The following Fedora 16 Security updates need testing: Age URL 47 https://admin.fedoraproject.org/updates/FEDORA-2012-10314/revelation-0.4.14-1.fc16 11 https://admin.fedoraproject.org/updates/FEDORA-2012-11737/transfig-3.2.5d-4.fc16 1 https://admin.fedoraproject.org/updates/FEDORA-2012-12367/keepalived-1.2.3-2.fc16 6 https://admin.fedoraproject.org/updates/FEDORA-2012-11934/libotr-3.2.1-1.fc16 6 https://admin.fedoraproject.org/updates/FEDORA-2012-11928/glibc-2.14.90-24.fc16.9 1 https://admin.fedoraproject.org/updates/FEDORA-2012-12357/roundcubemail-0.7.3-1.fc16 1 https://admin.fedoraproject.org/updates/FEDORA-2012-12364/gimp-2.6.12-2.fc16 1 https://admin.fedoraproject.org/updates/FEDORA-2012-12366/GraphicsMagick-1.3.16-5.fc16 45 https://admin.fedoraproject.org/updates/FEDORA-2012-10402/bcfg2-1.2.3-1.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-12514/tor-0.2.2.38-1600.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-12145/drupal6-ctools-1.9-1.fc16 5 https://admin.fedoraproject.org/updates/FEDORA-2012-12060/phpMyAdmin-3.5.2.2-1.fc16 5 https://admin.fedoraproject.org/updates/FEDORA-2012-12085/wireshark-1.6.10-1.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-12481/jabberd-2.2.14-4.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-12488/zabbix-1.8.15-1.fc16 9 https://admin.fedoraproject.org/updates/FEDORA-2012-11746/ImageMagick-6.7.0.10-6.fc16 16 https://admin.fedoraproject.org/updates/FEDORA-2012-11476/drupal6-og-2.4-1.fc16 16 https://admin.fedoraproject.org/updates/FEDORA-2012-11526/dokuwiki-0-0.11.20120125.b.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-12156/postgresql-9.1.5-1.fc16 3 https://admin.fedoraproject.org/updates/FEDORA-2012-12198/openttd-1.2.2-1.fc16 2 https://admin.fedoraproject.org/updates/FEDORA-2012-12286/munin-2.0.5-2.fc16 The following Fedora 16 Critical Path updates have yet to be approved: Age URL 3 https://admin.fedoraproject.org/updates/FEDORA-2012-12205/kdepim-4.8.5-2.fc16 5 https://admin.fedoraproject.org/updates/FEDORA-2012-12072/qrencode-3.3.1-3.fc16 6 https://admin.fedoraproject.org/updates/FEDORA-2012-11928/glibc-2.14.90-24.fc16.9 6 https://admin.fedoraproject.org/updates/FEDORA-2012-11947/system-config-users-1.2.116-1.fc16 6 https://admin.fedoraproject.org/updates/FEDORA-2012-11961/libfm-1.0-1.fc16,pcmanfm-1.0-1.fc16 8 https://admin.fedoraproject.org/updates/FEDORA-2012-11797/phonon-backend-gstreamer-4.6.2-1.fc16 12 https://admin.fedoraproject.org/updates/FEDORA-2012-11673/tar-1.26-5.fc16 12 https://admin.fedoraproject.org/updates/FEDORA-2012-11595/virtuoso-opensource-6.1.6-1.fc16 12 https://admin.fedoraproject.org/updates/FEDORA-2012-11669/mysql-5.5.27-1.fc16 The following builds have been pushed to Fedora 16 updates-testing glances-1.4-2.fc16 jabberd-2.2.14-4.fc16 mate-menus-1.4.0-3.fc16 mate-polkit-1.4.0-2.fc16 mate-vfs-1.4.0-10.fc16 mongoose-3.1-1.fc16 perl-CGI-Session-4.35-10.fc16 perl-DBD-Pg-2.19.3-1.fc16 qbittorrent-3.0.1-1.fc16 rednotebook-1.5.0-1.fc16 rubygem-boxgrinder-build-0.10.3-1.fc16 rubygem-boxgrinder-core-0.3.13-1.fc16 tor-0.2.2.38-1600.fc16 vrq-1.0.96-1.fc16 xscreensaver-5.19-2.fc16 zabbix-1.8.15-1.fc16 Details about builds: ================================================================================ glances-1.4-2.fc16 (FEDORA-2012-12474) CLI curses based monitoring tool -------------------------------------------------------------------------------- Update Information: add missing dependancies -------------------------------------------------------------------------------- ChangeLog: * Tue Aug 21 2012 Edouard Bourguignon <madko@xxxxxxxxxxx> - 1.4-2 - Adding missing dependencies - Removing shebang in non-executable files * Tue Aug 21 2012 Edouard Bourguignon <madko@xxxxxxxxxxx> - 1.4-1 - Upgrade to version 1.4 * Thu Jul 19 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3.7-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Mon Feb 13 2012 Edouard Bourguignon <madko@xxxxxxxxxxx> - 1.3.7-2 - Add version for python -------------------------------------------------------------------------------- ================================================================================ jabberd-2.2.14-4.fc16 (FEDORA-2012-12481) OpenSource server implementation of the Jabber protocols -------------------------------------------------------------------------------- Update Information: included patch for "Vulnerability in XMPP Server Dialback Implementations" http://xmpp.org/resources/security-notices/server-dialback/ -------------------------------------------------------------------------------- ChangeLog: * Wed Aug 22 2012 Adrian Reber <adrian@xxxxxxxx> - 2.2.14-4 - included patch for "Vulnerability in XMPP Server Dialback Implementations" http://xmpp.org/resources/security-notices/server-dialback/ * Tue Jul 24 2012 Adrian Reber <adrian@xxxxxxxx> - 2.2.14-3 - fixes "service jabberd restart fails on stopping s2s" (#730967) * Fri Jan 13 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.2.14-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ mate-menus-1.4.0-3.fc16 (FEDORA-2012-12512) Displays menus for MATE Desktop -------------------------------------------------------------------------------- Update Information: Displays menus for MATE Desktop -------------------------------------------------------------------------------- References: [ 1 ] Bug #847712 - Review Request: mate-menus - Displays menus for MATE Desktop https://bugzilla.redhat.com/show_bug.cgi?id=847712 -------------------------------------------------------------------------------- ================================================================================ mate-polkit-1.4.0-2.fc16 (FEDORA-2012-12506) Integrates polkit authentication for MATE desktop -------------------------------------------------------------------------------- Update Information: PolicyKit integration for MATE desktop. -------------------------------------------------------------------------------- References: [ 1 ] Bug #847419 - Review request: mate-polkit - Integrates polkit with the MATE Desktop environment https://bugzilla.redhat.com/show_bug.cgi?id=847419 -------------------------------------------------------------------------------- ================================================================================ mate-vfs-1.4.0-10.fc16 (FEDORA-2012-12513) The MATE virtual file-system libraries -------------------------------------------------------------------------------- Update Information: mate vfs -------------------------------------------------------------------------------- References: [ 1 ] Bug #844164 - Review Request: mate-vfs - The MATE virtual file-system libraries https://bugzilla.redhat.com/show_bug.cgi?id=844164 -------------------------------------------------------------------------------- ================================================================================ mongoose-3.1-1.fc16 (FEDORA-2012-12525) An easy-to-use self-sufficient web server -------------------------------------------------------------------------------- Update Information: "Packaged mongoose's upsteam 3.1 release" -------------------------------------------------------------------------------- ChangeLog: * Wed Aug 15 2012 Florencia Fotorello <ffotorel at redhat dot com> - 3.1-1 - Repackage mongoose for all stable branches (840999) * Thu Jul 5 2012 Rafael Azenha Aquini <aquini at linux dot com> - 3.1-1 - Packaged mongoose's upstream 3.1 release. - Introduced -lib -devel sub-packages (804843) - Change build option to -DNO_SSL_DL (804844) * Fri Jan 13 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #804843 - repackage mongoose, incl. shared library and -devel https://bugzilla.redhat.com/show_bug.cgi?id=804843 [ 2 ] Bug #804844 - build mongoose with -DNO_SSL_DL https://bugzilla.redhat.com/show_bug.cgi?id=804844 [ 3 ] Bug #840999 - Repackage mongoose for all stable branches https://bugzilla.redhat.com/show_bug.cgi?id=840999 -------------------------------------------------------------------------------- ================================================================================ perl-CGI-Session-4.35-10.fc16 (FEDORA-2012-12470) Persistent session data in CGI applications -------------------------------------------------------------------------------- Update Information: Fix deprecated use of qw//. Specify all dependencies. -------------------------------------------------------------------------------- ChangeLog: * Tue Aug 21 2012 Petr Pisar <ppisar@xxxxxxxxxx> - 4.35-10 - Fix deprecated use of qw// (bug #754689) - Specify all dependencies - Add BR: perl(Digest::MD5) (Fix mass rebuild FTBS). -------------------------------------------------------------------------------- References: [ 1 ] Bug #754689 - CGI::Session emits deprecation warning when running under 'use warnings' https://bugzilla.redhat.com/show_bug.cgi?id=754689 -------------------------------------------------------------------------------- ================================================================================ perl-DBD-Pg-2.19.3-1.fc16 (FEDORA-2012-12501) A PostgreSQL interface for perl -------------------------------------------------------------------------------- Update Information: Fix segfault in pg_st_split_statement(). -------------------------------------------------------------------------------- ChangeLog: * Wed Aug 22 2012 Petr Pisar <ppisar@xxxxxxxxxx> - 2.19.3-1 - 2.19.3 bump -------------------------------------------------------------------------------- References: [ 1 ] Bug #850673 - perl-DBD-Pg-2.19.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=850673 -------------------------------------------------------------------------------- ================================================================================ qbittorrent-3.0.1-1.fc16 (FEDORA-2012-12516) A Bittorrent Client -------------------------------------------------------------------------------- Update Information: * Tue Aug 21 2012 - Christophe Dumez <chris@xxxxxxxxxxxxxxx> - v3.0.1 - BUGFIX: Fix possible crash when adding a tracker to a magnet torrent without metadata (Closes #1034254) - BUGFIX: Remember queue position for torrents without metadata (closes #17) - BUGFIX: Fix crash when using unauthorized characters in label names (closes #19) - BUGFIX: Fix search plugins updating (closes #25) - BUGFIX: Make uTP connections rate limited by default -------------------------------------------------------------------------------- ChangeLog: * Tue Aug 21 2012 Leigh Scott <leigh123linux@xxxxxxxxxxxxxx> - 1:3.0.1-1 - update to 3.0.1 release - change source to .xz -------------------------------------------------------------------------------- ================================================================================ rednotebook-1.5.0-1.fc16 (FEDORA-2012-12477) A desktop diary -------------------------------------------------------------------------------- Update Information: * Mon Aug 13 2012 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 1.5.0-1 - Updated to new upstream version 1.5.0 -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 13 2012 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 1.5.0-1 - Updated to new upstream version 1.5.0 * Sat Jul 21 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.4.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Fri Apr 13 2012 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 1.4.0-1 - Updated to new upstream version 1.4.0 -------------------------------------------------------------------------------- ================================================================================ rubygem-boxgrinder-build-0.10.3-1.fc16 (FEDORA-2012-12520) A tool for creating appliances from simple plain text files -------------------------------------------------------------------------------- Update Information: - Upstream release: 0.10.3 - [BGBUILD-339] Existing rpm package with the name containing '+' considered as an invalid name - [BGBUILD-359] Enable more than 4 partitions in msdos partition layout - [BGBUILD-368] Update QEMU wrapper to attempt detection of a valid qemu binary -------------------------------------------------------------------------------- ChangeLog: * Wed Aug 22 2012 Marek Goldmann <mgoldman@xxxxxxxxxx> - 0.10.3-1 - Upstream release: 0.10.3 - [BGBUILD-339] Existing rpm package with the name containing '+' considered as an invalid name - [BGBUILD-359] Enable more than 4 partitions in msdos partition layout - [BGBUILD-368] Update QEMU wrapper to attempt detection of a valid qemu binary * Sat Jul 21 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.10.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ rubygem-boxgrinder-core-0.3.13-1.fc16 (FEDORA-2012-12486) Core library for BoxGrinder -------------------------------------------------------------------------------- Update Information: - Upstream release: 0.3.13 - [BGBUILD-364] Validate length of appliance name -------------------------------------------------------------------------------- ChangeLog: * Wed Aug 22 2012 Marek Goldmann <mgoldman@xxxxxxxxxx> - 0.3.13-1 - Upstream release: 0.3.13 - [BGBUILD-364] Validate length of appliance name * Sat Jul 21 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.3.12-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ tor-0.2.2.38-1600.fc16 (FEDORA-2012-12514) Anonymizing overlay network for TCP (The onion router) -------------------------------------------------------------------------------- Update Information: . . -------------------------------------------------------------------------------- ChangeLog: * Sun Aug 19 2012 Enrico Scholz <enrico.scholz@xxxxxxxxxxxxxxxxxxxxxxxxx> - 0.2.2.38-1600 - updated to 0.2.2.38 * Tue Jun 12 2012 Enrico Scholz <enrico.scholz@xxxxxxxxxxxxxxxxxxxxxxxxx> - 0.2.2.37-1600 - updated to 0.2.2.37 * Sat May 26 2012 Enrico Scholz <enrico.scholz@xxxxxxxxxxxxxxxxxxxxxxxxx> - 0.2.2.36-1600 - updated to 0.2.2.36 -------------------------------------------------------------------------------- References: [ 1 ] Bug #849949 - CVE-2012-3517 tor: Read from freed memory and double free by processing failed DNS request https://bugzilla.redhat.com/show_bug.cgi?id=849949 -------------------------------------------------------------------------------- ================================================================================ vrq-1.0.96-1.fc16 (FEDORA-2012-12503) Verilog tool framework with plugins for manipulating source code -------------------------------------------------------------------------------- Update Information: Updated to 1.0.96 -------------------------------------------------------------------------------- ChangeLog: * Wed Aug 22 2012 Shakthi Kannan <shakthimaan [AT] fedoraproject dot org> - 1.0.96-1 - Updated to 1.0.96 * Sun Jul 22 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0.88-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sat Jan 14 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0.88-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ xscreensaver-5.19-2.fc16 (FEDORA-2012-12493) X screen saver and locker -------------------------------------------------------------------------------- Update Information: A bug is reported that lament hack causes segv with -wireframe option. This new rpm will fix this issue. -------------------------------------------------------------------------------- ChangeLog: * Wed Aug 22 2012 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxx> - 1:5.19-2 - Fix segv on lament with -wireframe option (bug 849961) - Fix improper and operator on flurry detected by llvm-clang -------------------------------------------------------------------------------- References: [ 1 ] Bug #849961 - [abrt] xscreensaver-gl-extras-5.19-1.fc17: scale_for_window: Process /usr/libexec/xscreensaver/lament was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=849961 -------------------------------------------------------------------------------- ================================================================================ zabbix-1.8.15-1.fc16 (FEDORA-2012-12488) Open-source monitoring solution for your IT infrastructure -------------------------------------------------------------------------------- Update Information: Release notes: http://www.zabbix.com/rn1.8.15.php Amongst others: - Solves SQL injection vulnerability CVE-2012-3435 - Removes useless backup files from the frontend -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 20 2012 Volker Fröhlich <volker27@xxxxxx> - 1.8.15-1 - update to 1.8.15 - Rework patches to not leave backup files in the frontend -------------------------------------------------------------------------------- References: [ 1 ] Bug #843927 - zabbix: SQL injection vulnerability via the "itemid" parameter https://bugzilla.redhat.com/show_bug.cgi?id=843927 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
