The following Fedora 17 Security updates need testing: https://admin.fedoraproject.org/updates/FEDORA-2012-8577/groff-1.21-9.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8291/python-feedparser-5.1.2-2.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8274/socat-1.7.2.1-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8398/drupal7-7.14-2.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8284/moodle-2.2.3-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8290/rt3-3.8.12-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8428/apache-commons-compress-1.4.1-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8439/rubygem-rack-cache-1.2-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8392/python-crypto-2.6-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8434/python-virtualenvwrapper-3.4-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8445/globus-gridftp-server-6.10-2.fc17,globus-gridftp-server-control-2.5-2.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-7971/libgssglue-0.4-0.fc17 The following Fedora 17 Critical Path updates have yet to be approved: https://admin.fedoraproject.org/updates/FEDORA-2012-8563/ppp-2.4.5-22.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8576/libpwquality-1.1.0-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8564/clutter-1.10.6-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8546/gdb-7.4.50.20120120-47.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8405/policycoreutils-2.1.11-18.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8397/qt-4.8.2-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8267/xkeyboard-config-2.5.1-2.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8285/shared-mime-info-1.0-4.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8245/colord-0.1.21-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8228/zeitgeist-0.9.0-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8237/soprano-2.7.6-1.fc17 https://admin.fedoraproject.org/updates/mdadm-3.2.5-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8198/avahi-0.6.31-3.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8089/device-mapper-multipath-0.4.9-26.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-7932/fontconfig-2.8.0-7.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-7850/evolution-ews-3.4.2-1.fc17,evolution-mapi-3.4.2-1.fc17,evolution-data-server-3.4.2-1.fc17,evolution-3.4.2-1.fc17,gtkhtml3-4.4.2-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-7743/xmlrpc-c-1.29.3-1703.svn2290.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-7461/libarchive-3.0.4-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-7364/libzeitgeist-0.3.18-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-7308/accountsservice-0.6.20-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-7262/biosdevname-0.4.0-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-6598/openldap-2.4.31-2.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-1726/gpgme-1.3.0-8.fc17 The following builds have been pushed to Fedora 17 updates-testing clutter-1.10.6-1.fc17 groff-1.21-9.fc17 hitori-0.3.2-1.fc17 hydra-7.3-10.fc17 ktorrent-4.2.0-3.fc17 libAfterImage-1.20-5.fc17 libguac-0.6.0-6.fc17 libmodbus-3.0.3-1.fc17 libpwquality-1.1.0-1.fc17 librep-0.92.2-2.fc17 man-pages-it-2.80-10.fc17 mingw-cximage-600-5.fc17 muffin-1.0.3-3.fc17 nx-3.5.0-11.fc17 par2cmdline-0.4.tbb.20100203-9.fc17 ppp-2.4.5-22.fc17 python-ansi2html-0.9.0-3.fc17 rubygem-nokogiri-1.5.2-3.fc17 rubygem-stomp-1.2.2-1.fc17 seabios-1.7.0-1.fc17 tog-pegasus-2.11.1-7.fc17 zanata-python-client-1.3.6-1.fc17 Details about builds: ================================================================================ clutter-1.10.6-1.fc17 (FEDORA-2012-8564) Open Source software library for creating rich graphical user interfaces -------------------------------------------------------------------------------- Update Information: Clutter 1.10.6 2012-05-28 =============================================================================== * List of changes since Clutter 1.10.4 - Fix assertions and segfaults with touch events - Drop usage of GL types in Clutter C, GLib, and Cogl provide the same exact types, and we also get to drop the dependency on the GL header. - Update Visual Studio project files and build rules - Fix assertion error in ClutterFlowLayout - Re-allow passing NULL in clutter_text_set_text() The switch to ClutterTextBuffer introduced a regression. - Add missing annotations in ClutterText * List of bugs fixed since Clutter 1.10.4 [bugzilla.gnome.org] #675371 - Asserts when getting touch events #676150 - Fix GDK backend build on Windows #676068 - Setting size on ClutterFlowLayout container crashes #675890 - Passing NULL buffer to clutter_text_set_text() will not reset the buffer and segfault #675396 - Possible bug in _clutter_paint_volume_axis_align -------------------------------------------------------------------------------- ChangeLog: * Mon May 28 2012 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - 1.10.6-1 - Update to 1.10.6 - http://ftp.gnome.org/pub/GNOME/sources/clutter/1.10/clutter-1.10.6.news * Thu May 3 2012 Bastien Nocera <bnocera@xxxxxxxxxx> 1.10.4-2 - Add patches to fix crashes with touch events -------------------------------------------------------------------------------- ================================================================================ groff-1.21-9.fc17 (FEDORA-2012-8577) A document formatting system -------------------------------------------------------------------------------- Update Information: older security fixes - CVE-2009-5044: insecure temporary file handling in pdfroff - CVE-2009-5080: improper handling of failed attempts to create temporary directories in eqn2graph/pic2graph/grap2graph - CVE-2009-5081: roff2.pl and groffer.pl use easy-to-guess temporary file names -------------------------------------------------------------------------------- ChangeLog: * Tue May 29 2012 Jan Vcelak <jvcelak@xxxxxxxxxx> 1.21-9 - older security fixes (#709415, #720060): + CVE-2009-5044: insecure temporary file handling in pdfroff + CVE-2009-5080: improper handling of failed attempts to create temporary directories in eqn2graph/pic2graph/grap2graph + CVE-2009-5081: roff2.pl and groffer.pl use easy-to-guess temporary file names -------------------------------------------------------------------------------- References: [ 1 ] Bug #709413 - CVE-2009-5044 groff: insecure temporary file handling in pdfroff https://bugzilla.redhat.com/show_bug.cgi?id=709413 [ 2 ] Bug #720058 - CVE-2009-5080 groff: improper handling of failed attempts to create temporary directories in eqn2graph/pic2graph/grap2graph https://bugzilla.redhat.com/show_bug.cgi?id=720058 [ 3 ] Bug #720057 - CVE-2009-5081 groff: roff2.pl and groffer.pl use easy-to-guess temporary file names https://bugzilla.redhat.com/show_bug.cgi?id=720057 -------------------------------------------------------------------------------- ================================================================================ hitori-0.3.2-1.fc17 (FEDORA-2012-8575) Logic puzzle game for GNOME -------------------------------------------------------------------------------- Update Information: New upstream version. -------------------------------------------------------------------------------- ChangeLog: * Mon May 28 2012 Mario Blättermann <mariobl@xxxxxxxxxxxxxxxxx> - 0.3.2-1 - New upstream version - Removed the patch because it doesn't depend on libm anymore - Tweaked the description -------------------------------------------------------------------------------- ================================================================================ hydra-7.3-10.fc17 (FEDORA-2012-8573) Very fast network log-on cracker -------------------------------------------------------------------------------- Update Information: Fix binaries striping issue -------------------------------------------------------------------------------- ChangeLog: * Mon May 28 2012 Athmane Madjoudj <athmane@xxxxxxxxxxxxxxxxx> 7.3-10 - Fix binaries striping issue (#825860) -------------------------------------------------------------------------------- References: [ 1 ] Bug #825860 - hydra 7.3-9 binaries stripped too early https://bugzilla.redhat.com/show_bug.cgi?id=825860 -------------------------------------------------------------------------------- ================================================================================ ktorrent-4.2.0-3.fc17 (FEDORA-2012-8561) A BitTorrent program -------------------------------------------------------------------------------- Update Information: Support magnet links via x-scheme-handler/magnet mimetype -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 29 2012 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.2.0-3 - omit magnet.protocol - support/use MimeTypes=x-scheme-handler/magnet; instead * Thu Mar 29 2012 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.2.0-2 - drop ENABLE_KIO_MAGNET, let main app handle it -------------------------------------------------------------------------------- ================================================================================ libAfterImage-1.20-5.fc17 (FEDORA-2012-8568) A generic image manipulation library -------------------------------------------------------------------------------- Update Information: Fix some issues with newer libpng -------------------------------------------------------------------------------- ChangeLog: * Mon May 28 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 1.20-5 - fix some issues with newer libpng (rhbz#817780) * Fri Jan 13 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.20-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Tue Dec 6 2011 Adam Jackson <ajax@xxxxxxxxxx> - 1.20-3 - Rebuild for new libpng -------------------------------------------------------------------------------- References: [ 1 ] Bug #817780 - libAfterImage must be rebuilt fot libpng 1.5 in Fedora 17 https://bugzilla.redhat.com/show_bug.cgi?id=817780 -------------------------------------------------------------------------------- ================================================================================ libguac-0.6.0-6.fc17 (FEDORA-2012-8560) The common library used by all C components of Guacamole -------------------------------------------------------------------------------- Update Information: Guacamole base library -------------------------------------------------------------------------------- ================================================================================ libmodbus-3.0.3-1.fc17 (FEDORA-2012-8570) A Modbus library -------------------------------------------------------------------------------- Update Information: Upstream release of libmodbus 3.0.3. Bugfixes for Linux: - Fix a missing free in random-test-client - Fix OMG bug in modbus_mapping_free not freeing memory. -------------------------------------------------------------------------------- ChangeLog: * Fri May 25 2012 Stéphane Raimbault <stephane.raimbault@xxxxxxxxx> - 3.0.3-1 - new upstream release -------------------------------------------------------------------------------- ================================================================================ libpwquality-1.1.0-1.fc17 (FEDORA-2012-8576) A library for password generation and password quality checking -------------------------------------------------------------------------------- Update Information: Update with minor enhancements and also minor memory leak fix in the python bindings. -------------------------------------------------------------------------------- ChangeLog: * Thu May 24 2012 Tomas Mraz <tmraz@xxxxxxxxxx> 1.1.0-1 - fix leak when throwing PWQError exception - added pkgconfig file - call the simplicity checks before the cracklib check - add enforce_for_root option to the PAM module - updated translations from Transifex -------------------------------------------------------------------------------- References: [ 1 ] Bug #825877 - Update to ship pwquality.pc file https://bugzilla.redhat.com/show_bug.cgi?id=825877 -------------------------------------------------------------------------------- ================================================================================ librep-0.92.2-2.fc17 (FEDORA-2012-8578) A lightweight Lisp environment -------------------------------------------------------------------------------- Update Information: Fix stack direction on ARM -------------------------------------------------------------------------------- ChangeLog: * Sun May 27 2012 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - 0.92.2-2 - Fix stack direction on ARM platforms - Cleanup spec -------------------------------------------------------------------------------- ================================================================================ man-pages-it-2.80-10.fc17 (FEDORA-2012-8565) Italian man (manual) pages from the Linux Documentation Project -------------------------------------------------------------------------------- Update Information: Remove man2html.1 -------------------------------------------------------------------------------- ChangeLog: * Tue May 29 2012 Ding-Yi Chen <dchen@xxxxxxxxxx> - 2.80-10 - Resolves: #825918 - man-pages-it : Conflicts with man2html -------------------------------------------------------------------------------- References: [ 1 ] Bug #825918 - man-pages-it : Conflicts with man2html https://bugzilla.redhat.com/show_bug.cgi?id=825918 -------------------------------------------------------------------------------- ================================================================================ mingw-cximage-600-5.fc17 (FEDORA-2012-8567) MinGW Windows CxImage manipulation library -------------------------------------------------------------------------------- Update Information: mingw-cximage - MinGW Windows CxImage manipulation library -------------------------------------------------------------------------------- References: [ 1 ] Bug #820729 - Review Request: mingw-cximage - MinGW Windows CxImage manipulation library https://bugzilla.redhat.com/show_bug.cgi?id=820729 -------------------------------------------------------------------------------- ================================================================================ muffin-1.0.3-3.fc17 (FEDORA-2012-8569) Window and compositing manager based on Clutter -------------------------------------------------------------------------------- Update Information: update -------------------------------------------------------------------------------- ChangeLog: * Mon May 28 2012 leigh scott <leigh123linux@xxxxxxxxxxxxxx> - 1.0.3-3 - add patch to fix black border issue * Mon May 28 2012 leigh scott <leigh123linux@xxxxxxxxxxxxxx> - 1.0.3-2 - rebuilt * Sat May 5 2012 leigh scott <leigh123linux@xxxxxxxxxxxxxx> - 1.0.3-1 - update to 1.0.3 -------------------------------------------------------------------------------- ================================================================================ nx-3.5.0-11.fc17 (FEDORA-2012-8579) Proxy system for X11 -------------------------------------------------------------------------------- Update Information: Update nxagent to 3.5.0-9. http://www.nomachine.com/news-read.php?idnews=371 -------------------------------------------------------------------------------- ChangeLog: * Mon May 28 2012 Ville Skyttä <ville.skytta@xxxxxx> - 3.5.0-11 - Update nxagent to 3.5.0-9. - Provide bundled(md5-deutsch) for nxcomp. * Tue Apr 24 2012 Ville Skyttä <ville.skytta@xxxxxx> - 3.5.0-10 - Build nxagent with $RPM_LD_FLAGS. -------------------------------------------------------------------------------- References: [ 1 ] Bug #593199 - nxagent crashes when xeyes executed on nx https://bugzilla.redhat.com/show_bug.cgi?id=593199 -------------------------------------------------------------------------------- ================================================================================ par2cmdline-0.4.tbb.20100203-9.fc17 (FEDORA-2012-8566) PAR 2.0 compatible file verification and repair tool -------------------------------------------------------------------------------- Update Information: Fix FTBFS on ARM -------------------------------------------------------------------------------- ChangeLog: * Mon May 28 2012 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - 0.4.tbb.20100203-9 - Clean up spec to fix FTBFS on ARM * Wed Apr 11 2012 Karsten Hopp <karsten@xxxxxxxxxx> 0.4.tbb.20100203-8 - sed script to change from tbb to rt on non-x86 archs needs to fix Makefile.am as autoreconf runs afterwards -------------------------------------------------------------------------------- ================================================================================ ppp-2.4.5-22.fc17 (FEDORA-2012-8563) The Point-to-Point Protocol daemon -------------------------------------------------------------------------------- Update Information: Various bugfixes. -------------------------------------------------------------------------------- ChangeLog: * Tue May 29 2012 Michal Sekletar <msekleta@xxxxxxxxxx> - Resolves: #817011 - fixed ppp-2.4.5-eaptls-mppe-0.99 patch, added variable definition * Mon May 21 2012 Michal Sekletar <msekleta@xxxxxxxxxx> - Resolves: #817013 - fixed support for multilink channels in pppol2tp plugin * Thu May 17 2012 Michal Sekletar <msekleta@xxxxxxxxxx> - Resolves: #771340 - fixed compilation of pppd without USE_EAPTLS -------------------------------------------------------------------------------- References: [ 1 ] Bug #771340 - fix compiling pppd without USE_EAPTLS https://bugzilla.redhat.com/show_bug.cgi?id=771340 [ 2 ] Bug #817013 - openl2tp plugin is built incorrectly. https://bugzilla.redhat.com/show_bug.cgi?id=817013 [ 3 ] Bug #817011 - pppd passwordfd.so plugin doesn't load https://bugzilla.redhat.com/show_bug.cgi?id=817011 -------------------------------------------------------------------------------- ================================================================================ python-ansi2html-0.9.0-3.fc17 (FEDORA-2012-8571) Python module that converts text with ANSI color to HTML -------------------------------------------------------------------------------- Update Information: Fix to python2/python3 confusing in the 0.9.0-2 specfile. Latest version. Includes python3 support. -------------------------------------------------------------------------------- ChangeLog: * Wed May 23 2012 Ralph Bean <rbean@xxxxxxxxxx> - 0.9.0-3 - Fix executable python2/python3 confusion. - More explicit ownership of dirs in python_sitelib. - Removed mixed use of tabs and spaces. * Wed May 9 2012 Ralph Bean <rbean@xxxxxxxxxx> - 0.9.0-2 - python3 support. * Wed May 9 2012 Ralph Bean <rbean@xxxxxxxxxx> - 0.9.0-1 - Packaged latest upstream version. - Removed unnecessary defattr and buildroot - New dependency on python-six -------------------------------------------------------------------------------- References: [ 1 ] Bug #798243 - python-ansi2html-0.8.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=798243 -------------------------------------------------------------------------------- ================================================================================ rubygem-nokogiri-1.5.2-3.fc17 (FEDORA-2012-8559) An HTML, XML, SAX, and Reader parser -------------------------------------------------------------------------------- Update Information: Fix upgrade path for F-16 ruby-nokogiri -------------------------------------------------------------------------------- ChangeLog: * Mon May 28 2012 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxx> - 1.5.2-3 - Fix Obsoletes (bug 822931) -------------------------------------------------------------------------------- References: [ 1 ] Bug #822931 - For F16 rubygem-nokogiri incorrectly obsoletes ruby-nokogiri https://bugzilla.redhat.com/show_bug.cgi?id=822931 -------------------------------------------------------------------------------- ================================================================================ rubygem-stomp-1.2.2-1.fc17 (FEDORA-2012-8562) Ruby client for the Stomp messaging protocol -------------------------------------------------------------------------------- Update Information: Update to 1.2.2 -------------------------------------------------------------------------------- ChangeLog: * Mon May 28 2012 Michael Stahnke <stahnma@xxxxxxxxxxxxxx> - 1.2.2-1 - Update to 1.2.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #824046 - Incompatible with mcollective 2.0.0 https://bugzilla.redhat.com/show_bug.cgi?id=824046 -------------------------------------------------------------------------------- ================================================================================ seabios-1.7.0-1.fc17 (FEDORA-2012-8574) Open-source legacy BIOS implementation -------------------------------------------------------------------------------- Update Information: * Rebased to version 1.7.0 * Support for virtio-scsi * Improved USB drive support * Several USB controller bug fixes and improvements -------------------------------------------------------------------------------- ChangeLog: * Mon May 28 2012 Cole Robinson <crobinso@xxxxxxxxxx> - 1.7.0-1 - Rebased to version 1.7.0 - Support for virtio-scsi - Improved USB drive support - Several USB controller bug fixes and improvements * Wed Mar 28 2012 Paolo Bonzini <pbonzini@xxxxxxxxxx> - 1.6.3-2 - Fix bugs in booting from host (or redirected) USB pen drives -------------------------------------------------------------------------------- ================================================================================ tog-pegasus-2.11.1-7.fc17 (FEDORA-2012-8572) OpenPegasus WBEM Services for Linux -------------------------------------------------------------------------------- Update Information: Add options for ARM arch, cleanup ARCH directives, Add openssl base package Systemd support. -------------------------------------------------------------------------------- ChangeLog: * Mon May 28 2012 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - 2:2.11.1-7 - Add options for ARM arch, cleanup ARCH directives - Add openssl base package * Mon May 21 2012 Vitezslav Crhonek <vcrhonek@xxxxxxxxxx> - 2:2.11.1-6 - Add systemd support -------------------------------------------------------------------------------- ================================================================================ zanata-python-client-1.3.6-1.fc17 (FEDORA-2012-8558) Python Client for Zanata Server -------------------------------------------------------------------------------- Update Information: - Fixed rhbz#814593, "TypeError: 'unicode' object does not support item assignment" when pulling translation from server - Fixed rhbz#820046, Python client generates empty msgctxt "" when pushing - Fixed rhbz#795643, Python client pushes extracted comments instead of translator comments - Add option --disable-ssl-cert to python client- - Add help message for noskeletons option in pull, change content of Error 403 - Fixed the query param of skeletons - Implment --push-type option, omit --push-trans when specify --push-type option - Refactoring code and remove duplicate code -------------------------------------------------------------------------------- ChangeLog: * Mon May 28 2012 James Ni <jni@xxxxxxxxxx> - 1.3.6-1 - Fixed rhbz#814593, "TypeError: 'unicode' object does not support item assignment" when pulling translation from server - Fixed rhbz#820046, Python client generates empty msgctxt "" when pushing - Fixed rhbz#795643, Python client pushes extracted comments instead of translator comments - Add option --disable-ssl-cert to python client - Add help message for noskeletons option in pull, change content of Error 403 - Fixed the query param of skeletons - Implment --push-type option, omit --push-trans when specify --push-type option - Refactoring code and remove duplicate code -------------------------------------------------------------------------------- References: [ 1 ] Bug #814593 - "TypeError: 'unicode' object does not support item assignment" when pulling translation from server https://bugzilla.redhat.com/show_bug.cgi?id=814593 [ 2 ] Bug #820046 - Python client generates empty msgctxt "" when pushing https://bugzilla.redhat.com/show_bug.cgi?id=820046 [ 3 ] Bug #795643 - Python client pushes extracted comments instead of translator comments https://bugzilla.redhat.com/show_bug.cgi?id=795643 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test