The following Fedora 16 Security updates need testing: Age URL 58 https://admin.fedoraproject.org/updates/FEDORA-2012-20157/libproxy-0.4.11-1.fc16 6 https://admin.fedoraproject.org/updates/FEDORA-2013-1748/sssd-1.8.6-1.fc16 6 https://admin.fedoraproject.org/updates/FEDORA-2013-1713/libupnp-1.6.18-1.fc16 57 https://admin.fedoraproject.org/updates/FEDORA-2012-20236/rssh-2.3.4-1.fc16 217 https://admin.fedoraproject.org/updates/FEDORA-2012-10314/revelation-0.4.14-1.fc16 137 https://admin.fedoraproject.org/updates/FEDORA-2012-14654/tor-0.2.2.39-1600.fc16 29 https://admin.fedoraproject.org/updates/FEDORA-2012-19347/cups-1.5.4-12.fc16 6 https://admin.fedoraproject.org/updates/FEDORA-2013-1666/android-tools-20130123git98d0789-1.fc16 6 https://admin.fedoraproject.org/updates/FEDORA-2013-1716/samba-3.6.12-1.fc16 6 https://admin.fedoraproject.org/updates/FEDORA-2013-1745/rubygem-activesupport-3.0.10-6.fc16 0 https://admin.fedoraproject.org/updates/FEDORA-2013-1991/xen-4.1.4-4.fc16 6 https://admin.fedoraproject.org/updates/FEDORA-2013-1735/wordpress-3.5.1-1.fc16 The following Fedora 16 Critical Path updates have yet to be approved: Age URL 0 https://admin.fedoraproject.org/updates/FEDORA-2013-2011/xulrunner-18.0.2-1.fc16,firefox-18.0.2-1.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2013-1897/phonon-backend-gstreamer-4.6.3-1.fc16 12 https://admin.fedoraproject.org/updates/FEDORA-2013-1531/qrencode-3.4.1-1.fc16 283 https://admin.fedoraproject.org/updates/FEDORA-2012-6994/upower-0.9.16-1.fc16 The following builds have been pushed to Fedora 16 updates-testing drupal7-date_ical-2.4-1.fc16 easybashgui-6.0.1-1.fc16 firefox-18.0.2-1.fc16 java-1.7.0-openjdk-1.7.0.9-2.3.5.fc16.1 munin-2.0.11-2.fc16 python-fedora-0.3.32.3-1.fc16 seamonkey-2.15.2-1.fc16 xen-4.1.4-4.fc16 xulrunner-18.0.2-1.fc16 Details about builds: ================================================================================ drupal7-date_ical-2.4-1.fc16 (FEDORA-2013-1999) Allows creation of an iCal feed in Views -------------------------------------------------------------------------------- Update Information: Update to upstream 2.4 release Update to upstream 2.3 release Update to upstream 2.2 release -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- References: [ 1 ] Bug #907780 - drupal7-date_ical-2.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=907780 [ 2 ] Bug #904736 - drupal7-date_ical-2.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=904736 [ 3 ] Bug #903583 - drupal7-date_ical-2.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=903583 -------------------------------------------------------------------------------- ================================================================================ easybashgui-6.0.1-1.fc16 (FEDORA-2013-2062) Bash function library -------------------------------------------------------------------------------- Update Information: Update to 6.0.1 -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 5 2013 Matthieu Saulnier <fantom@xxxxxxxxxxxxxxxxx> - 6.0.1-1 - Update to 6.0.1 - Remove Patch0 (upstream issue) -------------------------------------------------------------------------------- ================================================================================ firefox-18.0.2-1.fc16 (FEDORA-2013-2011) Mozilla Firefox Web browser -------------------------------------------------------------------------------- Update Information: - Fix JavaScript related stability issues - Problems involving HTTP Proxy Transactions - Disabled HIDPI support when using external monitors to avoid rendering glitches -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 6 2013 Jan Horak <jhorak@xxxxxxxxxx> - 18.0.2-1 - Update to 18.0.2 * Fri Jan 25 2013 Jan Horak <jhorak@xxxxxxxxxx> - 18.0.1-1 - Update to 18.0.1 -------------------------------------------------------------------------------- ================================================================================ java-1.7.0-openjdk-1.7.0.9-2.3.5.fc16.1 (FEDORA-2013-2040) OpenJDK Runtime Environment -------------------------------------------------------------------------------- Update Information: This update backs out two of the recent security fixes (664509 and 7201064) that caused severe regressions. -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 6 2013 Deepak Bhole <dbhole@xxxxxxxxxx> - 1.7.0.9-2.3.5.fc16.1 - Backed out 6664509 and 7201064.patch which cause regressions -------------------------------------------------------------------------------- ================================================================================ munin-2.0.11-2.fc16 (FEDORA-2013-2092) Network-wide graphing framework (grapher/gatherer) -------------------------------------------------------------------------------- Update Information: Upstream 2.0.11 -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 4 2013 D. Johnson <fenris02@xxxxxxxxxxxxxxxxx> - 2.0.11-2 - BZ# 907369 revert HTMLOld.pm patch * Sun Feb 3 2013 D. Johnson <fenris02@xxxxxxxxxxxxxxxxx> - 2.0.11-1 - Upstream release 2.0.11 * Mon Jan 21 2013 D. Johnson <fenris02@xxxxxxxxxxxxxxxxx> - 2.0.10-2 - BZ# 896644 Wrong path to munin jar in jmx plugin -------------------------------------------------------------------------------- References: [ 1 ] Bug #907369 - Munin HTMLOld.pm is patched with a bad patch from munin track that breaks thread counting https://bugzilla.redhat.com/show_bug.cgi?id=907369 [ 2 ] Bug #896644 - Wrong path to munin jar in jmx plugin https://bugzilla.redhat.com/show_bug.cgi?id=896644 -------------------------------------------------------------------------------- ================================================================================ python-fedora-0.3.32.3-1.fc16 (FEDORA-2013-2017) Python modules for talking to Fedora Infrastructure Services -------------------------------------------------------------------------------- Update Information: * Fixes an issue with client session cookies not being valid * Port from python-pycurl to python-requests to make the http connections to the servers. * Fixes a problem with soprovidercsrf if the database doesn't set an encoding * Fixes an issue with the login templates if the template is being translated. * Added a lookup_email parameter to fedora.client.AccountSystem.gravatar_url() to allow generating gravaar urls without looking up email addresses in fas. * Fixed a bug in fedora.tg.utils.tg_absolute_url() where it was still appending the csrf_token. * Add an auth adapter for flask web apps to authenticate to FAS * New minimum version of python: requires python-2.5 or higher * Fix localization of login templates (laxathom) * Fixes a problem with soprovidercsrf if the database doesn't set an encoding * Fixes an issue with the login templates if the template is being translated. * Added a lookup_email parameter to fedora.client.AccountSystem.gravatar_url() to allow generating gravaar urls without looking up email addresses in fas. * Fixed a bug in fedora.tg.utils.tg_absolute_url() where it was still appending the csrf_token. * Add an auth adapter for flask web apps to authenticate to FAS * New minimum version of python: requires python-2.5 or higher * Fix localization of login templates (laxathom) * Added a lookup_email parameter to fedora.client.AccountSystem.gravatar_url() to allow generating gravaar urls without looking up email addresses in fas. * Fixed a bug in fedora.tg.utils.tg_absolute_url() where it was still appending the csrf_token. * Add an auth adapter for flask web apps to authenticate to FAS * New minimum version of python: requires python-2.5 or higher * Fix localization of login templates (laxathom) * Fixes a problem with soprovidercsrf if the database doesn't set an encoding * Fixes an issue with the login templates if the template is being translated. * Added a lookup_email parameter to fedora.client.AccountSystem.gravatar_url() to allow generating gravaar urls without looking up email addresses in fas. * Fixed a bug in fedora.tg.utils.tg_absolute_url() where it was still appending the csrf_token. * Add an auth adapter for flask web apps to authenticate to FAS * New minimum version of python: requires python-2.5 or higher * Fix localization of login templates (laxathom) * Added a lookup_email parameter to fedora.client.AccountSystem.gravatar_url() to allow generating gravaar urls without looking up email addresses in fas. * Fixed a bug in fedora.tg.utils.tg_absolute_url() where it was still appending the csrf_token. * Add an auth adapter for flask web apps to authenticate to FAS * New minimum version of python: requires python-2.5 or higher * Fix localization of login templates (laxathom) * Fixes a problem with soprovidercsrf if the database doesn't set an encoding * Fixes an issue with the login templates if the template is being translated. * Added a lookup_email parameter to fedora.client.AccountSystem.gravatar_url() to allow generating gravaar urls without looking up email addresses in fas. * Fixed a bug in fedora.tg.utils.tg_absolute_url() where it was still appending the csrf_token. * Add an auth adapter for flask web apps to authenticate to FAS * New minimum version of python: requires python-2.5 or higher * Fix localization of login templates (laxathom) * Port from python-pycurl to python-requests to make the http connections to the servers. * Fixes a problem with soprovidercsrf if the database doesn't set an encoding * Fixes an issue with the login templates if the template is being translated. * Added a lookup_email parameter to fedora.client.AccountSystem.gravatar_url() to allow generating gravaar urls without looking up email addresses in fas. * Fixed a bug in fedora.tg.utils.tg_absolute_url() where it was still appending the csrf_token. * Add an auth adapter for flask web apps to authenticate to FAS * New minimum version of python: requires python-2.5 or higher * Fix localization of login templates (laxathom) * Fixes a problem with soprovidercsrf if the database doesn't set an encoding * Fixes an issue with the login templates if the template is being translated. * Added a lookup_email parameter to fedora.client.AccountSystem.gravatar_url() to allow generating gravaar urls without looking up email addresses in fas. * Fixed a bug in fedora.tg.utils.tg_absolute_url() where it was still appending the csrf_token. * Add an auth adapter for flask web apps to authenticate to FAS * New minimum version of python: requires python-2.5 or higher * Fix localization of login templates (laxathom) * Added a lookup_email parameter to fedora.client.AccountSystem.gravatar_url() to allow generating gravaar urls without looking up email addresses in fas. * Fixed a bug in fedora.tg.utils.tg_absolute_url() where it was still appending the csrf_token. * Add an auth adapter for flask web apps to authenticate to FAS * New minimum version of python: requires python-2.5 or higher * Fix localization of login templates (laxathom) * Fixes a problem with soprovidercsrf if the database doesn't set an encoding * Fixes an issue with the login templates if the template is being translated. * Added a lookup_email parameter to fedora.client.AccountSystem.gravatar_url() to allow generating gravaar urls without looking up email addresses in fas. * Fixed a bug in fedora.tg.utils.tg_absolute_url() where it was still appending the csrf_token. * Add an auth adapter for flask web apps to authenticate to FAS * New minimum version of python: requires python-2.5 or higher * Fix localization of login templates (laxathom) * Added a lookup_email parameter to fedora.client.AccountSystem.gravatar_url() to allow generating gravaar urls without looking up email addresses in fas. * Fixed a bug in fedora.tg.utils.tg_absolute_url() where it was still appending the csrf_token. * Add an auth adapter for flask web apps to authenticate to FAS * New minimum version of python: requires python-2.5 or higher * Fix localization of login templates (laxathom) * Fixes a problem with soprovidercsrf if the database doesn't set an encoding * Fixes an issue with the login templates if the template is being translated. * Added a lookup_email parameter to fedora.client.AccountSystem.gravatar_url() to allow generating gravaar urls without looking up email addresses in fas. * Fixed a bug in fedora.tg.utils.tg_absolute_url() where it was still appending the csrf_token. * Add an auth adapter for flask web apps to authenticate to FAS * New minimum version of python: requires python-2.5 or higher * Fix localization of login templates (laxathom) * Port from python-pycurl to python-requests to make the http connections to the servers. * Fixes a problem with soprovidercsrf if the database doesn't set an encoding * Fixes an issue with the login templates if the template is being translated. * Added a lookup_email parameter to fedora.client.AccountSystem.gravatar_url() to allow generating gravaar urls without looking up email addresses in fas. * Fixed a bug in fedora.tg.utils.tg_absolute_url() where it was still appending the csrf_token. * Add an auth adapter for flask web apps to authenticate to FAS * New minimum version of python: requires python-2.5 or higher * Fix localization of login templates (laxathom) * Fixes a problem with soprovidercsrf if the database doesn't set an encoding * Fixes an issue with the login templates if the template is being translated. * Added a lookup_email parameter to fedora.client.AccountSystem.gravatar_url() to allow generating gravaar urls without looking up email addresses in fas. * Fixed a bug in fedora.tg.utils.tg_absolute_url() where it was still appending the csrf_token. * Add an auth adapter for flask web apps to authenticate to FAS * New minimum version of python: requires python-2.5 or higher * Fix localization of login templates (laxathom) * Added a lookup_email parameter to fedora.client.AccountSystem.gravatar_url() to allow generating gravaar urls without looking up email addresses in fas. * Fixed a bug in fedora.tg.utils.tg_absolute_url() where it was still appending the csrf_token. * Add an auth adapter for flask web apps to authenticate to FAS * New minimum version of python: requires python-2.5 or higher * Fix localization of login templates (laxathom) * Fixes a problem with soprovidercsrf if the database doesn't set an encoding * Fixes an issue with the login templates if the template is being translated. * Added a lookup_email parameter to fedora.client.AccountSystem.gravatar_url() to allow generating gravaar urls without looking up email addresses in fas. * Fixed a bug in fedora.tg.utils.tg_absolute_url() where it was still appending the csrf_token. * Add an auth adapter for flask web apps to authenticate to FAS * New minimum version of python: requires python-2.5 or higher * Fix localization of login templates (laxathom) * Added a lookup_email parameter to fedora.client.AccountSystem.gravatar_url() to allow generating gravaar urls without looking up email addresses in fas. * Fixed a bug in fedora.tg.utils.tg_absolute_url() where it was still appending the csrf_token. * Add an auth adapter for flask web apps to authenticate to FAS * New minimum version of python: requires python-2.5 or higher * Fix localization of login templates (laxathom) * Fixes a problem with soprovidercsrf if the database doesn't set an encoding * Fixes an issue with the login templates if the template is being translated. * Added a lookup_email parameter to fedora.client.AccountSystem.gravatar_url() to allow generating gravaar urls without looking up email addresses in fas. * Fixed a bug in fedora.tg.utils.tg_absolute_url() where it was still appending the csrf_token. * Add an auth adapter for flask web apps to authenticate to FAS * New minimum version of python: requires python-2.5 or higher * Fix localization of login templates (laxathom) -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 5 2013 Toshio Kuratomi <toshio@xxxxxxxxxxxxxxxxx> - 0.3.32.3-1 - Upstream update to fix BodhiClient's knowledge of koji tags (ajax) * Mon Feb 4 2013 Toshio Kuratomi <toshio@xxxxxxxxxxxxxxxxx> 0.3.32.2-1 - Upstream update fixing a bug interacting with python-requests * Thu Jan 24 2013 Toshio Kuratomi <toshio@xxxxxxxxxxxxxxxxx> - 0.3.32.1-1 - Fix a documentation bug that slipped through * Wed Jan 23 2013 Ralph Bean <rbean@xxxxxxxxxx> - 0.3.32-1 - Replace pyCurl with python-requests in ProxyClient. * Tue Jan 22 2013 Toshio Kuratomi <toshio@xxxxxxxxxxxxxxxxx> - 0.3.31-1 - Minor bugfix release * Thu Jan 10 2013 Toshio Kuratomi <toshio@xxxxxxxxxxxxxxxxx> - 0.3.30-1 - Make TG's loginForm and CSRF's text translated from tg-apps (laxathom). - Fix a bug in fedora.tg.utils.tg_absolute_url - Add a lookup email parameter to gravatar lookups - Add an auth provider for flask -------------------------------------------------------------------------------- ================================================================================ seamonkey-2.15.2-1.fc16 (FEDORA-2013-2013) Web browser, e-mail, news, IRC client, HTML editor -------------------------------------------------------------------------------- Update Information: Update to 2.15.2 -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 5 2013 Dmitry Butskoy <Dmitry@xxxxxxxxxxxx> 2.15.2-1 - update to 2.15.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #907813 - seamonkey-2.15.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=907813 -------------------------------------------------------------------------------- ================================================================================ xen-4.1.4-4.fc16 (FEDORA-2013-1991) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: guest using oxenstored can crash host or exhaust memory [XSA-38, CVE-2013-0215] (#907888), guest using AMD-Vi for PCI passthrough can cause denial of service [XSA-36, CVE-2013-0153] -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 6 2013 Michael Young <m.a.young@xxxxxxxxxxxx> - 4.1.4-4 - guest using oxenstored can crash host or exhaust memory [XSA-38, CVE-2013-0215] (#907888) - guest using AMD-Vi for PCI passthrough can cause denial of service [XSA-36, CVE-2013-0153] -------------------------------------------------------------------------------- References: [ 1 ] Bug #906323 - CVE-2013-0215 xen: oxenstored incorrect handling of certain Xenbus ring states https://bugzilla.redhat.com/show_bug.cgi?id=906323 -------------------------------------------------------------------------------- ================================================================================ xulrunner-18.0.2-1.fc16 (FEDORA-2013-2011) XUL Runtime for Gecko Applications -------------------------------------------------------------------------------- Update Information: - Fix JavaScript related stability issues - Problems involving HTTP Proxy Transactions - Disabled HIDPI support when using external monitors to avoid rendering glitches -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 6 2013 Jan Horak <jhorak@xxxxxxxxxx> - 18.0.2-1 - Update to 18.0.2 * Fri Jan 25 2013 Jan Horak <jhorak@xxxxxxxxxx> - 18.0.1-1 - Update to 18.0.1 * Tue Jan 15 2013 Martin Stransky <stransky@xxxxxxxxxx> - 18.0-8 - Added fix for NM regression (mozbz#791626) * Thu Jan 10 2013 Martin Stransky <stransky@xxxxxxxxxx> - 18.0-7 - Fixed Makefile generator (rhbz#304121) -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
