Fedora 15 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 15 Security updates need testing:

    https://admin.fedoraproject.org/updates/FEDORA-2012-8114/libreoffice-3.3.4.1-5.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8615/FlightGear-2.0.0-6.fc15,SimGear-2.0.0-6.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-6630/dokuwiki-0-0.10.20110525.a.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-7246/libsoup-2.34.3-2.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8702/arpwatch-2.1a15-16.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-6629/gdb-7.3.1-50.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8669/pidgin-2.10.4-1.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8685/asterisk-1.8.12.2-1.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8747/nut-2.6.3-4.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8805/krb5-1.9.3-2.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8912/rubygem-actionpack-3.0.5-8.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8915/postgresql-9.0.8-1.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8911/php-symfony-symfony-1.4.18-1.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8960/mumble-1.2.3-4.fc15.1
    https://admin.fedoraproject.org/updates/FEDORA-2011-17233/tor-0.2.1.32-1500.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8972/rubygem-activerecord-3.0.5-3.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-7131/seamonkey-2.9.1-1.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8010/sudo-1.7.4p5-5.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8931/kernel-2.6.43.8-1.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8962/bind-9.8.3-2.P1.fc15


The following Fedora 15 Critical Path updates have yet to be approved:

    https://admin.fedoraproject.org/updates/perl-Gtk2-MozEmbed-0.09-1.fc15.12,gnome-python2-extras-2.25.3-35.fc15.8,firefox-13.0-1.fc15,xulrunner-13.0-1.fc15
    https://admin.fedoraproject.org/updates/FEDORA-2012-8931/kernel-2.6.43.8-1.fc15
    https://admin.fedoraproject.org/updates/iproute-2.6.38.1-7.fc15
    https://admin.fedoraproject.org/updates/dracut-009-15.fc15


The following builds have been pushed to Fedora 15 updates-testing

    abi-compliance-checker-1.97.7-1.fc15
    bind-9.8.3-2.P1.fc15
    bmake-20111111-1.fc15
    chirp-0.2.2-1.fc15
    chmsee-1.99-0.15.9.git36b4702.fc15
    ecryptfs-utils-96-3.fc15
    kernel-2.6.43.8-1.fc15
    mumble-1.2.3-4.fc15.1
    php-symfony-symfony-1.4.18-1.fc15
    postgresql-9.0.8-1.fc15
    python-proteus-1.8.3-2.fc15
    rcssserver-15.1.0-1.fc15
    rubygem-actionpack-3.0.5-8.fc15
    rubygem-activerecord-3.0.5-3.fc15
    tryton-1.8.5-1.fc15
    trytond-1.8.7-1.fc15
    trytond-account-1.8.5-1.fc15
    trytond-account-invoice-1.8.1-1.fc15
    trytond-ldap-authentication-1.8.1-1.fc15
    trytond-party-siret-1.8.1-1.fc15
    trytond-purchase-1.8.5-1.fc15
    trytond-sale-1.8.4-1.fc15
    trytond-stock-1.8.3-1.fc15
    trytond-stock-supply-1.8.3-1.fc15

Details about builds:


================================================================================
 abi-compliance-checker-1.97.7-1.fc15 (FEDORA-2012-8970)
 An ABI Compliance Checker
--------------------------------------------------------------------------------
Update Information:

Update to latest upstream release.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jun  4 2012 Richard Shaw <hobbes1069@xxxxxxxxx> - 1.97.7-1
- Update to latest upstream release.
--------------------------------------------------------------------------------


================================================================================
 bind-9.8.3-2.P1.fc15 (FEDORA-2012-8962)
 The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server
--------------------------------------------------------------------------------
Update Information:

Update to the latest upstream release which fixes CVE-2012-1667. More information is available on http://www.isc.org/software/bind/advisories/cve-2012-1667
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jun  4 2012 Adam Tkac <atkac redhat com> 32:9.8.3-2.P1
- update to 9.8.3-P1 (CVE-2012-1667)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #828078 - CVE-2012-1667 bind: handling of zero length rdata can cause named to terminate unexpectedly
        https://bugzilla.redhat.com/show_bug.cgi?id=828078
--------------------------------------------------------------------------------


================================================================================
 bmake-20111111-1.fc15 (FEDORA-2012-8935)
 The NetBSD make(1) tool
--------------------------------------------------------------------------------
Update Information:

The NetBSD make(1) tool
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun  5 2012 Luis Bazan <bazanluis20@xxxxxxxxx> 20111111-1
- New Version for f15
* Mon Feb  6 2012 Julio Merino <jmmv@xxxxxxxxxx> 20111111-1
- New upstream version.
* Thu Jan 12 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 20090222-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 chirp-0.2.2-1.fc15 (FEDORA-2012-8952)
 A tool for programming two-way radio equipment
--------------------------------------------------------------------------------
Update Information:

Update to latest upstream release.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jun  4 2012 Richard Shaw <hobbes1069@xxxxxxxxx> - 0.2.2-1
- Update to latest upstream release.
--------------------------------------------------------------------------------


================================================================================
 chmsee-1.99-0.15.9.git36b4702.fc15 (FEDORA-2012-8978)
 HTML Help viewer for Unix/Linux
--------------------------------------------------------------------------------
Update Information:

Rebuild for xulrunner 13
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun  5 2012 bbbush <bbbush.yuan@xxxxxxxxx> - 1.99-0.15.9.git36b4702
- rebuild for xulrunner 13
--------------------------------------------------------------------------------


================================================================================
 ecryptfs-utils-96-3.fc15 (FEDORA-2012-8888)
 The eCryptfs mount helper and support libraries
--------------------------------------------------------------------------------
Update Information:

- always load ecryptfs module in advance - this should fix situations, where ecryptfs mounts and decrypts data, but file names are still encrypted
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jun  4 2012 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 96-3
- for file name encryption support check, module must be loaded already
* Mon Apr 16 2012 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 96-2
- when ecryptfs-mount-fails, check if user is member of ecryptfs group
--------------------------------------------------------------------------------


================================================================================
 kernel-2.6.43.8-1.fc15 (FEDORA-2012-8931)
 The Linux kernel
--------------------------------------------------------------------------------
Update Information:

Update to Linux 2.6.43.8 (3.3.8).

Disabled 32bit NX emulation.  Suspected of being broken and it deviates from upstream.

Unless there are further security issues, this will likely be the last F15 kernel update before End-of-Life.
The 3.3.7 stable kernel contains a number of important bug fixes
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jun  4 2012 Josh Boyer <jwboyer@xxxxxxxxxx> 2.6.43.8-1
- Linux v3.3.8
* Mon Jun  4 2012 Dave Jones <davej@xxxxxxxxxx>
- Disable 32bit NX emulation.
* Wed May 30 2012 Josh Boyer <jwboyer@xxxxxxxxxx>
- CVE-2012-2390 huge pages: memory leak on mmap failure (rhbz 824352 824345)
* Thu May 24 2012 Josh Boyer <jwboyer@xxxxxxxxxx>
- CVE-2012-2372 mm: 32bit PAE pmd walk vs populate SMP race (rhbz 822821 822825)
* Mon May 21 2012 Justin M. Forbes <jforbes@xxxxxxxxxx> 3.3.7-1
- Linux 3.3.7
* Fri May 18 2012 Josh Boyer <jwboyer@xxxxxxxxxx>
- Additional fixes for CVE-2011-4131 (rhbz 822874 822869)
* Thu May 17 2012 Josh Boyer <jwboyer@xxxxxxxxxx>
- Fix rtlwifi async firmware load race condition (rhbz 822120)
* Wed May 16 2012 Justin M. Forbes <jforbes@xxxxxxxxxx> 2.6.43.6-3
- fix rtl8187: ->brightness_set can not sleep (rhbz 795176)
* Tue May 15 2012 Josh Boyer <jwboyer@xxxxxxxxxx>
- Fixup atl1c register programming (rhbz 749276)
* Mon May 14 2012 Justin M. Forbes <jforbes@xxxxxxxxxx> 2.6.43.6-1
- Linux 3.3.6
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #822821 - CVE-2012-2373 kernel: mm: read_pmd_atomic: 32bit PAE pmd walk vs pmd_populate SMP race condition
        https://bugzilla.redhat.com/show_bug.cgi?id=822821
  [ 2 ] Bug #824345 - CVE-2012-2390 kernel: huge pages: memory leak on mmap failure
        https://bugzilla.redhat.com/show_bug.cgi?id=824345
  [ 3 ] Bug #822869 - CVE-2012-2375 kernel: incomplete fix for CVE-2011-4131
        https://bugzilla.redhat.com/show_bug.cgi?id=822869
--------------------------------------------------------------------------------


================================================================================
 mumble-1.2.3-4.fc15.1 (FEDORA-2012-8960)
 Voice chat suite aimed at gamers
--------------------------------------------------------------------------------
Update Information:

This update fixes a number of startup problems of the mumble server murmur.

Additionally it contains a fix for CVE-2012-0863 (insecure world-readable permissions on database file) of the mumble client.
Rebuild for newer protobuf
--------------------------------------------------------------------------------
ChangeLog:

* Thu May 31 2012 Christian Krause <chkr@xxxxxxxxxxxxxxxxx> - 1.2.3-4.1
- Fix startup issues of murmurd (BZ 711711, BZ 771423)
- Fix directory ownership of %{_libdir}/mumble and %{_datadir}/mumble*
  (BZ 744886)
- Add upstream patch for CVE-2012-0863 (BZ 791058)
- Fix broken logrotate config file (BZ 730129)
- Add dependency for qt4-sqlite (BZ 660221)
- Remove /sbin/ldconfig from %post(un) since mumble does not
  contain any libraries in %{_libdir}
- Some minor cleanup
* Mon Sep 12 2011 Andreas Osowski <th0br0@xxxxxxxxxx> - 1.2.3-4
- Rebuild for updated protobuf
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #791000 - CVE-2012-0863 mumble: insecure world-readable permissions on database file
        https://bugzilla.redhat.com/show_bug.cgi?id=791000
--------------------------------------------------------------------------------


================================================================================
 php-symfony-symfony-1.4.18-1.fc15 (FEDORA-2012-8911)
 Open-Source PHP Web Framework
--------------------------------------------------------------------------------
Update Information:

- upstream 1.4.18
- fixes: CVE-2012-2667 php-symfony-symfony: Session fixation flaw
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jun  4 2012 Christof Damian <christof@xxxxxxxxxx> - 1.4.18-1
- upstream 1.4.18 (security fix)
* Thu Mar  8 2012 Christof Damian <christof@xxxxxxxxxx> - 1.4.17-2
- fix doctrine path
* Thu Mar  8 2012 Christof Damian <christof@xxxxxxxxxx> - 1.4.17-1
- upstream 1.4.17
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.4.8-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #828079 - CVE-2012-2667 php-symfony-symfony: Session fixation flaw corrected in upstream 1.4.18 version [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=828079
--------------------------------------------------------------------------------


================================================================================
 postgresql-9.0.8-1.fc15 (FEDORA-2012-8915)
 PostgreSQL client programs
--------------------------------------------------------------------------------
Update Information:

Upstream bug fix + security updates, including the fixes for CVE-2012-2143, CVE-2012-2655
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jun  4 2012 Tom Lane <tgl@xxxxxxxxxx> 9.0.8-1
- Update to PostgreSQL 9.0.8, for various fixes described at
  http://www.postgresql.org/docs/9.0/static/release-9-0-8.html
  including the fixes for CVE-2012-2143, CVE-2012-2655
Resolves: #826606
- Update previous version (embedded in postgresql-upgrade) to 8.4.12
  because fix in whole-row variable dumping could be needed for upgrades
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #826606 - CVE-2012-2143 CVE-2012-2655 postgresql: various flaws [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=826606
--------------------------------------------------------------------------------


================================================================================
 python-proteus-1.8.3-2.fc15 (FEDORA-2012-8909)
 Library to access Tryton's internal objects
--------------------------------------------------------------------------------
Update Information:

update to latest upstream bugfix releases
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jun  2 2012 Dan Horák <dan@xxxxxxxx> - 1.8.3-2
- fix BR/R
* Sat Jun  2 2012 Dan Horák <dan@xxxxxxxx> - 1.8.3-1
- new upstream version 1.8.3
--------------------------------------------------------------------------------


================================================================================
 rcssserver-15.1.0-1.fc15 (FEDORA-2012-8971)
 Robocup 2D Soccer Simulation Server
--------------------------------------------------------------------------------
Update Information:

* Fixed a bug of referee's player clearance operation after fouls. * Fixed a defect of zero division in Quantize method.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jun  4 2012 Hedayat Vatankhah <hedayat.fwd+rpmchlog@xxxxxxxxx> - 15.1.0-1
- Update to version 15.1.0
- Remove some no-longer-necessary lines (e.g. buildroot tag)
- ax_boost_base.m4 patch no longer necessary
* Fri May 27 2011 Dan Horák <dan[at]danny.cz> - 15.0.0-2
- fix build on non-x86 64-bit architectures
--------------------------------------------------------------------------------


================================================================================
 rubygem-actionpack-3.0.5-8.fc15 (FEDORA-2012-8912)
 Web-flow and rendering framework putting the VC in MVC
--------------------------------------------------------------------------------
Update Information:

Fix for CVE-2012-2660.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jun  4 2012 Vít Ondruch <vondruch@xxxxxxxxxx> - 1:3.0.5-8
- Fix for CVE-2012-2660.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #827353 - CVE-2012-2660 rubygem-actionpack: Unsafe query generation
        https://bugzilla.redhat.com/show_bug.cgi?id=827353
--------------------------------------------------------------------------------


================================================================================
 rubygem-activerecord-3.0.5-3.fc15 (FEDORA-2012-8972)
 Implements the ActiveRecord pattern for ORM
--------------------------------------------------------------------------------
Update Information:

Fix for CVE-2012-2661.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun  5 2012 Vít Ondruch <vondruch@xxxxxxxxxx> - 1:3.0.5-3
- Fix for CVE-2012-2661.
* Tue Aug 23 2011 Mo Morsi <mmorsi@xxxxxxxxxx> - 1:3.0.5-2
- Fix for BZ #731438
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #827363 - CVE-2012-2661 rubygem-activerecord: SQL injection when processing nested query paramaters
        https://bugzilla.redhat.com/show_bug.cgi?id=827363
--------------------------------------------------------------------------------


================================================================================
 tryton-1.8.5-1.fc15 (FEDORA-2012-8909)
 Client for the Tryton application framework
--------------------------------------------------------------------------------
Update Information:

update to latest upstream bugfix releases
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jun  2 2012 Dan Horák <dan@xxxxxxxx> - 1.8.5-1
- new upstream version 1.8.5
--------------------------------------------------------------------------------


================================================================================
 trytond-1.8.7-1.fc15 (FEDORA-2012-8909)
 Server for the Tryton application framework
--------------------------------------------------------------------------------
Update Information:

update to latest upstream bugfix releases
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jun  2 2012 Dan Horák <dan@xxxxxxxx> - 1.8.7-1
- new upstream version 1.8.7
--------------------------------------------------------------------------------


================================================================================
 trytond-account-1.8.5-1.fc15 (FEDORA-2012-8909)
 account module for Tryton
--------------------------------------------------------------------------------
Update Information:

update to latest upstream bugfix releases
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jun  2 2012 Dan Horák <dan@xxxxxxxx> - 1.8.5-1
- new upstream version 1.8.5
--------------------------------------------------------------------------------


================================================================================
 trytond-account-invoice-1.8.1-1.fc15 (FEDORA-2012-8909)
 account-invoice module for Tryton
--------------------------------------------------------------------------------
Update Information:

update to latest upstream bugfix releases
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jun  2 2012 Dan Horák <dan@xxxxxxxx> - 1.8.1-1
- new upstream version 1.8.1
--------------------------------------------------------------------------------


================================================================================
 trytond-ldap-authentication-1.8.1-1.fc15 (FEDORA-2012-8909)
 ldap-authentication module for Tryton
--------------------------------------------------------------------------------
Update Information:

update to latest upstream bugfix releases
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jun  2 2012 Dan Horák <dan@xxxxxxxx> - 1.8.1-1
- new upstream version 1.8.1
--------------------------------------------------------------------------------


================================================================================
 trytond-party-siret-1.8.1-1.fc15 (FEDORA-2012-8909)
 party-siret module for Tryton
--------------------------------------------------------------------------------
Update Information:

update to latest upstream bugfix releases
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jun  2 2012 Dan Horák <dan@xxxxxxxx> - 1.8.1-1
- new upstream version 1.8.1
--------------------------------------------------------------------------------


================================================================================
 trytond-purchase-1.8.5-1.fc15 (FEDORA-2012-8909)
 purchase module for Tryton
--------------------------------------------------------------------------------
Update Information:

update to latest upstream bugfix releases
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jun  2 2012 Dan Horák <dan@xxxxxxxx> - 1.8.5-1
- new upstream version 1.8.5
--------------------------------------------------------------------------------


================================================================================
 trytond-sale-1.8.4-1.fc15 (FEDORA-2012-8909)
 sale module for Tryton
--------------------------------------------------------------------------------
Update Information:

update to latest upstream bugfix releases
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jun  2 2012 Dan Horák <dan@xxxxxxxx> - 1.8.4-1
- new upstream version 1.8.4
--------------------------------------------------------------------------------


================================================================================
 trytond-stock-1.8.3-1.fc15 (FEDORA-2012-8909)
 stock module for Tryton
--------------------------------------------------------------------------------
Update Information:

update to latest upstream bugfix releases
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jun  2 2012 Dan Horák <dan@xxxxxxxx> - 1.8.3-1
- new upstream version 1.8.3
--------------------------------------------------------------------------------


================================================================================
 trytond-stock-supply-1.8.3-1.fc15 (FEDORA-2012-8909)
 stock-supply module for Tryton
--------------------------------------------------------------------------------
Update Information:

update to latest upstream bugfix releases
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jun  2 2012 Dan Horák <dan@xxxxxxxx> - 1.8.3-1
- new upstream version 1.8.3
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test



[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux