Fedora 15 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The following Fedora 15 Security updates need testing:

    https://admin.fedoraproject.org/updates/FEDORA-2012-8604/qemu-0.14.0-9.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8114/libreoffice-3.3.4.1-5.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8611/hostapd-0.7.3-2.1.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8590/groff-1.21-4.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8615/FlightGear-2.0.0-6.fc15,SimGear-2.0.0-6.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-6630/dokuwiki-0-0.10.20110525.a.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-7246/libsoup-2.34.3-2.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-6629/gdb-7.3.1-50.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8339/rt3-3.8.12-1.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8360/drupal7-7.14-2.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8365/moodle-1.9.18-1.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8372/kernel-2.6.43.7-1.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8490/python-crypto-2.3-6.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2011-17233/tor-0.2.1.32-1500.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8488/globus-gridftp-server-6.10-2.fc15,globus-gridftp-server-control-2.5-2.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8024/openssl-1.0.0j-1.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-7131/seamonkey-2.9.1-1.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8010/sudo-1.7.4p5-5.fc15


The following Fedora 15 Critical Path updates have yet to be approved:

    https://admin.fedoraproject.org/updates/FEDORA-2012-8372/kernel-2.6.43.7-1.fc15
    https://admin.fedoraproject.org/updates/iproute-2.6.38.1-7.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8206/mdadm-3.2.5-1.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8027/libogg-1.3.0-1.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8010/sudo-1.7.4p5-5.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8024/openssl-1.0.0j-1.fc15
    https://admin.fedoraproject.org/updates/dracut-009-15.fc15


The following builds have been pushed to Fedora 15 updates-testing

    BitchX-1.2-11.fc15
    FlightGear-2.0.0-6.fc15
    SimGear-2.0.0-6.fc15
    fcitx-configtool-0.4.3-2.fc15
    gfalFS-1.0.0-0.3.20120503010snap.fc15
    mod_auth_token-1.0.5-2.fc15
    newlisp-10.4.3-2.fc15
    perl-CPAN-Perl-Releases-0.58-1.fc15

Details about builds:


================================================================================
 BitchX-1.2-11.fc15 (FEDORA-2012-8616)
 IrcII chat client
--------------------------------------------------------------------------------
Update Information:

updated source/bugfix release
--------------------------------------------------------------------------------
ChangeLog:

* Tue May 29 2012 Dan Mashal <vicodan@xxxxxxxxxxxxxxxxx> 1.2-11
-Updated to latest source code (svn rev 199)
--------------------------------------------------------------------------------


================================================================================
 FlightGear-2.0.0-6.fc15 (FEDORA-2012-8615)
 The FlightGear Flight Simulator
--------------------------------------------------------------------------------
Update Information:

Fixes for CVE-2012-2090 CVE-2012-2091
--------------------------------------------------------------------------------
ChangeLog:

* Tue May 29 2012 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 2.0.0-6
- check that printf format strings are never %n (CVE-2012-2090)
- use snprintf with a max size of 256 to prevent rotor name overflow (CVE-2012-2091)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #811617 - CVE-2012-2090 SimGear, FlightGear: Multiple format string flaws
        https://bugzilla.redhat.com/show_bug.cgi?id=811617
  [ 2 ] Bug #811630 - CVE-2012-2091 FlightGear: Stack-buffer overflow by retrieving crafted rotor name
        https://bugzilla.redhat.com/show_bug.cgi?id=811630
--------------------------------------------------------------------------------


================================================================================
 SimGear-2.0.0-6.fc15 (FEDORA-2012-8615)
 Simulation library components
--------------------------------------------------------------------------------
Update Information:

Fixes for CVE-2012-2090 CVE-2012-2091
--------------------------------------------------------------------------------
ChangeLog:

* Tue May 29 2012 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> 2.0.0-6
- check to be sure that %n is not being set as format type (CVE-2012-2090)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #811617 - CVE-2012-2090 SimGear, FlightGear: Multiple format string flaws
        https://bugzilla.redhat.com/show_bug.cgi?id=811617
  [ 2 ] Bug #811630 - CVE-2012-2091 FlightGear: Stack-buffer overflow by retrieving crafted rotor name
        https://bugzilla.redhat.com/show_bug.cgi?id=811630
--------------------------------------------------------------------------------


================================================================================
 fcitx-configtool-0.4.3-2.fc15 (FEDORA-2012-8649)
 Gtk configuretool for Fcitx
--------------------------------------------------------------------------------
Update Information:

Fix Segenttation Fault on GTK3
Initial Release for fcitx-configtool
Initial Release for fcitx-configtool
Initial Release for fcitx-configtool
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #821165 - Review Request: fcitx-configtool - Gtk configuretool for Fcitx
        https://bugzilla.redhat.com/show_bug.cgi?id=821165
--------------------------------------------------------------------------------


================================================================================
 gfalFS-1.0.0-0.3.20120503010snap.fc15 (FEDORA-2012-8640)
 Filesystem client based on GFAL 2.0
--------------------------------------------------------------------------------
Update Information:

initial import of gfalFS
--------------------------------------------------------------------------------


================================================================================
 mod_auth_token-1.0.5-2.fc15 (FEDORA-2012-8623)
 Token based URI access module for Apache
--------------------------------------------------------------------------------
Update Information:

mod_auth_token allow you to generate URIS for a determined time window,
you can also limit them by IP. This is very useful to handle file
downloads, generated URIS can't be hot-linked (after it expires), also
it allows you to protect very large files that can't be piped trough a
script languages due to memory limitation.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #633240 - Review Request: mod_auth_token - token based URI access for apache
        https://bugzilla.redhat.com/show_bug.cgi?id=633240
--------------------------------------------------------------------------------


================================================================================
 newlisp-10.4.3-2.fc15 (FEDORA-2012-8619)
 Lisp-like general purpose scripting
--------------------------------------------------------------------------------
Update Information:

"Adds support for more ARCHs"
--------------------------------------------------------------------------------
ChangeLog:

* Tue May 29 2012 Dan Horák <dan[at]danny.cz> 10.4.3-2
- allow build on all arches
--------------------------------------------------------------------------------


================================================================================
 perl-CPAN-Perl-Releases-0.58-1.fc15 (FEDORA-2012-8624)
 Mapping Perl releases on CPAN to the location of the tarballs
--------------------------------------------------------------------------------
Update Information:

This update includes v5.16.0 and v5.17.0.
--------------------------------------------------------------------------------
ChangeLog:

* Tue May 29 2012 Iain Arnell <iarnell@xxxxxxxxx> 0.58-1
- update to latest upstream version
* Fri May 18 2012 Iain Arnell <iarnell@xxxxxxxxx> 0.52-1
- update to latest upstream version
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux