable update contains numerous bug fixes
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 7 2012 Mauro Carvalho Chehab <mchehab@xxxxxxxxxx> 2.6.43.5-2
- Add patch to fix DVB-S zigzag (rhbz 814404)
* Mon May 7 2012 Josh Boyer <jwboyer@xxxxxxxxxx> 2.6.43.5-1
- Linux 3.3.5
- Add patch to rate limit NFSv4 message (rhbz 732748)
* Fri May 4 2012 Josh Boyer <jwboyer@xxxxxxxxxx>
- unfiltered netdev rio_ioctl access by users (rhbz 818820)
* Mon Apr 30 2012 Josh Boyer <jwboyer@xxxxxxxxxx>
- Backport ipw2x00 nl80211 cipher suite reporting (rhbz 817298)
* Mon Apr 30 2012 Dave Jones <davej@xxxxxxxxxx>
- Disable CONFIG_RCU_FAST_NO_HZ for now. (rhbz 806548)
* Mon Apr 30 2012 Justin M. Forbes <jforbes@xxxxxxxxxx> 2.6.43.4-1
- Linux 3.3.4
* Tue Apr 24 2012 Josh Boyer <jwboyer@xxxxxxxxxx>
- Add patch to fix perf build due to incorrect cherry-pick in 3.3.3
- Add patch to fix ipw2200 (rhbz 783708)
* Mon Apr 23 2012 Josh Boyer <jwboyer@xxxxxxxxxx>
- Linux 3.3.3
* Mon Apr 23 2012 Peter Hutterer <peter.hutterer@xxxxxxxxxx>
- Fix regression on clickpads
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #818820 - CVE-2012- kernel: unfiltered netdev rio_ioctl access by users
https://bugzilla.redhat.com/show_bug.cgi?id=818820
--------------------------------------------------------------------------------
================================================================================
kile-2.1.2-2.fc15 (FEDORA-2012-6987)
(La)TeX source editor and TeX shell
--------------------------------------------------------------------------------
Update Information:
An update of Kile to the latest upstream bugfix release, version 2.1.2.
Fixes:
- Correctly convert special characters that were typed with caps lock enabled into LaTeX. This fix works from KDE 4.3 upwards. (kde#296123)
- Use 'utf8' instead of 'utf8x' as default encoding (in document templates). It should be sufficient in most cases and it is installed by default in LaTeX distributions.
- Correctly insert '\c{c}' for the cedilla character (kde#296006, kde#289529)
- Use the correct name for some icons. In this way, they can be used even if the current icon theme is not Oxygen. (Patch by Pino Toscano)
- Correctly restore VI input mode key settings (kde#293262)
Features:
- Update 'biblatex.cwl'. Thanks to Denis Bitouzé!
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 8 2012 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> - 2.1.2-2
- fix kile process remaining in memory after closing (kde#299569)
* Sun Apr 29 2012 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> - 2.1.2-1
- update to 2.1.2 (bugfix release, #816521)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #816521 - kile-2.1.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=816521
--------------------------------------------------------------------------------
================================================================================
libsvm-3.12-1.fc15 (FEDORA-2012-7534)
A Library for Support Vector Machines
--------------------------------------------------------------------------------
Update Information:
Upstream update:
See http://www.csie.ntu.edu.tw/~cjlin/libsvm/log for details.
Also, svm-toy are fixed
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 4 2012 Ding-Yi Chen <dchen@xxxxxxxxxx> - 3.12-1
- Upstream update:
svm-toy: support loading/saving of regression data
python interface: handle the issue of the "0th" feature if using lists
tools/grid.py: not redrawing contour if c,g, cv doesn't change
add setlocale when saving and loading model so not affected by users' locale
--------------------------------------------------------------------------------
================================================================================
livecd-tools-15.13-1.fc15 (FEDORA-2012-7537)
Tools for building live CDs
--------------------------------------------------------------------------------
Update Information:
Update livecd-iso-to-disk to match the current installer.
cherry-picked a number of updates from master. Add support for creating
f17 USB sticks with 2 partitions.
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 7 2012 Brian C. Lane <bcl@xxxxxxxxxx> 15.13-1
- Version 15.13 (bcl)
- fix syntax problem in detectsrctype (bcl)
- copy repo data to USB for F17 (#806166) (bcl)
* Thu Mar 1 2012 Brian C. Lane <bcl@xxxxxxxxxx> 15.12-1
- Version 15.12 (bcl)
- livecd-iso-to-disk: Add 2MB slop to calculation (bcl)
- livecd-iso-to-disk: create partition for iso (bcl)
- check for valid script path before editing livecd image and update usage
options confusion (jboggs)
- add missing selinux_mountpoint class object to edit-livecd (jboggs)
- Set base_persistdir (#741614) (bcl)
- Fix the fix for dracut modules (#766955) (bcl)
- Use dracut.conf.d instead fo dracut.conf (bcl)
- dracut needs dmsquash-live explicitly included (bcl)
- edit-livecd: -k --kickstart option (apevec)
- Install edit-livecd to /usr/bin (bcl)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #806166 - Installation using DVD ISO dd'd to USB can't use USB as installation source
https://bugzilla.redhat.com/show_bug.cgi?id=806166
[ 2 ] Bug #741614 - spurious empty directory left for each repo when other cache specified
https://bugzilla.redhat.com/show_bug.cgi?id=741614
[ 3 ] Bug #766955 - Rawhide live images do not boot (nightlies and manually-created with livecd-creator)
https://bugzilla.redhat.com/show_bug.cgi?id=766955
--------------------------------------------------------------------------------
================================================================================
maniadrive-1.2-32.fc15.5 (FEDORA-2012-7567)
3D stunt driving game
--------------------------------------------------------------------------------
Update Information:
The releases complete a fix for a vulnerability in CGI-based setups (CVE-2012-2311).
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 9 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.2-32.5
- rebuild against PHP 5.3.13
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #818607 - CVE-2012-1823 php: command line arguments injection when run in CGI mode (VU#520827)
https://bugzilla.redhat.com/show_bug.cgi?id=818607
[ 2 ] Bug #818907 - CVE-2012-2311 php: incomplete fix for CVE-2012-1823
https://bugzilla.redhat.com/show_bug.cgi?id=818907
--------------------------------------------------------------------------------
================================================================================
novacom-client-1.1.0-0.4.rc1.git.ff7641193a.fc15 (FEDORA-2012-7572)
Client for utility to connect to WebOS devices
--------------------------------------------------------------------------------
Update Information:
Initial release
--------------------------------------------------------------------------------
================================================================================
novacom-server-1.1.0-0.6.rc1.fc15 (FEDORA-2012-7572)
Service for utility that connects to WebOS devices
--------------------------------------------------------------------------------
Update Information:
Initial release
--------------------------------------------------------------------------------
================================================================================
php-5.3.13-1.fc15 (FEDORA-2012-7567)
PHP scripting language for creating dynamic web sites
--------------------------------------------------------------------------------
Update Information:
The releases complete a fix for a vulnerability in CGI-based setups (CVE-2012-2311).
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 9 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> 5.3.13-1
- update to 5.3.13 (CVE-2012-2311)
* Thu May 3 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> 5.3.12
- update to 5.3.12 (CVE-2012-1823)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #818607 - CVE-2012-1823 php: command line arguments injection when run in CGI mode (VU#520827)
https://bugzilla.redhat.com/show_bug.cgi?id=818607
[ 2 ] Bug #818907 - CVE-2012-2311 php: incomplete fix for CVE-2012-1823
https://bugzilla.redhat.com/show_bug.cgi?id=818907
--------------------------------------------------------------------------------
================================================================================
php-eaccelerator-0.9.6.1-9.fc15.5 (FEDORA-2012-7567)
PHP accelerator, optimizer, encoder and dynamic content cacher
--------------------------------------------------------------------------------
Update Information:
The releases complete a fix for a vulnerability in CGI-based setups (CVE-2012-2311).
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 9 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1:0.9.6.1-9.5
- rebuild against PHP 5.3.13
* Thu May 3 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1:0.9.6.1-9.4
- rebuild against PHP 5.3.12
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #818607 - CVE-2012-1823 php: command line arguments injection when run in CGI mode (VU#520827)
https://bugzilla.redhat.com/show_bug.cgi?id=818607
[ 2 ] Bug #818907 - CVE-2012-2311 php: incomplete fix for CVE-2012-1823
https://bugzilla.redhat.com/show_bug.cgi?id=818907
--------------------------------------------------------------------------------
================================================================================
pki-core-9.0.20-1.fc15 (FEDORA-2012-7539)
Certificate System - PKI Core Components
--------------------------------------------------------------------------------
Update Information:
Bugzilla Bug #819111 - non-existent container ou=cmsusers breaks replication
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 7 2012 Andrew Wnuk <awnuk@xxxxxxxxxx> 9.0.20-1
- New official build
* Mon May 7 2012 Ade Lee <alee@xxxxxxxxxx> 9.0.19-4
- Bugzilla Bug #819111 - non-existent container breaks replication
* Mon Apr 16 2012 Ade Lee <alee@xxxxxxxxxx> 9.0.19-3
- Bugzilla Bug #813075 - selinux denial for file size access
* Tue Apr 10 2012 Christina Fu <cfu@xxxxxxxxxx> 9.0.19-2
- Bugzilla Bug #745278 - [RFE] ECC encryption keys cannot be archived
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #819111 - non-existent container ou=cmsusers breaks replication
https://bugzilla.redhat.com/show_bug.cgi?id=819111
--------------------------------------------------------------------------------
================================================================================
qbittorrent-2.9.8-1.fc15 (FEDORA-2012-7536)
A Bittorrent Client
--------------------------------------------------------------------------------
Update Information:
* Sat May 5 2012 - Christophe Dumez <chris@xxxxxxxxxxxxxxx> - v2.9.8
- BUGFIX: Various UI style fixes
- BUGFIX: Fix compilation with gcc 4.7
- BUGFIX: Fix possible compilation error with msvc (Windows)
- BUGFIX: Fix compilation on OS/2
- I18N: Update Italian translation
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 7 2012 leigh scott <leigh123linux@xxxxxxxxxxxxxx> - 1:2.9.8-1
- update to 2.9.8
--------------------------------------------------------------------------------
================================================================================
scribus-1.4.1-1.fc15 (FEDORA-2012-7558)
DeskTop Publishing application written in Qt
--------------------------------------------------------------------------------
Update Information:
- update to bugfix release 1.4.1
- upstream changelog at http://wiki.scribus.net/canvas/1.4.1_Release
--------------------------------------------------------------------------------
ChangeLog:
* Sun May 6 2012 Dan Horák <dan[at]danny.cz> - 1.4.1-1
- update to 1.4.1
--------------------------------------------------------------------------------
================================================================================
subversion-api-docs-1.6.18-1.fc15 (FEDORA-2012-7546)
Subversion API documentation
--------------------------------------------------------------------------------
Update Information:
Rebuild against new subversion.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 8 2012 Bojan Smojver <bojan@xxxxxxxxxxxxx> 1.6.18-1
- bump up to 1.6.18
--------------------------------------------------------------------------------
================================================================================
texworks-0.4.4-1.fc15 (FEDORA-2012-7583)
A simple IDE for authoring TeX documents
--------------------------------------------------------------------------------
Update Information:
New upstream release.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 8 2012 Robin Lee <cheeselee@xxxxxxxxxxxxxxxxx> - 0.4.4-1
- Update to 0.4.4 (#785100, #817511)
* Wed Sep 21 2011 Marek Kasik <mkasik@xxxxxxxxxx> - 0.4.3-3
- Rebuild (poppler-0.17.3)
* Fri Jul 15 2011 Marek Kasik <mkasik@xxxxxxxxxx> - 0.4.3-2
- Rebuild (poppler-0.17.0)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #817511 - texworks-0.4.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=817511
--------------------------------------------------------------------------------
================================================================================
xca-0.9.2-1.fc15 (FEDORA-2012-7543)
Graphical X.509 certificate management tool
--------------------------------------------------------------------------------
Update Information:
* Mon May 7 2012 Patrick Monnerat <pm@xxxxxxxxxxxxx> 0.9.2-1
- New upstream release.
- Patch "french" to update french translation.
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 7 2012 Patrick Monnerat <pm@xxxxxxxxxxxxx> 0.9.2-1
- New upstream release.
- Patch "french" to update french translation.
--------------------------------------------------------------------------------
================================================================================
xscreensaver-5.15-6.fc15 (FEDORA-2012-7533)
X screen saver and locker
--------------------------------------------------------------------------------
Update Information:
A bug is reported that any hack with -pair option will cause segfault when terminating it. This new rpm will fix this issue.
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 7 2012 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxx> - 1:5.15-6
- Fix segv when quitting hack with -pair option (bug 819349)
* Fri Jan 13 2012 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxx> - 1:5.15-5
- F-17: rebuild against fixed rpm (for perl dependency generation)
* Thu Jan 5 2012 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxx> - 1:5.15-4
- F-17: rebuild against gcc47
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #819349 - [abrt] xscreensaver-gl-extras-5.15-3.fc16: fps_free: Process /usr/libexec/xscreensaver/companioncube was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=819349
--------------------------------------------------------------------------------
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
