The following Fedora 16 Security updates need testing: Age URL 4 https://admin.fedoraproject.org/updates/FEDORA-2013-0723/thunderbird-17.0.2-1.fc16 36 https://admin.fedoraproject.org/updates/FEDORA-2012-20157/libproxy-0.4.11-1.fc16 116 https://admin.fedoraproject.org/updates/FEDORA-2012-14452/bacula-5.0.3-33.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2013-0835/seamonkey-2.15-1.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2013-0896/rubygem-rack-1.3.0-3.fc16 7 https://admin.fedoraproject.org/updates/FEDORA-2013-0468/proftpd-1.3.4b-4.fc16 35 https://admin.fedoraproject.org/updates/FEDORA-2012-20236/rssh-2.3.4-1.fc16 194 https://admin.fedoraproject.org/updates/FEDORA-2012-10314/revelation-0.4.14-1.fc16 114 https://admin.fedoraproject.org/updates/FEDORA-2012-14654/tor-0.2.2.39-1600.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2013-0640/moin-1.9.6-1.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2013-0633/perl-5.14.3-205.fc16 7 https://admin.fedoraproject.org/updates/FEDORA-2013-0477/gnupg-1.4.13-2.fc16 7 https://admin.fedoraproject.org/updates/FEDORA-2012-19347/cups-1.5.4-12.fc16 11 https://admin.fedoraproject.org/updates/FEDORA-2013-0222/gnupg2-2.0.19-7.fc16 14 https://admin.fedoraproject.org/updates/FEDORA-2013-0061/php-ZendFramework-1.12.1-1.fc16 7 https://admin.fedoraproject.org/updates/FEDORA-2013-0270/qt-4.8.4-6.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2013-0885/firefox-18.0-1.fc16,xulrunner-18.0-6.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2013-0686/rubygem-actionpack-3.0.10-10.fc16,rubygem-activerecord-3.0.10-5.fc16,rubygem-activesupport-3.0.10-5.fc16,rubygem-activemodel-3.0.10-2.fc16 2 https://admin.fedoraproject.org/updates/FEDORA-2013-0761/xen-4.1.4-2.fc16 2 https://admin.fedoraproject.org/updates/FEDORA-2013-0752/nagios-3.4.4-1.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2013-0894/ettercap-0.7.5-3.fc16.1.20120906gitc796e5 The following Fedora 16 Critical Path updates have yet to be approved: Age URL 4 https://admin.fedoraproject.org/updates/FEDORA-2013-0633/perl-5.14.3-205.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2013-0723/thunderbird-17.0.2-1.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2013-0632/perl-5.14.3-204.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2013-0885/firefox-18.0-1.fc16,xulrunner-18.0-6.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2013-0651/kernel-3.6.11-4.fc16 7 https://admin.fedoraproject.org/updates/FEDORA-2013-0477/gnupg-1.4.13-2.fc16 11 https://admin.fedoraproject.org/updates/FEDORA-2013-0230/selinux-policy-3.10.0-98.fc16 7 https://admin.fedoraproject.org/updates/FEDORA-2013-0270/qt-4.8.4-6.fc16 11 https://admin.fedoraproject.org/updates/FEDORA-2013-0263/qtwebkit-2.2.2-5.fc16 11 https://admin.fedoraproject.org/updates/FEDORA-2013-0222/gnupg2-2.0.19-7.fc16 11 https://admin.fedoraproject.org/updates/FEDORA-2013-0238/mysql-5.5.29-1.fc16 The following builds have been pushed to Fedora 16 updates-testing ettercap-0.7.5-3.fc16.1.20120906gitc796e5 firefox-18.0-1.fc16 mate-common-1.5.1-1.fc16 mediatomb-0.12.1-15.fc16 php-pear-phing-2.4.14-1.fc16 rubygem-rack-1.3.0-3.fc16 seamonkey-2.15-1.fc16 xulrunner-18.0-6.fc16 Details about builds: ================================================================================ ettercap-0.7.5-3.fc16.1.20120906gitc796e5 (FEDORA-2013-0894) Network traffic sniffer/analyser, NCURSES interface version -------------------------------------------------------------------------------- Update Information: Fix for CVE-2013-0722 -------------------------------------------------------------------------------- ChangeLog: * Mon Jan 14 2013 Jon Ciesla <limburgher@xxxxxxxxx> - 0.7.5-3.1.20120906gitc796e5 - Patch for CVE-2013-0722. * Tue Oct 16 2012 Jon Ciesla <limburgher@xxxxxxxxx> - 0.7.5-2.1.20120906gitc796e5 - Fix DHCP spoofing in gtk interface, BZ 867075. * Mon Sep 10 2012 Jon Ciesla <limburgher@xxxxxxxxx> - 0.7.5-1.1.20120906gitc796e5 - Fixed Release tag and build flags, BZ 855504. * Thu Sep 6 2012 Jon Ciesla <limburgher@xxxxxxxxx> - 0.7.5-0.20120906gitc796e5 - Fixed Obsoletes, BZ 855067. * Tue Sep 4 2012 Jon Ciesla <limburgher@xxxxxxxxx> - 0.7.5-0.20120905gitc796e5 - Switch to git ettercap_rc branch for gtk crash, BZ 853791. - Dropped UI and daemon patches. - Merged subpackages, in part due to buildsystem change. - Spec cleanup. * Thu Jul 19 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.7.4.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Thu Apr 12 2012 Jon Ciesla <limburgher@xxxxxxxxx> - 0.7.4.1-3 - Add hardened build. * Fri Mar 30 2012 Jon Ciesla <limburgher@xxxxxxxxx> - 0.7.4.1-2 - libnet rebuild. * Mon Mar 12 2012 Jon Ciesla <limburgher@xxxxxxxxx> - 0.7.4.1-1 - New upstream. * Fri Feb 10 2012 Petr Pisar <ppisar@xxxxxxxxxx> - 0.7.4-4 - Rebuild against PCRE 8.30 -------------------------------------------------------------------------------- References: [ 1 ] Bug #894094 - CVE-2013-0722 ettercap: stack-based buffer overflow when parsing hosts list [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=894094 -------------------------------------------------------------------------------- ================================================================================ firefox-18.0-1.fc16 (FEDORA-2013-0885) Mozilla Firefox Web browser -------------------------------------------------------------------------------- Update Information: Update to Firefox 18. -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 9 2013 Martin Stransky <stransky@xxxxxxxxxx> - 18.0-1 - Update to 18.0 * Tue Dec 18 2012 Martin Stransky <stransky@xxxxxxxxxx> - 17.0.1-2 - Fix bug 878831 - Please enable gfx.color_management.enablev4=true -------------------------------------------------------------------------------- ================================================================================ mate-common-1.5.1-1.fc16 (FEDORA-2013-0844) mate common build files -------------------------------------------------------------------------------- Update Information: latest upstream release -------------------------------------------------------------------------------- ChangeLog: * Mon Jan 14 2013 Dan Mashal <dan.mashal@xxxxxxxxxxxxxxxxx> 1.5.1-1 - Update to latest upstream release. * Mon Jan 14 2013 Dan Mashal <dan.mashal@xxxxxxxxxxxxxxxxx> 1.5.0-2 - Add patch for latest autoconf and automake on rawhide -------------------------------------------------------------------------------- ================================================================================ mediatomb-0.12.1-15.fc16 (FEDORA-2013-0842) MediaTomb - UPnP AV Mediaserver for Linux -------------------------------------------------------------------------------- Update Information: Fix segfault when transcoding. -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 15 2013 Jon Ciesla - 0.12.1-15 - Fix for transcoding segfault, BZ 783367. -------------------------------------------------------------------------------- References: [ 1 ] Bug #783367 - [abrt] mediatomb-0.12.1-14.fc16: Process /usr/bin/mediatomb was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=783367 -------------------------------------------------------------------------------- ================================================================================ php-pear-phing-2.4.14-1.fc16 (FEDORA-2013-0864) A project build system based on Apache Ant -------------------------------------------------------------------------------- Update Information: upstream 2.4.14, remove non-free stuff, remove optional xdebug requirement, use pear_metadir -------------------------------------------------------------------------------- ChangeLog: * Mon Jan 14 2013 Christof Damian <christof@xxxxxxxxxx> - 2.4.14-1 - upstream 2.4.14 - remove non-free stuff - remove optional xdebug requirement - use pear_metadir * Sun Aug 19 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.4.12-3 - rebuilt for new pear_datadir * Sat Jul 21 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.4.12-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #894748 - Non-free license https://bugzilla.redhat.com/show_bug.cgi?id=894748 [ 2 ] Bug #878789 - php-pear-phing-2.4.13 is available https://bugzilla.redhat.com/show_bug.cgi?id=878789 -------------------------------------------------------------------------------- ================================================================================ rubygem-rack-1.3.0-3.fc16 (FEDORA-2013-0896) Common API for connecting web frameworks, web servers and layers of software -------------------------------------------------------------------------------- Update Information: Fixes for CVE-2011-6109, CVE-2013-0183 and CVE-2013-0184. -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 15 2013 Vít Ondruch <vondruch@xxxxxxxxxx> - 1:1.3.0-3 - Fixes for CVE-2011-6109, CVE-2013-0183 and CVE-2013-0184. -------------------------------------------------------------------------------- References: [ 1 ] Bug #895277 - CVE-2012-6109 rubygem-rack: parsing Content-Disposition header DoS https://bugzilla.redhat.com/show_bug.cgi?id=895277 [ 2 ] Bug #895282 - CVE-2013-0183 rubygem-rack: receiving excessively long lines triggers out-of-memory error https://bugzilla.redhat.com/show_bug.cgi?id=895282 [ 3 ] Bug #895384 - CVE-2013-0184 rubygem-rack: Rack::Auth::AbstractRequest DoS https://bugzilla.redhat.com/show_bug.cgi?id=895384 -------------------------------------------------------------------------------- ================================================================================ seamonkey-2.15-1.fc16 (FEDORA-2013-0835) Web browser, e-mail, news, IRC client, HTML editor -------------------------------------------------------------------------------- Update Information: Update to 2.15 Fixes CVE-2013-0743, CVE-2013-{0744-0760}, CVE-2013-0762, CVE-2013-0764, CVE-2013-{0766-0770} -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 11 2013 Dmitry Butskoy <Dmitry@xxxxxxxxxxxx> 2.15-1 - update to 2.15 - don't try to change global user settings for default browser/mail etc. - add fix for #304121 (derived from Xulrunner) -------------------------------------------------------------------------------- References: [ 1 ] Bug #893717 - seamonkey-2.15 is available https://bugzilla.redhat.com/show_bug.cgi?id=893717 -------------------------------------------------------------------------------- ================================================================================ xulrunner-18.0-6.fc16 (FEDORA-2013-0885) XUL Runtime for Gecko Applications -------------------------------------------------------------------------------- Update Information: Update to Firefox 18. -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 9 2013 Martin Stransky <stransky@xxxxxxxxxx> - 18.0-6 - Fixed missing libxpcom.so provides * Wed Jan 9 2013 Martin Stransky <stransky@xxxxxxxxxx> - 18.0-5 - Added fix for langpacks * Wed Jan 9 2013 Martin Stransky <stransky@xxxxxxxxxx> - 18.0-4 - Fixed source files - Disabled WebRTC due to rhbz#304121 * Wed Jan 9 2013 Martin Stransky <stransky@xxxxxxxxxx> - 18.0-2 - Disabled system sqlite on Fedora 18 * Mon Jan 7 2013 Martin Stransky <stransky@xxxxxxxxxx> - 18.0-1 - Update to 18.0 * Thu Dec 13 2012 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> 17.0.1-3 - Disable webrtc on ARM as it currently tries to build SSE on ARM (fix FTBFS) - Enable methodjit/tracejit on ARMv7 for more speed :) Fixes RHBZ 870548 * Fri Dec 7 2012 Jan Horak <jhorak@xxxxxxxxxx> - 17.0.1-2 - Fixed rhbz#879595 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
