The following Fedora 16 Security updates need testing: Age URL 1 https://admin.fedoraproject.org/updates/FEDORA-2013-0723/thunderbird-17.0.2-1.fc16 33 https://admin.fedoraproject.org/updates/FEDORA-2012-20156/389-ds-base-1.2.10.24-1.fc16 33 https://admin.fedoraproject.org/updates/FEDORA-2012-20157/libproxy-0.4.11-1.fc16 114 https://admin.fedoraproject.org/updates/FEDORA-2012-14452/bacula-5.0.3-33.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2013-0468/proftpd-1.3.4b-4.fc16 32 https://admin.fedoraproject.org/updates/FEDORA-2012-20236/rssh-2.3.4-1.fc16 192 https://admin.fedoraproject.org/updates/FEDORA-2012-10314/revelation-0.4.14-1.fc16 112 https://admin.fedoraproject.org/updates/FEDORA-2012-14654/tor-0.2.2.39-1600.fc16 8 https://admin.fedoraproject.org/updates/FEDORA-2013-0225/pl-5.10.2-9.fc16 8 https://admin.fedoraproject.org/updates/FEDORA-2013-0244/rubygem-activerecord-3.0.10-4.fc16 1 https://admin.fedoraproject.org/updates/FEDORA-2013-0640/moin-1.9.6-1.fc16 1 https://admin.fedoraproject.org/updates/FEDORA-2013-0633/perl-5.14.3-205.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2013-0477/gnupg-1.4.13-2.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-19347/cups-1.5.4-12.fc16 8 https://admin.fedoraproject.org/updates/FEDORA-2013-0222/gnupg2-2.0.19-7.fc16 11 https://admin.fedoraproject.org/updates/FEDORA-2013-0061/php-ZendFramework-1.12.1-1.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2013-0270/qt-4.8.4-6.fc16 1 https://admin.fedoraproject.org/updates/FEDORA-2013-0686/rubygem-actionpack-3.0.10-10.fc16,rubygem-activerecord-3.0.10-5.fc16,rubygem-activesupport-3.0.10-5.fc16,rubygem-activemodel-3.0.10-2.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2013-0761/xen-4.1.4-2.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2013-0752/nagios-3.4.4-1.fc16 The following Fedora 16 Critical Path updates have yet to be approved: Age URL 1 https://admin.fedoraproject.org/updates/FEDORA-2013-0633/perl-5.14.3-205.fc16 1 https://admin.fedoraproject.org/updates/FEDORA-2013-0723/thunderbird-17.0.2-1.fc16 1 https://admin.fedoraproject.org/updates/FEDORA-2013-0632/perl-5.14.3-204.fc16 The following builds have been pushed to Fedora 16 updates-testing cherrytree-0.29-1.fc16 chmsee-1.99-0.21.16.gitfc6a4e80.fc16 darktable-1.1.2-1.fc16 glances-1.5.2-2.fc16 libburn-1.2.6-1.fc16 libisoburn-1.2.6-1.fc16 libisofs-1.2.6-1.fc16 lua-penlight-1.0.3-3.a.fc16 nagios-3.4.4-1.fc16 php-twig-Twig-1.12.0-1.fc16 xen-4.1.4-2.fc16 Details about builds: ================================================================================ cherrytree-0.29-1.fc16 (FEDORA-2013-0784) Hierarchical note taking application -------------------------------------------------------------------------------- Update Information: New upstream release -------------------------------------------------------------------------------- ChangeLog: * Sat Jan 12 2013 Robin Lee <cheeselee@xxxxxxxxxxxxxxxxx> - 0.29-1 - Update to 0.29 -------------------------------------------------------------------------------- References: [ 1 ] Bug #893905 - cherrytree-0.29 is available https://bugzilla.redhat.com/show_bug.cgi?id=893905 -------------------------------------------------------------------------------- ================================================================================ chmsee-1.99-0.21.16.gitfc6a4e80.fc16 (FEDORA-2013-0736) HTML Help viewer for Unix/Linux -------------------------------------------------------------------------------- Update Information: rebuild for xulrunner 18 -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 8 2013 bbbush <bbbush.yuan@xxxxxxxxx> - 1.99-0.21.16.gitfc6a4e80 - rebuild for xulrunner 18 -------------------------------------------------------------------------------- ================================================================================ darktable-1.1.2-1.fc16 (FEDORA-2013-0740) Utility to organize and develop raw images -------------------------------------------------------------------------------- Update Information: Upgrade to 1.1.2 adding map mode adding map mode adding map mode -------------------------------------------------------------------------------- ChangeLog: * Sat Jan 12 2013 Edouard Bourguignon <madko@xxxxxxxxxxx> - 1.1.2-1 - Upgrade to 1.1.2 * Sun Jan 6 2013 Edouard Bourguignon <madko@xxxxxxxxxxx> - 1.1.1-2 - Add map mode -------------------------------------------------------------------------------- ================================================================================ glances-1.5.2-2.fc16 (FEDORA-2013-0737) CLI curses based monitoring tool -------------------------------------------------------------------------------- Update Information: fix uninitialised variable y in displayMem function Upgrade to glances 1.5.2 upgrade to version 1.5 add missing dependancies Upgrade to version 1.4, glances is now using psUtils instead of pystatgrab. Upgrade to version 1.4, glances is now using psUtils instead of pystatgrab. Upgrade to version 1.4, glances is now using psUtils instead of pystatgrab. upgrade to version 1.5 add missing dependancies Upgrade to version 1.4, glances is now using psUtils instead of pystatgrab. Upgrade to version 1.4, glances is now using psUtils instead of pystatgrab. Upgrade to version 1.4, glances is now using psUtils instead of pystatgrab. upgrade to version 