The following Fedora 16 Security updates need testing: Age URL 14 https://admin.fedoraproject.org/updates/FEDORA-2012-17376/seamonkey-2.13.2-1.fc16 54 https://admin.fedoraproject.org/updates/FEDORA-2012-14452/bacula-5.0.3-33.fc16 27 https://admin.fedoraproject.org/updates/FEDORA-2012-16415/389-ds-base-1.2.10.16-1.fc16 11 https://admin.fedoraproject.org/updates/FEDORA-2012-17553/libproxy-0.4.10-1.fc16 132 https://admin.fedoraproject.org/updates/FEDORA-2012-10314/revelation-0.4.14-1.fc16 52 https://admin.fedoraproject.org/updates/FEDORA-2012-14654/tor-0.2.2.39-1600.fc16 33 https://admin.fedoraproject.org/updates/FEDORA-2012-16032/cobbler-2.4.0-beta2.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-18006/weechat-0.3.8-3.fc16 7 https://admin.fedoraproject.org/updates/FEDORA-2012-17746/libsocialweb-0.25.21-1.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-18224/bugzilla-4.0.9-1.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-18249/xen-4.1.3-4.fc16 14 https://admin.fedoraproject.org/updates/FEDORA-2012-17291/thunderbird-16.0.2-1.fc16 5 https://admin.fedoraproject.org/updates/FEDORA-2012-17854/cumin-0.1.5522-4.fc16 The following Fedora 16 Critical Path updates have yet to be approved: Age URL 0 https://admin.fedoraproject.org/updates/FEDORA-2012-18243/selinux-policy-3.10.0-96.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2012-18217/nss-util-3.13.6-2.fc16,nss-softokn-3.13.6-2.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-17969/gnome-keyring-3.2.2-2.fc16 7 https://admin.fedoraproject.org/updates/FEDORA-2012-17746/libsocialweb-0.25.21-1.fc16 7 https://admin.fedoraproject.org/updates/FEDORA-2012-17755/NetworkManager-0.9.6.4-1.fc16 7 https://admin.fedoraproject.org/updates/FEDORA-2012-17766/coreutils-8.12-8.fc16 8 https://admin.fedoraproject.org/updates/FEDORA-2012-17660/gnutls-2.12.14-4.fc16 11 https://admin.fedoraproject.org/updates/FEDORA-2012-17572/libfm-1.1.0-1.fc16,pcmanfm-1.1.0-1.fc16 11 https://admin.fedoraproject.org/updates/FEDORA-2012-17553/libproxy-0.4.10-1.fc16 The following builds have been pushed to Fedora 16 updates-testing BitchX-1.2-19.fc16 R-qtl-1.25.15-1.fc16 bugzilla-4.0.9-1.fc16 collectl-3.6.5-1.fc16 glances-1.5-1.fc16 glances-1.5.1-1.fc16 nss-softokn-3.13.6-2.fc16 nss-util-3.13.6-2.fc16 perl-DateTime-TimeZone-1.54-1.fc16 perl-HTML-RewriteAttributes-0.05-1.fc16 perl-No-Worries-0.7-1.fc16 php-channel-pirum-1.3-1.fc16 php-channel-symfony2-1.3-1.fc16 php-channel-twig-1.3-1.fc16 pyfits-3.0.9-1.fc16 selinux-policy-3.10.0-96.fc16 sysstat-10.0.2-3.fc16 taskjuggler-2.4.3-13.fc16 wine-1.5.17-1.fc16 xen-4.1.3-4.fc16 znc-1.0-1.fc16 Details about builds: ================================================================================ BitchX-1.2-19.fc16 (FEDORA-2012-18250) IrcII chat client -------------------------------------------------------------------------------- Update Information: Latest upstream release, remove .git stuff and fix some minor bugs. updated to latest upstream code updated to latest upstream code updated to latest upstream code updated to latest upstream code updated to latest upstream code -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 13 2012 Dan Mashal <dan.mashal@xxxxxxxxxxxxxxxxx> 1.2-19 - Bugfix release * Thu Nov 1 2012 Dan Mashal <dan.mashal@xxxxxxxxxxxxxxxxx> 1.2-18 - Update to upstream version 1.2c02 which fixes quit msgs in SSL mode. -------------------------------------------------------------------------------- ================================================================================ R-qtl-1.25.15-1.fc16 (FEDORA-2012-18227) Tools for analyzing QTL experiments -------------------------------------------------------------------------------- Update Information: New upstream release. -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 13 2012 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 1.25.15-1 - New upstream release * Wed Jul 18 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.23.16-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ bugzilla-4.0.9-1.fc16 (FEDORA-2012-18224) Bug tracking system -------------------------------------------------------------------------------- Update Information: These releases fix a number of issues with Bugzilla. * Confidential product and component names can be disclosed to unauthorized users if they are used to control the visibility of a custom field. * When calling the 'User.get' WebService method with a 'groups' argument, it is possible to check if the given group names exist or not. * Due to incorrectly filtered field values in tabular reports, it is possible to inject code which can lead to XSS. * When trying to mark an attachment in a bug you cannot see as obsolete, the description of the attachment is disclosed in the error message. * A vulnerability in swfstore.swf from YUI2 can lead to XSS. Please refer to the security advisory for more details. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 14 2012 Emmanuel Seyman <emmanuel@xxxxxxxxx> - 4.0.9-1 - Update to 4.0.9 -------------------------------------------------------------------------------- ================================================================================ collectl-3.6.5-1.fc16 (FEDORA-2012-18211) A utility to collect various Linux performance data -------------------------------------------------------------------------------- Update Information: - update to upstream version 3.6.5 - upstream changelog at http://collectl.sourceforge.net/Releases.html -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 12 2012 Dan Horák <dan[at]danny.cz> - 3.6.5-1 - upgrade to upstream version 3.6.5 -------------------------------------------------------------------------------- ================================================================================ glances-1.5-1.fc16 (FEDORA-2012-18233) CLI curses based monitoring tool -------------------------------------------------------------------------------- Update Information: upgrade to version 1.5 add missing dependancies Upgrade to version 1.4, glances is now using psUtils instead of pystatgrab. Upgrade to version 1.4, glances is now using psUtils instead of pystatgrab. Upgrade to version 1.4, glances is now using psUtils instead of pystatgrab. -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 8 2012 Edouard Bourguignon <madko@xxxxxxxxxxx> - 1.5-1 - Upgrade to 1.5 * Sat Sep 1 2012 Edouard Bourguignon <madko@xxxxxxxxxxx> - 1.4.1.1-1 - Upgrade to 1.4.1.1 * Tue Aug 21 2012 Edouard Bourguignon <madko@xxxxxxxxxxx> - 1.4-2 - Adding missing dependencies - Removing shebang in non-executable files * Tue Aug 21 2012 Edouard Bourguignon <madko@xxxxxxxxxxx> - 1.4-1 - Upgrade to version 1.4 * Thu Jul 19 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3.7-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Mon Feb 13 2012 Edouard Bourguignon <madko@xxxxxxxxxxx> - 1.3.7-2 - Add version for python -------------------------------------------------------------------------------- ================================================================================ glances-1.5.1-1.fc16 (FEDORA-2012-18251) CLI curses based monitoring tool -------------------------------------------------------------------------------- Update Information: Upgrade to 1.5.1 (fix compute data bug) -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 13 2012 Edouard Bourguignon <madko@xxxxxxxxxxx> - 1.5.1-1 - Upgrade to 1.5.1 (fix compute data on el6) * Thu Nov 8 2012 Edouard Bourguignon <madko@xxxxxxxxxxx> - 1.5-1 - Upgrade to 1.5 * Sat Sep 1 2012 Edouard Bourguignon <madko@xxxxxxxxxxx> - 1.4.1.1-1 - Upgrade to 1.4.1.1 * Tue Aug 21 2012 Edouard Bourguignon <madko@xxxxxxxxxxx> - 1.4-2 - Adding missing dependencies - Removing shebang in non-executable files * Tue Aug 21 2012 Edouard Bourguignon <madko@xxxxxxxxxxx> - 1.4-1 - Upgrade to version 1.4 * Thu Jul 19 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3.7-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Mon Feb 13 2012 Edouard Bourguignon <madko@xxxxxxxxxxx> - 1.3.7-2 - Add version for python -------------------------------------------------------------------------------- ================================================================================ nss-softokn-3.13.6-2.fc16 (FEDORA-2012-18217) Network Security Services Softoken Module -------------------------------------------------------------------------------- Update Information: This update is to prevent install conflicts when updating to nss-3.14. With the nss-3.14 set of devel packages there has been a change of ownership, so to speak, of some headers which could result in update conflicts if one tries to update nss-util-devel. One such case is with nss-util-devel which as of 3.14 will provide hasht.h which hd previously had ben installed by nss-softokn-devel on 3.13.6-1 or earlier. This 3.12.6-2 update is able to swap package "ownership" of the header and thus ensure that the anticipated conflicts will not occur. For best results the whole set should be applied. Likewise, when the time comes to update to 3.14 please update the entire set at once. -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 13 2012 Elio Maldonado <emaldona@xxxxxxxxxx> - 3.13.6-2 - Bootstrapping build prior to upcoming update of nss packages to nss-3.14 - Don't install sechasht.h as nss-util-devel will install when updated to 3.14 - Prevent update conflict between nss-util-devel-3.14 and nss-softokn-devel-3.13.6 -------------------------------------------------------------------------------- ================================================================================ nss-util-3.13.6-2.fc16 (FEDORA-2012-18217) Network Security Services Utilities Library -------------------------------------------------------------------------------- Update Information: This update is to prevent install conflicts when updating to nss-3.14. With the nss-3.14 set of devel packages there has been a change of ownership, so to speak, of some headers which could result in update conflicts if one tries to update nss-util-devel. One such case is with nss-util-devel which as of 3.14 will provide hasht.h which hd previously had ben installed by nss-softokn-devel on 3.13.6-1 or earlier. This 3.12.6-2 update is able to swap package "ownership" of the header and thus ensure that the anticipated conflicts will not occur. For best results the whole set should be applied. Likewise, when the time comes to update to 3.14 please update the entire set at once. -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 12 2012 Elio Maldonado <emaldona@xxxxxxxxxx> - 3.13.6-2 - Part 2 of bootstrapping builds to provide a conflict-free update to 3.14 next - nss-util-devel will provide sechash.t as nss-softoken-devel won't - As of nss-softokn-3.13.6-2 nss-softokn-devel stopped installing hasht.t - providing it to have the full set of installed headers -------------------------------------------------------------------------------- ================================================================================ perl-DateTime-TimeZone-1.54-1.fc16 (FEDORA-2012-18244) Time zone object base class and factory -------------------------------------------------------------------------------- Update Information: Olson 2012j version brings updates for Cuba and Libya. -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 13 2012 Petr Pisar <ppisar@xxxxxxxxxx> - 1.54-1 - update to latest upstream version - Olson 2012j -------------------------------------------------------------------------------- References: [ 1 ] Bug #872994 - perl-DateTime-TimeZone-1.54 is available https://bugzilla.redhat.com/show_bug.cgi?id=872994 -------------------------------------------------------------------------------- ================================================================================ perl-HTML-RewriteAttributes-0.05-1.fc16 (FEDORA-2012-18198) Concise attribute rewriting -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 13 2012 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> 0.05-1 - Upstream update. - Spec file cleanup. -------------------------------------------------------------------------------- ================================================================================ perl-No-Worries-0.7-1.fc16 (FEDORA-2012-18232) Perl coding without worries -------------------------------------------------------------------------------- Update Information: updating to latest upstream version 0.7 -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 14 2012 Massimo Paladin <massimo.paladin@xxxxxxxxx> 0.7-1 - Updating to latest upstream version. -------------------------------------------------------------------------------- References: [ 1 ] Bug #875603 - Upgrade to new upstream version https://bugzilla.redhat.com/show_bug.cgi?id=875603 -------------------------------------------------------------------------------- ================================================================================ php-channel-pirum-1.3-1.fc16 (FEDORA-2012-18221) Adds pear.pirum-project.org channel to PEAR -------------------------------------------------------------------------------- Update Information: Minor RPM-only update - Updated version to match channel REST version - Removed version from virtual provide -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- ================================================================================ php-channel-symfony2-1.3-1.fc16 (FEDORA-2012-18221) Adds pear.symfony.com channel to PEAR -------------------------------------------------------------------------------- Update Information: Minor RPM-only update - Updated version to match channel REST version - Removed version from virtual provide -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 13 2012 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 1.3-1 - Updated version to match channel REST version - Removed version from virtual provide * Fri Jul 20 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ php-channel-twig-1.3-1.fc16 (FEDORA-2012-18221) Adds pear.twig-project.org channel to PEAR -------------------------------------------------------------------------------- Update Information: Minor RPM-only update - Updated version to match channel REST version - Removed version from virtual provide -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 13 2012 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 1.3-1 - Updated version to match channel REST version - Removed version from virtual provide * Fri Jul 20 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ pyfits-3.0.9-1.fc16 (FEDORA-2012-18222) Python interface to FITS -------------------------------------------------------------------------------- Update Information: Bugfix release in the 3.0.x series -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 12 2012 Sergio Pascual <sergiopr@xxxxxxxxxxxxxxxxx> - 3.0.9-1 - New upstream source (bugfix) -------------------------------------------------------------------------------- ================================================================================ selinux-policy-3.10.0-96.fc16 (FEDORA-2012-18243) SELinux policy configuration -------------------------------------------------------------------------------- Update Information: Here is where you give an explanation of your update. -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 13 2012 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.10.0-96 - httpd needs to send signull to openshift init script - Allow prelink_cron_system_t to overide user componant when cp -a- - Openshift seems to be storing apache logs in /var/lib/openshift/.log/httpd - Allow setuid/setgid for cupsd-config - New ypbind pkg wants to search /var/run which is caused by sd_notify * Thu Nov 1 2012 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.10.0-95 - Add support for OpenShift sbin labeling * Wed Oct 31 2012 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.10.0-94 - Add httpd_verify_dns boolean - Add label for log directory under /var/www/stickshift - Allow openshift domains to use /dev/shm - Dontaudit leaked fifo files from openshift to ping - Allow nsswitch domains to read SAMBA conf files * Mon Oct 22 2012 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.10.0-93 - Add labeling for mcollectived - Allow openshift domains to read localization * Fri Oct 12 2012 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.10.0-92 - Fix httpd_stickshift boolean - Backport openshift policy -------------------------------------------------------------------------------- References: [ 1 ] Bug #846516 - SELinux is preventing /opt/google/chrome/chrome from 'read' accesses on the file /media/BLACKBERRY2/blackberry/camera/IMG-20120804-00252.jpg. https://bugzilla.redhat.com/show_bug.cgi?id=846516 [ 2 ] Bug #848339 - SELinux is preventing /usr/bin/perl from 'read' accesses on the file /var/lightsquid/20120801/.features. https://bugzilla.redhat.com/show_bug.cgi?id=848339 [ 3 ] Bug #855676 - SELinux is preventing /usr/bin/pkcon from 'execute' accesses on the file /usr/bin/pkcon. https://bugzilla.redhat.com/show_bug.cgi?id=855676 [ 4 ] Bug #855684 - SELinux is preventing /usr/bin/python2.7 from 'search' accesses on the directory /root/.local. https://bugzilla.redhat.com/show_bug.cgi?id=855684 [ 5 ] Bug #855685 - SELinux is preventing /usr/bin/zarafa-dagent from using the 'chown' capabilities. https://bugzilla.redhat.com/show_bug.cgi?id=855685 [ 6 ] Bug #860946 - SELinux is preventing /usr/sbin/tmpwatch from read access on the directory /. https://bugzilla.redhat.com/show_bug.cgi?id=860946 [ 7 ] Bug #861778 - SElinux AVC denial for hp-sendfax https://bugzilla.redhat.com/show_bug.cgi?id=861778 [ 8 ] Bug #868946 - SELinux is preventing rpc.idmapd from 'read' accesses on the file /etc/samba/smb.conf. https://bugzilla.redhat.com/show_bug.cgi?id=868946 [ 9 ] Bug #869335 - cupsd_config_t type needs setgid and setuid capabilities https://bugzilla.redhat.com/show_bug.cgi?id=869335 [ 10 ] Bug #872559 - ypbind-1.36-7.fc16 don't start because SELinux problem (search init_var_run_t denied) https://bugzilla.redhat.com/show_bug.cgi?id=872559 [ 11 ] Bug #839191 - SELinux policy doesn't allow freshclam to update through http proxy https://bugzilla.redhat.com/show_bug.cgi?id=839191 [ 12 ] Bug #844784 - SElinux Policy for Spampd https://bugzilla.redhat.com/show_bug.cgi?id=844784 [ 13 ] Bug #844957 - SElinux Policy for SQLgrey https://bugzilla.redhat.com/show_bug.cgi?id=844957 -------------------------------------------------------------------------------- ================================================================================ sysstat-10.0.2-3.fc16 (FEDORA-2012-18213) The sar and iostat system monitoring commands -------------------------------------------------------------------------------- Update Information: This update fixes invalid xml output from sadf -x command. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 14 2012 Peter Schiffer <pschiffe@xxxxxxxxxx> - 10.0.2-3 - resolves: #859102 fixed invalid xml output of sadf -x command -------------------------------------------------------------------------------- References: [ 1 ] Bug #859102 - sadf -x produces bad xml https://bugzilla.redhat.com/show_bug.cgi?id=859102 -------------------------------------------------------------------------------- ================================================================================ taskjuggler-2.4.3-13.fc16 (FEDORA-2012-18216) Project management tool -------------------------------------------------------------------------------- Update Information: Fix crash when opening invalid file. -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 13 2012 Radek Novacek <rnovacek@xxxxxxxxxx> 2.4.3-13 - Fix crash in FileInfo destructor - Resolves: #844730 * Mon Jul 23 2012 Radek Novacek <rnovacek@xxxxxxxxxx> 2.4.3-12 - Fix reading gzipped XMLs * Sat Jul 21 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.4.3-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sat Jan 14 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.4.3-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Tue Dec 6 2011 Adam Jackson <ajax@xxxxxxxxxx> - 2.4.3-9 - Rebuild for new libpng * Tue Nov 29 2011 Radek Novacek <rnovacek@xxxxxxxxxx> 2.4.3-8 - Fix BR condition to include rhel -------------------------------------------------------------------------------- References: [ 1 ] Bug #844730 - segv on bbad file https://bugzilla.redhat.com/show_bug.cgi?id=844730 -------------------------------------------------------------------------------- ================================================================================ wine-1.5.17-1.fc16 (FEDORA-2012-18246) A compatibility layer for windows applications -------------------------------------------------------------------------------- Update Information: * Sub-pixel font anti-aliasing in the DIB engine. * Support for automatic installation of ActiveX controls. * Automatic fallback to TLS 1.0 for secure connections. * Beginnings of the DirectWrite text analyzer. * Better handling of font outlines in OpenGL. * Various bug fixes. -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 12 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 1.5.17-1 - version upgrade - upgraded winepulse -------------------------------------------------------------------------------- References: [ 1 ] Bug #871941 - wine 1.5.16 resets sound to alsa and sound is creaking https://bugzilla.redhat.com/show_bug.cgi?id=871941 -------------------------------------------------------------------------------- ================================================================================ xen-4.1.3-4.fc16 (FEDORA-2012-18249) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: A guest can block a cpu by setting a bad VCPU deadline [XSA 20, CVE-2012-4535] (#876198) HVM guest can use invalid pirq values to crash xen [XSA 21, CVE-2012-4536] (#876200) HVM guest can exhaust p2m table crashing xen [XSA 22, CVE-2012-4537] (#876203) PAE HVM guest can crash hypervisor [XSA-23, CVE-2012-4538] (#876205) 32-bit PV guest on 64-bit hypervisor can cause an hypervisor infinite loop [XSA-24, CVE-2012-4539] (#876207) -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 13 2012 Michael Young <m.a.young@xxxxxxxxxxxx> - 4.1.3-4 - 5 security fixes A guest can block a cpu by setting a bad VCPU deadline [XSA 20, CVE-2012-4535] (#876198) HVM guest can use invalid pirq values to crash xen [XSA 21, CVE-2012-4536] (#876200) HVM guest can exhaust p2m table crashing xen [XSA 22, CVE-2012-4537] (#876203) PAE HVM guest can crash hypervisor [XSA-23, CVE-2012-4538] (#876205) 32-bit PV guest on 64-bit hypervisor can cause an hypervisor infinite loop [XSA-24, CVE-2012-4539] (#876207) -------------------------------------------------------------------------------- References: [ 1 ] Bug #870086 - CVE-2012-4535 kernel: xen: VCPU timer overflow leads to PCPU deadlock and host death-by-watchdog https://bugzilla.redhat.com/show_bug.cgi?id=870086 [ 2 ] Bug #870096 - CVE-2012-4536 kernel: xen: PIRQ unmap missing range check causes hypervisor crash https://bugzilla.redhat.com/show_bug.cgi?id=870096 [ 3 ] Bug #870101 - CVE-2012-4537 kernel: xen: Memory mapping failure can crash Xen https://bugzilla.redhat.com/show_bug.cgi?id=870101 [ 4 ] Bug #870106 - CVE-2012-4538 kernel: xen: Unhooking empty PAE entries can crash Xen https://bugzilla.redhat.com/show_bug.cgi?id=870106 [ 5 ] Bug #870110 - CVE-2012-4539 kernel: xen: Grant Table hypercall infinite loop can crash Xen https://bugzilla.redhat.com/show_bug.cgi?id=870110 -------------------------------------------------------------------------------- ================================================================================ znc-1.0-1.fc16 (FEDORA-2012-18215) An advanced IRC bouncer -------------------------------------------------------------------------------- Update Information: Update to ZNC 1.0 -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 13 2012 Nick Bebout <nb@xxxxxxxxxxxxxxxxx> - 1.0-1 - Update to 1.0 * Thu Oct 18 2012 Nick Bebout <nb@xxxxxxxxxxxxxxxxx> - 1.0-0.2.beta1 - Update to 1.0-beta1 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test