The following Fedora 16 Security updates need testing: Age URL 0 https://admin.fedoraproject.org/updates/FEDORA-2012-17376/seamonkey-2.13.2-1.fc16 40 https://admin.fedoraproject.org/updates/FEDORA-2012-14452/bacula-5.0.3-33.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-17388/kdelibs-4.8.5-2.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-17408/xen-4.1.3-3.fc16 12 https://admin.fedoraproject.org/updates/FEDORA-2012-16490/xlockmore-5.40-3.fc16 13 https://admin.fedoraproject.org/updates/FEDORA-2012-16415/389-ds-base-1.2.10.16-1.fc16 118 https://admin.fedoraproject.org/updates/FEDORA-2012-10314/revelation-0.4.14-1.fc16 38 https://admin.fedoraproject.org/updates/FEDORA-2012-14654/tor-0.2.2.39-1600.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-16986/cumin-0.1.5522-2.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-16988/firefox-16.0.2-1.fc16,xulrunner-16.0.2-1.fc16 44 https://admin.fedoraproject.org/updates/FEDORA-2012-14126/dbus-1.4.10-4.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-17019/pcp-3.6.9-1.fc16 19 https://admin.fedoraproject.org/updates/FEDORA-2012-16032/cobbler-2.4.0-beta2.fc16 7 https://admin.fedoraproject.org/updates/FEDORA-2012-16772/claws-mail-3.8.1-3.fc16 1 https://admin.fedoraproject.org/updates/FEDORA-2012-17218/rt3-3.8.15-1.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-17291/thunderbird-16.0.2-1.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-16673/viewvc-1.1.17-1.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-17318/mcrypt-2.6.8-10.fc16 The following Fedora 16 Critical Path updates have yet to be approved: Age URL 0 https://admin.fedoraproject.org/updates/FEDORA-2012-17403/fuse-2.8.7-2.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-17388/kdelibs-4.8.5-2.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-17291/thunderbird-16.0.2-1.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-17316/xdg-utils-1.1.0-0.14.20120809git.fc16 1 https://admin.fedoraproject.org/updates/FEDORA-2012-17192/qt-4.8.3-7.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-17029/mdadm-3.2.6-1.fc16 7 https://admin.fedoraproject.org/updates/FEDORA-2012-16832/plymouth-0.8.4-0.20110822.7.fc16 The following builds have been pushed to Fedora 16 updates-testing berusky-data-1.5-1.fc16 epson-inkjet-printer-escpr-1.2.2-1.1lsb3.2.fc16 fuse-2.8.7-2.fc16 ibus-typing-booster-0.0.18-1.fc16 kdelibs-4.8.5-2.fc16 krusader-2.4.0-0.8.beta3.fc16 libguestfs-1.16.33-1.fc16 opendkim-2.7.1-1.fc16 pcp-gui-1.5.6-1.fc16 php-pear-1.9.4-5.fc16.1 pyodbc-2.1.11-1.fc16 python-testtools-0.9.21-1.fc16 seamonkey-2.13.2-1.fc16 sha-1.0.4b-1.fc16 xen-4.1.3-3.fc16 Details about builds: ================================================================================ berusky-data-1.5-1.fc16 (FEDORA-2012-17378) A datafile for Berusky -------------------------------------------------------------------------------- Update Information: Datafile for berusky game. -------------------------------------------------------------------------------- ChangeLog: * Sat Sep 1 2012 Martin Stransky <stransky@xxxxxxxxxx> 1.5-1 - Update to 1.5 * Wed Jul 18 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ epson-inkjet-printer-escpr-1.2.2-1.1lsb3.2.fc16 (FEDORA-2012-17373) Drivers for Epson inkjet printers -------------------------------------------------------------------------------- Update Information: Support more printers. -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 18 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.1.1-2.1lsb3.2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #871752 - Upgrade Epson Printer Driver ESC/P-R to 1.2.2 https://bugzilla.redhat.com/show_bug.cgi?id=871752 -------------------------------------------------------------------------------- ================================================================================ fuse-2.8.7-2.fc16 (FEDORA-2012-17403) File System in Userspace (FUSE) utilities -------------------------------------------------------------------------------- Update Information: Applied change from fuse upstream which fixes a crash caused by freeing a stack address. * Ver. 2.8.7 * Ver. 2.8.7 Delete needless udev rule in /etc. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 31 2012 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 2.8.7-2 - apply upstream fix for crash caused by freeing a stack address (bz870485) * Thu Apr 19 2012 Peter Lemenkov <lemenkov@xxxxxxxxx> - 2.8.7-1 - Ver. 2.8.7 -------------------------------------------------------------------------------- References: [ 1 ] Bug #870485 - Please backport upstream patch for missing dereference in free on error path https://bugzilla.redhat.com/show_bug.cgi?id=870485 [ 2 ] Bug #784823 - fuse-2.8.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=784823 [ 3 ] Bug #748204 - fuse: please drop needless udev rules file https://bugzilla.redhat.com/show_bug.cgi?id=748204 -------------------------------------------------------------------------------- ================================================================================ ibus-typing-booster-0.0.18-1.fc16 (FEDORA-2012-17401) The Table engine for IBus platform -------------------------------------------------------------------------------- Update Information: Save setup option “Enable suggestions by Tab Key” correctly in dconf Make enabling the lookup table with the TAB key work correctly. Make sure the lookup table is hidden if there are no candidates to suggest 858980-.desktop file is added but i-t-b's pref will be enable only after , it has added support in g-c-c New Feature, suggestions can be turned on by Tab Key Fixed bugs #852993,#852994 New Feature, suggestions can be turned on by Tab Key Fixed bugs #852993,#852994 -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 31 2012 Mike FABIAN <mfabian@xxxxxxxxxx> - 0.0.18-1 - Update to 0.0.18 upstream version - Resolves: #871056 - Save setup option “Enable suggestions by Tab Key” correctly in dconf (Resolves: #871056) - Make setup dialog translatable and add German translations * Wed Oct 24 2012 Mike FABIAN <mfabian@xxxxxxxxxx> - 0.0.16-1 - Update to 0.0.16 upstream version - Resolves: #869687 - Make enabling the lookup table with the TAB key work correctly - Simplify code in add_input() - Make German input typed in NFD work * Mon Oct 22 2012 Mike FABIAN <mfabian@xxxxxxxxxx> - 0.0.15-1 - Update to 0.0.15 upstream version - Resolves: #869050 - Make sure the lookup table is hidden if there are no candidates to suggest (#869050) * Mon Oct 22 2012 Mike FABIAN <mfabian@xxxxxxxxxx> - 0.0.14-1 - Update to 0.0.14 upstream version - Show an obvious warning when the hunspell dictionary needed is not found - Show exact matches in the .dic files as suggestions as well - Do not forget the input method used last when activating a previously used engine - Make spelling of the value of “symbol” in the .conf files more consistent - include the file ru_RU.conf * Thu Oct 18 2012 Mike FABIAN <mfabian@xxxxxxxxxx> - 0.0.13-1 - Update to 0.0.13 upstream version, in 0.0.12 I forgot to include the file de_DE.conf * Thu Oct 18 2012 Mike FABIAN <mfabian@xxxxxxxxxx> - 0.0.12-1 - Update to 0.0.12 upstream version, in 0.0.11 I forgot to include the file keysym2ucs.py * Thu Oct 18 2012 Mike FABIAN <mfabian@xxxxxxxxxx> - 0.0.11-1 - Upstream has released 0.0.11 version containing the following improvements: - Add .conf files for many languages and improve some existing .conf files - Read other_ime option case insensitively - Split only at the first = in a line in a .conf file - Fix the problem that the user defined phrases are lost when switching engines - use “layout = default” instead of “layout = us” in all .conf files - Make sure the input of transliterate() is UTF-8 encoded - Add a keysym2unichr() function and use it to support languages which have non Latin1 input - Let first letter start with index 1 in autogenerated tabdict - Use autogenerated tabdict always, not only in m17n mode - Use special value 'NoIme' to indicate that no input method should be used - Use contents of lang_chars for the regexp to match words in the dictionaries - In process_key_event, do not return False when a non-ASCII character has been typed - Read option valid_input_chars as UTF-8 - Use the encoding option from the .conf file always, not only in m17n mode - Whether m17n mode is used should depend on the .conf file, not the language - Use correct encoding to decode the dictionary file - Some other minor fixes * Wed Sep 26 2012 Anish Patil <apatil@xxxxxxxxxx> - 0.0.10-1 - Upstream has released new version. * Thu Sep 13 2012 Anish Patil <apatil@xxxxxxxxxx> - 0.0.9-1 - Upstream has released new version. -------------------------------------------------------------------------------- References: [ 1 ] Bug #871056 - The setup option “Enable suggestions by Tab Key” in ibus-typing-booster is never saved https://bugzilla.redhat.com/show_bug.cgi?id=871056 [ 2 ] Bug #869687 - The feature to enable the display of the suggestions only when typing TAB doesn’t work correctly https://bugzilla.redhat.com/show_bug.cgi?id=869687 [ 3 ] Bug #869050 - ibus-typing-booster shows a lookup table even if there are zero candidates to suggest https://bugzilla.redhat.com/show_bug.cgi?id=869050 [ 4 ] Bug #857280 - should have Obsoletes and Provides lines for older typing-boosters https://bugzilla.redhat.com/show_bug.cgi?id=857280 [ 5 ] Bug #858980 - ibus-typing-booster setup is not enabled in gnome-control-center region, .desktop file is missing https://bugzilla.redhat.com/show_bug.cgi?id=858980 [ 6 ] Bug #859438 - unable to see suggestions in candidate window https://bugzilla.redhat.com/show_bug.cgi?id=859438 [ 7 ] Bug #860113 - [ibus-typing-booster] please list hunspell en JM dictionary as GB (British English) https://bugzilla.redhat.com/show_bug.cgi?id=860113 [ 8 ] Bug #852993 - ibus-hunspell-table lacks config file for en_GB https://bugzilla.redhat.com/show_bug.cgi?id=852993 [ 9 ] Bug #852994 - [typo] only one 'n' in Danish https://bugzilla.redhat.com/show_bug.cgi?id=852994 -------------------------------------------------------------------------------- ================================================================================ kdelibs-4.8.5-2.fc16 (FEDORA-2012-17388) KDE Libraries -------------------------------------------------------------------------------- Update Information: - CVE-2012-4515 - Fix crash when trying to reuse a frame with a null part -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 31 2012 Than Ngo <than@xxxxxxxxxx> - 6:4.8.5-2 - Resolves: CVE-2012-4515, CVE-2012-4514 -------------------------------------------------------------------------------- References: [ 1 ] Bug #865831 - CVE-2012-4515 kdelibs: Use-after-free when context menu being used whilst the document DOM is being changed from within JavaScript https://bugzilla.redhat.com/show_bug.cgi?id=865831 [ 2 ] Bug #869681 - CVE-2012-4514 kdelibs (khtml): NULL pointer dereference when trying to reuse a frame with null part https://bugzilla.redhat.com/show_bug.cgi?id=869681 -------------------------------------------------------------------------------- ================================================================================ krusader-2.4.0-0.8.beta3.fc16 (FEDORA-2012-17203) An advanced twin-panel (commander-style) file-manager for KDE -------------------------------------------------------------------------------- Update Information: An update of Krusader to version 2.4.0-beta3. Compared to the previously packaged 2.4.0-beta1, the main improvements are: * Assignable global shortcut to bring Krusader's main window to top * Go to Other Panel's Directory - shortcut: CTRL+= * Use Okteta kpart as hex-viewer by default * Configurable media menu * Quicker (un)mounting: pressing CTRL+RETURN when media menu is open (un)mounts the highlighted device In addition, many bugs were fixed. See http://www.krusader.org/release/2.4.0-beta3/changelog/ for a full list of changes. This package includes an additional fix for a regression in 2.4.0 beta 2 and 3: F3 preview of video files was crashing (kde#309159). -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 30 2012 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> - 2.4.0-0.8.beta3 - Fix crash in video file preview on F3 (kde#309159, upstream patch) * Sun Oct 28 2012 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> - 2.4.0-0.7.beta3 - Update to 2.4.0-beta3 * Mon Oct 15 2012 Radek Novacek <rnovacek@xxxxxxxxxx> - 2.4.0-0.6.beta2 - Update to 2.4.0-beta2 - Drop g++ 4.7 patch (upstreamed) - Add patch for generating manual page * Thu Jul 19 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.4.0-0.5.beta1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Mon Jan 16 2012 Radek Novacek <rnovacek@xxxxxxxxxx> 2.4.0-0.4.beta1 - Fix build failure with g++ 4.7 * Fri Jan 13 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.4.0-0.3.beta1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Thu Jul 28 2011 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> 2.4.0-0.2.beta1 - Run desktop-file-validate -------------------------------------------------------------------------------- ================================================================================ libguestfs-1.16.33-1.fc16 (FEDORA-2012-17404) Access and modify virtual machine disk images -------------------------------------------------------------------------------- Update Information: New upstream stable version 1.16.33. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 30 2012 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.16.33-1 - New upstream stable version 1.16.33. -------------------------------------------------------------------------------- ================================================================================ opendkim-2.7.1-1.fc16 (FEDORA-2012-17384) A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail -------------------------------------------------------------------------------- Update Information: Updating package to match newer upstream 2.7.1 source. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 30 2012 Steve Jenkins <steve stevejenkins com> 2.7.1-1 - Updated to use newer upstream 2.7.1 source code - Updated to reflect source code move of files from /usr/bin to /usr/sbin - Removed --enable-stats configure option to avoid additional dependencies - Added support for strlcat() and strlcopy() previously in libopendkim - Added new MinimumKeyBits configuration option with default of 1024 -------------------------------------------------------------------------------- References: [ 1 ] Bug #869994 - opendkim: Add library option DKIM_OPTS_MINKEYBITS allowing one to specify a minimum number of key bits for acceptable signatures, defaulting to 1024 bits. https://bugzilla.redhat.com/show_bug.cgi?id=869994 -------------------------------------------------------------------------------- ================================================================================ pcp-gui-1.5.6-1.fc16 (FEDORA-2012-17386) Visualization tools for the Performance Co-Pilot toolkit -------------------------------------------------------------------------------- Update Information: Upstream pcp-gui release. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 26 2012 Nathan Scott <nathans@xxxxxxxxxx> - 1.5.6-1 - Update to latest PCP GUI sources. - Introduces new pcp-gui-testsuite sub-package. * Fri Jul 20 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.5.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ php-pear-1.9.4-5.fc16.1 (FEDORA-2012-17400) PHP Extension and Application Repository framework -------------------------------------------------------------------------------- Update Information: * provides value for %{pear_metadir} = %{pear_phpdir} -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 31 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> 1:1.9.4-5.1 - provides value for %{pear_metadir} -------------------------------------------------------------------------------- ================================================================================ pyodbc-2.1.11-1.fc16 (FEDORA-2012-17395) Python DB API 2.0 Module for ODBC -------------------------------------------------------------------------------- Update Information: This is an update that fixes several bugs mentioned in release notes, including Unicode support reworking. -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 31 2012 Honza Horak <hhorak@xxxxxxxxxx> - 2.1.11-1 - Updated to 2.1.11 because of Unicode and other fixes - Re-added missing LICENSE.txt, it is included in 3.0.x again * Sat Jul 21 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.1.5-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sat Jan 14 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.1.5-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #870433 - pyodbc unicode handling broken on 64bit systems https://bugzilla.redhat.com/show_bug.cgi?id=870433 -------------------------------------------------------------------------------- ================================================================================ python-testtools-0.9.21-1.fc16 (FEDORA-2012-17382) Extensions to the Python unit testing framework -------------------------------------------------------------------------------- Update Information: 0.9.20: Three new matchers: MatchesDict, ContainsDict, ContainedByDict 0.9.21: Correctly expose DirContains, accidentally hidden since 0.9.17 * Better discover support and Python3.x improvements * Python 3 builds now enabled for Fedora releases -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 27 2012 Michel Alexandre Salim <michel@sojourner> - 0.9.21-1 - Update to 0.9.21 -------------------------------------------------------------------------------- References: [ 1 ] Bug #870345 - python-testtools-0.9.21 is available https://bugzilla.redhat.com/show_bug.cgi?id=870345 -------------------------------------------------------------------------------- ================================================================================ seamonkey-2.13.2-1.fc16 (FEDORA-2012-17376) Web browser, e-mail, news, IRC client, HTML editor -------------------------------------------------------------------------------- Update Information: Update to latest upstream. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 26 2012 Martin Stransky <stransky@xxxxxxxxxx> 2.13.2-1 - Update to 2.13.2 -------------------------------------------------------------------------------- ================================================================================ sha-1.0.4b-1.fc16 (FEDORA-2012-17402) File hashing utility -------------------------------------------------------------------------------- Update Information: sha 1.0.4b. -------------------------------------------------------------------------------- References: [ 1 ] Bug #859795 - Review Request: sha - File hashing utility https://bugzilla.redhat.com/show_bug.cgi?id=859795 -------------------------------------------------------------------------------- ================================================================================ xen-4.1.3-3.fc16 (FEDORA-2012-17408) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: limit the size of guest kernels and ramdisks to avoid running out of memory on dom0 during guest boot [XSA-25,CVE-2012-4544] (#870414) -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 30 2012 Michael Young <m.a.young@xxxxxxxxxxxx> - 4.1.3-3 - limit the size of guest kernels and ramdisks to avoid running out of memory on dom0 during guest boot [XSA-25, CVE-2012-4544] (#870414) - remove pygrub.size.limits.patch patch included in new patch -------------------------------------------------------------------------------- References: [ 1 ] Bug #870412 - CVE-2012-4544 xen: Xen domain builder Out-of-memory due to malicious kernel/ramdisk https://bugzilla.redhat.com/show_bug.cgi?id=870412 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