1.5 add missing dependancies Upgrade to version 1.4, glances is now using psUtils instead of pystatgrab. Upgrade to version 1.4, glances is now using psUtils instead of pystatgrab. Upgrade to version 1.4, glances is now using psUtils instead of pystatgrab. Upgrade to glances 1.5.2 upgrade to version 1.5 add missing dependancies Upgrade to version 1.4, glances is now using psUtils instead of pystatgrab. Upgrade to version 1.4, glances is now using psUtils instead of pystatgrab. Upgrade to version 1.4, glances is now using psUtils instead of pystatgrab. upgrade to version 1.5 add missing dependancies Upgrade to version 1.4, glances is now using psUtils instead of pystatgrab. Upgrade to version 1.4, glances is now using psUtils instead of pystatgrab. Upgrade to version 1.4, glances is now using psUtils instead of pystatgrab. upgrade to version 1.5 add missing dependancies Upgrade to version 1.4, glances is now using psUtils instead of pystatgrab. Upgrade to version 1.4, glances is now using psUtils instead of pystatgrab. Upgrade to version 1.4, glances is now using psUtils instead of pystatgrab. -------------------------------------------------------------------------------- ChangeLog: * Sat Jan 12 2013 Edouard Bourguignon <madko@xxxxxxxxxxx> - 1.5.2-2 - Patch to initialize y in displayMem (bug #894347) * Sun Dec 30 2012 Edouard Bourguignon <madko@xxxxxxxxxxx> - 1.5.2-1 - Upgrade to 1.5.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #894347 - [abrt] glances-1.5.2-1.fc17: glances.py:1816:displayMem:UnboundLocalError: local variable 'y' referenced before assignment https://bugzilla.redhat.com/show_bug.cgi?id=894347 -------------------------------------------------------------------------------- ================================================================================ libburn-1.2.6-1.fc16 (FEDORA-2013-0735) Library for reading, mastering and writing optical discs -------------------------------------------------------------------------------- Update Information: Changes towards previous version 1.2.4: libburn novelties: * Bug fix: Speed setting had no effect on BD media * New API call burn_read_audio() * New API call burn_list_sev_texts() cdrskin novelties: * New cdrskin option --no_load -------------------------------------------------------------------------------- ChangeLog: * Sat Jan 12 2013 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.2.6-1 - Update to upstream 1.2.6 (#893692) * Wed Dec 5 2012 Frantisek Kluknavsky <fkluknav@xxxxxxxxxx> - 1.2.4-5 - renamed patch - added package name to match naming guidelines * Tue Dec 4 2012 Frantisek Kluknavsky <fkluknav@xxxxxxxxxx> - 1.2.4-4 - current time in doxygen footer caused multilib difference - inserted empty footer instead * Thu Nov 22 2012 Frantisek Kluknavsky <fkluknav@xxxxxxxxxx> - 1.2.4-3 - Minor spec-file cleanup * Wed Aug 29 2012 Honza Horak <hhorak@xxxxxxxxxx> 1.2.4-2 - Changed license from GPLv2 to GPLv2+ to correspond with source -------------------------------------------------------------------------------- References: [ 1 ] Bug #893692 - libburn-1.2.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=893692 -------------------------------------------------------------------------------- ================================================================================ libisoburn-1.2.6-1.fc16 (FEDORA-2013-0765) Library to enable creation and expansion of ISO-9660 filesystems -------------------------------------------------------------------------------- Update Information: Changes towards previous version 1.2.4: libisoburn novelties: * New API calls Xorriso_parse_line() and Xorriso__dispose_words() * New API calls Xorriso_fetch_outlists() and Xorriso_peek_outlists() * New API call Xorriso_start_msg_watcher() * New API calls Xorriso__severity_cmp() and Xorriso__severity_list() * New API calls Xorriso_sieve_add_filter, Xorriso_sieve_get_result, Xorriso_sieve_clear_results, Xorriso_sieve_dispose, Xorriso_sieve_big xorriso novelties: * Bug fix: SIGSEGV by uninitialized local variable with -check_media patch_lba0="on". Regression by version 1.0.6 * Bug fix: -partition_offset 16 kept -isohybrid-gpt-basdat from writing MBR partition table entries of type 0xef * Bug fix: -rollback did not work if indev and outdev were empty * New -boot_image partition_cyl_align mode "all" * New -blank mode prefix "force:" * New -osirrox settings "blocked" and "unblock" * New command -lns for creating symbolic links * New command -toc_of * New command -msg_op * New command -launch_frontend -------------------------------------------------------------------------------- ChangeLog: * Sat Jan 12 2013 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.2.6-1 - Upgrade to 1.2.6 (#893693) -------------------------------------------------------------------------------- References: [ 1 ] Bug #893693 - libisoburn-1.2.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=893693 -------------------------------------------------------------------------------- ================================================================================ libisofs-1.2.6-1.fc16 (FEDORA-2013-0754) Library to create ISO 9660 disk images -------------------------------------------------------------------------------- Update Information: Changes towards previous version 1.2.4: * Bug fix: Appended partitions did not obey cylinder alignment * Bug fix: Non-zero partition offset zeroized the MBR copies of GPT partition table entries * Bug fix: Isohybrid production without any boot image led to SIGSEGV by NULL * Bug fix: Prevented a memory fault when reading damaged Rock Ridge information -------------------------------------------------------------------------------- ChangeLog: * Sat Jan 12 2013 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.2.6-1 - Upgrade to 1.2.6 (#893694) * Wed Aug 29 2012 Honza Horak <hhorak@xxxxxxxxxx> 1.2.4-2 - Changed license from GPLv2 to GPLv2+ to correspond with source - Added license LGPLv2+ due to make_isohybrid_mbr.c -------------------------------------------------------------------------------- References: [ 1 ] Bug #893694 - libisofs-1.2.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=893694 -------------------------------------------------------------------------------- ================================================================================ lua-penlight-1.0.3-3.a.fc16 (FEDORA-2013-0767) Penlight Lua Libraries -------------------------------------------------------------------------------- Update Information: Penlight brings together a set of generally useful pure Lua modules, focussing on input data handling (such as reading configuration files), functional programming (such as map, reduce, placeholder expressions,etc), and OS path management. Much of the functionality is inspired by the Python standard libraries. -------------------------------------------------------------------------------- References: [ 1 ] Bug #891999 - Review Request: lua-penlight - Penlight Lua Libraries https://bugzilla.redhat.com/show_bug.cgi?id=891999 -------------------------------------------------------------------------------- ================================================================================ nagios-3.4.4-1.fc16 (FEDORA-2013-0752) Nagios monitors hosts and services and yells if somethings breaks -------------------------------------------------------------------------------- Update Information: Update to 3.4.4; CVE-2012-6096 -------------------------------------------------------------------------------- ChangeLog: * Sun Jan 13 2013 Jose Pedro Oliveira <jpo at di.uminho.pt> - 3.4.4-1 - Update to 3.4.4; CVE-2012-6096 (#893269) - Refactored the patch nagios-0010-Added-several-images-to-the-sample-config.patch as patch can't create binary files (#875362). The old patch10 was replaced by nagios-0010-Added-several-images-to-the-sample-config-revb.patch and the PNG files included as sources 10, 11, and 12. -------------------------------------------------------------------------------- References: [ 1 ] Bug #893269 - CVE-2012-6096 nagios: stack-based buffer overflow in history.cgi https://bugzilla.redhat.com/show_bug.cgi?id=893269 -------------------------------------------------------------------------------- ================================================================================ php-twig-Twig-1.12.0-1.fc16 (FEDORA-2013-0760) Twig is a modern template engine for PHP -------------------------------------------------------------------------------- Update Information: 1.12.0 (2012-01-08) * added verbatim as an alias for the raw tag to avoid confusion with the raw filter * fixed registration of tests and functions as anonymous functions * fixed globals management 1.12.0-RC1 (2012-12-29) * added an include function (does the same as the include tag but in a more flexible way) * added the ability to use any PHP callable to define filters, functions, and tests * added a syntax error when using a loop variable that is not defined * added the ability to set default values for macro arguments * added support for named arguments for filters, tests, and functions * moved filters/functions/tests syntax errors to the parser * added support for extended ternary operator syntaxes Full changelog: https://github.com/fabpot/Twig/blob/v1.12.0/CHANGELOG See: * http://blog.twig.sensiolabs.org/post/40011861424/twig-1-12-0-released * http://blog.twig.sensiolabs.org/post/39237503408/twig-1-12-0-rc1-released -------------------------------------------------------------------------------- ChangeLog: * Sun Jan 13 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 1.12.0-1 - Updated to upstream version 1.12.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #893710 - php-twig-Twig-1.12.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=893710 -------------------------------------------------------------------------------- ================================================================================ xen-4.1.4-2.fc16 (FEDORA-2013-0761) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: VT-d interrupt remapping source validation flaw [XSA-33,CVE-2012-5634] -------------------------------------------------------------------------------- ChangeLog: * Sat Jan 12 2013 Michael Young <m.a.young@xxxxxxxxxxxx> - 4.1.4-2 - VT-d interrupt remapping source validation flaw [XSA-33, CVE-2012-5634] (#893568) -------------------------------------------------------------------------------- References: [ 1 ] Bug #886959 - CVE-2012-5634 kernel: xen: VT-d interrupt remapping source validation flaw https://bugzilla.redhat.com/show_bug.cgi?id=886959 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
