The following Fedora 17 Security updates need testing:
https://admin.fedoraproject.org/updates/FEDORA-2012-8577/groff-1.21-9.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-8291/python-feedparser-5.1.2-2.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-8274/socat-1.7.2.1-1.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-8398/drupal7-7.14-2.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-8284/moodle-2.2.3-1.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-8290/rt3-3.8.12-1.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-8428/apache-commons-compress-1.4.1-1.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-8439/rubygem-rack-cache-1.2-1.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-8392/python-crypto-2.6-1.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-8434/python-virtualenvwrapper-3.4-1.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-8445/globus-gridftp-server-6.10-2.fc17,globus-gridftp-server-control-2.5-2.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-7971/libgssglue-0.4-0.fc17
The following Fedora 17 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/FEDORA-2012-8563/ppp-2.4.5-22.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-8576/libpwquality-1.1.0-1.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-8564/clutter-1.10.6-1.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-8546/gdb-7.4.50.20120120-47.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-8405/policycoreutils-2.1.11-18.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-8397/qt-4.8.2-1.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-8267/xkeyboard-config-2.5.1-2.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-8285/shared-mime-info-1.0-4.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-8245/colord-0.1.21-1.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-8228/zeitgeist-0.9.0-1.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-8237/soprano-2.7.6-1.fc17
https://admin.fedoraproject.org/updates/mdadm-3.2.5-1.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-8198/avahi-0.6.31-3.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-8089/device-mapper-multipath-0.4.9-26.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-7932/fontconfig-2.8.0-7.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-7850/evolution-ews-3.4.2-1.fc17,evolution-mapi-3.4.2-1.fc17,evolution-data-server-3.4.2-1.fc17,evolution-3.4.2-1.fc17,gtkhtml3-4.4.2-1.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-7743/xmlrpc-c-1.29.3-1703.svn2290.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-7461/libarchive-3.0.4-1.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-7364/libzeitgeist-0.3.18-1.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-7308/accountsservice-0.6.20-1.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-7262/biosdevname-0.4.0-1.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-6598/openldap-2.4.31-2.fc17
https://admin.fedoraproject.org/updates/FEDORA-2012-1726/gpgme-1.3.0-8.fc17
The following builds have been pushed to Fedora 17 updates-testing
clutter-1.10.6-1.fc17
groff-1.21-9.fc17
hitori-0.3.2-1.fc17
hydra-7.3-10.fc17
ktorrent-4.2.0-3.fc17
libAfterImage-1.20-5.fc17
libguac-0.6.0-6.fc17
libmodbus-3.0.3-1.fc17
libpwquality-1.1.0-1.fc17
librep-0.92.2-2.fc17
man-pages-it-2.80-10.fc17
mingw-cximage-600-5.fc17
muffin-1.0.3-3.fc17
nx-3.5.0-11.fc17
par2cmdline-0.4.tbb.20100203-9.fc17
ppp-2.4.5-22.fc17
python-ansi2html-0.9.0-3.fc17
rubygem-nokogiri-1.5.2-3.fc17
rubygem-stomp-1.2.2-1.fc17
seabios-1.7.0-1.fc17
tog-pegasus-2.11.1-7.fc17
zanata-python-client-1.3.6-1.fc17
Details about builds:
================================================================================
clutter-1.10.6-1.fc17 (FEDORA-2012-8564)
Open Source software library for creating rich graphical user interfaces
--------------------------------------------------------------------------------
Update Information:
Clutter 1.10.6 2012-05-28
===============================================================================
* List of changes since Clutter 1.10.4
- Fix assertions and segfaults with touch events
- Drop usage of GL types in Clutter C, GLib, and Cogl provide the same exact types, and we also get to drop the dependency on the GL header.
- Update Visual Studio project files and build rules
- Fix assertion error in ClutterFlowLayout
- Re-allow passing NULL in clutter_text_set_text() The switch to ClutterTextBuffer introduced a regression.
- Add missing annotations in ClutterText
* List of bugs fixed since Clutter 1.10.4
[bugzilla.gnome.org]
#675371 - Asserts when getting touch events
#676150 - Fix GDK backend build on Windows
#676068 - Setting size on ClutterFlowLayout container crashes
#675890 - Passing NULL buffer to clutter_text_set_text() will not reset the buffer and segfault
#675396 - Possible bug in _clutter_paint_volume_axis_align
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 28 2012 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - 1.10.6-1
- Update to 1.10.6
- http://ftp.gnome.org/pub/GNOME/sources/clutter/1.10/clutter-1.10.6.news
* Thu May 3 2012 Bastien Nocera <bnocera@xxxxxxxxxx> 1.10.4-2
- Add patches to fix crashes with touch events
--------------------------------------------------------------------------------
================================================================================
groff-1.21-9.fc17 (FEDORA-2012-8577)
A document formatting system
--------------------------------------------------------------------------------
Update Information:
older security fixes
- CVE-2009-5044: insecure temporary file handling in pdfroff
- CVE-2009-5080: improper handling of failed attempts to create temporary directories in eqn2graph/pic2graph/grap2graph
- CVE-2009-5081: roff2.pl and groffer.pl use easy-to-guess temporary file names
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 29 2012 Jan Vcelak <jvcelak@xxxxxxxxxx> 1.21-9
- older security fixes (#709415, #720060):
+ CVE-2009-5044: insecure temporary file handling in pdfroff
+ CVE-2009-5080: improper handling of failed attempts to create temporary directories in eqn2graph/pic2graph/grap2graph
+ CVE-2009-5081: roff2.pl and groffer.pl use easy-to-guess temporary file names
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #709413 - CVE-2009-5044 groff: insecure temporary file handling in pdfroff
https://bugzilla.redhat.com/show_bug.cgi?id=709413
[ 2 ] Bug #720058 - CVE-2009-5080 groff: improper handling of failed attempts to create temporary directories in eqn2graph/pic2graph/grap2graph
https://bugzilla.redhat.com/show_bug.cgi?id=720058
[ 3 ] Bug #720057 - CVE-2009-5081 groff: roff2.pl and groffer.pl use easy-to-guess temporary file names
https://bugzilla.redhat.com/show_bug.cgi?id=720057
--------------------------------------------------------------------------------
================================================================================
hitori-0.3.2-1.fc17 (FEDORA-2012-8575)
Logic puzzle game for GNOME
--------------------------------------------------------------------------------
Update Information:
New upstream version.
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 28 2012 Mario Blättermann <mariobl@xxxxxxxxxxxxxxxxx> - 0.3.2-1
- New upstream version
- Removed the patch because it doesn't depend on libm anymore
- Tweaked the description
--------------------------------------------------------------------------------
================================================================================
hydra-7.3-10.fc17 (FEDORA-2012-8573)
Very fast network log-on cracker
--------------------------------------------------------------------------------
Update Information:
Fix binaries striping issue
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 28 2012 Athmane Madjoudj <athmane@xxxxxxxxxxxxxxxxx> 7.3-10
- Fix binaries striping issue (#825860)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #825860 - hydra 7.3-9 binaries stripped too early
https://bugzilla.redhat.com/show_bug.cgi?id=825860
--------------------------------------------------------------------------------
================================================================================
ktorrent-4.2.0-3.fc17 (FEDORA-2012-8561)
A BitTorrent program
--------------------------------------------------------------------------------
Update Information:
Support magnet links via x-scheme-handler/magnet mimetype
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 29 2012 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.2.0-3
- omit magnet.protocol
- support/use MimeTypes=x-scheme-handler/magnet; instead
* Thu Mar 29 2012 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.2.0-2
- drop ENABLE_KIO_MAGNET, let main app handle it
--------------------------------------------------------------------------------
================================================================================
libAfterImage-1.20-5.fc17 (FEDORA-2012-8568)
A generic image manipulation library
--------------------------------------------------------------------------------
Update Information:
Fix some issues with newer libpng
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 28 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
- 1.20-5
- fix some issues with newer libpng (rhbz#817780)
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.20-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Dec 6 2011 Adam Jackson <ajax@xxxxxxxxxx> - 1.20-3
- Rebuild for new libpng
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #817780 - libAfterImage must be rebuilt fot libpng 1.5 in Fedora 17
https://bugzilla.redhat.com/show_bug.cgi?id=817780
--------------------------------------------------------------------------------
================================================================================
libguac-0.6.0-6.fc17 (FEDORA-2012-8560)
The common library used by all C components of Guacamole
--------------------------------------------------------------------------------
Update Information:
Guacamole base library
--------------------------------------------------------------------------------
================================================================================
libmodbus-3.0.3-1.fc17 (FEDORA-2012-8570)
A Modbus library
--------------------------------------------------------------------------------
Update Information:
Upstream release of libmodbus 3.0.3.
Bugfixes for Linux:
- Fix a missing free in random-test-client
- Fix OMG bug in modbus_mapping_free not freeing memory.
--------------------------------------------------------------------------------
ChangeLog:
* Fri May 25 2012 Stéphane Raimbault <stephane.raimbault@xxxxxxxxx> - 3.0.3-1
- new upstream release
--------------------------------------------------------------------------------
================================================================================
libpwquality-1.1.0-1.fc17 (FEDORA-2012-8576)
A library for password generation and password quality checking
--------------------------------------------------------------------------------
Update Information:
Update with minor enhancements and also minor memory leak fix in the python bindings.
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 24 2012 Tomas Mraz <tmraz@xxxxxxxxxx> 1.1.0-1
- fix leak when throwing PWQError exception
- added pkgconfig file
- call the simplicity checks before the cracklib check
- add enforce_for_root option to the PAM module
- updated translations from Transifex
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #825877 - Update to ship pwquality.pc file
https://bugzilla.redhat.com/show_bug.cgi?id=825877
--------------------------------------------------------------------------------
================================================================================
librep-0.92.2-2.fc17 (FEDORA-2012-8578)
A lightweight Lisp environment
--------------------------------------------------------------------------------
Update Information:
Fix stack direction on ARM
--------------------------------------------------------------------------------
ChangeLog:
* Sun May 27 2012 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - 0.92.2-2
- Fix stack direction on ARM platforms
- Cleanup spec
--------------------------------------------------------------------------------
================================================================================
man-pages-it-2.80-10.fc17 (FEDORA-2012-8565)
Italian man (manual) pages from the Linux Documentation Project
--------------------------------------------------------------------------------
Update Information:
Remove man2html.1
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 29 2012 Ding-Yi Chen <dchen@xxxxxxxxxx> - 2.80-10
- Resolves: #825918 - man-pages-it : Conflicts with man2html
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #825918 - man-pages-it : Conflicts with man2html
https://bugzilla.redhat.com/show_bug.cgi?id=825918
--------------------------------------------------------------------------------
================================================================================
mingw-cximage-600-5.fc17 (FEDORA-2012-8567)
MinGW Windows CxImage manipulation library
--------------------------------------------------------------------------------
Update Information:
mingw-cximage - MinGW Windows CxImage manipulation library
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #820729 - Review Request: mingw-cximage - MinGW Windows CxImage manipulation library
https://bugzilla.redhat.com/show_bug.cgi?id=820729
--------------------------------------------------------------------------------
================================================================================
muffin-1.0.3-3.fc17 (FEDORA-2012-8569)
Window and compositing manager based on Clutter
--------------------------------------------------------------------------------
Update Information:
update
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 28 2012 leigh scott <leigh123linux@xxxxxxxxxxxxxx> - 1.0.3-3
- add patch to fix black border issue
* Mon May 28 2012 leigh scott <leigh123linux@xxxxxxxxxxxxxx> - 1.0.3-2
- rebuilt
* Sat May 5 2012 leigh scott <leigh123linux@xxxxxxxxxxxxxx> - 1.0.3-1
- update to 1.0.3
--------------------------------------------------------------------------------
================================================================================
nx-3.5.0-11.fc17 (FEDORA-2012-8579)
Proxy system for X11
--------------------------------------------------------------------------------
Update Information:
Update nxagent to 3.5.0-9.
http://www.nomachine.com/news-read.php?idnews=371
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 28 2012 Ville Skyttä <ville.skytta@xxxxxx> - 3.5.0-11
- Update nxagent to 3.5.0-9.
- Provide bundled(md5-deutsch) for nxcomp.
* Tue Apr 24 2012 Ville Skyttä <ville.skytta@xxxxxx> - 3.5.0-10
- Build nxagent with $RPM_LD_FLAGS.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #593199 - nxagent crashes when xeyes executed on nx
https://bugzilla.redhat.com/show_bug.cgi?id=593199
--------------------------------------------------------------------------------
================================================================================
par2cmdline-0.4.tbb.20100203-9.fc17 (FEDORA-2012-8566)
PAR 2.0 compatible file verification and repair tool
--------------------------------------------------------------------------------
Update Information:
Fix FTBFS on ARM
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 28 2012 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - 0.4.tbb.20100203-9
- Clean up spec to fix FTBFS on ARM
* Wed Apr 11 2012 Karsten Hopp <karsten@xxxxxxxxxx> 0.4.tbb.20100203-8
- sed script to change from tbb to rt on non-x86 archs needs to fix Makefile.am
as autoreconf runs afterwards
--------------------------------------------------------------------------------
================================================================================
ppp-2.4.5-22.fc17 (FEDORA-2012-8563)
The Point-to-Point Protocol daemon
--------------------------------------------------------------------------------
Update Information:
Various bugfixes.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 29 2012 Michal Sekletar <msekleta@xxxxxxxxxx>
- Resolves: #817011 - fixed ppp-2.4.5-eaptls-mppe-0.99 patch, added variable definition
* Mon May 21 2012 Michal Sekletar <msekleta@xxxxxxxxxx>
- Resolves: #817013 - fixed support for multilink channels in pppol2tp plugin
* Thu May 17 2012 Michal Sekletar <msekleta@xxxxxxxxxx>
- Resolves: #771340 - fixed compilation of pppd without USE_EAPTLS
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #771340 - fix compiling pppd without USE_EAPTLS
https://bugzilla.redhat.com/show_bug.cgi?id=771340
[ 2 ] Bug #817013 - openl2tp plugin is built incorrectly.
https://bugzilla.redhat.com/show_bug.cgi?id=817013
[ 3 ] Bug #817011 - pppd passwordfd.so plugin doesn't load
https://bugzilla.redhat.com/show_bug.cgi?id=817011
--------------------------------------------------------------------------------
================================================================================
python-ansi2html-0.9.0-3.fc17 (FEDORA-2012-8571)
Python module that converts text with ANSI color to HTML
--------------------------------------------------------------------------------
Update Information:
Fix to python2/python3 confusing in the 0.9.0-2 specfile.
Latest version. Includes python3 support.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 23 2012 Ralph Bean <rbean@xxxxxxxxxx> - 0.9.0-3
- Fix executable python2/python3 confusion.
- More explicit ownership of dirs in python_sitelib.
- Removed mixed use of tabs and spaces.
* Wed May 9 2012 Ralph Bean <rbean@xxxxxxxxxx> - 0.9.0-2
- python3 support.
* Wed May 9 2012 Ralph Bean <rbean@xxxxxxxxxx> - 0.9.0-1
- Packaged latest upstream version.
