The following Fedora 18 Security updates need testing: Age URL 16 https://admin.fedoraproject.org/updates/FEDORA-2012-14279/phpldapadmin-1.2.2-3.gitbbedf1.fc18 22 https://admin.fedoraproject.org/updates/FEDORA-2012-13871/libxslt-1.1.27-1.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2012-15293/cxf-2.4.9-2.fc18 10 https://admin.fedoraproject.org/updates/FEDORA-2012-14664/openjpeg-1.5.0-5.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2012-15342/freeradius-2.2.0-0.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2012-15376/ruby-1.9.3.194-18.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2012-15439/perl-HTML-Template-Pro-0.9509-1.fc18 The following builds have been pushed to Fedora 18 updates-testing atanks-5.6-1.fc18 batik-1.8-0.5.svn1230816.fc18 cnucnu-0-0.11.20121004git618ed580.fc18 epiphany-3.6.0-2.fc18 geary-0.2.0-1.fc18 gprolog-1.4.1-1.fc18 grfcodec-6.0.1-1.fc18 httpcomponents-core-4.2.2-1.fc18 ikiwiki-3.20120725-1.fc18 inkscape-0.48.2-13.fc18 libtiff-4.0.3-1.fc18 maliit-framework-0.92.5-2.fc18 mate-panel-1.4.0-6.fc18 mate-session-manager-1.4.0-4.fc18 network-manager-applet-0.9.7.0-3.git20121004.fc18 ntfs-3g-2012.1.15-4.fc18 openttd-opengfx-0.4.5-1.fc18 perl-HTML-Template-Pro-0.9509-1.fc18 selinux-policy-3.11.1-32.fc18 sugar-0.97.5-2.fc18 sugar-pippy-50-1.fc18 tmw-music-0.3-5.fc18 usbmuxd-1.0.8-5.fc18 validns-0.6-1.fc18 vim-7.3.682-1.fc18 w_scan-20120605-1.fc18 waf-1.7.5-1.fc18 Details about builds: ================================================================================ atanks-5.6-1.fc18 (FEDORA-2012-15463) Remake of a classic DOS game "Scorched Earth" -------------------------------------------------------------------------------- Update Information: New upstream. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 4 2012 Jonathan Ciesla <limburgher@xxxxxxxxx> - 5.6-1 - Minor upstream bugfix. -------------------------------------------------------------------------------- ================================================================================ batik-1.8-0.5.svn1230816.fc18 (FEDORA-2012-15441) Scalable Vector Graphics for Java -------------------------------------------------------------------------------- Update Information: This update fixes a classpath-related bug that caused batik-rasterizer to fail to run, rending it completely unusable. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 5 2012 Mikolaj Izdebski <mizdebsk@xxxxxxxxxx> - 1.8-0.5.svn1230816 - Fix rasterizer classpath - Resolves: rhbz#577486 * Fri Aug 24 2012 Mikolaj Izdebski <mizdebsk@xxxxxxxxxx> - 1.8-0.4.svn1230816 - Fix license tag - Install LICENSE and NOTICE with javadoc package - Remove RPM bug workaround - Update to current packaging guidelines -------------------------------------------------------------------------------- References: [ 1 ] Bug #577486 - broken batik-rasterizer jar files https://bugzilla.redhat.com/show_bug.cgi?id=577486 -------------------------------------------------------------------------------- ================================================================================ cnucnu-0-0.11.20121004git618ed580.fc18 (FEDORA-2012-15447) Upstream release monitoring with bug reporting -------------------------------------------------------------------------------- Update Information: Update to a new snaphot to avoid too much diversion between the client and server side code. This update changes the command line. *cnucnu shell* needs to be used now instead of *cnucnu --shell* to get the cnucnu shell. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 4 2012 Till Maas <opensource@xxxxxxxxx> - 0-0.11.20121004git618ed580 - Update with new snapshot -------------------------------------------------------------------------------- ================================================================================ epiphany-3.6.0-2.fc18 (FEDORA-2012-15459) Web browser for GNOME -------------------------------------------------------------------------------- Update Information: This update fixes a problem with the versioned directory in which extensions get installed. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 4 2012 Matthias Clasen <mclasen@xxxxxxxxxx> - 1:3.6.0-2 - Fix spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #861770 - Fix major_version in epiphany spec file https://bugzilla.redhat.com/show_bug.cgi?id=861770 -------------------------------------------------------------------------------- ================================================================================ geary-0.2.0-1.fc18 (FEDORA-2012-15462) A lightweight email program designed around conversations -------------------------------------------------------------------------------- Update Information: Update to the final release version. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 4 2012 Thomas Moschny <thomas.moschny@xxxxxx> - 0.2.0-1 - Update to 0.2.0. -------------------------------------------------------------------------------- ================================================================================ gprolog-1.4.1-1.fc18 (FEDORA-2012-15455) GNU Prolog is a free Prolog compiler -------------------------------------------------------------------------------- Update Information: Bugfix release from upstream. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 4 2012 Jochen Schmitt <Jochen herr-schmitt de> - 1.4.1-1 - New upstream release - Clean up SPEC file -------------------------------------------------------------------------------- ================================================================================ grfcodec-6.0.1-1.fc18 (FEDORA-2012-15444) A suite of programs to modify Transport Tycoon Deluxe's GRF files -------------------------------------------------------------------------------- Update Information: Update OpenTTD's OpenGFX stack -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 2 2012 Felix Kaechele <heffer@xxxxxxxxxxxxxxxxx> - 6.0.1-1 - update to 6.0.1 - switch to xz tarball -------------------------------------------------------------------------------- ================================================================================ httpcomponents-core-4.2.2-1.fc18 (FEDORA-2012-15446) Set of low level Java HTTP transport components for HTTP services -------------------------------------------------------------------------------- Update Information: This update fixes a number of bugs and regressions found since 4.2.1, including a major bug in the NIO module causing incorrect handling of outgoing Content-Length delimited messages larger than 2GB. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 5 2012 Mikolaj Izdebski <mizdebsk@xxxxxxxxxx> - 4.2.2-1 - Update to upstream version 4.2.2 -------------------------------------------------------------------------------- ================================================================================ ikiwiki-3.20120725-1.fc18 (FEDORA-2012-15461) A wiki compiler -------------------------------------------------------------------------------- Update Information: Update to the latest stable version, 3.20120725. From the upstream changelog: * recentchangesdiff: When diffurl is not set, provide inline diffs in the recentchanges page, with visibility toggleable via javascript. Thanks, Antoine Beaupré * Split CFLAGS into words when building wrapper. Closes: #682237 * osm: Avoid calling urlto before generated files are registered. Thanks, Philippe Gauthier and Antoine Beaupré * osm: Add osm_openlayers_url configuration setting. Thanks, Genevieve * osm: osm_layers can be used to configured the layers displayed on the map. Thanks, Antoine Beaupré * comments: Remove ipv6 address specific code. -------------------------------------------------------------------------------- ChangeLog: * Sat Sep 29 2012 Thomas Moschny <thomas.moschny@xxxxxx> - 3.20120725-1 - Update to 3.20120725. - Add missing BR. -------------------------------------------------------------------------------- ================================================================================ inkscape-0.48.2-13.fc18 (FEDORA-2012-15450) Vector-based drawing program using SVG -------------------------------------------------------------------------------- Update Information: Add uniconvertor dep. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 4 2012 Jon Ciesla <limburgher@xxxxxxxxx> - 0.48.2-13 - Added dep on uniconvertor, BZ 796424. -------------------------------------------------------------------------------- References: [ 1 ] Bug #796424 - Inkscape dependency uniconvertor not in inkscape rpm https://bugzilla.redhat.com/show_bug.cgi?id=796424 -------------------------------------------------------------------------------- ================================================================================ libtiff-4.0.3-1.fc18 (FEDORA-2012-15448) Library of functions for manipulating TIFF format image files -------------------------------------------------------------------------------- Update Information: Update to 4.0.3 for assorted minor bug fixes -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 4 2012 Tom Lane <tgl@xxxxxxxxxx> 4.0.3-1 - Update to libtiff 4.0.3 -------------------------------------------------------------------------------- ================================================================================ maliit-framework-0.92.5-2.fc18 (FEDORA-2012-15458) Input method framework -------------------------------------------------------------------------------- Update Information: Fix gtk2 module -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 4 2012 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - 0.92.5-2 - Fix the updating of the gtk2 IM module cache -------------------------------------------------------------------------------- ================================================================================ mate-panel-1.4.0-6.fc18 (FEDORA-2012-15454) MATE Desktop panel applets -------------------------------------------------------------------------------- Update Information: mate desktop panel -------------------------------------------------------------------------------- References: [ 1 ] Bug #860518 - Review Request: mate-panel - MATE Desktop panel applets https://bugzilla.redhat.com/show_bug.cgi?id=860518 -------------------------------------------------------------------------------- ================================================================================ mate-session-manager-1.4.0-4.fc18 (FEDORA-2012-15453) MATE Desktop session manager -------------------------------------------------------------------------------- Update Information: mate desktop session manager -------------------------------------------------------------------------------- References: [ 1 ] Bug #860521 - Review Request: mate-session-manager - MATE Desktop session manager https://bugzilla.redhat.com/show_bug.cgi?id=860521 -------------------------------------------------------------------------------- ================================================================================ network-manager-applet-0.9.7.0-3.git20121004.fc18 (FEDORA-2012-15445) A network control and status applet for NetworkManager -------------------------------------------------------------------------------- Update Information: Misc bugfixes, plus VLAN editing and a few other improvements -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 4 2012 Dan Winship <danw@xxxxxxxxxx> - 0.9.7.0-3.git20121004 - Update to git snapshot -------------------------------------------------------------------------------- ================================================================================ ntfs-3g-2012.1.15-4.fc18 (FEDORA-2012-15452) Linux NTFS userspace driver -------------------------------------------------------------------------------- Update Information: Apply patches to ensure that if Windows 8 leaves an NTFS partition in an unsafe state, Linux will refuse to mount it (if it did, it would lead to data loss). -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 4 2012 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 2:2012.1.15-4 - add patches from upstream git to add a level of safety in the case where windows 8 leaves the NTFS filesystem in an unsafe state and Linux access could result in data loss. Basically, with these patches, Linux will refuse to mount the ntfs partition. For the details refer to: https://bugzilla.redhat.com/show_bug.cgi?id=859373 -------------------------------------------------------------------------------- References: [ 1 ] Bug #859373 - Danger in dual booting Windows 8 and Linux https://bugzilla.redhat.com/show_bug.cgi?id=859373 -------------------------------------------------------------------------------- ================================================================================ openttd-opengfx-0.4.5-1.fc18 (FEDORA-2012-15444) OpenGFX replacement graphics for OpenTTD -------------------------------------------------------------------------------- Update Information: Update OpenTTD's OpenGFX stack -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 2 2012 Felix Kaechele <heffer@xxxxxxxxxxxxxxxxx> - 0.4.5-1 - update to 0.4.5 -------------------------------------------------------------------------------- ================================================================================ perl-HTML-Template-Pro-0.9509-1.fc18 (FEDORA-2012-15439) Perl/XS module to use HTML Templates from CGI scripts -------------------------------------------------------------------------------- Update Information: This version of HTML::Template::Pro fixes a cross-site scripting (XSS) vulnerability in the module. http://www.openwall.com/lists/oss-security/2011/12/19/1 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652587 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4616 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 4 2012 Emmanuel Seyman <emmanuel@xxxxxxxxx> - 0.9509-1 - Update to 0.9509 (CVE-2011-4616, #773453) - Add default perl filter -------------------------------------------------------------------------------- References: [ 1 ] Bug #768822 - CVE-2011-4616 perl-HTML-Template-Pro: XSS issue https://bugzilla.redhat.com/show_bug.cgi?id=768822 -------------------------------------------------------------------------------- ================================================================================ selinux-policy-3.11.1-32.fc18 (FEDORA-2012-15440) SELinux policy configuration -------------------------------------------------------------------------------- Update Information: Needed to fix systemd problems. -------------------------------------------------------------------------------- ChangeLog: * Sun Nov 4 2012 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.11.1-32 - Add missing permissive domains * Sun Nov 4 2012 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.11.1-31 - Add new mandb policy - ALlow systemd-tmpfiles_t to relabel mandb_cache_t - Allow logrotate to start all unit files * Sun Nov 4 2012 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.11.1-30 - Add fixes for ctbd - Allow nmbd to stream connect to ctbd - Make cglear_t as nsswitch_domain - Fix bogus in interfaces - Allow openshift to read/write postfix public pipe - Add postfix_manage_spool_maildrop_files() interface - stickshift paths have been renamed to openshift - gnome-settings-daemon wants to write to /run/systemd/inhibit/ pipes - Update man pages, adding ENTRYPOINTS * Fri Nov 2 2012 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.11.1-29 - Add mei_device_t - Make sure gpg content in homedir created with correct label - Allow dmesg to write to abrt cache files - automount wants to search virtual memory sysctls - Add support for hplip logs stored in /var/log/hp/tmp - Add labeling for /etc/owncloud/config.php - Allow setroubleshoot to send analysys to syslogd-journal - Allow virsh_t to interact with new fenced daemon - Allow gpg to write to /etc/mail/spamassassiin directories - Make dovecot_deliver_t a mail server delivery type - Add label for /var/tmp/DNS25 * Thu Sep 27 2012 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.11.1-28 - Fixes for tomcat_domain template interface * Thu Sep 27 2012 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.11.1-27 - Remove init_systemd and init_upstart boolean, Move init_daemon_domain and init_system_domain to use attributes - Add attribute to all base os types. Allow all domains to read all ro base OS types * Wed Sep 26 2012 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.11.1-26 - Additional unit files to be defined as power unit files - Fix more boolean names -------------------------------------------------------------------------------- ================================================================================ sugar-0.97.5-2.fc18 (FEDORA-2012-15449) Constructionist learning platform -------------------------------------------------------------------------------- Update Information: * Split out Control Panels to sub packages * Update gnome-keyring patch. RHBZ 862581 * Add patch to update build dependencies -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 4 2012 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - 0.97.5-2 - Split out Control Panels to sub packages - Update gnome-keyring patch. RHBZ 862581 - Add patch to update build dependencies -------------------------------------------------------------------------------- References: [ 1 ] Bug #862581 - sugar-desktop install to gnome asks for password for jabber (f18-TC1-i386 netinstall) https://bugzilla.redhat.com/show_bug.cgi?id=862581 -------------------------------------------------------------------------------- ================================================================================ sugar-pippy-50-1.fc18 (FEDORA-2012-15451) Pippy for Sugar -------------------------------------------------------------------------------- Update Information: New upstream gtk3 release -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 4 2012 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - 50-1 - Release 50 -------------------------------------------------------------------------------- ================================================================================ tmw-music-0.3-5.fc18 (FEDORA-2012-15460) Music files for The Mana World -------------------------------------------------------------------------------- Update Information: This package contains the optional music files for The Mana World (TMW). -------------------------------------------------------------------------------- References: [ 1 ] Bug #860703 - Rename Request: tmw-music - Music files for The Mana World https://bugzilla.redhat.com/show_bug.cgi?id=860703 -------------------------------------------------------------------------------- ================================================================================ usbmuxd-1.0.8-5.fc18 (FEDORA-2012-15443) Daemon for communicating with Apple's iOS devices -------------------------------------------------------------------------------- Update Information: * Make use of the new systemd macros * Minor updates to spec -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 4 2012 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - 1.0.8-5 - Make use of the new systemd macros - Minor updates to spec -------------------------------------------------------------------------------- References: [ 1 ] Bug #857414 - Introduce new systemd-rpm macros in usbmuxd spec file https://bugzilla.redhat.com/show_bug.cgi?id=857414 -------------------------------------------------------------------------------- ================================================================================ validns-0.6-1.fc18 (FEDORA-2012-15442) DNS and DNSSEC zone file validator -------------------------------------------------------------------------------- Update Information: Fixed DNSSEC support, TYPEXX support -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 4 2012 Paul Wouters <pwouters@xxxxxxxxxx> - 0.6-0 - Updated to 0.6, which incorporates all patches * Thu Oct 4 2012 Paul Wouters <pwouters@xxxxxxxxxx> - 0.5-4 - Pullup from git for NSEC3 glue record handling fix -------------------------------------------------------------------------------- ================================================================================ vim-7.3.682-1.fc18 (FEDORA-2012-15457) The VIM editor -------------------------------------------------------------------------------- Update Information: Update to the latest upstream version. Ruby and Python libraries are now being loaded dynamically if they are available. This removes the dependency on ruby and python during the installation. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 5 2012 Karsten Hopp <karsten@xxxxxxxxxx> 7.3.682-1 - patchlevel 682 - use --enable-rubyinterp=dynamic and --enable-pythoninterp=dynamic * Tue Aug 28 2012 Karsten Hopp <karsten@xxxxxxxxxx> 7.3.638-2 - fix some man page typos (#668894, #675480) - own usr/share/vim/vimfiles/doc/tags (#845564) - add path to csope database (#844843) * Tue Aug 28 2012 Karsten Hopp <karsten@xxxxxxxxxx> 7.3.638-1 - patchlevel 638 -------------------------------------------------------------------------------- References: [ 1 ] Bug #859594 - vim in F18 is older than in F17 https://bugzilla.redhat.com/show_bug.cgi?id=859594 -------------------------------------------------------------------------------- ================================================================================ w_scan-20120605-1.fc18 (FEDORA-2012-15456) Tool for scanning DVB transponders -------------------------------------------------------------------------------- Update Information: Update to latest version with many bugfixes and enhancements See http://wirbel.htpc-forum.de/w_scan/index2.html (German) -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 4 2012 Felix Kaechele <heffer@xxxxxxxxxxxxxxxxx> - 20120605-1 - bugfixes - Israel DVB-T support - updated all sattelite info - added support for 67 more sattelites -------------------------------------------------------------------------------- ================================================================================ waf-1.7.5-1.fc18 (FEDORA-2012-14837) A Python-based build system -------------------------------------------------------------------------------- Update Information: Update to latest stable version 1.7.5. From the upstream changelog: * Fixed the LD_LIBRARY_PATH race condition in waf_unit_test #1200 * Library detection fixes in boost.py #1199 * Various waf_unit_test enhancements #1194 * Use the same function signature main(int, char**) in all configuration tests #1192 * Fixed the Clang version number detection #1191 * Let the feature 'includes' propagate INCLUDES and FRAMEWORKPATH variables * Fix for incorrect installation paths #1202 * New Cabal script (haskell) * Fixed the kde4 library detection on Fedora * New tool for protocol buffers (protoc.py) #1184 * Fixed a syntax error affecting Python < 2.6 -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 2 2012 Thomas Moschny <thomas.moschny@xxxxxx> - 1.7.5-1 - Update to 1.7.5. * Wed Sep 26 2012 Thomas Moschny <thomas.moschny@xxxxxx> - 1.7.4-1 - Update to 1.7.4. -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
