The following Fedora 16 Security updates need testing: Age URL 5 https://admin.fedoraproject.org/updates/FEDORA-2012-16421/drupal7-7.16-1.fc16 107 https://admin.fedoraproject.org/updates/FEDORA-2012-10402/bcfg2-1.2.3-1.fc16 32 https://admin.fedoraproject.org/updates/FEDORA-2012-14452/bacula-5.0.3-33.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-16490/xlockmore-5.40-3.fc16 5 https://admin.fedoraproject.org/updates/FEDORA-2012-16415/389-ds-base-1.2.10.16-1.fc16 5 https://admin.fedoraproject.org/updates/FEDORA-2012-16417/Django-1.3.4-1.fc16 14 https://admin.fedoraproject.org/updates/FEDORA-2012-15725/phpMyAdmin-3.5.3-1.fc16 34 https://admin.fedoraproject.org/updates/FEDORA-2012-14322/pcp-3.6.8-1.fc16 13 https://admin.fedoraproject.org/updates/FEDORA-2012-15844/drupal7-feeds-2.0-0.5.alpha6.fc16 2 https://admin.fedoraproject.org/updates/FEDORA-2012-16605/dokuwiki-0-0.14.20121013.fc16 110 https://admin.fedoraproject.org/updates/FEDORA-2012-10314/revelation-0.4.14-1.fc16 7 https://admin.fedoraproject.org/updates/FEDORA-2012-15877/seamonkey-2.13.1-1.fc16 30 https://admin.fedoraproject.org/updates/FEDORA-2012-14654/tor-0.2.2.39-1600.fc16 36 https://admin.fedoraproject.org/updates/FEDORA-2012-14126/dbus-1.4.10-4.fc16 1 https://admin.fedoraproject.org/updates/FEDORA-2012-16659/net-snmp-5.7.1-3.fc16 1 https://admin.fedoraproject.org/updates/FEDORA-2012-16673/viewvc-1.1.15-3.fc16 11 https://admin.fedoraproject.org/updates/FEDORA-2012-16028/mapserver-6.0.3-4.fc16 11 https://admin.fedoraproject.org/updates/FEDORA-2012-16032/cobbler-2.4.0-beta2.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-16772/claws-mail-3.8.1-3.fc16 11 https://admin.fedoraproject.org/updates/FEDORA-2012-16055/thunderbird-16.0.1-1.fc16 The following Fedora 16 Critical Path updates have yet to be approved: Age URL 7 https://admin.fedoraproject.org/updates/FEDORA-2012-16249/thunderbird-lightning-1.8-1.fc16,thunderbird-16.0.1-2.fc16 7 https://admin.fedoraproject.org/updates/FEDORA-2012-16243/xulrunner-16.0.1-2.fc16 7 https://admin.fedoraproject.org/updates/FEDORA-2012-16252/curl-7.21.7-8.fc16 7 https://admin.fedoraproject.org/updates/FEDORA-2012-16251/perl-5.14.3-202.fc16 9 https://admin.fedoraproject.org/updates/FEDORA-2012-16099/kde-settings-4.7-15.fc16 11 https://admin.fedoraproject.org/updates/FEDORA-2012-16055/thunderbird-16.0.1-1.fc16 The following builds have been pushed to Fedora 16 updates-testing claws-mail-3.8.1-3.fc16 ht-alegreya-fonts-1.004-1.fc16 ibus-typing-booster-0.0.15-1.fc16 mod_revocator-1.0.3-10.fc16 overpass-fonts-1.01-2.fc16 perl-Geo-IPfree-1.1.2.2.8.8.0-1.fc16 python-urwid-1.1.0-2.fc16 qupzilla-1.3.5-2.fc16 wicd-1.7.0-15.fc16 Details about builds: ================================================================================ claws-mail-3.8.1-3.fc16 (FEDORA-2012-16772) Email client and news reader based on GTK+ -------------------------------------------------------------------------------- Update Information: Fixes a null-pointer crash. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 22 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 3.8.1-3 - fix null-ptr crash (rhbz#862578, CVE-2012-4507) * Wed Jul 18 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.8.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #862578 - CVE-2012-4507 [abrt] claws-mail-3.8.1-1.fc17: strchr: Process /usr/bin/claws-mail was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=862578 -------------------------------------------------------------------------------- ================================================================================ ht-alegreya-fonts-1.004-1.fc16 (FEDORA-2012-16771) A Serif typeface originally intended for literature -------------------------------------------------------------------------------- Update Information: New package: ht-alegreya-fonts Alegreya was chosen as one of 53 "Fonts of the Decade" at the ATypI Letter2 competition in September 2011, and one of the top 14 text type systems. It was also selected in the 2nd Bienal Iberoamericana de Diseño, competition held in Madrid in 2010. Alegreya is a typeface originally intended for literature. Among its crowning characteristics, it conveys a dynamic and varied rhythm which facilitates the reading of long texts. Also, it provides freshness to the page while referring to the calligraphic letter, not as a literal interpretation, but rather in a contemporary typographic language. The italic has just as much care and attention to detail in the design as the roman. The bold weights are strong, and the Black weights are really experimental for the genre. There is also a Small Caps sister family. Not only does Alegreya provide great performance, but also achieves a strong and harmonious text by means of elements designed in an atmosphere of diversity. -------------------------------------------------------------------------------- References: [ 1 ] Bug #857487 - Review Request: ht-alegreya-fonts - A Serif typeface originally intended for literature https://bugzilla.redhat.com/show_bug.cgi?id=857487 -------------------------------------------------------------------------------- ================================================================================ ibus-typing-booster-0.0.15-1.fc16 (FEDORA-2012-16765) The Table engine for IBus platform -------------------------------------------------------------------------------- Update Information: Make sure the lookup table is hidden if there are no candidates to suggest 858980-.desktop file is added but i-t-b's pref will be enable only after , it has added support in g-c-c New Feature, suggestions can be turned on by Tab Key Fixed bugs #852993,#852994 New Feature, suggestions can be turned on by Tab Key Fixed bugs #852993,#852994 -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 22 2012 Mike FABIAN <mfabian@xxxxxxxxxx> - 0.0.15-1 - Update to 0.0.15 upstream version - Resolves: #869050 - Make sure the lookup table is hidden if there are no candidates to suggest (#869050) * Mon Oct 22 2012 Mike FABIAN <mfabian@xxxxxxxxxx> - 0.0.14-1 - Update to 0.0.14 upstream version - Show an obvious warning when the hunspell dictionary needed is not found - Show exact matches in the .dic files as suggestions as well - Do not forget the input method used last when activating a previously used engine - Make spelling of the value of “symbol” in the .conf files more consistent - include the file ru_RU.conf * Thu Oct 18 2012 Mike FABIAN <mfabian@xxxxxxxxxx> - 0.0.13-1 - Update to 0.0.13 upstream version, in 0.0.12 I forgot to include the file de_DE.conf * Thu Oct 18 2012 Mike FABIAN <mfabian@xxxxxxxxxx> - 0.0.12-1 - Update to 0.0.12 upstream version, in 0.0.11 I forgot to include the file keysym2ucs.py * Thu Oct 18 2012 Mike FABIAN <mfabian@xxxxxxxxxx> - 0.0.11-1 - Upstream has released 0.0.11 version containing the following improvements: - Add .conf files for many languages and improve some existing .conf files - Read other_ime option case insensitively - Split only at the first = in a line in a .conf file - Fix the problem that the user defined phrases are lost when switching engines - use “layout = default” instead of “layout = us” in all .conf files - Make sure the input of transliterate() is UTF-8 encoded - Add a keysym2unichr() function and use it to support languages which have non Latin1 input - Let first letter start with index 1 in autogenerated tabdict - Use autogenerated tabdict always, not only in m17n mode - Use special value 'NoIme' to indicate that no input method should be used - Use contents of lang_chars for the regexp to match words in the dictionaries - In process_key_event, do not return False when a non-ASCII character has been typed - Read option valid_input_chars as UTF-8 - Use the encoding option from the .conf file always, not only in m17n mode - Whether m17n mode is used should depend on the .conf file, not the language - Use correct encoding to decode the dictionary file - Some other minor fixes * Wed Sep 26 2012 Anish Patil <apatil@xxxxxxxxxx> - 0.0.10-1 - Upstream has released new version. * Thu Sep 13 2012 Anish Patil <apatil@xxxxxxxxxx> - 0.0.9-1 - Upstream has released new version. -------------------------------------------------------------------------------- References: [ 1 ] Bug #869050 - ibus-typing-booster shows a lookup table even if there are zero candidates to suggest https://bugzilla.redhat.com/show_bug.cgi?id=869050 [ 2 ] Bug #857280 - should have Obsoletes and Provides lines for older typing-boosters https://bugzilla.redhat.com/show_bug.cgi?id=857280 [ 3 ] Bug #858980 - ibus-typing-booster setup is not enabled in gnome-control-center region, .desktop file is missing https://bugzilla.redhat.com/show_bug.cgi?id=858980 [ 4 ] Bug #859438 - unable to see suggestions in candidate window https://bugzilla.redhat.com/show_bug.cgi?id=859438 [ 5 ] Bug #860113 - [ibus-typing-booster] please list hunspell en JM dictionary as GB (British English) https://bugzilla.redhat.com/show_bug.cgi?id=860113 [ 6 ] Bug #852993 - ibus-hunspell-table lacks config file for en_GB https://bugzilla.redhat.com/show_bug.cgi?id=852993 [ 7 ] Bug #852994 - [typo] only one 'n' in Danish https://bugzilla.redhat.com/show_bug.cgi?id=852994 -------------------------------------------------------------------------------- ================================================================================ mod_revocator-1.0.3-10.fc16 (FEDORA-2012-16754) CRL retrieval module for the Apache HTTP server -------------------------------------------------------------------------------- Update Information: Bugzilla Bug #861999 - mod_revocator exec CLR URIs fail to load: unable to load Revocation module, NSS error -8187 - stephen.capstick64@xxxxxxxxx Bugzilla Bug #716355 - mod_revocator does not shut down httpd server if expired CRL is fetched Bugzilla Bug #716361 - mod_revocator does not bring down httpd server if CRLUpdate fails Bugzilla Bug #737556 - CRLS are not downloaded when mod_revocator module is loaded successfully. And no error was thrown in httpd error_log - mharmsen Add 'autoreconf -fvi' to build section - mharmsen Fix shutting down Apache if CRLUpdateCritical is on and a CRL is not available at startup (#654378) - rcritten@xxxxxxxxxx Updated mod_revocator-kill patch. The ownership of the semaphore used to control access to crlhelper was not always changed to the Apache user (#648546) - rcritten@xxxxxxxxxx Actually apply the patch (#648546) - rcritten@xxxxxxxxxx Fix killing the web server if updatecritical is set (#648546) - rcritten@xxxxxxxxxx -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 8 2012 Matthew Harmsen <mharmsen@xxxxxxxxxx> - 1.0.3-10 - Bugzilla Bug #861999 - mod_revocator exec CLR URIs fail to load: unable to load Revocation module, NSS error -8187 - stephen.capstick64@xxxxxxxxx (mod_revocator-waitpid.patch) -------------------------------------------------------------------------------- References: [ 1 ] Bug #716355 - mod_revocator does not shut down httpd server if expired CRL is fetched https://bugzilla.redhat.com/show_bug.cgi?id=716355 [ 2 ] Bug #716361 - mod_revocator does not bring down httpd server if CRLUpdate fails https://bugzilla.redhat.com/show_bug.cgi?id=716361 [ 3 ] Bug #737556 - CRLS are not downloaded when mod_revocator module is loaded successfully. And no error was thrown in httpd error_log https://bugzilla.redhat.com/show_bug.cgi?id=737556 -------------------------------------------------------------------------------- ================================================================================ overpass-fonts-1.01-2.fc16 (FEDORA-2012-16775) Typeface based on the U.S. interstate highway road signage type system -------------------------------------------------------------------------------- Update Information: New package: overpass-fonts Free & open source typeface based on the U.S. interstate highway road signage type system; it is sans-serif and suitable for both body and titling text. -------------------------------------------------------------------------------- References: [ 1 ] Bug #852214 - Review Request: overpass-fonts - Typeface based on the U.S. interstate highway road signage type system https://bugzilla.redhat.com/show_bug.cgi?id=852214 -------------------------------------------------------------------------------- ================================================================================ perl-Geo-IPfree-1.1.2.2.8.8.0-1.fc16 (FEDORA-2012-16784) Look up the country of an IPv4 Address -------------------------------------------------------------------------------- Update Information: Database updated, new county code BQ added. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 23 2012 Petr Pisar <ppisar@xxxxxxxxxx> - 1.1.2.2.8.8.0-1 - 1.122880 bump -------------------------------------------------------------------------------- ================================================================================ python-urwid-1.1.0-2.fc16 (FEDORA-2012-16777) Console user interface library -------------------------------------------------------------------------------- Update Information: This release brings many layouting fixes, a saner API and bugfixes. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 23 2012 Fabian Deutsch <fabiand@xxxxxxxxxxxxxxxxx> - 1.1.0-2 - Add new docs and examples dir * Tue Oct 23 2012 Fabian Deutsch <fabiand@xxxxxxxxxxxxxxxxx> - 1.1.0-1 - Update to upstream 1.1.0 -------------------------------------------------------------------------------- ================================================================================ qupzilla-1.3.5-2.fc16 (FEDORA-2012-16756) Modern web browser -------------------------------------------------------------------------------- Update Information: QupZilla is modern web browser based on WebKit core and Qt Framework. It is designed to be lightweight and fast and offers advanced functions such as - an integrated advertisement blocker, - a search engine manager, - a SSL certificate manager, - speed dial - theming support, and - seamless integration into your desktop environment. -------------------------------------------------------------------------------- References: [ 1 ] Bug #819184 - Review Request: qupzilla - Modern web browser https://bugzilla.redhat.com/show_bug.cgi?id=819184 -------------------------------------------------------------------------------- ================================================================================ wicd-1.7.0-15.fc16 (FEDORA-2012-16757) Wireless and wired network connection manager -------------------------------------------------------------------------------- Update Information: This is an update to the fix for CVE-2012-2095, which first appeared in wicd-1.7.0-13.fc16. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 23 2012 David Cantrell <dcantrell@xxxxxxxxxx> - 1.7.0-15 - Rebuild (#820166) * Thu Aug 2 2012 David Cantrell <dcantrell@xxxxxxxxxx> - 1.7.0-14 - Fix CVE-2012-2095 property handling (#820166) -------------------------------------------------------------------------------- References: [ 1 ] Bug #820166 - Fix for CVE-2012-2095 invalidates all templates that use 'ca_cert', 'password' and other fields. https://bugzilla.redhat.com/show_bug.cgi?id=820166 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
