The following Fedora 16 Security updates need testing: Age URL 0 https://admin.fedoraproject.org/updates/FEDORA-2012-16421/drupal7-7.16-1.fc16 102 https://admin.fedoraproject.org/updates/FEDORA-2012-10402/bcfg2-1.2.3-1.fc16 26 https://admin.fedoraproject.org/updates/FEDORA-2012-14452/bacula-5.0.3-33.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-16415/389-ds-base-1.2.10.16-1.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-16417/Django-1.3.4-1.fc16 74 https://admin.fedoraproject.org/updates/FEDORA-2012-11526/dokuwiki-0-0.11.20120125.b.fc16 8 https://admin.fedoraproject.org/updates/FEDORA-2012-15725/phpMyAdmin-3.5.3-1.fc16 7 https://admin.fedoraproject.org/updates/FEDORA-2012-15844/drupal7-feeds-2.0-0.5.alpha6.fc16 104 https://admin.fedoraproject.org/updates/FEDORA-2012-10314/revelation-0.4.14-1.fc16 1 https://admin.fedoraproject.org/updates/FEDORA-2012-15877/seamonkey-2.13.1-1.fc16 24 https://admin.fedoraproject.org/updates/FEDORA-2012-14654/tor-0.2.2.39-1600.fc16 31 https://admin.fedoraproject.org/updates/FEDORA-2012-14126/dbus-1.4.10-4.fc16 6 https://admin.fedoraproject.org/updates/FEDORA-2012-15981/dhcp-4.2.4-4.P2.fc16,bind-dyndb-ldap-1.1.0-0.15.rc1.fc16,bind-9.8.4-2.fc16,dnsperf-2.0.0.0-2.fc16 23 https://admin.fedoraproject.org/updates/FEDORA-2012-14707/openjpeg-1.4-14.fc16 5 https://admin.fedoraproject.org/updates/FEDORA-2012-16056/haproxy-1.4.22-1.fc16 5 https://admin.fedoraproject.org/updates/FEDORA-2012-16028/mapserver-6.0.3-4.fc16 5 https://admin.fedoraproject.org/updates/FEDORA-2012-16032/cobbler-2.4.0-beta2.fc16 5 https://admin.fedoraproject.org/updates/FEDORA-2012-16055/thunderbird-16.0.1-1.fc16 29 https://admin.fedoraproject.org/updates/FEDORA-2012-14322/pcp-3.6.8-1.fc16 The following Fedora 16 Critical Path updates have yet to be approved: Age URL 0 https://admin.fedoraproject.org/updates/FEDORA-2012-16338/kernel-3.6.2-1.fc16 1 https://admin.fedoraproject.org/updates/FEDORA-2012-16249/thunderbird-lightning-1.8-1.fc16,thunderbird-16.0.1-2.fc16 1 https://admin.fedoraproject.org/updates/FEDORA-2012-16243/xulrunner-16.0.1-2.fc16 1 https://admin.fedoraproject.org/updates/FEDORA-2012-16252/curl-7.21.7-8.fc16 1 https://admin.fedoraproject.org/updates/FEDORA-2012-16251/perl-5.14.3-202.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-16099/kde-settings-4.7-15.fc16 5 https://admin.fedoraproject.org/updates/FEDORA-2012-16055/thunderbird-16.0.1-1.fc16 11 https://admin.fedoraproject.org/updates/FEDORA-2012-15556/nss-util-3.13.6-1.fc16,nss-softokn-3.13.6-1.fc16,nss-3.13.6-1.fc16 12 https://admin.fedoraproject.org/updates/FEDORA-2012-15485/mdadm-3.2.5-10.fc16 The following builds have been pushed to Fedora 16 updates-testing 389-ds-base-1.2.10.16-1.fc16 Django-1.3.4-1.fc16 ScrollZ-2.2.2-2.fc16 dojo-1.8.1-1.fc16 drupal7-7.16-1.fc16 ecryptfs-utils-100-3.fc16 maniadrive-1.2-32.fc16.10 ninja-ide-2.1.1-4.fc16 perl-DateTime-0.77-1.fc16 perl-DateTime-TimeZone-1.51-1.fc16 php-5.3.18-1.fc16 php-eaccelerator-0.9.6.1-9.fc16.10 spandsp-0.0.6-0.8.pre21.fc16 Details about builds: ================================================================================ 389-ds-base-1.2.10.16-1.fc16 (FEDORA-2012-16415) 389 Directory Server (base) -------------------------------------------------------------------------------- Update Information: Here is where you give an explanation of your update. cleanallruv support - Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in ACL (ACL rules bypass possible) -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 18 2012 Mark Reynolds <mreynolds@xxxxxxxxxx> - 1.2.10.16-1 - 569c2d3 bump version to 1.2.10.16 - Ticket 403 - CLEANALLRUV - minor fixes and add support for replica-force-cleaning * Tue Oct 16 2012 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.10.15-1 - Trac Ticket #340 - Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in acl - Ticket #491 - multimaster_extop_cleanruv returns wrong error codes - 7bbaf35 COVERITY FIXES in replica_execute_cleanall_ruv_task - 1f356fa CLEANALLRUV - remove calls to agmt_get_enabled because this feature is not in 1.2.10 - Ticket 477 - CLEANALLRUV if there are only winsync agmts task will hang - Ticket 467 - CLEANALLRUV abort task should be able to ignore down replicas - Ticket 450 - CLEANALLRUV task gets stuck on winsync replication agreement - 8545947 CLEANALLRUV coverity fixes - Ticket 403 - fix CLEANALLRUV regression from last commit - Ticket 403 - CLEANALLRUV revisions - Ticket 403 - cleanallruv coverity fixes - Ticket 403 - CLEANALLRUV feature - 4753f97 Update the slapi-plugin documentation on new slapi functions, and added a slapi function for checking on shutdowns - b3f5a71 Coverity Fix - Ticket 368 - Make the cleanAllRUV task one step - Ticket #337 - Improve CLEANRUV task - Ticket #353 - coverity 12625-12629 - leaks, dead code, unchecked return - Ticket #337 - RFE - Improve CLEANRUV functionality -------------------------------------------------------------------------------- References: [ 1 ] Bug #860608 - CVE-2012-4450 389-ds-base: Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in ACL (ACL rules bypass possible) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=860608 -------------------------------------------------------------------------------- ================================================================================ Django-1.3.4-1.fc16 (FEDORA-2012-16417) A high-level Python Web framework -------------------------------------------------------------------------------- Update Information: Security releases issued - Host header poisoning -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 18 2012 Matthias Runge <mrunge@xxxxxxxxxxxxxxxxx> - 1.3.4-1 - security update to upstream version 1.3.4 https://www.djangoproject.com/weblog/2012/oct/17/security/ -------------------------------------------------------------------------------- References: [ 1 ] Bug #865164 - CVE-2012-4520 Django: Host header poisoning vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=865164 -------------------------------------------------------------------------------- ================================================================================ ScrollZ-2.2.2-2.fc16 (FEDORA-2012-16423) Advanced IRC client based on ircII code -------------------------------------------------------------------------------- Update Information: ScrollZ IRC client -------------------------------------------------------------------------------- References: [ 1 ] Bug #867334 - Review Request: ScrollZ - ScrollZ IRC client https://bugzilla.redhat.com/show_bug.cgi?id=867334 -------------------------------------------------------------------------------- ================================================================================ dojo-1.8.1-1.fc16 (FEDORA-2012-16419) Modular JavaScript toolkit -------------------------------------------------------------------------------- Update Information: Update to latest upstream Update to Version 1.8.0 -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 17 2012 Felix Kaechele <heffer@xxxxxxxxxxxxxxxxx> - 1.8.1-1 - update to latest upstream -------------------------------------------------------------------------------- ================================================================================ drupal7-7.16-1.fc16 (FEDORA-2012-16421) An open-source content-management platform -------------------------------------------------------------------------------- Update Information: Fixes SA-CORE-2012-003 - Drupal core - Arbitrary PHP code execution and Information disclosure - http://drupal.org/node/1815904 -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 16 2012 Orion Poplawski <orion@xxxxxxxxxxxxx> - 7.16-1 - New upstream - SA-CORE-2012-003 security update -------------------------------------------------------------------------------- ================================================================================ ecryptfs-utils-100-3.fc16 (FEDORA-2012-16437) The eCryptfs mount helper and support libraries -------------------------------------------------------------------------------- Update Information: - fix typo in restorecon path -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 18 2012 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 100-3 - fix typo in restorecon path (#865839) -------------------------------------------------------------------------------- References: [ 1 ] Bug #865839 - typo iin ecryptfs-migrate-home https://bugzilla.redhat.com/show_bug.cgi?id=865839 -------------------------------------------------------------------------------- ================================================================================ maniadrive-1.2-32.fc16.10 (FEDORA-2012-16427) 3D stunt driving game -------------------------------------------------------------------------------- Update Information: Upstream Chagelog: Core: * Fixed bug #63111 (is_callable() lies for abstract static method). (Dmitry) * Fixed bug #63093 (Segfault while load extension failed in zts-build). (Laruence) * Fixed bug #62976 (Notice: could not be converted to int when comparing some builtin classes). (Laruence) * Fixed bug #61767 (Shutdown functions not called in certain error situation). (Dmitry) * Fixed bug #61442 (exception threw in __autoload can not be catched). (Laruence) * Fixed bug #60909 (custom error handler throwing Exception + fatal error = no shutdown function). (Dmitry) cURL: * Fixed bug #62085 (file_get_contents a remote file by Curl wrapper will cause cpu Soaring). (Pierrick) FPM: * Fixed bug #62954 (startup problems fpm / php-fpm). (fat) * Fixed bug #62886 (PHP-FPM may segfault/hang on startup). (fat) * Fixed bug #63085 (Systemd integration and daemonize). (remi, fat) * Fixed bug #62947 (Unneccesary warnings on FPM). (fat) * Fixed bug #62887 (Only /status?plain&full gives "last request cpu"). (fat) * Fixed bug #62216 (Add PID to php-fpm init.d script). (fat) Intl: * Fix bug #62915 (defective cloning in several intl classes). (Gustavo) SOAP * Fixed bug #50997 (SOAP Error when trying to submit 2nd Element of a choice). (Dmitry) SPL: * Bug #62987 (Assigning to ArrayObject[null][something] overrides all undefined variables). (Laruence) -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 18 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.2-32.10 - rebuild against PHP 5.3.18 -------------------------------------------------------------------------------- ================================================================================ ninja-ide-2.1.1-4.fc16 (FEDORA-2012-16418) Ninja IDE for Python development -------------------------------------------------------------------------------- Update Information: added missing dependency Ninja IDE for Python development -------------------------------------------------------------------------------- References: [ 1 ] Bug #863983 - Review Request: ninja-ide - Ninja IDE for Python development https://bugzilla.redhat.com/show_bug.cgi?id=863983 -------------------------------------------------------------------------------- ================================================================================ perl-DateTime-0.77-1.fc16 (FEDORA-2012-16411) Date and time object -------------------------------------------------------------------------------- Update Information: Various fixes and leap second on 2012-06-30 added. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 18 2012 Petr Pisar <ppisar@xxxxxxxxxx> - 2:0.77-1 - 0.77 bump -------------------------------------------------------------------------------- References: [ 1 ] Bug #838120 - perl-DateTime is too old https://bugzilla.redhat.com/show_bug.cgi?id=838120 -------------------------------------------------------------------------------- ================================================================================ perl-DateTime-TimeZone-1.51-1.fc16 (FEDORA-2012-16420) Time zone object base class and factory -------------------------------------------------------------------------------- Update Information: Update to Olson 2012g database. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 18 2012 Petr Pisar <ppisar@xxxxxxxxxx> - 1.51-1 - update to latest upstream version - Olson 2012g -------------------------------------------------------------------------------- References: [ 1 ] Bug #857845 - perl-DateTime-TimeZone-1.51 is available https://bugzilla.redhat.com/show_bug.cgi?id=857845 -------------------------------------------------------------------------------- ================================================================================ php-5.3.18-1.fc16 (FEDORA-2012-16427) PHP scripting language for creating dynamic web sites -------------------------------------------------------------------------------- Update Information: Upstream Chagelog: Core: * Fixed bug #63111 (is_callable() lies for abstract static method). (Dmitry) * Fixed bug #63093 (Segfault while load extension failed in zts-build). (Laruence) * Fixed bug #62976 (Notice: could not be converted to int when comparing some builtin classes). (Laruence) * Fixed bug #61767 (Shutdown functions not called in certain error situation). (Dmitry) * Fixed bug #61442 (exception threw in __autoload can not be catched). (Laruence) * Fixed bug #60909 (custom error handler throwing Exception + fatal error = no shutdown function). (Dmitry) cURL: * Fixed bug #62085 (file_get_contents a remote file by Curl wrapper will cause cpu Soaring). (Pierrick) FPM: * Fixed bug #62954 (startup problems fpm / php-fpm). (fat) * Fixed bug #62886 (PHP-FPM may segfault/hang on startup). (fat) * Fixed bug #63085 (Systemd integration and daemonize). (remi, fat) * Fixed bug #62947 (Unneccesary warnings on FPM). (fat) * Fixed bug #62887 (Only /status?plain&full gives "last request cpu"). (fat) * Fixed bug #62216 (Add PID to php-fpm init.d script). (fat) Intl: * Fix bug #62915 (defective cloning in several intl classes). (Gustavo) SOAP * Fixed bug #50997 (SOAP Error when trying to submit 2nd Element of a choice). (Dmitry) SPL: * Bug #62987 (Assigning to ArrayObject[null][something] overrides all undefined variables). (Laruence) -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 18 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> 5.3.18-1 - update to 5.3.18 - provides php-phar -------------------------------------------------------------------------------- ================================================================================ php-eaccelerator-0.9.6.1-9.fc16.10 (FEDORA-2012-16427) PHP accelerator, optimizer, encoder and dynamic content cacher -------------------------------------------------------------------------------- Update Information: Upstream Chagelog: Core: * Fixed bug #63111 (is_callable() lies for abstract static method). (Dmitry) * Fixed bug #63093 (Segfault while load extension failed in zts-build). (Laruence) * Fixed bug #62976 (Notice: could not be converted to int when comparing some builtin classes). (Laruence) * Fixed bug #61767 (Shutdown functions not called in certain error situation). (Dmitry) * Fixed bug #61442 (exception threw in __autoload can not be catched). (Laruence) * Fixed bug #60909 (custom error handler throwing Exception + fatal error = no shutdown function). (Dmitry) cURL: * Fixed bug #62085 (file_get_contents a remote file by Curl wrapper will cause cpu Soaring). (Pierrick) FPM: * Fixed bug #62954 (startup problems fpm / php-fpm). (fat) * Fixed bug #62886 (PHP-FPM may segfault/hang on startup). (fat) * Fixed bug #63085 (Systemd integration and daemonize). (remi, fat) * Fixed bug #62947 (Unneccesary warnings on FPM). (fat) * Fixed bug #62887 (Only /status?plain&full gives "last request cpu"). (fat) * Fixed bug #62216 (Add PID to php-fpm init.d script). (fat) Intl: * Fix bug #62915 (defective cloning in several intl classes). (Gustavo) SOAP * Fixed bug #50997 (SOAP Error when trying to submit 2nd Element of a choice). (Dmitry) SPL: * Bug #62987 (Assigning to ArrayObject[null][something] overrides all undefined variables). (Laruence) -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 18 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1:0.9.6.1-9.10 - rebuild against PHP 5.3.18 -------------------------------------------------------------------------------- ================================================================================ spandsp-0.0.6-0.8.pre21.fc16 (FEDORA-2012-16416) A DSP library for telephony -------------------------------------------------------------------------------- Update Information: Update to 0.0.6pre21 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 18 2012 Jeffrey Ollie <jeff@xxxxxxxxxx> - 0.0.6-0.8.pre21 - Update to 0.0.6pre21 * Sat Jul 21 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.0.6-0.7.pre18 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sat Jan 14 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.0.6-0.6.pre18 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #866127 - SpanDSP is over 3 years old - Update request https://bugzilla.redhat.com/show_bug.cgi?id=866127 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
