The following Fedora 12 Security updates need testing:
https://admin.fedoraproject.org
/updates/roundup-1.4.15-1.fc12 https://admin.fedoraproject.org
/updates/libmspack-0.2-0.1.20100723alpha.fc12,cabextract-1.3-1.fc12 https://admin.fedoraproject.org
/updates/lib3ds-1.3.0-9.fc12 https://admin.fedoraproject.org
/updates/ghostscript-8.71-16.fc12 https://admin.fedoraproject.org
/updates/mailman-2.1.12-10.fc12 https://admin.fedoraproject.org
/updates/php-nusoap-0.9.5-1.fc12 https://admin.fedoraproject.org
/updates/openldap-2.4.19-6.fc12 https://admin.fedoraproject.org
/updates/sudo-1.7.4p4-2.fc12 https://admin.fedoraproject.org
/updates/gif2png-2.5.1-1202.fc12 https://admin.fedoraproject.org
/updates/php-pecl-apc-3.1.4-2.fc12 https://admin.fedoraproject.org
/updates/lvm2-2.02.72-4.fc12
The following Fedora 12 Critical Path updates have yet to be approved:
The following builds have been pushed to Fedora 12 updates-testing
amarok-2.3.2-2.fc12
awn-extras-applets-0.4.0-22.fc12
chatzilla-0.9.86-2.1285hg.fc12
cricscore-applet-1.1.0.3-2.fc12
cups-1.4.4-9.fc12
frepple-0.8.1-1.fc12
fuse-convmvfs-0.2.6-1.fc12
ganyremote-5.11.7-1.fc12
ghc-deepseq-1.1.0.0-1.fc12
ibus-fbterm-0.9.1-9.fc12
iodine-0.6.0-0.rc1.4.fc12
kanyremote-5.11.9-1.fc12
libucil-0.9.8-3.fc12
mock-1.0.12-1.fc12
mod_nss-1.0.8-7.fc12
newsbeuter-2.3-1.fc12
opencc-0.1.2-1.fc12
php-pear-Crypt-CHAP-1.5.0-1.fc12
php-pecl-apc-3.1.4-2.fc12
pulseaudio-equalizer-2.7-3.fc12
python-werkzeug-0.6.2-2.fc12
rtpproxy-1.2.1-2.fc12
sudo-1.7.4p4-2.fc12
vidalia-0.2.10-1.fc12
Details about builds:
================================================================================
amarok-2.3.2-2.fc12 (FEDORA-2010-15042)
Media player
--------------------------------------------------------------------------------
Update Information:
Update to amarok 2.3.2 Moonshine.
http://amarok.kde.org/en/releases/2.3.2
Fixed bugs:
* Fixed incorrect size of the VideoClip applet. (BR 247097)
* Comments embedded in files that contained newlines or tabs could be skipped entirely. (BR 223502)
* The equalizer dialog did not discard changes when clicking "Cancel". Patch by Anton Gritsay <anton@xxxxxxxx>. (BR 242730)
* The Last.fm service did not work without KWallet. (BR 235861)
* Show actual KDE version in the "About Amarok" dialog, instead of the version used at compile time.
* Fixed a crash when trying to save a playlist to a file where the format of the playlist was unknown. (BR 246168)
* Also use podcast channel image for downloaded episodes. (BR 229391)
* Collection directories that were symlinks could end up storing the wrong absolute path, causing those files to be removed during incremental scans.
* Fixed playlist tooltips not showing up, even when enabled in the playlist layout (BR 249086)
* Fixed potential crashes related to Applet loading. (BR 246756)
* Fixed possible crash in Labels Applet when playing new track. (BR 248538)
* Fixed incorrect layout of applets on startup.
* Fixed Collection Browser not properly updating after a full rescan, necessitating Amarok to be closed and reopened. Fixes various bugs. (BR 172542)
* Fixed cover found dialog closing when download failed or is cancelled.
* Fixed failure when fetching cddb info for audio CDs in localized Amarok.
* Fixed expanding items in collection browser by double-click, in double-click mode.
* Fixed crash when adding new folders repeatedly in podcast/saved playlist browsers.
* Fixed context menu actions acting on wrong indices in the playlist browser.
* Fixed incorrect text about "rpath" argument to collection scanner. (BR 236076)
* Fixed emission of MPRIS StatusChange signal when switching into or out of random mode.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 20 2010 Thomas Janssen <thomasj@xxxxxxxxxxxxxxxxx> 2.3.2-2
- added patch to fix BPM tags in flac
* Thu Sep 16 2010 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 2.3.2-1
- amarok-2.3.2
* Thu Sep 16 2010 Dan HorÃk <dan[at]danny.cz> - 2.3.1.90-3
- no libgpod on s390(x)
* Mon Aug 16 2010 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 2.3.1.90-2
- fix/patch installation of amarok handbooks
* Mon Aug 16 2010 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 2.3.1.90-1
- amarok-2.3.1.90 (2.3.2 beta1)
--------------------------------------------------------------------------------
================================================================================
awn-extras-applets-0.4.0-22.fc12 (FEDORA-2010-14990)
Extras applets for avant window navigator
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 17 2010 leigh scott <leigh123linux@xxxxxxxxxxxxxx> - 0.4.0-22
- apply upstream fix for cairo-menu (Bz 601616)
* Tue Sep 14 2010 leigh scott <leigh123linux@xxxxxxxxxxxxxx> - 0.4.0-21
- apply upstream fix for mail applet (Bz 591211)
* Mon Sep 13 2010 leigh scott <leigh123linux@xxxxxxxxxxxxxx> - 0.4.0-20
- apply upstream fix for dialect applet (Bz 607132)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #601616 - [abrt] crash in avant-window-navigator-0.4.0-1.fc13: g_assertion_message: Process /usr/bin/awn-applet was killed by signal 6 (SIGABRT)
https://bugzilla.redhat.com/show_bug.cgi?id=601616
[ 2 ] Bug #607132 - [abrt] crash in awn-extras-applets-0.4.0-16.fc13: dialect.py:359:get_layout:TypeError: Required argument 'flags' (pos 1) not found
https://bugzilla.redhat.com/show_bug.cgi?id=607132
[ 3 ] Bug #591211 - [abrt] crash in awn-extras-applets-0.4.0-5.fc13: awnlib.py:995:__getAttrs:BadArgumentsError
https://bugzilla.redhat.com/show_bug.cgi?id=591211
--------------------------------------------------------------------------------
================================================================================
chatzilla-0.9.86-2.1285hg.fc12 (FEDORA-2010-14997)
Standalone Mozilla IRC Client, no browsers attached
--------------------------------------------------------------------------------
Update Information:
Please test if you see cZ icon on all dialogs such as Extension Manager, Javascript Console ...etc
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
cricscore-applet-1.1.0.3-2.fc12 (FEDORA-2010-14991)
A cricket score applet for GNOME
--------------------------------------------------------------------------------
ChangeLog:
* Sun Sep 19 2010 Arun SAG <sagarun [AT] gmail dot com> - 1.1.0.3-2
- Disabled generation of debug info package to fix #546686
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #592064 - cricscore-applet-debuginfo is empty
https://bugzilla.redhat.com/show_bug.cgi?id=592064
--------------------------------------------------------------------------------
================================================================================
cups-1.4.4-9.fc12 (FEDORA-2010-15018)
Common Unix Printing System
--------------------------------------------------------------------------------
Update Information:
This update fixes thread-safety issues in the libcups library by once again compiling it with threading support. This has been disabled due to a problem with thread-safety in libgcrypt, used by gnutls. In order to continue to use gnutls, CUPS has been modified to perform its own locking rather than rely on the unreliable locking model provided by libgcrypt.
Additionally some other small fixes have been included.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 17 2010 Tim Waugh <twaugh@xxxxxxxxxx> 1:1.4.4-9
- Perform locking for gnutls and avoid libgcrypt's broken
locking (bug #607159).
* Wed Sep 15 2010 Tim Waugh <twaugh@xxxxxxxxxx> 1:1.4.4-8
- Build with --enable-threads again (bug #607159).
- Force the use of gnutls despite thread-safety concerns (bug #607159).
- Fixed serverbin-compat patch to avoid misleading "filter not
available" messages (bug #633779).
* Fri Aug 20 2010 Tim Waugh <twaugh@xxxxxxxxxx> 1:1.4.4-7
- Use better upstream fix for STR #3608 (bug #606909).
* Tue Aug 3 2010 Tim Waugh <twaugh@xxxxxxxxxx> 1:1.4.4-6
- Specify udevadm trigger action in initscript (bug #623959).
- Build requires gnutls-devel not openssl-devel.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #612996 - Init script usage: Missing restartlog
https://bugzilla.redhat.com/show_bug.cgi?id=612996
[ 2 ] Bug #583054 - Any interaction with CUPS server takes over minute
https://bugzilla.redhat.com/show_bug.cgi?id=583054
[ 3 ] Bug #623969 - Unable to create user :Pulp-admin
https://bugzilla.redhat.com/show_bug.cgi?id=623969
[ 4 ] Bug #606909 - [abrt] crash in system-config-printer-1.2.2-4.fc13: monitor.py:421:get_notifications:KeyError: 'notify-job-id'
https://bugzilla.redhat.com/show_bug.cgi?id=606909
[ 5 ] Bug #633779 - "Filter /usr/lib64/cups/filter/foomatic-rip not available" misleading
https://bugzilla.redhat.com/show_bug.cgi?id=633779
[ 6 ] Bug #607159 - Continuing libgcrypt threading issue
https://bugzilla.redhat.com/show_bug.cgi?id=607159
--------------------------------------------------------------------------------
================================================================================
frepple-0.8.1-1.fc12 (FEDORA-2010-15019)
Free Production Planning Library
--------------------------------------------------------------------------------
Update Information:
New upstream release 0.8.1
--------------------------------------------------------------------------------
ChangeLog:
* Sat Sep 18 2010 Johan De Taeye <jdetaeye@xxxxxxxxxxxxxxxxxxxxx> 0.8.1-1
- New upstream release
--------------------------------------------------------------------------------
================================================================================
fuse-convmvfs-0.2.6-1.fc12 (FEDORA-2010-15036)
FUSE-Filesystem to convert filesystem encodings
--------------------------------------------------------------------------------
ChangeLog:
* Sun Sep 19 2010 ZC Miao <hellwolf.misty@xxxxxxxxx> - 0.2.6-1
- Update to 0.2.6
--------------------------------------------------------------------------------
================================================================================
ganyremote-5.11.7-1.fc12 (FEDORA-2010-14999)
GTK frontend for anyRemote
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 17 2010 Mikhail Fedotov <anyremote at mail.ru> - 5.11.7
- Slovak translation updated
* Wed Aug 4 2010 Mikhail Fedotov <anyremote at mail.ru> - 5.11.6
- Fixed RedHat bugzilla bug 622589, do not use /sbin/ip if it absent
--------------------------------------------------------------------------------
================================================================================
ghc-deepseq-1.1.0.0-1.fc12 (FEDORA-2010-15009)
Haskell library to fully evaluate data structures
--------------------------------------------------------------------------------
Update Information:
Backport package from F13.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #576482 - Review Request: ghc-deepseq - Haskell library to fully evaluate data structures
https://bugzilla.redhat.com/show_bug.cgi?id=576482
--------------------------------------------------------------------------------
================================================================================
ibus-fbterm-0.9.1-9.fc12 (FEDORA-2010-15020)
IBus front-end for fbterm
--------------------------------------------------------------------------------
Update Information:
Rebuild for ibus-1.3 on f12.
Rebuild with ibus-1.3.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 20 2010 Ding-Yi Chen <dchen at redhat.com> - 0.9.1-9
- Rebuild for F-12 to resolve unresolved deps: libibus.so.1
--------------------------------------------------------------------------------
================================================================================
iodine-0.6.0-0.rc1.4.fc12 (FEDORA-2010-14984)
Solution to tunnel IPv4 data through a DNS server
--------------------------------------------------------------------------------
Update Information:
Initial import iodine into Fedora/EPEL
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #530747 - Review Request: iodine - Solution to tunnel IPv4 data through a DNS server
https://bugzilla.redhat.com/show_bug.cgi?id=530747
--------------------------------------------------------------------------------
================================================================================
kanyremote-5.11.9-1.fc12 (FEDORA-2010-14992)
KDE frontend for anyRemote
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 17 2010 Mikhail Fedotov <anyremote at mail.ru> - 5.11.9
- Slovak translation updated
* Wed Aug 4 2010 Mikhail Fedotov <anyremote at mail.ru> - 5.11.8
- Do not use /sbin/ip if it absent
--------------------------------------------------------------------------------
================================================================================
libucil-0.9.8-3.fc12 (FEDORA-2010-15034)
Library to render text and graphic overlays onto video images
--------------------------------------------------------------------------------
Update Information:
Fixed some crasher bugs.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Sep 19 2010 Kamil Dudka <kdudka@xxxxxxxxxx> 0.9.8-3
- fix SIGSEGV in ucil_theora_encode_thread (#627161)
- check return value of theora_encode_init() (#627890)
- upstream patch for #632439
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #627161 - [abrt] ucview-0.31-1.fc13: memcpy: Process /usr/bin/ucview was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=627161
[ 2 ] Bug #627890 - [abrt] ucview-0.31-1.fc13: theora_encode_header: Process /usr/bin/ucview was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=627890
[ 3 ] Bug #627695 - [abrt] ucview-0.31-1.fc13: raise: Process /usr/bin/ucview was killed by signal 6 (SIGABRT)
https://bugzilla.redhat.com/show_bug.cgi?id=627695
--------------------------------------------------------------------------------
================================================================================
mock-1.0.12-1.fc12 (FEDORA-2010-15005)
Builds packages inside chroots
--------------------------------------------------------------------------------
Update Information:
create empty /var/log/{last,fail}log in chroot rather than copy in possible large sparse file from host filesystem
make sure that both --spec and --sources are specified when the --buildsrpm option is used
use rpm module function compareEVR to compare kernel versions (string comparison doesn't work).
change selinux plugin to use tmp directory for faux /proc/filesystems file, rather than cachedir (which may not exist)
fix a typo in exception.py
Added Alan Franzoni's umountall modifications
- run update after unpacking root cache
- clean up noarch builds
- fix selinux plugin issue
- fix repeated calls to umount
- clean up i585 target fix
Many bug fixes since mock 1.1.1 and new SELinux plugin which disables SELinux inside the chroot, irregardless of the host system SELinux state.
added --unpriv mode to --shell
remove rpmdb cache to to work around yum issue
remove rpmdb cache to to work around yum issue
Many bug fixes since mock 1.1.1 and new SELinux plugin which disables SELinux inside the chroot, irregardless of the host system SELinux state.
added --unpriv mode to --shell
remove rpmdb cache to to work around yum issue
remove rpmdb cache to to work around yum issue
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 17 2010 Clark Williams <williams@xxxxxxxxxx> - 1.0.12-1
- add cmpKernelEVR function to compare kernel versions (BZ# 526414)
- added commandline argument checking for --buildsrpm (BZ# 605800)
- create empty faillog and lastlog in <chroot>/var/log (BZ# 585973 & 633435)
- changed copyin/copyout prints from debug to info
- from Alan Franzoni <mailing@xxxxxxxxxxx>:
- reworked the root object _umountall() method
- fix epel4 chroot cleanup and umountall issue
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #585973 - root cache fails to untar with <fail|last>log
https://bugzilla.redhat.com/show_bug.cgi?id=585973
[ 2 ] Bug #633435 - /var/log/lastlog and /var/log/faillog included in cache.tar.gz
https://bugzilla.redhat.com/show_bug.cgi?id=633435
[ 3 ] Bug #605800 - TypeError when using --buildsrpm
https://bugzilla.redhat.com/show_bug.cgi?id=605800
[ 4 ] Bug #526414 - missing /dev/fd symlink causes some mock builds using it to fail
https://bugzilla.redhat.com/show_bug.cgi?id=526414
[ 5 ] Bug #622170 - Latest architecture patches broke noarch builds
https://bugzilla.redhat.com/show_bug.cgi?id=622170
[ 6 ] Bug #614440 - [PATCH] Get mock to turn off selinux within the chroot
https://bugzilla.redhat.com/show_bug.cgi?id=614440
[ 7 ] Bug #622544 - i586 target no more possible
https://bugzilla.redhat.com/show_bug.cgi?id=622544
[ 8 ] Bug #557526 - mock no longer runs yum update after unpacking root
https://bugzilla.redhat.com/show_bug.cgi?id=557526
[ 9 ] Bug #620143 - ERROR: pop from empty list
https://bugzilla.redhat.com/show_bug.cgi?id=620143
[ 10 ] Bug #620825 - Unmounts filesystems in wrong order, gives traceback
https://bugzilla.redhat.com/show_bug.cgi?id=620825
[ 11 ] Bug #619819 - Please ship fedora-14-*.cfg
https://bugzilla.redhat.com/show_bug.cgi?id=619819
[ 12 ] Bug #510409 - Mock not building SRPM
https://bugzilla.redhat.com/show_bug.cgi?id=510409
[ 13 ] Bug #600487 - site-defaults.cfg cites defaults.cfg fix
https://bugzilla.redhat.com/show_bug.cgi?id=600487
[ 14 ] Bug #607144 - mock -r epel-5-x86_64 --rebuild X.src.rpm is not working (dependencies problems?)
https://bugzilla.redhat.com/show_bug.cgi?id=607144
[ 15 ] Bug #570434 - 'man mock' does not tell user to add him or herself to group 'mock'
https://bugzilla.redhat.com/show_bug.cgi?id=570434
[ 16 ] Bug #450726 - No way to clean mock cache directory
https://bugzilla.redhat.com/show_bug.cgi?id=450726
[ 17 ] Bug #516355 - newest mock not working on RHEL5
https://bugzilla.redhat.com/show_bug.cgi?id=516355
[ 18 ] Bug #486555 - Need to be able to clean/disable yum cache
https://bugzilla.redhat.com/show_bug.cgi?id=486555
[ 19 ] Bug #522505 - --unpriv only works with --chroot
https://bugzilla.redhat.com/show_bug.cgi?id=522505
[ 20 ] Bug #593654 - mock/yum: IndexError: list index out of range
https://bugzilla.redhat.com/show_bug.cgi?id=593654
--------------------------------------------------------------------------------
================================================================================
mod_nss-1.0.8-7.fc12 (FEDORA-2010-14985)
SSL/TLS module for the Apache HTTP server
--------------------------------------------------------------------------------
Update Information:
Use remote hostname set by mod_proxy to compare to CN in peer cert
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 17 2010 Rob Crittenden <rcritten@xxxxxxxxxx> - 1.0.8-7
- Fix hang when handling large POST under some conditions (#620856)
- Remove file requires on libnssckbi.so (requested by svidal)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #620856 - Large POST may cause loop in mod_nss
https://bugzilla.redhat.com/show_bug.cgi?id=620856
[ 2 ] Bug #591224 - proxy_http doesn't set the hostname when doing reverse proxy
https://bugzilla.redhat.com/show_bug.cgi?id=591224
--------------------------------------------------------------------------------
================================================================================
newsbeuter-2.3-1.fc12 (FEDORA-2010-15029)
Configurable text-based feed reader
--------------------------------------------------------------------------------
Update Information:
Fixed HTML rendering of bold and underline text when light background is configured.
Fixed issues #192, #194, #197, #198, #199, #200, #201, #202, #210, #216.
Made newsbeuter silent on lockfile errors when '-x' option is used.
Fixed Google Reader authentication (by Seth Mason)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 20 2010 Thomas Janssen <thomasj@xxxxxxxxxxxxxxxxx> 2.3-1
- update to 2.3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #634981 - Google reader backend doesn't work
https://bugzilla.redhat.com/show_bug.cgi?id=634981
--------------------------------------------------------------------------------
================================================================================
opencc-0.1.2-1.fc12 (FEDORA-2010-14994)
Libraries for Simplified-Traditional Chinese Conversion
--------------------------------------------------------------------------------
Update Information:
New upstream release.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 17 2010 BYVoid <byvoid.kcp@xxxxxxxxx> - 0.1.2-1
- Upstream release.
* Thu Aug 12 2010 BYVoid <byvoid.kcp@xxxxxxxxx> - 0.1.1-1
- Upstream release.
--------------------------------------------------------------------------------
================================================================================
php-pear-Crypt-CHAP-1.5.0-1.fc12 (FEDORA-2010-15025)
Class to generate CHAP packets
--------------------------------------------------------------------------------
Update Information:
Despite the big version jump, this update only restore lost features : switch from mhash extention (deprecated and removed in php 5.3) to hash extension (available since php 5.1)
* http://pear.php.net/bugs/17828 mhash is deprecated, please switch to hash
* http://pear.php.net/bugs/17827 Please change the chaptest to a true phpt
--------------------------------------------------------------------------------
ChangeLog:
* Sun Sep 19 2010 Remi Collet <Fedora@xxxxxxxxxxxxxxxxx> - 1.5.0-1
- upstream 1.5.0 with patches merged
- clean define
- set date.timezone during build
- review desc. (remove ref to mhash)
- run tests during %check
--------------------------------------------------------------------------------
================================================================================
php-pecl-apc-3.1.4-2.fc12 (FEDORA-2010-15004)
APC caches and optimizes PHP intermediate code
--------------------------------------------------------------------------------
Update Information:
Upstream Changelog for Version 3.1.4 - API 3.1.0 (beta)
* Renamed the memory protection configure option to --enable-apc-memprotect (Kalle, Shire)
* ZTS fixes and optimizations (Kalle, Felipe)
* Added support for interned strings, run-time caches and Zend Engine 2.4 (Dmitry)
* Added apc_exists() (Rasmus)
* Fixed potential XSS in apc.php (Pierre, Matt Chapman)
* Fixed pecl bug #17597 (keys with embedded NUL) (Gopal)
* Fixed pecl bug #17650 (Fix goto jump offsets) (Gopal)
* Fixed pecl bug #17527 (Standardized error reporting) (Gopal, Paul Dragoonis)
* Fixed pecl bug #17089 (Scrub the constant table of all inherited members before caching) (Gopal)
* Fixed pecl bug #16860 (files can be included more than once even when include/require_once are used) (Pierre)
* Fixed pecl bug #16717 (apc_fetch dies after 1 hour, regardless of ttl settings) (Kalle)
* Fixed pecl bug #17597 (apc user cache keys with embedded NULs) (Gopal)
* Fixed pecl bug #13583 (apc upload progress fixes) (Gopal)
Improves default configuration file provided.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Aug 8 2010 Remi Collet <Fedora@xxxxxxxxxxxxxxxxx> - 3.1.4-2
- fix default value for apc.shm_size (need M suffixes)
* Thu Aug 5 2010 Remi Collet <Fedora@xxxxxxxxxxxxxxxxx> - 3.1.4-1
- update to Version 3.1.4 (beta) - API 3.1.0 (beta)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #634334 - CVE-2010-3294 php-pecl-apc: potential XSS in apc.php
https://bugzilla.redhat.com/show_bug.cgi?id=634334
--------------------------------------------------------------------------------
================================================================================
pulseaudio-equalizer-2.7-3.fc12 (FEDORA-2010-14983)
