The following Fedora 17 Security updates need testing: Age URL 11 https://admin.fedoraproject.org/updates/FEDORA-2012-20620/inkscape-0.48.4-1.fc17 11 https://admin.fedoraproject.org/updates/FEDORA-2012-20610/freeciv-2.3.3-1.fc17 21 https://admin.fedoraproject.org/updates/FEDORA-2012-20001/kde-filesystem-4-42.fc17 98 https://admin.fedoraproject.org/updates/FEDORA-2012-14650/tor-0.2.2.39-1700.fc17 25 https://admin.fedoraproject.org/updates/FEDORA-2012-19606/cups-1.5.4-16.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2012-20965/php-symfony2-HttpKernel-2.1.6-1.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2012-20967/ndjbdns-1.05.5-1.fc17 178 https://admin.fedoraproject.org/updates/FEDORA-2012-10269/revelation-0.4.14-1.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2012-20968/BackupPC-3.2.1-10.fc17 20 https://admin.fedoraproject.org/updates/FEDORA-2012-20092/libproxy-0.4.11-1.fc17 13 https://admin.fedoraproject.org/updates/FEDORA-2012-20531/libvirt-0.9.11.8-2.fc17 9 https://admin.fedoraproject.org/updates/FEDORA-2012-20766/drupal6-6.27-1.fc17,drupal7-7.18-1.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2012-21106/php-pear-CAS-1.3.2-1.fc17 The following Fedora 17 Critical Path updates have yet to be approved: Age URL 1 https://admin.fedoraproject.org/updates/FEDORA-2012-21067/jack-audio-connection-kit-1.9.9.5-1.fc17 2 https://admin.fedoraproject.org/updates/FEDORA-2012-21032/nspr-4.9.4-1.fc17,nss-util-3.14.1-1.fc17,nss-softokn-3.14.1-3.fc17,nss-3.14.1-2.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2012-20960/linux-firmware-20121218-0.1.gitbda53ca.fc17 9 https://admin.fedoraproject.org/updates/FEDORA-2012-20790/iproute-3.3.0-5.fc17 9 https://admin.fedoraproject.org/updates/FEDORA-2012-20782/caribou-0.4.2-2.fc17 9 https://admin.fedoraproject.org/updates/FEDORA-2012-20767/abrt-2.0.20-1.fc17,btparser-0.24-1.fc17,libreport-2.0.20-1.fc17 11 https://admin.fedoraproject.org/updates/FEDORA-2012-20697/system-config-users-1.3.3-1.fc17 11 https://admin.fedoraproject.org/updates/FEDORA-2012-20609/policycoreutils-2.1.13-27.1.fc17 11 https://admin.fedoraproject.org/updates/FEDORA-2012-20635/udisks2-1.94.0-11.fc17 13 https://admin.fedoraproject.org/updates/FEDORA-2012-20544/selinux-policy-3.10.0-165.fc17 15 https://admin.fedoraproject.org/updates/FEDORA-2012-20216/python-slip-0.2.24-1.fc17,system-config-date-1.10.5-1.fc17 The following builds have been pushed to Fedora 17 updates-testing aajohan-comfortaa-fonts-2.003-1.fc17 flashrom-0.9.6.1-2.svn1639.fc17 gpaste-2.9.1-1.fc17 jai-imageio-core-1.2-0.11.20100217cvs.fc17 liferea-1.8.11-1.fc17 mysql-connector-python-1.0.8-1.fc17 mysql-workbench-5.2.45-1.fc17 ovirt-engine-3.0.0.0001-15.fc17 php-pear-CAS-1.3.2-1.fc17 rekonq-2.0-1.fc17 rxvt-unicode-9.16-1.fc17 thunderbird-enigmail-1.5.0-1.fc17 wine-1.5.20-1.fc17 xnoise-0.2.14-1.fc17 Details about builds: ================================================================================ aajohan-comfortaa-fonts-2.003-1.fc17 (FEDORA-2012-21119) Modern style true type font -------------------------------------------------------------------------------- Update Information: This update from upstream addresses a bug related to missing "¿" character in the typeface. -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 30 2012 Luya Tshimbalanga <luya@xxxxxxxxxxxxxxxxx> - 2.003-1 - Upstream update (rhbz#786442) * Wed Jul 18 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.002-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #786442 - Cannot type ¿ symbol correctly on Comfortaa font https://bugzilla.redhat.com/show_bug.cgi?id=786442 -------------------------------------------------------------------------------- ================================================================================ flashrom-0.9.6.1-2.svn1639.fc17 (FEDORA-2012-21108) Simple program for reading/writing BIOS chips content -------------------------------------------------------------------------------- Update Information: - Updated to the latest svn ver. 1639 (post-release snapshot for 0.9.6.1) - Support for Atmel's AT25F series of SPI flash chips - Support for Intel S33 series flash chips - Add a "device" parameter for Dediprog - (Untested) board enable for Asus DSAN-DX - Support for Winbond W39F010/W39L010/W39L020 - Support for Atmel AT26DF041 - Support for Numonyx N25Q016 and N25Q032 - Support for SST's 25WF series of SPI flash chips - Support for GigaDevice GD25LQ32 - Board enable for MSI K8N Neo Platinum -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 30 2012 Peter Lemenkov <lemenkov@xxxxxxxxx> - 0.9.6.1-2.svn1639 - Updated to the latest svn ver. 1639 (post-release snapshot for 0.9.6.1) - Support for Atmel's AT25F series of SPI flash chips - Support for Intel S33 series flash chips - Add a "device" parameter for Dediprog - (Untested) board enable for Asus DSAN-DX - Support for Winbond W39F010/W39L010/W39L020 - Support for Atmel AT26DF041 - Support for Numonyx N25Q016 and N25Q032 - Support for SST's 25WF series of SPI flash chips - Support for GigaDevice GD25LQ32 - Board enable for MSI K8N Neo Platinum -------------------------------------------------------------------------------- ================================================================================ gpaste-2.9.1-1.fc17 (FEDORA-2012-21110) Clipboard management system -------------------------------------------------------------------------------- Update Information: NEW in 2.9.1 (01/12/2012) ============= - Fix memory leak when handling images - Fix duplicated images in history - Fix "changed" signal in GPasteSettings -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 30 2012 Mohamed El Morabity <melmorabity@xxxxxxxxxxxxxxxxx> - 2.9.1-1 - Update to 2.9.1 - Drop patch gpaste-2.9-gir.patch, fixed upstream -------------------------------------------------------------------------------- References: [ 1 ] Bug #882855 - gpaste-2.9.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=882855 -------------------------------------------------------------------------------- ================================================================================ jai-imageio-core-1.2-0.11.20100217cvs.fc17 (FEDORA-2012-21112) Core Java Advanced Imaging Image I/O Tools API -------------------------------------------------------------------------------- Update Information: * Fix "License files not installed with javadoc package" * Fix "Javadoc package requires main package" -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 18 2012 Michal Srb <msrb@xxxxxxxxxx> - 1.2-0.11.20100217cvs - Install license in javadoc package (Resolves: #888420) - Removed dependency on jai-imageio-core from javadoc package (Resolves: #888423) * Thu Jul 19 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.2-0.10.20100217cvs - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #888423 - jai-imageio-core: Javadoc package requires main package https://bugzilla.redhat.com/show_bug.cgi?id=888423 [ 2 ] Bug #888420 - jai-imageio-core: License files not installed with javadoc package https://bugzilla.redhat.com/show_bug.cgi?id=888420 -------------------------------------------------------------------------------- ================================================================================ liferea-1.8.11-1.fc17 (FEDORA-2012-21124) An RSS/RDF feed reader -------------------------------------------------------------------------------- Update Information: This is a new bugfix release. It fixes a problem with the browser preferences and a Google Reader notification issue. It removed feedvalidator.org support because of a malware alert. Finally it provides an Hebrew and German translation update. -------------------------------------------------------------------------------- ChangeLog: * Sat Dec 29 2012 Emmanuel Seyman <emmanuel@xxxxxxxxx> - 1:1.8.11-1 - New bugfix upstream release - 1.8.11 -------------------------------------------------------------------------------- ================================================================================ mysql-connector-python-1.0.8-1.fc17 (FEDORA-2012-21117) MySQL Connector for Python 2 -------------------------------------------------------------------------------- Update Information: Upstream Changelog: 1.0.8 (2012-12-17) -------------------------------------- * Fixed MySQLConnection.ping() so it only reconnects when the reconnect argument is set to True. (BUG#15915243) * Fixed storing multiple results after calling stored procedures which are using arguments. (BUG#15916486) * Fixed support for connecting to MySQL using IPv6 addresses. (BUG#15876886) * Fixed handling MySQL errors when doing handshake. (BUG#15836979) * Fixed support for connecting to MySQL using IPv6 addresses. (BUG#15876886, BUG#15927825) * Fixed reading the header of MySQL packets. Previously, we were reading the MySQL packet headers as 4 (or 7) bytes long buffers from the socket. When we did have the correct length, we would immediately raise an exception. We now keep reading data from the socket until we got the full header or bail out on errors. (BUG#14829471) * Fixed the error message when the TCP/IP port number is not a valid integer. Strings are first converted to integer and raise an error with a proper error when this fails. (BUG#13808727) * Fixed authenticating for Python v2 using usernames and/or passwords which contain Unicode characters using Python v2. (BUG#14843456) * Fixed reporting of socket errors. (BUG#14802017) * Fixed executemany() to support the pyformat parameter style. (BUG#14754894) The regular expression parsing the INSERT statement did not work when pyformat markers where used, that is, '%(c1)s' for example. This is now fixed so both ANSI C printf and Python extended format codes can be used by MySQLCursor.executemany(). -------------------------------------------------------------------------------- ChangeLog: * Sat Dec 29 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.0.8-1 - version 1.0.8 GA -------------------------------------------------------------------------------- ================================================================================ mysql-workbench-5.2.45-1.fc17 (FEDORA-2012-21111) A MySQL visual database modeling, administration and querying tool -------------------------------------------------------------------------------- Update Information: See upstream Release notes, Changes in MySQL Workbench 5.2.45 (2012-12-27): * http://dev.mysql.com/doc/relnotes/workbench/en/wb-news-5-2-45.html -------------------------------------------------------------------------------- ChangeLog: * Sat Dec 29 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> 5.2.45-1 - update to 5.2.45 Community (OSS) Edition (GPL) http://dev.mysql.com/doc/relnotes/workbench/en/wb-news-5-2-45.html -------------------------------------------------------------------------------- ================================================================================ ovirt-engine-3.0.0.0001-15.fc17 (FEDORA-2012-21120) Management server for Open Virtualization -------------------------------------------------------------------------------- Update Information: Fix location of logrotate script -------------------------------------------------------------------------------- ChangeLog: * Sat Dec 29 2012 Juan Hernandez <juan.hernandez@xxxxxxxxxx> - 3.0.0.0001-15 - Fix location of logrotate script (rhbz#890691) * Fri Jul 20 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.0.0.0001-14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #890691 - /etc/cron.daily/ovirt-cron calls a shell script that does not exist ( /usr/share/ovirt/scripts/ovirtlogrot.sh ) which causes cron to generate errors https://bugzilla.redhat.com/show_bug.cgi?id=890691 -------------------------------------------------------------------------------- ================================================================================ php-pear-CAS-1.3.2-1.fc17 (FEDORA-2012-21106) Central Authentication Service client library in php -------------------------------------------------------------------------------- Update Information: Changes in version 1.3.2 Security Fixes: * CVE-2012-5583 Missing CN validation of CAS server certificate [#58] (Joachim Fritschi) Bug Fixes: * Fix broken character encoding in Greek and French [#40] (Joachim Fritschi) * Minor error corrections in a few example files [] (Joachim Fritschi) * Remove erroneous break statement [#44] (jbittel) * Use X-Forwarded-Port [#45] (Andrew Kirkpatrick) * Stop autoloader using set_include_path [#51/#52] (drysdaleb) * Fix undefined property in the rebroadcast code [#47] (Joachim Fritschi) Improvement: * Enable getCookies on a proxied sevices [#56] (Adam Franco) -------------------------------------------------------------------------------- ChangeLog: * Sat Dec 29 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.3.2-1 - update to Version 1.3.2, security fix for CVE-2012-5583 Missing CN validation of CAS server certificate - add requires for all needed php extensions -------------------------------------------------------------------------------- ================================================================================ rekonq-2.0-1.fc17 (FEDORA-2012-21113) KDE browser based on QtWebkit -------------------------------------------------------------------------------- Update Information: Rekonq 2.0 release. See http://adjamblog.wordpress.com/2012/12/29/rekonq-2-0-first-stable/ -------------------------------------------------------------------------------- ChangeLog: * Sat Dec 29 2012 Jan Grulich <jgrulich@xxxxxxxxxx> 2.0-1 - 2.0 -------------------------------------------------------------------------------- ================================================================================ rxvt-unicode-9.16-1.fc17 (FEDORA-2012-21121) Unicode version of rxvt -------------------------------------------------------------------------------- Update Information: * INCOMPATIBLE CHANGE: renamed urlLauncher resource to url-launcher. * fix processing of DEC private mode save sequences. * perl extensions now have their own manpages, installed as urxvt-NAME(1), e.g. urxvt-background(1) - see urxvt-extensions(1) for a list. * fix disabling of cursor blink with the option-popup menu. * the font height is not augmented anymore when lineSpace is non zero. * fix "new pagemap" vs. "delete pagemap" mismatch ([] vs. non-[]). * fix height mismatch between active and inactive cursor when lineSpace is non zero. * completely redone background pixmap support - users can now specify arbitrary expressions (And programs) that calculate new terminal backgrounds. see the urxvt-background manpage for details. * xrender is now required for background pixmap support. * perl extensions can now provide commandline switches and resources which show up in -help etc. * iso14755 51 mode window now displays row and column. * implement a -visual switch and move that and -depth to frills, also warn when we can't get the requested visual. * new env variable: RXVT_PERL_LIB. * allocate all screen memory in one go and let the virtual memory subsystem sort it out. this simplifies code, improves access locality, saves a bit of ram and makes things a bit faster, too. * remove support for libafterimage. * selectively mark some methods as cache-hot/cache cold, which might speed up execution but definitely decreases codesize. * Fix regression that prevented the scrollbar trough color from being applied. * Fix the scrollbar size for rxvt style. -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 30 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 9.16-1 - version upgrade - cleanup manpages * Sat Jul 21 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 9.15-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Mon Jun 11 2012 Petr Pisar <ppisar@xxxxxxxxxx> - 9.15-2 - Perl 5.16 rebuild -------------------------------------------------------------------------------- ================================================================================ thunderbird-enigmail-1.5.0-1.fc17 (FEDORA-2012-21123) Authentication and encryption extension for Mozilla Thunderbird -------------------------------------------------------------------------------- Update Information: Official upstream announcement: I am very happy to announce the availability of Enigmail v1.5. It is precisely a year ago that I announced that I would work on replacing the binary components that depend on Thunderbird with JavaScript code. Today is the moment when the last part of this project is completed and Enigmail is released with (almost) no binary code anymore. Notable Changes: * PGP/MIME encryption & signing have been rewritten from scratch in JavaScript. * Core parts of inline-PGP (creation, decryption and verification) have been rewritten in JavaScript. * Due to the new code structure, this version of Enigmail is compatible with all future versions of Thunderbird and SeaMonkey. There is a small C++ component remaining for Thunderbird 17 and 18 and SeaMonkey 2.14 and 2.15. As of Thunderbird 19 and SeaMonkey 2.16 there won't be any Mozilla version-specific code in Enigmail. -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 30 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> 1.5.0-1 - Enigmail 1.5.0 for Thunderbird 17 -------------------------------------------------------------------------------- ================================================================================ wine-1.5.20-1.fc17 (FEDORA-2012-21109) A compatibility layer for windows applications -------------------------------------------------------------------------------- Update Information: 1.5.20 * A bunch of dlls with ugly names for API sets support. * More ATL functions implemented. * Still more C++ runtime functions. * Several text rendering fixes. * PostScript driver improvements. * Various bug fixes. 1.5.19 * Performance improvements in the DIB engine. * More fleshed out XML-lite implementation. * Some more C++ runtime functions. * Various bug fixes. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 28 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 1.5.20-1 - version upgrade - upgraded winepulse * Sun Dec 9 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 1.5.19-1 - version upgrade - upgraded winepulse -------------------------------------------------------------------------------- ================================================================================ xnoise-0.2.14-1.fc17 (FEDORA-2012-21118) Tracklist-centric Media Player -------------------------------------------------------------------------------- Update Information: * Add support for Android and some other player devices * Use themed symbolic icons * Add optional GENRE-ARTIST-ALBUM sort mode in music browser * Add some sort modes for album-art-view * Allow editing of genres * Equalizer is now activatable from the equalizer window, only * Show album art in album tag editor * Rework settings dialog, again * Localization updates * Code cleanups * Many bug fixes -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 28 2012 Michel Salim <salimma@xxxxxxxxxxxxxxxxx> - 0.2.14-1 - Update to 0.2.14 -------------------------------------------------------------------------------- References: [ 1 ] Bug #871780 - xnoise-0.2.14 is available https://bugzilla.redhat.com/show_bug.cgi?id=871780 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test