The following Fedora 14 Security updates need testing:
https://admin.fedoraproject.org
/updates/roundup-1.4.15-1.fc14 https://admin.fedoraproject.org
/updates/ghostscript-8.71-16.fc14 https://admin.fedoraproject.org
/updates/xorg-x11-server-1.9.0-9.fc14 https://admin.fedoraproject.org
/updates/lib3ds-1.3.0-9.fc14 https://admin.fedoraproject.org
/updates/php-nusoap-0.9.5-1.fc14 https://admin.fedoraproject.org
/updates/mailman-2.1.13-6.fc14 https://admin.fedoraproject.org
/updates/cabextract-1.3-1.fc14,libmspack-0.2-0.1.20100723alpha.fc14 https://admin.fedoraproject.org
/updates/exim-4.72-2.fc14 https://admin.fedoraproject.org
/updates/pam_mount-2.5-1.fc14,libHX-3.6-1.fc14 https://admin.fedoraproject.org
/updates/mantis-1.1.8-4.fc14
The following Fedora 14 Critical Path updates have yet to be approved:
The following builds have been pushed to Fedora 14 updates-testing
arduino-0019-6.fc14
bzr-2.2.1-2.fc14
dbusmenu-qt-0.6.3-1.fc14
gedit-vala-0.10.2-1.fc14
grep-2.7-1.fc14
iproute-2.6.35-3.fc14
livecd-tools-034-10.fc14
mantis-1.1.8-4.fc14
maven2-2.2.1-13.fc14
mpi4py-1.2.2-1.fc14
mutt-1.5.21-1.fc14
olpc-utils-1.2.1-1.fc14
pinfo-0.6.10-1.fc14
rubygem-test-unit-2.1.1-2.fc14
squashfs-tools-4.1-1.fc14
thunderbird-3.1.4-1.fc14
upstart-0.6.5-9.fc14
Details about builds:
================================================================================
arduino-0019-6.fc14 (FEDORA-2010-15058)
An IDE for Arduino-compatible electronics prototyping platforms
--------------------------------------------------------------------------------
Update Information:
An IDE for Arduino-compatible electronics prototyping platforms
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #631558 - Review Request: arduino - An IDE for Arduino-compatible electronics prototyping platforms
https://bugzilla.redhat.com/show_bug.cgi?id=631558
--------------------------------------------------------------------------------
================================================================================
bzr-2.2.1-2.fc14 (FEDORA-2010-15062)
Friendly distributed version control system
--------------------------------------------------------------------------------
Update Information:
Upstream 2.2.1 bugfix release fixing numerous stability and
compatibility issues. In addition fixes Python-2.7 backtrace
when accessing lp: branches.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 21 2010 Henrik Nordstrom <henrik@xxxxxxxxxxxxxxxxxxx> - 2.2.1-2
- Backport bzr.dev rev 5439 change fixing lp: branch references
(Toshio Kuratomi)
* Tue Sep 21 2010 Henrik Nordstrom <henrik@xxxxxxxxxxxxxxxxxxx> - 2.2.1-1
- Upstream 2.2.1 bugfix release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #622552 - Python 2.7 xmlrpclib breaks bzr due to API change
https://bugzilla.redhat.com/show_bug.cgi?id=622552
--------------------------------------------------------------------------------
================================================================================
dbusmenu-qt-0.6.3-1.fc14 (FEDORA-2010-15057)
A Qt implementation of the DBusMenu protocol
--------------------------------------------------------------------------------
Update Information:
Latest upstream release, includes kubuntu_external_contributors patch.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 21 2010 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.6.3-1
- dbusmenu-qt-0.6.3
- include kubuntu_00_external_contributions.diff
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #626096 - dbusmenu-qt : Memory leak
https://bugzilla.redhat.com/show_bug.cgi?id=626096
--------------------------------------------------------------------------------
================================================================================
gedit-vala-0.10.2-1.fc14 (FEDORA-2010-15055)
Vala Toys for gEdit
--------------------------------------------------------------------------------
Update Information:
Improved file editing support -- see http://code.google.com/p/vtg/issues/detail?id=155 for details
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 21 2010 Michel Salim <salimma@xxxxxxxxxxxxxxxxx> - 0.10.2-1
- Update to 0.10.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #634087 - GEdit crashes when editing vala files
https://bugzilla.redhat.com/show_bug.cgi?id=634087
--------------------------------------------------------------------------------
================================================================================
grep-2.7-1.fc14 (FEDORA-2010-15065)
Pattern matching utilities
--------------------------------------------------------------------------------
Update Information:
This release fixes a few bugs and includes two new features - diagnosis of commonly mistyped regular expressions such [:space:], [:digit:], etc. and support for equivalence classes on systems using glibc (whether they actually work depends on glibc's locale definitions). For original release info please see: https://savannah.gnu.org/forum/forum.php?forum_id=6521
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 21 2010 Jaroslav Åkarvada <jskarvad@xxxxxxxxxx> - 2.7-1
- New version: grep-2.7
- Removed patches (already in upstream): dfa-optimize-period,
glibc-matcher-fallback, mmap-option-fix, dfa-convert-to-wide-char,
dfa-speedup-digit-xdigit
--------------------------------------------------------------------------------
================================================================================
iproute-2.6.35-3.fc14 (FEDORA-2010-15059)
Advanced IP routing and network device configuration tools
--------------------------------------------------------------------------------
Update Information:
Don't print negative metrics fix
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 21 2010 Petr Sabata <psabata@xxxxxxxxxx> - 2.6.35-3
- Don't print routes with negative metric fix, rhbz#628739
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #628739 - routes with negative metric
https://bugzilla.redhat.com/show_bug.cgi?id=628739
--------------------------------------------------------------------------------
================================================================================
livecd-tools-034-10.fc14 (FEDORA-2010-15063)
Tools for building live CDs
--------------------------------------------------------------------------------
Update Information:
Add documentation for using lzo compression now available in squashfs.
Change extlinux dependency to /sbin/extlinux so that both old and new syslinux packages will work.
livecd-tools now needs to require syslinux-extlinux.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 21 2010 Bruno Wolff III <bruno@xxxxxxxx> - 034-10
- Document the lzo compressor.
* Thu Sep 16 2010 Bruno Wolff III <bruno@xxxxxxxx> - 034-9
- Change requires to /sbin/extlinux since that will work with old and new
versions of syslinux.
* Thu Sep 16 2010 Bruno Wolff III <bruno@xxxxxxxx> - 034-8
- extlinux is now in a subpackage that is required by livecd-iso-to-disk
--------------------------------------------------------------------------------
================================================================================
mantis-1.1.8-4.fc14 (FEDORA-2010-15061)
Web-based issue tracking system
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 20 2010 Gianluca Sforna <giallu@xxxxxxxxx> - 1.1.8-4
- Fix CVE-2010-3070 using system's NuSOAP (#633011)
- Fix CVE-2010-2574 and CVE-2010-3303 (#633003 #634340)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #633011 - Mantis: Vulnerable to CVE-2010-3070 (XSS in php-nusoap) due use of embedded copy of nusoap library
https://bugzilla.redhat.com/show_bug.cgi?id=633011
[ 2 ] Bug #634340 - CVE-2010-3303 mantis: several XSS flaws fixed in 1.2.3
https://bugzilla.redhat.com/show_bug.cgi?id=634340
[ 3 ] Bug #633003 - CVE-2010-2574 Mantis: XSS in Add Category action.
https://bugzilla.redhat.com/show_bug.cgi?id=633003
--------------------------------------------------------------------------------
================================================================================
maven2-2.2.1-13.fc14 (FEDORA-2010-15056)
Java project management and project comprehension tool
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 20 2010 Stanislav Ochotnicky <sochotnicky@xxxxxxxxxx> - 2.2.1-13
- Create dangling symlinks during install (Resolves rhbz#613866)
* Fri Sep 17 2010 Stanislav Ochotnicky <sochotnicky@xxxxxxxxxx> - 2.2.1-12
- Update JPackageRepositoryLayout to handle "signature" packaging
* Mon Sep 13 2010 Yong Yang <yyang@xxxxxxxxxx> 2.2.1-11
- Add -P all-models to generate maven model v3
* Wed Sep 1 2010 Alexander Kurtakov <akurtako@xxxxxxxxxx> 2.2.1-10
- Remove buildnumber-maven-plugins deps now that is fixed.
- Use new package names in BR/R.
- Use global instead of define.
* Fri Aug 27 2010 Stanislav Ochotnicky <sochotnicky@xxxxxxxxxx> - 2.2.1-9
- Remove failing tests after maven-surefire 2.6 update
* Thu Aug 26 2010 Stanislav Ochotnicky <sochotnicky@xxxxxxxxxx> - 2.2.1-8
- Remove incorrect testcase failing with ant 1.8
- Cleanup whitespace
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #613866 - maven2 is missing symlinks to essential libraries after upgrading to rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=613866
--------------------------------------------------------------------------------
================================================================================
mpi4py-1.2.2-1.fc14 (FEDORA-2010-15068)
Python bindings of the Message Passing Interface (MPI)
--------------------------------------------------------------------------------
Update Information:
Changelog:
* Add ``mpi4py.get_config()`` to retrieve information (compiler
wrappers, includes, libraries, etc) about the MPI implementation
employed to build mpi4py.
* Workaround Python libraries with missing GILState-related API calls
in case of non-threaded Python builds.
* Windows: look for MPICH2, DeinoMPI, Microsoft HPC Pack at their
default install locations under %ProgramFiles.
* MPE: fix hacks related to old API's, these hacks are broken when MPE
is built with a MPI implementations other than MPICH2.
* HP-MPI: fix for missing Fortran datatypes, use dlopen() to load the
MPI shared library before MPI_Init()
* Many distutils-related fixes, cleanup, and enhancements, better
logics to find MPI compiler wrappers.
* Support for ``pip install mpi4py``.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 15 2010 Thomas Spura <tomspur@xxxxxxxxxxxxxxxxx> - 1.2.2-1
- update to new version
--------------------------------------------------------------------------------
================================================================================
mutt-1.5.21-1.fc14 (FEDORA-2010-15064)
A text mode mail user agent
--------------------------------------------------------------------------------
Update Information:
Update to new upstream release.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 21 2010 Miroslav Lichvar <mlichvar@xxxxxxxxxx> 5:1.5.21-1
- update to 1.5.21
- link with gpg-error when building with gpgme support (#621626)
--------------------------------------------------------------------------------
================================================================================
olpc-utils-1.2.1-1.fc14 (FEDORA-2010-15054)
OLPC utilities
--------------------------------------------------------------------------------
Update Information:
Drop systemd support, go back to upstart
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 13 2010 Daniel Drake <dsd@xxxxxxxxxx> - 1.2.0-1
- update for systemd
- remove stale X MigrationHeuristic rendering bug workaround
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #634326 - needs adjustment re: systemd
https://bugzilla.redhat.com/show_bug.cgi?id=634326
--------------------------------------------------------------------------------
================================================================================
pinfo-0.6.10-1.fc14 (FEDORA-2010-15060)
An info file viewer
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 21 2010 Miroslav Lichvar <mlichvar@xxxxxxxxxx> 0.6.10-1
- update to 0.6.10
* Thu Jan 7 2010 Miroslav Lichvar <mlichvar@xxxxxxxxxx> 0.6.9-12
- fix source URL
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #634802 - pinfo does not refresh curses so shell job control suspend/resume causes 100% CPU endless loop
https://bugzilla.redhat.com/show_bug.cgi?id=634802
--------------------------------------------------------------------------------
================================================================================
rubygem-test-unit-2.1.1-2.fc14 (FEDORA-2010-15052)
Improved version of Test::Unit bundled in Ruby 1.8.x
--------------------------------------------------------------------------------
================================================================================
squashfs-tools-4.1-1.fc14 (FEDORA-2010-15066)
Utility for the creation of squashfs filesystems
--------------------------------------------------------------------------------
Update Information:
Update to 4.1 final.
Support lzo compression.
Get fix for big endian systems.
This update syncs up to the current version of 4.1.
The main reason to do this now is to pick up a fix for large xattr handling.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 21 2010 Bruno Wolff III <bruno@xxxxxxxx> - 4.1-1
- Update to 4.1 final.
- Byte swap patch is now upstream.
- LZO compression type is now supported.
* Mon Sep 6 2010 Dan HorÃk <dan[at]danny.cz> - 4.1-0.5.20100827
- Add fixes for big-endian machines
* Sat Aug 28 2010 Bruno Wolff III <bruno@xxxxxxxx> - 4.1-0.4.20100827
- Rebase to latest upstream.
- The main reason is to pick up a fix for large xattr similar to the large inode fix. This doesn't need to get backported as 4.0 doesn't have xattr support.
- An option was added to build without xattr support.
- Various source cleanups have been done as well.
--------------------------------------------------------------------------------
================================================================================
thunderbird-3.1.4-1.fc14 (FEDORA-2010-15067)
Mozilla Thunderbird mail/newsgroup client
--------------------------------------------------------------------------------
Update Information:
Update to new upstream Thunderbird version 3.1.4. Refer to upstream release notes for the detailed list of changes:
http://www.mozillamessaging.com/en-US/thunderbird/3.1.4/releasenotes/
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 21 2010 Martin Stransky <stransky@xxxxxxxxxx> - 3.1.4-1
- Update to 3.1.4
* Thu Sep 16 2010 Dan HorÃk <dan[at]danny.cz> - 3.1.3-2
- fix build on s390
--------------------------------------------------------------------------------
================================================================================
upstart-0.6.5-9.fc14 (FEDORA-2010-15053)
An event-driven init system
--------------------------------------------------------------------------------
Update Information:
This update fixes setting utmp DEAD_PROCESS for dead processes. It's needed for similar tools like pam, w, desktop switch user, ... to correctly recognize currently logged users.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 21 2010 Petr Lautrbach <plautrba@xxxxxxxxxx> 0.6.5-9
- set DEAD_PROCESS for dead process with pid in utmp table (#572199, #632568)
- exit shutdown with nonzero exitcode when fails shutdown
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #572199 - tty logins stays in sessions list for user switching even if user has already logged out
https://bugzilla.redhat.com/show_bug.cgi?id=572199
[ 2 ] Bug #632568 - limits.conf file maxlogins
https://bugzilla.redhat.com/show_bug.cgi?id=632568
--------------------------------------------------------------------------------
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
