Fedora 10 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following builds have been pushed to Fedora 10 updates-testing

    conman-0.2.4-1.fc10
    dhcp-4.0.0-34.fc10
    dhcp-4.0.0-35.fc10
    dnssec-tools-1.5-1.fc10
    ejabberd-2.0.5-3.fc10
    gallery2-2.3-7.fc10
    ghdl-0.27-0.110svn.2.fc10
    glpi-data-injection-1.5.1-1.fc10
    gpscorrelate-1.6.0-2.fc10
    kde-plasma-quickaccess-0.7.4-1.fc10
    kde-plasma-runcommand-1.1-2.fc10
    krusader-2.0.0-1.fc10
    libgarmin-0-0.6.20090212svn.fc10
    libpst-0.6.37-1.fc10
    libxcb-1.1.91-6.fc10
    lilyterm-0.9.6-1.fc10
    livecd-tools-020.1-1.fc10
    maniadrive-1.2-13.fc10
    mingw32-opensc-0.11.7-3.fc10
    moe-1.0-5.fc10
    moodle-1.9.4-7.fc10
    nss_compat_ossl-0.9.5-2.fc10
    ocsinventory-1.02-1.fc10
    openssl-0.9.8g-13.fc10
    perl-Class-C3-Componentised-1.0004-1.fc10
    perl-Getopt-ArgvFile-1.11-2.fc10
    pgp-tools-1.1-2.fc10
    php-5.2.9-2.fc10
    php-pecl-runkit-0.9-10.CVS20090215.fc10
    ppl-0.10.2-1.fc10
    prewikka-0.9.14-2.fc10
    python-altgraph-0.6.7-2.fc10
    python-upoints-0.11.0-2.fc10
    rubygem-hoe-1.12.2-1.fc10
    safecopy-1.2-2.fc10
    strigi-0.6.4-4.fc10
    sugar-finance-3-1.fc10
    tcpjunk-2.660-1.fc10
    testdisk-6.11-1.fc10
    transmission-1.51-1.fc10
    trustyrc-0.1.3-1.fc10
    unique-1.0.8-1.fc10
    zynjacku-4-2.fc10

Details about builds:


================================================================================
 conman-0.2.4-1.fc10 (FEDORA-2009-3869)
 ConMan - The Console Manager
--------------------------------------------------------------------------------
Update Information:

New upstream release    * Added support for FreeIPMI.  * Added console scripts
for Sun ELOM and Sun Fire V20z/V40z.  * Changed conman cmdline opts: '-G' xterm
geometry, '-g' genders nodeattr.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr 20 2009 Steven M. Parrish <tuxbrewr@xxxxxxxxxxxxxxxxx> - 0.2.4-1
- New upstream release
--------------------------------------------------------------------------------


================================================================================
 dhcp-4.0.0-34.fc10 (FEDORA-2009-3825)
 DHCP (Dynamic Host Configuration Protocol) server and relay agent
--------------------------------------------------------------------------------
Update Information:

This update addresses the following problems:    * The 'reload' and 'try-
restart' arguments to the dhcpd and dhcrelay init scripts are not implemented.
Previously, the scripts would just return 3, which is correct.  Now they return
3 and display the usage information, which is how the other unimplemented modes
are handled.    * Make sure the network device is up so we get the default route
set on renewal or initial interface configuration.    * Run restorecon in
dhclient-script in a few missing places for ntp.conf.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Apr 16 2009 David Cantrell <dcantrell@xxxxxxxxxx> - 12:4.0.0-34
- Fix setting default route when client IP address changes (#486512, #473658)
- Restore SELinux context on /etc/ntp.conf and /etc/yp.conf (#483747)
- 'reload' and 'try-restart' on dhcpd and dhcrelay init scripts
  will display usage information and return code 3
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #486512 - default route setting fails if DHCP change the ip address
        https://bugzilla.redhat.com/show_bug.cgi?id=486512
  [ 2 ] Bug #483747 - selinux denies dhclient-script to update configuration files
        https://bugzilla.redhat.com/show_bug.cgi?id=483747
  [ 3 ] Bug #473658 - /sbin/dhclient-script non-functional, network does not start
        https://bugzilla.redhat.com/show_bug.cgi?id=473658
--------------------------------------------------------------------------------


================================================================================
 dhcp-4.0.0-35.fc10 (FEDORA-2009-3863)
 DHCP (Dynamic Host Configuration Protocol) server and relay agent
--------------------------------------------------------------------------------
Update Information:

Allow dhclient to work correctly with pre-configured wireless network interfaces
(i.e., wireless interface settings such as SSID and security tokens).
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr 20 2009 David Cantrell <dcantrell@xxxxxxxxxx> - 12:4.0.0-35
- Make dhclient-script work with pre-configured wireless interfaces (#491157)
* Thu Apr 16 2009 David Cantrell <dcantrell@xxxxxxxxxx> - 12:4.0.0-34
- Fix setting default route when client IP address changes (#486512, #473658)
- Restore SELinux context on /etc/ntp.conf and /etc/yp.conf (#483747)
- 'reload' and 'try-restart' on dhcpd and dhcrelay init scripts
  will display usage information and return code 3
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #491157 - dhclient wlan0 fails after yum update from 2.6.27.12-170.2.5 to 2.6.27.19-170.2.35
        https://bugzilla.redhat.com/show_bug.cgi?id=491157
--------------------------------------------------------------------------------


================================================================================
 dnssec-tools-1.5-1.fc10 (FEDORA-2009-3827)
 A suite of tools for managing dnssec aware DNS usage
--------------------------------------------------------------------------------
Update Information:

Updates to version 1.5 from the upstream to fix bugs and add some new important
functionality such as nsec3 support.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar  6 2009 Wes Hardaker <wjhns174@xxxxxxxxxxxxx> - 1.5-1
- Update to 1.5
* Tue Feb 24 2009 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.4.1-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Wed Feb  4 2009 Wes Hardaker <wjhns174@xxxxxxxxxxxxx> - 1.4.1-6
- make the perlmods module directly require the needed perl mods
  mainly for directory ownership.
* Mon Jan 26 2009 Wes Hardaker <wjhns174@xxxxxxxxxxxxx> - 1.4.1-5
- Fixed arpa header compile conflict
* Thu Jan 15 2009 Tomas Mraz <tmraz@xxxxxxxxxx> - 1.4.1-4
- rebuild with new openssl
* Mon Dec  1 2008 Wes Hardaker <wjhns174@xxxxxxxxxxxxx> - 1.4.1-3
- Added package directories we own, left out ones we don't.
--------------------------------------------------------------------------------


================================================================================
 ejabberd-2.0.5-3.fc10 (FEDORA-2009-3784)
 A distributed, fault-tolerant Jabber/XMPP server
--------------------------------------------------------------------------------
Update Information:

Added CAPTCHA plugin
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr 21 2009 Peter Lemenkov <lemenkov@xxxxxxxxx> 2.0.5-3
- CAPTCHA is back - let's test it.
--------------------------------------------------------------------------------


================================================================================
 gallery2-2.3-7.fc10 (FEDORA-2009-3754)
 Customizable photo gallery web site
--------------------------------------------------------------------------------
Update Information:

Removed precompiled jars not buildable from source and any modules requiring
them, to correct legal issues. Packaging fixes, and switched to source-built
jars instead of precomplied jars.  No DB changes, and no other code changes.
Requires fix, no code changes.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Apr 16 2009 Jon Ciesla <limb@xxxxxxxxxxxx> - 2.3-7
- Drop all jars and remote, uploadapplet and slideshowapplet modules
- to satisfy legal requirements, as source build would be
- highly laborious and functionality is not critical.
- See BZ464566 for details.
* Mon Apr 13 2009 Jon Ciesla <limb@xxxxxxxxxxxx> - 2.3-6
- Document jar source origins, build jars in build, not prep.
* Fri Apr 10 2009 Jon Ciesla <limb@xxxxxxxxxxxx> - 2.3-5
- Remove .jar files and build from source BZ464566.
- Modify source to remove two non-redistutable .jar files.
- Dropped panorama module as a result.
- Fix symlink/dir issues, BZ 484240.
* Tue Feb 24 2009 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.3-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Wed Feb  4 2009 Jon Ciesla <limb@xxxxxxxxxxxx> - 2.3-3
- Base requires gallery2-httpauth for upgrade path, BZ 483523.
* Thu Dec 18 2008 Jon Ciesla <limb@xxxxxxxxxxxx> - 2.3-2
- Correct removal of bundled Smarty and usage of system Smarty.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #484566 - source for java components missing
        https://bugzilla.redhat.com/show_bug.cgi?id=484566
  [ 2 ] Bug #483523 - Upgrade to version 2.3 fails due to dependency errors
        https://bugzilla.redhat.com/show_bug.cgi?id=483523
  [ 3 ] Bug #484240 - error: unpacking of archive failed on file /usr/share/gallery2/lib/smarty: cpio: rename
        https://bugzilla.redhat.com/show_bug.cgi?id=484240
--------------------------------------------------------------------------------


================================================================================
 ghdl-0.27-0.110svn.2.fc10 (FEDORA-2009-3807)
 A VHDL simulator, using the GCC technology
--------------------------------------------------------------------------------
Update Information:

make ieee.math_real more standards compliant
--------------------------------------------------------------------------------
ChangeLog:

* Sat Apr 18 2009 Thomas Sailer <t.sailer@xxxxxxxxxxxxxx> - 0.27-0.110svn.2
- make ieee.math_real more standards compliant
--------------------------------------------------------------------------------


================================================================================
 glpi-data-injection-1.5.1-1.fc10 (FEDORA-2009-3812)
 Plugin for importing data into GLPI
--------------------------------------------------------------------------------
Update Information:

Upstream Changelog    Version 1.5.1  - #200 Remove any message in
MESSAGE_AFTER_REDIRECT when importing datas  - #199 Add more info mappings  -
#198 Add more warning messages    Version 1.5.0  - #181 Error when selecting a
model using Internet Explorer  - #186 Network port update not working when using
port name  - #188 update or connect to a network port using the port's mac
address  - #190 Add more warning messages during the import process
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr 21 2009 Remi Collet <Fedora@xxxxxxxxxxxxxxxxx> - 1.5.1-1
- update to 1.5.1
--------------------------------------------------------------------------------


================================================================================
 gpscorrelate-1.6.0-2.fc10 (FEDORA-2009-3800)
 A GPS photo correlation / geotagging tool
--------------------------------------------------------------------------------
Update Information:

Gpscorrelate adds coordinates to the exif data of jpeg pictures based on a gpx
track file. The correlation is done by comparing the timestamp of the images
with the timestamp of the gps coordinates.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #458359 - Review Request: gpscorrelate - A GPS photo correlation / geotagging tool
        https://bugzilla.redhat.com/show_bug.cgi?id=458359
--------------------------------------------------------------------------------


================================================================================
 kde-plasma-quickaccess-0.7.4-1.fc10 (FEDORA-2009-3759)
 Plasma applet for quick access to the most used folders
--------------------------------------------------------------------------------
Update Information:

Updates to Quick Access and Run Command Plasma applets.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 10 2009 Jaroslav Reznik <jreznik@xxxxxxxxxx> 0.7.4-1
- update to forked version 0.7.4
--------------------------------------------------------------------------------


================================================================================
 kde-plasma-runcommand-1.1-2.fc10 (FEDORA-2009-3759)
 Simple plasmoid to run commands without using terminal or KRunner
--------------------------------------------------------------------------------
Update Information:

Updates to Quick Access and Run Command Plasma applets.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 10 2009 Jaroslav Reznik <jreznik@xxxxxxxxxx> 1.1-2
- adds missing gettext BR
* Fri Apr 10 2009 Jaroslav Reznik <jreznik@xxxxxxxxxx> 1.1-1
- update to 1.1
--------------------------------------------------------------------------------


================================================================================
 krusader-2.0.0-1.fc10 (FEDORA-2009-3776)
 An advanced twin-panel (commander-style) file-manager for KDE
--------------------------------------------------------------------------------
Update Information:

Update to latest stable version 2.0.0.    Changes since 2.0.0-beta2 (but not
limited to):   - Queue manager    Enqueue operation for copy / move operations
Use F5 (copy) or F6 (move) and than F2 to enqueue    Or the direct shortcuts:
copy by queue (SHIFT+F5), move by queue (SHIFT+F6)  - Five sorting methods  -
Support for tar.lzma (KDE's tar protocol doesn't support it yet)  - Konfigurator
mouse selection mode: Possibility to select a predefined mode and change a
detail.  - Highlight quick search match  - Useractions: added checkbox "enabled"
and run mode option "Run in embedded terminal emulator"  - The description of a
dir contains its size if it is known  - Many, many bugfixes
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr 20 2009 Marcin Garski <mgarski[AT]post.pl> 2.0.0-1
- Update to final 2.0.0
--------------------------------------------------------------------------------


================================================================================
 libgarmin-0-0.6.20090212svn.fc10 (FEDORA-2009-3799)
 C library to parse and use Garmin image files
--------------------------------------------------------------------------------
Update Information:

Libgarmin is a library used to parse IMG files from Garmin GPS devices.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #468631 - Review Request: libgarmin - C library to parse and use Garmin image files
        https://bugzilla.redhat.com/show_bug.cgi?id=468631
--------------------------------------------------------------------------------


================================================================================
 libpst-0.6.37-1.fc10 (FEDORA-2009-3795)
 Utilities to convert Outlook .pst files to other formats
--------------------------------------------------------------------------------
Update Information:

properly add trailing mime boundary in all modes, build separate subpackages
with shared library, fix minor memory leak build separate subpackages, properly
add trailing mime boundary in all modes
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 17 2009 Carl Byington <carl@xxxxxxxxxxxxxxx> - 0.6.37-1
- add pst_attach_to_mem() back into the shared library interface.
- fix memory leak caught by valgrind.
* Tue Apr 14 2009 Carl Byington <carl@xxxxxxxxxxxxxxx> - 0.6.36-1
- build separate -doc and -devel-doc subpackages.
- other spec file cleanup
* Wed Apr  8 2009 Carl Byington <carl@xxxxxxxxxxxxxxx> - 0.6.35-1
- properly add trailing mime boundary in all modes.
- build separate libpst, libpst-libs, libpst-devel rpms.
--------------------------------------------------------------------------------


================================================================================
 libxcb-1.1.91-6.fc10 (FEDORA-2009-3865)
 A C binding to the X11 protocol
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr 21 2009 Christopher Aillon <caillon@xxxxxxxxxx> 1.1.91-6
- Add upstream fix for XID generation
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #486675 - Firefox exits on an X error for no particular reason
        https://bugzilla.redhat.com/show_bug.cgi?id=486675
  [ 2 ] Bug #494091 - libxcb's  generate_xid() has a bug that causes clients to fail with BadIDChoice
        https://bugzilla.redhat.com/show_bug.cgi?id=494091
--------------------------------------------------------------------------------


================================================================================
 lilyterm-0.9.6-1.fc10 (FEDORA-2009-3756)
 Light and easy to use X Terminal Emulator
--------------------------------------------------------------------------------
Update Information:

LilyTerm is a light and easy to use libvte based X Terminal Emulator with a lot
of features.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #496167 - Review Request: lilyterm - Light and easy to use X Terminal Emulator
        https://bugzilla.redhat.com/show_bug.cgi?id=496167
--------------------------------------------------------------------------------


================================================================================
 livecd-tools-020.1-1.fc10 (FEDORA-2009-3858)
 Tools for building live CD's
--------------------------------------------------------------------------------
Update Information:

This fixes a few minor bugs in livecd-creator but more importantly fixes the
creation of Fedora 11 USB images from a Fedora 10 system with the included
livecd-iso-to-disk.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr 21 2009 Jeremy Katz <katzj@xxxxxxxxxx> - 020.1-1
- Fix up --base-on (#471656)
- Fix macro name for excludedocs (bkearney)
- Fix device command (apevec)
- Fix unicode errors (Felix Schwarz)
- Support syslinux in /usr/share
- Use our syslinux's menu com32 modules in livecd-iso-to-disk (#492370)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #492370 - livecd-iso-to-disk.sh requires syslinux 3.73 for burning rawhide images
        https://bugzilla.redhat.com/show_bug.cgi?id=492370
--------------------------------------------------------------------------------


================================================================================
 maniadrive-1.2-13.fc10 (FEDORA-2009-3768)
 3D stunt driving game
--------------------------------------------------------------------------------
Update Information:

Update to PHP 5.2.9    A heap-based buffer overflow flaw was found in PHP's
mbstring extension. A remote attacker able to pass arbitrary input to a PHP
script using mbstring conversion functions could cause the PHP interpreter to
crash or, possibly, execute arbitrary code. (CVE-2008-5557)    A directory
traversal flaw was found in PHP's ZipArchive::extractTo function. If PHP is used
to extract a malicious ZIP archive, it could allow an attacker to write
arbitrary files anywhere the PHP process has write permissions. (CVE-2008-5658)
A buffer overflow flaw was found in PHP's imageloadfont function. If a PHP
script allowed a remote attacker to load a carefully crafted font file, it could
cause the PHP interpreter to crash or, possibly, execute arbitrary code.
(CVE-2008-3658)    A memory disclosure flaw was found in the PHP gd extension's
imagerotate function. A remote attacker able to pass arbitrary values as the
"background color" argument of the function could, possibly, view portions of
the PHP interpreter's memory. (CVE-2008-5498)    A cross-site scripting flaw was
found in a way PHP reported errors for invalid cookies. If the PHP interpreter
had "display_errors" enabled, a remote attacker able to set a specially-crafted
cookie on a victim's system could possibly inject arbitrary HTML into an error
message generated by PHP. (CVE-2008-5814)    A flaw was found in the handling of
the "mbstring.func_overload" configuration setting. A value set for one virtual
host, or in a user's .htaccess file, was incorrectly applied to other virtual
hosts on the same server, causing the handling of multibyte character strings to
not work correctly. (CVE-2009-0754)    A flaw was found in PHP's json_decode
function. A remote attacker could use this flaw to create a specially-crafted
string which could cause the PHP interpreter to crash while being decoded in a
PHP script. (CVE-2009-1271)    A flaw was found in the use of the uw-imap
library by the PHP "imap" extension. This could cause the PHP interpreter to
crash if the "imap" extension was used to read specially-crafted mail messages
with long headers. (CVE-2008-2829)    http://www.php.net/releases/5_2_7.php
http://www.php.net/releases/5_2_8.php  http://www.php.net/releases/5_2_9.php
http://www.php.net/ChangeLog-5.php#5.2.9
--------------------------------------------------------------------------------
ChangeLog:

* Thu Apr 16 2009 Remi Collet <Fedora@xxxxxxxxxxxxxxxxx> - 1.2-13
- Rebuild for php 5.2.9
* Sun Feb 15 2009 Hans de Goede <hdegoede@xxxxxxxxxx> 1.2-12
- Fix maniadrive crashing with php 5.2.8 (and later)
- Fix maniadrive triggering an assert in the latest ode
* Wed Dec 17 2008 Hans de Goede <hdegoede@xxxxxxxxxx> 1.2-11
- Rebuild for new php version
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #478425 - CVE-2008-5498 php: libgd imagerotate() array index error memory disclosure
        https://bugzilla.redhat.com/show_bug.cgi?id=478425
  [ 2 ] Bug #494530 - CVE-2009-1271 php: crash on malformed input in json_decode()
        https://bugzilla.redhat.com/show_bug.cgi?id=494530
  [ 3 ] Bug #459529 - CVE-2008-3658 php: buffer overflow in the imageloadfont function in gd extension
        https://bugzilla.redhat.com/show_bug.cgi?id=459529
  [ 4 ] Bug #459572 - CVE-2008-3660 php: FastCGI module DoS via multiple dots preceding the extension
        https://bugzilla.redhat.com/show_bug.cgi?id=459572
  [ 5 ] Bug #452808 - CVE-2008-2829 php: ext/imap legacy routine buffer overflow
        https://bugzilla.redhat.com/show_bug.cgi?id=452808
  [ 6 ] Bug #474824 - CVE-2008-5658 php: ZipArchive::extractTo() Directory Traversal Vulnerability
        https://bugzilla.redhat.com/show_bug.cgi?id=474824
  [ 7 ] Bug #478848 - CVE-2008-5557 php: Heap-based buffer overflow in the mbstring extension via crafted string containing a HTML entity (arb code execution)
        https://bugzilla.redhat.com/show_bug.cgi?id=478848
  [ 8 ] Bug #479272 - CVE-2009-0754 PHP mbstring.func_overload web server denial of service
        https://bugzilla.redhat.com/show_bug.cgi?id=479272
--------------------------------------------------------------------------------


================================================================================
 mingw32-opensc-0.11.7-3.fc10 (FEDORA-2009-3810)
 MingGW Windows OpenSC library
--------------------------------------------------------------------------------
Update Information:

OpenSC is a package for for accessing smart card devices.  Basic  functionality
(e.g. SELECT FILE, READ BINARY) should work on any ISO  7816-4 compatible smart
card.  Encryption and decryption using private  keys on the smart card is
possible with PKCS #15 compatible cards,  such as the FINEID (Finnish Electronic
IDentity) card.  Swedish Posten  eID cards have also been confirmed to work.
This is the MinGW cross-compiled Windows library.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #491758 - Review Request: mingw32-opensc - MingGW Windows OpenSC library
        https://bugzilla.redhat.com/show_bug.cgi?id=491758
--------------------------------------------------------------------------------


================================================================================
 moe-1.0-5.fc10 (FEDORA-2009-3813)
 A powerful clean text editor
--------------------------------------------------------------------------------
Update Information:

Fixes%2520bug%2520of%2520empty%2520debuginfo%2520sources
--------------------------------------------------------------------------------
ChangeLog:

* Sun Apr 19 2009 Debarshi Ray <rishi@xxxxxxxxxxxxxxxxx> 1.0-5
- Fixed configure to respect the environment's CFLAGS and CXXFLAGS settings.
* Sun Mar  1 2009 Caolán McNamara - 1.0-4
- include stdio.h for snprintf
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #496436 - moe-debuginfo does not contain sources
        https://bugzilla.redhat.com/show_bug.cgi?id=496436
--------------------------------------------------------------------------------


================================================================================
 moodle-1.9.4-7.fc10 (FEDORA-2009-3867)
 A Course Management System
--------------------------------------------------------------------------------
Update Information:

Fixes for symlink and cron issues, no code or DB changes.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr  3 2009 Jon Ciesla <limb@xxxxxxxxxxxx> - 1.9.4-7
- Move symlink scripts from pre to pretrans.
- Corrented moodle-cron BZ 494090.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #489663 - cannot upgrade moodle package
        https://bugzilla.redhat.com/show_bug.cgi?id=489663
  [ 2 ] Bug #494090 - Reopening bug 468929 for F10
        https://bugzilla.redhat.com/show_bug.cgi?id=494090
--------------------------------------------------------------------------------


================================================================================
 nss_compat_ossl-0.9.5-2.fc10 (FEDORA-2009-3767)
 Source-level compatibility library for OpenSSL to NSS porting
--------------------------------------------------------------------------------
Update Information:

Change license to MIT  Update to upstream 0.9.5
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr 20 2009 Rob Crittenden <rcritten@xxxxxxxxxx> - 0.9.5-2
- Actually change the license to MIT in the spec file
* Mon Apr 20 2009 Rob Crittenden <rcritten@xxxxxxxxxx> - 0.9.5-1
- Update to 0.9.5
- License changed to MIT
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #496643 - Possible segfault in SSL_new()
        https://bugzilla.redhat.com/show_bug.cgi?id=496643
--------------------------------------------------------------------------------


================================================================================
 ocsinventory-1.02-1.fc10 (FEDORA-2009-3788)
 Open Computer and Software Inventory Next Generation
--------------------------------------------------------------------------------
Update Information:

Upstream Changelog  * Remove all short open tag in Administration console  * Fix
MySQL STRICT MODE compatibility  * Local import accept .xml inventory too  * Fix
bug with redistribution servers  * Cleanup non printable char from XML stream  *
Console display computer type in BIOS (Tower, Mini tower, laptop...)  * Option
FLOOD_IP_CACHE_TIME was managed in minutes. Switch it to seconds.  * Rename
Apache/binutils/ocsinventory-local.pl to Apache/binutils/ocsinventory-
injector.pl  * Fix numerous security holes and bugs
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr 20 2009 Remi Collet <Fedora@xxxxxxxxxxxxxxxxx> 1.02-1
- update to OCS Inventory NG 1.02 final release (internal version 5003)
* Sun Jan 18 2009 Remi Collet <Fedora@xxxxxxxxxxxxxxxxx> 1.02-0.10.rc3.el4.1
- fix php-xml > php-domxml in EL-4
--------------------------------------------------------------------------------


================================================================================
 openssl-0.9.8g-13.fc10 (FEDORA-2009-3806)
 The OpenSSL toolkit
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr 21 2009 Tomas Mraz <tmraz@xxxxxxxxxx> 0.9.8g-13
- support compatibility DTLS mode for CISCO AnyConnect (#464629)
- fix crash when parsing malformed mime headers in the smime app
- provide openssl-static by the devel subpackage (#496372)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #464629 - RFE: Support Cisco's version of DTLS
        https://bugzilla.redhat.com/show_bug.cgi?id=464629
  [ 2 ] Bug #465711 - DTLS bug causes application abort()
        https://bugzilla.redhat.com/show_bug.cgi?id=465711
  [ 3 ] Bug #496372 - Missing provides: openssl-static from openssl-devel
        https://bugzilla.redhat.com/show_bug.cgi?id=496372
--------------------------------------------------------------------------------


================================================================================
 perl-Class-C3-Componentised-1.0004-1.fc10 (FEDORA-2009-3835)
 Load mix-ins or components to your C3-based class
--------------------------------------------------------------------------------
ChangeLog:

* Sat Apr 18 2009 Chris Weyl <cweyl@xxxxxxxxxxxxxxx> 1.0004-1
- update to 1.0004
* Thu Feb 26 2009 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0003-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 perl-Getopt-ArgvFile-1.11-2.fc10 (FEDORA-2009-3803)
 Interpolates script options from files into @ARGV or another array
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #496021 - Review Request: perl-Getopt-ArgvFile - Interpolates script options from files into @ARGV or another array
        https://bugzilla.redhat.com/show_bug.cgi?id=496021
--------------------------------------------------------------------------------


================================================================================
 pgp-tools-1.1-2.fc10 (FEDORA-2009-3752)
 Collection of several utilities related to OpenPGP
--------------------------------------------------------------------------------
Update Information:

Adds gpgdir, gpgwrap, and keyanalyze
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 17 2009 Matt Domsch <mdomsch@xxxxxxxxxxxxxxxxx> - 1.1-2
- add BRs so %check succeeds
- drop upstream's outdated copy of pgpring. mutt provides a newer
  version, so require mutt.
* Fri Apr 17 2009 Matt Domsch <mdomsch@xxxxxxxxxxxxxxxxx> - 1.1-1
- update to 1.1
  adds gpgdir, gpgwrap, keyanalyze
* Thu Feb 26 2009 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 php-5.2.9-2.fc10 (FEDORA-2009-3768)
 PHP scripting language for creating dynamic web sites
--------------------------------------------------------------------------------
Update Information:

Update to PHP 5.2.9    A heap-based buffer overflow flaw was found in PHP's
mbstring extension. A remote attacker able to pass arbitrary input to a PHP
script using mbstring conversion functions could cause the PHP interpreter to
crash or, possibly, execute arbitrary code. (CVE-2008-5557)    A directory
traversal flaw was found in PHP's ZipArchive::extractTo function. If PHP is used
to extract a malicious ZIP archive, it could allow an attacker to write
arbitrary files anywhere the PHP process has write permissions. (CVE-2008-5658)
A buffer overflow flaw was found in PHP's imageloadfont function. If a PHP
script allowed a remote attacker to load a carefully crafted font file, it could
cause the PHP interpreter to crash or, possibly, execute arbitrary code.
(CVE-2008-3658)    A memory disclosure flaw was found in the PHP gd extension's
imagerotate function. A remote attacker able to pass arbitrary values as the
"background color" argument of the function could, possibly, view portions of
the PHP interpreter's memory. (CVE-2008-5498)    A cross-site scripting flaw was
found in a way PHP reported errors for invalid cookies. If the PHP interpreter
had "display_errors" enabled, a remote attacker able to set a specially-crafted
cookie on a victim's system could possibly inject arbitrary HTML into an error
message generated by PHP. (CVE-2008-5814)    A flaw was found in the handling of
the "mbstring.func_overload" configuration setting. A value set for one virtual
host, or in a user's .htaccess file, was incorrectly applied to other virtual
hosts on the same server, causing the handling of multibyte character strings to
not work correctly. (CVE-2009-0754)    A flaw was found in PHP's json_decode
function. A remote attacker could use this flaw to create a specially-crafted
string which could cause the PHP interpreter to crash while being decoded in a
PHP script. (CVE-2009-1271)    A flaw was found in the use of the uw-imap
library by the PHP "imap" extension. This could cause the PHP interpreter to
crash if the "imap" extension was used to read specially-crafted mail messages
with long headers. (CVE-2008-2829)    http://www.php.net/releases/5_2_7.php
http://www.php.net/releases/5_2_8.php  http://www.php.net/releases/5_2_9.php
http://www.php.net/ChangeLog-5.php#5.2.9
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 17 2009 Joe Orton <jorton@xxxxxxxxxx> 5.2.9-2
- stay at v3 of systzdata patch
* Thu Apr 16 2009 Remi Collet <Fedora@xxxxxxxxxxxxxxxxx> - 5.2.9-1
- update to 5.2.9
- merge with some rawhide improvments (fix patch fuzz, renumber
  patches, drop obsolete configure args, drop -odbc patch)
* Sat Jan  3 2009 Remi Collet <Fedora@xxxxxxxxxxxxxxxxx> 5.2.8-1
- update to 5.2.8
- add missing php_embed.h (#457777)
- enable pdo_dblib driver in php-mssql
* Tue Nov  4 2008 Joe Orton <jorton@xxxxxxxxxx> 5.2.6-6
- move gd_README to php-gd
- update to r4 of systzdata patch; introduces a default timezone
  name of "System/Localtime", which uses /etc/localtime (#469532)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #478425 - CVE-2008-5498 php: libgd imagerotate() array index error memory disclosure
        https://bugzilla.redhat.com/show_bug.cgi?id=478425
  [ 2 ] Bug #494530 - CVE-2009-1271 php: crash on malformed input in json_decode()
        https://bugzilla.redhat.com/show_bug.cgi?id=494530
  [ 3 ] Bug #459529 - CVE-2008-3658 php: buffer overflow in the imageloadfont function in gd extension
        https://bugzilla.redhat.com/show_bug.cgi?id=459529
  [ 4 ] Bug #459572 - CVE-2008-3660 php: FastCGI module DoS via multiple dots preceding the extension
        https://bugzilla.redhat.com/show_bug.cgi?id=459572
  [ 5 ] Bug #452808 - CVE-2008-2829 php: ext/imap legacy routine buffer overflow
        https://bugzilla.redhat.com/show_bug.cgi?id=452808
  [ 6 ] Bug #474824 - CVE-2008-5658 php: ZipArchive::extractTo() Directory Traversal Vulnerability
        https://bugzilla.redhat.com/show_bug.cgi?id=474824
  [ 7 ] Bug #478848 - CVE-2008-5557 php: Heap-based buffer overflow in the mbstring extension via crafted string containing a HTML entity (arb code execution)
        https://bugzilla.redhat.com/show_bug.cgi?id=478848
  [ 8 ] Bug #479272 - CVE-2009-0754 PHP mbstring.func_overload web server denial of service
        https://bugzilla.redhat.com/show_bug.cgi?id=479272
--------------------------------------------------------------------------------


================================================================================
 php-pecl-runkit-0.9-10.CVS20090215.fc10 (FEDORA-2009-3823)
 Mangle with user defined functions and classes
--------------------------------------------------------------------------------
Update Information:

PHP Opcode Analyser
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #455226 - Review Request: php-pecl-runkit - PHP Opcode Analyser
        https://bugzilla.redhat.com/show_bug.cgi?id=455226
--------------------------------------------------------------------------------


================================================================================
 ppl-0.10.2-1.fc10 (FEDORA-2009-3766)
 The Parma Polyhedra Library: a library of numerical abstractions
--------------------------------------------------------------------------------
Update Information:

New upstream release.  This will be the reference version for GCC 4.4.*. New
upstream release, required by GCC 4.4.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Apr 18 2009 Roberto Bagnara <bagnara@xxxxxxxxxxx> 0.10.2-1
- Updated for PPL 0.10.2.
* Tue Apr 14 2009 Roberto Bagnara <bagnara@xxxxxxxxxxx> 0.10.1-1
- Updated for PPL 0.10.1.
* Sun Mar 29 2009 Roberto Bagnara <bagnara@xxxxxxxxxxx> 0.10-11
- Moved changelogs and PostScript and PDF versions of the GPL to the
  `docs' subpackages. This saves considerable space on the live media.
* Tue Mar 24 2009 Roberto Bagnara <bagnara@xxxxxxxxxxx> 0.10-10
- There are no GNU Prolog packages available on ia64: disable the GNU Prolog
  interface also on those platforms (besides ppc64, s390 and s390x).
* Thu Feb 26 2009 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.10-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild.
* Wed Feb 18 2009 Roberto Bagnara <bagnara@xxxxxxxxxxx> 0.10-8
- Install the documentation according to the Fedora packaging conventions.
* Tue Feb 17 2009 Karsten Hopp <karsten@xxxxxxxxxxx> 0.10-7
- There are no GNU Prolog packages available on s390 and s390x: disable
  the GNU Prolog interface also on those platforms (besides ppc64).
* Wed Feb  4 2009 Roberto Bagnara <bagnara@xxxxxxxxxxx> 0.10-6
- Better workaround for the bug affecting PPL 0.10 on big-endian
  architectures.
* Tue Feb  3 2009 Roberto Bagnara <bagnara@xxxxxxxxxxx> 0.10-5
- Work around the bug affecting PPL 0.10 on big-endian architectures.
* Fri Dec  5 2008 Roberto Bagnara <bagnara@xxxxxxxxxxx> 0.10-4
- Added `%dir %{_datadir}/doc/pwl' to the `%files' section
  of the `ppl-pwl' package.
* Tue Nov  4 2008 Roberto Bagnara <bagnara@xxxxxxxxxxx> 0.10-3
- Fixed the requirements of the `ppl-java' package.
* Tue Nov  4 2008 Roberto Bagnara <bagnara@xxxxxxxxxxx> 0.10-2
- Added m4 >= 1.4.8 to build requirements.
* Tue Nov  4 2008 Roberto Bagnara <bagnara@xxxxxxxxxxx> 0.10-1
- Updated and extended for PPL 0.10.  In particular, the `ppl-config'
  program, being useful also for non-development activities, has been
  brought back to the main package.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #463742 - Update version of ppl to  0.10
        https://bugzilla.redhat.com/show_bug.cgi?id=463742
  [ 2 ] Bug #490629 - Please create updates for PPL 0.10 for Fedora 9/10
        https://bugzilla.redhat.com/show_bug.cgi?id=490629
--------------------------------------------------------------------------------


================================================================================
 prewikka-0.9.14-2.fc10 (FEDORA-2009-3761)
 Graphical front-end analysis console for the Prelude Hybrid IDS Framework
--------------------------------------------------------------------------------
Update Information:

The permissions on the prewikka.conf file are world readable and contain the sql
database password used by prewikka. This update makes it readable just by the
apache group.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 17 2009 Steve Grubb <sgrubb@xxxxxxxxxx> 0.9.14-2
- Change default perms on conf file
--------------------------------------------------------------------------------


================================================================================
 python-altgraph-0.6.7-2.fc10 (FEDORA-2009-3866)
 Python graph (network) package
--------------------------------------------------------------------------------
Update Information:

altgraph is a fork of graphlib: a graph (network) package for constructing
graphs, BFS, and DFS traversals, topological sort, shortest paths, etc. with
graphviz output.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #495372 - Review Request: python-altgraph - Python graph (network) package
        https://bugzilla.redhat.com/show_bug.cgi?id=495372
--------------------------------------------------------------------------------


================================================================================
 python-upoints-0.11.0-2.fc10 (FEDORA-2009-3757)
 Python modules for working with points on Earth
--------------------------------------------------------------------------------
Update Information:

upoints, previously called earth_distance, is a collection of  modules for
working with points on a spherical object. It allows  you to calculate the
distance and bearings between points,  mangle xearth/xplanet data files, work
with online UK trigpoint   databases and various other databases.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #495418 - Review Request: python-upoints - Python modules for working with points on Earth
        https://bugzilla.redhat.com/show_bug.cgi?id=495418
--------------------------------------------------------------------------------


================================================================================
 rubygem-hoe-1.12.2-1.fc10 (FEDORA-2009-3775)
 Hoe is a simple rake/rubygems helper for project Rakefiles
--------------------------------------------------------------------------------
Update Information:

Release 1.12.2 of Hoe.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 17 2009 Darryl Pierce <dpierce@xxxxxxxxxx> - 1.12.2-1
- Release 1.12.2 of Hoe.
--------------------------------------------------------------------------------


================================================================================
 safecopy-1.2-2.fc10 (FEDORA-2009-3824)
 Safe copying of files and partitions
--------------------------------------------------------------------------------
Update Information:

safecopy is a data recovery tool which tries to extract as much data  as
possible from a problematic (i.e. damaged sectors) source - like  floppy drives,
harddisk partitions, CDs, tape devices, ..., where  other tools like dd would
fail doe to I/O errors.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #495950 - Review Request: safecopy - Safe copying of files and partitions
        https://bugzilla.redhat.com/show_bug.cgi?id=495950
--------------------------------------------------------------------------------


================================================================================
 strigi-0.6.4-4.fc10 (FEDORA-2009-3816)
 A desktop search program
--------------------------------------------------------------------------------
Update Information:

Fixes crash when path contains '/' character (kde#185551).
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr 21 2009 Jaroslav Reznik <jreznik@xxxxxxxxxx> - 0.6.4-4
- fix crash with / char in path (#496620, kde#185551)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #496620 - Dolphin crashes when trying to browse an SMB workgroup or view the properties of /
        https://bugzilla.redhat.com/show_bug.cgi?id=496620
--------------------------------------------------------------------------------


================================================================================
 sugar-finance-3-1.fc10 (FEDORA-2009-3836)
 Financial planning for Sugar
--------------------------------------------------------------------------------
Update Information:

* Mon Apr 20 2009 Fabian Affolter <fabian@xxxxxxxxxxxxxxxxx> - 3-1  - Updated to
new upstream version 3  - Removed manual VCS checkout stuff  - Added URL for
Source0  - Added translations
--------------------------------------------------------------------------------
ChangeLog:

--------------------------------------------------------------------------------


================================================================================
 tcpjunk-2.660-1.fc10 (FEDORA-2009-3839)
 TCP protocols testing tool
--------------------------------------------------------------------------------
Update Information:

* Mon Apr 20 2009 Fabian Affolter <fabian@xxxxxxxxxxxxxxxxx> - 2.660-1  -
Updated to new upsteram version 2.660
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr 20 2009 Fabian Affolter <fabian@xxxxxxxxxxxxxxxxx> - 2.660-1
- Updated to new upsteram version 2.660
--------------------------------------------------------------------------------


================================================================================
 testdisk-6.11-1.fc10 (FEDORA-2009-3843)
 Tool to check and undelete partition, PhotoRec recovers lost files
--------------------------------------------------------------------------------
Update Information:

TestDisk 6.11 can undelete files from NTFS partition  and recover deleted exFAT.
Over 50 file types have been added to PhotoRec.  TestDisk & PhotoRec 6.11 are
faster than previous versions.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Apr 19 2009 Christophe Grenier <grenier@xxxxxxxxxxxxxx> 6.11-1
- Update to latest version
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #494351 - RFE: Please add PhotoRec to the Summary and %description
        https://bugzilla.redhat.com/show_bug.cgi?id=494351
--------------------------------------------------------------------------------


================================================================================
 transmission-1.51-1.fc10 (FEDORA-2009-3815)
 A lightweight GTK+ BitTorrent client
--------------------------------------------------------------------------------
Update Information:

- Many bug fixes  - Various usability improvements  - Lots of new options added
to transmission-remote
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr 20 2009 Denis <denis@xxxxxxxxxxxxx> - 1.51-1
- Update to upstream 1.51 (fix for #493064)
- Updated patches
- Added icon cache scriplets (#487824)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #493064 - Crash bug in Transmission Torrent
        https://bugzilla.redhat.com/show_bug.cgi?id=493064
--------------------------------------------------------------------------------


================================================================================
 trustyrc-0.1.3-1.fc10 (FEDORA-2009-3786)
 Fully modular IRC robot
--------------------------------------------------------------------------------
Update Information:

Step to 0.1.3
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 27 2009 Nicoleau Fabien <nicoleau.fabien@xxxxxxxxx> 0.1.3-1
- Rebuild for 0.1.3
- No more sub packages
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.1.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 unique-1.0.8-1.fc10 (FEDORA-2009-3785)
 Single instance support for applications
--------------------------------------------------------------------------------
Update Information:

- Update to latest upstream version   * Unbreak subclassing of UniqueApp
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr 20 2009 Richard Hughes  <rhughes@xxxxxxxxxx> - 1.0.8-1
- Update to latest upstream version
 * Unbreak subclassing of UniqueApp
 * Remove upstreamed patches
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #496556 - Please update unique to 1.0.6
        https://bugzilla.redhat.com/show_bug.cgi?id=496556
--------------------------------------------------------------------------------


================================================================================
 zynjacku-4-2.fc10 (FEDORA-2009-3814)
 LV2 synths and plugins host
--------------------------------------------------------------------------------
Update Information:

zynjacku is JACK based, GTK (2.x) host for LV2 synths. It has one JACK MIDI
input port (routed to all hosted synths) and one (two for stereo synths) JACK
audio output port per plugin. Such design provides multi-timbral sound by
running several synth plugins. zynjacku is a nunchaku weapon for JACK audio
synthesis. You have solid parts for synthesis itself and you have flexible part
that allows synthesis to suit your needs. lv2rack is a host for LV2 effect
plugins.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #492990 - Review Request: zynjacku - LV2 synths and plugins host
        https://bugzilla.redhat.com/show_bug.cgi?id=492990
--------------------------------------------------------------------------------


-- 
fedora-test-list mailing list
fedora-test-list@xxxxxxxxxx
To unsubscribe: 
https://www.redhat.com/mailman/listinfo/fedora-test-list

[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux