The following Fedora 18 Security updates need testing: Age URL 1 https://admin.fedoraproject.org/updates/FEDORA-2012-12919/seamonkey-2.12-1.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2012-12736/tor-0.2.2.38-1801.fc18 6 https://admin.fedoraproject.org/updates/FEDORA-2012-12293/gimp-2.8.2-1.fc18 2 https://admin.fedoraproject.org/updates/FEDORA-2012-12834/xulrunner-15.0-2.fc18,firefox-15.0-1.fc18,thunderbird-lightning-1.7-2.fc18,thunderbird-15.0-1.fc18 The following builds have been pushed to Fedora 18 updates-testing 389-ds-base-1.2.11.12-1.fc18 SuperLU-4.3-3.fc18 eclipse-ecf-3.5.6-3.fc18 faust-0.9.46-1.fc18 ipython-0.13-5.fc18 jacorb-2.3.1-3.20120215git.fc18 jboss-jts-4.16.2-8.fc18 jboss-rmi-1.0-api-1.0.4-5.fc18 libguestfs-1.19.35-1.fc18 mozc-1.6.1187.102-1.fc18 perl-DBD-MySQL-4.022-1.fc18 perl-Font-TTF-1.02-1.fc18 pptp-1.7.2-17.fc18 pungi-2.12-1.fc18 python-vcstools-0.1.21-1.20120828hg0fba0588.fc18 telepathy-glib-0.19.8-1.fc18 vfrnav-20120831-1.fc18 Details about builds: ================================================================================ 389-ds-base-1.2.11.12-1.fc18 (FEDORA-2012-13057) 389 Directory Server (base) -------------------------------------------------------------------------------- Update Information: support posix winsync - fix server to server ssl client auth - many valgrind and coverity fixes Here is where you give an explanation of your update. -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 30 2012 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.11.12-1 - 8e5087a Coverity defects - 13089: Dereference after null check ldbm_back_delete - Trac Ticket #437 - variable dn should not be used in ldbm_back_delete - ba1f5b2 fix coverity resource leak in windows_plugin_add - e3e81db Simplify program flow: change while loops to for - a0d5dc0 Fix logic errors: del_mod should be latched (might not be last mod), and avoid skipping add-mods (int value 0) - 0808f7e Simplify program flow: make adduids/moduids/deluids action blocks all similar - 77eb760 Simplify program flow: eliminate unnecessary continue - c9e9db7 Memory leaks: unmatched slapi_attr_get_valueset and slapi_value_new - a4ca0cc Change "return"s in modGroupMembership to "break"s to avoid leaking - d49035c Factorize into new isPosixGroup function - 3b61c03 coverity - posix winsync mem leaks, null check, deadcode, null ref, use after free - 33ce2a9 fix mem leaks with parent dn log message, setting winsync windows domain - Ticket #440 - periodic dirsync timed event causes server to loop repeatedly - Ticket #355 - winsync should not delete entry that appears to be out of scope - Ticket 436 - nsds5ReplicaEnabled can be set with any invalid values. - 487932d coverity - mbo dead code - winsync leaks, deadcode, null check, test code - 2734a71 CLEANALLRUV coverity fixes - Ticket #426 - support posix schema for user and group sync - Ticket #430 - server to server ssl client auth broken with latest openldap * Mon Aug 20 2012 Mark Reynolds <mareynol@xxxxxxxxxx> - 1.2.11.11-1 6c0778f bumped version to 1.2.11.11 Ticket 429 - added nsslapd-readonly to DS schema Ticket 403 - fix CLEANALLRUV regression from last commit Trac Ticket #346 - Slow ldapmodify operation time for large quantities of multi-valued attribute values * Wed Aug 15 2012 Mark Reynolds <mareynol@xxxxxxxxxx> - 1.2.11.10-1 db6b354 bumped version to 1.2.11.10 Ticket 403 - CLEANALLRUV revisions -------------------------------------------------------------------------------- ================================================================================ SuperLU-4.3-3.fc18 (FEDORA-2012-13054) Subroutines to solve sparse linear systems -------------------------------------------------------------------------------- Update Information: First release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #784175 - Review Request: SuperLU - Subroutines to solve sparse linear systems https://bugzilla.redhat.com/show_bug.cgi?id=784175 -------------------------------------------------------------------------------- ================================================================================ eclipse-ecf-3.5.6-3.fc18 (FEDORA-2012-13070) Eclipse Communication Framework -------------------------------------------------------------------------------- Update Information: This is required by a new cbi eclipse build. -------------------------------------------------------------------------------- ================================================================================ faust-0.9.46-1.fc18 (FEDORA-2012-13067) Compiled language for real-time audio signal processing -------------------------------------------------------------------------------- Update Information: New upstream. -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 31 2012 Jon Ciesla <limburgher@xxxxxxxxx> - 0.9.46-1 - New upstream. -------------------------------------------------------------------------------- ================================================================================ ipython-0.13-5.fc18 (FEDORA-2012-13068) An enhanced interactive Python shell -------------------------------------------------------------------------------- Update Information: Add empty python-ipython package, or there won't be a meta package to drag in the other packages -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 30 2012 Thomas Spura <tomspur@xxxxxxxxxxxxxxxxx> - 0.13-5 - add empty python-ipython files section - obsolete ipython -------------------------------------------------------------------------------- ================================================================================ jacorb-2.3.1-3.20120215git.fc18 (FEDORA-2012-13065) The Java implementation of the OMG's CORBA standard -------------------------------------------------------------------------------- Update Information: Initial packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #852851 - Review Request: jacorb - The Java implementation of the OMG's CORBA standard https://bugzilla.redhat.com/show_bug.cgi?id=852851 -------------------------------------------------------------------------------- ================================================================================ jboss-jts-4.16.2-8.fc18 (FEDORA-2012-13059) Distributed Transaction Manager -------------------------------------------------------------------------------- Update Information: Added jbossjts to the build -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 30 2012 Marek Goldmann <mgoldman@xxxxxxxxxx> - 4.16.2-8 - Added jbossjts to the build -------------------------------------------------------------------------------- ================================================================================ jboss-rmi-1.0-api-1.0.4-5.fc18 (FEDORA-2012-13060) Java Remote Method Invocation 1.0 API -------------------------------------------------------------------------------- Update Information: - Added implementation to the build - Added maven-dependency-plugin BR -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 31 2012 Marek Goldmann <mgoldman@xxxxxxxxxx> - 1.0.4-5 - Added maven-dependency-plugin BR * Fri Aug 31 2012 Marek Goldmann <mgoldman@xxxxxxxxxx> - 1.0.4-4 - Added implementation to the build -------------------------------------------------------------------------------- ================================================================================ libguestfs-1.19.35-1.fc18 (FEDORA-2012-13058) Access and modify virtual machine disk images -------------------------------------------------------------------------------- Update Information: New upstream development version 1.19.35. -------------------------------------------------------------------------------- ChangeLog: * Wed Aug 29 2012 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.19.35-1 - New upstream version 1.19.35. * Wed Aug 29 2012 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.19.34-2 - Add upstream patch to fix Perl bindtests on 32 bit. * Tue Aug 28 2012 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.19.34-1 - New upstream version 1.19.34. * Tue Aug 28 2012 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.19.33-1 - New upstream version 1.19.33. * Mon Aug 27 2012 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.19.33-3 - Fix Perl examples directory so we only include the examples. - Add Java examples to java-devel RPM. * Tue Aug 21 2012 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.19.33-2 - New upstream version 1.19.33. - Reenable tests. * Sat Aug 18 2012 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.19.32-1 - New upstream version 1.19.32. * Wed Aug 15 2012 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.19.31-1 - New upstream version 1.19.31. -------------------------------------------------------------------------------- ================================================================================ mozc-1.6.1187.102-1.fc18 (FEDORA-2012-13064) Open-sourced Google Japanese Input -------------------------------------------------------------------------------- Update Information: New upstream release -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 31 2012 Akira TAGOH <tagoh@xxxxxxxxxx> - 1.6.1187.102-1 - New upstream release. (#853362) - no SCIM support anymore. - Update zipcode dictionaries. -------------------------------------------------------------------------------- References: [ 1 ] Bug #853362 - mozc-1.6.1187.102 is available https://bugzilla.redhat.com/show_bug.cgi?id=853362 -------------------------------------------------------------------------------- ================================================================================ perl-DBD-MySQL-4.022-1.fc18 (FEDORA-2012-13055) A MySQL interface for perl -------------------------------------------------------------------------------- Update Information: A new version of DBD::mysql with numerous bugfixes is now available for Fedora 18. -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 30 2012 Petr Šabata <contyk@xxxxxxxxxx> - 4.022-1 - 4.022 bump -------------------------------------------------------------------------------- References: [ 1 ] Bug #852991 - perl-DBD-MySQL-4.022 is available https://bugzilla.redhat.com/show_bug.cgi?id=852991 -------------------------------------------------------------------------------- ================================================================================ perl-Font-TTF-1.02-1.fc18 (FEDORA-2012-13061) Perl library for modifying TTF font files -------------------------------------------------------------------------------- Update Information: Fix a typo in Useall to get case right. A new version of Font::TTF with many new features is now available for Fedora 18. -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 31 2012 Petr Šabata <contyk@xxxxxxxxxx> - 1.02-1 - 1.02 bump (a lettercase fix) * Thu Aug 30 2012 Petr Šabata <contyk@xxxxxxxxxx> - 1.01-1 - 1.01 bump (Makefile/META changes only) * Wed Aug 29 2012 Petr Šabata <contyk@xxxxxxxxxx> - 1.00-1 - 1.00 bump - Modernize the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #853365 - perl-Font-TTF-1.02 is available https://bugzilla.redhat.com/show_bug.cgi?id=853365 [ 2 ] Bug #852653 - perl-Font-TTF-1.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=852653 -------------------------------------------------------------------------------- ================================================================================ pptp-1.7.2-17.fc18 (FEDORA-2012-13056) Point-to-Point Tunneling Protocol (PPTP) Client -------------------------------------------------------------------------------- Update Information: This update adds further comments in options.pptp about MPPE being unavailable in FIPS mode and MS-CHAPv2 usage with PPTP being considered insecure in the light of the recent chapcrack exploit. -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 31 2012 Paul Howarth <paul@xxxxxxxxxxxx> 1.7.2-17 - Add note in options.pptp about MPPE not being available in FIPS mode (#845112) - Add note in options.pptp about PPTP with MSCHAP-V2 being insecure -------------------------------------------------------------------------------- References: [ 1 ] Bug #845112 - pptp fails mppe in FIPS mode, request to document this https://bugzilla.redhat.com/show_bug.cgi?id=845112 -------------------------------------------------------------------------------- ================================================================================ pungi-2.12-1.fc18 (FEDORA-2012-13063) Distribution compose tool -------------------------------------------------------------------------------- Update Information: start arm support fix up ppc support -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 31 2012 Dennis Gilmore <dennis@xxxxxxxx> - 2.12-1 - ppc64p7 support - update locations for ppc files for image composition bz#849731 - add 32 bit arm arches -------------------------------------------------------------------------------- References: [ 1 ] Bug #849731 - pungi needs new magic file location for powerpc ISOs https://bugzilla.redhat.com/show_bug.cgi?id=849731 -------------------------------------------------------------------------------- ================================================================================ python-vcstools-0.1.21-1.20120828hg0fba0588.fc18 (FEDORA-2012-13066) Version Control System tools for Python -------------------------------------------------------------------------------- Update Information: Update to release 0.1.21 -------------------------------------------------------------------------------- ChangeLog: * Tue Aug 28 2012 Rich Mattes <richmattes@xxxxxxxxx> - 0.1.21-1.20120828hg0fba0588 - Update to release 0.1.21 -------------------------------------------------------------------------------- ================================================================================ telepathy-glib-0.19.8-1.fc18 (FEDORA-2012-13062) GLib bindings for Telepathy -------------------------------------------------------------------------------- Update Information: Latest bugfix release. -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 31 2012 Brian Pepple <bpepple@xxxxxxxxxxxxxxxxx> - 0.19.8-1 - Update to 0.19.8. * Tue Aug 28 2012 Brian Pepple <bpepple@xxxxxxxxxxxxxxxxx> - 0.19.7-1 - Update to 0.19.7. -------------------------------------------------------------------------------- ================================================================================ vfrnav-20120831-1.fc18 (FEDORA-2012-13069) VFR/IFR Navigation -------------------------------------------------------------------------------- Update Information: update to 20120831 fix build without pilot-link -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 31 2012 Thomas Sailer <t.sailer@xxxxxxxxxxxxxx> - 20120831-1 - update to 20120831 * Thu Aug 23 2012 Dan Horák <dan[at]danny.cz> - 20120815-2 - add explicit BR: readline-devel so we don't depend on pilot-link-devel to bring it in * Wed Aug 15 2012 Thomas Sailer <t.sailer@xxxxxxxxxxxxxx> - 20120815-1 - update to 20120815; rebuild for dependencies -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
