The following Fedora 17 Security updates need testing: https://admin.fedoraproject.org/updates/FEDORA-2012-8577/groff-1.21-9.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8732/hostapd-0.7.3-7.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8650/FlightGear-2.6.0-2.fc17,SimGear-2.6.0-2.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8694/nut-2.6.3-4.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8677/arpwatch-2.1a15-20.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8670/asterisk-10.4.2-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8687/pidgin-2.10.4-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8398/drupal7-7.14-2.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8428/apache-commons-compress-1.4.1-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8439/rubygem-rack-cache-1.2-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8392/python-crypto-2.6-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8434/python-virtualenvwrapper-3.4-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8445/globus-gridftp-server-6.10-2.fc17,globus-gridftp-server-control-2.5-2.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-7971/libgssglue-0.4-0.fc17 The following Fedora 17 Critical Path updates have yet to be approved: https://admin.fedoraproject.org/updates/FEDORA-2012-8664/e2fsprogs-1.42.3-2.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8708/grubby-8.12-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8679/udev-182-3.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8676/bash-4.2.29-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8661/cryptsetup-1.4.3-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8738/apg-2.3.0b-15.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8739/perl-5.14.2-212.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8648/libvpx-1.0.0-3.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8563/ppp-2.4.5-22.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8576/libpwquality-1.1.0-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8564/clutter-1.10.6-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8546/gdb-7.4.50.20120120-47.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8405/policycoreutils-2.1.11-18.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8397/qt-4.8.2-2.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8267/xkeyboard-config-2.5.1-2.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8285/shared-mime-info-1.0-4.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8245/colord-0.1.21-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8228/zeitgeist-0.9.0-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8237/soprano-2.7.6-1.fc17 https://admin.fedoraproject.org/updates/mdadm-3.2.5-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8198/avahi-0.6.31-3.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-8089/device-mapper-multipath-0.4.9-26.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-7932/fontconfig-2.8.0-7.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-7850/evolution-ews-3.4.2-1.fc17,evolution-mapi-3.4.2-1.fc17,evolution-data-server-3.4.2-1.fc17,evolution-3.4.2-1.fc17,gtkhtml3-4.4.2-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-7461/libarchive-3.0.4-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-7364/libzeitgeist-0.3.18-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-7308/accountsservice-0.6.20-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-7262/biosdevname-0.4.0-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-6598/openldap-2.4.31-2.fc17 The following builds have been pushed to Fedora 17 updates-testing Django-1.4-3.fc17 Django-south-0.7.5-1.fc17 WindowMaker-0.95.3-2.fc17 apg-2.3.0b-15.fc17 arpwatch-2.1a15-20.fc17 asterisk-10.4.2-1.fc17 bash-4.2.29-1.fc17 calligra-2.4.2-1.fc17 calligra-l10n-2.4.2-1.fc17 cifs-utils-5.5-1.fc17 cryptsetup-1.4.3-1.fc17 drupal7-date_ical-1.1-1.fc17 dwarves-1.10-1.fc17 e2fsprogs-1.42.3-2.fc17 emacs-vm-8.1.2-1.fc17 gettext-0.18.1.1-14.fc17 ghc-Agda-2.3.0.1-2.fc17 ghc-derive-2.5.8-1.fc17 glpi-0.83.2-1.fc17 gnome-shell-search-fedora-packages-0.1-4.fc17 grubby-8.12-1.fc17 guacamole-ext-0.6.0-5.fc17 hostapd-0.7.3-7.fc17 jdo2-api-2.2-3.fc17 kismon-0.5-2.fc17 libreoffice-3.5.4.2-1.fc17 librep-0.92.2-3.fc17 lutok-0.2-1.fc17 man-pages-it-2.80-11.fc17 maxima-5.27.0-3.fc17 nc-1.107.20120403-1.fc17 nut-2.6.3-4.fc17 olpc-utils-2.0.12-1.fc17 papaki-1.0.0-0.1.Beta3.fc17 perl-5.14.2-212.fc17 pidgin-2.10.4-1.fc17 portals-pom-1.3-2.fc17 pvs-sbcl-5.0-10.fc17 python-rtslib-2.1.fb14-1.fc17 qpid-cpp-0.16-1.fc17.1 recoll-1.17.3-1.fc17 rome-0.9-11.fc17 rubygem-marc-0.5.0-1.fc17 rubygem-rake-compiler-0.8.1-1.fc17 sbcl-1.0.57-1.fc17 selinux-policy-3.10.0-128.fc17 smb4k-1.0.2-1.fc17 sssd-1.8.4-12.fc17 synfigstudio-0.63.05-3.1.fc17 targetcli-2.0rc1.fb12-1.fc17 tycho-0.14.1-4.fc17 uddi4j-2.0.5-3.fc17 udev-182-3.fc17 uget-1.8.2-1.fc17 wdiff-1.1.2-1.fc17 xmonad-0.10-11.fc17 Details about builds: ================================================================================ Django-1.4-3.fc17 (FEDORA-2012-8681) A high-level Python Web framework -------------------------------------------------------------------------------- Update Information: This update solves an FTBFS on python 2.7.3 -------------------------------------------------------------------------------- ChangeLog: * Wed May 30 2012 Matthias Runge <mrunge@xxxxxxxxxxxxxxxxx> - 1.4-3 - fix for FTBFS using python 2.7.3 (thanks to M.Cepl) * Sun Apr 1 2012 Matthias Runge <mrunge@xxxxxxxxxxxxxxxxx> - 1.4-2 - include forgotten %bcond_with internet - fix language handling for el6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #825425 - FTBFS: failing test with HTML comments with python 2.7.3 (FIXED) https://bugzilla.redhat.com/show_bug.cgi?id=825425 -------------------------------------------------------------------------------- ================================================================================ Django-south-0.7.5-1.fc17 (FEDORA-2012-8724) Intelligent schema migrations for Django apps -------------------------------------------------------------------------------- Update Information: Update to new upstream version. -------------------------------------------------------------------------------- ChangeLog: * Thu May 31 2012 Domingo Becker <domingobecker@xxxxxxxxx> - 0.7.5-1 - New upstream version. - Remove docs dir in files section. - Fixed unpacked directory name. -------------------------------------------------------------------------------- References: [ 1 ] Bug #826802 - New Upstream Version fixes Django 1.4 issues https://bugzilla.redhat.com/show_bug.cgi?id=826802 -------------------------------------------------------------------------------- ================================================================================ WindowMaker-0.95.3-2.fc17 (FEDORA-2012-8730) A fast, feature rich Window Manager -------------------------------------------------------------------------------- Update Information: This release fixes a regression which would cause more than one instance of an application to start (under some circunstances) when using menu shortcuts. The window maximization procedures now have a more intuitive behavior with respect to remembering the old geometry and going back to it. Furthermore, there are some other small fixes and cleanups. -------------------------------------------------------------------------------- ChangeLog: * Thu May 31 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 0.95.3-2 - fix description * Mon May 28 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 0.95.3-1 - version upgrade (rhbz#824670) -------------------------------------------------------------------------------- References: [ 1 ] Bug #824670 - Window Maker 0.95.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=824670 -------------------------------------------------------------------------------- ================================================================================ apg-2.3.0b-15.fc17 (FEDORA-2012-8738) Automated Password Generator for random password generation -------------------------------------------------------------------------------- Update Information: Fix an issue with the scriptlets. -------------------------------------------------------------------------------- ChangeLog: * Wed May 30 2012 Kevin Fenzi <kevin@xxxxxxxxx> 2.3.0b-15 - Fix typo in scriptlet. Fixes bug #826638 * Mon Apr 23 2012 Kevin Fenzi <kevin@xxxxxxxxx> 2.3.0b-14 - Add patch to handle crypt returning NULL. Fixes bug #815575 -------------------------------------------------------------------------------- References: [ 1 ] Bug #826638 - apg postinstall scriptlet appends duplicate entry to services https://bugzilla.redhat.com/show_bug.cgi?id=826638 -------------------------------------------------------------------------------- ================================================================================ arpwatch-2.1a15-20.fc17 (FEDORA-2012-8677) Network monitoring tools for tracking IP addresses on a network -------------------------------------------------------------------------------- Update Information: with "-u" fix supplementary group list (#825328) (CVE-2012-2653) -------------------------------------------------------------------------------- ChangeLog: * Thu May 31 2012 Aleš Ledvinka <aledvink@xxxxxxxxxx> 14:2.1a15-20 - fix supplementary group list (#825328) (CVE-2012-2653) -------------------------------------------------------------------------------- References: [ 1 ] Bug #825328 - CVE-2012-2653 arpwatch: fails to drop supplementary groups https://bugzilla.redhat.com/show_bug.cgi?id=825328 -------------------------------------------------------------------------------- ================================================================================ asterisk-10.4.2-1.fc17 (FEDORA-2012-8670) The Open Source PBX -------------------------------------------------------------------------------- Update Information: he Asterisk Development Team has announced the release of Asterisk 10.4.2. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk The release of Asterisk 10.4.2 resolves several issues reported by the community and would have not been possible without your participation. Thank you! The following are the issues resolved in this release: * --- Resolve crash in subscribing for MWI notifications (Closes issue ASTERISK-19827. Reported by B. R) * --- Fix crash in ConfBridge when user announcement is played for more than 2 users (Closes issue ASTERISK-19899. Reported by Florian Gilcher) For a full list of changes in this release, please see the ChangeLog: http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-10.4.2 The Asterisk Development Team has announced security releases for Certified Asterisk 1.8.11 and Asterisk 1.8 and 10. The available security releases are released as versions 1.8.11-cert2, 1.8.12.1, and 10.4.1. These releases are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/releases The release of Asterisk 1.8.11-cert2, 1.8.12.1, and 10.4.1 resolve the following two issues: * A remotely exploitable crash vulnerability exists in the IAX2 channel driver if an established call is placed on hold without a suggested music class. Asterisk will attempt to use an invalid pointer to the music on hold class name, potentially causing a crash. * A remotely exploitable crash vulnerability was found in the Skinny (SCCP) Channel driver. When an SCCP client closes its connection to the server, a pointer in a structure is set to NULL. If the client was not in the on-hook state at the time the connection was closed, this pointer is later dereferenced. This allows remote authenticated connections the ability to cause a crash in the server, denying services to legitimate users. These issues and their resolution are described in the security advisories. For more information about the details of these vulnerabilities, please read security advisories AST-2012-007 and AST-2012-008, which were released at the same time as this announcement. For a full list of changes in the current releases, please see the ChangeLogs: http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.11-cert2 http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.12.1 http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.4.1 The security advisories are available at: * http://downloads.asterisk.org/pub/security/AST-2012-007.pdf * http://downloads.asterisk.org/pub/security/AST-2012-008.pdf -------------------------------------------------------------------------------- ChangeLog: * Wed May 30 2012 Jeffrey Ollie <jeff@xxxxxxxxxx> - 10.4.2-1 - The Asterisk Development Team has announced the release of Asterisk 10.4.2. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 10.4.2 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - * --- Resolve crash in subscribing for MWI notifications - (Closes issue ASTERISK-19827. Reported by B. R) - - * --- Fix crash in ConfBridge when user announcement is played for - more than 2 users - (Closes issue ASTERISK-19899. Reported by Florian Gilcher) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-10.4.2 * Wed May 30 2012 Jeffrey Ollie <jeff@xxxxxxxxxx> - 10.4.1-1 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.11 and Asterisk 1.8 and 10. The available security releases are - released as versions 1.8.11-cert2, 1.8.12.1, and 10.4.1. - - These releases are available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk/releases - - The release of Asterisk 1.8.11-cert2, 1.8.12.1, and 10.4.1 resolve the following - two issues: - - * A remotely exploitable crash vulnerability exists in the IAX2 channel - driver if an established call is placed on hold without a suggested music - class. Asterisk will attempt to use an invalid pointer to the music - on hold class name, potentially causing a crash. - - * A remotely exploitable crash vulnerability was found in the Skinny (SCCP) - Channel driver. When an SCCP client closes its connection to the server, - a pointer in a structure is set to NULL. If the client was not in the - on-hook state at the time the connection was closed, this pointer is later - dereferenced. This allows remote authenticated connections the ability to - cause a crash in the server, denying services to legitimate users. - - These issues and their resolution are described in the security advisories. - - For more information about the details of these vulnerabilities, please read - security advisories AST-2012-007 and AST-2012-008, which were released at the - same time as this announcement. - - For a full list of changes in the current releases, please see the ChangeLogs: - - http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.11-cert2 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.12.1 - http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.4.1 - - The security advisories are available at: - - * http://downloads.asterisk.org/pub/security/AST-2012-007.pdf - * http://downloads.asterisk.org/pub/security/AST-2012-008.pdf * Fri May 4 2012 Jeffrey Ollie <jeff@xxxxxxxxxx> - 10.4.0-1 - The Asterisk Development Team has announced the release of Asterisk 10.4.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 10.4.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following are the issues resolved in this release: - - * --- Prevent chanspy from binding to zombie channels - (Closes issue ASTERISK-19493. Reported by lvl) - - * --- Fix Dial m and r options and forked calls generating warnings - for voice frames. - (Closes issue ASTERISK-16901. Reported by Chris Gentle) - - * --- Remove ISDN hold restriction for non-bridged calls. - (Closes issue ASTERISK-19388. Reported by Birger Harzenetter) - - * --- Fix copying of CDR(accountcode) to local channels. - (Closes issue ASTERISK-19384. Reported by jamicque) - - * --- Ensure Asterisk acknowledges ACKs to 4xx on Replaces errors - (Closes issue ASTERISK-19303. Reported by Jon Tsiros) - - * --- Eliminate double close of file descriptor in manager.c - (Closes issue ASTERISK-18453. Reported by Jaco Kroon) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-10.4.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #826474 - CVE-2012-2947 asterisk: Remote crash in IAX2 channel driver (AST-2012-007) https://bugzilla.redhat.com/show_bug.cgi?id=826474 -------------------------------------------------------------------------------- ================================================================================ bash-4.2.29-1.fc17 (FEDORA-2012-8676) The GNU Bourne Again shell -------------------------------------------------------------------------------- Update Information: Here is where you give an explanation of your update. -------------------------------------------------------------------------------- ChangeLog: * Thu May 31 2012 Roman Rakus <rrakus@xxxxxxxxxx> - 4.2.29-1 - Patchlevel 29 -------------------------------------------------------------------------------- References: [ 1 ] Bug #679696 - $PWD/<tab> no longer expands https://bugzilla.redhat.com/show_bug.cgi?id=679696 -------------------------------------------------------------------------------- ================================================================================ calligra-2.4.2-1.fc17 (FEDORA-2012-8662) An integrated office suite -------------------------------------------------------------------------------- Update Information: New stable/bugfix release, see also: http://www.calligra.org/news/calligra-2-4-2-released/ -------------------------------------------------------------------------------- ChangeLog: * Sat May 26 2012 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.4.2-1 - calligra-2.4.2 * Wed May 16 2012 Marek Kasik <mkasik@xxxxxxxxxx> - 2.4.1-4 - Rebuild (poppler-0.20.0) -------------------------------------------------------------------------------- ================================================================================ calligra-l10n-2.4.2-1.fc17 (FEDORA-2012-8662) Language files for calligra -------------------------------------------------------------------------------- Update Information: New stable/bugfix release, see also: http://www.calligra.org/news/calligra-2-4-2-released/ -------------------------------------------------------------------------------- ChangeLog: * Tue May 29 2012 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.4.2-1 - 2.4.2 -------------------------------------------------------------------------------- ================================================================================ cifs-utils-5.5-1.fc17 (FEDORA-2012-8668) Utilities for mounting and managing CIFS mounts -------------------------------------------------------------------------------- Update Information: This updates cifs-utils to the latest upstream release. -------------------------------------------------------------------------------- ChangeLog: * Wed May 30 2012 Jeff Layton <jlayton@xxxxxxxxxx> 5.5-1 - update to 5.5 * Wed Apr 25 2012 Jeff Layton <jlayton@xxxxxxxxxx> 5.4-2 - rebuild to fix dependencies due to libwbclient changes -------------------------------------------------------------------------------- ================================================================================ cryptsetup-1.4.3-1.fc17 (FEDORA-2012-8661) A utility for setting up encrypted disks -------------------------------------------------------------------------------- Update Information: Update to cryptsetup 1.4.3. -------------------------------------------------------------------------------- ChangeLog: * Thu May 31 2012 Milan Broz <mbroz@xxxxxxxxxx> - 1.4.3-1 - Update to cryptsetup 1.4.3. -------------------------------------------------------------------------------- ================================================================================ drupal7-date_ical-1.1-1.fc17 (FEDORA-2012-8736) Allows creation of an iCal feed in Views -------------------------------------------------------------------------------- Update Information: Allows creation of an iCal feed in Views. -------------------------------------------------------------------------------- References: [ 1 ] Bug #825644 - Review Request: drupal7-date_ical - Allows creation of an iCal feed in Views https://bugzilla.redhat.com/show_bug.cgi?id=825644 -------------------------------------------------------------------------------- ================================================================================ dwarves-1.10-1.fc17 (FEDORA-2012-8660) Debugging Information Manipulation Tools -------------------------------------------------------------------------------- Update Information: Adds support for some new GNU tags and DWARF4, which makes it work again on newer distros. -------------------------------------------------------------------------------- ChangeLog: * Wed May 30 2012 Arnaldo Carvalho de Melo <acme@xxxxxxxxxx> - 1.10-1 - New release -------------------------------------------------------------------------------- References: [ 1 ] Bug #742257 - pahole dies with error https://bugzilla.redhat.com/show_bug.cgi?id=742257 [ 2 ] Bug #772358 - pdwtags 1.9 cannot read files produced by gcc 4.7 https://bugzilla.redhat.com/show_bug.cgi?id=772358 [ 3 ] Bug #811738 - pahole isn't working right https://bugzilla.redhat.com/show_bug.cgi?id=811738 -------------------------------------------------------------------------------- ================================================================================ e2fsprogs-1.42.3-2.fc17 (FEDORA-2012-8664) Utilities for managing ext2, ext3, and ext4 filesystems -------------------------------------------------------------------------------- Update Information: * Rebase to e2fsprogs-1.42.3 * Fix potential data corruption issues for >16T filesystems in e2fsck. * New rbtree backend for bitmap handling in e2fsprogs for large fs efficiency * Other minor > 16T fixes -------------------------------------------------------------------------------- ChangeLog: * Fri May 31 2013 Eric Sandeen <sandeen@xxxxxxxxxx> 1.42.3-2 - New upstream version 1.42.3 - Fixes for > 16T filesystems -------------------------------------------------------------------------------- ================================================================================ emacs-vm-8.1.2-1.fc17 (FEDORA-2012-8725) Emacs VM mailreader -------------------------------------------------------------------------------- Update Information: Update to upstream bugfix release allowing VM to run with Emacs 24 -------------------------------------------------------------------------------- ChangeLog: * Wed May 30 2012 Jonathan G. Underwood <jonathan.underwood@xxxxxxxxx> - 8.1.2-1 - Update to version 8.1.2 - Remove separate emacs-vm-el sub-package to comply with updated packaging guidelines -------------------------------------------------------------------------------- References: [ 1 ] Bug #811325 - VM 8.1.1 is incompatible with Emacs 24 https://bugzilla.redhat.com/show_bug.cgi?id=811325 -------------------------------------------------------------------------------- ================================================================================ gettext-0.18.1.1-14.fc17 (FEDORA-2012-8713) GNU libraries and utilities for producing multi-lingual messages -------------------------------------------------------------------------------- Update Information: - fix a xgettext segfault in remember_a_message_plural - base package now provides bundled(gnulib) -------------------------------------------------------------------------------- ChangeLog: * Tue May 29 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 0.18.1.1-14 - add upstream patch from debian to fix xgettext segfault in remember_a_message_plural (#826138) * Thu May 17 2012 Jens Petersen <petersen@xxxxxxxxxx> - 0.18.1.1-13 - base package now provides bundled(gnulib) to make it clear that gettext is built with bundled gnulib (#821757) -------------------------------------------------------------------------------- References: [ 1 ] Bug #826138 - segfault in remember_a_message_plural https://bugzilla.redhat.com/show_bug.cgi?id=826138 [ 2 ] Bug #821757 - gettext: Gnulib bundled but no bundled(gnulib) provides https://bugzilla.redhat.com/show_bug.cgi?id=821757 -------------------------------------------------------------------------------- ================================================================================ ghc-Agda-2.3.0.1-2.fc17 (FEDORA-2012-8716) Dependently typed functional programming language -------------------------------------------------------------------------------- Update Information: A dependently typed functional programming language. To try it is recommended to install emacs-agda. - http://wiki.portal.chalmers.se/agda/pmwiki.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #710031 - Review Request: ghc-Agda - Dependently typed functional programming language https://bugzilla.redhat.com/show_bug.cgi?id=710031 -------------------------------------------------------------------------------- ================================================================================ ghc-derive-2.5.8-1.fc17 (FEDORA-2012-8701) Library to derive instances for data types -------------------------------------------------------------------------------- Update Information: ghc-derive is a program and library to derive instances for data types in Haskell. -------------------------------------------------------------------------------- References: [ 1 ] Bug #712270 - Review Request: ghc-derive - A program and library to derive instances for data types https://bugzilla.redhat.com/show_bug.cgi?id=712270 -------------------------------------------------------------------------------- ================================================================================ glpi-0.83.2-1.fc17 (FEDORA-2012-8749) Free IT asset management software -------------------------------------------------------------------------------- Update Information: Upstream Changelog: * Bug #3510: Can't delete group affected to a problem * Bug #3522: Ticket template with not display predefined fields * Bug #3523: Maximum duration of task to 100h * Bug #3524: Reminder visibility bugs : not take into account hours * Bug #3532: Always propose Entity as visibility criteria * Bug #3533: Problem on send notification to groups : not send to supervisor * Bug #3534: Fix SQL notice on login * Bug #3537: bug on problem navigation * Bug #3539: Fix delete ticket notification * Bug #3545: Assign groups to ticket rules not filtered * Bug #3546: Anonymous FAQ categories display * Bug #3547: Bug on add from template with ' * Bug #3555: Missing supplier field on ticket creation * Bug #3557: On rules, criteria exist/not exist not check is value is 0 * Bug #3559: update a closed ticket * Bug #3571: Bad URL link on notifications * Bug #3577: Ticket recurrent issue with special char. in text field * Bug #3580: Bug in purge user * Bug #3581: Bug in transfer of a ticket * Bug #3586: File system conversion not detected * Bug #3587: View ticket for a post only that can't create ticket * Bug #3593: Improve extract title from content on mailcollector * Bug #3594: Error extracting striping text content when bad quoting * Bug #3595: Software dictionnary problem * Bug #3596: Missing under criteria for asisgn group on rule criteria * Bug #3597: Delete delegate and supervisor of groups from massive actions * Bug #3598: Bookmark and nosearch items * Bug #3602: due date calculation with waiting times with SLA * Bug #3613: Change summary for ICS export (no item linked but ticket tile) * Bug #3618: create private task on duraton set depending on user pref * Bug #3626: ticket template : actor list displayed when set as hidden. * Bug #3627: ticket creation don't use user default entity * Bug #3628: Duplicated category after ticket transfer * Feature #3582: Debug mode from command line * Task #3529: Add SLA delay (minutes) -------------------------------------------------------------------------------- ChangeLog: * Thu May 31 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 0.83.2-1 - version 0.83.1 released https://forge.indepnet.net/projects/glpi/versions/750 -------------------------------------------------------------------------------- ================================================================================ gnome-shell-search-fedora-packages-0.1-4.fc17 (FEDORA-2012-8665) Search the fedora-packages webapp from the gnome-shell -------------------------------------------------------------------------------- Update Information: Initial packaging. -------------------------------------------------------------------------------- References: [ 1 ] Bug #825008 - Review Request: gnome-shell-search-fedora-packages - Search the fedora-packages webapp from the gnome-shell https://bugzilla.redhat.com/show_bug.cgi?id=825008 -------------------------------------------------------------------------------- ================================================================================ grubby-8.12-1.fc17 (FEDORA-2012-8708) Command line tool for updating bootloader configs -------------------------------------------------------------------------------- Update Information: This should fix the problems of preupgrade not updating the kernel/initrd entries. -------------------------------------------------------------------------------- ChangeLog: * Thu May 31 2012 Peter Jones <pjones@xxxxxxxxxx> - 8.12-1 - Update to 8.12 - Preserve trailing indentation when splitting line elements (mads) Resolves: rhbz#742720 - Pick last device mounted on / (pjones,bcl) Related: rhbz#820340 Related: rhbz#820351 -------------------------------------------------------------------------------- References: [ 1 ] Bug #742720 - yum update with new kernel strips white space from /etc/default/grub GRUB_DEFAULT value https://bugzilla.redhat.com/show_bug.cgi?id=742720 [ 2 ] Bug #820340 - kernel-X.Y-Z.fc17 does not supersede kernel-X.Y-Z.fc16 in grub https://bugzilla.redhat.com/show_bug.cgi?id=820340 -------------------------------------------------------------------------------- ================================================================================ guacamole-ext-0.6.0-5.fc17 (FEDORA-2012-8718) Common interfaces for extending the main Guacamole web application -------------------------------------------------------------------------------- Update Information: Common interfaces for extending the main Guacamole web application -------------------------------------------------------------------------------- ================================================================================ hostapd-0.7.3-7.fc17 (FEDORA-2012-8732) IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator -------------------------------------------------------------------------------- Update Information: Add BuildRequires for systemd-units Fixup typo in configuration file path in hostapd.service -------------------------------------------------------------------------------- ChangeLog: * Wed May 30 2012 John W. Linville <linville@xxxxxxxxxx> - 0.7.3-7 - Add BuildRequires for systemd-units * Fri May 25 2012 John W. Linville <linville@xxxxxxxxxx> - 0.7.3-6 - Fixup typo in configuration file path in hostapd.service - Tighten-up default permissions for hostapd.conf -------------------------------------------------------------------------------- References: [ 1 ] Bug #824661 - CVE-2012-2389 hostapd: insecure default permissions on /etc/hostapd/hostapd.conf [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=824661 [ 2 ] Bug #818800 - hostapd.service pointing to the wrong config file https://bugzilla.redhat.com/show_bug.cgi?id=818800 -------------------------------------------------------------------------------- ================================================================================ jdo2-api-2.2-3.fc17 (FEDORA-2012-8743) Implementation of JSR 243: Java Data Objects 2.0 -------------------------------------------------------------------------------- Update Information: Initial import. -------------------------------------------------------------------------------- References: [ 1 ] Bug #826056 - Review Request: jdo2-api - Implementation of JSR 243: Java Data Objects 2.0 https://bugzilla.redhat.com/show_bug.cgi?id=826056 -------------------------------------------------------------------------------- ================================================================================ kismon-0.5-2.fc17 (FEDORA-2012-8674) A simple GUI client for kismet -------------------------------------------------------------------------------- Update Information: * Mon May 28 2012 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 0.5-2 - License fixed - Old stuff removed * Tue Mar 27 2012 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 0.5-1 - Initial package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #817847 - Review Request: kismon - A simple GUI client for kismet https://bugzilla.redhat.com/show_bug.cgi?id=817847 -------------------------------------------------------------------------------- ================================================================================ libreoffice-3.5.4.2-1.fc17 (FEDORA-2012-8722) Free Software Productivity Suite -------------------------------------------------------------------------------- Update Information: new upstream release 3.5.4 -------------------------------------------------------------------------------- ChangeLog: * Wed May 30 2012 Caolán McNamara <caolanm@xxxxxxxxxx> - 3.5.3.2-7 - Resolves: rhbz#822522 S390 FTBFS * Wed May 23 2012 David Tardon <dtardon@xxxxxxxxxx> - 3.5.4.2-1 - 3.5.4 rc2 * Thu May 17 2012 Caolán McNamara <caolanm@xxxxxxxxxx> - 3.5.4.1-2 - Resolves: rhbz#811226 ARM FTBFS * Wed May 16 2012 David Tardon <dtardon@xxxxxxxxxx> - 3.5.4.1-1 - 3.5.4 rc1 - drop integrated 0001-do-not-prepend-n-twice-it-confuses-KFileDialog-rhbz-.patch - drop integrated 0001-incrementing-index-twice-in-one-run-seems-wrong.patch - drop integrated 0001-fdo-49365-correctly-map-monitor-index-back-to-screen.patch - drop integrated 0001-rhbz-809019-count-mirrored-monitors-as-one.patch * Sun May 13 2012 Caolán McNamara <caolanm@xxxxxxxxxx> - 3.5.3.2-5 - Resolves: fdo#49849 line breaking fixes for Hebrew * Fri May 11 2012 David Tardon <dtardon@xxxxxxxxxx> - 3.5.3.2-4 - Resolves: rhbz#820439 KDE export dialog broken for most formats - Resolves: fdo#49365 Libreoffice fails to start on second screen with gtk vcl plugin - Resolves: rhbz#809019 Impress thinks a machine with 2 monitors in clone mode is multihead -------------------------------------------------------------------------------- ================================================================================ librep-0.92.2-3.fc17 (FEDORA-2012-8667) A lightweight Lisp environment -------------------------------------------------------------------------------- Update Information: Tweak ARM build configuration Fix stack direction on ARM -------------------------------------------------------------------------------- ChangeLog: * Wed May 30 2012 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - 0.92.2-3 - Improve ARM platform detection * Sun May 27 2012 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - 0.92.2-2 - Fix stack direction on ARM platforms - Cleanup spec -------------------------------------------------------------------------------- ================================================================================ lutok-0.2-1.fc17 (FEDORA-2012-8704) Lightweight C++ API library for Lua -------------------------------------------------------------------------------- Update Information: Update to the new 0.2 release of Lutok. This is to allow the packaging of Kyua. This release is backwards compatible and, because nothing depends on this package at the moment, it should not cause any issues. -------------------------------------------------------------------------------- ChangeLog: * Wed May 30 2012 Julio Merino <jmmv@xxxxxxxxxx> 0.2-1 - Package updated to Lutok 0.2. -------------------------------------------------------------------------------- ================================================================================ man-pages-it-2.80-11.fc17 (FEDORA-2012-8709) Italian man (manual) pages from the Linux Documentation Project -------------------------------------------------------------------------------- Update Information: Remove hman to avoid collide with man2html Remove man2html.1 Remove man2html.1 Remove man2html.1 -------------------------------------------------------------------------------- ChangeLog: * Thu May 31 2012 Ding-Yi Chen <dchen@xxxxxxxxxx> - 2.80-11 - Remove hman.1 as well. * Tue May 29 2012 Ding-Yi Chen <dchen@xxxxxxxxxx> - 2.80-10 - Resolves: #825918 - man-pages-it : Conflicts with man2html -------------------------------------------------------------------------------- References: [ 1 ] Bug #825918 - man-pages-it : Conflicts with man2html https://bugzilla.redhat.com/show_bug.cgi?id=825918 -------------------------------------------------------------------------------- ================================================================================ maxima-5.27.0-3.fc17 (FEDORA-2012-8728) Symbolic Computation Program -------------------------------------------------------------------------------- Update Information: New stable sbcl release. Fixes a packaging/scriptlet bug where upgrades could hang. See also: http://www.sbcl.org/all-news.html#1.0.57 -------------------------------------------------------------------------------- ChangeLog: * Tue May 29 2012 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 5.27.0-3 - rebuild (sbcl) -------------------------------------------------------------------------------- References: [ 1 ] Bug #822008 - Silent lockup in upgrade of sbcl https://bugzilla.redhat.com/show_bug.cgi?id=822008 -------------------------------------------------------------------------------- ================================================================================ nc-1.107.20120403-1.fc17 (FEDORA-2012-8711) Reads and writes data across network connections using TCP or UDP -------------------------------------------------------------------------------- Update Information: Switch to glibc b64_ntop() implementation, update, and change versioning scheme. -------------------------------------------------------------------------------- ChangeLog: * Tue May 22 2012 Petr Šabata <contyk@xxxxxxxxxx> - 1.107.20120403-1 - Use glibc implementation of b64_ntop() - Include the CVS checkout date in Version * Tue Apr 3 2012 Petr Šabata <contyk@xxxxxxxxxx> - 1.107-1 - 1.107 bump - Warn if accept fails implemented upstream, removing the patch * Fri Mar 23 2012 Petr Šabata <contyk@xxxxxxxxxx> - 1.106-1 - 1.106 bump - BSD jumbo support removed upstream - size_t format patch included upstream * Thu Feb 9 2012 Petr Šabata <contyk@xxxxxxxxxx> - 1.105-1 - 1.105 bump -------------------------------------------------------------------------------- ================================================================================ nut-2.6.3-4.fc17 (FEDORA-2012-8694) Network UPS Tools -------------------------------------------------------------------------------- Update Information: fix heap-based buffer overflow due improper processing of non-printable characters in random network data (CVE-2012-2944) - no change, just updated release number to fix upgrade path -------------------------------------------------------------------------------- ChangeLog: * Thu May 31 2012 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 2.6.3-3 - fix heap-based buffer overflow due improper processing of non-printable characters in random network data (CVE-2012-2944) * Mon May 28 2012 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 2.6.3-3 - bump release nubmer to fix upgrade path -------------------------------------------------------------------------------- References: [ 1 ] Bug #826489 - CVE-2012-2944 nut: Heap-based buffer overflow due improper processing of non-printable characters in random network data https://bugzilla.redhat.com/show_bug.cgi?id=826489 -------------------------------------------------------------------------------- ================================================================================ olpc-utils-2.0.12-1.fc17 (FEDORA-2012-8706) OLPC utilities -------------------------------------------------------------------------------- Update Information: Fix shutdown splash. Fix sisusbvga adapter usage. Misc configuration fixes. Fix /home/olpc permissions on upgrade from pre-F17. Assorted fixes for USB VGA, network and partition handling. Configuration fixes for USB VGA, Lego devices. Fix reading of MAC address in olpc-configure, and add log rotation helper. -------------------------------------------------------------------------------- ChangeLog: * Thu May 31 2012 Daniel Drake <dsd@xxxxxxxxxx> - 2.0.12-1 - Fix for sisusb configuration - Allow access to butia robot devices - Delay shutdown after showing splash to give the user time to see it * Wed May 16 2012 Daniel Drake <dsd@xxxxxxxxxx> - 2.0.11-1 - Fixes for X and suond configuration and upgrade path from pre-F17 * Mon May 7 2012 Daniel Drake <dsd@xxxxxxxxxx> - 2.0.10-1 - Fix mounting of boot partition - Fix DisplayLink USB VGA support * Fri Apr 27 2012 Daniel Drake <dsd@xxxxxxxxxx> - 2.0.9-1 - Fix udev configuration for Lego devices - Disable media keys in GNOME - Fix USB VGA * Wed Apr 18 2012 Daniel Drake <dsd@xxxxxxxxxx> - 2.0.8-1 - Add log rotation utility - Wait for network device before reading MAC address -------------------------------------------------------------------------------- ================================================================================ papaki-1.0.0-0.1.Beta3.fc17 (FEDORA-2012-8680) An annotation scanner and repository -------------------------------------------------------------------------------- Update Information: first build after review. used for ironjacamar standalone. -------------------------------------------------------------------------------- References: [ 1 ] Bug #821356 - Review Request: papaki - A Java annotation scanner and repository https://bugzilla.redhat.com/show_bug.cgi?id=821356 -------------------------------------------------------------------------------- ================================================================================ perl-5.14.2-212.fc17 (FEDORA-2012-8739) Practical Extraction and Report Language -------------------------------------------------------------------------------- Update Information: Fix find2perl to translate ? glob properly -------------------------------------------------------------------------------- ChangeLog: * Tue May 29 2012 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 4:5.14.2-212 - Fix find2perl to translate ? glob properly (bug #825701) -------------------------------------------------------------------------------- References: [ 1 ] Bug #825701 - find2perl does not translate ? glob properly https://bugzilla.redhat.com/show_bug.cgi?id=825701 -------------------------------------------------------------------------------- ================================================================================ pidgin-2.10.4-1.fc17 (FEDORA-2012-8687) A Gtk+ based multiprotocol instant messaging client -------------------------------------------------------------------------------- Update Information: Fix for CVE-2012-2214 and CVE-2012-2318. -------------------------------------------------------------------------------- ChangeLog: * Wed May 30 2012 Jon Ciesla <limburgher@xxxxxxxxx> - 2.10.4-1 - Update to 2.10.4, CVE-2012-2214, CVE-2012-2318, BZ 806839, 819454. - Port to farstream patch upstreamed. * Wed May 2 2012 Milan Crha <mcrha@xxxxxxxxxx> - 2.10.2-2 - Rebuild against newer evolution-data-server -------------------------------------------------------------------------------- References: [ 1 ] Bug #806839 - pidgin-2.10.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=806839 [ 2 ] Bug #819454 - CVE-2012-2214 CVE-2012-2318 pidgin various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=819454 -------------------------------------------------------------------------------- ================================================================================ portals-pom-1.3-2.fc17 (FEDORA-2012-8726) Apache Portals parent pom -------------------------------------------------------------------------------- Update Information: Initial import. -------------------------------------------------------------------------------- References: [ 1 ] Bug #824536 - Review Request: portals-pom - Apache Portals parent pom https://bugzilla.redhat.com/show_bug.cgi?id=824536 -------------------------------------------------------------------------------- ================================================================================ pvs-sbcl-5.0-10.fc17 (FEDORA-2012-8728) Interactive theorem prover from SRI -------------------------------------------------------------------------------- Update Information: New stable sbcl release. Fixes a packaging/scriptlet bug where upgrades could hang. See also: http://www.sbcl.org/all-news.html#1.0.57 -------------------------------------------------------------------------------- ChangeLog: * Tue May 29 2012 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 5.0-10 - rebuild (sbcl) -------------------------------------------------------------------------------- References: [ 1 ] Bug #822008 - Silent lockup in upgrade of sbcl https://bugzilla.redhat.com/show_bug.cgi?id=822008 -------------------------------------------------------------------------------- ================================================================================ python-rtslib-2.1.fb14-1.fc17 (FEDORA-2012-8682) API for RisingTide Systems generic SCSI target -------------------------------------------------------------------------------- Update Information: Fixes reported issue with FCoE targets. Side-port of RHEL packages. -------------------------------------------------------------------------------- ChangeLog: * Wed May 30 2012 Andy Grover <agrover@xxxxxxxxxx> - 2.1.fb14-1 - Update Source URL to proper tarball - Add patch retry-target-creation.patch - New upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #826817 - listing FCoE targets in targetcli fails https://bugzilla.redhat.com/show_bug.cgi?id=826817 -------------------------------------------------------------------------------- ================================================================================ qpid-cpp-0.16-1.fc17.1 (FEDORA-2012-8733) Libraries for Qpid C++ client applications -------------------------------------------------------------------------------- Update Information: Release 0.16 of Qpid. -------------------------------------------------------------------------------- ChangeLog: * Tue May 29 2012 Darryl L. Pierce <dpierce@xxxxxxxxxx> - 0.16-1.1 - Release 0.16 of Qpid upstream. - Removed non-Fedora conditional areas of the specfile. - Changed the location of qmfgen to the python sitelib directory. * Tue Apr 17 2012 Dan Horák <dan[at]danny.cz> - 0.14-1.3 - fix build when size_t != unsigned int -------------------------------------------------------------------------------- ================================================================================ recoll-1.17.3-1.fc17 (FEDORA-2012-8745) Desktop full text search tool with Qt GUI -------------------------------------------------------------------------------- Update Information: Update to latest upstream release, fixing a issue in creation of index of mail data. -------------------------------------------------------------------------------- ChangeLog: * Wed May 30 2012 Terje Rosten <terje.rosten@xxxxxxx> - 1.17.3-1 - 1.17.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #819408 - [abrt] recoll-1.17.1-1.fc16: std::istream::seekg: Process /usr/bin/recollindex was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=819408 -------------------------------------------------------------------------------- ================================================================================ rome-0.9-11.fc17 (FEDORA-2012-8750) RSS and Atom Utilities -------------------------------------------------------------------------------- Update Information: Added maven pom. -------------------------------------------------------------------------------- ChangeLog: * Fri May 25 2012 gil cattaneo <puntogil@xxxxxxxxx> 0.9-11 - Added maven POM -------------------------------------------------------------------------------- References: [ 1 ] Bug #825308 - Added maven POM https://bugzilla.redhat.com/show_bug.cgi?id=825308 -------------------------------------------------------------------------------- ================================================================================ rubygem-marc-0.5.0-1.fc17 (FEDORA-2012-8719) Ruby library for MARC catalog -------------------------------------------------------------------------------- Update Information: New version 0.5.0 is released. -------------------------------------------------------------------------------- ChangeLog: * Wed May 30 2012 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxx> - 0.5.0-1 - 0.5.0 -------------------------------------------------------------------------------- ================================================================================ rubygem-rake-compiler-0.8.1-1.fc17 (FEDORA-2012-8748) Rake-based Ruby C Extension task generator -------------------------------------------------------------------------------- Update Information: New version 0.8.1 is released. -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 16 2012 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxx> - 0.8.1-1 - 0.8.1 * Tue Apr 3 2012 Bohuslav Kabrda <bkabrda@xxxxxxxxxx> - 0.8.0-3 - Fix conditionals for F17 to work for RHEL 7 as well. -------------------------------------------------------------------------------- ================================================================================ sbcl-1.0.57-1.fc17 (FEDORA-2012-8728) Steel Bank Common Lisp -------------------------------------------------------------------------------- Update Information: New stable sbcl release. Fixes a packaging/scriptlet bug where upgrades could hang. See also: http://www.sbcl.org/all-news.html#1.0.57 -------------------------------------------------------------------------------- ChangeLog: * Fri May 25 2012 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 1.0.57-1 - sbcl-1.0.57 - fix/renable common-lisp support (accidentally disabled since 1.0.54-1) -------------------------------------------------------------------------------- References: [ 1 ] Bug #822008 - Silent lockup in upgrade of sbcl https://bugzilla.redhat.com/show_bug.cgi?id=822008 -------------------------------------------------------------------------------- ================================================================================ selinux-policy-3.10.0-128.fc17 (FEDORA-2012-8720) SELinux policy configuration -------------------------------------------------------------------------------- Update Information: - Fix description of authlogin_nsswitch_use_ldap - Fix transition rule for rhsmcertd_t needed for RHEL7 - Allow useradd to list nfs state data - Allow openvpn to manage its log file and directory - We want vdsm to transition to mount_t when executing mount command to make sure /etc/mtab remains labeled correctly - Allow thumb to use nvidia devices - Allow local_login to create user_tmp_t files for kerberos - Pulseaudio needs to read systemd_login /var/run content - virt should only transition named system_conf_t config files - Allow munin to execute its plugins - Allow nagios system plugin to read /etc/passwd - Allow plugin to connect to soundd port - Fix httpd_passwd to be able to ask passwords - Radius servers can use ldap for backing store - Seems to need to mount on /var/lib for xguest polyinstatiation to work. - Allow systemd_logind to list the contents of gnome keyring - VirtualGL need xdm to be able to manage content in /etc/opt/VirtualGL - Add policy for isns-utils -------------------------------------------------------------------------------- ChangeLog: * Wed May 30 2012 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.10.0-128 - Fix description of authlogin_nsswitch_use_ldap - Fix transition rule for rhsmcertd_t needed for RHEL7 - Allow useradd to list nfs state data - Allow openvpn to manage its log file and directory - We want vdsm to transition to mount_t when executing mount command to make sure /etc/mtab remains labeled correctly - Allow thumb to use nvidia devices - Allow local_login to create user_tmp_t files for kerberos - Pulseaudio needs to read systemd_login /var/run content - virt should only transition named system_conf_t config files - Allow munin to execute its plugins - Allow nagios system plugin to read /etc/passwd - Allow plugin to connect to soundd port - Fix httpd_passwd to be able to ask passwords - Radius servers can use ldap for backing store - Seems to need to mount on /var/lib for xguest polyinstatiation to work. - Allow systemd_logind to list the contents of gnome keyring - VirtualGL need xdm to be able to manage content in /etc/opt/VirtualGL - Add policy for isns-utils * Mon May 28 2012 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.10.0-127 - Add policy for subversion daemon - Allow boinc to read passwd - Allow pads to read kernel network state - Fix man2html interface for sepolgen-ifgen - Remove extra /usr/lib/systemd/system/smb - Remove all /lib/systemd and replace with /usr/lib/systemd - Add policy for man2html - Fix the label of kerberos_home_t to krb5_home_t - Allow mozilla plugins to use Citrix - Allow tuned to read /proc/sys/kernel/nmi_watchdog - Allow tune /sys options via systemd's tmpfiles.d "w" type * Wed May 23 2012 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.10.0-126 - Dontaudit lpr_t to read/write leaked mozilla tmp files - Add file name transition for .grl-podcasts directory - Allow corosync to read user tmp files - Allow fenced to create snmp lib dirs/files - More fixes for sge policy - Allow mozilla_plugin_t to execute any application - Allow dbus to read/write any open file descriptors to any non security file on the system that it inherits to that it can pass them to another domain - Allow mongod to read system state information - Fix wrong type, we should dontaudit sys_admin for xdm_t not xserver_t - Allow polipo to manage polipo_cache dirs - Add jabbar_client port to mozilla_plugin_t - Cleanup procmail policy - system bus will pass around open file descriptors on files that do not have labels on them - Allow l2tpd_t to read system state - Allow tuned to run ls /dev - Allow sudo domains to read usr_t files - Add label to machine-id - Fix corecmd_read_bin_symlinks cut and paste error -------------------------------------------------------------------------------- References: [ 1 ] Bug #809832 - avc on tuned-adm profile powersave https://bugzilla.redhat.com/show_bug.cgi?id=809832 [ 2 ] Bug #819082 - Gnome-disk-utility (palimpsest) crashes when trying to attach disk image https://bugzilla.redhat.com/show_bug.cgi?id=819082 [ 3 ] Bug #821189 - SELinux is preventing polkit-agent-he from using the 'setsched' accesses on a process. https://bugzilla.redhat.com/show_bug.cgi?id=821189 [ 4 ] Bug #821268 - SELinux is preventing /usr/sbin/lspci from using the 'sys_admin' capabilities. https://bugzilla.redhat.com/show_bug.cgi?id=821268 [ 5 ] Bug #821420 - SELinux is preventing /usr/bin/bash from 'read' accesses on the file /var/lib/sss/mc/group. This file (which is actually the on-disk representation of a mmap() cache) needs to be readable by any process. It should only be writable by SSSD processes. https://bugzilla.redhat.com/show_bug.cgi?id=821420 [ 6 ] Bug #822789 - avc denial on systemd-journald prevents startup when /etc/machine-id doesn't exist https://bugzilla.redhat.com/show_bug.cgi?id=822789 [ 7 ] Bug #822854 - SELinux is preventing /opt/google/talkplugin/GoogleTalkPlugin from 'read' accesses on the file pulse-shm-233641167. https://bugzilla.redhat.com/show_bug.cgi?id=822854 [ 8 ] Bug #823000 - SELinux is preventing /usr/bin/dbus-daemon from read, write access on the file /home/elad/f17arm-latest-arm-rpi+x-mmcblk0.img. https://bugzilla.redhat.com/show_bug.cgi?id=823000 [ 9 ] Bug #823035 - SELinux is preventing plugin-containe from 'name_connect' accesses on the tcp_socket . https://bugzilla.redhat.com/show_bug.cgi?id=823035 [ 10 ] Bug #823211 - SELinux is preventing /usr/bin/totem from 'create' accesses on the file .grl-metadata-store. https://bugzilla.redhat.com/show_bug.cgi?id=823211 [ 11 ] Bug #823251 - SELinux is preventing /usr/bin/totem-video-thumbnailer from 'create' accesses on the directory .orc. https://bugzilla.redhat.com/show_bug.cgi?id=823251 [ 12 ] Bug #823294 - SELinux is preventing /usr/sbin/gpsd from 'module_request' accesses on the system . https://bugzilla.redhat.com/show_bug.cgi?id=823294 [ 13 ] Bug #823306 - SELinux is preventing /usr/bin/gnome-mplayer from 'execute' accesses on the file /usr/bin/mencoder. https://bugzilla.redhat.com/show_bug.cgi?id=823306 [ 14 ] Bug #823398 - SELinux is preventing /usr/bin/mongod from 'read' accesses on the file meminfo. https://bugzilla.redhat.com/show_bug.cgi?id=823398 [ 15 ] Bug #824097 - SELinux is preventing /usr/bin/lpstat.cups from 'write' accesses on the file /tmp/npicaitl35F. https://bugzilla.redhat.com/show_bug.cgi?id=824097 [ 16 ] Bug #824099 - SELinux is preventing /opt/Citrix/ICAClient/wfica from 'write' accesses on the file /home/mikhail/.ICAClient/CtxFlashCache/CacheFile.cache. https://bugzilla.redhat.com/show_bug.cgi?id=824099 [ 17 ] Bug #824438 - SELinux is preventing /usr/lib64/xulrunner-2/plugin-container from 'add_name' accesses on the directory socket-9666-1526706912. https://bugzilla.redhat.com/show_bug.cgi?id=824438 [ 18 ] Bug #824999 - logins directory is not created or owned by package https://bugzilla.redhat.com/show_bug.cgi?id=824999 [ 19 ] Bug #825276 - SELinux is preventing /usr/bin/bash from 'read' accesses on the file /etc/passwd. https://bugzilla.redhat.com/show_bug.cgi?id=825276 [ 20 ] Bug #825530 - SELinux is preventing /usr/bin/systemd-tmpfiles from read access on the lnk_file sda. https://bugzilla.redhat.com/show_bug.cgi?id=825530 [ 21 ] Bug #825718 - SELinux is preventing /usr/bin/ls from getattr access on the blk_file /dev/sdb https://bugzilla.redhat.com/show_bug.cgi?id=825718 [ 22 ] Bug #826064 - SELinux is preventing /usr/lib64/xulrunner-2/plugin-container from 'name_connect' accesses on the tcp_socket . https://bugzilla.redhat.com/show_bug.cgi?id=826064 [ 23 ] Bug #826444 - krb5 tickets not accessible for user_t/staff_t https://bugzilla.redhat.com/show_bug.cgi?id=826444 [ 24 ] Bug #826448 - SELinux is preventing /usr/libexec/gstreamer-0.10/gst-plugin-scanner from read, write access on the chr_file nvidiactl. https://bugzilla.redhat.com/show_bug.cgi?id=826448 -------------------------------------------------------------------------------- ================================================================================ smb4k-1.0.2-1.fc17 (FEDORA-2012-8699) The SMB/CIFS Share Browser for KDE -------------------------------------------------------------------------------- Update Information: New upstream release, one bug fix release. -------------------------------------------------------------------------------- ChangeLog: * Thu May 31 2012 Sérgio Basto <sergio@xxxxxxxxxx> 1.0.2 - New upstream release * Thu May 31 2012 Sérgio Basto <sergio@xxxxxxxxxx> 1.0.1-8 - add patch to fix several bugs, from upcoming release 1.0.2. * Mon May 7 2012 Sérgio Basto <sergio@xxxxxxxxxx> 1.0.1-7 - add requires cifs-utils, to have mount.cifs * Thu Apr 19 2012 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.0.1-6 - remove some assumptions about qreal = double -------------------------------------------------------------------------------- ================================================================================ sssd-1.8.4-12.fc17 (FEDORA-2012-8707) System Security Services Daemon -------------------------------------------------------------------------------- Update Information: * Wed May 30 2012 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 1.8.4-12 - New upstream release 1.8.4 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.4 - Fix a bug causing AD servers not to fail over properly when the KDC on the primary server is down - Fix an endianness bug on big-endian systems when looking up services - Fix a segfault dealing with nested groups - Make the nowait cache updates work for netgroups - Fix a regression that broke domains with use_fully_qualified_names = True - Correct package dependency versions to match installed arch -------------------------------------------------------------------------------- ChangeLog: * Wed May 30 2012 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 1.8.4-12 - New upstream release 1.8.4 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.4 - Fix a bug causing AD servers not to fail over properly when the KDC on the primary server is down - Fix an endianness bug on big-endian systems when looking up services - Fix a segfault dealing with nested groups - Make the nowait cache updates work for netgroups - Fix a regression that broke domains with use_fully_qualified_names = True - Correct package dependency versions to match installed arch -------------------------------------------------------------------------------- References: [ 1 ] Bug #811375 - Use keytab to select etypes for krb5_get_init_creds_keytab() https://bugzilla.redhat.com/show_bug.cgi?id=811375 [ 2 ] Bug #811518 - Invalid cache file created when canoning principals during krb5_get_init_creds_keytab() https://bugzilla.redhat.com/show_bug.cgi?id=811518 [ 3 ] Bug #820979 - sssd does not provide maps for automounter when custom schema is being used https://bugzilla.redhat.com/show_bug.cgi?id=820979 -------------------------------------------------------------------------------- ================================================================================ synfigstudio-0.63.05-3.1.fc17 (FEDORA-2012-8734) Vector-based 2D animation studio -------------------------------------------------------------------------------- Update Information: This fix addresses an issue where Shared MIME-Info database cache gets overwritten causing a break of file type recognition in many applications. -------------------------------------------------------------------------------- ChangeLog: * Tue May 29 2012 Luya Tshimbalanga <luya@xxxxxxxxxxxxxxxxx> - 0.63.05-3.1 - Really remove all but xml file (rhbz#821740) * Mon May 21 2012 Luya Tshimbalanga <luya@xxxxxxxxxxxxxxxxx> - 0.63.05-2 - Fix mime.cache issue (rhbz#821740) -------------------------------------------------------------------------------- References: [ 1 ] Bug #821740 - synfigstudio-0.63.05-1.fc16: package contains wrong files https://bugzilla.redhat.com/show_bug.cgi?id=821740 -------------------------------------------------------------------------------- ================================================================================ targetcli-2.0rc1.fb12-1.fc17 (FEDORA-2012-8682) An administration shell for storage targets -------------------------------------------------------------------------------- Update Information: Fixes reported issue with FCoE targets. Side-port of RHEL packages. -------------------------------------------------------------------------------- ChangeLog: * Wed May 30 2012 Andy Grover <agrover@xxxxxxxxxx> - 2.0rc1.fb12-1 - Update Source UTL to proper tarball - New upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #826817 - listing FCoE targets in targetcli fails https://bugzilla.redhat.com/show_bug.cgi?id=826817 -------------------------------------------------------------------------------- ================================================================================ tycho-0.14.1-4.fc17 (FEDORA-2012-8309) Plugins and extensions for building Eclipse plugins and OSGI bundles with Maven -------------------------------------------------------------------------------- Update Information: Tycho should ignore remote repositories when run in local mode. Also, the BREE should be set to JavaSE-1.6 for OSGi bundles to ensure a successful build. -------------------------------------------------------------------------------- ChangeLog: * Wed May 23 2012 Roland Grunberg <rgrunber@xxxxxxxxxx> 0.14.1-4 - Non-bootstrap build. * Thu May 17 2012 Roland Grunberg <rgrunber@xxxxxxxxxx> 0.14.1-3.1 - Set BREE to be at least JavaSE-1.6 for Eclipse OSGi bundles. * Wed May 16 2012 Roland Grunberg <rgrunber@xxxxxxxxxx> 0.14.1-3 - Non-bootstrap build. * Wed Apr 25 2012 Roland Grunberg <rgrunber@xxxxxxxxxx> 0.14.1-2.1 - Implement a custom resolver when running in local mode. - Use upstream solution for BZ #372395 to fix the build. -------------------------------------------------------------------------------- ================================================================================ uddi4j-2.0.5-3.fc17 (FEDORA-2012-8731) Universal Description, Discovery and Integration registry API for Java -------------------------------------------------------------------------------- Update Information: First version, based on upstream 2.0.5 -------------------------------------------------------------------------------- References: [ 1 ] Bug #825890 - Review Request: uddi4j - Universal Description, Discovery and Integration registry API for Java https://bugzilla.redhat.com/show_bug.cgi?id=825890 -------------------------------------------------------------------------------- ================================================================================ udev-182-3.fc17 (FEDORA-2012-8679) A rule-based device node and kernel event manager -------------------------------------------------------------------------------- Update Information: Preemptive fix for a USB autosuspend issue that can hit with 3.5 or newer kernels. Prevents USB keyboards and mice from inadvertently being autosuspended. -------------------------------------------------------------------------------- ChangeLog: * Thu May 31 2012 Josh Boyer <jwboyer@xxxxxxxxxx> 182-3 - Limit USB autosuspend on USB HID devices (brc#825284) * Tue Mar 27 2012 Harald Hoyer <harald@xxxxxxxxxx> 182-2 - removed s390 rules -------------------------------------------------------------------------------- References: [ 1 ] Bug #825284 - udev suspends keyboard/mouse with 3.5 kernel https://bugzilla.redhat.com/show_bug.cgi?id=825284 -------------------------------------------------------------------------------- ================================================================================ uget-1.8.2-1.fc17 (FEDORA-2012-8690) Download manager using GTK+ and libcurl -------------------------------------------------------------------------------- Update Information: New version 1.8.2 is released. -------------------------------------------------------------------------------- ChangeLog: * Thu May 31 2012 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxx> - 1.8.2-1 - 1.8.2 -------------------------------------------------------------------------------- ================================================================================ wdiff-1.1.2-1.fc17 (FEDORA-2012-8672) A front-end to GNU diff -------------------------------------------------------------------------------- Update Information: New release and resolved no-bundled library issur. -------------------------------------------------------------------------------- ChangeLog: * Tue May 29 2012 Praveen Kumar <kumarpraveen.nitdgp@xxxxxxxxx> 1.1.2-1 - New release and fixed no bundled library issue -------------------------------------------------------------------------------- References: [ 1 ] Bug #821791 - wdiff: Gnulib bundled but no bundled(gnulib) provides https://bugzilla.redhat.com/show_bug.cgi?id=821791 -------------------------------------------------------------------------------- ================================================================================ xmonad-0.10-11.fc17 (FEDORA-2012-8438) A tiling window manager -------------------------------------------------------------------------------- Update Information: - recompile user binary at startup if it has broken shared libraries (eg when upgrading from F16 to F17 with gmp soname bump) - move xmonad.desktop from core to basic subpackage - correct xmonad-basic obsoletes xmonad-core -------------------------------------------------------------------------------- ChangeLog: * Thu May 31 2012 Jens Petersen <petersen@xxxxxxxxxx> - 0.10-11 - really fix xmonad-start to use hardware-platform correctly * Tue May 29 2012 Jens Petersen <petersen@xxxxxxxxxx> - 0.10-10 - fix user binary ldd check on i686/i386 using "uname -i" not "arch", and then recompile directly instead of just touching xmonad.hs first * Fri May 25 2012 Jens Petersen <petersen@xxxxxxxxxx> - 0.10-9 - basic subpackage should only obsolete core from before the split * Thu May 24 2012 Jens Petersen <petersen@xxxxxxxxxx> - 0.10-8 - move xmonad.desktop from core to basic subpackage * Thu May 24 2012 Jens Petersen <petersen@xxxxxxxxxx> - 0.10-7 - xmonad-start: if user binary has missing shared lib dependencies touch xmonad.hs so it gets recompiled (#806624 reported by Erik Streb) * Fri Mar 23 2012 Jens Petersen <petersen@xxxxxxxxxx> - 0.10-6 - try delaying manpage terminal startup 5s to avoid window resize - add license to ghc_files -------------------------------------------------------------------------------- References: [ 1 ] Bug #806624 - config dynlinked against older xmonad version breaks when version is updated https://bugzilla.redhat.com/show_bug.cgi?id=806624 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test