Fedora 13 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following builds have been pushed to Fedora 13 updates-testing

    GMT-4.5.3-3.fc13
    asterisk-1.6.2.11-1.fc13
    clamav-0.96.1-1300.fc13
    coot-0.6.1-3.20100127svn2740.fc13
    decibel-audio-player-1.05-1.fc13
    diffuse-0.4.3-1.fc13
    erlang-mochiweb-1.3-0.6.20100724git9a53dbd7.fc13
    faenza-icon-theme-0.6-1.fc13
    fedora-packager-0.5.1.1-1.fc13
    gdesklet-SlideShow-0.9-8.fc13
    gnome-applet-netspeed-0.16-4.fc13
    gridengine-6.2u5-4.fc13
    gutenprint-5.2.6-1.fc13
    liblockfile-1.08-9.fc13
    libwbxml-0.10.8-1.fc13
    maniadrive-1.2-22.fc13
    mingw32-nsis-2.46-1.fc13
    nas-1.9.2-1.fc13
    perl-Geo-IPfree-1.1.0.1.6.5.0-1.fc13
    perl-libwhisker2-2.5-1.fc13
    php-5.3.3-1.fc13
    php-eaccelerator-0.9.6.1-2.fc13
    php-pecl-xdebug-2.1.0-1.fc13
    pidgin-2.7.3-1.fc13
    rubygem-cucumber-0.8.5-4.fc13
    samba-3.5.4-63.fc13
    system-config-firewall-1.2.27-1.fc13

Details about builds:


================================================================================
 GMT-4.5.3-3.fc13 (FEDORA-2010-12516)
 Generic Mapping Tools
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jul 22 2010 Orion Poplawski <orion@xxxxxxxxxxxxx> 4.5.3-3
- Fix buffer overflow in psimage (bug #617332)
* Tue Jul 20 2010 Orion Poplawski <orion@xxxxxxxxxxxxx> 4.5.3-2
- Bump coastlines requirement to 2.1.0
* Mon Jul 19 2010 Orion Poplawski <orion@xxxxxxxxxxxxx> 4.5.3-1
- Update to 4.5.3
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #617332 - [abrt] crash in GMT-4.5.2-1.fc13: __libc_message: Process /usr/bin/psimage was killed by signal 6 (SIGABRT)
        https://bugzilla.redhat.com/show_bug.cgi?id=617332
--------------------------------------------------------------------------------


================================================================================
 asterisk-1.6.2.11-1.fc13 (FEDORA-2010-12529)
 The Open Source PBX
--------------------------------------------------------------------------------
Update Information:

The following are a few of the issues resolved by community developers:     *
Send DialPlanComplete as a response, not as a separate event. Otherwise, it
goes to all manager sessions and may exclude the current session, if the
Events mask excludes it.     (Closes issue #17504. Reported, patched by rrb3942)
* Allow the "useragent" value to be restored into memory from the realtime
backend. This value is purely informational. It does not alter configuration
at all.     (Closes issue #16029. Reported, patched by Guggemand)     * Fix
rt(c)p set debug ip taking wrong argument Also clean up some coding     errors.
(Closes issue #17469. Reported, patched by wdoekes)     * Ensure channel placed
in meetme in ringing state is properly hung up. An     outgoing channel placed
in meetme while still ringing which was then hung up     would not exit meetme
and the channel was not properly destroyed.     (Closes issue #15871. Reported,
patched by Ivan)     * Correct how 100, 200, 300, etc. is said. Also add the
crazy British numbers.     (Closes issue #16102. Reported, patched by Delvar)
* cdr_pgsql does not detect when a table is found. This change adds an ERROR
message to let you know when a failure exists to get the columns from the
pgsql database, which typically means that the table does not exist.     (Closes
issue #17478. Reported, patched by kobaz)     * Avoid crashing when installing a
duplicate translation path with a lower     cost.     (Closes issue #17092.
Reported, patched by moy)     * Add missing handling for ringing state for use
with queue empty options.     (Closes issue #17471. Reported, patched by jazzy)
* Fix reporting estimated queue hold time. Just say the number of seconds
(after minutes) rather than doing some incorrect calculation with respect to
minutes.     (Closes issue #17498. Reported, patched by corruptor)    For a full
list of changes in the current release, please see the  ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.11
--------------------------------------------------------------------------------
ChangeLog:

* Wed Aug 11 2010 Jeffrey C. Ollie <jeff@xxxxxxxxxx> - 1.6.2.11-1
-
- The following are a few of the issues resolved by community developers:
-
-  * Send DialPlanComplete as a response, not as a separate event. Otherwise, it
-    goes to all manager sessions and may exclude the current session, if the
-    Events mask excludes it.
-    (Closes issue #17504. Reported, patched by rrb3942)
-
-  * Allow the "useragent" value to be restored into memory from the realtime
-    backend. This value is purely informational. It does not alter configuration
-    at all.
-    (Closes issue #16029. Reported, patched by Guggemand)
-
-  * Fix rt(c)p set debug ip taking wrong argument Also clean up some coding
-    errors.
-    (Closes issue #17469. Reported, patched by wdoekes)
-
-  * Ensure channel placed in meetme in ringing state is properly hung up. An
-    outgoing channel placed in meetme while still ringing which was then hung up
-    would not exit meetme and the channel was not properly destroyed.
-    (Closes issue #15871. Reported, patched by Ivan)
-
-  * Correct how 100, 200, 300, etc. is said. Also add the crazy British numbers.
-    (Closes issue #16102. Reported, patched by Delvar)
-
-  * cdr_pgsql does not detect when a table is found. This change adds an ERROR
-    message to let you know when a failure exists to get the columns from the
-    pgsql database, which typically means that the table does not exist.
-    (Closes issue #17478. Reported, patched by kobaz)
-
-  * Avoid crashing when installing a duplicate translation path with a lower
-    cost.
-    (Closes issue #17092. Reported, patched by moy)
-
-  * Add missing handling for ringing state for use with queue empty options.
-    (Closes issue #17471. Reported, patched by jazzy)
-
-  * Fix reporting estimated queue hold time. Just say the number of seconds
-    (after minutes) rather than doing some incorrect calculation with respect to
-    minutes.
-    (Closes issue #17498. Reported, patched by corruptor)
-
- For a full list of changes in the current release, please see the
- ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.11
--------------------------------------------------------------------------------


================================================================================
 clamav-0.96.1-1300.fc13 (FEDORA-2010-9391)
 End-user tools for the Clam Antivirus scanner
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun  1 2010 Enrico Scholz <enrico.scholz@xxxxxxxxxxxxxxxxxxxxxxxxx> - 0.96.1-1400
- updated to 0.96.1
- applied upstream patch which allows to disable JIT compiler (#573191)
- disabled JIT compiler by default
- removed explicit 'pkgconfig' requirements in -devel (#533956)
- added some BRs
- rediffed patches
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #533956 - please consider changing the requires on clamav-devel from /usr/lib/pkgconfig to pkgconfig%{?_isa}
        https://bugzilla.redhat.com/show_bug.cgi?id=533956
--------------------------------------------------------------------------------


================================================================================
 coot-0.6.1-3.20100127svn2740.fc13 (FEDORA-2010-12510)
 The crystallographic object-oriented toolkit
--------------------------------------------------------------------------------


================================================================================
 decibel-audio-player-1.05-1.fc13 (FEDORA-2010-12538)
 Music player for GNOME
--------------------------------------------------------------------------------
Update Information:

* Wed Aug 11 2010 Debarshi Ray <rishi@xxxxxxxxxxxxxxxxx> - 1.05-1  - Version
bump to 1.05. (Red Hat Bugzilla #608398)    * Added presets to the equalizer.
* Close properly on Ctrl+C.    * Fixed crash when trying to set the cover for
the current track.    * Fixed Gnome media keys no longer working when
starting/closing multiple      instances.    * Fixed labels not always properly
updated in the equalizer.    * Improved startup time.    * Middle-click toggles
pause, scroll changes volume.    * The playbin2 GStreamer component is now used
by default.    * Equalizer module has a menu item (Ctrl+E) when enabled.
(Launchpad #495761)    * Stick to the Media Player Remote Interface
Specifications. (Launchpad      #534021)    * Added Zeitgeist support.
(Launchpad #579972)    * Skips two songs when one is not found. (Launchpad
#581654)    * Ignore disc number when it looks like '1/1'. (Launchpad #596350)
* http://decibel.silent-blade.org/index.php?n=Main.ReleaseNotes
--------------------------------------------------------------------------------
ChangeLog:

* Wed Aug 11 2010 Debarshi Ray <rishi@xxxxxxxxxxxxxxxxx> - 1.05-1
- Version bump to 1.05. (Red Hat Bugzilla #608398)
  * Added presets to the equalizer.
  * Close properly on Ctrl+C.
  * Fixed crash when trying to set the cover for the current track.
  * Fixed Gnome media keys no longer working when starting/closing multiple
    instances.
  * Fixed labels not always properly updated in the equalizer.
  * Improved startup time.
  * Middle-click toggles pause, scroll changes volume.
  * The playbin2 GStreamer component is now used by default.
  * Equalizer module has a menu item (Ctrl+E) when enabled. (Launchpad #495761)
  * Stick to the Media Player Remote Interface Specifications. (Launchpad
      * Added Zeitgeist support. (Launchpad #579972)
  * Skips two songs when one is not found. (Launchpad #581654)
  * Ignore disc number when it looks like '1/1'. (Launchpad #596350)
  * http://decibel.silent-blade.org/index.php?n=Main.ReleaseNotes
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #608398 - decibel-audio-player-1.05 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=608398
  [ 2 ] Bug #623285 - decibel-audio-player may need to be rebuilt against Python 2.7 in F14 and rawhide
        https://bugzilla.redhat.com/show_bug.cgi?id=623285
--------------------------------------------------------------------------------


================================================================================
 diffuse-0.4.3-1.fc13 (FEDORA-2010-12521)
 Graphical tool for comparing and merging text files
--------------------------------------------------------------------------------
ChangeLog:

* Tue Aug 10 2010 Jon Levell <fedora@xxxxxxxxxxxxx> - 0.4.3-1
- Update to 0.4.3 upstream release
--------------------------------------------------------------------------------


================================================================================
 erlang-mochiweb-1.3-0.6.20100724git9a53dbd7.fc13 (FEDORA-2010-12535)
 An Erlang library for building lightweight HTTP servers
--------------------------------------------------------------------------------
Update Information:

- Fixed all tests on EL-5  - New git snapshot
--------------------------------------------------------------------------------
ChangeLog:

* Wed Aug 11 2010 Peter Lemenkov <lemenkov@xxxxxxxxx> - 1.3-0.6.20100724git9a53dbd7
- Fixed all tests on EL-5
- New git snapshot
* Tue Jul 13 2010 Peter Lemenkov <lemenkov@xxxxxxxxx> - 1.3-0.5.20100507svn159
- Fixed several tests on EL-5 (enough to allow CouchDB to pass its own self-tests)
* Mon Jul 12 2010 Peter Lemenkov <lemenkov@xxxxxxxxx> - 1.3-0.4.20100507svn159
- Rebuild with new Erlang
- Simplified spec-file
--------------------------------------------------------------------------------


================================================================================
 faenza-icon-theme-0.6-1.fc13 (FEDORA-2010-12514)
 Icon theme designed for Equinox GTK theme
--------------------------------------------------------------------------------
Update Information:

new icon set for Gnome
--------------------------------------------------------------------------------


================================================================================
 fedora-packager-0.5.1.1-1.fc13 (FEDORA-2010-12517)
 Tools for setting up a fedora maintainer environment
--------------------------------------------------------------------------------
Update Information:

minor bug fix and feature release.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Aug  5 2010 Dennis Gilmore <dennis@xxxxxxxx> - 0.5.1.1-1
- update to latest release
* Fri Jul 30 2010 Dennis Gilmore <dennis@xxxxxxxx> -0.5.1.0-2
- split fedpkg out on its own
--------------------------------------------------------------------------------


================================================================================
 gdesklet-SlideShow-0.9-8.fc13 (FEDORA-2010-12500)
 A slideshow of collection for gdesklets
--------------------------------------------------------------------------------
ChangeLog:

* Wed Aug 11 2010 Jonathan MERCIER <bioinfornatics at gmail.com> - 0.9-8
- rebuild for python 2.7'
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #623306 - gdesklet-SlideShow may need to be rebuilt against Python 2.7 in F14 and rawhide
        https://bugzilla.redhat.com/show_bug.cgi?id=623306
  [ 2 ] Bug #621726 - SELinux is preventing /usr/bin/python "write" access      on /usr/share/system-config-firewall.
        https://bugzilla.redhat.com/show_bug.cgi?id=621726
--------------------------------------------------------------------------------


================================================================================
 gnome-applet-netspeed-0.16-4.fc13 (FEDORA-2010-12528)
 GNOME applet that shows traffic on a network device
--------------------------------------------------------------------------------
ChangeLog:

* Wed Aug 11 2010 Michael Schwendt <mschwendt@xxxxxxxxxxxxxxxxx> - 0.16-4
- Correctly disconnect icon_theme_changed_cb (from upstream bz 600597).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #530920 - [abrt] crash detected in gnome-applet-netspeed-0.15.2-3.fc12 : in init_quality_pixbufs / g_object_unref
        https://bugzilla.redhat.com/show_bug.cgi?id=530920
--------------------------------------------------------------------------------


================================================================================
 gridengine-6.2u5-4.fc13 (FEDORA-2010-12526)
 Grid Engine - Distributed Computing Management software
--------------------------------------------------------------------------------
ChangeLog:

* Wed Aug 11 2010 - Orion Poplawski <orion@xxxxxxxxxxxxx> - 6.2u5-4
- Use upstream my_configuration.conf as template for default one (bugs 557628,566294)
- Set SGE_CELL in sge.sh/sge.csh (bug 620907)
* Mon Jul 12 2010 - Orion Poplawski <orion@xxxxxxxxxxxxx> - 6.2u5-3
- Exclude ppc64 - no java 1.6.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #557628 - installation directions error
        https://bugzilla.redhat.com/show_bug.cgi?id=557628
  [ 2 ] Bug #566293 - start order of qmaster and execd in init.d
        https://bugzilla.redhat.com/show_bug.cgi?id=566293
  [ 3 ] Bug #566294 - setting SGE_CLUSTER_NAME="p6444" missing in my_configuration.conf
        https://bugzilla.redhat.com/show_bug.cgi?id=566294
  [ 4 ] Bug #566296 - Copying of default/common/act_master + bootstrap not sufficient
        https://bugzilla.redhat.com/show_bug.cgi?id=566296
  [ 5 ] Bug #620907 - profile.d scripts don't set up SGE_CELL
        https://bugzilla.redhat.com/show_bug.cgi?id=620907
--------------------------------------------------------------------------------


================================================================================
 gutenprint-5.2.6-1.fc13 (FEDORA-2010-12523)
 Printer Drivers Package
--------------------------------------------------------------------------------
Update Information:

New upstream release (many new printers supported).
--------------------------------------------------------------------------------
ChangeLog:

* Wed Aug 11 2010 Jiri Popelka <jpopelka@xxxxxxxxxx> 5.2.6-1
- 5.2.6.
* Mon Jul 12 2010 Jiri Popelka <jpopelka@xxxxxxxxxx> 5.2.5-10
- Added COPYING file to main package.
* Thu Jul  8 2010 Jiri Popelka <jpopelka@xxxxxxxxxx> 5.2.5-9
- Don't ship kitload.log in foomatic sub-package (bug #594709).
* Fri Jun 11 2010 Tim Waugh <twaugh@xxxxxxxxxx> 5.2.5-8
- Fixed Source0 URL.
* Wed May 12 2010 Jiri Popelka <jpopelka@xxxxxxxxxx> 5.2.5-7
- Added IEEE 1284 Device ID for:
    Epson Stylus Photo 1400 (bug #577299).
    Epson Stylus Photo 830U (bug #577307).
    HP DeskJet 959C (bug #577291).
* Thu Mar 25 2010 Tim Waugh <twaugh@xxxxxxxxxx> 5.2.5-6
- Added IEEE 1284 Device ID for Epson Stylus Photo R230 (from Ubuntu #520466).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #616379 - gutenprint-5.2.6 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=616379
--------------------------------------------------------------------------------


================================================================================
 liblockfile-1.08-9.fc13 (FEDORA-2010-12531)
 This implements a number of functions found in -lmail on SysV systems
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #601577 - Review Request: liblockfile - This library implements a number of functions found in -lmail on SysV systems
        https://bugzilla.redhat.com/show_bug.cgi?id=601577
--------------------------------------------------------------------------------


================================================================================
 libwbxml-0.10.8-1.fc13 (FEDORA-2010-12504)
 Library and tools to parse, encode and handle WBXML documents
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #621297 - libwbxml2-0.10.8 bump
        https://bugzilla.redhat.com/show_bug.cgi?id=621297
--------------------------------------------------------------------------------


================================================================================
 maniadrive-1.2-22.fc13 (FEDORA-2010-11481)
 3D stunt driving game
--------------------------------------------------------------------------------
Update Information:

Update to PHP 5.3.3    Security Enhancements and Fixes in PHP 5.3.3:  * Rewrote
var_export() to use smart_str rather than output buffering, prevents data
disclosure if a fatal error occurs (CVE-2010-2531).  * Fixed a possible resource
destruction issues in shm_put_var().  * Fixed a possible information leak
because of interruption of XOR operator.  * Fixed a possible memory corruption
because of unexpected call-time pass by refernce and following memory clobbering
through callbacks.  * Fixed a possible memory corruption in
ArrayObject::uasort().  * Fixed a possible memory corruption in parse_str().  *
Fixed a possible memory corruption in pack().  * Fixed a possible memory
corruption in substr_replace().  * Fixed a possible memory corruption in
addcslashes().  * Fixed a possible stack exhaustion inside fnmatch().  * Fixed a
possible dechunking filter buffer overflow.  * Fixed a possible arbitrary memory
access inside sqlite extension.  * Fixed string format validation inside phar
extension.  * Fixed handling of session variable serialization on certain prefix
characters.  * Fixed a NULL pointer dereference when processing invalid XML-RPC
requests (Fixes CVE-2010-0397, bug #51288).  * Fixed SplObjectStorage
unserialization problems (CVE-2010-2225).  * Fixed possible buffer overflows in
mysqlnd_list_fields, mysqlnd_change_user.  * Fixed possible buffer overflows
when handling error packets in mysqlnd.    Full upstream Changelog:
http://www.php.net/ChangeLog-5.php#5.3.3
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jul 22 2010 Remi Collet <Fedora@xxxxxxxxxxxxxxxxx> 1.2-22
- Rebuild for new php 5.3.3
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #601897 - CVE-2010-2190 php: sensitive information disclosure (MOPS-2010-047, MOPS-2010-048)
        https://bugzilla.redhat.com/show_bug.cgi?id=601897
  [ 2 ] Bug #605641 - CVE-2010-2225 PHP unsafe unserialize() use flaw
        https://bugzilla.redhat.com/show_bug.cgi?id=605641
  [ 3 ] Bug #617180 - CVE-2010-1914 php Zend Engine: Information leaks, memory corruption by interrupting certain opcode handlers (MOPS-2010-014, MOPS-2010-015, MOPS-2010-016)
        https://bugzilla.redhat.com/show_bug.cgi?id=617180
  [ 4 ] Bug #617211 - CVE-2010-1915 php: Memory leaks, use-after-free by quoting regular expression characters (MOPS-2010-017)
        https://bugzilla.redhat.com/show_bug.cgi?id=617211
  [ 5 ] Bug #617232 - CVE-2010-1917 php: Local stack exhaustion by matching certain filenames against a pattern (MOPS-2010-021)
        https://bugzilla.redhat.com/show_bug.cgi?id=617232
--------------------------------------------------------------------------------


================================================================================
 mingw32-nsis-2.46-1.fc13 (FEDORA-2010-12511)
 Nullsoft Scriptable Install System
--------------------------------------------------------------------------------
Update Information:

Update to NSIS 2.46, a bugfix release.
https://sourceforge.net/projects/nsis/files/NSIS%202/2.46/RELEASE.html/view
--------------------------------------------------------------------------------
ChangeLog:

* Wed Aug 11 2010 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> - 2.46-1
- Update to 2.46 (#544675)
--------------------------------------------------------------------------------


================================================================================
 nas-1.9.2-1.fc13 (FEDORA-2010-12533)
 The Network Audio System (NAS)
--------------------------------------------------------------------------------
ChangeLog:

* Mon Aug  9 2010 Petr Pisar <ppisar@xxxxxxxxxx> - 1.9.2-1
- 1.9.2 bump, update URL, Source0
- Remove spec code specific for Fedora < 12 and EPEL < 4 as they are
  unsupported now
- Apply nas-1.9.2-asneeded.patch to get libXau linked explicitly (bug #565181)
- Move AuErrorDB non-executable to share directory, distribute with libraries
- Unify spec file indentation
- Add postun action
* Sun Mar 14 2010 Frank Büttner <frank-buettner@xxxxxxx> - 1.9.1-7
- fix #565181
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #565181 - FTBFS nas-1.9.1-6.fc12: ImplicitDSOLinking
        https://bugzilla.redhat.com/show_bug.cgi?id=565181
--------------------------------------------------------------------------------


================================================================================
 perl-Geo-IPfree-1.1.0.1.6.5.0-1.fc13 (FEDORA-2010-12512)
 Look up the country of an IPv4 Address
--------------------------------------------------------------------------------
ChangeLog:

* Wed Aug 11 2010 Petr Pisar <ppisar@xxxxxxxxxx> - 1.1.0.1.6.5.0-1
- 1.101650 bump
- Experimental RPM-extensible version numbering
--------------------------------------------------------------------------------


================================================================================
 perl-libwhisker2-2.5-1.fc13 (FEDORA-2010-12539)
 Perl module geared specifically for HTTP testing
--------------------------------------------------------------------------------
ChangeLog:

* Wed Aug 11 2010 Petr Pisar <ppisar@xxxxxxxxxx> - 2.5-1
- 2.5 bump
- License changed from to 2-clause-BSD
- Remove optional Requires.
- Enable tests
- Distribute developer examples in `doc' subpackage
--------------------------------------------------------------------------------


================================================================================
 php-5.3.3-1.fc13 (FEDORA-2010-11481)
 PHP scripting language for creating dynamic web sites
--------------------------------------------------------------------------------
Update Information:

Update to PHP 5.3.3    Security Enhancements and Fixes in PHP 5.3.3:  * Rewrote
var_export() to use smart_str rather than output buffering, prevents data
disclosure if a fatal error occurs (CVE-2010-2531).  * Fixed a possible resource
destruction issues in shm_put_var().  * Fixed a possible information leak
because of interruption of XOR operator.  * Fixed a possible memory corruption
because of unexpected call-time pass by refernce and following memory clobbering
through callbacks.  * Fixed a possible memory corruption in
ArrayObject::uasort().  * Fixed a possible memory corruption in parse_str().  *
Fixed a possible memory corruption in pack().  * Fixed a possible memory
corruption in substr_replace().  * Fixed a possible memory corruption in
addcslashes().  * Fixed a possible stack exhaustion inside fnmatch().  * Fixed a
possible dechunking filter buffer overflow.  * Fixed a possible arbitrary memory
access inside sqlite extension.  * Fixed string format validation inside phar
extension.  * Fixed handling of session variable serialization on certain prefix
characters.  * Fixed a NULL pointer dereference when processing invalid XML-RPC
requests (Fixes CVE-2010-0397, bug #51288).  * Fixed SplObjectStorage
unserialization problems (CVE-2010-2225).  * Fixed possible buffer overflows in
mysqlnd_list_fields, mysqlnd_change_user.  * Fixed possible buffer overflows
when handling error packets in mysqlnd.    Full upstream Changelog:
http://www.php.net/ChangeLog-5.php#5.3.3
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jul 22 2010 Remi Collet <Fedora@xxxxxxxxxxxxxxxxx> 5.3.3-1
- PHP 5.3.3 released
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #601897 - CVE-2010-2190 php: sensitive information disclosure (MOPS-2010-047, MOPS-2010-048)
        https://bugzilla.redhat.com/show_bug.cgi?id=601897
  [ 2 ] Bug #605641 - CVE-2010-2225 PHP unsafe unserialize() use flaw
        https://bugzilla.redhat.com/show_bug.cgi?id=605641
  [ 3 ] Bug #617180 - CVE-2010-1914 php Zend Engine: Information leaks, memory corruption by interrupting certain opcode handlers (MOPS-2010-014, MOPS-2010-015, MOPS-2010-016)
        https://bugzilla.redhat.com/show_bug.cgi?id=617180
  [ 4 ] Bug #617211 - CVE-2010-1915 php: Memory leaks, use-after-free by quoting regular expression characters (MOPS-2010-017)
        https://bugzilla.redhat.com/show_bug.cgi?id=617211
  [ 5 ] Bug #617232 - CVE-2010-1917 php: Local stack exhaustion by matching certain filenames against a pattern (MOPS-2010-021)
        https://bugzilla.redhat.com/show_bug.cgi?id=617232
--------------------------------------------------------------------------------


================================================================================
 php-eaccelerator-0.9.6.1-2.fc13 (FEDORA-2010-11481)
 PHP accelerator, optimizer, encoder and dynamic content cacher
--------------------------------------------------------------------------------
Update Information:

Update to PHP 5.3.3    Security Enhancements and Fixes in PHP 5.3.3:  * Rewrote
var_export() to use smart_str rather than output buffering, prevents data
disclosure if a fatal error occurs (CVE-2010-2531).  * Fixed a possible resource
destruction issues in shm_put_var().  * Fixed a possible information leak
because of interruption of XOR operator.  * Fixed a possible memory corruption
because of unexpected call-time pass by refernce and following memory clobbering
through callbacks.  * Fixed a possible memory corruption in
ArrayObject::uasort().  * Fixed a possible memory corruption in parse_str().  *
Fixed a possible memory corruption in pack().  * Fixed a possible memory
corruption in substr_replace().  * Fixed a possible memory corruption in
addcslashes().  * Fixed a possible stack exhaustion inside fnmatch().  * Fixed a
possible dechunking filter buffer overflow.  * Fixed a possible arbitrary memory
access inside sqlite extension.  * Fixed string format validation inside phar
extension.  * Fixed handling of session variable serialization on certain prefix
characters.  * Fixed a NULL pointer dereference when processing invalid XML-RPC
requests (Fixes CVE-2010-0397, bug #51288).  * Fixed SplObjectStorage
unserialization problems (CVE-2010-2225).  * Fixed possible buffer overflows in
mysqlnd_list_fields, mysqlnd_change_user.  * Fixed possible buffer overflows
when handling error packets in mysqlnd.    Full upstream Changelog:
http://www.php.net/ChangeLog-5.php#5.3.3
--------------------------------------------------------------------------------
ChangeLog:

* Sun Aug  8 2010 Remi Collet <Fedora@xxxxxxxxxxxxxxxxx> - 1:0.9.6.1-2
- strong requires PHP version
- rebuild against php 5.3.3
* Sat Jul  3 2010 Remi Collet <Fedora@xxxxxxxxxxxxxxxxx> - 1:0.9.6.1-1
- update to 0.9.6.1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #601897 - CVE-2010-2190 php: sensitive information disclosure (MOPS-2010-047, MOPS-2010-048)
        https://bugzilla.redhat.com/show_bug.cgi?id=601897
  [ 2 ] Bug #605641 - CVE-2010-2225 PHP unsafe unserialize() use flaw
        https://bugzilla.redhat.com/show_bug.cgi?id=605641
  [ 3 ] Bug #617180 - CVE-2010-1914 php Zend Engine: Information leaks, memory corruption by interrupting certain opcode handlers (MOPS-2010-014, MOPS-2010-015, MOPS-2010-016)
        https://bugzilla.redhat.com/show_bug.cgi?id=617180
  [ 4 ] Bug #617211 - CVE-2010-1915 php: Memory leaks, use-after-free by quoting regular expression characters (MOPS-2010-017)
        https://bugzilla.redhat.com/show_bug.cgi?id=617211
  [ 5 ] Bug #617232 - CVE-2010-1917 php: Local stack exhaustion by matching certain filenames against a pattern (MOPS-2010-021)
        https://bugzilla.redhat.com/show_bug.cgi?id=617232
--------------------------------------------------------------------------------


================================================================================
 php-pecl-xdebug-2.1.0-1.fc13 (FEDORA-2010-12532)
 PECL package for debugging PHP scripts
--------------------------------------------------------------------------------
Update Information:

New upstream version.    This shoudl fix PHP 5.3 compatibility.    Full
changelog:  http://pecl.php.net/package-changelog.php?package=xdebug
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 29 2010 Remi Collet <Fedora@xxxxxxxxxxxxxxxxx> - 2.1.0-1
- update to 2.1.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #550174 - Xdebug 2.0.5 does not return variable values to the debugger application
        https://bugzilla.redhat.com/show_bug.cgi?id=550174
  [ 2 ] Bug #585414 - [abrt] crash in php-cli-5.3.2-1.fc12: Process /usr/bin/php was killed by signal 11 (SIGSEGV)
        https://bugzilla.redhat.com/show_bug.cgi?id=585414
--------------------------------------------------------------------------------


================================================================================
 pidgin-2.7.3-1.fc13 (FEDORA-2010-12525)
 A Gtk+ based multiprotocol instant messaging client
--------------------------------------------------------------------------------
Update Information:

New release 2.7.3    Full Upstream ChangeLog:
http://developer.pidgin.im/wiki/ChangeLog
--------------------------------------------------------------------------------
ChangeLog:

* Wed Aug 11 2010 Stu Tomlinson <stu@xxxxxxxxxxxxx> 2.7.3-1
- 2.7.3
--------------------------------------------------------------------------------


================================================================================
 rubygem-cucumber-0.8.5-4.fc13 (FEDORA-2010-12505)
 Tool to execute plain-text documents as functional tests
--------------------------------------------------------------------------------
Update Information:

Fixed JSON version Updated to latest version
--------------------------------------------------------------------------------
ChangeLog:

* Wed Aug  4 2010 Michal Fojtik <mfojtik@xxxxxxxxxx> - 0.8.3-4
- Fixed JSON version
* Wed Aug  4 2010 Michal Fojtik <mfojtik@xxxxxxxxxx> - 0.8.3-3
- Removed JSON patch (JSON updated in Fedora)
* Sun Aug  1 2010 Michal Fojtik <mfojtik@xxxxxxxxxx> - 0.8.3-2
- Patched Rakefile and replaced rspec beta version dependency
- Patched Rakefile and downgraded JSON dependency
* Wed Jun 30 2010 Michal Fojtik <mfojtik@xxxxxxxxxx> - 0.8.3-1
- Newer release
* Sun Oct 18 2009 Lubomir Rintel (Good Data) <lubo.rintel@xxxxxxxxxxxx> - 0.4.2-1
- Newer release
--------------------------------------------------------------------------------


================================================================================
 samba-3.5.4-63.fc13 (FEDORA-2010-12520)
 Server and Client software to interoperate with Windows machines
--------------------------------------------------------------------------------
ChangeLog:

* Tue Aug 10 2010 Guenther Deschner <gdeschner@xxxxxxxxxx> - 3.5.4-63
- Fix winbind secure channel (samlogonex)
--------------------------------------------------------------------------------


================================================================================
 system-config-firewall-1.2.27-1.fc13 (FEDORA-2010-12519)
 A graphical interface for basic firewall setup
--------------------------------------------------------------------------------
Update Information:

- added libvirt services (rhbz#565625)  - added Bakula service (rhbz#588377)  -
fixed DBUS mechanism to report complete syslog message (rhbz#604623)  - fixed
crash because of missing /etc/services file (rhbz#604726)  - updated
translations: ar, as, bn_IN, da, de, es, fi, fr, gu, he, hi, is, it,
ja, kn, ko, ml, mr, nl, or, pa, pl, pt, ru, ta, te,
zh_CN  - updated translations: bn_IN, de, fi, fr, gu, hi, it, ja, kn, ko, ml,
mr, or,                           pt_BR, ru, ta, te, zh_CN, zh_TW
--------------------------------------------------------------------------------
ChangeLog:

* Tue Aug 10 2010 Thomas Woerner <twoerner@xxxxxxxxxx> 1.2.27-1
- updated translations: bn_IN, de, fi, fr, gu, hi, it, ja, kn, ko, ml, mr, or,
                        pt_BR, ru, ta, te, zh_CN, zh_TW
* Tue Jun 29 2010 Thomas Woerner <twoerner@xxxxxxxxxx> 1.2.26-1
- added libvirt services (rhbz#565625)
- added Bakula service (rhbz#588377)
- fixed DBUS mechanism to report complete syslog message (rhbz#604623)
- fixed crash because of missing /etc/services file (rhbz#604726)
- updated translations: ar, as, bn_IN, da, de, es, fi, fr, gu, he, hi, is, it,
                        ja, kn, ko, ml, mr, nl, or, pa, pl, pt, ru, ta, te, 
                        zh_CN
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #603099 - [abrt] crash in system-config-firewall-1.2.25-1.fc13: etc_services.py:74:load:IOError: [Errno 2] Aucun fichier ou dossier de ce type: '/etc/services'
        https://bugzilla.redhat.com/show_bug.cgi?id=603099
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe: 
https://admin.fedoraproject.org/mailman/listinfo/test



[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux