The following Fedora 17 Security updates need testing: Age URL 0 https://admin.fedoraproject.org/updates/FEDORA-2012-12377/keepalived-1.2.5-2.fc17 6 https://admin.fedoraproject.org/updates/FEDORA-2012-11876/emacs-24.1-4.fc17 46 https://admin.fedoraproject.org/updates/FEDORA-2012-10269/revelation-0.4.14-1.fc17 6 https://admin.fedoraproject.org/updates/FEDORA-2012-11885/rubygem-actionpack-3.0.11-7.fc17 6 https://admin.fedoraproject.org/updates/FEDORA-2012-11888/rubygem-activesupport-3.0.11-6.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2012-12352/GraphicsMagick-1.3.16-5.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2012-12362/roundcubemail-0.7.3-1.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2012-12383/gimp-2.8.0-3.fc17 10 https://admin.fedoraproject.org/updates/FEDORA-2012-11717/bacula-5.2.10-5.fc17 5 https://admin.fedoraproject.org/updates/FEDORA-2012-11959/libotr-3.2.1-1.fc17 43 https://admin.fedoraproject.org/updates/FEDORA-2012-10391/bcfg2-1.2.3-1.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2012-12028/drupal6-ctools-1.9-1.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2012-12127/condor-7.9.1-0.1.fc17.2 4 https://admin.fedoraproject.org/updates/FEDORA-2012-12031/phpMyAdmin-3.5.2.2-1.fc17 10 https://admin.fedoraproject.org/updates/FEDORA-2012-11718/transfig-3.2.5d-7.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2012-12091/wireshark-1.6.10-1.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2012-12151/amsn-0.98.9-4.fc17 8 https://admin.fedoraproject.org/updates/FEDORA-2012-11762/ImageMagick-6.7.5.6-4.fc17 15 https://admin.fedoraproject.org/updates/FEDORA-2012-11479/drupal6-og-2.4-1.fc17 15 https://admin.fedoraproject.org/updates/FEDORA-2012-11485/dokuwiki-0-0.12.20120125.b.fc17 7 https://admin.fedoraproject.org/updates/FEDORA-2012-11801/xfig-3.2.5-32.b.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2012-12165/postgresql-9.1.5-1.fc17 2 https://admin.fedoraproject.org/updates/FEDORA-2012-12208/openttd-1.2.2-1.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2012-12284/munin-2.0.5-2.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2012-12368/gnome-keyring-3.4.1-3.fc17 The following Fedora 17 Critical Path updates have yet to be approved: Age URL 0 https://admin.fedoraproject.org/updates/FEDORA-2012-12379/openldap-2.4.32-2.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2012-12369/xorg-x11-drv-intel-2.20.4-2.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2012-12360/libdrm-2.4.37-1.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2012-12355/selinux-policy-3.10.0-146.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2012-12361/grep-2.14-1.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2012-12368/gnome-keyring-3.4.1-3.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2012-12279/ntfs-3g-2012.1.15-3.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2012-12134/e2fsprogs-1.42.3-3.fc17 5 https://admin.fedoraproject.org/updates/FEDORA-2012-11955/bluez-4.99-2.fc17 5 https://admin.fedoraproject.org/updates/FEDORA-2012-11931/system-config-users-1.2.116-1.fc17 6 https://admin.fedoraproject.org/updates/FEDORA-2012-11873/libmx-1.4.7-1.fc17 7 https://admin.fedoraproject.org/updates/FEDORA-2012-11856/xz-5.1.2-1alpha.fc17 7 https://admin.fedoraproject.org/updates/FEDORA-2012-11808/phonon-backend-gstreamer-4.6.2-1.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2012-11822/evolution-ews-3.4.4-1.fc17,evolution-mapi-3.4.4-1.fc17,evolution-exchange-3.4.4-1.fc17,evolution-3.4.4-1.fc17,evolution-data-server-3.4.4-2.fc17,gtkhtml3-4.4.4-1.fc17 10 https://admin.fedoraproject.org/updates/FEDORA-2012-11702/kde-settings-4.8-18.fc17 10 https://admin.fedoraproject.org/updates/FEDORA-2012-11727/pykickstart-1.99.15-1.fc17 11 https://admin.fedoraproject.org/updates/FEDORA-2012-11586/livecd-tools-17.14-1.fc17 11 https://admin.fedoraproject.org/updates/FEDORA-2012-11601/yajl-2.0.4-1.fc17 11 https://admin.fedoraproject.org/updates/FEDORA-2012-11617/virtuoso-opensource-6.1.6-1.fc17 11 https://admin.fedoraproject.org/updates/FEDORA-2012-11529/abrt-2.0.11-2.fc17,libreport-2.0.12-5.fc17,btparser-0.18-2.fc17 The following builds have been pushed to Fedora 17 updates-testing GraphicsMagick-1.3.16-5.fc17 apacheds-shared-0.9.19-1.fc17 cmake-fedora-1.0.5-1.fc17 eclipse-mylyn-3.8.1-1.fc17 fluidsynth-1.1.6-1.fc17 gimp-2.8.0-3.fc17 gnome-keyring-3.4.1-3.fc17 grep-2.14-1.fc17 hibernate3-3.6.10-6.fc17 java-1.7.0-openjdk-1.7.0.6-2.3.fc17.1 keepalived-1.2.5-2.fc17 latexmk-4.33c-1.fc17 libdrm-2.4.37-1.fc17 maniadrive-1.2-45.fc17 mate-backgrounds-1.4.0-1.fc17 mirall-1.0.5-4.fc17 openldap-2.4.32-2.fc17 owncloud-csync-0.50.8-9.fc17 perl-B-Generate-1.45-1.fc17 perl-Net-Dropbox-API-1.8-3.fc17 perl-X11-Protocol-Other-18-1.fc17 perl-local-lib-1.008004-5.fc17 pgRouting-1.05-1.fc17 php-5.4.6-2.fc17 postgresql-odbc-09.01.0200-1.fc17 python-flask-sqlalchemy-0.14-4.fc17 python-gunicorn-0.14.6-1.fc17 python-taskw-0.4.3-2.fc17 qpid-cpp-0.16-6.fc17 roundcubemail-0.7.3-1.fc17 selinux-policy-3.10.0-146.fc17 shutter-0.89.1-2.fc17 ssmtp-2.61-18.fc17 system-config-network-1.6.5-1.fc17 wmMatrix-0.2-1.20120814git97216606.fc17 wmpuzzle-0.5.1-1.fc17 xorg-x11-drv-intel-2.20.4-2.fc17 Details about builds: ================================================================================ GraphicsMagick-1.3.16-5.fc17 (FEDORA-2012-12352) An ImageMagick fork, offering faster image generation and better quality -------------------------------------------------------------------------------- Update Information: This update: * addresses a potential memory allocation issue with png images * fixes a -devel multilib conflict * builds against lcms2 -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 20 2012 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.3.16-5 - CVE-2012-3438 GraphicsMagick: png_IM_malloc() size argument (#844106, #844107) * Mon Aug 20 2012 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.3.16-4 - link GraphicsMagick against lcms2 instead of lcms1 (#849778) * Wed Jul 18 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3.16-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Wed Jun 27 2012 Petr Pisar <ppisar@xxxxxxxxxx> - 1.3.16-2 - Perl 5.16 rebuild * Sun Jun 24 2012 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 1.3.16-1 - GraphicsMagick-1.3.16 - GraphicsMagick-devel and GraphicsMagick-c++-devel multilib conflict (#566361) * Mon Jun 11 2012 Petr Pisar <ppisar@xxxxxxxxxx> - 1.3.15-3 - Perl 5.16 rebuild * Tue May 8 2012 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.3.15-2 - rebuild (libtiff) * Sat Apr 28 2012 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.3.15-1 - 1.3.15 -------------------------------------------------------------------------------- References: [ 1 ] Bug #566361 - GraphicsMagick-devel and GraphicsMagick-c++-devel multilib conflict https://bugzilla.redhat.com/show_bug.cgi?id=566361 [ 2 ] Bug #844106 - CVE-2012-3438 GraphicsMagick: png_IM_malloc() size argument [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=844106 [ 3 ] Bug #849778 - link GraphicsMagick against lcms2 instead of lcms1 https://bugzilla.redhat.com/show_bug.cgi?id=849778 -------------------------------------------------------------------------------- ================================================================================ apacheds-shared-0.9.19-1.fc17 (FEDORA-2012-12372) Shared APIs of Apache Directory Project -------------------------------------------------------------------------------- Update Information: Initial import. -------------------------------------------------------------------------------- References: [ 1 ] Bug #823962 - Review Request: apacheds-shared - Shared APIs of Apache Directory Project https://bugzilla.redhat.com/show_bug.cgi?id=823962 -------------------------------------------------------------------------------- ================================================================================ cmake-fedora-1.0.5-1.fc17 (FEDORA-2012-12373) CMake helper modules for fedora developers -------------------------------------------------------------------------------- Update Information: - Fedora 18 support. - Source tarball filename is changed back to name-version-Source.tar.gz to avoid confusion between source generate by cmake-fedora (which contains ChangeLog and projectName.pot) and tarball generation service from hosting site (which does not contain generated files) - koji-build-scratch: rawhide build target does not always have suffix -candidate. - README updated. - TODO updated. - Source tarball filename is now name-version.tar.gz instead of name-version-Source.tar.gz - after_release_commit depends rpm_changelog_prev_update if RPM supported enabled. - Corrected the 'FORCE' of cmake CACHE - Update the error messages when cmake-fedora is not installed. - Fixed target: zanata_push_trans. - Fixed zanata arguments. - fedpkg clone is now triggered if the clone directory does not exist when doing the fedpkg_commit, it no longer the listed OUTPUT of an ADD_CUSTOM_COMMAND. - Add target: translations as an universal easy target to generate/update translation files. -------------------------------------------------------------------------------- ChangeLog: * Tue Aug 21 2012 Ding-Yi Chen <dchen at redhat.com> - 1.0.5-1 - Fedora 18 support. - Source tarball filename is changed back to name-version-Source.tar.gz to avoid confusion between source generate by cmake-fedora (which contains ChangeLog and projectName.pot) and tarball generation service from hosting site (which does not contain generated files) - koji-build-scratch: rawhide build target does not always have suffix -candidate. - README updated. - TODO updated. * Fri Aug 17 2012 Ding-Yi Chen <dchen at redhat.com> - 1.0.4-1 - Source tarball filename is now name-version.tar.gz instead of name-version-Source.tar.gz - after_release_commit depends rpm_changelog_prev_update if RPM supported enabled. - Corrected the 'FORCE' of cmake CACHE - Update the error messages when cmake-fedora is not installed. - Fixed target: zanata_push_trans. - Fixed zanata arguments. - fedpkg clone is now triggered if the clone directory does not exist when doing the fedpkg_commit, it no longer the listed OUTPUT of an ADD_CUSTOM_COMMAND. - Add target: translations as an universal easy target to generate/update translation files. -------------------------------------------------------------------------------- ================================================================================ eclipse-mylyn-3.8.1-1.fc17 (FEDORA-2012-12348) Eclipse Mylyn main feature. -------------------------------------------------------------------------------- Update Information: Update to latest upstream (include all bugfixes). -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 20 2012 Krzysztof Daniel <kdaniel@xxxxxxxxxx> 3.8.1-1 - Update to latest upstream release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #847871 - Submitting new bug against product with space fails https://bugzilla.redhat.com/show_bug.cgi?id=847871 -------------------------------------------------------------------------------- ================================================================================ fluidsynth-1.1.6-1.fc17 (FEDORA-2012-12339) Real-time software synthesizer -------------------------------------------------------------------------------- Update Information: Fixes and changes - Handle MIDI End of track events, ticket #101 (Matt Giuca) - Prevent broken rendering after an voice overflow, ticket #100 (diwic) - Enable long arguments where available (plcl) - Linux: Prevent libdbus crash (diwic) -------------------------------------------------------------------------------- ChangeLog: * Tue Aug 21 2012 Orcan Ogetbil <oget[dot]fedora[at]gmail[dot]com> - 1.1.6-1 - Update to 1.1.6 * Thu Jul 19 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.1.5-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ gimp-2.8.0-3.fc17 (FEDORA-2012-12383) GNU Image Manipulation Program -------------------------------------------------------------------------------- Update Information: This update fixes security and stability issues in various image format loaders. Security issues fixed include CVE-2012-3403 and CVE-2012-3481. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 20 2012 Nils Philippsen <nils@xxxxxxxxxx> - 2:2.8.0-3 - fix crash in fits loader (#834627) - fix overflow in CEL plug-in (CVE-2012-3403) - fix overflow in GIF loader (CVE-2012-3481) * Thu Jul 19 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2:2.8.0-2.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Mon Jun 25 2012 Nils Philippsen <nils@xxxxxxxxxx> - 2:2.8.0-2 - build with poppler >= 0.20.0 from Fedora 18 on as it is GPLv2/GPLv3 dual-licensed -------------------------------------------------------------------------------- References: [ 1 ] Bug #839020 - CVE-2012-3403 gimp (CEL plug-in): heap buffer overflow when loading external palette files https://bugzilla.redhat.com/show_bug.cgi?id=839020 [ 2 ] Bug #847303 - CVE-2012-3481 Gimp (GIF plug-in): Heap-based buffer overflow by loading certain GIF images https://bugzilla.redhat.com/show_bug.cgi?id=847303 -------------------------------------------------------------------------------- ================================================================================ gnome-keyring-3.4.1-3.fc17 (FEDORA-2012-12368) Framework for managing passwords and other secrets -------------------------------------------------------------------------------- Update Information: GPG agent did not respect cache expiry settings. Backported patch to fix this issue. -------------------------------------------------------------------------------- ChangeLog: * Wed Aug 15 2012 Stef Walter <stefw@xxxxxxxxxx> - 3.4.1-3 - Fix for minor security issue: https://bugzilla.gnome.org/show_bug.cgi?id=681081 -------------------------------------------------------------------------------- References: [ 1 ] Bug #845426 - CVE-2012-3466 gnome-keyring: improper caching of passwords/passphrase https://bugzilla.redhat.com/show_bug.cgi?id=845426 -------------------------------------------------------------------------------- ================================================================================ grep-2.14-1.fc17 (FEDORA-2012-12361) Pattern matching utilities -------------------------------------------------------------------------------- Update Information: This is new version of grep that fixes two bugs (including problem with grep -i '^$'). For more details see upstream announcement https://savannah.gnu.org/forum/forum.php?forum_id=7338 -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 20 2012 Jaroslav Škarvada <jskarvad@xxxxxxxxxx> - 2.14-1 - New version Resolves: rhbz#849594 * Thu Jul 19 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.13-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #849594 - grep-2.14 is available https://bugzilla.redhat.com/show_bug.cgi?id=849594 -------------------------------------------------------------------------------- ================================================================================ hibernate3-3.6.10-6.fc17 (FEDORA-2012-12350) Relational persistence and query service -------------------------------------------------------------------------------- Update Information: The hibernate3 package has been split into one subpackage per module, and several new modules -- ehcache, jbosscache, infinispan, and envvars -- have been enabled The ehcache module has been enabled in hibernate3, and all modules have been split into subpackages to simplify core dependencies. The hibernate3 package has been split into one subpackage per module, and several new modules -- ehcache, jbosscache, infinispan, and envvars -- have been enabled The ehcache module has been enabled in hibernate3, and all modules have been split into subpackages to simplify core dependencies. -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- References: [ 1 ] Bug #846658 - Please add infinispan module https://bugzilla.redhat.com/show_bug.cgi?id=846658 [ 2 ] Bug #845209 - enabled ehcache module https://bugzilla.redhat.com/show_bug.cgi?id=845209 [ 3 ] Bug #847496 - Enable envers module https://bugzilla.redhat.com/show_bug.cgi?id=847496 -------------------------------------------------------------------------------- ================================================================================ java-1.7.0-openjdk-1.7.0.6-2.3.fc17.1 (FEDORA-2012-12347) OpenJDK Runtime Environment -------------------------------------------------------------------------------- Update Information: Updated to latest IcedTea7 2.3 based on latest build of openJDK u6. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 20 2012 jiri Vanek <jvanek@xxxxxxxxxx> - 1.7.0.6-2.3.fc17.1 - Updated to latest IcedTea7-forest-2.3 - Current build is u6 - Added Patch500, java-1.7.0-openjdk-removing_jvisualvm_man.patch to remove jvisualvm manpages from processing -------------------------------------------------------------------------------- ================================================================================ keepalived-1.2.5-2.fc17 (FEDORA-2012-12377) High Availability monitor built upon LVS, VRRP and service pollers -------------------------------------------------------------------------------- Update Information: Update to keepalived v1.2.5 stable release. -------------------------------------------------------------------------------- ChangeLog: * Tue Aug 14 2012 Ryan O'Hara <rohara@xxxxxxxxxx> - 1.2.5-2 - Fix path to mibs. * Tue Aug 14 2012 Ryan O'Hara <rohara@xxxxxxxxxx> - 1.2.5-1 - Update to 1.2.5. -------------------------------------------------------------------------------- References: [ 1 ] Bug #704039 - CVE-2011-1784 keepalived: insecure permissions on pid files https://bugzilla.redhat.com/show_bug.cgi?id=704039 -------------------------------------------------------------------------------- ================================================================================ latexmk-4.33c-1.fc17 (FEDORA-2012-12378) A make-like utility for LaTeX files -------------------------------------------------------------------------------- Update Information: This update provides better error handling for latex and pdflatex. The documentation has also been improved in several ways. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 20 2012 Jerry James <loganjerry@xxxxxxxxx> - 4.33c-1 - Update to 4.33c (improved error handling for latex/pdflatex) * Thu Jul 19 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 4.31-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ libdrm-2.4.37-1.fc17 (FEDORA-2012-12360) Direct Rendering Manager runtime library -------------------------------------------------------------------------------- Update Information: Upstream 2.4.37 release -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 2 2012 Ben Skeggs <bskeggs@xxxxxxxxxx> 2.4.37-1 - libdrm 2.4.37 - patched in dual-support for old nouveau api -------------------------------------------------------------------------------- References: [ 1 ] Bug #829967 - libdrm-2.4.37 is available https://bugzilla.redhat.com/show_bug.cgi?id=829967 -------------------------------------------------------------------------------- ================================================================================ maniadrive-1.2-45.fc17 (FEDORA-2012-12162) 3D stunt driving game -------------------------------------------------------------------------------- Update Information: The PHP development team would like to announce the immediate availability of PHP 5.4.6. Over 20 bugs were fixed. All users of PHP are encouraged to upgrade to this release. * Release Announcement: http://www.php.net/releases/5_4_6.php * ChangeLog: http://www.php.net/ChangeLog-5.php#5.4.6 Enable php-fpm on secondary arch. -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 17 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.2-45 - rebuild against PHP 5.4.6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #849490 - php-fpm package is missing from fedora-arm https://bugzilla.redhat.com/show_bug.cgi?id=849490 -------------------------------------------------------------------------------- ================================================================================ mate-backgrounds-1.4.0-1.fc17 (FEDORA-2012-12346) MATE Desktop backgrounds -------------------------------------------------------------------------------- Update Information: Backgrounds for MATE Desktop -------------------------------------------------------------------------------- References: [ 1 ] Bug #847697 - Review Request: mate-backgrounds - Backgrounds for MATE Desktop https://bugzilla.redhat.com/show_bug.cgi?id=847697 -------------------------------------------------------------------------------- ================================================================================ mirall-1.0.5-4.fc17 (FEDORA-2012-12358) The ownCloud Client -------------------------------------------------------------------------------- Update Information: New packages