The following Fedora 16 Security updates need testing: Age URL 11 https://admin.fedoraproject.org/updates/FEDORA-2012-12367/keepalived-1.2.3-2.fc16 2 https://admin.fedoraproject.org/updates/FEDORA-2012-12979/seamonkey-2.12-1.fc16 11 https://admin.fedoraproject.org/updates/FEDORA-2012-12366/GraphicsMagick-1.3.16-5.fc16 58 https://admin.fedoraproject.org/updates/FEDORA-2012-10314/revelation-0.4.14-1.fc16 2 https://admin.fedoraproject.org/updates/FEDORA-2012-12984/pcp-3.6.6-1.fc16 55 https://admin.fedoraproject.org/updates/FEDORA-2012-10402/bcfg2-1.2.3-1.fc16 10 https://admin.fedoraproject.org/updates/FEDORA-2012-12514/tor-0.2.2.38-1600.fc16 27 https://admin.fedoraproject.org/updates/FEDORA-2012-11526/dokuwiki-0-0.11.20120125.b.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-13127/java-1.6.0-openjdk-1.6.0.0-68.1.11.4.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-13138/java-1.7.0-openjdk-1.7.0.6-2.3.1.fc16.2 0 https://admin.fedoraproject.org/updates/FEDORA-2012-13143/munin-2.0.6-1.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-12892/xulrunner-15.0-2.fc16,firefox-15.0-1.fc16,thunderbird-lightning-1.7-2.fc16,thunderbird-15.0-1.fc16 The following Fedora 16 Critical Path updates have yet to be approved: Age URL 0 https://admin.fedoraproject.org/updates/FEDORA-2012-13126/sane-backends-1.0.23-1.fc16 5 https://admin.fedoraproject.org/updates/FEDORA-2012-12205/kdepim-4.8.5-4.fc16 The following builds have been pushed to Fedora 16 updates-testing fping-3.3-2.fc16 java-1.6.0-openjdk-1.6.0.0-68.1.11.4.fc16 java-1.7.0-openjdk-1.7.0.6-2.3.1.fc16.2 munin-2.0.6-1.fc16 python-rhsm-1.0.7-1.fc16 sane-backends-1.0.23-1.fc16 wine-1.5.12-2.fc16 Details about builds: ================================================================================ fping-3.3-2.fc16 (FEDORA-2012-13123) Scriptable, parallelized ping-like utility -------------------------------------------------------------------------------- Update Information: Package changes: * Add missing manual page for fping6 Interesting upstream changes: * Version 3.3 * Do not output icmp errors with -q (#1) * Fix removing of unreachable hosts when doing loop (Thomas Liske, #13 #23) * Fix -A for fping6 (reported by Matt LaPlante, #14) * Fix "options inet6" breaking IPv4 name resolution (reported by Matt LaPlante, #17) * Output statistics to stdout instead of stderr (suggested by Simon Leinen, #9) * Set default data size to 56 bytes on all architectures (#18) * Fix error message on DNS error for IPv6 hosts (#27) * Fix -n flag in fping6 (#28) * Man-page fix: TOS option typo (Thomas Liske, #23) * Man-page fix: inconsistency in regards to numeric arguments (Robert Henney) * Man-page fix: better description of option -q (#15) * Version 3.2 * Improve documentation for -g option (G.W. Haywood) * Performance optimization for big select timeouts (#10, Andrey Bondarenko) * Fix restart of select call after interrupt signal (#8, Boian Bonev) * Fix infinite loop caused by linked list corruption (#11, Boian Bonev) * Version 3.1 * -g option (generate): exclude network and broadcast address for cidr ranges (idea by Eric Brander) * Man-page fixes (Axel Beckert) * Added -H option to specify number of hops (Paul Duda) * Output usage information to stdout when called with -h (Paul Duda) -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 30 2012 Charles R. Anderson <cra@xxxxxxx> - 3.3-2 - use configure options to build ipv4 and ipv6 versions simultaneously so we can use the standard make install to get the fping6 man page, etc. - build for el6 w/cap_net_raw (el5 still needs traditional setuid) - use preferred Buildroot tag for el5 - make conditional build with/without ENABLE_F_OPTION actually work * Thu Aug 30 2012 Charles R. Anderson <cra@xxxxxxx> - 3.3-1 - update to 3.3 * Thu Jul 26 2012 Charles R. Anderson <cra@xxxxxxx> - 3.2-1 - update to 3.2 - no longer need capnetraw patch * Thu Jul 19 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ java-1.6.0-openjdk-1.6.0.0-68.1.11.4.fc16 (FEDORA-2012-13127) OpenJDK Runtime Environment -------------------------------------------------------------------------------- Update Information: This is update to latest IcedTea6 1.11.4 Except several minor enhancement there is fix for possible through by SecurityManager unguarded Beans. Although this is not so serious as for OpenJDK7, it is considered as security. -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 31 2012 Jiri Vanek <jvanek@xxxxxxxxxx> - 1:1.6.0.0-68.1.11.4 - Updated to IcedTea6 1.11.4 -------------------------------------------------------------------------------- ================================================================================ java-1.7.0-openjdk-1.7.0.6-2.3.1.fc16.2 (FEDORA-2012-13138) OpenJDK Runtime Environment -------------------------------------------------------------------------------- Update Information: This update is fixing recent important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE. It was discovered that the Beans component in OpenJDK did not perform permission checks properly. An untrusted Java application or applet could use this flaw to use classes from restricted packages, allowing it to bypass Java sandbox restrictions. (CVE-2012-4681) Updated to latest IcedTea7 2.3 based on latest build of OpenJDK u6. -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 30 2012 jiri Vanek <jvanek@xxxxxxxxxx> - 1.7.0.6-2.3.1.fc16.2 - Updated to IcedTea-Forest 2.3.1 - Resolves rhbz#RH852051, CVE-2012-4681: Reintroduce PackageAccessible checks removed in 6788531. - Commented out Patch500, java-1.7.0-openjdk-removing_jvisualvm_man.patch as as already included in this Iced-Tea. - Will be nice to verify after next upstream sync if it is still upstreamed * Wed Aug 22 2012 Jiri Vanek <jvanek@xxxxxxxxxx> - 1.7.0.6-2.3.fc16.3 - ALT_STRIP_POLICY replaced by STRIP_POLICY * Fri Aug 17 2012 jiri Vanek <jvanek@xxxxxxxxxx> - 1.7.0.6-2.3.fc16.1 - Updated to latest IcedTea7-forest-2.3 - Current build is u6 - Added Patch500, java-1.7.0-openjdk-removing_jvisualvm_man.patch to remove jvisualvm manpages from processing -------------------------------------------------------------------------------- ================================================================================ munin-2.0.6-1.fc16 (FEDORA-2012-13143) Network-wide graphing framework (grapher/gatherer) -------------------------------------------------------------------------------- Update Information: Update to 2.0.6, and bug fixes Added init files for asyncd Updated to 2.0.5 Update to munin 2 -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 31 2012 D. Johnson <fenris02@xxxxxxxxxxxxxxxxx> - 2.0.6-1 - BZ# 851375 Replace @@GOODSH@@ in epel init scripts - BZ# 849831,849834 CVE-2012-3512 munin: insecure state file handling, munin->root privilege [fedora-all] * Mon Aug 20 2012 D. Johnson <fenris02@xxxxxxxxxxxxxxxxx> - 2.0.5-3 - rebuilt for epel * Tue Aug 14 2012 D. Johnson <fenris02@xxxxxxxxxxxxxxxxx> - 2.0.5-2 - Added munin-asyncd init files * Tue Aug 14 2012 D. Johnson <fenris02@xxxxxxxxxxxxxxxxx> - 2.0.5-1 - Updated to 2.0.5 - BZ# 603344 / upstream 1180, ACPI thermal information changed with 3.x kernels * Tue Aug 7 2012 D. Johnson <fenris02@xxxxxxxxxxxxxxxxx> - 2.0.4-3 - BZ# 823533 "hddtemp_smartctl plugin has a bug" - upstream patched - BZ# 825820 Munin memcache plugin requires "perl(Cache::Memcached)" - BZ# 834055 Munin updates changing permissions, conflicts with what munin-check does - BZ# 812893,812894,839786,840496 - updated to munin2 * Sun Aug 5 2012 D. Johnson <fenris02@xxxxxxxxxxxxxxxxx> - 2.0.4-2 - Changing permissions on html directories to minimize cron messages. * Sat Aug 4 2012 D. Johnson <fenris02@xxxxxxxxxxxxxxxxx> - 2.0.4-1 - updated to 2.0.4 - backported el6 packaging items * Tue Jul 24 2012 fenris02@xxxxxxxxxxxxxxxxx - 2.0.3-1 - Adjust default conf.d entry. - updated to 2.0.3 * Fri Jul 20 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.0.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Thu Jul 19 2012 D. Johnson <fenris02@xxxxxxxxxxxxxxxxx> - 2.0.2-2 - fixed conflicts * Sat Jul 14 2012 D. Johnson <fenris02@xxxxxxxxxxxxxxxxx> - 2.0.2-1 - updated to 2.0.2 * Thu Jun 7 2012 D. Johnson <fenris02@xxxxxxxxxxxxxxxxx> - 2.0.0-1 - initial 2.0 release -------------------------------------------------------------------------------- References: [ 1 ] Bug #851375 - -bash: /etc/init.d/munin-asyncd: @@GOODSH@@: bad interpreter: No such file or directory https://bugzilla.redhat.com/show_bug.cgi?id=851375 [ 2 ] Bug #849831 - CVE-2012-3512 munin: insecure state file handling, munin->root privilege [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=849831 [ 3 ] Bug #849834 - CVE-2012-3512 munin: insecure state file handling, munin->root privilege [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=849834 [ 4 ] Bug #603344 - On install, Fedora selected all Linux swap partitions and entered them for mounting in fstab https://bugzilla.redhat.com/show_bug.cgi?id=603344 [ 5 ] Bug #823533 - hddtemp_smartctl plugin has a bug https://bugzilla.redhat.com/show_bug.cgi?id=823533 [ 6 ] Bug #825820 - Libvirt is missing important hooks https://bugzilla.redhat.com/show_bug.cgi?id=825820 [ 7 ] Bug #834055 - Munin updates changing permissions, conflicts with what munin-check does https://bugzilla.redhat.com/show_bug.cgi?id=834055 [ 8 ] Bug #812893 - munin various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=812893 [ 9 ] Bug #812894 - munin various flaws [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=812894 [ 10 ] Bug #839786 - RFE: Update munin to 2.0.x release https://bugzilla.redhat.com/show_bug.cgi?id=839786 [ 11 ] Bug #840496 - Update to upstream 2.0.2 https://bugzilla.redhat.com/show_bug.cgi?id=840496 -------------------------------------------------------------------------------- ================================================================================ python-rhsm-1.0.7-1.fc16 (FEDORA-2012-13128) A Python library to communicate with a Red Hat Unified Entitlement Platform -------------------------------------------------------------------------------- Update Information: Support arbitrary bit length serial numbers, fix attempts to use certificate file when it doesn't exist. -------------------------------------------------------------------------------- ChangeLog: * Wed Aug 29 2012 Alex Wood <awood@xxxxxxxxxx> 1.0.7-1 - 851644: Only use the cert file if it exists (bkearney@xxxxxxxxxx) * Tue Aug 28 2012 Alex Wood <awood@xxxxxxxxxx> 1.0.6-1 - 848742: support arbitrary bit length serial numbers (jbowes@xxxxxxxxxx) - Stop doing F15 Fedora builds, add EL5 public builds. (dgoodwin@xxxxxxxxxx) -------------------------------------------------------------------------------- ================================================================================ sane-backends-1.0.23-1.fc16 (FEDORA-2012-13126) Scanner access software -------------------------------------------------------------------------------- Update Information: New upstream version: Changes since 1.0.22 ==================== * New backends: kvs40xx (Panasonic KV-S40xx), kodakaio (Kodak AiO ESP and Hero) * Significant enhancements to several backends * 30 new scanner models supported * V4L support improvements * Improvements for builds on multiple platforms * Improved udev rules * Updated software deskew algorithm * Documentation updates * Bugfixes -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 31 2012 Nils Philippsen <nils@xxxxxxxxxx> - 1.0.23-1 - version 1.0.23 - update udev patch, remove obsolete patches - use %_hardened_build macro from F-16 on instead of tweaking flags manually - don't use the same SONAME for backend libs and main lib * Sat Jul 21 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0.22-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Wed Jul 11 2012 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.0.22-12 - rebuild (gphoto2) * Wed Jun 6 2012 Nils Philippsen <nils@xxxxxxxxxx> - 1.0.22-11 - multilib: enable -devel quirk regardless of version until a fixed mash gets into production (#829268) -------------------------------------------------------------------------------- References: [ 1 ] Bug #740990 - sane-backends-drivers- is providing libsane.so.1, this seems wrong https://bugzilla.redhat.com/show_bug.cgi?id=740990 -------------------------------------------------------------------------------- ================================================================================ wine-1.5.12-2.fc16 (FEDORA-2012-13139) A compatibility layer for windows applications -------------------------------------------------------------------------------- Update Information: 1.5.12 * Support for disabling individual joysticks. * Better support for D3DX9 constant tables. * Some XRandR improvements. * Various bug fixes. 1.5.11 * Multi-channel support in the ALSA driver. * Removal of the big X11 lock. * Support for pair positioning adjustments in Uniscribe. * More I/O stream implementations in the C++ runtime. * Various bug fixes. 1.5.10 * New version of the Gecko engine based on Firefox 14. * Support for OpenGL in the DIB engine using libOSMesa. * Off-screen rendering is now the default in Direct3D. * Some more WMI infrastructure. * Various bug fixes. * Support for GPOS font tables in Uniscribe. * Support for XRandr 1.2 and 1.3. * Parser improvements for the HLSL compiler. * Relay tracing on ARM. * Various bug fixes. -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 31 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 1.5.12-1 - version upgrade * Thu Aug 30 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 1.5.11-2 - rebuild on rawhide for fixed libOSMesa * Sat Aug 18 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 1.5.11-1 - version upgrade - use changed libOSMesa check from gentoo (>f18 still fails see rhbz#849405) * Tue Jul 31 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 1.5.10-1 - version upgrade - wine gecko 1.7 * Sat Jul 21 2012 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - 1.5.9-2 - isdn4linux now builds on ARM * Wed Jul 18 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 1.5.9-1 - version upgrade - clean up cjk patch to comply with default fonts where possible - update fedora readme to point out required font packages per cjk locale * Thu Jul 12 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 1.5.8-2 - bump for libgphoto2 2.5.0 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
