The following Fedora 16 Security updates need testing: Age URL 3 https://admin.fedoraproject.org/updates/FEDORA-2012-17376/seamonkey-2.13.2-1.fc16 43 https://admin.fedoraproject.org/updates/FEDORA-2012-14452/bacula-5.0.3-33.fc16 3 https://admin.fedoraproject.org/updates/FEDORA-2012-17388/kdelibs-4.8.5-2.fc16 3 https://admin.fedoraproject.org/updates/FEDORA-2012-17408/xen-4.1.3-3.fc16 16 https://admin.fedoraproject.org/updates/FEDORA-2012-16415/389-ds-base-1.2.10.16-1.fc16 1 https://admin.fedoraproject.org/updates/FEDORA-2012-17479/kernel-3.6.5-2.fc16 1 https://admin.fedoraproject.org/updates/FEDORA-2012-17482/plib-1.8.5-8.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-17588/catdoc-0.94.2-10.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-17553/libproxy-0.4.10-1.fc16 7 https://admin.fedoraproject.org/updates/FEDORA-2012-17019/pcp-3.6.9-1.fc16 15 https://admin.fedoraproject.org/updates/FEDORA-2012-16490/xlockmore-5.40-3.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-17561/cumin-0.1.5522-3.fc16 121 https://admin.fedoraproject.org/updates/FEDORA-2012-10314/revelation-0.4.14-1.fc16 41 https://admin.fedoraproject.org/updates/FEDORA-2012-14654/tor-0.2.2.39-1600.fc16 7 https://admin.fedoraproject.org/updates/FEDORA-2012-16988/firefox-16.0.2-1.fc16,xulrunner-16.0.2-1.fc16 22 https://admin.fedoraproject.org/updates/FEDORA-2012-16032/cobbler-2.4.0-beta2.fc16 10 https://admin.fedoraproject.org/updates/FEDORA-2012-16772/claws-mail-3.8.1-3.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-17218/rt3-3.8.15-1.fc16 3 https://admin.fedoraproject.org/updates/FEDORA-2012-17291/thunderbird-16.0.2-1.fc16 7 https://admin.fedoraproject.org/updates/FEDORA-2012-16673/viewvc-1.1.17-1.fc16 3 https://admin.fedoraproject.org/updates/FEDORA-2012-17318/mcrypt-2.6.8-10.fc16 The following Fedora 16 Critical Path updates have yet to be approved: Age URL 0 https://admin.fedoraproject.org/updates/FEDORA-2012-17572/libfm-1.1.0-1.fc16,pcmanfm-1.1.0-1.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-17553/libproxy-0.4.10-1.fc16 3 https://admin.fedoraproject.org/updates/FEDORA-2012-17403/fuse-2.8.7-2.fc16 3 https://admin.fedoraproject.org/updates/FEDORA-2012-17388/kdelibs-4.8.5-2.fc16 3 https://admin.fedoraproject.org/updates/FEDORA-2012-17291/thunderbird-16.0.2-1.fc16 3 https://admin.fedoraproject.org/updates/FEDORA-2012-17316/xdg-utils-1.1.0-0.14.20120809git.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-17192/qt-4.8.3-7.fc16 7 https://admin.fedoraproject.org/updates/FEDORA-2012-17029/mdadm-3.2.6-1.fc16 10 https://admin.fedoraproject.org/updates/FEDORA-2012-16832/plymouth-0.8.4-0.20110822.7.fc16 The following builds have been pushed to Fedora 16 updates-testing cabal-rpm-0.6.5-1.fc16 catdoc-0.94.2-10.fc16 cross-binutils-2.23.51.0.3-1.fc16 cumin-0.1.5522-3.fc16 dovecot-2.0.21-2.fc16 drupal6-mobile_tools-2.6-1.fc16 drupal7-votingapi-2.9-1.fc16 libfm-1.1.0-1.fc16 libproxy-0.4.10-1.fc16 mock-1.1.28-1.fc16 pcmanfm-1.1.0-1.fc16 perl-DateTime-TimeZone-1.52-1.fc16 Details about builds: ================================================================================ cabal-rpm-0.6.5-1.fc16 (FEDORA-2012-17562) RPM package creator for Haskell Cabal-based packages -------------------------------------------------------------------------------- Update Information: - drop hscolour BuildRequires - simplify generated BuildRequires: drop version ranges, and exclude base, Cabal, etc - use ExclusiveArch ghc_arches_with_ghci for template-haskell - replace --name option with --library to force Lib package -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 1 2012 Jens Petersen <petersen@xxxxxxxxxx> - 0.6.5-1 - drop hscolour BuildRequires - simplify generated BuildRequires: drop version ranges, and exclude base, Cabal, etc - use ExclusiveArch ghc_arches_with_ghci for template-haskell - replace --name option with --library to force Lib package -------------------------------------------------------------------------------- ================================================================================ catdoc-0.94.2-10.fc16 (FEDORA-2012-17588) A program which converts Microsoft office files to plain text -------------------------------------------------------------------------------- Update Information: Fix security issue (buffer overflow). -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 2 2012 Adel Gadllah <adel.gadllah@xxxxxxxxx> - 0.94.2-10 - Fix buffer overflow vulnerability; RH#872390 / RH#872391 * Wed Jul 18 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.94.2-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Thu Jan 12 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.94.2-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #872390 - catdoc: buffer overflow flaw https://bugzilla.redhat.com/show_bug.cgi?id=872390 -------------------------------------------------------------------------------- ================================================================================ cross-binutils-2.23.51.0.3-1.fc16 (FEDORA-2012-17579) A GNU collection of cross-compilation binary utilities -------------------------------------------------------------------------------- Update Information: Move to binutils-2.23.51.0.3 and support aarch64 -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 2 2012 David Howells <dhowells@xxxxxxxxxx> - 2.23.51.0.3-1 - Update to binutils-2.23.51.0.3. - Added support for aarch64. * Mon Oct 15 2012 Jon Ciesla <limburgher@xxxxxxxxx> - 2.22.52.0.3-4 - Provides: bundled(libiberty) * Wed Jul 18 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.22.52.0.3-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Wed Jul 11 2012 Dan Horák <dan[at]danny.cz> - 2.22.52.0.3-2 - don't install libbfd/libopcode when host == target (eg. on s390x) -------------------------------------------------------------------------------- ================================================================================ cumin-0.1.5522-3.fc16 (FEDORA-2012-17561) MRG management web console -------------------------------------------------------------------------------- Update Information: The previous version of the spec file did not install cumin-report and was missing a dependency on pymongo. This release contains many bug fixes (logged against Cumin in RHEL MRG but applying to Fedora as well). There are also many security enhancements but it is not just a security release. -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 2 2012 Trevor McKay <tmckay@xxxxxxxxxx> - 0.1.5522-3 - Fix the spec in regards to the long term reporting feature - The cumin-report script was not being installed in /usr/bin - A dependency on pymongo was missing * Thu Oct 25 2012 Trevor McKay <tmckay@xxxxxxxxxx> - 0.1.5522-2 - Change form of bug numbers in the last changelog so they show - up in the build system web UI 438142 635207 699487 703859 705358 733516 737979 739658 748735 750196 751779 752732 756384 760567 765713 765846 765894 767232 768298 769753 771642 772105 782359 782485 782839 782902 783139 785551 785863 787138 789351 796798 799129 799382 799404 800065 800611 800624 801047 801287 801291 802698 802704 805029 807838 807912 807970 809006 809369 812407 814386 815316 820681 823506 830243 830245 830854 831203 831235 831244 837037 837047 839576 840112 840121 840123 840133 846010 846345 846349 847940 848344 850759 851205 853454 * Thu Oct 25 2012 Trevor McKay <tmckay@xxxxxxxxxx> - 0.1.5522-1 - Add dependency on python-ldap - Add creation of /etc/cumin/cumin.conf.d for future use - Add use of systemd macros for F18+ - Many, many bug fixes since 5137: * Wed Jul 18 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.1.5220-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sun Jan 15 2012 Trevor McKay <tmckay@xxxxxxxxxx> - 0.1.5220-1 - Tweak dependencies again, python-qpid-qmf requires python-qpid now - Remove dependencies on pycairo and liberation-sans-fonts (new - sources in trunk remove flash and the need for pycairo) - Move root-only programs to /usr/sbin - Remove test programs on installation - cumin-database.patch no longer necessary -------------------------------------------------------------------------------- References: [ 1 ] Bug #830243 - CVE-2012-2683 cumin: multiple XSS flaws https://bugzilla.redhat.com/show_bug.cgi?id=830243 [ 2 ] Bug #830245 - CVE-2012-2684 cumin: SQL injection flaw https://bugzilla.redhat.com/show_bug.cgi?id=830245 -------------------------------------------------------------------------------- ================================================================================ dovecot-2.0.21-2.fc16 (FEDORA-2012-17583) Secure imap and pop3 server -------------------------------------------------------------------------------- Update Information: - add reload command to service file -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 2 2012 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 1:2.0.21-2 - add reload command to service file -------------------------------------------------------------------------------- References: [ 1 ] Bug #872239 - systemd systemctl not support reload dovecot configuration https://bugzilla.redhat.com/show_bug.cgi?id=872239 -------------------------------------------------------------------------------- ================================================================================ drupal6-mobile_tools-2.6-1.fc16 (FEDORA-2012-17563) The Mobile Tools provides some tools to assist in making a site mobile -------------------------------------------------------------------------------- Update Information: New upstream version, http://drupal.org/node/1819836. -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 2 2012 Peter Borsa <peter.borsa@xxxxxxxxx> - 2.6-1 - New upstream version * Wed Jul 18 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.3-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Fri Jan 13 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.3-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #831519 - drupal6-mobile_tools-2.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=831519 -------------------------------------------------------------------------------- ================================================================================ drupal7-votingapi-2.9-1.fc16 (FEDORA-2012-17557) Drupal Standardized API and schema for storing, retrieving, and tabulating votes -------------------------------------------------------------------------------- Update Information: New upstream version, http://drupal.org/node/1814542. -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 2 2012 Peter Borsa <peter.borsa@xxxxxxxxx> - 2.9-1 - Update to 2.9 * Wed Jul 18 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #865134 - drupal7-votingapi-2.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=865134 -------------------------------------------------------------------------------- ================================================================================ libfm-1.1.0-1.fc16 (FEDORA-2012-17572) GIO-based library for file manager-like programs -------------------------------------------------------------------------------- Update Information: libfm / pcmanfm 1.1.0 is released. -------------------------------------------------------------------------------- ChangeLog: * Sun Nov 4 2012 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 1.1.0-1 - 1.1.0 -------------------------------------------------------------------------------- ================================================================================ libproxy-0.4.10-1.fc16 (FEDORA-2012-17553) A library handling all the details of proxy configuration -------------------------------------------------------------------------------- Update Information: Fix http chunk encoded PAC that was broken in previous release Add HTTP client unit test Fix coding style issues -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 16 2012 Nicolas Chauvet <kwizart@xxxxxxxxx> - 0.4.10-1 - Update to 0.4.10 - Fix CVE-2012-4504 * Thu Jul 19 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.4.7-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Mon Feb 27 2012 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - 0.4.7-4 - Add upstream patches to use js rather than xulrunner - Add patch to fix FTBFS on gcc 4.7 - Cleanup spec for latest updates and remove obsolete bits * Fri Jan 13 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.4.7-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Tue Dec 6 2011 Adam Jackson <ajax@xxxxxxxxxx> - 0.4.7-2 - Rebuild for new libpng -------------------------------------------------------------------------------- References: [ 1 ] Bug #864417 - CVE-2012-4504 libproxy: long proxy.pac file handling buffer overflow https://bugzilla.redhat.com/show_bug.cgi?id=864417 -------------------------------------------------------------------------------- ================================================================================ mock-1.1.28-1.fc16 (FEDORA-2012-17570) Builds packages inside chroots -------------------------------------------------------------------------------- Update Information: cleaned up .cfgs handle calling --scrub= with non-existant chroot fix various start/finish state problems remove dead code, unused array 'legal_arches' add CLONE_NEWPID and CLONE_NEWIPC to unshare call add an 'age_check' parameter to root_cache deal with NFS home directories and root_cache issues Fix mock kernel version comparison add f18 configs add missing s390 rawhide config Fix mistake in committing fedora-17-ppc* configs Fixed dropped commit for ppc/ppc64 configs on f17 Added package_state_plugin and bugfixes Added mockchain which takes a mock config and a series of srpms, rebuilds the srpms one by one, adding each resulting rpm to a local repository so that they are available as build deps to the next package being built Remove EPEL-4 configs fix problem in scm.py with SSH_AUTH_SOCK fix baseurl (remove dist-) for f17 configs fix incorrect setting of gid in UidManager.changeOwner() allow chroot group to be configurable -------------------------------------------------------------------------------- ChangeLog: * Mon Sep 24 2012 Clark Williams <williams@xxxxxxxxxx> - 1.1.28-1 - add updates-testing stanza to fedora-1x-*.cfg [BZ# 610826] - modify scrub to handle non-existant chroots [BZ# 860368] * Fri Sep 7 2012 Clark Williams <williams@xxxxxxxxxx> - 1.1.27-1 - fixed configs test report to indicate configuration failure total - remove dead code, unused array 'legal_arches' - add an 'age_check' parameter to root_cache - deal with NFS home directories and root_cache issues [BZ# 649192] - from Mike Miller <mtmiller@xxxxxxxx>: - Fix mock kernel version comparison [BZ# 847473] - from Mathieu Bridon <bochecha@xxxxxxxxxxxxxxxxx>: - fix various start/finish state problems [BZ# 835633] - from Colin Walters <walters@xxxxxxxxxx>: - add CLONE_NEWPID and CLONE_NEWIPC to unshare call [BZ# 851340] * Fri Aug 10 2012 Dennis Gilmore <dennis@xxxxxxxx> - 1.1.26-2 - add f18 configs - add rawhide s390 config * Mon Aug 6 2012 Clark Williams <williams@xxxxxxxxxx> - 1.1.26-1 - move the fedora-17-ppc* configs into the configs directory * Tue Jul 31 2012 Clark Williams <williams@xxxxxxxxxx> - 1.1.25-1 - From Karsten Hopp <karsten@xxxxxxxxxx>: - added ppc and ppc64 configs for fedora 17 * Fri Jul 27 2012 Clark Williams <williams@xxxxxxxxxx> - 1.1.24-1 - Fixed error when calling os.getlogin() [BZ# 843434] - removed fedora-15 config files - from Matt McCutchen <matt@xxxxxxxxxxxxxxxxx>: - allowed common options to be added to yum commands [BZ# 734576] - from Ville Skyttä <ville.skytta@xxxxxx>: - added mockchain completion - from Seth Vidal <skvidal@xxxxxxxxxxxxxxxxx>: - added package_state_plugin * Thu Jun 7 2012 Clark Williams <williams@xxxxxxxxxx> - 1.1.23-1 - modified startup code to only set mock group [BZ# 809676] - add CLONE_NEWUTS to unshare(2) call [BZ# 818445] - from Seth Vidal <skvidal at fedoraproject.org>: - add mockchain to mock [BZ# 812477] - from Marko Myllynen <myllynen@xxxxxxxxxx>: - fix write_tar check in scm.py [BZ# 828677] - from Masatake YAMATO <yamato@xxxxxxxxxx>: - added option to set a plugin parameter value [BZ# 754321] * Thu Mar 29 2012 Clark Williams <williams@xxxxxxxxxx> - 1.1.22-1 - fix SCM problem with SSH_AUTH_SOCK [BZ# 803217] - From Chris St Pierre <chris.a.st.pierre@xxxxxxxxx>: - allow chroot group to be configure option -------------------------------------------------------------------------------- References: [ 1 ] Bug #610826 - updates-testing should be - optional? - in /etc/mock/*.cfg https://bugzilla.redhat.com/show_bug.cgi?id=610826 [ 2 ] Bug #860368 - mock --scrub=chroot fails with IOError: [Errno 2] No such file or directory: '/var/lib/mock/fedora-rawhide-x86_64/result/state.log' https://bugzilla.redhat.com/show_bug.cgi?id=860368 [ 3 ] Bug #835633 - "ERROR: state finish mismatch" when exiting mock --shell https://bugzilla.redhat.com/show_bug.cgi?id=835633 [ 4 ] Bug #851340 - Support newer CLONE_ flags https://bugzilla.redhat.com/show_bug.cgi?id=851340 [ 5 ] Bug #649192 - mock-1.1.6 doesn't play along with users $HOME on a NFS share (ERROR: Cannot find/open srpm) https://bugzilla.redhat.com/show_bug.cgi?id=649192 [ 6 ] Bug #847473 - Fix mock kernel version comparison https://bugzilla.redhat.com/show_bug.cgi?id=847473 [ 7 ] Bug #843434 - OSError: [Errno 25] Inappropriate ioctl for device https://bugzilla.redhat.com/show_bug.cgi?id=843434 [ 8 ] Bug #734576 - RFE: Means for plugins to add options to all yum commands https://bugzilla.redhat.com/show_bug.cgi?id=734576 [ 9 ] Bug #809676 - Mock and FreeIPA group detection issues. https://bugzilla.redhat.com/show_bug.cgi?id=809676 [ 10 ] Bug #844846 - ERROR: Namespace unshare failed. https://bugzilla.redhat.com/show_bug.cgi?id=844846 -------------------------------------------------------------------------------- ================================================================================ pcmanfm-1.1.0-1.fc16 (FEDORA-2012-17572) Extremly fast and lightweight file manager -------------------------------------------------------------------------------- Update Information: libfm / pcmanfm 1.1.0 is released. -------------------------------------------------------------------------------- ChangeLog: * Sun Nov 4 2012 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 1.1.0-1 - 1.1.0 -------------------------------------------------------------------------------- ================================================================================ perl-DateTime-TimeZone-1.52-1.fc16 (FEDORA-2012-17567) Time zone object base class and factory -------------------------------------------------------------------------------- Update Information: This release is based on version 2012h of the Olson database; it includes contemporary changes for Brazil, Israel, and Jordan. -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 2 2012 Iain Arnell <iarnell@xxxxxxxxx> 1.52-1 - update to latest upstream version - Olson 2012h -------------------------------------------------------------------------------- References: [ 1 ] Bug #872158 - perl-DateTime-TimeZone-1.52 is available https://bugzilla.redhat.com/show_bug.cgi?id=872158 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
