The following Fedora 16 Security updates need testing: Age URL 6 https://admin.fedoraproject.org/updates/FEDORA-2012-15748/hostapd-0.7.3-10.fc16 100 https://admin.fedoraproject.org/updates/FEDORA-2012-10402/bcfg2-1.2.3-1.fc16 25 https://admin.fedoraproject.org/updates/FEDORA-2012-14452/bacula-5.0.3-33.fc16 6 https://admin.fedoraproject.org/updates/FEDORA-2012-15746/gitolite3-3.04-4.fc16 72 https://admin.fedoraproject.org/updates/FEDORA-2012-11526/dokuwiki-0-0.11.20120125.b.fc16 7 https://admin.fedoraproject.org/updates/FEDORA-2012-15725/phpMyAdmin-3.5.3-1.fc16 6 https://admin.fedoraproject.org/updates/FEDORA-2012-15743/freeradius-2.2.0-0.fc16 5 https://admin.fedoraproject.org/updates/FEDORA-2012-15844/drupal7-feeds-2.0-0.5.alpha6.fc16 103 https://admin.fedoraproject.org/updates/FEDORA-2012-10314/revelation-0.4.14-1.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-15877/seamonkey-2.13.1-1.fc16 23 https://admin.fedoraproject.org/updates/FEDORA-2012-14654/tor-0.2.2.39-1600.fc16 29 https://admin.fedoraproject.org/updates/FEDORA-2012-14126/dbus-1.4.10-4.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-15981/dhcp-4.2.4-4.P2.fc16,bind-dyndb-ldap-1.1.0-0.15.rc1.fc16,bind-9.8.4-2.fc16,dnsperf-2.0.0.0-2.fc16 21 https://admin.fedoraproject.org/updates/FEDORA-2012-14707/openjpeg-1.4-14.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-16056/haproxy-1.4.22-1.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-16028/mapserver-6.0.3-4.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-16032/cobbler-2.4.0-beta2.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-16055/thunderbird-16.0.1-1.fc16 27 https://admin.fedoraproject.org/updates/FEDORA-2012-14322/pcp-3.6.8-1.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-16274/389-ds-base-1.2.10.15-1.fc16 The following Fedora 16 Critical Path updates have yet to be approved: Age URL 0 https://admin.fedoraproject.org/updates/FEDORA-2012-16244/kernel-3.4.14-1.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-16249/thunderbird-lightning-1.8-1.fc16,thunderbird-16.0.1-2.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-16243/xulrunner-16.0.1-2.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-16252/curl-7.21.7-8.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-16251/perl-5.14.3-202.fc16 2 https://admin.fedoraproject.org/updates/FEDORA-2012-16099/kde-settings-4.7-15.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-16055/thunderbird-16.0.1-1.fc16 9 https://admin.fedoraproject.org/updates/FEDORA-2012-15556/nss-util-3.13.6-1.fc16,nss-softokn-3.13.6-1.fc16,nss-3.13.6-1.fc16 10 https://admin.fedoraproject.org/updates/FEDORA-2012-15485/mdadm-3.2.5-10.fc16 The following builds have been pushed to Fedora 16 updates-testing 389-ds-base-1.2.10.15-1.fc16 anyremote-6.1.1-1.fc16 curl-7.21.7-8.fc16 fedora-review-0.3.1-1.fc16 fence-virt-0.3.0-2.fc16 hplip-3.12.10-3.a.fc16 kernel-3.4.14-1.fc16 latex2rtf-2.3.1-1.fc16 perl-5.14.3-202.fc16 qpid-cpp-0.18-4.fc16 seamonkey-2.13.1-1.fc16 thunderbird-16.0.1-2.fc16 thunderbird-lightning-1.8-1.fc16 wget-1.12-6.fc16 xulrunner-16.0.1-2.fc16 Details about builds: ================================================================================ 389-ds-base-1.2.10.15-1.fc16 (FEDORA-2012-16274) 389 Directory Server (base) -------------------------------------------------------------------------------- Update Information: cleanallruv support - Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in ACL (ACL rules bypass possible) -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 16 2012 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.10.15-1 - Trac Ticket #340 - Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in acl - Ticket #491 - multimaster_extop_cleanruv returns wrong error codes - 7bbaf35 COVERITY FIXES in replica_execute_cleanall_ruv_task - 1f356fa CLEANALLRUV - remove calls to agmt_get_enabled because this feature is not in 1.2.10 - Ticket 477 - CLEANALLRUV if there are only winsync agmts task will hang - Ticket 467 - CLEANALLRUV abort task should be able to ignore down replicas - Ticket 450 - CLEANALLRUV task gets stuck on winsync replication agreement - 8545947 CLEANALLRUV coverity fixes - Ticket 403 - fix CLEANALLRUV regression from last commit - Ticket 403 - CLEANALLRUV revisions - Ticket 403 - cleanallruv coverity fixes - Ticket 403 - CLEANALLRUV feature - 4753f97 Update the slapi-plugin documentation on new slapi functions, and added a slapi function for checking on shutdowns - b3f5a71 Coverity Fix - Ticket 368 - Make the cleanAllRUV task one step - Ticket #337 - Improve CLEANRUV task - Ticket #353 - coverity 12625-12629 - leaks, dead code, unchecked return - Ticket #337 - RFE - Improve CLEANRUV functionality -------------------------------------------------------------------------------- References: [ 1 ] Bug #860608 - CVE-2012-4450 389-ds-base: Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in ACL (ACL rules bypass possible) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=860608 -------------------------------------------------------------------------------- ================================================================================ anyremote-6.1.1-1.fc16 (FEDORA-2012-16242) Remote control through bluetooth or Wi-Fi connection -------------------------------------------------------------------------------- Update Information: v6.1.1 v6.1 v6.1 -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 15 2012 Mikhail Fedotov <anyremote at mail.ru> - 6.1.1 - Fix bug in ExecAndSet() command. * Mon Oct 8 2012 Mikhail Fedotov <anyremote at mail.ru> - 6.1 - Support of XML services interface. Support Set(vibrate,duration) command. Add possibility to disable GLIB usage (for OpenWRT build). Major code restructurization. -------------------------------------------------------------------------------- ================================================================================ curl-7.21.7-8.fc16 (FEDORA-2012-16252) A utility for getting files from remote servers (FTP, HTTP, and others) -------------------------------------------------------------------------------- Update Information: - use NSS_InitContext() to initialize NSS if available (#767832) - provide human-readable names for NSS errors -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 16 2012 Kamil Dudka <kdudka@xxxxxxxxxx> 7.21.7-8 - use NSS_InitContext() to initialize NSS if available (#767832) - provide human-readable names for NSS errors (upstream commit a60edcc6) -------------------------------------------------------------------------------- References: [ 1 ] Bug #767832 - Intermittent SSL connection failures to Active Directory using php-ldap https://bugzilla.redhat.com/show_bug.cgi?id=767832 -------------------------------------------------------------------------------- ================================================================================ fedora-review-0.3.1-1.fc16 (FEDORA-2012-16268) Review tool for fedora rpm packages -------------------------------------------------------------------------------- Update Information: Bugfix release including renewed support for EL6 and fix of global shell plugins -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 25 2012 Stanislav Ochotnicky <sochotnicky@xxxxxxxxxx> - 0.3.1-1 - Update to lastest upstream (0.3.1) - Fix loading of system-wide plugins - Add back suport for EL6 -------------------------------------------------------------------------------- ================================================================================ fence-virt-0.3.0-2.fc16 (FEDORA-2012-16237) A pluggable fencing framework for virtual machines -------------------------------------------------------------------------------- Update Information: Add a -w (delay) option, Return failure when attempting to fence a nonexistent domain, Improve man pages -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 15 2012 Ryan McCabe <rmccabe@xxxxxxxxxx> - 0.3.0-2 - Add a -w (delay) option. - Return failure when attempting to fence a nonexistent domain - Improve man pages -------------------------------------------------------------------------------- ================================================================================ hplip-3.12.10-3.a.fc16 (FEDORA-2012-16240) HP Linux Imaging and Printing Project -------------------------------------------------------------------------------- Update Information: This update fixes an SELinux AVC message. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 16 2012 Tim Waugh <twaugh@xxxxxxxxxx> 3.12.10-3.a - CUPS filters should use TMPDIR when available (bug #865603). * Thu Oct 11 2012 Jiri Popelka <jpopelka@xxxxxxxxxx> 3.12.10-2.a - 3.12.10a * Thu Oct 4 2012 Jiri Popelka <jpopelka@xxxxxxxxxx> 3.12.10-1 - 3.12.10 -------------------------------------------------------------------------------- References: [ 1 ] Bug #865603 - SELinux is preventing /usr/lib/cups/filter/hpcups from 'search' accesses on the directory /var/log/hp. https://bugzilla.redhat.com/show_bug.cgi?id=865603 -------------------------------------------------------------------------------- ================================================================================ kernel-3.4.14-1.fc16 (FEDORA-2012-16244) The Linux kernel -------------------------------------------------------------------------------- Update Information: Linux 3.4.14 Linux 3.4.13 Update to Linux 3.4.12 -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 16 2012 Dave Jones <davej@xxxxxxxxxx> 3.4.14-1 - Linux 3.4.14 * Thu Oct 11 2012 Dave Jones <davej@xxxxxxxxxx> 3.4.13-1 - Linux 3.4.13 * Wed Oct 3 2012 Josh Boyer <jwboyer@xxxxxxxxxx> - Make sure kernel-tools-libs-devel provides kernel-tools-devel * Tue Oct 2 2012 Dave Jones <davej@xxxxxxxxxx> 3.4.12-1 - Linux v3.4.12 merged: drm-radeon-force-dma32-to-fix-regression-rs4xx-rs6xx.patch merged: rds-set-correct-msg_namelen.patch merged: net-Allow-driver-to-limit-number-of-GSO-segments-per-skb.patch merged: sfc-Fix-maximum-number-of-TSO-segments-and-minimum-TX-queue-size.patch merged: tcp-Apply-device-TSO-segment-limit-earlier.patch merged: af_netlink-credentials-cve-2012-3520.patch * Fri Sep 28 2012 Josh Boyer <jwboyer@xxxxxxxxxx> - 3.4.11-3 - Split out kernel-tools-libs (rhbz 859943) * Fri Sep 21 2012 Josh Boyer <jwboyer@xxxxxxxxxx> 3.4.11-2 - Add patch to fix radeon regression from Jerome Glisse (rhbz 785375) -------------------------------------------------------------------------------- ================================================================================ latex2rtf-2.3.1-1.fc16 (FEDORA-2012-16241) LaTeX to RTF converter that handles equations, figures, and cross-references -------------------------------------------------------------------------------- Update Information: Update to newest stable release. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 16 2012 Jussi Lehtola <jussilehtola@xxxxxxxxxxxxxxxxx> - 2.3.1-1 - Update to 2.3.1. * Tue Oct 16 2012 Jussi Lehtola <jussilehtola@xxxxxxxxxxxxxxxxx> - 2.3.0-2 - Fixed build in EPEL. * Tue Oct 16 2012 Jussi Lehtola <jussilehtola@xxxxxxxxxxxxxxxxx> - 2.3.0-1 - Update to 2.3.0. -------------------------------------------------------------------------------- References: [ 1 ] Bug #863015 - latex2rtf-2.3.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=863015 -------------------------------------------------------------------------------- ================================================================================ perl-5.14.3-202.fc16 (FEDORA-2012-16251) Practical Extraction and Report Language -------------------------------------------------------------------------------- Update Information: Update to Perl 5.14.3 -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 16 2012 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 4:5.14.3-202 - 5.14.3 bump (see https://metacpan.org/module/DOM/perl-5.14.3/pod/perldelta.pod for release notes). -------------------------------------------------------------------------------- ================================================================================ qpid-cpp-0.18-4.fc16 (FEDORA-2012-16250) Libraries for Qpid C++ client applications -------------------------------------------------------------------------------- Update Information: Adds CMake file to examples, moves qmf2.pc to qpid-qmf-devel. Fixed directory ownership and building the C++ examples. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 16 2012 Darryl L. Pierce <dpierce@xxxxxxxxxx> - 0.18-4 - Install CMake file for C++ messaging examples. - Moved qfm2.pc from qpid-qmf to qpid-qmf-devel - Resolves: BZ#866892 * Fri Oct 12 2012 Darryl L. Pierce <dpierce@xxxxxxxxxx> - 0.18-3 - Fixed building C++ messaging examples. - Fixed ownership for /usr/share/qpidc and /usr/shar/qpidc/messaging - Resolves: BZ#802791 - Resolves: BZ#756927 -------------------------------------------------------------------------------- References: [ 1 ] Bug #866892 - wrong requires on qpid-qmf https://bugzilla.redhat.com/show_bug.cgi?id=866892 [ 2 ] Bug #802791 - qpid-cpp examples building error https://bugzilla.redhat.com/show_bug.cgi?id=802791 [ 3 ] Bug #756927 - [PATCH] Spec file fixes for qpid-cpp https://bugzilla.redhat.com/show_bug.cgi?id=756927 -------------------------------------------------------------------------------- ================================================================================ seamonkey-2.13.1-1.fc16 (FEDORA-2012-15877) Web browser, e-mail, news, IRC client, HTML editor -------------------------------------------------------------------------------- Update Information: Update to 2.13.1 -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 16 2012 Martin Stransky <stransky@xxxxxxxxxx> 2.13.1-1 - Update to 2.13.1 * Tue Oct 9 2012 Martin Stransky <stransky@xxxxxxxxxx> 2.13-1 - Update to 2.13 -------------------------------------------------------------------------------- References: [ 1 ] Bug #866040 - seamonkey-2.13.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=866040 -------------------------------------------------------------------------------- ================================================================================ thunderbird-16.0.1-2.fc16 (FEDORA-2012-16249) Mozilla Thunderbird mail/newsgroup client -------------------------------------------------------------------------------- Update Information: This update fixes installation problem on system without updated NSS and NSPR libraries. - Vulnerability outlined here: https://blog.mozilla.org/security/2012/10/10/security-vulnerability-in-firefox-16/ -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 16 2012 Jan Horak <jhorak@xxxxxxxxxx> - 16.0.1-2 - Fixed nss and nspr versions * Thu Oct 11 2012 Jan Horak <jhorak@xxxxxxxxxx> - 16.0.1-1 - Update to 16.0.1 * Tue Oct 9 2012 Jan Horak <jhorak@xxxxxxxxxx> - 16.0-1 - Update to 16.0 * Tue Sep 18 2012 Dan Horák <dan[at]danny.cz> - 15.0.1-3 - Added fix for rhbz#855923 - TB freezes on Fedora 18 for PPC64 * Fri Sep 14 2012 Martin Stransky <stransky@xxxxxxxxxx> - 15.0.1-2 - Added build flags for second arches -------------------------------------------------------------------------------- ================================================================================ thunderbird-lightning-1.8-1.fc16 (FEDORA-2012-16249) The calendar extension to Thunderbird -------------------------------------------------------------------------------- Update Information: This update fixes installation problem on system without updated NSS and NSPR libraries. - Vulnerability outlined here: https://blog.mozilla.org/security/2012/10/10/security-vulnerability-in-firefox-16/ -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 9 2012 Jan Horak <jhorak@xxxxxxxxxx> - 1.8-1 - Update to 1.8 -------------------------------------------------------------------------------- ================================================================================ wget-1.12-6.fc16 (FEDORA-2012-16264) A utility for retrieving files using the HTTP or FTP protocols -------------------------------------------------------------------------------- Update Information: This update fixes stated bugs. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 10 2012 Tomas Hozza <thozza@xxxxxxxxxx> - 1.12-6 - Backported translation of "eta" for zh_CN from wget-1.13.4 (#799344) * Tue Oct 9 2012 Tomas Hozza <thozza@xxxxxxxxxx> - 1.12-5 - Fixed TLS SNI Support in wget (#836822) -------------------------------------------------------------------------------- References: [ 1 ] Bug #836822 - Bring SNI support to wget https://bugzilla.redhat.com/show_bug.cgi?id=836822 [ 2 ] Bug #799344 - wget zh_CN Translation error makes the wget output ugly https://bugzilla.redhat.com/show_bug.cgi?id=799344 -------------------------------------------------------------------------------- ================================================================================ xulrunner-16.0.1-2.fc16 (FEDORA-2012-16243) XUL Runtime for Gecko Applications -------------------------------------------------------------------------------- Update Information: Fixes nspr/nss dependency. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 16 2012 Jan Horak <jhorak@xxxxxxxxxx> - 16.0.1-2 - Fixed required nss and nspr version -------------------------------------------------------------------------------- References: [ 1 ] Bug #866309 - firefox doesn't start https://bugzilla.redhat.com/show_bug.cgi?id=866309 [ 2 ] Bug #866057 - firefox 16.0.1 missing dependency nspr >=4.9.2 https://bugzilla.redhat.com/show_bug.cgi?id=866057 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
