The following Fedora 16 Security updates need testing: Age URL 0 https://admin.fedoraproject.org/updates/FEDORA-2012-11813/xfig-3.2.5-32.b.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-11843/libvirt-0.9.6.2-1.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-11870/rubygem-actionpack-3.0.10-9.fc16 39 https://admin.fedoraproject.org/updates/FEDORA-2012-10314/revelation-0.4.14-1.fc16 3 https://admin.fedoraproject.org/updates/FEDORA-2012-11737/transfig-3.2.5d-4.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-11880/rubygem-activesupport-3.0.10-4.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-11576/python-djblets-0.6.22-2.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-11872/emacs-23.3-10.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-11890/automake-1.12.2-2.fc16 37 https://admin.fedoraproject.org/updates/FEDORA-2012-10402/bcfg2-1.2.3-1.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-11557/wireshark-1.6.9-1.fc16 11 https://admin.fedoraproject.org/updates/FEDORA-2012-11464/bind-dyndb-ldap-1.1.0-0.14.rc1.fc16 11 https://admin.fedoraproject.org/updates/FEDORA-2012-11474/glibc-2.14.90-24.fc16.8 1 https://admin.fedoraproject.org/updates/FEDORA-2012-11746/ImageMagick-6.7.0.10-6.fc16 9 https://admin.fedoraproject.org/updates/FEDORA-2012-11476/drupal6-og-2.4-1.fc16 9 https://admin.fedoraproject.org/updates/FEDORA-2012-11526/dokuwiki-0-0.11.20120125.b.fc16 1 https://admin.fedoraproject.org/updates/FEDORA-2012-11785/xen-4.1.3-1.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-11648/mingw32-gdk-pixbuf-2.24.0-2.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-11547/libotr-3.2.0-7.fc16 110 https://admin.fedoraproject.org/updates/FEDORA-2012-6614/gdb-7.3.50.20110722-16.fc16 The following Fedora 16 Critical Path updates have yet to be approved: Age URL 0 https://admin.fedoraproject.org/updates/FEDORA-2012-11797/phonon-backend-gstreamer-4.6.2-1.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-11673/tar-1.26-5.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-11595/virtuoso-opensource-6.1.6-1.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-11669/mysql-5.5.27-1.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-11630/kde-l10n-4.8.5-2.fc16,analitza-4.8.5-1.fc16,ark-4.8.5-1.fc16,blinken-4.8.5-1.fc16,cantor-4.8.5-1.fc16,filelight-4.8.5-1.fc16,gwenview-4.8.5-1.fc16,jovie-4.8.5-1.fc16,kaccessible-4.8.5-1.fc16,kactivities-4.8.5-1.fc16,kalgebra-4.8.5-1.fc16,kalzium-4.8.5-1.fc16,kamera-4.8.5-1.fc16,kanagram-4.8.5-1.fc16,kate-4.8.5-1.fc16,kbruch-4.8.5-1.fc16,kcalc-4.8.5-1.fc16,kcharselect-4.8.5-1.fc16,kcolorchooser-4.8.5-1.fc16,kde-baseapps-4.8.5-1.fc16,kde-printer-applet-4.8.5-1.fc16,kde-runtime-4.8.5-1.fc16,kde-wallpapers-4.8.5-1.fc16,kde-workspace-4.8.5-2.fc16,kdeaccessibility-4.8.5-1.fc16,kdeartwork-4.8.5-1.fc16,kdebindings-4.8.5-1.fc16,kdeedu-4.8.5-1.fc16,kdegames-4.8.5-1.fc16,kdegraphics-4.8.5-1.fc16,kdegraphics-mobipocket-4.8.5-1.fc16,kdegraphics-strigi-analyzer-4.8.5-1.fc16,kdegraphics-thumbnailers-4.8.5-1.fc16,kdelibs-4.8.5-1.fc16,kdemultimedia-4.8.5-1.fc16,kdenetwork-4.8.5-1.fc16,kdepim-4.8.5-1.fc16,kdepim-runtime-4.8.5-1.fc16,kdepimlibs-4.8.5-1.fc16,kdeplasma-addons-4.8.5-1.fc16,kdesdk-4.8.5-1.fc16,kdetoys-4.8.5-1.fc16,kdeutils-4.8.5-1.fc16,kdf-4.8.5-1.fc16,kfloppy-4.8.5-1.fc16,kgamma-4.8.5-1.fc16,kgeography-4.8.5-1.fc16,kgpg-4.8.5-1.fc16,khangman-4.8.5-1.fc16,kig-4.8.5-1.fc16,kimono-4.8.5-1.fc16,kiten-4.8.5-1.fc16,klettres-4.8.5-1.fc16,kmag-4.8.5-1.fc16,kmousetool-4.8.5-1.fc16,kmouth-4.8.5-1.fc16,kmplot-4.8.5-1.fc16,kolourpaint-4.8.5-1.fc16,konsole-4.8.5-1.fc16,kremotecontrol-4.8.5-1.fc16,kross-interpreters-4.8.5-1.fc16,kruler-4.8.5-1.fc16,ksaneplugin-4.8.5-1.fc16,ksnapshot-4.8.5-1.fc16,kstars-4.8.5-1.fc16,ktimer-4.8.5-1.fc16,ktouch-4.8.5-1.fc16,kturtle-4.8.5-1.fc16,kwallet-4.8.5-1.fc16,kwordquiz-4.8.5-1.fc16,libkdcraw-4.8.5-1.fc16,libkdeedu-4.8.5-1.fc16,libkexiv2-4.8.5-1.fc16,libkipi-4.8.5-1.fc16,libksane-4.8.5-1.fc16,marble-4.8.5-1.fc16,okular-4.8.5-1.fc16,oxygen-icon-theme-4.8.5-1.fc16,parley-4.8.5-1.fc16,pykde4-4.8.5-1.fc16,qyoto-4.8.5-1.fc16,rocs-4.8.5-1.fc16,ruby-korundum-4.8.5-1.fc16,ruby-qt-4.8.5-1.fc16,smokegen-4.8.5-1.fc16,smokekde-4.8.5-1.fc16,smoke qt-4.8.5-1.fc16,step-4.8.5-1.fc16,superkaramba-4.8.5-1.fc16,svgpart-4.8.5-1.fc16,sweeper-4.8.5-1.fc16 11 https://admin.fedoraproject.org/updates/FEDORA-2012-11474/glibc-2.14.90-24.fc16.8 11 https://admin.fedoraproject.org/updates/FEDORA-2012-11440/zlib-1.2.5-7.fc16 12 https://admin.fedoraproject.org/updates/FEDORA-2012-11411/selinux-policy-3.10.0-91.fc16 The following builds have been pushed to Fedora 16 updates-testing automake-1.12.2-2.fc16 cluster-3.1.93-1.fc16 corosync-1.4.4-1.fc16 emacs-23.3-10.fc16 ibus-typing-booster-0.0.8-1.fc16 libmatecomponent-1.4.0-12.fc16 mate-icon-theme-1.4.0-6.fc16 mspdebug-0.20-1.fc16 mysql-connector-c++-1.1.1-1.fc16 mysql-workbench-5.2.42-1.fc16 nesc-1.3.4-1.fc16 nspluginwrapper-1.4.4-11.fc16 rgmanager-3.1.93-1.fc16 rubygem-actionpack-3.0.10-9.fc16 rubygem-activesupport-3.0.10-4.fc16 rubygem-qpid_messaging-0.16.0-1.2.fc16 Details about builds: ================================================================================ automake-1.12.2-2.fc16 (FEDORA-2012-11890) A GNU tool for automatically creating Makefiles -------------------------------------------------------------------------------- Update Information: This update fixes CVE-2012-3386, a locally exploitable "make distcheck" bug -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 18 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.12.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Tue Jul 17 2012 Karsten Hopp <karsten@xxxxxxxxxx> 1.12.2-1 - automake-1.12.2 * Mon Apr 16 2012 Karsten Hopp <karsten@xxxxxxxxxx> 1.11.5-1 - automake-1.11.5 * Tue Apr 3 2012 Karsten Hopp <karsten@xxxxxxxxxx> 1.11.4-1 - automake-1.11.4 * Thu Feb 2 2012 Karsten Hopp <karsten@xxxxxxxxxx> 1.11.3-1 - automake 1.11.3 * Mon Jan 30 2012 Karsten Hopp <karsten@xxxxxxxxxx> 1.11.2-1 - automake 1.11.2, enable all checks again * Wed Dec 7 2011 Karsten Hopp <karsten@xxxxxxxxxx> 1.11.1-7 - disable some erroneous checks (660739, 756957) * Mon Feb 7 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.11.1-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #838286 - CVE-2012-3386 automake: locally exploitable "make distcheck" bug https://bugzilla.redhat.com/show_bug.cgi?id=838286 -------------------------------------------------------------------------------- ================================================================================ cluster-3.1.93-1.fc16 (FEDORA-2012-11875) Red Hat Cluster -------------------------------------------------------------------------------- Update Information: this update addresses a few major issues. all users are strongly encouraged to update. -------------------------------------------------------------------------------- ChangeLog: * Tue Aug 14 2012 Fabio M. Di Nitto <fdinitto@xxxxxxxxxx> - 3.1.93-1 - new upstream release - spec file update: Update BuildRequires and Requires to match current requirements -------------------------------------------------------------------------------- ================================================================================ corosync-1.4.4-1.fc16 (FEDORA-2012-11875) The Corosync Cluster Engine and Application Programming Interfaces -------------------------------------------------------------------------------- Update Information: this update addresses a few major issues. all users are strongly encouraged to update. -------------------------------------------------------------------------------- ChangeLog: * Tue Aug 14 2012 Jan Friesse <jfriesse@xxxxxxxxxx> - 1.4.4-1 - New upstream release -------------------------------------------------------------------------------- ================================================================================ emacs-23.3-10.fc16 (FEDORA-2012-11872) GNU Emacs text editor -------------------------------------------------------------------------------- Update Information: CVE-2012-3479 emacs: Evaluation of 'eval' forms in file-local variable sections, when 'enable-local-variables' set to ':safe' -------------------------------------------------------------------------------- ChangeLog: * Tue Aug 14 2012 Karel Klíč <kklic@xxxxxxxxxx> - 1:23.3-10 - CVE-2012-3479 emacs: Evaluation of 'eval' forms in file-local variable sections, when 'enable-local-variables' set to ':safe' -------------------------------------------------------------------------------- References: [ 1 ] Bug #847698 - CVE-2012-3479 emacs: Evaluation of 'eval' forms in file-local variable sections, when 'enable-local-variables' set to ':safe' https://bugzilla.redhat.com/show_bug.cgi?id=847698 -------------------------------------------------------------------------------- ================================================================================ ibus-typing-booster-0.0.8-1.fc16 (FEDORA-2012-11883) The Table engine for IBus platform -------------------------------------------------------------------------------- Update Information: Fixed bugs #845495,845500 -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- References: [ 1 ] Bug #845495 - language list in preferences for installing hunspell dictionary should be not editable https://bugzilla.redhat.com/show_bug.cgi?id=845495 [ 2 ] Bug #845500 - ")" characters getting entered twice https://bugzilla.redhat.com/show_bug.cgi?id=845500 -------------------------------------------------------------------------------- ================================================================================ libmatecomponent-1.4.0-12.fc16 (FEDORA-2012-11874) Libraries for matecomponent package of MATE-Desktop -------------------------------------------------------------------------------- Update Information: first fedora release -------------------------------------------------------------------------------- References: [ 1 ] Bug #844080 - Review Request: libmatecomponent -- Libraries for matecomponent package of MATE-Desktop https://bugzilla.redhat.com/show_bug.cgi?id=844080 -------------------------------------------------------------------------------- ================================================================================ mate-icon-theme-1.4.0-6.fc16 (FEDORA-2012-11881) Icon theme for MATE Desktop -------------------------------------------------------------------------------- Update Information: This update obsolete mate-icon-theme-legacy Mate Icon Theme for MATE Desktop. -------------------------------------------------------------------------------- References: [ 1 ] Bug #847558 - Review Request: mate-icon-theme - Icon theme for MATE Desktop https://bugzilla.redhat.com/show_bug.cgi?id=847558 -------------------------------------------------------------------------------- ================================================================================ mspdebug-0.20-1.fc16 (FEDORA-2012-11886) Debugger and gdb proxy for MSP430 MCUs -------------------------------------------------------------------------------- Update Information: Update to 0.20: * Support for new chips: MSP430F6736, MSP430F2252, MSP430G2403, MSP430F6435. * Support for building under Cygwin. * Support for watchpoints using MSP430.DLL (tilib) driver. * Support for GoodFET (memory access/programming only). * Various bug fixes, including many disassembly fixes and an issue causing FRAM reset-vector corruption. * Basic C++ demangling support. * New commands: "fill" and "verify". * Erase requests are now ignored when using FRAM chips. -------------------------------------------------------------------------------- ChangeLog: * Tue Aug 14 2012 Rob Spanton <rspanton@xxxxxxxxxx> - 0.20-1 - Upgrade to 0.20 * Fri Jul 20 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.19-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ mysql-connector-c++-1.1.1-1.fc16 (FEDORA-2012-11765) MySQL database connector for C++ -------------------------------------------------------------------------------- Update Information: Changes in MySQL Workbench 5.2.42: http://dev.mysql.com/doc/workbench/en/wb-news-5-2-42.html Changes in MySQL Workbench 5.2.41: http://dev.mysql.com/doc/workbench/en/wb-news-5-2-41.html -------------------------------------------------------------------------------- ChangeLog: * Wed Aug 8 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.1.1-1 - version 1.1.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #843425 - mysql-workbench-5.2.41 is available https://bugzilla.redhat.com/show_bug.cgi?id=843425 [ 2 ] Bug #847893 - mysql-workbench-5.2.42 is available https://bugzilla.redhat.com/show_bug.cgi?id=847893 -------------------------------------------------------------------------------- ================================================================================ mysql-workbench-5.2.42-1.fc16 (FEDORA-2012-11765) A MySQL visual database modeling, administration and querying tool -------------------------------------------------------------------------------- Update Information: Changes in MySQL Workbench 5.2.42: http://dev.mysql.com/doc/workbench/en/wb-news-5-2-42.html Changes in MySQL Workbench 5.2.41: http://dev.mysql.com/doc/workbench/en/wb-news-5-2-41.html -------------------------------------------------------------------------------- ChangeLog: * Tue Aug 14 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> 5.2.42-1 - update to 5.2.42 Community (OSS) Edition (GPL) http://dev.mysql.com/doc/workbench/en/wb-news-5-2-42.html * Sat Aug 11 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> 5.2.41-2 - remove bundled documentation, redirect to online This documentation is NOT distributed under a GPL license - update to 5.2.41 Community (OSS) Edition (GPL) http://dev.mysql.com/doc/workbench/en/wb-news-5-2-41.html - use system cppconn - move binary to libdir (only launcher in bindir) -------------------------------------------------------------------------------- References: [ 1 ] Bug #843425 - mysql-workbench-5.2.41 is available https://bugzilla.redhat.com/show_bug.cgi?id=843425 [ 2 ] Bug #847893 - mysql-workbench-5.2.42 is available https://bugzilla.redhat.com/show_bug.cgi?id=847893 -------------------------------------------------------------------------------- ================================================================================ nesc-1.3.4-1.fc16 (FEDORA-2012-11894) Compiler used by TinyOS -------------------------------------------------------------------------------- Update Information: Updated to 1.3.4 -------------------------------------------------------------------------------- ChangeLog: * Tue Aug 14 2012 Shakthi Kannan <shakthimaan [AT] fedoraproject DOT org> - 1.3.4-1 - Updated to 1.3.4. * Fri Jul 20 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3.3-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Fri Jan 13 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #847894 - nesc-1.3.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=847894 -------------------------------------------------------------------------------- ================================================================================ nspluginwrapper-1.4.4-11.fc16 (FEDORA-2012-11865) A compatibility layer for Netscape 4 plugins -------------------------------------------------------------------------------- Update Information: * Mon Aug 13 2012 Martin Stransky <stransky@xxxxxxxxxx> 1.4.4-11 - Fixed bug #841798 - don't wrap plugins with the same arch * Wed Jul 18 2012 Martin Stransky <stransky@xxxxxxxxxx> 1.4.4-10 - Restart workaround for Adobe Reader plugin (rhbz#645599) -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 13 2012 Martin Stransky <stransky@xxxxxxxxxx> 1.4.4-11 - Fixed bug #841798 - don't wrap plugins with the same arch * Wed Jul 18 2012 Martin Stransky <stransky@xxxxxxxxxx> 1.4.4-10 - Restart workaround for Adobe Reader plugin (rhbz#645599) * Tue May 15 2012 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> 1.4.4-9 - Enable building on ARM, add patch to detect CPU -------------------------------------------------------------------------------- ================================================================================ rgmanager-3.1.93-1.fc16 (FEDORA-2012-11875) Open Source HA Resource Group Failover for Red Hat Cluster -------------------------------------------------------------------------------- Update Information: this update addresses a few major issues. all users are strongly encouraged to update. -------------------------------------------------------------------------------- ChangeLog: * Tue Aug 14 2012 Fabio M. Di Nitto <fdinitto@xxxxxxxxxx> - 3.1.93-1 - new upstream release -------------------------------------------------------------------------------- ================================================================================ rubygem-actionpack-3.0.10-9.fc16 (FEDORA-2012-11870) Web-flow and rendering framework putting the VC in MVC -------------------------------------------------------------------------------- Update Information: Fixes for CVE-2012-3463, CVE-2012-3464 and CVE-2012-3465. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 13 2012 Vít Ondruch <vondruch@xxxxxxxxxx> - 1:3.0.10-9 - Fixes for CVE-2012-3463, CVE-2012-3464 and CVE-2012-3465. -------------------------------------------------------------------------------- References: [ 1 ] Bug #847196 - CVE-2012-3463 rubygem-actionpack: Potential XSS Vulnerability in select_tag prompt https://bugzilla.redhat.com/show_bug.cgi?id=847196 [ 2 ] Bug #847199 - CVE-2012-3464 rubygem-actionpack: Potential XSS Vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=847199 [ 3 ] Bug #847200 - CVE-2012-3465 rubygem-actionpack: XSS Vulnerability in strip_tags https://bugzilla.redhat.com/show_bug.cgi?id=847200 -------------------------------------------------------------------------------- ================================================================================ rubygem-activesupport-3.0.10-4.fc16 (FEDORA-2012-11880) Support and utility classes used by the Rails framework -------------------------------------------------------------------------------- Update Information: Fixes for CVE-2012-3464. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 13 2012 Vít Ondruch <vondruch@xxxxxxxxxx> - 1:3.0.10-4 - Fixes for CVE-2012-3464. -------------------------------------------------------------------------------- References: [ 1 ] Bug #847199 - CVE-2012-3464 rubygem-actionpack: Potential XSS Vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=847199 -------------------------------------------------------------------------------- ================================================================================ rubygem-qpid_messaging-0.16.0-1.2.fc16 (FEDORA-2012-11892) Ruby bindings for the Qpid messaging framework -------------------------------------------------------------------------------- Update Information: First release of Qpid Messenger for Fedora 16. -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
