The following Fedora 17 Security updates need testing: Age URL 1 https://admin.fedoraproject.org/updates/FEDORA-2012-19442/php-symfony2-HttpFoundation-2.1.4-1.fc17 10 https://admin.fedoraproject.org/updates/FEDORA-2012-18748/android-tools-20121120git3ddc005-1.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2012-19233/plexus-cipher-1.5-11.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2012-19533/weechat-0.3.9.2-2.fc17 1 https://admin.fedoraproject.org/updates/FEDORA-2012-19341/openstack-keystone-2012.1.3-3.fc17 8 https://admin.fedoraproject.org/updates/FEDORA-2012-18952/seamonkey-2.14-1.fc17 70 https://admin.fedoraproject.org/updates/FEDORA-2012-14650/tor-0.2.2.39-1700.fc17 8 https://admin.fedoraproject.org/updates/FEDORA-2012-18950/cups-pk-helper-0.2.2-2.fc17 51 https://admin.fedoraproject.org/updates/FEDORA-2012-16048/cobbler-2.4.0-beta2.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2012-19356/cups-1.5.4-13.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2012-19349/mc-4.8.6-2.fc17 7 https://admin.fedoraproject.org/updates/FEDORA-2012-19042/mate-settings-daemon-1.5.3-5.fc17 11 https://admin.fedoraproject.org/updates/FEDORA-2012-18659/gnome-system-log-3.4.1-3.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2012-19203/squashfs-tools-4.2-5.fc17 150 https://admin.fedoraproject.org/updates/FEDORA-2012-10269/revelation-0.4.14-1.fc17 1 https://admin.fedoraproject.org/updates/FEDORA-2012-19464/drupal6-ctools-1.10-1.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2012-19282/perl-CGI-3.52-218.fc17,perl-5.14.3-218.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2012-19235/php-symfony-symfony-1.4.20-2.fc17 The following Fedora 17 Critical Path updates have yet to be approved: Age URL 1 https://admin.fedoraproject.org/updates/FEDORA-2012-19451/xulrunner-17.0.1-1.fc17,firefox-17.0.1-1.fc17 1 https://admin.fedoraproject.org/updates/FEDORA-2012-19496/control-center-3.4.3-1.fc17,libwacom-0.6.1-1.fc17,gnome-settings-daemon-3.4.2-4.fc17 1 https://admin.fedoraproject.org/updates/FEDORA-2012-19478/mutter-3.4.1-4.fc17 1 https://admin.fedoraproject.org/updates/FEDORA-2012-19446/phonon-backend-gstreamer-4.6.2-2.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2012-19344/xorg-x11-drv-intel-2.20.14-1.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2012-19350/ModemManager-0.6.0.0-2.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2012-19354/xfwm4-4.8.3-3.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2012-19262/bash-4.2.39-2.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2012-19252/openssh-5.9p1-28.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2012-19282/perl-CGI-3.52-218.fc17,perl-5.14.3-218.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2012-19208/lxpanel-0.5.10-3.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2012-19203/squashfs-tools-4.2-5.fc17 7 https://admin.fedoraproject.org/updates/FEDORA-2012-19048/json-c-0.10-2.fc17 7 https://admin.fedoraproject.org/updates/FEDORA-2012-19014/json-c-0.10-1.fc17 7 https://admin.fedoraproject.org/updates/FEDORA-2012-19006/nss-util-3.14-1.fc17,nss-softokn-3.14-5.fc17,nss-3.14-7.fc17 8 https://admin.fedoraproject.org/updates/FEDORA-2012-18950/cups-pk-helper-0.2.2-2.fc17 8 https://admin.fedoraproject.org/updates/FEDORA-2012-18937/kdelibs-4.9.3-4.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2012-18850/cronie-1.4.10-1.fc17 10 https://admin.fedoraproject.org/updates/FEDORA-2012-18759/python-urlgrabber-3.9.1-17.fc17 11 https://admin.fedoraproject.org/updates/FEDORA-2012-18651/jack-audio-connection-kit-1.9.8-11.fc17 12 https://admin.fedoraproject.org/updates/FEDORA-2012-18542/dnsmasq-2.63-2.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2012-18329/abrt-2.0.19-2.fc17,libreport-2.0.19-2.fc17,btparser-0.23-1.fc17 The following builds have been pushed to Fedora 17 updates-testing NetworkManager-l2tp-0.9.6-2.fc17 OpenLP-2.0-1.fc17 mate-netspeed-1.5.0-1.fc17 paris-traceroute-0.92-2.fc17 perl-Config-Validator-0.6-1.fc17 perl-Directory-Queue-1.7-1.fc17 perl-Messaging-Message-1.4-1.fc17 php-Pimple-1.0.0-2.fc17 putty-0.62-3.fc17 python-fdb-0.9.9-1.fc17 python-zope-interface-4.0.2-3.fc17 syncevolution-1.3.2-1.fc17 ugene-1.11.3-2.fc17 unison240-2.40.102-1.fc17 vfrnav-20121111-1.fc17 vile-9.8i-1.fc17 weechat-0.3.9.2-2.fc17 Details about builds: ================================================================================ NetworkManager-l2tp-0.9.6-2.fc17 (FEDORA-2012-19546) NetworkManager VPN plugin for l2tp -------------------------------------------------------------------------------- Update Information: A new package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #878653 - Review Request: NetworkManager-l2tp - NetworkManager VPN plugin for l2tp https://bugzilla.redhat.com/show_bug.cgi?id=878653 -------------------------------------------------------------------------------- ================================================================================ OpenLP-2.0-1.fc17 (FEDORA-2012-19550) Open source Church presentation and lyrics projection application -------------------------------------------------------------------------------- Update Information: Release 2.0 of OpenLP -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 30 2012 Tim Bentley <timbentley@xxxxxxxxxx> - 2.0-1 - Release 2.0 -------------------------------------------------------------------------------- ================================================================================ mate-netspeed-1.5.0-1.fc17 (FEDORA-2012-19539) MATE netspeed -------------------------------------------------------------------------------- Update Information: MATE Netspeed applet -------------------------------------------------------------------------------- References: [ 1 ] Bug #882539 - Review Request: mate-netspeed - MATE Desktop netspeed app https://bugzilla.redhat.com/show_bug.cgi?id=882539 -------------------------------------------------------------------------------- ================================================================================ paris-traceroute-0.92-2.fc17 (FEDORA-2012-19542) A network diagnosis and measurement tool -------------------------------------------------------------------------------- Update Information: * Sun Oct 21 2012 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 0.92-2 - Minor changes * Fri Mar 30 2012 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 0.92-1 - Initial package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #868666 - Review Request: paris-traceroute - A network diagnosis and measurement tool https://bugzilla.redhat.com/show_bug.cgi?id=868666 -------------------------------------------------------------------------------- ================================================================================ perl-Config-Validator-0.6-1.fc17 (FEDORA-2012-19548) Schema based configuration validation -------------------------------------------------------------------------------- Update Information: updating to latest upstream version 0.6 -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 20 2012 Massimo Paladin <massimo.paladin@xxxxxxxxx> 0.6-1 - Update to 0.6. * Fri Jul 20 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.4-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Tue Jun 12 2012 Petr Pisar <ppisar@xxxxxxxxxx> - 0.4-2 - Perl 5.16 rebuild -------------------------------------------------------------------------------- ================================================================================ perl-Directory-Queue-1.7-1.fc17 (FEDORA-2012-19544) Object oriented interface to a directory based queue -------------------------------------------------------------------------------- Update Information: updating to latest upstream version 1.7 -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 20 2012 Massimo Paladin <massimo.paladin@xxxxxxxxx> - 1.7-1 - Update to 1.7 rhbz#877951. * Fri Jul 20 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.6-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Tue Jun 12 2012 Petr Pisar <ppisar@xxxxxxxxxx> - 1.6-2 - Perl 5.16 rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #877951 - Upgrade to new upstream version https://bugzilla.redhat.com/show_bug.cgi?id=877951 -------------------------------------------------------------------------------- ================================================================================ perl-Messaging-Message-1.4-1.fc17 (FEDORA-2012-19553) Abstraction of a message -------------------------------------------------------------------------------- Update Information: updating to latest upstream version 1.4 -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 20 2012 Massimo Paladin <massimo.paladin@xxxxxxxxx> 1.4-1 - Upgrade to 1.4 upstream version. * Fri Jul 20 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sat Jun 16 2012 Petr Pisar <ppisar@xxxxxxxxxx> - 1.3-2 - Perl 5.16 rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #877952 - Upgrade to new upstream version https://bugzilla.redhat.com/show_bug.cgi?id=877952 -------------------------------------------------------------------------------- ================================================================================ php-Pimple-1.0.0-2.fc17 (FEDORA-2012-19541) A simple Dependency Injection Container for PHP -------------------------------------------------------------------------------- Update Information: Pimple is a small Dependency Injection Container for PHP that consists of just one file and one class. -------------------------------------------------------------------------------- References: [ 1 ] Bug #882418 - Review Request: php-Pimple - A simple Dependency Injection Container for PHP 5.3 https://bugzilla.redhat.com/show_bug.cgi?id=882418 -------------------------------------------------------------------------------- ================================================================================ putty-0.62-3.fc17 (FEDORA-2012-19532) SSH, Telnet and Rlogin client -------------------------------------------------------------------------------- Update Information: This is new version of package that fixes several bugs. -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 26 2012 Jaroslav Škarvada <jskarvad@xxxxxxxxxx> - 0.62-3 - Added missing ImageMagick BuildRequires * Wed Sep 19 2012 Jaroslav Škarvada <jskarvad@xxxxxxxxxx> - 0.62-2 - Generated icon from sources * Tue Aug 7 2012 Jaroslav Škarvada <jskarvad@xxxxxxxxxx> - 0.62-1 - New version * Sat Jan 14 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.60-9.20100910svn - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Tue Dec 6 2011 Adam Jackson <ajax@xxxxxxxxxx> - 0.60-8.20100910svn - Rebuild for new libpng -------------------------------------------------------------------------------- References: [ 1 ] Bug #846348 - Review Request: putty - SSH, Telnet and Rlogin client https://bugzilla.redhat.com/show_bug.cgi?id=846348 -------------------------------------------------------------------------------- ================================================================================ python-fdb-0.9.9-1.fc17 (FEDORA-2012-19545) Firebird RDBMS bindings for Python -------------------------------------------------------------------------------- Update Information: New upstream bugfix. Firebird RDBMS bindings for Python. -------------------------------------------------------------------------------- References: [ 1 ] Bug #875506 - Review Request: python-fdb - Firebird RDBMS bindings for Python https://bugzilla.redhat.com/show_bug.cgi?id=875506 -------------------------------------------------------------------------------- ================================================================================ python-zope-interface-4.0.2-3.fc17 (FEDORA-2012-19549) Zope 3 Interface Infrastructure -------------------------------------------------------------------------------- Update Information: Fix typo to python-zope-event requirement. Upstream release and a python3 subpackage. -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 29 2012 Ralph Bean <rbean@xxxxxxxxxx> - 4.0.2-3 - Typofix to python-zope-event requirement. * Thu Nov 29 2012 Ralph Bean <rbean@xxxxxxxxxx> - 4.0.2-2 - Added dependency on python-zope-event. * Wed Nov 28 2012 Ralph Bean <rbean@xxxxxxxxxx> - 4.0.2-1 - Latest upstream release. - Python3 subpackage. - Rearrange the way we package docs. * Sat Jul 21 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.7.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #882494 - python-zope-interface (python2) depends on python3-zope-event https://bugzilla.redhat.com/show_bug.cgi?id=882494 -------------------------------------------------------------------------------- ================================================================================ syncevolution-1.3.2-1.fc17 (FEDORA-2012-19554) SyncML client for evolution -------------------------------------------------------------------------------- Update Information: New upstream 1.3.2 stable release: - Fix auto sync - Force build against gtk3 - drop old build dependencies - Fix desktop icon - gtk-ui runs properly This should fix the issue with the desktop file. It also enables webdav support New upstream stable bugfix release. -------------------------------------------------------------------------------- ChangeLog: * Sat Dec 1 2012 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> 1:1.3.2-1 - 1.3.2 stable release - Drop old dependencies and force build against gtk3 - Update icon cache for desktop icon * Tue Nov 20 2012 Milan Crha <mcrha@xxxxxxxxxx> - 1:1.3.1-4 - Rebuild against newer evolution-data-server * Thu Oct 25 2012 Milan Crha <mcrha@xxxxxxxxxx> - 1:1.3.1-3 - Rebuild against newer evolution-data-server * Sat Oct 20 2012 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> 1:1.3.1-2 - Fix desktop file, enable DAV * Mon Oct 8 2012 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> 1:1.3.1-1 - 1.3.1 stable release * Tue Sep 18 2012 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - 1:1.3-2 - Add patch to fix build detecting gio -------------------------------------------------------------------------------- References: [ 1 ] Bug #877309 - [abrt] syncevolution-gtk-1.3.1-2.fc18: do_pre_parse_initialization: Process /usr/bin/sync-ui was killed by signal 5 (SIGTRAP) https://bugzilla.redhat.com/show_bug.cgi?id=877309 [ 2 ] Bug #866464 - The sync-ui-gtk executable is missing in syncevolution-gtk-1.3-1 https://bugzilla.redhat.com/show_bug.cgi?id=866464 [ 3 ] Bug #790496 - Can't use WebDAV with SyncEvolution because it's not compiled https://bugzilla.redhat.com/show_bug.cgi?id=790496 [ 4 ] Bug #861720 - [abrt] syncevolution-gtk-1.3-1.fc17: do_pre_parse_initialization: Process /usr/bin/sync-ui was killed by signal 5 (SIGTRAP) https://bugzilla.redhat.com/show_bug.cgi?id=861720 [ 5 ] Bug #862028 - [abrt] syncevolution-gtk-1.3-1.fc17: g_logv: Process /usr/bin/sync-ui was killed by signal 5 (SIGTRAP) https://bugzilla.redhat.com/show_bug.cgi?id=862028 [ 6 ] Bug #863094 - [abrt] syncevolution-1.3-1.fc17: __cxxabiv1::__unexpected: Process /usr/libexec/syncevo-dbus-server was killed by signal 6 (SIGABRT) https://bugzilla.redhat.com/show_bug.cgi?id=863094 -------------------------------------------------------------------------------- ================================================================================ ugene-1.11.3-2.fc17 (FEDORA-2012-19551) Integrated bioinformatics toolkit -------------------------------------------------------------------------------- Update Information: - fix/update qt-related dependencies * let's return ugene back! -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 27 2012 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.11.3-2 - fix/update qt-related dependencies * Fri Nov 2 2012 Yulia Algaer <yalgaer@xxxxxxxxx> - 1.11.3-1 - Upstream version change * Wed Oct 3 2012 Yulia Algaer <yalgaer@xxxxxxxxx> - 1.11.2-1 - Upstream version change -------------------------------------------------------------------------------- References: [ 1 ] Bug #866325 - Review Request: ugene - genome analysis suite https://bugzilla.redhat.com/show_bug.cgi?id=866325 -------------------------------------------------------------------------------- ================================================================================ unison240-2.40.102-1.fc17 (FEDORA-2012-19535) Multi-master File synchronization tool -------------------------------------------------------------------------------- Update Information: fixes incompatibility between unison ocaml3 and ocaml4 builds -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 15 2012 Gregor Tätzner <brummbq@xxxxxxxxxxxxxxxxx> - 2.40.102-1 - 2.40.102 - fixes incompatibility between unison ocaml3 and ocaml4 builds * Sun Jul 22 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.40.63-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ vfrnav-20121111-1.fc17 (FEDORA-2012-19552) VFR/IFR Navigation -------------------------------------------------------------------------------- Update Information: update to 20121111 -------------------------------------------------------------------------------- ChangeLog: * Sat Dec 1 2012 Thomas Sailer <t.sailer@xxxxxxxxxxxxxx> - 20121111-1 - update to 20121111 -------------------------------------------------------------------------------- ================================================================================ vile-9.8i-1.fc17 (FEDORA-2012-19540) VI Like Emacs -------------------------------------------------------------------------------- Update Information: upgrade to 9.8i -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 2 2012 Mark McKinstry <mmckinst@xxxxxxxxxxx> - 9.8i-1 - upgrade to 9.8i - use better icons -------------------------------------------------------------------------------- ================================================================================ weechat-0.3.9.2-2.fc17 (FEDORA-2012-19533) Portable, fast, light and extensible IRC client -------------------------------------------------------------------------------- Update Information: New upstream version Fix arbitrary code execution due to call of shell when executing command within hook_process Fix the security bug in the linked Bugzilla. -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 2 2012 Paul Komkoff <i@xxxxxxxxxx> - 0.3.9.2-2 - add zlib-devel dependency for epel6/ppc build * Sat Dec 1 2012 Paul P. Komkoff Jr <i@xxxxxxxxxx> - 0.3.9.2-1 - new upstream, long overdue -------------------------------------------------------------------------------- References: [ 1 ] Bug #878025 - CVE-2012-5534 weechat (scripts / plug-ins): Arbitrary code execution due to call of shell when executing command within hook_process https://bugzilla.redhat.com/show_bug.cgi?id=878025 [ 2 ] Bug #875181 - CVE-2012-5854 weechat: Heap-based buffer overflow when decoding IRC colors https://bugzilla.redhat.com/show_bug.cgi?id=875181 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
