The following builds have been pushed to Fedora 11 updates-testing adaptx-0.9.13-9.fc11 cpio-2.9.90-8.fc11 cronie-1.3-4.fc11 ksh-20100309-1.fc11 lxdm-0.1.1-0.2.20100303gite4f7b39.fc11 mercurial-1.5-2.fc11 piklab-0.15.7-1.fc11 python-suds-0.3.9-1.fc11 shared-desktop-ontologies-0.3-1.fc11 tar-1.22-5.fc11 tor-0.2.1.24-1101.fc11 trac-0.11.7-1.fc11 viewvc-1.1.4-1.fc11 xmlrpc-2.0.1-5.6.fc11 xmlunit-1.0-7.3.fc11 xom-1.0-4.6.fc11 zinnia-0.05-4.fc11 Details about builds: ================================================================================ adaptx-0.9.13-9.fc11 (FEDORA-2010-4291) AdaptX XSLT processor and XPath engine -------------------------------------------------------------------------------- Update Information: Missing requires added -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 11 2010 Peter Lemenkov <lemenkov@xxxxxxxxx> - 0.9.13-9 - Added missing requires jpackage-utils * Fri Jul 24 2009 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.9.13-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ cpio-2.9.90-8.fc11 (FEDORA-2010-4302) A GNU archiving program -------------------------------------------------------------------------------- Update Information: - CVE-2010-0624 fix heap-based buffer overflow by expanding a specially- crafted archive(#572150) -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 10 2010 Ondrej Vasik <ovasik@xxxxxxxxxx> 2.9.90-8 - CVE-2010-0624 fix heap-based buffer overflow by expanding a specially-crafted archive(#572150) * Thu Feb 25 2010 Ondrej Vasik <ovasik@xxxxxxxxxx> 2.9.90-7 - fix segfault with nonexisting file with patternnames (#567022) - do process install-info only without --excludedocs(#515924) -------------------------------------------------------------------------------- References: [ 1 ] Bug #564368 - CVE-2010-0624 tar, cpio: Heap-based buffer overflow by expanding a specially-crafted archive https://bugzilla.redhat.com/show_bug.cgi?id=564368 -------------------------------------------------------------------------------- ================================================================================ cronie-1.3-4.fc11 (FEDORA-2010-4300) Cron daemon for executing programs at set times -------------------------------------------------------------------------------- Update Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0424 -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 9 2010 Marcela Mašláňová <mmaslano@xxxxxxxxxx> - 1.3-4 - CVE-2010-0424 Race condition by setting timestamp of user's crontab file -------------------------------------------------------------------------------- References: [ 1 ] Bug #565809 - CVE-2010-0424 vixie-cron, cronie: Race condition by setting timestamp of user's crontab file, when editing the file https://bugzilla.redhat.com/show_bug.cgi?id=565809 -------------------------------------------------------------------------------- ================================================================================ ksh-20100309-1.fc11 (FEDORA-2010-4289) The Original ATT Korn Shell -------------------------------------------------------------------------------- Update Information: - fix mock building - detection of /dev/fd/X - updated to 2010-03-09 - A varibale unset memory leak has been fixed - Documentation, comment, and diagnostic spelling typos corrected - fixed bug in which the get discipline function was not invoked for associative array subscripts for unset array elements - fixed bug which could occur if the last line of a script was an eval that executed multiple commands -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 10 2010 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 20100309-1 - updated to 2010-03-09 - fix mock building - detection of /dev/fd/X -------------------------------------------------------------------------------- References: [ 1 ] Bug #572024 - ksh process substitution is broken https://bugzilla.redhat.com/show_bug.cgi?id=572024 -------------------------------------------------------------------------------- ================================================================================ lxdm-0.1.1-0.2.20100303gite4f7b39.fc11 (FEDORA-2010-3534) Lightweight X11 Display Manager -------------------------------------------------------------------------------- Update Information: New version adds support for themes (enable it in /etc/lxdm/lxdm.conf) Together with the latest selinux-policy package this update also fixes SELinux issues. -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 11 2010 Christoph Wickert <cwickert@xxxxxxxxxxxxxxxxx> - 0.1.1-0.2.20100303gite4f7b39 - Make sure lxdm.conf get's updated to avoid login problems * Wed Mar 3 2010 Christoph Wickert <cwickert@xxxxxxxxxxxxxxxxx> - 0.1.1-0.1.20100303gite4f7b39 - Update to git release e4f7b39 (fixes #564995) - Fix SELinux problems (#564320) * Wed Feb 24 2010 Christoph Wickert <cwickert@xxxxxxxxxxxxxxxxx> - 0.1.1-0.1.20100223gitdf819fd - Update to latest git - BR iso-codes-devel - Don't hardcode tty1 in the source, use lxdm.conf instead * Fri Jan 8 2010 Christoph Wickert <cwickert@xxxxxxxxxxxxxxxxx> - 0.1.0-1 - Update to 0.1.0 - Change license to GPLv2+ and LGPLv2+ - Use tty1 by default - PAM fixes for SELinux (#552885) -------------------------------------------------------------------------------- References: [ 1 ] Bug #564320 - can't login via lxdm with selinux enforcing https://bugzilla.redhat.com/show_bug.cgi?id=564320 -------------------------------------------------------------------------------- ================================================================================ mercurial-1.5-2.fc11 (FEDORA-2010-4332) A fast, lightweight distributed source control management system -------------------------------------------------------------------------------- Update Information: see http://mercurial.selenic.com/wiki/WhatsNew -------------------------------------------------------------------------------- ChangeLog: * Sat Mar 6 2010 Neal Becker <ndbecker2@xxxxxxxxx> - 1.5-2 - doc/ja seems to be gone * Sat Mar 6 2010 Neal Becker <ndbecker2@xxxxxxxxx> - 1.5-1 - Update to 1.5 -------------------------------------------------------------------------------- ================================================================================ piklab-0.15.7-1.fc11 (FEDORA-2010-4328) Development environment for applications based on PIC & dsPIC microcontrollers -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 10 2010 Alain Portal <alain.portal[AT]univ-montp2[DOT]fr> 0.15.7-1 - New upstream version - Remove patches 2 & 3 that are no more needed -------------------------------------------------------------------------------- ================================================================================ python-suds-0.3.9-1.fc11 (FEDORA-2010-4308) A python SOAP client -------------------------------------------------------------------------------- Update Information: Released new features and bug fixes. -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 17 2009 jortel <jortel@xxxxxxxxxx> - 0.3.9-1 - Bumped python requires to 2.4 - Replaced stream-based caching in the transport package with document-based caching. - Caches pickled Document objects instead of XML text. 2x Faster! - No more SAX parsing exceptions on damaged or incomplete cached files. - Cached WSDL objects. Entire Definitions object including contained Schema object cached via pickle. - Copy of soap encoding schema packaged with suds. - Refactor Transports to use ProxyHandler instead of urllib2.Request.set_proxy(). - Added WSSE enhancements <Timestamp/> and <Expires/> support. See: Timestamp token. - Fixed Tickets: #256, #291, #294, #295, #296 -------------------------------------------------------------------------------- ================================================================================ shared-desktop-ontologies-0.3-1.fc11 (FEDORA-2010-4307) Shared ontologies needed for semantic environments -------------------------------------------------------------------------------- Update Information: Fixes a bug/typo or two, plus adds some new classes and properties. See also http://sourceforge.net/projects/oscaf/files/shared-desktop-ontologies/0.3 /shared-desktop-ontologies-0.3-release-notes/view -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 10 2010 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 0.3-1 - 0.3 -------------------------------------------------------------------------------- ================================================================================ tar-1.22-5.fc11 (FEDORA-2010-4306) A GNU file archiving program -------------------------------------------------------------------------------- Update Information: - CVE-2010-0624 tar, cpio: Heap-based buffer overflow by expanding a specially-crafted archive (#572149) - realloc within check_exclusion_tags() caused invalid write (#570591) - not closing file descriptors for excluded files/dirs with exlude-tag... options could cause descriptor exhaustion (#570591) - do not fail with POSIX 2008 glibc futimens() (#552320) - fix segfault with corrupted metadata in code_ns_fraction (#531441) - commented patches and sources - store xattrs for symlinks (#525992) - by Kamil Dudka - update tar(1) manpage (#539787) - fix memory leak in xheader (#518079) - store SELinux context for symlinks (#525992) - provide symlink manpage for gtar - do process install-info only without --excludedocs(#515923) -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 10 2010 Ondrej Vasik <ovasik@xxxxxxxxxx> 2:1.22-5 - CVE-2010-0624 tar, cpio: Heap-based buffer overflow by expanding a specially-crafted archive (#572149) - realloc within check_exclusion_tags() caused invalid write (#570591) - not closing file descriptors for excluded files/dirs with exlude-tag... options could cause descriptor exhaustion (#570591) - do not fail with POSIX 2008 glibc futimens() (#552320) - fix segfault with corrupted metadata in code_ns_fraction (#531441) - commented patches and sources - store xattrs for symlinks (#525992) - by Kamil Dudka - update tar(1) manpage (#539787) - fix memory leak in xheader (#518079) - store SELinux context for symlinks (#525992) - provide symlink manpage for gtar - do process install-info only without --excludedocs(#515923) -------------------------------------------------------------------------------- References: [ 1 ] Bug #564368 - CVE-2010-0624 tar, cpio: Heap-based buffer overflow by expanding a specially-crafted archive https://bugzilla.redhat.com/show_bug.cgi?id=564368 -------------------------------------------------------------------------------- ================================================================================ tor-0.2.1.24-1101.fc11 (FEDORA-2010-4296) Anonymizing overlay network for TCP (The onion router) -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 11 2010 Enrico Scholz <enrico.scholz@xxxxxxxxxxxxxxxxxxxxxxxxx> - 0.2.1.24-1101 - removed /var/lib/tor-data dir (Chen Lei) * Tue Mar 2 2010 Enrico Scholz <enrico.scholz@xxxxxxxxxxxxxxxxxxxxxxxxx> - 0.2.1.24-1100 - updated to 0.2.1.24 - require tor-core, not tor in -upstart (thx to Dave Jones) * Mon Feb 15 2010 Enrico Scholz <enrico.scholz@xxxxxxxxxxxxxxxxxxxxxxxxx> - 0.2.1.23-1100 - updated to 0.2.1.23 * Thu Jan 21 2010 Enrico Scholz <enrico.scholz@xxxxxxxxxxxxxxxxxxxxxxxxx> - 0.2.1.22-1100 - updated to 0.2.1.22 * Thu Dec 31 2009 Enrico Scholz <enrico.scholz@xxxxxxxxxxxxxxxxxxxxxxxxx> - 0.2.1.21-1100 - updated to 0.2.1.21 * Sat Nov 14 2009 Enrico Scholz <enrico.scholz@xxxxxxxxxxxxxxxxxxxxxxxxx> - 0.2.1.20-1200 - updated URLs (#532373) - removed (inactive) update mechanism for GeoIP data; this might reduce anonimity (#532373) - use the pidfile at various places in the LSB initscript to operate on the correct process (#532373) - set a higher 'nofile' limit in the upstart initscript to allow fast relays; LSB users will have to add a 'ulimit -n' into /etc/sysconfig/tor to get a similar effect (#532373) - let the LSB initscript wait until process exits within a certain time; this fixes shutdown/restart problems when working as a server (#532373) - fixed initng related typo in logrotate script (#532373) - removed <linux/netfilter_ipv4.h> hack; it is fixed upstream and/or in the kernel sources - use %postun, not %post as a -upstart scriptlet and send INT, not TERM signal to stop/restart daemon -------------------------------------------------------------------------------- ================================================================================ trac-0.11.7-1.fc11 (FEDORA-2010-4287) Enhanced wiki and issue tracking system -------------------------------------------------------------------------------- Update Information: Update to upstream version 0.11.7, fixing one security flaw and multiple bugs. Refer to upstream changelog for further details: * http://trac.edgewall.org/wiki/ChangeLog#a0.11.7 -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 10 2010 Felix Schwarz <felix.schwarz@xxxxxxxxxxxxxx> - 0.11.7-1 - New upstream release (including security fix) * Sat Mar 6 2010 Felix Schwarz <felix.schwarz@xxxxxxxxxxxxxx> - 0.11.6-3 - don't package Windows commit hook - package now includes trac.test module * Sun Jan 24 2010 Felix Schwarz <felix.schwarz@xxxxxxxxxxxxxx> - 0.11.6-2 - add missing setuptools requirement -------------------------------------------------------------------------------- ================================================================================ viewvc-1.1.4-1.fc11 (FEDORA-2010-4326) Browser interface for CVS and SVN version control repositories -------------------------------------------------------------------------------- Update Information: Update to upstream version 1.1.4, fixing one XSS flaw and several bugs: * http://viewvc.tigris.org/source/browse/viewvc/trunk/CHANGES?revision=2341 * security fix: escape user-provided query form input to avoid XSS attack * fix standalone.py failure (when per-root options aren't used) (issue #445) * fix annotate failure caused by ignored svn_config_dir (issue #447) -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 11 2010 Bojan Smojver <bojan@xxxxxxxxxxxxx> - 1.1.4-1 - bump up to 1.1.4 -------------------------------------------------------------------------------- ================================================================================ xmlrpc-2.0.1-5.6.fc11 (FEDORA-2010-4314) Java XML-RPC implementation -------------------------------------------------------------------------------- Update Information: Added missing requires. -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 11 2010 Peter Lemenkov <lemenkov@xxxxxxxxx> - 0:2.0.1-5.6 - Added missing requires jpackage-utils -------------------------------------------------------------------------------- ================================================================================ xmlunit-1.0-7.3.fc11 (FEDORA-2010-4283) Provides classes to do asserts on xml -------------------------------------------------------------------------------- Update Information: Missing requires jpackage-utils -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 11 2010 Peter Lemenkov <lemenkov@xxxxxxxxx> - 0:1.0-7.3 - Added missing Requires jpackage-utils -------------------------------------------------------------------------------- ================================================================================ xom-1.0-4.6.fc11 (FEDORA-2010-4323) XML Pull Parser -------------------------------------------------------------------------------- Update Information: Added missing requires. -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 11 2010 Peter Lemenkov <lemenkov@xxxxxxxxx> - 0:1.0-4.6 - Added missing Requires: jpackage-utils (%{_javadir} and %{_javadocdir}) -------------------------------------------------------------------------------- ================================================================================ zinnia-0.05-4.fc11 (FEDORA-2010-4322) Online handwriting recognition system with machine learning -------------------------------------------------------------------------------- Update Information: This is the first build of zinnia -------------------------------------------------------------------------------- References: [ 1 ] Bug #562366 - Review request: zinnia - online handwriting recognition system with machine learning https://bugzilla.redhat.com/show_bug.cgi?id=562366 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test