The following Fedora 17 Security updates need testing: Age URL 4 https://admin.fedoraproject.org/updates/FEDORA-2012-19442/php-symfony2-HttpFoundation-2.1.4-1.fc17 1 https://admin.fedoraproject.org/updates/FEDORA-2012-19717/xen-4.1.3-7.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2012-19830/bind-9.9.2-3.P1.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2012-19833/mysql-5.5.28-2.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2012-19533/weechat-0.3.9.2-2.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2012-19341/openstack-keystone-2012.1.3-3.fc17 73 https://admin.fedoraproject.org/updates/FEDORA-2012-14650/tor-0.2.2.39-1700.fc17 12 https://admin.fedoraproject.org/updates/FEDORA-2012-18950/cups-pk-helper-0.2.2-2.fc17 54 https://admin.fedoraproject.org/updates/FEDORA-2012-16048/cobbler-2.4.0-beta2.fc17 7 https://admin.fedoraproject.org/updates/FEDORA-2012-19349/mc-4.8.6-2.fc17 1 https://admin.fedoraproject.org/updates/FEDORA-2012-19606/cups-1.5.4-16.fc17 15 https://admin.fedoraproject.org/updates/FEDORA-2012-18659/gnome-system-log-3.4.1-3.fc17 7 https://admin.fedoraproject.org/updates/FEDORA-2012-19203/squashfs-tools-4.2-5.fc17 153 https://admin.fedoraproject.org/updates/FEDORA-2012-10269/revelation-0.4.14-1.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2012-19464/drupal6-ctools-1.10-1.fc17 1 https://admin.fedoraproject.org/updates/FEDORA-2012-19705/bogofilter-1.2.3-1.fc17 2 https://admin.fedoraproject.org/updates/FEDORA-2012-19605/totpcgi-0.5.4-1.fc17 7 https://admin.fedoraproject.org/updates/FEDORA-2012-19282/perl-CGI-3.52-218.fc17,perl-5.14.3-218.fc17 1 https://admin.fedoraproject.org/updates/FEDORA-2012-19726/mate-settings-daemon-1.5.4-1.fc17 1 https://admin.fedoraproject.org/updates/FEDORA-2012-19759/qt-4.8.4-1.fc17 The following Fedora 17 Critical Path updates have yet to be approved: Age URL 1 https://admin.fedoraproject.org/updates/FEDORA-2012-19759/qt-4.8.4-1.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2012-19496/control-center-3.4.3-1.fc17,libwacom-0.6.1-1.fc17,gnome-settings-daemon-3.4.2-4.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2012-19478/mutter-3.4.1-4.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2012-19446/phonon-backend-gstreamer-4.6.2-2.fc17 7 https://admin.fedoraproject.org/updates/FEDORA-2012-19344/xorg-x11-drv-intel-2.20.14-1.fc17 7 https://admin.fedoraproject.org/updates/FEDORA-2012-19350/ModemManager-0.6.0.0-2.fc17 7 https://admin.fedoraproject.org/updates/FEDORA-2012-19354/xfwm4-4.8.3-3.fc17 7 https://admin.fedoraproject.org/updates/FEDORA-2012-19262/bash-4.2.39-2.fc17 7 https://admin.fedoraproject.org/updates/FEDORA-2012-19252/openssh-5.9p1-28.fc17 7 https://admin.fedoraproject.org/updates/FEDORA-2012-19282/perl-CGI-3.52-218.fc17,perl-5.14.3-218.fc17 7 https://admin.fedoraproject.org/updates/FEDORA-2012-19208/lxpanel-0.5.10-3.fc17 7 https://admin.fedoraproject.org/updates/FEDORA-2012-19203/squashfs-tools-4.2-5.fc17 10 https://admin.fedoraproject.org/updates/FEDORA-2012-19048/json-c-0.10-2.fc17 10 https://admin.fedoraproject.org/updates/FEDORA-2012-19014/json-c-0.10-1.fc17 10 https://admin.fedoraproject.org/updates/FEDORA-2012-19006/nss-util-3.14-1.fc17,nss-softokn-3.14-5.fc17,nss-3.14-7.fc17 12 https://admin.fedoraproject.org/updates/FEDORA-2012-18950/cups-pk-helper-0.2.2-2.fc17 12 https://admin.fedoraproject.org/updates/FEDORA-2012-18937/kdelibs-4.9.3-4.fc17 7 https://admin.fedoraproject.org/updates/FEDORA-2012-18850/cronie-1.4.10-1.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2012-18542/dnsmasq-2.64-1.fc17 2 https://admin.fedoraproject.org/updates/FEDORA-2012-18329/abrt-2.0.19-2.fc17,libreport-2.0.19-3.fc17,btparser-0.23-1.fc17 The following builds have been pushed to Fedora 17 updates-testing bind-9.9.2-3.P1.fc17 dnsmasq-2.64-1.fc17 insight-7.4.50-5.20120403cvs.fc17 libibmad-1.3.9-1.fc17 libibumad-1.3.8-1.fc17 mongodb-2.2.2-1.fc17 mysql-5.5.28-2.fc17 opensm-3.3.15-2.fc17 perl-CDB_File-0.97-1.fc17 perl-Locale-Codes-3.24-1.fc17 permlib-0.2.8-1.fc17 php-pluf-1.0-3.gitb1fed2e.fc17 python-moksha-hub-1.1.0-1.fc17 python-ptrace-0.6.4-2.fc17 python-txzmq-0.6.1-3.fc17 rubygem-openshift-origin-common-1.1.4-2.fc17 rubygem-openshift-origin-controller-1.1.10-2.fc17 sympol-0.1.8-2.fc17 vxl-1.17.0-8.fc17 wmudmount-1.13-4.fc17 Details about builds: ================================================================================ bind-9.9.2-3.P1.fc17 (FEDORA-2012-19830) The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server -------------------------------------------------------------------------------- Update Information: This update fixes CVE-2012-5688. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 5 2012 Tomas Hozza <thozza@xxxxxxxxxx> 32:9.9.2-3.P1 - update to bind-9.9.2-P1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #883533 - CVE-2012-5688 bind: DoS on servers using DNS64 https://bugzilla.redhat.com/show_bug.cgi?id=883533 -------------------------------------------------------------------------------- ================================================================================ dnsmasq-2.64-1.fc17 (FEDORA-2012-18542) A lightweight DHCP/caching DNS server -------------------------------------------------------------------------------- Update Information: This update fixes several bugs. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 5 2012 Tomas Hozza <thozza@xxxxxxxxxx> - 2.64-1 - New version 2.64 - Merged patches dropped * Mon Nov 19 2012 Tomas Hozza <thozza@xxxxxxxxxx> - 2.63-2 - dhcp6 support fixes (#867054) - removed "-s $HOSTNAME" from .service file (#753656) -------------------------------------------------------------------------------- References: [ 1 ] Bug #867054 - dhcp6 support fixes https://bugzilla.redhat.com/show_bug.cgi?id=867054 [ 2 ] Bug #753656 - Domain set to hostname by default https://bugzilla.redhat.com/show_bug.cgi?id=753656 [ 3 ] Bug #883819 - dnsmasq 2.64 available https://bugzilla.redhat.com/show_bug.cgi?id=883819 -------------------------------------------------------------------------------- ================================================================================ insight-7.4.50-5.20120403cvs.fc17 (FEDORA-2012-19834) Graphical debugger based on GDB -------------------------------------------------------------------------------- Update Information: * Wed Dec 5 2012 Patrick Monnerat <pm@xxxxxxxxxxxxx> 7.4.50-5.20120403cvs - Patch "bz883591" to fix a segmentation fault. https://bugzilla.redhat.com/show_bug.cgi?id=883591 -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 5 2012 Patrick Monnerat <pm@xxxxxxxxxxxxx> 7.4.50-5.20120403cvs - Patch "bz883591" to fix a segmentation fault. https://bugzilla.redhat.com/show_bug.cgi?id=883591 -------------------------------------------------------------------------------- References: [ 1 ] Bug #883591 - [abrt] insight-7.4.50-4.20120403cvs.fc18: gdb_find_bp_at_line: Process /usr/bin/insight was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=883591 -------------------------------------------------------------------------------- ================================================================================ libibmad-1.3.9-1.fc17 (FEDORA-2012-19825) OpenFabrics Alliance InfiniBand MAD library -------------------------------------------------------------------------------- Update Information: Updates to latest upstream version Provide rwtab file -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 27 2012 Doug Ledford <dledford@xxxxxxxxxx> - 1.3.9-1 - Update to latest upstream release - Fix Url tag * Thu Jul 19 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #817591 - opensm should install a rwtab file https://bugzilla.redhat.com/show_bug.cgi?id=817591 -------------------------------------------------------------------------------- ================================================================================ libibumad-1.3.8-1.fc17 (FEDORA-2012-19825) OpenFabrics Alliance InfiniBand umad (user MAD) library -------------------------------------------------------------------------------- Update Information: Updates to latest upstream version Provide rwtab file -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 27 2012 Doug Ledford <dledford@xxxxxxxxxx> - 1.3.8-1 - Update to latest upstream version - Fix Url tag * Thu Jul 19 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3.7-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #817591 - opensm should install a rwtab file https://bugzilla.redhat.com/show_bug.cgi?id=817591 -------------------------------------------------------------------------------- ================================================================================ mongodb-2.2.2-1.fc17 (FEDORA-2012-19818) High-performance, schema-free document-oriented database -------------------------------------------------------------------------------- Update Information: Update to 2.2.2 Built with ssl support, minor bugfixes Update to version 2.2.0 -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 5 2012 Troy Dawson <tdawson@xxxxxxxxxx> - 2.2.2-1 - Updated to version 2.2.2 * Tue Nov 27 2012 Troy Dawson <tdawson@xxxxxxxxxx> - 2.2.1-3 - Add ssl build option - Using the reserved mongod UID for the useradd - mongod man page in server package (#880351) - added optional MONGODB_OPTIONS to init script * Wed Oct 31 2012 Nathaniel McCallum <nathaniel@xxxxxxxxxxxxxxxx> - 2.2.1-2 - Make sure build and install flags are the same - Actually remove the js patch file * Wed Oct 31 2012 Nathaniel McCallum <nathaniel@xxxxxxxxxxxxxxxx> - 2.2.1-1 - Remove fork fix patch (fixed upstream) - Remove pcre patch (fixed upstream) - Remove mozjs patch (now using v8 upstream) - Update to 2.2.1 * Tue Oct 2 2012 Troy Dawson <tdawson@xxxxxxxxxx> - 2.2.0-6 - full flag patch to get 32 bit builds to work * Tue Oct 2 2012 Troy Dawson <tdawson@xxxxxxxxxx> - 2.2.0-5 - shared libraries patch - Fix up minor %files issues * Fri Sep 28 2012 Troy Dawson <tdawson@xxxxxxxxxx> - 2.2.0-4 - Fix spec files problems * Fri Sep 28 2012 Troy Dawson <tdawson@xxxxxxxxxx> - 2.2.0-3 - Updated patch to use system libraries - Update init script to use a pidfile * Thu Sep 27 2012 Troy Dawson <tdawson@xxxxxxxxxx> - 2.2.0-2 - Added patch to use system libraries -------------------------------------------------------------------------------- References: [ 1 ] Bug #880351 - mongod man page is in mongodb package instead of mongodb-server package https://bugzilla.redhat.com/show_bug.cgi?id=880351 -------------------------------------------------------------------------------- ================================================================================ mysql-5.5.28-2.fc17 (FEDORA-2012-19833) MySQL client programs and shared libraries -------------------------------------------------------------------------------- Update Information: - Add patch for CVE-2012-5611 - Widen DH key length from 512 to 1024 bits to meet minimum requirements of FIPS 140-2 -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 5 2012 Tom Lane <tgl@xxxxxxxxxx> 5.5.28-2 - Add patch for CVE-2012-5611 Resolves: #883642 - Widen DH key length from 512 to 1024 bits to meet minimum requirements of FIPS 140-2 Related: #877124 -------------------------------------------------------------------------------- References: [ 1 ] Bug #881064 - CVE-2012-5611 mysql: acl_get() stack-based buffer overflow https://bugzilla.redhat.com/show_bug.cgi?id=881064 -------------------------------------------------------------------------------- ================================================================================ opensm-3.3.15-2.fc17 (FEDORA-2012-19825) OpenIB InfiniBand Subnet Manager and management utilities -------------------------------------------------------------------------------- Update Information: Updates to latest upstream version Provide rwtab file -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 5 2012 Doug Ledford <dledford@xxxxxxxxxx> - 3.3.15-2 - Fix startup on read only root - Update default config file - Resolves: bz817591 * Wed Dec 5 2012 Doug Ledford <dledford@xxxxxxxxxx> - 3.3.15-1 - Update to latest upstream version - Skip systemd support (3.3.15-1 and later in f18 and later have it) -------------------------------------------------------------------------------- References: [ 1 ] Bug #817591 - opensm should install a rwtab file https://bugzilla.redhat.com/show_bug.cgi?id=817591 -------------------------------------------------------------------------------- ================================================================================ perl-CDB_File-0.97-1.fc17 (FEDORA-2012-19817) Perl extension for access to cdb databases -------------------------------------------------------------------------------- Update Information: upgrade to 0.97 -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 5 2012 Mark McKinstry <mmckinst@xxxxxxxxxxx> - 0.97-1 - upgrade to 0.97 -------------------------------------------------------------------------------- References: [ 1 ] Bug #882869 - perl-CDB_File-0.97 is available https://bugzilla.redhat.com/show_bug.cgi?id=882869 -------------------------------------------------------------------------------- ================================================================================ perl-Locale-Codes-3.24-1.fc17 (FEDORA-2012-19815) Distribution of modules to handle locale codes -------------------------------------------------------------------------------- Update Information: New codes added. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 5 2012 Petr Pisar <ppisar@xxxxxxxxxx> - 3.24-1 - 3.24 bump * Tue Nov 20 2012 Petr Šabata <contyk@xxxxxxxxxx> - 3.23-2 - Add missing deps - Drop command macros - Modernize spec * Tue Sep 4 2012 Petr Pisar <ppisar@xxxxxxxxxx> - 3.23-1 - 3.23 bump -------------------------------------------------------------------------------- References: [ 1 ] Bug #883815 - perl-Locale-Codes-3.24 is available https://bugzilla.redhat.com/show_bug.cgi?id=883815 -------------------------------------------------------------------------------- ================================================================================ permlib-0.2.8-1.fc17 (FEDORA-2012-19835) Library for permutation computations -------------------------------------------------------------------------------- Update Information: These new versions of permlib and sympol fix a build bug that led to segfaults in sympol. -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 27 2012 Jerry James <loganjerry@xxxxxxxxx> - 0.2.8-1 - New upstream release - Drop upstreamed patch * Wed Sep 26 2012 Jerry James <loganjerry@xxxxxxxxx> - 0.2.7-1 - New upstream release - Update Doxyfile - Add -test patch to fix two test failures * Mon Aug 6 2012 Jerry James <loganjerry@xxxxxxxxx> - 0.2.6-4 - Rebuild for boost 1.50 - Update Doxyfile * Fri Jul 20 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.6-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ php-pluf-1.0-3.gitb1fed2e.fc17 (FEDORA-2012-19831) PHP WebApp Framework -------------------------------------------------------------------------------- Update Information: Upgrade from GIT to satisfy Indefero dependency. -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- ================================================================================ python-moksha-hub-1.1.0-1.fc17 (FEDORA-2012-19832) Hub components for Moksha -------------------------------------------------------------------------------- Update Information: Update to latest upstream. Update to latest upstream. -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 4 2012 Ralph Bean <rbean@xxxxxxxxxx> - 1.1.0-1 - Latest upstream with support for zmq_tcp_keepalive. * Tue Dec 4 2012 Ralph Bean <rbean@xxxxxxxxxx> - 1.0.9-1 - Latest upstream. - Fixed check conditional for rhel6. -------------------------------------------------------------------------------- ================================================================================ python-ptrace-0.6.4-2.fc17 (FEDORA-2012-19826) Debugger using ptrace written in Python -------------------------------------------------------------------------------- Update Information: Update to latest upstream release python-ptrace 0.6.4. The update also adds Python 3 support. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 5 2012 Terje Rosten <terje.rosten@xxxxxxx> - 0.6.4-2 - Add patch to build with Python 3.3 * Wed Dec 5 2012 Terje Rosten <terje.rosten@xxxxxxx> - 0.6.4-1 - 0.6.4 - Add python 3 subpackage * Sat Jul 21 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.6.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ python-txzmq-0.6.1-3.fc17 (FEDORA-2012-19836) Twisted bindings for ZeroMQ -------------------------------------------------------------------------------- Update Information: Add support for zmq_tcp_keepalive. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 5 2012 Ralph Bean <rbean@xxxxxxxxxx> - 0.6.1-3 - Patch to add support for tcp keepalives with zeromq3. - Fixed "bad" rhel conditional. -------------------------------------------------------------------------------- ================================================================================ rubygem-openshift-origin-common-1.1.4-2.fc17 (FEDORA-2012-19827) Cloud Development Common -------------------------------------------------------------------------------- Update Information: Update to version 1.1.4 Update to 1.0.1 -------------------------------------------------------------------------------- ================================================================================ rubygem-openshift-origin-controller-1.1.10-2.fc17 (FEDORA-2012-19829) Cloud Development Controller -------------------------------------------------------------------------------- Update Information: Update to version 1.1.10 Update to 1.0.5 -------------------------------------------------------------------------------- ================================================================================ sympol-0.1.8-2.fc17 (FEDORA-2012-19835) Symmetric polyhedra tool -------------------------------------------------------------------------------- Update Information: These new versions of permlib and sympol fix a build bug that led to segfaults in sympol. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 5 2012 Jerry James <loganjerry@xxxxxxxxx> - 0.1.8-2 - Add -DBLISS_USE_GMP to CFLAGS to avoid segfaults * Thu Sep 27 2012 Jerry James <loganjerry@xxxxxxxxx> - 0.1.8-1 - New upstream release * Wed Sep 26 2012 Jerry James <loganjerry@xxxxxxxxx> - 0.1.7-3 - Rebuild for permlib 0.2.7 -------------------------------------------------------------------------------- ================================================================================ vxl-1.17.0-8.fc17 (FEDORA-2012-19820) C++ Libraries for Computer Vision Research and Implementation -------------------------------------------------------------------------------- Update Information: fix build on non-x86 arches VXL is a library for image processing and computer vision which is the foundation of the Insight Toolkit package -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 5 2012 Dan Horák <dan[at]danny.cz> - 1.17.0-8 - fix build on non-x86 arches -------------------------------------------------------------------------------- References: [ 1 ] Bug #567086 - Review Request: VXL - C++ Libraries for Computer Vision Research and Implementation https://bugzilla.redhat.com/show_bug.cgi?id=567086 -------------------------------------------------------------------------------- ================================================================================ wmudmount-1.13-4.fc17 (FEDORA-2012-19824) A WindowMaker filesystem mounting dockapp using udisks -------------------------------------------------------------------------------- Update Information: This update adds a missing run time dependency on udisks version 1. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 5 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 1.13-4 - require udisks v1 - add upstream header patch * Sun Jul 22 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.13-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