A 15 Bands Equalizer for PulseAudio
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 20 2010 Hicham HAOUARI <hicham.haouari@xxxxxxxxx> - 2.7-3
- Force default equalizer persistence value, fixes rhbz #635400
* Wed Sep 15 2010 Hicham HAOUARI <hicham.haouari@xxxxxxxxx> - 2.7-2
- Fix rhbz #632940
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #635400 - [abrt] pulseaudio-equalizer-2.7-1.fc13: pulseaudio-equalizer.py:62:GetSettings:ValueError: invalid literal for int() with base 10: ''
https://bugzilla.redhat.com/show_bug.cgi?id=635400
--------------------------------------------------------------------------------
================================================================================
python-werkzeug-0.6.2-2.fc12 (FEDORA-2010-14981)
The Swiss Army knife of Python web development
--------------------------------------------------------------------------------
Update Information:
update to 0.6.2 of Werkzeug
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 22 2010 David Malcolm <dmalcolm@xxxxxxxxxx> - 0.6.2-2
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
* Sun May 23 2010 Peter Halliday <phalliday@xxxxxxxxxxxxxxxxxxxx> - 0.6.2-1
- Updating because upstream release of Werkzeug 0.6.2
--------------------------------------------------------------------------------
================================================================================
rtpproxy-1.2.1-2.fc12 (FEDORA-2010-15001)
A symmetric RTP proxy
--------------------------------------------------------------------------------
Update Information:
Allow group users to write to controlling UNIX-socket.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Sep 19 2010 Peter Lemenkov <lemenkov@xxxxxxxxx> - 1.2.1-2
- Allow group users to write to controlling UNIX-socket (rhbz #626863)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #626863 - Rtpproxy control socket gets erroneous default permissions
https://bugzilla.redhat.com/show_bug.cgi?id=626863
--------------------------------------------------------------------------------
================================================================================
sudo-1.7.4p4-2.fc12 (FEDORA-2010-14996)
Allows restricted root access for specified users
--------------------------------------------------------------------------------
Update Information:
- reset $HOME when the `-i' option is used
- update to new upstream version
- sudo now uses /var/db/sudo for timestamps
- new command available: sudoreplay
- use native audit support
- corrected license field value: BSD -> ISC
- added env_keep += HOME (see rhbz#614025) for backwards compatibility
- added Defaults !visiblepw
- fixes CVE-2010-2956
- use_pty option can be used to avoid the issue reported in #479145
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 20 2010 Daniel Kopecek <dkopecek@xxxxxxxxxx> - 1.7.4p4-2
- added patch for #635250
* Wed Sep 8 2010 Daniel Kopecek <dkopecek@xxxxxxxxxx> - 1.7.4p4-1
- update to new upstream version
- sudo now uses /var/db/sudo for timestamps
- new command available: sudoreplay
- use native audit support
- corrected license field value: BSD -> ISC
- added env_keep += HOME (see rhbz#614025) for
backwards compatibility
- added Defaults !visiblepw
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #628628 - CVE-2010-2956 sudo: incorrect handling of RunAs specification with both user and group lists
https://bugzilla.redhat.com/show_bug.cgi?id=628628
--------------------------------------------------------------------------------
================================================================================
vidalia-0.2.10-1.fc12 (FEDORA-2010-15041)
GUI controller for the Tor Onion Routing Network
--------------------------------------------------------------------------------
Update Information:
New upstream release.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 17 2010 Chen Lei <supercyper@xxxxxxx> - 0.2.10-1
- New upstream release
--------------------------------------------------------------------------------
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
