Fedora 16 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 16 Security updates need testing:
 Age  URL
  11  https://admin.fedoraproject.org/updates/FEDORA-2012-12367/keepalived-1.2.3-2.fc16
   2  https://admin.fedoraproject.org/updates/FEDORA-2012-12979/seamonkey-2.12-1.fc16
  11  https://admin.fedoraproject.org/updates/FEDORA-2012-12366/GraphicsMagick-1.3.16-5.fc16
  58  https://admin.fedoraproject.org/updates/FEDORA-2012-10314/revelation-0.4.14-1.fc16
   2  https://admin.fedoraproject.org/updates/FEDORA-2012-12984/pcp-3.6.6-1.fc16
  55  https://admin.fedoraproject.org/updates/FEDORA-2012-10402/bcfg2-1.2.3-1.fc16
  10  https://admin.fedoraproject.org/updates/FEDORA-2012-12514/tor-0.2.2.38-1600.fc16
  27  https://admin.fedoraproject.org/updates/FEDORA-2012-11526/dokuwiki-0-0.11.20120125.b.fc16
   0  https://admin.fedoraproject.org/updates/FEDORA-2012-13127/java-1.6.0-openjdk-1.6.0.0-68.1.11.4.fc16
   0  https://admin.fedoraproject.org/updates/FEDORA-2012-13138/java-1.7.0-openjdk-1.7.0.6-2.3.1.fc16.2
   0  https://admin.fedoraproject.org/updates/FEDORA-2012-13143/munin-2.0.6-1.fc16
   4  https://admin.fedoraproject.org/updates/FEDORA-2012-12892/xulrunner-15.0-2.fc16,firefox-15.0-1.fc16,thunderbird-lightning-1.7-2.fc16,thunderbird-15.0-1.fc16


The following Fedora 16 Critical Path updates have yet to be approved:
 Age URL
   0  https://admin.fedoraproject.org/updates/FEDORA-2012-13126/sane-backends-1.0.23-1.fc16
   5  https://admin.fedoraproject.org/updates/FEDORA-2012-12205/kdepim-4.8.5-4.fc16
The following builds have been pushed to Fedora 16 updates-testing

    fping-3.3-2.fc16
    java-1.6.0-openjdk-1.6.0.0-68.1.11.4.fc16
    java-1.7.0-openjdk-1.7.0.6-2.3.1.fc16.2
    munin-2.0.6-1.fc16
    python-rhsm-1.0.7-1.fc16
    sane-backends-1.0.23-1.fc16
    wine-1.5.12-2.fc16

Details about builds:


================================================================================
 fping-3.3-2.fc16 (FEDORA-2012-13123)
 Scriptable, parallelized ping-like utility
--------------------------------------------------------------------------------
Update Information:

Package changes:

  * Add missing manual page for fping6

Interesting upstream changes:

  * Version 3.3
  * Do not output icmp errors with -q (#1)
  * Fix removing of unreachable hosts when doing loop (Thomas Liske, #13 #23)
  * Fix -A for fping6 (reported by Matt LaPlante, #14)
  * Fix "options inet6" breaking IPv4 name resolution (reported by Matt LaPlante, #17)
  * Output statistics to stdout instead of stderr (suggested by Simon Leinen, #9)
  * Set default data size to 56 bytes on all architectures (#18)
  * Fix error message on DNS error for IPv6 hosts (#27)
  * Fix -n flag in fping6 (#28)
  * Man-page fix: TOS option typo (Thomas Liske, #23)
  * Man-page fix: inconsistency in regards to numeric arguments (Robert Henney)
  * Man-page fix: better description of option -q (#15)

  * Version 3.2
  * Improve documentation for -g option (G.W. Haywood)
  * Performance optimization for big select timeouts (#10, Andrey Bondarenko)
  * Fix restart of select call after interrupt signal (#8, Boian Bonev)
  * Fix infinite loop caused by linked list corruption (#11, Boian Bonev)

  * Version 3.1
  * -g option (generate): exclude network and broadcast address for cidr ranges (idea by Eric Brander)
  * Man-page fixes (Axel Beckert)
  * Added -H option to specify number of hops (Paul Duda)
  * Output usage information to stdout when called with -h (Paul Duda)

--------------------------------------------------------------------------------
ChangeLog:

* Thu Aug 30 2012 Charles R. Anderson <cra@xxxxxxx> - 3.3-2
- use configure options to build ipv4 and ipv6 versions simultaneously
  so we can use the standard make install to get the fping6 man page,
  etc.
- build for el6 w/cap_net_raw (el5 still needs traditional setuid)
- use preferred Buildroot tag for el5
- make conditional build with/without ENABLE_F_OPTION actually work
* Thu Aug 30 2012 Charles R. Anderson <cra@xxxxxxx> - 3.3-1
- update to 3.3
* Thu Jul 26 2012 Charles R. Anderson <cra@xxxxxxx> - 3.2-1
- update to 3.2
- no longer need capnetraw patch
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 java-1.6.0-openjdk-1.6.0.0-68.1.11.4.fc16 (FEDORA-2012-13127)
 OpenJDK Runtime Environment
--------------------------------------------------------------------------------
Update Information:

This is update to latest IcedTea6 1.11.4
Except several minor enhancement there is fix for possible through by SecurityManager unguarded Beans. Although this is not so serious as for OpenJDK7, it is considered as security.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug 31 2012 Jiri Vanek <jvanek@xxxxxxxxxx> - 1:1.6.0.0-68.1.11.4
- Updated to IcedTea6 1.11.4
--------------------------------------------------------------------------------


================================================================================
 java-1.7.0-openjdk-1.7.0.6-2.3.1.fc16.2 (FEDORA-2012-13138)
 OpenJDK Runtime Environment
--------------------------------------------------------------------------------
Update Information:

This update is fixing recent important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE.

It was discovered that the Beans component in OpenJDK did not perform permission checks properly. An untrusted Java application or applet could use this flaw to use classes from restricted packages, allowing it to bypass Java sandbox restrictions. (CVE-2012-4681)
Updated to latest IcedTea7 2.3 based on latest build of OpenJDK u6.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Aug 30 2012 jiri Vanek <jvanek@xxxxxxxxxx> - 1.7.0.6-2.3.1.fc16.2
- Updated to IcedTea-Forest 2.3.1
- Resolves rhbz#RH852051, CVE-2012-4681: Reintroduce PackageAccessible checks 
  removed in 6788531.
- Commented out Patch500, java-1.7.0-openjdk-removing_jvisualvm_man.patch as
  as already included in this Iced-Tea.
- Will be nice to verify after next upstream sync if it is still upstreamed
* Wed Aug 22 2012 Jiri Vanek <jvanek@xxxxxxxxxx> - 1.7.0.6-2.3.fc16.3
- ALT_STRIP_POLICY replaced by STRIP_POLICY
* Fri Aug 17 2012 jiri Vanek <jvanek@xxxxxxxxxx> - 1.7.0.6-2.3.fc16.1
- Updated to latest IcedTea7-forest-2.3
- Current build is u6
- Added Patch500, java-1.7.0-openjdk-removing_jvisualvm_man.patch to remove 
  jvisualvm manpages from processing
--------------------------------------------------------------------------------


================================================================================
 munin-2.0.6-1.fc16 (FEDORA-2012-13143)
 Network-wide graphing framework (grapher/gatherer)
--------------------------------------------------------------------------------
Update Information:

Update to 2.0.6, and bug fixes
Added init files for asyncd
Updated to 2.0.5
Update to munin 2
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug 31 2012 D. Johnson <fenris02@xxxxxxxxxxxxxxxxx> - 2.0.6-1
- BZ# 851375 Replace @@GOODSH@@ in epel init scripts
- BZ# 849831,849834 CVE-2012-3512 munin: insecure state file handling, munin->root privilege [fedora-all]
* Mon Aug 20 2012 D. Johnson <fenris02@xxxxxxxxxxxxxxxxx> - 2.0.5-3
- rebuilt for epel
* Tue Aug 14 2012 D. Johnson <fenris02@xxxxxxxxxxxxxxxxx> - 2.0.5-2
- Added munin-asyncd init files
* Tue Aug 14 2012 D. Johnson <fenris02@xxxxxxxxxxxxxxxxx> - 2.0.5-1
- Updated to 2.0.5
- BZ# 603344 / upstream 1180, ACPI thermal information changed with 3.x kernels
* Tue Aug  7 2012 D. Johnson <fenris02@xxxxxxxxxxxxxxxxx> - 2.0.4-3
- BZ# 823533 "hddtemp_smartctl plugin has a bug" - upstream patched
- BZ# 825820 Munin memcache plugin requires "perl(Cache::Memcached)"
- BZ# 834055 Munin updates changing permissions, conflicts with what munin-check does
- BZ# 812893,812894,839786,840496 - updated to munin2
* Sun Aug  5 2012 D. Johnson <fenris02@xxxxxxxxxxxxxxxxx> - 2.0.4-2
- Changing permissions on html directories to minimize cron messages.
* Sat Aug  4 2012 D. Johnson <fenris02@xxxxxxxxxxxxxxxxx> - 2.0.4-1
- updated to 2.0.4
- backported el6 packaging items
* Tue Jul 24 2012 fenris02@xxxxxxxxxxxxxxxxx - 2.0.3-1
- Adjust default conf.d entry.
- updated to 2.0.3
* Fri Jul 20 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.0.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Thu Jul 19 2012 D. Johnson <fenris02@xxxxxxxxxxxxxxxxx> - 2.0.2-2
- fixed conflicts
* Sat Jul 14 2012 D. Johnson <fenris02@xxxxxxxxxxxxxxxxx> - 2.0.2-1
- updated to 2.0.2
* Thu Jun  7 2012 D. Johnson <fenris02@xxxxxxxxxxxxxxxxx> - 2.0.0-1
- initial 2.0 release
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #851375 - -bash: /etc/init.d/munin-asyncd: @@GOODSH@@: bad interpreter: No such file or directory
        https://bugzilla.redhat.com/show_bug.cgi?id=851375
  [ 2 ] Bug #849831 - CVE-2012-3512 munin: insecure state file handling, munin->root privilege [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=849831
  [ 3 ] Bug #849834 - CVE-2012-3512 munin: insecure state file handling, munin->root privilege [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=849834
  [ 4 ] Bug #603344 - On install, Fedora selected all Linux swap partitions and entered them for mounting in fstab
        https://bugzilla.redhat.com/show_bug.cgi?id=603344
  [ 5 ] Bug #823533 - hddtemp_smartctl plugin has a bug
        https://bugzilla.redhat.com/show_bug.cgi?id=823533
  [ 6 ] Bug #825820 - Libvirt is missing important hooks
        https://bugzilla.redhat.com/show_bug.cgi?id=825820
  [ 7 ] Bug #834055 - Munin updates changing permissions, conflicts with what munin-check does
        https://bugzilla.redhat.com/show_bug.cgi?id=834055
  [ 8 ] Bug #812893 - munin various flaws [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=812893
  [ 9 ] Bug #812894 - munin various flaws [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=812894
  [ 10 ] Bug #839786 - RFE: Update munin to 2.0.x release
        https://bugzilla.redhat.com/show_bug.cgi?id=839786
  [ 11 ] Bug #840496 - Update to upstream 2.0.2
        https://bugzilla.redhat.com/show_bug.cgi?id=840496
--------------------------------------------------------------------------------


================================================================================
 python-rhsm-1.0.7-1.fc16 (FEDORA-2012-13128)
 A Python library to communicate with a Red Hat Unified Entitlement Platform
--------------------------------------------------------------------------------
Update Information:

Support arbitrary bit length serial numbers, fix attempts to use certificate file when it doesn't exist.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Aug 29 2012 Alex Wood <awood@xxxxxxxxxx> 1.0.7-1
- 851644: Only use the cert file if it exists (bkearney@xxxxxxxxxx)
* Tue Aug 28 2012 Alex Wood <awood@xxxxxxxxxx> 1.0.6-1
- 848742: support arbitrary bit length serial numbers (jbowes@xxxxxxxxxx)
- Stop doing F15 Fedora builds, add EL5 public builds. (dgoodwin@xxxxxxxxxx)
--------------------------------------------------------------------------------


================================================================================
 sane-backends-1.0.23-1.fc16 (FEDORA-2012-13126)
 Scanner access software
--------------------------------------------------------------------------------
Update Information:

New upstream version:

Changes since 1.0.22
====================

* New backends: kvs40xx (Panasonic KV-S40xx), kodakaio (Kodak AiO ESP and Hero)
* Significant enhancements to several backends
* 30 new scanner models supported
* V4L support improvements
* Improvements for builds on multiple platforms
* Improved udev rules
* Updated software deskew algorithm
* Documentation updates
* Bugfixes
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug 31 2012 Nils Philippsen <nils@xxxxxxxxxx> - 1.0.23-1
- version 1.0.23
- update udev patch, remove obsolete patches
- use %_hardened_build macro from F-16 on instead of tweaking flags manually
- don't use the same SONAME for backend libs and main lib
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0.22-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Wed Jul 11 2012 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.0.22-12
- rebuild (gphoto2)
* Wed Jun  6 2012 Nils Philippsen <nils@xxxxxxxxxx> - 1.0.22-11
- multilib: enable -devel quirk regardless of version until a fixed mash gets
  into production (#829268)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #740990 - sane-backends-drivers- is providing libsane.so.1, this seems wrong
        https://bugzilla.redhat.com/show_bug.cgi?id=740990
--------------------------------------------------------------------------------


================================================================================
 wine-1.5.12-2.fc16 (FEDORA-2012-13139)
 A compatibility layer for windows applications
--------------------------------------------------------------------------------
Update Information:


1.5.12

 * Support for disabling individual joysticks.
 * Better support for D3DX9 constant tables.
 * Some XRandR improvements.
 * Various bug fixes.

1.5.11

 * Multi-channel support in the ALSA driver.
 * Removal of the big X11 lock.
 * Support for pair positioning adjustments in Uniscribe.
 * More I/O stream implementations in the C++ runtime.
 * Various bug fixes.

1.5.10

 * New version of the Gecko engine based on Firefox 14.
 * Support for OpenGL in the DIB engine using libOSMesa.
 * Off-screen rendering is now the default in Direct3D.
 * Some more WMI infrastructure.
 * Various bug fixes.
 * Support for GPOS font tables in Uniscribe.
 * Support for XRandr 1.2 and 1.3.
 * Parser improvements for the HLSL compiler.
 * Relay tracing on ARM.
 * Various bug fixes.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug 31 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
- 1.5.12-1
- version upgrade
* Thu Aug 30 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
- 1.5.11-2
- rebuild on rawhide for fixed libOSMesa
* Sat Aug 18 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
- 1.5.11-1
- version upgrade
- use changed libOSMesa check from gentoo (>f18 still fails see rhbz#849405)
* Tue Jul 31 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
- 1.5.10-1
- version upgrade
- wine gecko 1.7
* Sat Jul 21 2012 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - 1.5.9-2
- isdn4linux now builds on ARM
* Wed Jul 18 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
- 1.5.9-1
- version upgrade
- clean up cjk patch to comply with default fonts where possible
- update fedora readme to point out required font packages per cjk locale
* Thu Jul 12 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
- 1.5.8-2
- bump for libgphoto2 2.5.0
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test



[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux