The following Fedora 18 Security updates need testing: Age URL 0 https://admin.fedoraproject.org/updates/FEDORA-2012-20117/v8-3.13.7.5-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2012-20125/webkitgtk-1.10.2-1.fc18,webkitgtk3-1.10.2-1.fc18 7 https://admin.fedoraproject.org/updates/FEDORA-2012-19664/bogofilter-1.2.3-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2012-20111/rssh-2.3.4-1.fc18 9 https://admin.fedoraproject.org/updates/FEDORA-2012-19508/drupal6-ctools-1.10-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2012-20179/python-django-1.4.3-1.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2012-20032/libvirt-0.10.2.2-1.fc18 5 https://admin.fedoraproject.org/updates/FEDORA-2012-19879/libproxy-0.4.11-1.fc18 5 https://admin.fedoraproject.org/updates/FEDORA-2012-19868/mysql-5.5.28-2.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2012-19951/kde-filesystem-4-42.fc18 60 https://admin.fedoraproject.org/updates/FEDORA-2012-15996/cobbler-2.4.0-beta2.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2012-19964/librdmacm-1.0.17-0.gitc6bfc1c.1.fc18 7 https://admin.fedoraproject.org/updates/FEDORA-2012-19301/cups-1.5.4-20.fc18 32 https://admin.fedoraproject.org/updates/FEDORA-2012-17834/cumin-0.1.5522-4.fc18 The following Fedora 18 Critical Path updates have yet to be approved: Age URL 0 https://admin.fedoraproject.org/updates/FEDORA-2012-20200/kernel-3.6.10-4.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2012-20197/glibc-2.16-28.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2012-20203/selinux-policy-3.11.1-62.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2012-20187/nautilus-3.6.3-3.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2012-20173/mdadm-3.2.6-7.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2012-20176/network-manager-applet-0.9.7.0-6.git20121211.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2012-20183/python-meh-0.20-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2012-20166/coreutils-8.17-7.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2012-20165/at-spi2-core-2.6.3-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2012-20194/system-config-date-1.10.5-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2012-20191/network-manager-applet-0.9.7.0-5.git20121211.fc18 The following builds have been pushed to Fedora 18 updates-testing firewalld-0.2.11-1.fc18 giada-0.5.4-2.fc18 glibc-2.16-28.fc18 jpackage-utils-1.7.5-21.fc18 kernel-3.6.10-4.fc18 nginx-1.2.6-1.fc18 opendyslexic-fonts-0.600-1.fc18 python-zope-testing-4.1.1-1.fc18 rubygem-ci_reporter-1.8.2-2.fc18 selinux-policy-3.11.1-62.fc18 Details about builds: ================================================================================ firewalld-0.2.11-1.fc18 (FEDORA-2012-20206) A firewall daemon with D-BUS interface providing a dynamic firewall -------------------------------------------------------------------------------- Update Information: New version 0.2.11 - Fixed more _xmlplus (PyXML) incompatibilities to python xml - Several man page updates - Fixed error in addForwardPort, removeForwardPort and queryForwardPort - firewall-cmd: use already existing queryForwardPort() - Update firewall.cmd man page, use man page as firewall-cmd usage (rhbz#876394) - firewall-config: Do not force to show labels in the main toolbar - firewall-config: Dropped "Change default zone" from toolbar - firewall-config: Added menu entry to change zones of connections - firewall-applet: Zones can be changed now using nm-connection-editor (rhbz#876661) - translation updates: cs, hu, ja -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 11 2012 Thomas Woerner <twoerner@xxxxxxxxxx> 0.2.11-1 - Fixed more _xmlplus (PyXML) incompatibilities to python xml - Several man page updates - Fixed error in addForwardPort, removeForwardPort and queryForwardPort - firewall-cmd: use already existing queryForwardPort() - Update firewall.cmd man page, use man page as firewall-cmd usage (rhbz#876394) - firewall-config: Do not force to show labels in the main toolbar - firewall-config: Dropped "Change default zone" from toolbar - firewall-config: Added menu entry to change zones of connections - firewall-applet: Zones can be changed now using nm-connection-editor (rhbz#876661) - translation updates: cs, hu, ja * Tue Nov 20 2012 Thomas Woerner <twoerner@xxxxxxxxxx> 0.2.10-1 - tests/firewalld_config.py: tests for config.service and config.icmptype - FirewallClientConfigServiceSettings(): destinations are dict not list - service/zone/icmptype: do not write deprecated name attribute - New service ntp - firewall-config: Fixed name of about dialog - configure.in: Fixed getting of error codes - Added coding to all pyhton files - Fixed copyright years - Beautified file headers - Force use of pygobject3 in python-slip (RHBZ#874378) - Log: firewall.server.config_icmptype, firewall.server.config_service and firewall.server.config_zone: Prepend full path - Allow ":" in interface names for interface aliases - Add name argument to Updated and Renamed signal - Disable IPv4, IPv6 and EB tables if missing - for IPv4/IPv6 only environments - firewall-config.glade file cleanup - firewall-config: loadDefaults() can throw exception - Use toolbars for Add/Edit/Remove/LoadDefaults buttons for zones, services and icmp types - New vnc-server service, opens ports for displays :0 to :3 (RHBZ#877035) - firewall-cmd: Fix typo in help output, allow default zone usage for permanenent options - Translation updates: cs, fr, ja, pt_BR and zh_CN -------------------------------------------------------------------------------- References: [ 1 ] Bug #876394 - firewall-cmd help should be human-readable and explain what options do https://bugzilla.redhat.com/show_bug.cgi?id=876394 [ 2 ] Bug #876661 - rfe: firewall-config button and menu item to launch zone configuration in network manager https://bugzilla.redhat.com/show_bug.cgi?id=876661 -------------------------------------------------------------------------------- ================================================================================ giada-0.5.4-2.fc18 (FEDORA-2012-20204) An audio looping machine -------------------------------------------------------------------------------- Update Information: giada is an audio looper or ALSA/JACK using the FLTK toolit. Load or record up to 32 samples, choose to play them in single mode (drum machine) or loop mode (sequencer) and start the show with your computer keyboard as a controller. Giada aims to be a compact and portable virtual device for Linux for production use and live sets. Features: * Ultra-lightweight internal design * Multi-thread/multi-core support * 32 bit floating point audio engine * Up to 32 audio channels controlled via computer keyboard * Different playback modes and combinations * Bpm and beat sync with sample-accurate loop engine * Live sampler from external inputs * Live quantizer * Action recorder * Patch-based systemBuilt-in wave editor * Support for all major uncompressed file formats -------------------------------------------------------------------------------- References: [ 1 ] Bug #866156 - Review Request: giada - audio looper for JACK https://bugzilla.redhat.com/show_bug.cgi?id=866156 -------------------------------------------------------------------------------- ================================================================================ glibc-2.16-28.fc18 (FEDORA-2012-20197) The GNU libc libraries -------------------------------------------------------------------------------- Update Information: 878913 - Backport fix for nss_db crash when db contains exactly one entry. 811753 - Backport crypto support from upstream. 859428 - use uint64_t for __bswap64 577950 - Backport of upstream BZ #5298. Don't flush buffer for ftell. Compute offsets from write pointers instead. -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 10 2012 Patsy Franklin <pfrankli@xxxxxxxxxx> - 2.16-28 - Backport fix for nss_db crash when db contains exactly one entry.(#878913) * Fri Dec 7 2012 Patsy Franklin <pfrankli@xxxxxxxxxx> - 2.16-27 - Backport crypto support from upstream. (#811753) * Thu Dec 6 2012 Siddhesh Poyarekar <siddhesh@xxxxxxxxxx> - 2.16-26 - use uint64_t for __bswap64 (#859428). * Wed Nov 28 2012 Patsy Franklin <pfrankli@xxxxxxxxxx> - 2.16-25 - Backport of upstream BZ #5298. Don't flush buffer for ftell. Compute offsets from write pointers instead. (#577950) -------------------------------------------------------------------------------- References: [ 1 ] Bug #878913 - nscd is segfaulting within libnss_db.so https://bugzilla.redhat.com/show_bug.cgi?id=878913 [ 2 ] Bug #811753 - crypt() is broken in fips mode https://bugzilla.redhat.com/show_bug.cgi?id=811753 [ 3 ] Bug #859428 - be64toh returns unsigned long long int regardless of word length https://bugzilla.redhat.com/show_bug.cgi?id=859428 -------------------------------------------------------------------------------- ================================================================================ jpackage-utils-1.7.5-21.fc18 (FEDORA-2012-20202) JPackage utilities -------------------------------------------------------------------------------- Update Information: Updated patches to java-functions so that no .orig is produced -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 11 2012 Deepak Bhole <dbhole@xxxxxxxxxx> 1.7.5-21 - rhbz#862001: Updated patches to java-functions so that no .orig is produced -------------------------------------------------------------------------------- References: [ 1 ] Bug #862001 - jpackage-utils contains residue from patch application https://bugzilla.redhat.com/show_bug.cgi?id=862001 -------------------------------------------------------------------------------- ================================================================================ kernel-3.6.10-4.fc18 (FEDORA-2012-20200) The Linux kernel -------------------------------------------------------------------------------- Update Information: Update to latest upstream stable release, Linux v3.6.10. Various fixes across the tree as usual. This also includes support for importing certs from the UEFI MokListRT variable provided by shim, as well as a team driver update. -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 11 2012 Josh Boyer <jwboyer@xxxxxxxxxx> - 3.6.10-4 - Update secure boot patches to include MoK support - Fix IBSS scanning in mac80211 (rhbz 883414) * Tue Dec 11 2012 Justin M. Forbes <jforbes@xxxxxxxxxx> 3.6.10-1 - Linux 3.6.10 * Wed Dec 5 2012 Dave Jones <davej@xxxxxxxxxx> - Team driver updates (Jiri Pirko) -------------------------------------------------------------------------------- References: [ 1 ] Bug #883414 - IBSS broken on iwlwifi https://bugzilla.redhat.com/show_bug.cgi?id=883414 [ 2 ] Bug #886212 - Import certs from UEFI MokListRT variable https://bugzilla.redhat.com/show_bug.cgi?id=886212 -------------------------------------------------------------------------------- ================================================================================ nginx-1.2.6-1.fc18 (FEDORA-2012-20199) A high performance web server and reverse proxy server -------------------------------------------------------------------------------- Update Information: Update to upstream release 1.2.6 -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 11 2012 Jamie Nguyen <jamielinux@xxxxxxxxxxxxxxxxx> - 1:1.2.6-1 - update to upstream release 1.2.6 -------------------------------------------------------------------------------- ================================================================================ opendyslexic-fonts-0.600-1.fc18 (FEDORA-2012-20198) Font designed for dyslexics and high readability -------------------------------------------------------------------------------- Update Information: New Package: opendyslexic-fonts Font designed for dyslexics and high readability -------------------------------------------------------------------------------- References: [ 1 ] Bug #864125 - Review Request: opendyslexic-fonts - Font designed for dyslexics and high readability https://bugzilla.redhat.com/show_bug.cgi?id=864125 -------------------------------------------------------------------------------- ================================================================================ python-zope-testing-4.1.1-1.fc18 (FEDORA-2012-20201) Zope Testing Framework -------------------------------------------------------------------------------- Update Information: Latest upstream and a python3 subpackage -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 11 2012 Ralph Bean <rbean@xxxxxxxxxx> - 4.1.1-1 - Latest upstream release. - Packaged a python3 subpackage. -------------------------------------------------------------------------------- References: [ 1 ] Bug #751059 - python-zope-testing-4.1.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=751059 -------------------------------------------------------------------------------- ================================================================================ rubygem-ci_reporter-1.8.2-2.fc18 (FEDORA-2012-20205) Generate XML for continuous integration systems -------------------------------------------------------------------------------- Update Information: Initial import into Fedora 18 -------------------------------------------------------------------------------- References: [ 1 ] Bug #878501 - Review Request: rubygem-ci_reporter - Generate XML for continuous integration systems https://bugzilla.redhat.com/show_bug.cgi?id=878501 -------------------------------------------------------------------------------- ================================================================================ selinux-policy-3.11.1-62.fc18 (FEDORA-2012-20203) SELinux policy configuration -------------------------------------------------------------------------------- Update Information: Here is where you give an explanation of your update. -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 11 2012 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.11.1-62 - Fix MCS Constraints to control ingres and egres controls on the network. - Change name of svirt_nokvm_t to svirt_tcg_t - Allow tuned to request the kernel to load kernel modules * Mon Dec 10 2012 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.11.1-61 - Label /var/lib/pgsql/.ssh as ssh_home_t - Add labeling for /usr/bin/pg_ctl - Allow systemd-logind to manage keyring user tmp dirs - Add support for 7389/tcp port - gems seems to be placed in lots of places - Since xdm is running a full session, it seems to be trying to execute lots of executables via dbus - Add back tcp/8123 port as http_cache port - Add ovirt-guest-agent\.pid labeling - Allow xend to run scsi_id - Allow rhsmcertd-worker to read "physical_package_id" - Allow pki_tomcat to connect to ldap port - Allow lpr to read /usr/share/fonts - Allow open file from CD/DVD drive on domU - Allow munin services plugins to talk to SSSD - Allow all samba domains to create samba directory in var_t directories - Take away svirt_t ability to use nsswitch - Dontaudit attempts by openshift to read apache logs - Allow apache to create as well as append _ra_content_t - Dontaudit sendmail_t reading a leaked file descriptor - Add interface to have admin transition /etc/prelink.cache to the proper label - Add sntp support to ntp policy - Allow firewalld to dbus chat with devicekit_power - Allow tuned to call lsblk - Allow tor to read /proc/sys/kernel/random/uuid - Add tor_can_network_relay boolean -------------------------------------------------------------------------------- References: [ 1 ] Bug #879516 - SELinux does not allow pki-tomcat connecting to port 7389 https://bugzilla.redhat.com/show_bug.cgi?id=879516 [ 2 ] Bug #882467 - SELinux is preventing /usr/sbin/php-fpm (deleted) from 'create' accesses on the file m_gavrilov-error.log. https://bugzilla.redhat.com/show_bug.cgi?id=882467 [ 3 ] Bug #883741 - SELinux is preventing /usr/bin/dolphin from 'getattr' accesses on the directory /run/media/kecskebak/KINGSTON-8. https://bugzilla.redhat.com/show_bug.cgi?id=883741 [ 4 ] Bug #883928 - tuned: please allow tuned to use lsblk https://bugzilla.redhat.com/show_bug.cgi?id=883928 [ 5 ] Bug #884417 - SELinux is preventing /usr/bin/polipo from 'name_bind' accesses on the tcp_socket . https://bugzilla.redhat.com/show_bug.cgi?id=884417 [ 6 ] Bug #884910 - SELinux is preventing /usr/bin/dbus-daemon from 'execute' accesses on the file /usr/bin/gnome-keyring-daemon. https://bugzilla.redhat.com/show_bug.cgi?id=884910 [ 7 ] Bug #884911 - SELinux is preventing /usr/sbin/winbindd from 'write' accesses on the directory /var/cache. https://bugzilla.redhat.com/show_bug.cgi?id=884911 [ 8 ] Bug #884654 - SELinux is preventing Xfce Suspend button from working in Fedora 18 Beta https://bugzilla.redhat.com/show_bug.cgi?id=884654 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test