The following Fedora 17 Security updates need testing: https://admin.fedoraproject.org/updates/FEDORA-2012-10269/revelation-0.4.14-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-10892/perl-DBD-Pg-2.19.2-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-10893/nsd-3.2.12-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-10591/raptor-1.4.21-12.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-10891/puppet-2.7.18-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-10391/bcfg2-1.2.3-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-10661/glpi-0.83.3.1-1.fc17,glpi-data-injection-2.2.2-1.fc17,glpi-mass-ocs-import-1.6.1-1.fc17,glpi-pdf-0.83.3-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-10699/ganglia-3.1.7-6.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-10854/exif-0.6.21-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-10835/apache-poi-3.8-2.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-10807/seamonkey-2.11-1.fc17 The following Fedora 17 Critical Path updates have yet to be approved: https://admin.fedoraproject.org/updates/FEDORA-2012-10896/libsoup-2.38.1-2.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-10867/dracut-018-93.git20120719.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-10873/openldap-2.4.31-5.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-10778/biosdevname-0.4.1-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-10840/selinux-policy-3.10.0-140.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-10756/sed-4.2.1-10.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-10766/cyrus-sasl-2.1.23-31.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-10745/cryptsetup-1.5.0-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-10730/libjpeg-turbo-1.2.1-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-10717/gtk2-2.24.11-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-10700/kdelibs-4.8.4-8.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-10665/glib2-2.32.4-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-10632/phonon-backend-gstreamer-4.6.1-1.fc17 https://admin.fedoraproject.org/updates/libexif-0.6.21-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-10593/openssl-1.0.0j-2.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-10570/glibmm24-2.32.1-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-10534/elfutils-0.154-1.1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-10234/checkpolicy-2.1.10-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-10249/libsepol-2.1.7-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-9836/python-tempita-0.5.1-1.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-10724/file-5.11-2.fc17 https://admin.fedoraproject.org/updates/FEDORA-2012-7461/libarchive-3.0.4-1.fc17 The following builds have been pushed to Fedora 17 updates-testing cmake-fedora-1.0.0-1.fc17 dmlite-0.3.0-1.fc17 dracut-018-93.git20120719.fc17 erlang-riak_core-1.1.2-3.fc17 git-1.7.11.2-1.fc17 gnusim8085-1.3.7-3.fc17 gridsite-1.7.21-2.fc17 hyena-0.5-3.fc17 libsoup-2.38.1-2.fc17 mock-1.1.23-2.1.fc17 moksha-0.8.8-2.fc17 nsd-3.2.12-1.fc17 openldap-2.4.31-5.fc17 perl-DBD-Pg-2.19.2-1.fc17 perl-Rose-Object-0.859-5.fc17 perl-SNMP-Simple-0.02-2.fc17 php-symfony2-Form-2.0.16-1.fc17 php-symfony2-Security-2.0.16-1.fc17 poppler-sharp-0.0.3-2.fc17 puppet-2.7.18-1.fc17 qgis-1.8.0-6.fc17 samba-3.6.6-92.fc17.1 subscription-manager-1.0.7-1.fc17 wine-1.5.9-1.fc17 Details about builds: ================================================================================ cmake-fedora-1.0.0-1.fc17 (FEDORA-2012-10902) CMake helper modules for fedora developers -------------------------------------------------------------------------------- Update Information: - Greatly simplified the modules design and usage. - Release version are now defined in cmake-fedora.conf for easy maintenance. - Fix the MANAGE_MESSAGE_LEVEL - koji scratch builds are run only once before tagging. - CVS support is removed. - New command: koji-build-scratch for scratch build on all supported releases. - New module: ManageTarget - New function: SETTING_STRING_GET_VARIABLE - New macro: ADD_CUSTOM_TARGET_COMMAND - Macros changed behavior: MANAGE_ZANATA: Arguments are changed. - Target changed: changelog_update are now separate as: + changelog_prev_update: Update ChangeLog.prev + rpm_changelog_prev_update: Update RPM-ChangeLog.prev - Command renamed: + cmake-fedora-newprj.sh to cmake-fedora-newprj - Module renamed: + ManageReleaseOnFedora to ManageReleaseFedora + ManageMaintainerTargets to ManageUpload + PackSource to ManageArchive + PackRPM to ManageRPM + UseGConf to ManageGConf + UseDoxygen to ManageAPIDoc - Function renamed: + LOAD_RELEASE_FILE to RELEASE_NOTES_READ_FILE - Macro renamed: + PACK_SOURCE to PACK_SOURCE_ARCHIVE + USE_MOCK to RPM_MOCK_BUILD + USE_DOXYGEN to MANAGE_APIDOC_DOXYGEN + USE_GETTEXT to MANAGE_GETTEXT + USE_ZANATA to MANAGE_ZANATA - Variable renamed: PACK_SOURCE_IGNORE_FILES to SOURCE_ARCHIVE_IGNORE_FILES - RELEASE_ON_FEDORA: support new tags: "fedora" for current fedora, and "epel" for current epel. - ChangeLog generation rewritten, target version_check no longer need. - Removed target: version_check - Variable Removed: FEDORA_NEXT_RELEASE FEDORA_NEXT_RELEASE_TAGS FEDORA_LATEST_RELEASE FEDORA_PREVIOUS_RELEASE -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 19 2012 Ding-Yi Chen <dchen at redhat.com> - 1.0.0-1 - Greatly simplified the modules design and usage. - Release version are now defined in cmake-fedora.conf for easy maintenance. - Fix the MANAGE_MESSAGE_LEVEL - koji scratch builds are run only once before tagging. - CVS support is removed. - New command: koji-build-scratch for scratch build on all supported releases. - New module: ManageTarget - New function: SETTING_STRING_GET_VARIABLE - New macro: ADD_CUSTOM_TARGET_COMMAND - Macros changed behavior: MANAGE_ZANATA: Arguments are changed. - Target changed: changelog_update are now separate as: + changelog_prev_update: Update ChangeLog.prev + rpm_changelog_prev_update: Update RPM-ChangeLog.prev - Command renamed: + cmake-fedora-newprj.sh to cmake-fedora-newprj - Module renamed: + ManageReleaseOnFedora to ManageReleaseFedora + ManageMaintainerTargets to ManageUpload + PackSource to ManageArchive + PackRPM to ManageRPM + UseGConf to ManageGConf + UseDoxygen to ManageAPIDoc - Function renamed: + LOAD_RELEASE_FILE to RELEASE_NOTES_READ_FILE - Macro renamed: + PACK_SOURCE to PACK_SOURCE_ARCHIVE + USE_MOCK to RPM_MOCK_BUILD + USE_DOXYGEN to MANAGE_APIDOC_DOXYGEN + USE_GETTEXT to MANAGE_GETTEXT + USE_ZANATA to MANAGE_ZANATA - Variable renamed: PACK_SOURCE_IGNORE_FILES to SOURCE_ARCHIVE_IGNORE_FILES - RELEASE_ON_FEDORA: support new tags: "fedora" for current fedora, and "epel" for current epel. - ChangeLog generation rewritten, target version_check no longer need. - Removed target: version_check - Variable Removed: FEDORA_NEXT_RELEASE FEDORA_NEXT_RELEASE_TAGS FEDORA_LATEST_RELEASE FEDORA_PREVIOUS_RELEASE -------------------------------------------------------------------------------- ================================================================================ dmlite-0.3.0-1.fc17 (FEDORA-2012-10870) Common libraries for grid data management and storage -------------------------------------------------------------------------------- Update Information: Update for new upstream release. -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 19 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.3.0-1 - Update for new upstream release * Wed Jul 18 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ dracut-018-93.git20120719.fc17 (FEDORA-2012-10867) Initramfs generator using udev -------------------------------------------------------------------------------- Update Information: - do not rename network interfaces, other than ifname= if you use ifname=, then you must choose another name than "eth*" or it might clash with the kernel names. - wait until md raids are clean on shutdown - fips module fixes - fixed BOOTIF case sensitive - fixed resume from hibernate - nfs module fixes -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 19 2012 Harald Hoyer <harald@xxxxxxxxxx> 018-93.git20120719 - do not rename network interfaces - wait until md raids are clean on shutdown - fips module fixes - fixed BOOTIF case sensitive - fixed resume from hibernate - nfs module fixes -------------------------------------------------------------------------------- References: [ 1 ] Bug #822071 - hibernation/resume cycle causes file system corruption: EXT4-fs error (device dm-1) in ext4_new_inode:895: IO failure https://bugzilla.redhat.com/show_bug.cgi?id=822071 -------------------------------------------------------------------------------- ================================================================================ erlang-riak_core-1.1.2-3.fc17 (FEDORA-2012-10879) Distributed systems infrastructure used by Riak -------------------------------------------------------------------------------- Update Information: * Fixed eunit tests in riak_kv * Initial build * Initial build -------------------------------------------------------------------------------- References: [ 1 ] Bug #652598 - Review Request: erlang-riak_core - Distributed systems infrastructure used by Riak https://bugzilla.redhat.com/show_bug.cgi?id=652598 -------------------------------------------------------------------------------- ================================================================================ git-1.7.11.2-1.fc17 (FEDORA-2012-10903) Fast Version Control System -------------------------------------------------------------------------------- Update Information: Update to the 1.7.11.2 upstream release which brings various enhancements. Check /usr/share/doc/git/ChangeLog for detailed list of changes. -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 16 2012 Adam Tkac <atkac redhat com> - 1.7.11.2-1 - update to 1.7.11.2 * Thu Jun 28 2012 Petr Pisar <ppisar@xxxxxxxxxx> - 1.7.10.4-2 - Perl 5.16 rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #825376 - git-svn does not use svn password stores https://bugzilla.redhat.com/show_bug.cgi?id=825376 -------------------------------------------------------------------------------- ================================================================================ gnusim8085-1.3.7-3.fc17 (FEDORA-2012-10869) Graphical simulator for 8085 assembly language -------------------------------------------------------------------------------- Update Information: Fixing the old bugs (sig 11 and FTBFS), and un-deprecating this package after review. -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 19 2012 Patrick Uiterwijk <puiterwijk@xxxxxxxxx> - 1.3.7-3 - Fixed comments from review * Wed Jul 18 2012 Patrick Uiterwijk <puiterwijk@xxxxxxxxx> - 1.3.7-2 - Revised for the review again, taken most of the patch of Michael Schwendt * Wed Jul 18 2012 Patrick Uiterwijk <puiterwijk@xxxxxxxxx> - 1.3.7-1 - Rebased to 1.3.7 upstream - Revised for re-reviewing after deprecation from previous maintainer * Tue Feb 8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #841335 - Review Request: gnusim8085 - Graphical simulator for 8085 assembly language https://bugzilla.redhat.com/show_bug.cgi?id=841335 -------------------------------------------------------------------------------- ================================================================================ gridsite-1.7.21-2.fc17 (FEDORA-2012-10898) Grid Security for the Web, Web platforms for Grids -------------------------------------------------------------------------------- Update Information: - Update for new upstream release - 1.7.21 - Added compatibility with the EMI project packaging (exposing EMI package names, added missing tools) -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 16 2012 Ricardo Rocha <ricardo.rocha@xxxxxxx> - 1.7.21-2 - Rebuild with proper tarballs * Mon Jul 16 2012 Ricardo Rocha <ricardo.rocha@xxxxxxx> - 1.7.21-1 - Upstream to 1.7.21, compliance with EMI project gridsite packaging - Removed unused patches * Mon Apr 16 2012 steve.traylen@xxxxxxx - 1.7.20-1 - Upstream to 1.7.20, Add gridsite-httpd24.patch -------------------------------------------------------------------------------- ================================================================================ hyena-0.5-3.fc17 (FEDORA-2012-10900) A library of GUI and non-GUI C sharp code -------------------------------------------------------------------------------- Update Information: new package -------------------------------------------------------------------------------- ================================================================================ libsoup-2.38.1-2.fc17 (FEDORA-2012-10896) Soup, an HTTP library implementation -------------------------------------------------------------------------------- Update Information: Fixes a crash in evolution and some other programs -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 19 2012 Dan Winship <danw@xxxxxxxxxx> - 2.38.1-2 - Fix a crash in SoupSessionSync (#750036) -------------------------------------------------------------------------------- References: [ 1 ] Bug #750036 - [abrt] evolution-data-server-3.2.1-1.fc16: io_error: Process /usr/libexec/e-addressbook-factory was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=750036 -------------------------------------------------------------------------------- ================================================================================ mock-1.1.23-2.1.fc17 (FEDORA-2012-10883) Builds packages inside chroots -------------------------------------------------------------------------------- Update Information: Added mockchain which takes a mock config and a series of srpms, rebuilds the srpms one by one, adding each resulting rpm to a local repository so that they are available as build deps to the next package being built Remove EPEL-4 configs fix problem in scm.py with SSH_AUTH_SOCK [BZ# 803217] fix baseurl (remove dist-) for f17 configs [BZ# 795409] fix incorrect setting of gid in UidManager.changeOwner() [BZ# 782449] allow chroot group to be configurable [BZ# 719099] Remove EPEL-4 configs fix problem in scm.py with SSH_AUTH_SOCK [BZ# 803217] fix baseurl (remove dist-) for f17 configs [BZ# 795409] fix incorrect setting of gid in UidManager.changeOwner() [BZ# 782449] allow chroot group to be configurable [BZ# 719099] Remove EPEL-4 configs fix problem in scm.py with SSH_AUTH_SOCK [BZ# 803217] fix baseurl (remove dist-) for f17 configs [BZ# 795409] fix incorrect setting of gid in UidManager.changeOwner() [BZ# 782449] allow chroot group to be configurable [BZ# 719099] Remove EPEL-4 configs fix problem in scm.py with SSH_AUTH_SOCK [BZ# 803217] fix baseurl (remove dist-) for f17 configs [BZ# 795409] fix incorrect setting of gid in UidManager.changeOwner() [BZ# 782449] allow chroot group to be configurable [BZ# 719099] -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 7 2012 Clark Williams <williams@xxxxxxxxxx> - 1.1.23-1 - modified startup code to only set mock group [BZ# 809676] - add CLONE_NEWUTS to unshare(2) call [BZ# 818445] - from Seth Vidal <skvidal at fedoraproject.org>: - add mockchain to mock [BZ# 812477] - from Marko Myllynen <myllynen@xxxxxxxxxx>: - fix write_tar check in scm.py [BZ# 828677] - from Masatake YAMATO <yamato@xxxxxxxxxx>: - added option to set a plugin parameter value [BZ# 754321] -------------------------------------------------------------------------------- References: [ 1 ] Bug #809676 - Mock and FreeIPA group detection issues. https://bugzilla.redhat.com/show_bug.cgi?id=809676 -------------------------------------------------------------------------------- ================================================================================ moksha-0.8.8-2.fc17 (FEDORA-2012-10863) A platform for creating real-time web applications -------------------------------------------------------------------------------- Update Information: ssl for websockets. Fixes to txzmq and websockets. -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 19 2012 Ralph Bean <rbean@xxxxxxxxxx> - 0.8.8-2 - Patch for ssl-enabled websocket client. * Tue Jul 17 2012 Ralph Bean <rbean@xxxxxxxxxx> - 0.8.8-1 - Security fix for websockets. - Bugfix for txzmq subscription. -------------------------------------------------------------------------------- ================================================================================ nsd-3.2.12-1.fc17 (FEDORA-2012-10893) Fast and lean authoritative DNS Name Server -------------------------------------------------------------------------------- Update Information: Fix for CVE-2012-2978: NSD denial of service vulnerability from non-standard DNS packet from any host -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 19 2012 Paul Wouters <pwouters@xxxxxxxxxx> - 3.2.12-1 - Upgraded to 3.2.12 which fixes CVE-2012-2978 (rhbz#841268) * Mon Jul 16 2012 Paul Wouters <pwouters@xxxxxxxxxx> - 3.2.11-1 - Updated to 3.2.11 - Remove execute perm from unitdir file -------------------------------------------------------------------------------- References: [ 1 ] Bug #841268 - CVE-2012-2978: nsd: NSD denial of service vulnerability from non-standard DNS packet from any host on the internet. https://bugzilla.redhat.com/show_bug.cgi?id=841268 -------------------------------------------------------------------------------- ================================================================================ openldap-2.4.31-5.fc17 (FEDORA-2012-10873) LDAP support libraries -------------------------------------------------------------------------------- Update Information: clean up the package build process: - fix autoconfig files to detect Mozilla NSS library using pkg-config - remove compiler flags which are not needed currently - build server, client and library together - avoid stray dependencies by using --as-needed linker flag - enable SLAPI interface in slapd bugfixes: - querying for IPv6 DNS records when IPv6 is disabled on the host (#835013) - smbk5pwd module computes invalid LM hashes (#841560) -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 19 2012 Jan Vcelak <jvcelak@xxxxxxxxxx> 2.4.31-5 - fix: querying for IPv6 DNS records when IPv6 is disabled on the host (#835013) - fix: smbk5pwd module computes invalid LM hashes (#841560) * Wed Jul 18 2012 Jan Vcelak <jvcelak@xxxxxxxxxx> 2.4.31-4 - modify the package build process + fix autoconfig files to detect Mozilla NSS library using pkg-config + remove compiler flags which are not needed currently + build server, client and library together + avoid stray dependencies by using --as-needed linker flag + enable SLAPI interface in slapd -------------------------------------------------------------------------------- References: [ 1 ] Bug #835013 - querying for IPv6 DNS records when IPv6 is disabled on the host https://bugzilla.redhat.com/show_bug.cgi?id=835013 [ 2 ] Bug #841560 - smbk5pwd module computes invalid LM hashes https://bugzilla.redhat.com/show_bug.cgi?id=841560 -------------------------------------------------------------------------------- ================================================================================ perl-DBD-Pg-2.19.2-1.fc17 (FEDORA-2012-10892) A PostgreSQL interface for perl -------------------------------------------------------------------------------- Update Information: Update to latest upstream version, fixed the security bug CVE-2012-1151 -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 19 2012 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 2.19.2-1 - bump to 2.19.2 - Fixed #841133 -------------------------------------------------------------------------------- References: [ 1 ] Bug #841133 - CVE-2012-1151 perl-DBD-Pg: Format string flaws by turning db notices into Perl warnings and by preparing DBD statement [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=841133 -------------------------------------------------------------------------------- ================================================================================ perl-Rose-Object-0.859-5.fc17 (FEDORA-2012-10874) Simple object base class -------------------------------------------------------------------------------- Update Information: Simple object base class -------------------------------------------------------------------------------- References: [ 1 ] Bug #839742 - Review Request: perl-Rose-Object - Simple object base class https://bugzilla.redhat.com/show_bug.cgi?id=839742 -------------------------------------------------------------------------------- ================================================================================ perl-SNMP-Simple-0.02-2.fc17 (FEDORA-2012-10878) Shortcuts for SNMP -------------------------------------------------------------------------------- Update Information: Shortcuts for SNMP. -------------------------------------------------------------------------------- ================================================================================ php-symfony2-Form-2.0.16-1.fc17 (FEDORA-2012-10890) Symfony2 Form Component -------------------------------------------------------------------------------- Update Information: Update to version 2.0.16 Bugs fixed: * Errors not to be added onto non-synchronized forms * Changed getName() to name on all Reflection* object calls (fixes #4555, refs https://bugs.php.net/bug.php?id=61384) -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 18 2012 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 2.0.16-1 - Updated to upstream version 2.0.16 - Removed changed PEAR role of Symfony/Component/Form/Resources/config/validation.xml (fixed upstream) - Minor syntax updates -------------------------------------------------------------------------------- ================================================================================ php-symfony2-Security-2.0.16-1.fc17 (FEDORA-2012-10904) Symfony2 Security Component -------------------------------------------------------------------------------- Update Information: Update to version 2.0.16 Bugs fixed: * Allow "0" as a password * Only redirect to urls called with http method GET * Changed getName() to name on all Reflection* object calls (fixes #4555, refs https://bugs.php.net/bug.php?id=61384) -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 18 2012 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 2.0.16-1 - Updated to upstream version 2.0.16 - Removed changed PEAR role of *.sql files from doc to php (fixed upstream) - Minor syntax updates -------------------------------------------------------------------------------- ================================================================================ poppler-sharp-0.0.3-2.fc17 (FEDORA-2012-10876) C sharp Bindings for Poppler -------------------------------------------------------------------------------- Update Information: new package -------------------------------------------------------------------------------- ================================================================================ puppet-2.7.18-1.fc17 (FEDORA-2012-10891) A network tool for managing many disparate systems -------------------------------------------------------------------------------- Update Information: This is an upstream security release. It addresses a number of issues found in puppet-2.7.x. The Red Hat security team has rated this update as having low security impact. Refer to the upstream release notes and bugzilla entries for further details. http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.7.18 NetworkManager compatibility should be improved in this release, thanks to Orion Poplawski (any bugs in implementing Orion's suggested dispatcher script are my own). -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 11 2012 Todd Zullinger <tmz@xxxxxxxxx> - 2.7.18-1 - Update to 2.7.17, fixes CVE-2012-3864, CVE-2012-3865, CVE-2012-3866, CVE-2012-3867 - Improve NetworkManager compatibility, thanks to Orion Poplawski (#532085) - Preserve timestamps when installing files -------------------------------------------------------------------------------- References: [ 1 ] Bug #839130 - CVE-2012-3864 puppet: authenticated clients allowed to read arbitrary files from the puppet master https://bugzilla.redhat.com/show_bug.cgi?id=839130 [ 2 ] Bug #839131 - CVE-2012-3865 puppet: authenticated clients allowed to delete arbitrary files on the puppet master https://bugzilla.redhat.com/show_bug.cgi?id=839131 [ 3 ] Bug #839135 - CVE-2012-3866 puppet: information leak via world readable last_run_report.yaml https://bugzilla.redhat.com/show_bug.cgi?id=839135 [ 4 ] Bug #839158 - CVE-2012-3867 puppet: insufficient validation of agent names in CN of SSL certificate requests https://bugzilla.redhat.com/show_bug.cgi?id=839158 [ 5 ] Bug #839166 - CVE-2012-3408 puppet: possible host impersonation when using certificates issues for IP address https://bugzilla.redhat.com/show_bug.cgi?id=839166 -------------------------------------------------------------------------------- ================================================================================ qgis-1.8.0-6.fc17 (FEDORA-2012-10880) A user friendly Open Source Geographic Information System -------------------------------------------------------------------------------- Update Information: Solve QGIS bug #5809: QGIS crashes when a datasource is moved or deleted. -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 18 2012 Volker Fröhlich <volker27@xxxxxx> - 1.8.0-6 - Add patch for QGIS bug #5809 * Sat Jul 7 2012 Volker Fröhlich <volker27@xxxxxx> - 1.8.0-5 - Rebuilt too quick * Sat Jul 7 2012 Volker Fröhlich <volker27@xxxxxx> - 1.8.0-4 - One more rebuild, due to a broken GDAL * Fri Jul 6 2012 Volker Fröhlich <volker27@xxxxxx> - 1.8.0-3 - Rebuild for Spatialite 3 * Wed Jul 4 2012 Volker Fröhlich <volker27@xxxxxx> - 1.8.0-2 - Correct locale if clause - Apply patch for older versions of SIP -------------------------------------------------------------------------------- ================================================================================ samba-3.6.6-92.fc17.1 (FEDORA-2012-10864) Server and Client software to interoperate with Windows machines -------------------------------------------------------------------------------- Update Information: Fix printer migration in samba 3.6 -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 19 2012 Guenther Deschner <gdeschner@xxxxxxxxxx> - 2:3.6.6-92 - Fix printing tdb upgrade for 3.6.6 - resolves: #841609 -------------------------------------------------------------------------------- ================================================================================ subscription-manager-1.0.7-1.fc17 (FEDORA-2012-10861) Tools and libraries for subscription and repository management -------------------------------------------------------------------------------- Update Information: Revamped choose sever screen, rhsmcertd continues to run when not registered, added button to test proxy connection, added support for systemd, many translations fixes, auto-updating of identity certificates, added unset release command. -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 28 2012 Alex Wood <awood@xxxxxxxxxx> 1.0.7-1 - Revamp choose server screen. (dgoodwin@xxxxxxxxxx) * Thu Jun 28 2012 Alex Wood <awood@xxxxxxxxxx> 1.0.6-1 - rhsmcertd no longer exits when not registered. (mstead@xxxxxxxxxx) - po file cleanups (alikins@xxxxxxxxxx) - latest strings from zanata (alikins@xxxxxxxxxx) - Free config resources in one place (mstead@xxxxxxxxxx) - rhsmcertd: free GKeyFile when done (jbowes@xxxxxxxxxx) - rhsmcertd: remove studlyCaps (jbowes@xxxxxxxxxx) - "make stylish" should failed on "swapped" in glade files (alikins@xxxxxxxxxx) - Remove 'swapped=on' from glade signal markup. (alikins@xxxxxxxxxx) - add 'fix-glade-swapped' target to de-'swapped' glade files (alikins@xxxxxxxxxx) - make stylish fixups (alikins@xxxxxxxxxx) - Fix at-spi label for "offline_radio" widget (alikins@xxxxxxxxxx) - shorter messages for cases where registered to RHN Classic (alikins@xxxxxxxxxx) - Tighten up the gettext_lint regex (alikins@xxxxxxxxxx) - Fix string that was breaking xgettext (alikins@xxxxxxxxxx) - 810998: Add a button to test a proxy connection. (awood@xxxxxxxxxx) - new messages, and remove checking of rhn serverURL (alikins@xxxxxxxxxx) - remove unused es.po file (bkearney@xxxxxxxxxx) - 829486: Removed untranslated words to force a re-translation (bkearney@xxxxxxxxxx) - Remove unused bn.po file (bkearney@xxxxxxxxxx) - 826856: Add check for service-level command that --org can only be used with --list option (bkearney@xxxxxxxxxx) - 829483: Remove english to english translation to force a re-translations (bkearney@xxxxxxxxxx) - Remove unused de po file (bkearney@xxxxxxxxxx) - 819665: on 'version' display if we are registered to RHN Classic (alikins@xxxxxxxxxx) * Tue Jun 26 2012 Alex Wood <awood@xxxxxxxxxx> 1.0.5-1 - 804109: Give a specific message when providing invalid credentials. (awood@xxxxxxxxxx) - 810360: update wording in gnome help file (cduryee@xxxxxxxxxx) - use new bin location of files for $STYLEFILES (alikins@xxxxxxxxxx) - add 'debuglint' for checking for leftover debugger imports (alikins@xxxxxxxxxx) - Update make clean target (jbowes@xxxxxxxxxx) - Move py executables to bin/ (jbowes@xxxxxxxxxx) - Put no results text inside the scrolled window (jbowes@xxxxxxxxxx) - 817901: Show text when there are no subscriptions to show. (dgoodwin@xxxxxxxxxx) - Move initd file to etc-conf (jbowes@xxxxxxxxxx) - Move plugins to their own src dir (jbowes@xxxxxxx) - More test cases for utils.parse_url (alikins@xxxxxxxxxx) - 829482: Delete unstranslated strings in order force a retranslation (bkearney@xxxxxxxxxx) - 811602: Fix the help output based on UXD feedback (bkearney@xxxxxxxxxx) - 828867: Removed the extra %s string from the te translation (bkearney@xxxxxxxxxx) - 829479: Remove unstranslated strings to force a re-translation (bkearney@xxxxxxxxxx) - Delete the unused pt.po file (bkearney@xxxxxxxxxx) - 829476: Remove untranslated strings. (bkearney@xxxxxxxxxx) - 811553: Improve the text for auto subscribe during registration (bkearney@xxxxxxxxxx) - 829471: Fix the translation for usage, and remove a translation for %org id to force a retranslation (bkearney@xxxxxxxxxx) - Remove an outdated ta.po file (bkearney@xxxxxxxxxx) - 828810: Remove extra %s in translation (bkearney@xxxxxxxxxx) - Test to ensure that pool id is in the output for list --available (wpoteat@xxxxxxxxxx) - Close registration window even if it failed. (dgoodwin@xxxxxxxxxx) - 825923: Subscription-manager service-level set should say "Service level set to:" (wpoteat@xxxxxxxxxx) - 811594: Default behavior for ReposCommand is --list (wpoteat@xxxxxxxxxx) - 832400: service-level --unset should display proper message for unregistered client. (wpoteat@xxxxxxxxxx) * Tue Jun 19 2012 Alex Wood <awood@xxxxxxxxxx> 1.0.4-1 - 818978: Use systemd instead of sysv when installing on F17+ and RHEL7+. (mstead@xxxxxxxxxx) - 827035: update identity certificate (jmrodri@xxxxxxxxx) - registergui: make screens without guis more generic (jbowes@xxxxxxxxxx) - Incorrect field value removed on previous change (wpoteat@xxxxxxxxxx) - 829812: Add an unset command for the release command (bkearney@xxxxxxxxxx) - 823659: Update SLA text in Settings to Service Level (wpoteat@xxxxxxxxxx) - Use a temp file for finding used widgets (jbowes@xxxxxxxxxx) - clean up some unused import warnings (jbowes@xxxxxxxxxx) - default to running style checks on tests (jbowes@xxxxxxxxxx) - Make test cases stylish as well... (alikins@xxxxxxxxxx) - Fix "make stylish" (alikins@xxxxxxxxxx) - 829803: Added an unset command to service level. (bkearney@xxxxxxxxxx) - Remove reference to InstalledProductsTab.product_id_text (alikins@xxxxxxxxxx) - Add a "find-missing-widgets" target to makefile (alikins@xxxxxxxxxx) - 830949: add accessibility locators for registration widgets (alikins@xxxxxxxxxx) - 824979: No message for subscription-manager release --list with no subscriptions. (wpoteat@xxxxxxxxxx) - Added UnRegisterCommand and UnSubscribeCommand nosetests (wpoteat@xxxxxxxxxx) - registergui: get firstboot working with new new code (jbowes@xxxxxxx) - registergui: Create a PreformRegisterScreen class (jbowes@xxxxxxx) - registergui: add a post method for setting data on the parent (jbowes@xxxxxxx) - registergui: create a 'pre' hook for screens (jbowes@xxxxxxx) (cduryee@xxxxxxxxxx) - 819665: print msg if user is registered to RHN Classic on "identity" command (cduryee@xxxxxxxxxx) (wpoteat@xxxxxxxxxx) - Add F17 yum repo release target. (dgoodwin@xxxxxxxxxx) - fix make stylish (jbowes@xxxxxxxxxx) - 810352: Disable the expansion of the system name selection in the register dialog (bkearney@xxxxxxxxxx) - 824530: add test case for setting proxy cli for release (alikins@xxxxxxxxxx) - rhsm-icon codestyle cleanups (jbowes@xxxxxxx) - 829900: Use the term 'Subscription Management Service' to refer to SAM, CFSE, etc (root@bkearney.(none)) - 829898: Make the no service level option a bit clearer as to its meaning (bkearney@xxxxxxxxxx) - Improve the logging so that the user only sees the approved output by default (bkearney@xxxxxxxxxx) - 830193: Modify the output of the yum plugin to be consistent with RHN (bkearney@xxxxxxxxxx) - 824530: "release" command ignoring cli proxy options (alikins@xxxxxxxxxx) - 828042,828068: Make ja_JP's Confirm Subscription unique for firstboot. (mstead@xxxxxxxxxx) - Updating strings from zanata (mstead@xxxxxxxxxx) - 825309: Remove the archiecture field from the table. (bkearney@xxxxxxxxxx) - 823608: Rename the software pane to product (bkearney@xxxxxxxxxx) - 810369: Prefer the term Subscription to Entitlement (bkearney@xxxxxxxxxx) - Add a warning comment about firstboot module titles (alikins@xxxxxxxxxx) - Clean up an option (bkearney@xxxxxxxxxx) - 827208: Fix the xmltag bugs in the or po file (bkearney@xxxxxxxxxx) - 827214: Clean up the XML tags in ta po file. (bkearney@xxxxxxxxxx) - Slight change in the path for the ta po file (bkearney@xxxxxxxxxx) - Slight change in the path for the ta po file (bkearney@xxxxxxxxxx) - Slight change in the path for the ml po file (bkearney@xxxxxxxxxx) - 828583: Add some spacing at the end of the file paths in the ko.po file (bkearney@xxxxxxxxxx) - 828816: the %prog variable should not be translated (bkearney@xxxxxxxxxx) - 828821: Fix the addition of a new variable in the hi po file (bkearney@xxxxxxxxxx) - 828903: Fix translation of options in the bn po file. (bkearney@xxxxxxxxxx) - Fix part of the mis translated options (bkearney@xxxxxxxxxx) - 828965: Fix a translated option which should not have been translated (bkearney@xxxxxxxxxx) - 828954: fix the --pool option in the translated string (bkearney@xxxxxxxxxx) - 828958: --available should not be translated (bkearney@xxxxxxxxxx) - Add --password as an option, not a string. This cause several strings to be retranslated (bkearney@xxxxxxxxxx) - 828969: Fix the options in the translated string (bkearney@xxxxxxxxxx) - 828985: Fix the url in the translated string (bkearney@xxxxxxxxxx) - 828989: Fix the access url (bkearney@xxxxxxxxxx) - 818205: Release --set command should only accept values from --list. (awood@xxxxxxxxxx) - registergui: extract out a screen superclass (jbowes@xxxxxxx) - registergui: get button label from screen class (jbowes@xxxxxxx) - registergui: keep screens in a list (jbowes@xxxxxxx) - registergui: pull out environment screen into its own class (jbowes@xxxxxxx) - registergui: sensitivity refactor and method move (jbowes@xxxxxxx) - registergui: extract out credentials_entered method (jbowes@xxxxxxx) - registergui: move organization screen to its own class (jbowes@xxxxxxx) - registergui: move credentials screen to its own class (jbowes@xxxxxxx) - registergui: move choose server screen to its own class (jbowes@xxxxxxx) - registergui: switch from GladeWrapper to GladeWidget (jbowes@xxxxxxx) - registergui: Remove some unused globals (jbowes@xxxxxxx) -------------------------------------------------------------------------------- ================================================================================ wine-1.5.9-1.fc17 (FEDORA-2012-10889) A compatibility layer for windows applications -------------------------------------------------------------------------------- Update Information: * Support for GPOS font tables in Uniscribe. * Support for XRandr 1.2 and 1.3. * Parser improvements for the HLSL compiler. * Relay tracing on ARM. * Various bug fixes. -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 18 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 1.5.9-1 - version upgrade - clean up cjk patch to comply with default fonts where possible - update fedora readme to point out required font packages per cjk locale * Thu Jul 12 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 1.5.8-2 - bump for libgphoto2 2.5.0 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test