provide a Desktop Client for ownCloud -------------------------------------------------------------------------------- References: [ 1 ] Bug #848208 - Review Request: owncloud-csync - a file synchroniser utility https://bugzilla.redhat.com/show_bug.cgi?id=848208 [ 2 ] Bug #848211 - Review Request: mirall - owncloud desktop client https://bugzilla.redhat.com/show_bug.cgi?id=848211 -------------------------------------------------------------------------------- ================================================================================ openldap-2.4.32-2.fc17 (FEDORA-2012-12379) LDAP support libraries -------------------------------------------------------------------------------- Update Information: Resolves TLS failures in replication in 389 Directory Server introduced by recent Mozilla NSS backend fixes. contains two enhancements: * prefer key from authenticated slot * allow certificate name with token new upstream release: - library: double free, SASL handling - tools: read SASL_NOCANON from config file - slapd: config index renumbering, duplicate error response - backends: various fixes in mdb, bdb/hdb, ldap - accesslog, syncprov: fix memory leaks in with replication - sha2: portability, thread safety, support SSHA256,384,512 - documentation fixes -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 20 2012 Jan Vcelak <jvcelak@xxxxxxxxxx> 2.4.32-2 - enhancement: TLS, prefer private keys from authenticated slots - enhancement: TLS, allow certificate specification including token name - resolve TLS failures in replication in 389 Directory Server * Wed Aug 1 2012 Jan Vcelak <jvcelak@xxxxxxxxxx> 2.4.32-1 - new upstream release + library: double free, SASL handling + tools: read SASL_NOCANON from config file + slapd: config index renumbering, duplicate error response + backends: various fixes in mdb, bdb/hdb, ldap + accesslog, syncprov: fix memory leaks in with replication + sha2: portability, thread safety, support SSHA256,384,512 + documentation fixes -------------------------------------------------------------------------------- ================================================================================ owncloud-csync-0.50.8-9.fc17 (FEDORA-2012-12358) A user level bidirectional client only file synchronizer -------------------------------------------------------------------------------- Update Information: New packages provide a Desktop Client for ownCloud -------------------------------------------------------------------------------- References: [ 1 ] Bug #848208 - Review Request: owncloud-csync - a file synchroniser utility https://bugzilla.redhat.com/show_bug.cgi?id=848208 [ 2 ] Bug #848211 - Review Request: mirall - owncloud desktop client https://bugzilla.redhat.com/show_bug.cgi?id=848211 -------------------------------------------------------------------------------- ================================================================================ perl-B-Generate-1.45-1.fc17 (FEDORA-2012-12370) Create your own op trees -------------------------------------------------------------------------------- Update Information: New package perl-B-Generate -------------------------------------------------------------------------------- References: [ 1 ] Bug #830593 - Review Request: perl-B-Generate - Create your own op trees https://bugzilla.redhat.com/show_bug.cgi?id=830593 -------------------------------------------------------------------------------- ================================================================================ perl-Net-Dropbox-API-1.8-3.fc17 (FEDORA-2012-12050) A dropbox API interface -------------------------------------------------------------------------------- Update Information: New upstream release of Shutter. -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- ================================================================================ perl-X11-Protocol-Other-18-1.fc17 (FEDORA-2012-12050) Miscellaneous X11::Protocol helpers -------------------------------------------------------------------------------- Update Information: New upstream release of Shutter. -------------------------------------------------------------------------------- ================================================================================ perl-local-lib-1.008004-5.fc17 (FEDORA-2012-12354) Create and use a local lib/ for perl modules -------------------------------------------------------------------------------- Update Information: CSH support fixed. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 20 2012 Petr Pisar <ppisar@xxxxxxxxxx> - 1.008004-5 - Fix CSH support (bug #849609) -------------------------------------------------------------------------------- References: [ 1 ] Bug #849609 - perl-homedir.csh causes login error for users with CSH as default shell https://bugzilla.redhat.com/show_bug.cgi?id=849609 -------------------------------------------------------------------------------- ================================================================================ pgRouting-1.05-1.fc17 (FEDORA-2012-12351) Provides routing functionality to PostGIS/PostgreSQL -------------------------------------------------------------------------------- Update Information: Package revived, after it was deprecated in F16 and later Updated to upstream release 1.05 -------------------------------------------------------------------------------- ChangeLog: * Wed Aug 15 2012 Volker Fröhlich <volker27@xxxxxx> - 1.05-1 - Update to 1.05 - Update URL - Update description - Correct FSF address - Retire patch0 - Introduce macros with_gaul and tarname; create conditionals based on the first - Update flags patch and manually add custom flag - Replace make macros with the command - Remove unnecessary BR geos-devel - Remove unnecessary R postgresql; Postgis takes care of that - Drop rm for buildroot before install - Drop ldconfig, because libs are in sub-directory - Drop version requirements in BRs and Requires. All shipped versions are new enough in Fedora - Enable DD option and added BR CGAL-devel - Simplify attr and drop defattr in files section -------------------------------------------------------------------------------- References: [ 1 ] Bug #848421 - Review Request: pgRouting - Provides routing functionality to PostGIS/PostgreSQL https://bugzilla.redhat.com/show_bug.cgi?id=848421 -------------------------------------------------------------------------------- ================================================================================ php-5.4.6-2.fc17 (FEDORA-2012-12162) PHP scripting language for creating dynamic web sites -------------------------------------------------------------------------------- Update Information: The PHP development team would like to announce the immediate availability of PHP 5.4.6. Over 20 bugs were fixed. All users of PHP are encouraged to upgrade to this release. * Release Announcement: http://www.php.net/releases/5_4_6.php * ChangeLog: http://www.php.net/ChangeLog-5.php#5.4.6 Enable php-fpm on secondary arch. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 20 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> 5.4.6-2 - enable php-fpm on secondary arch (#849490) * Fri Aug 17 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> 5.4.6-1 - update to 5.4.6 - update to v9 of systzdata patch - backport fix for new libxml -------------------------------------------------------------------------------- References: [ 1 ] Bug #849490 - php-fpm package is missing from fedora-arm https://bugzilla.redhat.com/show_bug.cgi?id=849490 -------------------------------------------------------------------------------- ================================================================================ postgresql-odbc-09.01.0200-1.fc17 (FEDORA-2012-12359) PostgreSQL ODBC driver -------------------------------------------------------------------------------- Update Information: Update to version 09.01.0200, for assorted minor bug fixes listed at http://psqlodbc.projects.postgresql.org/release.html -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 20 2012 Tom Lane <tgl@xxxxxxxxxx> 09.01.0200-1 - Update to version 09.01.0200 - Minor specfile cleanup per suggestions from Tom Callaway Related: #845110 -------------------------------------------------------------------------------- ================================================================================ python-flask-sqlalchemy-0.14-4.fc17 (FEDORA-2012-12344) Adds SQLAlchemy support to Flask application -------------------------------------------------------------------------------- Update Information: Added python-sqlalchemy as requires. -------------------------------------------------------------------------------- ChangeLog: * Tue Aug 21 2012 Praveen Kumar <kumarpraveen.nitdgp@xxxxxxxxx> - 0.14-4 - Added python-sqlalchemy as requires * Sat Jul 21 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.14-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #849384 - python-flask-sqlalchemy should require python-sqlalchemy https://bugzilla.redhat.com/show_bug.cgi?id=849384 -------------------------------------------------------------------------------- ================================================================================ python-gunicorn-0.14.6-1.fc17 (FEDORA-2012-12365) Python WSGI application server -------------------------------------------------------------------------------- Update Information: Upstream bugfix release 0.14.6. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 20 2012 Dan Callaghan <dcallagh@xxxxxxxxxx> - 0.14-6-2 - fix for LimitRequestLine test failure (upstream issue #390) * Wed Aug 1 2012 Dan Callaghan <dcallagh@xxxxxxxxxx> - 0.14.6-1 - upstream bugfix release 0.14.6 * Sat Jul 21 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.14.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #843870 - python-gunicorn-0.14.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=843870 -------------------------------------------------------------------------------- ================================================================================ python-taskw-0.4.3-2.fc17 (FEDORA-2012-12342) Python bindings for your taskwarrior database -------------------------------------------------------------------------------- Update Information: Initial import (#848256). -------------------------------------------------------------------------------- ================================================================================ qpid-cpp-0.16-6.fc17 (FEDORA-2012-12343) Libraries for Qpid C++ client applications -------------------------------------------------------------------------------- Update Information: fix build on non-x86 arches Provides the qpid-cpp-server-daemon package. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 20 2012 Dan Horák <dan[at]danny.cz> - 0.16-6 - allow build without InfiniBand eg. on s390(x) - fix build on non-x86 64-bit arches * Fri Aug 17 2012 Darryl L. Pierce <dpierce@xxxxxxxxxx> - 0.16-5 - Added the qpid-cpp-server-daemon subpackage. * This package delivers the SysVInit scripts needed by qpidd. -------------------------------------------------------------------------------- ================================================================================ roundcubemail-0.7.3-1.fc17 (FEDORA-2012-12362) Round Cube Webmail is a browser-based multilingual IMAP client -------------------------------------------------------------------------------- Update Information: Latest upstream, plus patch for XSS CVE-2012-3507. http://trac.roundcube.net/ticket/1488613 -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 20 2012 Jon Ciesla <limburgher@xxxxxxxxx> - 0.7.3-1 - 0.7.3, patch for XSS in signature issue, BZ 849616, 849617. * Sat Jul 21 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.7.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #849616 - roundcubemail: XSS by processing signatures in HTML mode [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=849616 -------------------------------------------------------------------------------- ================================================================================ selinux-policy-3.10.0-146.fc17 (FEDORA-2012-12355) SELinux policy configuration -------------------------------------------------------------------------------- Update Information: Here is where you give an explanation of your update. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 20 2012 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.10.0-146 - Allow tmpreaper to delete unlabeled files - Backport selinux_login_config fixes from F18 for sssd - Allow thumb drives to create shared memory and semaphores - Make "snmpwalk -mREDHAT-CLUSTER-MIB ...." working - Allow dlm_controld to execute dlm_stonith labeled as bin_t - Allow GFS2 working on F17 - Allow thumb to gettatr on all fs - Allow condor domains to read kernel sysctls - Allow condor_master to connect to amqp - Allow abrt to read mozilla_plugin config files - Backport squid policy with support for lightsquid - Allow useradd to modify /etc/default/useradd - dovecot_auth_t uses ldap for user auth - Dontaudit mozilla_plugin attempts to ipc_lock - Allow tmpreaper to search unlabeled /tmp/kdecache-root - Allow jockey to list the contents of modeprobe.d - Allow web plugins to connect to the asterisk ports -------------------------------------------------------------------------------- References: [ 1 ] Bug #846188 - SELinux is preventing /usr/lib64/xulrunner-2/plugin-container from using the 'ipc_lock' capabilities. https://bugzilla.redhat.com/show_bug.cgi?id=846188 [ 2 ] Bug #847438 - SELinux is preventing /usr/libexec/dovecot/auth from 'name_connect' accesses on the tcp_socket . https://bugzilla.redhat.com/show_bug.cgi?id=847438 [ 3 ] Bug #847491 - SELinux is preventing /opt/google/talkplugin/GoogleTalkPlugin from 'name_connect' accesses on the tcp_socket . https://bugzilla.redhat.com/show_bug.cgi?id=847491 [ 4 ] Bug #847507 - SELinux is preventing /usr/bin/python2.7 from 'read' accesses on the directory /etc/modprobe.d. https://bugzilla.redhat.com/show_bug.cgi?id=847507 [ 5 ] Bug #848377 - SELinux is preventing /usr/bin/gdb from 'open' accesses on the file /usr/lib/mozilla/plugins-wrapped/nswrapper_32_32.libflashplayer.so. https://bugzilla.redhat.com/show_bug.cgi?id=848377 [ 6 ] Bug #848443 - SELinux is preventing /usr/sbin/condor_master from 'search' accesses on the directory kernel. https://bugzilla.redhat.com/show_bug.cgi?id=848443 [ 7 ] Bug #848454 - A Series of SELinux Notify Messages when starting packages https://bugzilla.redhat.com/show_bug.cgi?id=848454 [ 8 ] Bug #848496 - SELinux is preventing /usr/bin/totem-video-thumbnailer from 'create' accesses on the shared memory . https://bugzilla.redhat.com/show_bug.cgi?id=848496 [ 9 ] Bug #848838 - SELinux is preventing /usr/bin/atril-thumbnailer from 'getattr' accesses on the filesystem /. https://bugzilla.redhat.com/show_bug.cgi?id=848838 [ 10 ] Bug #849176 - avc denials with dlm_controld https://bugzilla.redhat.com/show_bug.cgi?id=849176 [ 11 ] Bug #849523 - SELinux is preventing npviewer.bin from 'execmod' accesses on the file /usr/lib/nvidia/libnvidia-glcore.so.304.37. https://bugzilla.redhat.com/show_bug.cgi?id=849523 [ 12 ] Bug #849567 - Need update of selinux policy related to SSSD https://bugzilla.redhat.com/show_bug.cgi?id=849567 -------------------------------------------------------------------------------- ================================================================================ shutter-0.89.1-2.fc17 (FEDORA-2012-12050) GTK+ 2.0 screenshot application written in perl -------------------------------------------------------------------------------- Update Information: New upstream release of Shutter. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 20 2012 Robin Lee <cheeselee@xxxxxxxxxxxxxxxxx> - 0.89.1-2 - Remove the bundled perl(X11::Protocol::Ext::XFIXES) * Thu Aug 16 2012 Robin Lee <cheeselee@xxxxxxxxxxxxxxxxx> - 0.89.1-1 - Update to 0.89.1 - Remove the patch for desktop entry file - Filtered fake provides - Add Perl MODULE_COMPAT requires - Requires perl(X11::Protocol::Ext::XFIXES) - Don't remove the executable bit of the upload plugins * Fri Aug 10 2012 Robin Lee <cheeselee@xxxxxxxxxxxxxxxxx> - 0.89-1 - Update to 0.89 (#722700, #753423, #659378, #759686, #754880) - License changed to GPLv3+ - Patch updated - Perl modules moved to %{perl_vendorlib} - Scriptlet updated - Other cleanup * Sat Jul 21 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.87.3-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ ssmtp-2.61-18.fc17 (FEDORA-2012-12371) Extremely simple MTA to get mail off the system to a Mailhub -------------------------------------------------------------------------------- Update Information: Should fix https://bugzilla.redhat.com/show_bug.cgi?id=830733 -------------------------------------------------------------------------------- ChangeLog: * Sat Jun 30 2012 Manuel "lonely wolf" Wolfshant <wolfy@xxxxxxxxxxxxxxxxx> - 2.61-18 - Apply patch to fix addition of garbage at end of attachments -------------------------------------------------------------------------------- References: [ 1 ] Bug #830733 - Inserts garbage NULL characters in messages https://bugzilla.redhat.com/show_bug.cgi?id=830733 -------------------------------------------------------------------------------- ================================================================================ system-config-network-1.6.5-1.fc17 (FEDORA-2012-11561) The GUI of the Network Administration Tool -------------------------------------------------------------------------------- Update Information: This update fixes a bug that could prevent machine from suspending after saving configuration in system-config-network. -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 16 2012 Jiri Popelka <jpopelka@xxxxxxxxxx> 1.6.5-1 - ConfShellVar(): use quotation marks instead of apostrophes around variable names. (RHBZ#846081) * Tue Aug 7 2012 Jiri Popelka <jpopelka@xxxxxxxxxx> 1.6.4-1 - version 1.6.4 - Don't write DEVICE= line (rhbz#846081) - add support for lcs devices - Disable the Bind to MAC address option on bond slave devices (rhbz #504824) - Do not remove GATEWAYDEV from /etc/sysconfig/network (rhbz #602688). - Don't remove route-ethX on save (rhbz #501530) - Establishing a QETH Connection chapter added to help - use xdg-open instead of htmlview -------------------------------------------------------------------------------- References: [ 1 ] Bug #846081 - Saving in system-config-network-gui can stop suspend from working (EXPLOITABLE). https://bugzilla.redhat.com/show_bug.cgi?id=846081 -------------------------------------------------------------------------------- ================================================================================ wmMatrix-0.2-1.20120814git97216606.fc17 (FEDORA-2012-12380) DockApp version of Jamie Zawinski's xmatrix screensaver hack -------------------------------------------------------------------------------- Update Information: New package -------------------------------------------------------------------------------- ================================================================================ wmpuzzle-0.5.1-1.fc17 (FEDORA-2012-12375) A 4x4 puzzle on a 64x64 mini window -------------------------------------------------------------------------------- Update Information: wmpuzzle provides a 4x4 puzzle on a 64x64 mini window. You can puzzle any XPM image you wish. -------------------------------------------------------------------------------- References: [ 1 ] Bug #842173 - Review Request: wmpuzzle - A 4x4 puzzle on a 64x64 mini window https://bugzilla.redhat.com/show_bug.cgi?id=842173 -------------------------------------------------------------------------------- ================================================================================ xorg-x11-drv-intel-2.20.4-2.fc17 (FEDORA-2012-12369) Xorg X11 Intel video driver -------------------------------------------------------------------------------- Update Information: Upstream 2.20.4 plus backports to not bind to Poulsbo-esque Intel chips. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 20 2012 Adam Jackson <ajax@xxxxxxxxxx> 2.20.4-2 - Backport some patches to avoid binding to non-i915.ko-driven Intel GPUs, like Cedarview and friends (#849475) * Mon Aug 20 2012 Adam Jackson <ajax@xxxxxxxxxx> 2.20.4-1 - intel 2.20.4 * Thu Aug 16 2012 Dave Airlie <airlied@xxxxxxxxxx> 2.20.3-3 - fix vmap flush to correct upstream version in prime patch * Thu Aug 16 2012 Dave Airlie <airlied@xxxxxxxxxx> 2.20.3-2 - snapshot upstream + add prime support for now * Wed Aug 15 2012 Adam Jackson <ajax@xxxxxxxxxx> 2.20.3-1 - intel 2.20.3 * Wed Aug 1 2012 Adam Jackson <ajax@xxxxxxxxxx> 2.20.2-1 - intel 2.20.2 - Only disable UMS in RHEL7, since i810 exists in RHEL6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #849475 - GMA3600 doesn't work with xorg-x11-drv-intel 2.20.1-1.fc17 https://bugzilla.redhat.com/show_bug.cgi?id=849475 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