- Removed unnecessary defattr and buildroot
- New dependency on python-six
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #798243 - python-ansi2html-0.8.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=798243
--------------------------------------------------------------------------------
================================================================================
rubygem-nokogiri-1.5.2-3.fc17 (FEDORA-2012-8559)
An HTML, XML, SAX, and Reader parser
--------------------------------------------------------------------------------
Update Information:
Fix upgrade path for F-16 ruby-nokogiri
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 28 2012 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxx> - 1.5.2-3
- Fix Obsoletes (bug 822931)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #822931 - For F16 rubygem-nokogiri incorrectly obsoletes ruby-nokogiri
https://bugzilla.redhat.com/show_bug.cgi?id=822931
--------------------------------------------------------------------------------
================================================================================
rubygem-stomp-1.2.2-1.fc17 (FEDORA-2012-8562)
Ruby client for the Stomp messaging protocol
--------------------------------------------------------------------------------
Update Information:
Update to 1.2.2
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 28 2012 Michael Stahnke <stahnma@xxxxxxxxxxxxxx> - 1.2.2-1
- Update to 1.2.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #824046 - Incompatible with mcollective 2.0.0
https://bugzilla.redhat.com/show_bug.cgi?id=824046
--------------------------------------------------------------------------------
================================================================================
seabios-1.7.0-1.fc17 (FEDORA-2012-8574)
Open-source legacy BIOS implementation
--------------------------------------------------------------------------------
Update Information:
* Rebased to version 1.7.0
* Support for virtio-scsi
* Improved USB drive support
* Several USB controller bug fixes and improvements
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 28 2012 Cole Robinson <crobinso@xxxxxxxxxx> - 1.7.0-1
- Rebased to version 1.7.0
- Support for virtio-scsi
- Improved USB drive support
- Several USB controller bug fixes and improvements
* Wed Mar 28 2012 Paolo Bonzini <pbonzini@xxxxxxxxxx> - 1.6.3-2
- Fix bugs in booting from host (or redirected) USB pen drives
--------------------------------------------------------------------------------
================================================================================
tog-pegasus-2.11.1-7.fc17 (FEDORA-2012-8572)
OpenPegasus WBEM Services for Linux
--------------------------------------------------------------------------------
Update Information:
Add options for ARM arch, cleanup ARCH directives, Add openssl base package
Systemd support.
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 28 2012 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - 2:2.11.1-7
- Add options for ARM arch, cleanup ARCH directives
- Add openssl base package
* Mon May 21 2012 Vitezslav Crhonek <vcrhonek@xxxxxxxxxx> - 2:2.11.1-6
- Add systemd support
--------------------------------------------------------------------------------
================================================================================
zanata-python-client-1.3.6-1.fc17 (FEDORA-2012-8558)
Python Client for Zanata Server
--------------------------------------------------------------------------------
Update Information:
- Fixed rhbz#814593, "TypeError: 'unicode' object does not support item assignment" when pulling translation from server
- Fixed rhbz#820046, Python client generates empty msgctxt "" when pushing
- Fixed rhbz#795643, Python client pushes extracted comments instead of translator comments
- Add option --disable-ssl-cert to python client-
- Add help message for noskeletons option in pull, change content of Error 403
- Fixed the query param of skeletons
- Implment --push-type option, omit --push-trans when specify --push-type option
- Refactoring code and remove duplicate code
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 28 2012 James Ni <jni@xxxxxxxxxx> - 1.3.6-1
- Fixed rhbz#814593, "TypeError: 'unicode' object does not support item assignment" when pulling translation from server
- Fixed rhbz#820046, Python client generates empty msgctxt "" when pushing
- Fixed rhbz#795643, Python client pushes extracted comments instead of translator comments
- Add option --disable-ssl-cert to python client
- Add help message for noskeletons option in pull, change content of Error 403
- Fixed the query param of skeletons
- Implment --push-type option, omit --push-trans when specify --push-type option
- Refactoring code and remove duplicate code
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #814593 - "TypeError: 'unicode' object does not support item assignment" when pulling translation from server
https://bugzilla.redhat.com/show_bug.cgi?id=814593
[ 2 ] Bug #820046 - Python client generates empty msgctxt "" when pushing
https://bugzilla.redhat.com/show_bug.cgi?id=820046
[ 3 ] Bug #795643 - Python client pushes extracted comments instead of translator comments
https://bugzilla.redhat.com/show_bug.cgi?id=795643
--------------------------------------------------------------------------------
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
