The following Fedora 15 Security updates need testing:
https://admin.fedoraproject.org/updates/FEDORA-2012-6996/expat-2.1.0-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-7567/php-5.3.13-1.fc15,maniadrive-1.2-32.fc15.5,php-eaccelerator-0.9.6.1-9.fc15.5
https://admin.fedoraproject.org/updates/FEDORA-2012-7692/rubygem-actionmailer-3.0.5-3.fc15,rubygem-mail-2.4.4-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-7659/android-tools-20120510gitd98c87c-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-7686/apache-poi-3.7-7.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-6630/dokuwiki-0-0.10.20110525.a.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-7246/libsoup-2.34.3-2.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-6629/gdb-7.3.1-50.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-6759/bind-dyndb-ldap-1.1.0-0.11.rc1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-17233/tor-0.2.1.32-1500.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-7594/kernel-2.6.43.5-2.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-7131/seamonkey-2.9.1-1.fc15
The following Fedora 15 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/FEDORA-2012-7662/mdadm-3.2.4-2.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-7594/kernel-2.6.43.5-2.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-7537/livecd-tools-15.13-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-7246/libsoup-2.34.3-2.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-7149/thunderbird-12.0.1-1.fc15,thunderbird-lightning-1.4-2.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-6996/expat-2.1.0-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-6919/mysql-5.5.23-1.fc15
https://admin.fedoraproject.org/updates/dracut-009-15.fc15
The following builds have been pushed to Fedora 15 updates-testing
android-tools-20120510gitd98c87c-1.fc15
apache-poi-3.7-7.fc15
farsight2-0.0.25-2.fc15
gnome-applet-sensors-3.0.0-1.fc15
mdadm-3.2.4-2.fc15
mined-2012.22-1.fc15
python-dirq-1.2.1-2.fc15
rubygem-actionmailer-3.0.5-3.fc15
rubygem-mail-2.4.4-1.fc15
sugar-maze-20-1.fc15
transifex-client-0.7.3-1.fc15
zarafa-7.0.7-1.fc15
Details about builds:
================================================================================
android-tools-20120510gitd98c87c-1.fc15 (FEDORA-2012-7659)
Android platform tools(adb, fastboot)
--------------------------------------------------------------------------------
Update Information:
- Update to upstream git commit d98c87c
- Added more udev devices
- Resolves: rhbz 819292 secure udev permissions
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 10 2012 Ivan Afonichev <ivan.afonichev@xxxxxxxxx> - 20120510gitd98c87c-1
- Update to upstream git commit d98c87c
- Added more udev devices
- Resolves: rhbz 819292 secure udev permissions
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #819292 - udev rules set insecure permissions
https://bugzilla.redhat.com/show_bug.cgi?id=819292
--------------------------------------------------------------------------------
================================================================================
apache-poi-3.7-7.fc15 (FEDORA-2012-7686)
The Java API for Microsoft Documents
--------------------------------------------------------------------------------
Update Information:
Fix CVE-2012-0213
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 10 2012 Orion Poplawski <orion@xxxxxxxxxxxxx> - 3.7-7
- CVE-2012-0213 (bugs 799078, 820788)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #799078 - CVE-2012-0213 apache-poi, jakarta: JVM destabilization due to memory exhaustion when processing CDF/CFBF files
https://bugzilla.redhat.com/show_bug.cgi?id=799078
--------------------------------------------------------------------------------
================================================================================
farsight2-0.0.25-2.fc15 (FEDORA-2012-7660)
Libraries for videoconferencing
--------------------------------------------------------------------------------
Update Information:
Fix ownership on a directory.
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 10 2012 Brian Pepple <bpepple@xxxxxxxxxxxxxxxxx> - 0.0.25-2
- Fix ownership of a directory. (#744916)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #744916 - Unowned directory
https://bugzilla.redhat.com/show_bug.cgi?id=744916
--------------------------------------------------------------------------------
================================================================================
gnome-applet-sensors-3.0.0-1.fc15 (FEDORA-2012-7687)
Gnome panel applet for hardware sensors
--------------------------------------------------------------------------------
Update Information:
gnome-applet-sensors-3.0.0
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 14 2011 Huzaifa Sidhpurwala <huzaifas@xxxxxxxxxx> - 3.0.0-1
- Latest upstream, works with gnome 3
- Disable nvidia plugin, as it needs newer libs, not in fedora yet
- Disable RPATH
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.2.7-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #772432 - Review Request: gnome-applet-sensors - GNOME panel applet for hardware sensors
https://bugzilla.redhat.com/show_bug.cgi?id=772432
[ 2 ] Bug #716008 - FTBFS gnome-applet-sensors-2.2.7-4.fc15
https://bugzilla.redhat.com/show_bug.cgi?id=716008
[ 3 ] Bug #691085 - Dependency Failure
https://bugzilla.redhat.com/show_bug.cgi?id=691085
--------------------------------------------------------------------------------
================================================================================
mdadm-3.2.4-2.fc15 (FEDORA-2012-7662)
The mdadm program controls Linux md devices (software RAID arrays)
--------------------------------------------------------------------------------
Update Information:
This is an update to the mdadm package, based on the latest upstream release, mdadm-3.2.4, which fixes a large number of bugs.
All users of mdadm RAIDs are encouraged to upgrade.
This is an update to the mdadm package, fixing a number of bugs, including:
- Fix Monitor mode sometimes crashes when a resync completes
- Fix missing symlink for mdadm container device when incremental creates the array
- Make sure when creating a second array in a container that the second array uses all available space since leaving space for a third array is invalid
- Validate the number of imsm volumes per controller
- Fix issues with imsm arrays and disks larger than 2TB
- Add support for expanding imsm arrays/containers
- The support for expanding imsm arrays/containers was accepted upstream,
update to the official patches from there
- Fix for the issue of --add not being very smart
- Fix an issue causing rebuilds to fail to restart on reboot (data corrupter level problem)
- Reset the bad flag on map file updates
- Correctly fix failure when trying to add internal bitmap to 1.0 arrays
- Fix bug where IMSM arrays stay inactive in case a reboot is performed during the reshape process.
- Fix issue when re-adding drive to a raid1 array with bitmap
All users of mdadm RAIDs are encouraged to upgrade.
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 10 2012 Jes Sorensen <Jes.Sorensen@xxxxxxxxxx> - 3.2.4-2
- Fix mdadm.conf to use 'd' for /var/run/mdadm creation, to avoid the
map file getting deleted during boot.
* Thu May 10 2012 Jes Sorensen <Jes.Sorensen@xxxxxxxxxx> - 3.2.4-1
- Upgrade to mdadm-3.2.4
- Resolves bz820534 (rawhide) bz820527 (f17) bz820531 (f16) bz820532 (f15)
* Mon Apr 30 2012 Jes Sorensen <Jes.Sorensen@xxxxxxxxxx> - 3.2.3-9
- Fix Monitor mode sometimes crashes when a resync completes
- Fix missing symlink for mdadm container device when incremental creates
the array
- Make sure when creating a second array in a container that the second
array uses all available space since leaving space for a third array
is invalid
- Validate the number of imsm volumes per controller
- Fix issues with imsm arrays and disks larger than 2TB
- Add support for expanding imsm arrays/containers
- The support for expanding imsm arrays/containers was accepted upstream,
update to the official patches from there
- Fix for the issue of --add not being very smart
- Fix an issue causing rebuilds to fail to restart on reboot (data
corrupter level problem)
- Reset the bad flag on map file updates
- Correctly fix failure when trying to add internal bitmap to 1.0 arrays
- Resolves: bz817023 (f17) bz817024 (f17) bz817026 (f17) bz817028 (f17)
- Resolves: bz817029 (f17) bz817032 (f17) bz817038 (f17) bz808774 (f17)
- Resolves: bz817039 (f17) bz817042 (f17)
* Mon Apr 30 2012 Jes Sorensen <Jes.Sorensen@xxxxxxxxxx> - 3.2.3-8
- Fix bug where IMSM arrays stay inactive in case a reboot is
- performed during the reshape process.
- Resolves: bz817522 (f17) bz817535 (f16) bz817537 (f15)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #820532 - Update mdadm to version 3.2.4
https://bugzilla.redhat.com/show_bug.cgi?id=820532
[ 2 ] Bug #817023 - "mdadm --monitor" crashes when resync finishes
https://bugzilla.redhat.com/show_bug.cgi?id=817023
[ 3 ] Bug #817024 - imsm: validate the number of imsm volumes per controller
https://bugzilla.redhat.com/show_bug.cgi?id=817024
[ 4 ] Bug #817026 - mdadm: add volume's size expansion feature
https://bugzilla.redhat.com/show_bug.cgi?id=817026
[ 5 ] Bug #817028 - mdadm: imsm: second volume must have size of whole free space left on devices
https://bugzilla.redhat.com/show_bug.cgi?id=817028
[ 6 ] Bug #817029 - imsm: disk/volume sizes incorrect when using disks 1TB+
https://bugzilla.redhat.com/show_bug.cgi?id=817029
[ 7 ] Bug #817032 - link to imsm container device is not created when incremental assembly is used
https://bugzilla.redhat.com/show_bug.cgi?id=817032
[ 8 ] Bug #817038 - Can't add bitmap to array (version 1.0 metadata)
https://bugzilla.redhat.com/show_bug.cgi?id=817038
[ 9 ] Bug #808774 - make mdadm --add not do stupid things
https://bugzilla.redhat.com/show_bug.cgi?id=808774
[ 10 ] Bug #817039 - Rebuild does not continue after reboot.
https://bugzilla.redhat.com/show_bug.cgi?id=817039
[ 11 ] Bug #817042 - mdadm: Reset 'bad' flag on map update
https://bugzilla.redhat.com/show_bug.cgi?id=817042
[ 12 ] Bug #817537 - MD raid devices inactive after reboot done during reshape
https://bugzilla.redhat.com/show_bug.cgi?id=817537
[ 13 ] Bug #791159 - mdadm write intent map not functioning as before
https://bugzilla.redhat.com/show_bug.cgi?id=791159
--------------------------------------------------------------------------------
================================================================================
mined-2012.22-1.fc15 (FEDORA-2012-7672)
Powerful Text Editor with Extensive Unicode and CJK Support
--------------------------------------------------------------------------------
Update Information:
Update to 2012.22 version
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 10 2012 Matthieu Saulnier <fantom@xxxxxxxxxxxxxxxxx> - 2012.22-1
- update to 2012.22
- fix man page compression in %files section
--------------------------------------------------------------------------------
================================================================================
python-dirq-1.2.1-2.fc15 (FEDORA-2012-7663)
Directory based queue
--------------------------------------------------------------------------------
Update Information:
upgrade to latest 1.2.1 version
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 9 2012 Massimo Paladin <massimo.paladin@xxxxxxxxx> - 1.2.1-2
- Cleaning specfile and dependency error fixed on rhel5.
* Mon May 7 2012 Massimo Paladin <massimo.paladin@xxxxxxxxx> - 1.2.1-1
- Update to 1.2.1.
* Fri Mar 30 2012 Massimo Paladin <massimo.paladin@xxxxxxxxx> - 1.1.2-1
- Update to 1.1.2.
* Tue Mar 20 2012 Massimo Paladin <massimo.paladin@xxxxxxxxx> - 1.1.1-1
- Update to 1.1.1.
* Tue Feb 14 2012 Steve Traylen <steve.traylen@xxxxxxx> - 1.0.1-2
- Empty release for revision control error.
* Tue Feb 14 2012 Steve Traylen <steve.traylen@xxxxxxx> - 1.0.1-1
- Update to 1.0.1.
- Enable python3 support with patch dirq-1.0.1-dist-tag.patch.
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.0.5-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rubygem-actionmailer-3.0.5-3.fc15 (FEDORA-2012-7692)
Service layer for easy email delivery and testing
--------------------------------------------------------------------------------
Update Information:
Update to Mail 2.4.4.
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 10 2012 Vít Ondruch <vondruch@xxxxxxxxxx> - 1:3.0.5-3
- Fix Mailer dependencies.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #816352 - CVE-2012-2139 CVE-2012-2140 rubygem-mail: arbitrary command execution when using exim or sendmail from commandline, file system traversal flaw
https://bugzilla.redhat.com/show_bug.cgi?id=816352
--------------------------------------------------------------------------------
================================================================================
rubygem-mail-2.4.4-1.fc15 (FEDORA-2012-7692)
Mail provides a nice Ruby DSL for making, sending and reading emails
--------------------------------------------------------------------------------
Update Information:
Update to Mail 2.4.4.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 9 2012 Vít Ondruch <vondruch@xxxxxxxxxx> - 2.4.4-1
- Update to Mail 2.4.4.
* Tue Jan 31 2012 Vít Ondruch <vondruch@xxxxxxxxxx> - 2.3.0-3
- Rebuilt for Ruby 1.9.3.
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.3.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #816352 - CVE-2012-2139 CVE-2012-2140 rubygem-mail: arbitrary command execution when using exim or sendmail from commandline, file system traversal flaw
https://bugzilla.redhat.com/show_bug.cgi?id=816352
--------------------------------------------------------------------------------
================================================================================
sugar-maze-20-1.fc15 (FEDORA-2012-7669)
Maze for Sugar
--------------------------------------------------------------------------------
Update Information:
Version 20 release
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 10 2012 Kalpa Welivitigoda <callkalpa@xxxxxxxxx> - 20-1
- Release 20
--------------------------------------------------------------------------------
================================================================================
transifex-client-0.7.3-1.fc15 (FEDORA-2012-7668)
Command line tool for Transifex translation management
--------------------------------------------------------------------------------
Update Information:
Update to new
upstream version.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 9 2012 Domingo Becker <domingobecker@xxxxxxxxx> - 0.7.3-1
- Update to new upstream version.
--------------------------------------------------------------------------------
================================================================================
zarafa-7.0.7-1.fc15 (FEDORA-2012-7666)
Open Source Edition of the Zarafa Collaboration Platform
--------------------------------------------------------------------------------
Update Information:
Zarafa Collaboration Platform 7.0.7 final [34256]
=================================================
Backend
-------
- ZCP-9482: Unhooking a store with auto attached archive will make the archive store the main store.
- ZCP-9708: zarafa-client-update daily crontab deletes client folder if empty.
- ZCP-9229: AutoUpdater not clear in logging when certificate is expired.
- ZCP-9666: Folders with umlauts or high characters are not show in backup index file.
- ZCP-9402: Meeting requests are not moved to deleted items in webaccess as with outlook.
- ZCP-9447: DoS through excessive gateway access possible.
- ZCP-9701: Dagent not parsing EML correctly with certain multipart/alternative blocks.
- ZCP-9761: email containing non-ascii characters in headers may not be correctly readable by the gateway.
- ZCP-9456: Dagent not able to parse ICS file.
- ZCP-9410: zarafa-admin --unhook-store description in the manpage is wrong, the command doesn't require -u option.
- ZCP-9633: Make upgrade documentation more clear in Admin manual.
- ZCP-9247: should document how to setup lmtp for other smtp servers than postfix. A blog post on the community hub is posted: https://community.zarafa.com/pg/blog/read/9591/using-exim-with-zarafa
- ZCP-9660: Wrong quoting IMAP gateway.
- ZCP-9279: Zarafa client installer should exit with message when you install it on pc without 32bits Outlook.
- ZCP-9553: Removing the auto updater in Zarafa-client will still leave the launch updater as startup option.
- ZCP-9586: Zarafa-licensed can go out of file descriptors when zarafa services are restart when still a lot of clients are trying to connect.
- ZCP-9431: ZMT should not crash if it fails to load native DLL's because for instance Outlook/MAPI is not installed.
- ZCP-9730: The ZMT should exit after a MAPI_E_CALL_FAILED on CopyTo and restart and skip that message.
- ZCP-9732: Some migrated Scalix messages can not be replied, forwarded and/or resent.
- ZCP-9418: zarafa-msr continues migrate list after pressing <break>.
- ZCP-9630: include path of php different than php file locations.
- ZCP-9777: some php-ext functions may return error, but not throw exception.
- ZCP-9647: Server crash after MySQL error (in this case caused by full disk).
- ZCP-9683: Zarafa-server segfault 7.0.6.
- ZCP-9725: Resync of offline GAL can result in mapi_e_not_found.
- ZCP-8968: Since ZCP 7.0 more people complain about offline sync that stop or offline server that stop completely.
- ZCP-9652: Unhooking a store with an auto attach archive will confuse zarafa-admin --list-orphans.
- ZCP-7543: Plain text body converted from HTML body contains extra words.
- ZCP-9340: meeting request is lost when only allowing a delegate to receive the meeting without allowing a copy to be sent.
- ZCP-9460: Make column of zarafa-stats wider so user names are also readable at hosting setup with email addresses as username.
- ZCP-9512: Segfault zarafa-server 6.40.14.
- ZCP-9486: ICS can go out-of-sync due to deadlock errors.
- ZCP-9322: Store type should be cached.
- ZCP-9646: Suse licensed init script lists erroneous runlevel 4.
- ZCP-9686: AclSync tests unstable.
- ZCP-9593: Segfault zarafa-server on database connection issues.
- ZCP-9694: Upgrade with DB and hosted from 6.30 to (7.0x or 7.1) failed.
- ZCP-9600: IMAP feature changes to disabled with DB plugin when one changes the password.
- ZCP-9629: spooler forces reconnection without sending any mail.
- ZCP-9366: Spooler needs to send error mail on some failures to avoid failing loop.
- ZCP-9799: Zarafa-stats --top gives error "not compiled with ncurses" when running on trunk.
- ZCP-9752: Timing issue: SOURCEKEY, EntryId and folder location may not be consistent during moves.
- ZCP-9586: Zarafa-licensed can go out of file descriptors when zarafa services are restart when still a lot of clients are trying to connect.
- ZCP-9832: Zarafa-server segfaults on deleting orphan.
- ZCP-9796: Extend install script with installation of webapp package.
- ZCP-9743: Make offline sync more stupid proof, so group names don't have to be unique and break the GAB sync completely
- ZCP-9864: Can't drag occurrence to a certain time in caldav.
- ZCP-9867: When you can not connect to the server with offline, You get a pop-up sometimes.
- ZCP-9637: Create Ubuntu 12.04 buildsystem nodeagent and builds for 7.0.
- ZCP-9817: Can't drag occurrence to a certain time in caldav.
- ZCP-9930: Zarafa-server crash 7.1.0 on move to the same folder in WebApp
WebAccess
---------
- ZCP-7268: Sub folders of the public folders will remain in English.
- ZCP-9596: [after March 27th] Duplicate attendees when using To: button to update meeting request.
- ZCP-9776: Enable en_US as default enabled language again in defaults.php.
- ZCP-9401: All day event is one day late in invitation with Brazilian timezones.
- ZCP-9239: Certain Inline images from exchange not showing in WebAccess.
- ZCP-9425: Webaccess and webapp will show "PersonName" text when sending rtf emails with some user name in text.
- ZCP-9835: WA should recreate the reminders folder if it fails to open it.
- ZCP-9239: Certain Inline images from exchange not showing in WebAccess.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 9 2012 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 7.0.7-1
- Upgrade to 7.0.7
--------------------------------------------------------------------------------
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
