The following Fedora 16 Security updates need testing: Age URL 7 https://admin.fedoraproject.org/updates/FEDORA-2013-0723/thunderbird-17.0.2-1.fc16 39 https://admin.fedoraproject.org/updates/FEDORA-2012-20157/libproxy-0.4.11-1.fc16 120 https://admin.fedoraproject.org/updates/FEDORA-2012-14452/bacula-5.0.3-33.fc16 1 https://admin.fedoraproject.org/updates/FEDORA-2013-0915/moodle-2.1.10-1.fc16 3 https://admin.fedoraproject.org/updates/FEDORA-2013-0896/rubygem-rack-1.3.0-3.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2013-1130/php-symfony2-Yaml-2.0.22-1.fc16 38 https://admin.fedoraproject.org/updates/FEDORA-2012-20236/rssh-2.3.4-1.fc16 1 https://admin.fedoraproject.org/updates/FEDORA-2013-0934/qemu-0.15.1-9.fc16 198 https://admin.fedoraproject.org/updates/FEDORA-2012-10314/revelation-0.4.14-1.fc16 118 https://admin.fedoraproject.org/updates/FEDORA-2012-14654/tor-0.2.2.39-1600.fc16 7 https://admin.fedoraproject.org/updates/FEDORA-2013-0640/moin-1.9.6-1.fc16 7 https://admin.fedoraproject.org/updates/FEDORA-2013-0633/perl-5.14.3-205.fc16 3 https://admin.fedoraproject.org/updates/FEDORA-2013-0835/seamonkey-2.15-1.fc16 10 https://admin.fedoraproject.org/updates/FEDORA-2012-19347/cups-1.5.4-12.fc16 10 https://admin.fedoraproject.org/updates/FEDORA-2013-0270/qt-4.8.4-6.fc16 3 https://admin.fedoraproject.org/updates/FEDORA-2013-0885/firefox-18.0-1.fc16,xulrunner-18.0-6.fc16 7 https://admin.fedoraproject.org/updates/FEDORA-2013-0686/rubygem-actionpack-3.0.10-10.fc16,rubygem-activerecord-3.0.10-5.fc16,rubygem-activesupport-3.0.10-5.fc16,rubygem-activemodel-3.0.10-2.fc16 5 https://admin.fedoraproject.org/updates/FEDORA-2013-0752/nagios-3.4.4-1.fc16 3 https://admin.fedoraproject.org/updates/FEDORA-2013-0894/ettercap-0.7.5-3.fc16.1.20120906gitc796e5 1 https://admin.fedoraproject.org/updates/FEDORA-2013-0935/samba4-4.0.0-39.alpha16.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2013-0468/proftpd-1.3.4b-5.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2013-0992/asterisk-1.8.20.0-1.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2013-1122/drupal6-6.28-1.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2013-1092/drupal7-7.19-1.fc16 The following Fedora 16 Critical Path updates have yet to be approved: Age URL 7 https://admin.fedoraproject.org/updates/FEDORA-2013-0633/perl-5.14.3-205.fc16 7 https://admin.fedoraproject.org/updates/FEDORA-2013-0723/thunderbird-17.0.2-1.fc16 7 https://admin.fedoraproject.org/updates/FEDORA-2013-0632/perl-5.14.3-204.fc16 3 https://admin.fedoraproject.org/updates/FEDORA-2013-0885/firefox-18.0-1.fc16,xulrunner-18.0-6.fc16 10 https://admin.fedoraproject.org/updates/FEDORA-2013-0270/qt-4.8.4-6.fc16 The following builds have been pushed to Fedora 16 updates-testing LinLog-0.4-10.fc16 OpenImageIO-1.0.11-1.fc16 VirtualGL-2.3.2-2.fc16 asterisk-1.8.20.0-1.fc16 drupal6-6.28-1.fc16 drupal7-7.19-1.fc16 easybashgui-5.1.2-1.fc16 imapsync-1.518-2.fc16 librep-0.92.3-1.fc16 mate-control-center-1.5.3-3.fc16 perl-Image-ExifTool-9.13-1.fc16 perl-Net-Pcap-0.17-1.fc16 php-symfony2-BrowserKit-2.0.22-1.fc16 php-symfony2-ClassLoader-2.0.22-1.fc16 php-symfony2-Config-2.0.22-1.fc16 php-symfony2-Console-2.0.22-1.fc16 php-symfony2-CssSelector-2.0.22-1.fc16 php-symfony2-DependencyInjection-2.0.22-1.fc16 php-symfony2-DomCrawler-2.0.22-1.fc16 php-symfony2-EventDispatcher-2.0.22-1.fc16 php-symfony2-Finder-2.0.22-1.fc16 php-symfony2-Form-2.0.22-1.fc16 php-symfony2-HttpFoundation-2.0.22-1.fc16 php-symfony2-HttpKernel-2.0.22-1.fc16 php-symfony2-Locale-2.0.22-1.fc16 php-symfony2-Process-2.0.22-1.fc16 php-symfony2-Routing-2.0.22-1.fc16 php-symfony2-Security-2.0.22-1.fc16 php-symfony2-Serializer-2.0.22-1.fc16 php-symfony2-Templating-2.0.22-1.fc16 php-symfony2-Translation-2.0.22-1.fc16 php-symfony2-Validator-2.0.22-1.fc16 php-symfony2-Yaml-2.0.22-1.fc16 proftpd-1.3.4b-5.fc16 python-simplevisor-0.6-1.fc16 rep-gtk-0.90.8.1-1.fc16 sawfish-1.9.90-1.fc16 scribus-1.4.2-2.fc16 tito-0.4.11-1.fc16 tw-0.9.8-1.fc16 Details about builds: ================================================================================ LinLog-0.4-10.fc16 (FEDORA-2013-0995) A ham radio logbook for Linux -------------------------------------------------------------------------------- Update Information: Fix qmake build to respect required build flags. Don't pull in sql files twice. -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 16 2013 Richard Shaw <hobbes1069@xxxxxxxxx> - 0.4-10 - Fix qmake build to respect required build flags. - Don't pull in sql files twice. * Wed Jul 18 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.4-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Tue Feb 28 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.4-8 - Rebuilt for c++ ABI breakage * Thu Jan 12 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.4-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #795945 - LinLog build does not respect build flags. https://bugzilla.redhat.com/show_bug.cgi?id=795945 -------------------------------------------------------------------------------- ================================================================================ OpenImageIO-1.0.11-1.fc16 (FEDORA-2013-1057) Library for reading and writing images -------------------------------------------------------------------------------- Update Information: Update to latest upstream patch release. Separate utilities and library. -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 17 2013 Richard Shaw <hobbes1069@xxxxxxxxx> - 1.0.11-1 - Update to latest upstream patch release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #864548 - Split out iv? https://bugzilla.redhat.com/show_bug.cgi?id=864548 -------------------------------------------------------------------------------- ================================================================================ VirtualGL-2.3.2-2.fc16 (FEDORA-2013-1112) A toolkit for displaying OpenGL applications to thin clients -------------------------------------------------------------------------------- Update Information: Here is where you give an explanation of your update. Initial ship of package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #834127 - Review Request: VirtualGL - A toolkit for displaying OpenGL applications to thin clients https://bugzilla.redhat.com/show_bug.cgi?id=834127 -------------------------------------------------------------------------------- ================================================================================ asterisk-1.8.20.0-1.fc16 (FEDORA-2013-0992) The Open Source PBX -------------------------------------------------------------------------------- Update Information: The Asterisk Development Team has announced the release of Asterisk 1.8.20.0. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk The release of Asterisk 1.8.20.0 resolves several issues reported by the community and would have not been possible without your participation. Thank you! The following is a sample of the issues resolved in this release: * --- app_meetme: Fix channels lingering when hung up under certain conditions (Closes issue ASTERISK-20486. Reported by Michael Cargile) * --- Fix stuck DTMF when bridge is broken. (Closes issue ASTERISK-20492. Reported by Jeremiah Gowdy) * --- Improve Code Readability And Fix Setting natdetected Flag (Closes issue ASTERISK-20724. Reported by Michael L. Young) * --- Fix extension matching with the '-' char. (Closes issue ASTERISK-19205. Reported by Philippe Lindheimer, Birger "WIMPy" Harzenetter) * --- Fix call files when astspooldir is relative. (Closes issue ASTERISK-20593. Reported by James Le Cuirot) For a full list of changes in this release, please see the ChangeLog: http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.20.0 -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 18 2013 Jeffrey Ollie <jeff@xxxxxxxxxx> - 1.8.19.0-1: - The Asterisk Development Team has announced the release of Asterisk 1.8.20.0. - This release is available for immediate download at - http://downloads.asterisk.org/pub/telephony/asterisk - - The release of Asterisk 1.8.20.0 resolves several issues reported by the - community and would have not been possible without your participation. - Thank you! - - The following is a sample of the issues resolved in this release: - - * --- app_meetme: Fix channels lingering when hung up under certain - conditions - (Closes issue ASTERISK-20486. Reported by Michael Cargile) - - * --- Fix stuck DTMF when bridge is broken. - (Closes issue ASTERISK-20492. Reported by Jeremiah Gowdy) - - * --- Improve Code Readability And Fix Setting natdetected Flag - (Closes issue ASTERISK-20724. Reported by Michael L. Young) - - * --- Fix extension matching with the '-' char. - (Closes issue ASTERISK-19205. Reported by Philippe Lindheimer, Birger "WIMPy" Harzenetter) - - * --- Fix call files when astspooldir is relative. - (Closes issue ASTERISK-20593. Reported by James Le Cuirot) - - For a full list of changes in this release, please see the ChangeLog: - - http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.20.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #891646 - CVE-2012-5976 asterisk: Crashes due to large stack allocations when using TCP (AST-2012-014) https://bugzilla.redhat.com/show_bug.cgi?id=891646 [ 2 ] Bug #891649 - CVE-2012-5977 asterisk: Denial of service through exploitation of device state caching (AST-2012-015) https://bugzilla.redhat.com/show_bug.cgi?id=891649 -------------------------------------------------------------------------------- ================================================================================ drupal6-6.28-1.fc16 (FEDORA-2013-1122) An open-source content-management platform -------------------------------------------------------------------------------- Update Information: SA-CORE-2013-001 -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 17 2013 Jon Ciesla <limburgher@xxxxxxxxx> - 6.28-1 - 6.28, SA-CORE-2013-001. -------------------------------------------------------------------------------- References: [ 1 ] Bug #896454 - drupal6-6.28 is available https://bugzilla.redhat.com/show_bug.cgi?id=896454 [ 2 ] Bug #896468 - drupal6, drupal7: Multiple security flaws fixed in upstream 6.28 and 7.19 versions (SA-CORE-2013-001) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=896468 [ 3 ] Bug #896469 - drupal6, drupal7: Multiple security flaws fixed in upstream 6.28 and 7.19 versions (SA-CORE-2013-001) [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=896469 [ 4 ] Bug #896470 - drupal6, drupal7: Multiple security flaws fixed in upstream 6.28 and 7.19 versions (SA-CORE-2013-001) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=896470 [ 5 ] Bug #896471 - drupal6, drupal7: Multiple security flaws fixed in upstream 6.28 and 7.19 versions (SA-CORE-2013-001) [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=896471 -------------------------------------------------------------------------------- ================================================================================ drupal7-7.19-1.fc16 (FEDORA-2013-1092) An open-source content-management platform -------------------------------------------------------------------------------- Update Information: SA-CORE-2013-001 -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 17 2013 Jon Ciesla <limburgher@xxxxxxxxx> - 7.19-1 - 7.19, SA-CORE-2013-001. -------------------------------------------------------------------------------- References: [ 1 ] Bug #896455 - drupal7-7.19 is available https://bugzilla.redhat.com/show_bug.cgi?id=896455 [ 2 ] Bug #896468 - drupal6, drupal7: Multiple security flaws fixed in upstream 6.28 and 7.19 versions (SA-CORE-2013-001) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=896468 [ 3 ] Bug #896469 - drupal6, drupal7: Multiple security flaws fixed in upstream 6.28 and 7.19 versions (SA-CORE-2013-001) [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=896469 [ 4 ] Bug #896470 - drupal6, drupal7: Multiple security flaws fixed in upstream 6.28 and 7.19 versions (SA-CORE-2013-001) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=896470 [ 5 ] Bug #896471 - drupal6, drupal7: Multiple security flaws fixed in upstream 6.28 and 7.19 versions (SA-CORE-2013-001) [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=896471 -------------------------------------------------------------------------------- ================================================================================ easybashgui-5.1.2-1.fc16 (FEDORA-2013-1059) Bash function library -------------------------------------------------------------------------------- Update Information: Update to 5.1.2 -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 17 2013 Matthieu Saulnier <fantom@xxxxxxxxxxxxxxxxx> - 5.1.2-1 - Update to 5.1.2 - Use full working url in Source0 tag - Replace old patch by a new one - Fix typo in french %description section - Minor cleanup in %prep section - Add new stuff in %install and %files section -------------------------------------------------------------------------------- ================================================================================ imapsync-1.518-2.fc16 (FEDORA-2013-1043) Tool to migrate email between IMAP servers -------------------------------------------------------------------------------- Update Information: Fix outdated license references in README and imapsync script to conform with new NLPL license instead of WTFPL Update to 1.518 -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 17 2013 Nick Bebout <nb@xxxxxxxxxxxxxxxxx> - 1.518-2 - Fix spec to install COPYING file now * Thu Jan 17 2013 Nick Bebout <nb@xxxxxxxxxxxxxxxxx> - 1.518-1 - Upgrade to 1.518 -------------------------------------------------------------------------------- ================================================================================ librep-0.92.3-1.fc16 (FEDORA-2013-1155) A lightweight Lisp environment -------------------------------------------------------------------------------- Update Information: Upstream update. Fixes Firefox 17 window resize bug. -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 17 2013 Kim B. Heino <b@xxxxxxxx> - 0.92.3-1 - Update to 0.92.3 * Tue Sep 4 2012 Dan Horák <dan[at]danny.cz> 0.92.2-6 - fix stack direction on s390(x) * Thu Aug 9 2012 karsten Hopp <karsten@xxxxxxxxxx> 0.92.2-5 - fix stack direction on PPC* * Thu Jul 19 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.92.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Wed May 30 2012 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - 0.92.2-3 - Improve ARM platform detection * Sun May 27 2012 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - 0.92.2-2 - Fix stack direction on ARM platforms - Cleanup spec * Mon Mar 26 2012 Kim B. Heino <b@xxxxxxxx> - 0.92.2-1 - Update to 0.92.2 * Sat Jan 14 2012 Kim B. Heino <b@xxxxxxxx> - 0.92.1-4 - Force stack direction check on x86_64 for gcc-4.7 * Fri Jan 13 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.92.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Wed Nov 2 2011 Kim B. Heino <b@xxxxxxxx> - 0.92.1-2 - Rebuild -------------------------------------------------------------------------------- ================================================================================ mate-control-center-1.5.3-3.fc16 (FEDORA-2013-1065) MATE Desktop control-center -------------------------------------------------------------------------------- Update Information: latest upstream release Various bugfixes for gsettings/window prefs. Various bugfixes for gsettings/window prefs. Various bugfixes for gsettings/window prefs. -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 17 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.5.3-3 - fix obsoletes - sort BuildRequires * Wed Jan 16 2013 Dan Mashal <dan.mashal@xxxxxxxxxxxxxxxxx> - 1.5.3-2 - Fix conflicts * Tue Jan 15 2013 Dan Mashal <dan.mashal@xxxxxxxxxxxxxxxxx> - 1.5.3-1 - Update to latest upstream release. * Fri Jan 11 2013 Dan Mashal <dan.mashal@xxxxxxxxxxxxxxxxx> - 1.5.2-2 - Switch back to old BR scheme. - Drop unneeded BR's - Add upstream patch to fix tielbar actions * Fri Dec 21 2012 Nelson Marques <nmarques@xxxxxxxxxxxxxxxxx> - 1.5.2-1 - Update to version 1.5.2 so we can receive mate-panel 1.5.3 - Remove dropped BRs: MateCORBA-2.0 - Split out libslab (now distributed) - Minor rework for readibility and ordered BuildRequires -------------------------------------------------------------------------------- References: [ 1 ] Bug #889789 - Changing the Titlebar Action has no effect https://bugzilla.redhat.com/show_bug.cgi?id=889789 -------------------------------------------------------------------------------- ================================================================================ perl-Image-ExifTool-9.13-1.fc16 (FEDORA-2013-1084) Utility for reading and writing image meta info -------------------------------------------------------------------------------- Update Information: Update to 9.13 (stable): * Added basic validation of ExifVersion and FlashpixVersion tags when writing * Fixed problem where MPF PreviewImage was lost when editing metadata in JPEG images from the Nikon D4, D600 or D800 -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 18 2013 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 9.13-1 - update to 9.13 (stable) -------------------------------------------------------------------------------- ================================================================================ perl-Net-Pcap-0.17-1.fc16 (FEDORA-2013-1053) Interface to pcap(3) LBL packet capture library -------------------------------------------------------------------------------- Update Information: This update fixes CPAN-RT#43308 - Net::Pcap no longer enables immediate (unsafe) signals delivery and fixes allocated size in pcap_open(), pcap_createsrcstr() and pcap_parsesrcstr(). -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 18 2013 Iain Arnell <iarnell@xxxxxxxxx> 0.17-1 - update to latest upstream version - clean up spec for modern rpmbuild * Fri Jul 20 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.16-15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Mon Jun 11 2012 Petr Pisar <ppisar@xxxxxxxxxx> - 0.16-14 - Perl 5.16 rebuild * Fri Jan 13 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.16-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ php-symfony2-BrowserKit-2.0.22-1.fc16 (FEDORA-2013-1068) Symfony2 BrowserKit Component -------------------------------------------------------------------------------- Update Information: Updated to upstream version 2.0.22 See: http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released Changelog: https://github.com/symfony/symfony/blob/v2.0.22/CHANGELOG-2.0.md -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 18 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 2.0.22-1 - Updated to upstream version 2.0.22 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-ClassLoader-2.0.22-1.fc16 (FEDORA-2013-1068) Symfony2 ClassLoader Component -------------------------------------------------------------------------------- Update Information: Updated to upstream version 2.0.22 See: http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released Changelog: https://github.com/symfony/symfony/blob/v2.0.22/CHANGELOG-2.0.md -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 18 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 2.0.22-1 - Updated to upstream version 2.0.22 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-Config-2.0.22-1.fc16 (FEDORA-2013-1068) Symfony2 Config Component -------------------------------------------------------------------------------- Update Information: Updated to upstream version 2.0.22 See: http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released Changelog: https://github.com/symfony/symfony/blob/v2.0.22/CHANGELOG-2.0.md -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 18 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 2.0.22-1 - Updated to upstream version 2.0.22 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-Console-2.0.22-1.fc16 (FEDORA-2013-1068) Symfony2 Console Component -------------------------------------------------------------------------------- Update Information: Updated to upstream version 2.0.22 See: http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released Changelog: https://github.com/symfony/symfony/blob/v2.0.22/CHANGELOG-2.0.md -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 18 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 2.0.22-1 - Updated to upstream version 2.0.22 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-CssSelector-2.0.22-1.fc16 (FEDORA-2013-1068) Symfony2 CssSelector Component -------------------------------------------------------------------------------- Update Information: Updated to upstream version 2.0.22 See: http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released Changelog: https://github.com/symfony/symfony/blob/v2.0.22/CHANGELOG-2.0.md -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 18 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 2.0.22-1 - Updated to upstream version 2.0.22 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-DependencyInjection-2.0.22-1.fc16 (FEDORA-2013-1068) Symfony2 DependencyInjection Component -------------------------------------------------------------------------------- Update Information: Updated to upstream version 2.0.22 See: http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released Changelog: https://github.com/symfony/symfony/blob/v2.0.22/CHANGELOG-2.0.md -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 18 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 2.0.22-1 - Updated to upstream version 2.0.22 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-DomCrawler-2.0.22-1.fc16 (FEDORA-2013-1068) Symfony2 DomCrawler Component -------------------------------------------------------------------------------- Update Information: Updated to upstream version 2.0.22 See: http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released Changelog: https://github.com/symfony/symfony/blob/v2.0.22/CHANGELOG-2.0.md -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 18 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 2.0.22-1 - Updated to upstream version 2.0.22 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-EventDispatcher-2.0.22-1.fc16 (FEDORA-2013-1068) Symfony2 EventDispatcher Component -------------------------------------------------------------------------------- Update Information: Updated to upstream version 2.0.22 See: http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released Changelog: https://github.com/symfony/symfony/blob/v2.0.22/CHANGELOG-2.0.md -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 18 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 2.0.22-1 - Updated to upstream version 2.0.22 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-Finder-2.0.22-1.fc16 (FEDORA-2013-1068) Symfony2 Finder Component -------------------------------------------------------------------------------- Update Information: Updated to upstream version 2.0.22 See: http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released Changelog: https://github.com/symfony/symfony/blob/v2.0.22/CHANGELOG-2.0.md -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 18 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 2.0.22-1 - Updated to upstream version 2.0.22 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-Form-2.0.22-1.fc16 (FEDORA-2013-1068) Symfony2 Form Component -------------------------------------------------------------------------------- Update Information: Updated to upstream version 2.0.22 See: http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released Changelog: https://github.com/symfony/symfony/blob/v2.0.22/CHANGELOG-2.0.md -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 18 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 2.0.22-1 - Updated to upstream version 2.0.22 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-HttpFoundation-2.0.22-1.fc16 (FEDORA-2013-1068) Symfony2 HttpFoundation Component -------------------------------------------------------------------------------- Update Information: Updated to upstream version 2.0.22 See: http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released Changelog: https://github.com/symfony/symfony/blob/v2.0.22/CHANGELOG-2.0.md -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 18 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 2.0.22-1 - Updated to upstream version 2.0.22 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-HttpKernel-2.0.22-1.fc16 (FEDORA-2013-1068) Symfony2 HttpKernel Component -------------------------------------------------------------------------------- Update Information: Updated to upstream version 2.0.22 See: http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released Changelog: https://github.com/symfony/symfony/blob/v2.0.22/CHANGELOG-2.0.md -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 18 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 2.0.22-1 - Updated to upstream version 2.0.22 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-Locale-2.0.22-1.fc16 (FEDORA-2013-1068) Symfony2 Locale Component -------------------------------------------------------------------------------- Update Information: Updated to upstream version 2.0.22 See: http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released Changelog: https://github.com/symfony/symfony/blob/v2.0.22/CHANGELOG-2.0.md -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 18 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 2.0.22-1 - Updated to upstream version 2.0.22 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-Process-2.0.22-1.fc16 (FEDORA-2013-1068) Symfony2 Process Component -------------------------------------------------------------------------------- Update Information: Updated to upstream version 2.0.22 See: http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released Changelog: https://github.com/symfony/symfony/blob/v2.0.22/CHANGELOG-2.0.md -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 18 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 2.0.22-1 - Updated to upstream version 2.0.22 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-Routing-2.0.22-1.fc16 (FEDORA-2013-1068) Symfony2 Routing Component -------------------------------------------------------------------------------- Update Information: Updated to upstream version 2.0.22 See: http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released Changelog: https://github.com/symfony/symfony/blob/v2.0.22/CHANGELOG-2.0.md -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 18 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 2.0.22-1 - Updated to upstream version 2.0.22 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-Security-2.0.22-1.fc16 (FEDORA-2013-1068) Symfony2 Security Component -------------------------------------------------------------------------------- Update Information: Updated to upstream version 2.0.22 See: http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released Changelog: https://github.com/symfony/symfony/blob/v2.0.22/CHANGELOG-2.0.md -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 18 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 2.0.22-1 - Updated to upstream version 2.0.22 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-Serializer-2.0.22-1.fc16 (FEDORA-2013-1068) Symfony2 Serializer Component -------------------------------------------------------------------------------- Update Information: Updated to upstream version 2.0.22 See: http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released Changelog: https://github.com/symfony/symfony/blob/v2.0.22/CHANGELOG-2.0.md -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 18 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 2.0.22-1 - Updated to upstream version 2.0.22 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-Templating-2.0.22-1.fc16 (FEDORA-2013-1068) Symfony2 Templating Component -------------------------------------------------------------------------------- Update Information: Updated to upstream version 2.0.22 See: http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released Changelog: https://github.com/symfony/symfony/blob/v2.0.22/CHANGELOG-2.0.md -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 18 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 2.0.22-1 - Updated to upstream version 2.0.22 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-Translation-2.0.22-1.fc16 (FEDORA-2013-1068) Symfony2 Translation Component -------------------------------------------------------------------------------- Update Information: Updated to upstream version 2.0.22 See: http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released Changelog: https://github.com/symfony/symfony/blob/v2.0.22/CHANGELOG-2.0.md -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 18 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 2.0.22-1 - Updated to upstream version 2.0.22 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-Validator-2.0.22-1.fc16 (FEDORA-2013-1068) Symfony2 Validator Component -------------------------------------------------------------------------------- Update Information: Updated to upstream version 2.0.22 See: http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released Changelog: https://github.com/symfony/symfony/blob/v2.0.22/CHANGELOG-2.0.md -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 18 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 2.0.22-1 - Updated to upstream version 2.0.22 -------------------------------------------------------------------------------- ================================================================================ php-symfony2-Yaml-2.0.22-1.fc16 (FEDORA-2013-1130) Symfony2 Yaml Component -------------------------------------------------------------------------------- Update Information: Updated to upstream version 2.0.22 CVE-2013-1348: Ability to enable/disable PHP parsing in Yaml::parse() CVE-2013-1397: Ability to enable/disable object support in YAML parsing and dumping See: http://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released Changelog: https://github.com/symfony/symfony/blob/v2.0.22/CHANGELOG-2.0.md -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 18 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 2.0.22-1 - Updated to upstream version 2.0.22 -------------------------------------------------------------------------------- ================================================================================ proftpd-1.3.4b-5.fc16 (FEDORA-2013-0468) Flexible, stable and highly-configurable FTP server -------------------------------------------------------------------------------- Update Information: Jann Horn reported that there is a possible race condition in the handling of the MKD/XMKD FTP commands, when the UserOwner directive is involved, and the attacker is on the same physical machine as a running proftpd. This race applies to mod_sftp and the handling of the MKDIR SFTP request as well. Note that using the DefaultRoot directive to restrict sessions mitigates this attack, since the symlinks created by the local attacker will point outside of the chroot(2) area within the FTP session, and thus the ownership change will fail. The default configuration in Fedora applies the DefaultRoot directive to all users except "adm". The upstream reference for this issue is: http://bugs.proftpd.org/show_bug.cgi?id=3841 This update includes upstream's backport to proftpd 1.3.4 of the fix for this issue. -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 16 2013 Paul Howarth <paul@xxxxxxxxxxxx> 1.3.4b-5 - Update patch for CVE-2012-6095 to cover vroot cases * Mon Jan 7 2013 Paul Howarth <paul@xxxxxxxxxxxx> 1.3.4b-4 - Fix possible symlink race when applying UserOwner to newly created directory (CVE-2012-6095, #892715, http://bugs.proftpd.org/show_bug.cgi?id=3841) * Sat Sep 22 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> 1.3.4b-3 - Rebuild against libmemcached.so.11 without SASL * Thu Aug 30 2012 Paul Howarth <paul@xxxxxxxxxxxx> 1.3.4b-2 - Add support for systemd presets in Fedora 18+ (#850281) -------------------------------------------------------------------------------- References: [ 1 ] Bug #892715 - CVE-2012-6095 proftpd: Symlink race condition when applying UserOwner to a newly (ProFTPD) created directory https://bugzilla.redhat.com/show_bug.cgi?id=892715 -------------------------------------------------------------------------------- ================================================================================ python-simplevisor-0.6-1.fc16 (FEDORA-2013-1160) Python simple daemons supervisor -------------------------------------------------------------------------------- Update Information: First build, rhbz #857484. -------------------------------------------------------------------------------- References: [ 1 ] Bug #857484 - Review Request: python-simplevisor - Python simple daemons supervisor https://bugzilla.redhat.com/show_bug.cgi?id=857484 -------------------------------------------------------------------------------- ================================================================================ rep-gtk-0.90.8.1-1.fc16 (FEDORA-2013-1155) GTK+ binding for librep Lisp environment -------------------------------------------------------------------------------- Update Information: Upstream update. Fixes Firefox 17 window resize bug. -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 17 2013 Kim B. Heino <b@xxxxxxxx> - 0.90.8.1-1 - Update to 0.90.8.1 * Sat Jul 21 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.90.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Mon Mar 26 2012 Kim B. Heino <b@xxxxxxxx> - 0.90.8-1 - Update to 0.90.8 * Sat Jan 14 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.90.7-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Tue Dec 6 2011 Adam Jackson <ajax@xxxxxxxxxx> - 0.90.7-2 - Rebuild for new libpng -------------------------------------------------------------------------------- ================================================================================ sawfish-1.9.90-1.fc16 (FEDORA-2013-1155) An extensible window manager for the X Window System -------------------------------------------------------------------------------- Update Information: Upstream update. Fixes Firefox 17 window resize bug. -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 17 2013 Kim B. Heino <b@xxxxxxxx> - 1.9.90-1 - Update to 1.9.90 * Sun Nov 11 2012 Kim B. Heino <b@xxxxxxxx> - 1.9.1-1 - Update to 1.9.1 * Mon Aug 27 2012 Adam Jackson <ajax@xxxxxxxxxx> 1.9.0-3 - sawfish-1.9.0-no-pangox.patch: Adapt to pangox removal * Sat Jul 21 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.9.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Fri Jun 29 2012 Kim B. Heino <b@xxxxxxxx> - 1.9.0-1 - Update to 1.9.0 - Cleanup spec file * Mon Mar 26 2012 Kim B. Heino <b@xxxxxxxx> - 1.8.92-1 - Update to 1.8.92 * Sat Jan 14 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.8.91-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Wed Nov 2 2011 Kim B. Heino <b@xxxxxxxx> - 1.8.91-2 - Rebuild -------------------------------------------------------------------------------- ================================================================================ scribus-1.4.2-2.fc16 (FEDORA-2013-1148) DeskTop Publishing application written in Qt -------------------------------------------------------------------------------- Update Information: - use hunspell to be consistent with the rest of the system - update to 1.4.2 - remove non-free content from source archive (#887221) - drop doc and devel sub-packages - switch to lcms2 -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 18 2013 Dan Horák <dan[at]danny.cz> - 1.4.2-2 - use hunspell to be consistent with the rest of the system * Tue Jan 15 2013 Dan Horák <dan[at]danny.cz> - 1.4.2-1 - update to 1.4.2 - remove non-free content from source archive (#887221) - drop doc and devel sub-packages - switch to lcms2 -------------------------------------------------------------------------------- ================================================================================ tito-0.4.11-1.fc16 (FEDORA-2013-1048) A tool for managing rpm based git projects -------------------------------------------------------------------------------- Update Information: Fixes issue with no_build missing in releaser constructors. -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 17 2013 Devan Goodwin <dgoodwin@xxxxxxxx> 0.4.11-1 - add a --scratch option for KojiReleaser (aronparsons@xxxxxxxxx) - Fix no_build error in KojiReleaser. -------------------------------------------------------------------------------- References: [ 1 ] Bug #896434 - tito release --all ends with traceback https://bugzilla.redhat.com/show_bug.cgi?id=896434 -------------------------------------------------------------------------------- ================================================================================ tw-0.9.8-1.fc16 (FEDORA-2013-1110) Translate words into different languages -------------------------------------------------------------------------------- Update Information: GNOME/KDE helpers. -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 2 2013 Juan Manuel Borges Caño <juanmabcmail@xxxxxxxxx> - 0.9.8-1 - Improve doc install. - Fix changelog macros. * Mon Dec 31 2012 Juan Manuel Borges Caño <juanmabcmail@xxxxxxxxx> - 0.9.6-1 - Use more generic man and info %files. - Remove obsolete "rm -rf $RPM_BUILD_ROOT". -------------------------------------------------------------------------------- References: [ 1 ] Bug #885833 - Review Request: tw - translate words into different languages https://bugzilla.redhat.com/show_bug.cgi?id=885833 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test