The following Fedora 13 Security updates need testing:
https://admin.fedoraproject.org/updates/clamav-0.96.3-1400.fc13
https://admin.fedoraproject.org/updates/tomcat6-6.0.26-11.fc13
https://admin.fedoraproject.org/updates/sepostgresql-9.0.0-20101005.fc13
https://admin.fedoraproject.org/updates/sepostgresql-9.0.1-20101007.fc13
https://admin.fedoraproject.org/updates/perl-libwww-perl-5.837-2.fc13
https://admin.fedoraproject.org/updates/cvs-1.11.23-10.fc13
https://admin.fedoraproject.org/updates/apr-util-1.3.10-1.fc13
https://admin.fedoraproject.org/updates/subversion-1.6.13-1.fc13
https://admin.fedoraproject.org/updates/horde-3.3.9-1.fc13
https://admin.fedoraproject.org/updates/xulrunner-1.9.2.11-1.fc13,firefox-3.6.11-1.fc13,galeon-2.0.7-34.fc13,gnome-python2-extras-2.25.3-23.fc13,perl-Gtk2-MozEmbed-0.08-6.fc13.18,gnome-web-photo-0.9-13.fc13,mozvoikko-1.0-15.fc13
https://admin.fedoraproject.org/updates/mailman-2.1.12-16.fc13
https://admin.fedoraproject.org/updates/luci-0.22.4-2.0.b9faf868074git.fc13
https://admin.fedoraproject.org/updates/gnucash-2.3.15-2.fc13
The following builds have been pushed to Fedora 13 updates-testing
asterisk-sounds-core-1.4.20-1.fc13
bitlbee-3.0-1.fc13
cryptopp-5.6.1-2.fc13
cvs-1.11.23-10.fc13
django-simple-captcha-0.2.0-4.fc13
emacs-common-ddskk-14.1-4.fc13
erlang-etap-0.3.4-5.fc13
flies-python-client-0.2.0-1.fc13
flies-python-client-0.3.0-1.fc13
gnucash-2.3.15-2.fc13
ibus-table-others-1.3.0.20100907-5.fc13
libmcrypto-0.8.0-0.1.20100629svn3775.fc13
libmstun-0.8.0-0.1.20091007svn3734.fc13
luci-0.22.4-2.0.b9faf868074git.fc13
openeuclide-0.5-3.fc13
papyon-0.5.2-1.fc13
php-pear-Net-SMTP-1.4.4-1.fc13
php-pear-Net-Traceroute-0.21.3-1.fc13
system-config-printer-1.2.5-4.fc13
Details about builds:
================================================================================
asterisk-sounds-core-1.4.20-1.fc13 (FEDORA-2010-16608)
Core sounds for Asterisk
--------------------------------------------------------------------------------
Update Information:
- Update to 1.4.20
- Add en_AU sounds
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 18 2010 Jeffrey C. Ollie <jeff@xxxxxxxxxx> - 1.4.20-1
- Update to 1.4.20
- Add en_AU sounds
--------------------------------------------------------------------------------
================================================================================
bitlbee-3.0-1.fc13 (FEDORA-2010-16614)
IRC to other chat networks gateway
--------------------------------------------------------------------------------
Update Information:
New upstream release.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 22 2010 MatÄj Cepl <mcepl@xxxxxxxxxx> - 3.0-1
- New upstream release.
--------------------------------------------------------------------------------
================================================================================
cryptopp-5.6.1-2.fc13 (FEDORA-2010-16615)
Public domain C++ class library of cryptographic schemes
--------------------------------------------------------------------------------
Update Information:
- Added -DCRYPTOPP_DISABLE_SSE2 to CXXFLAGS instead of config.h for non-x86_64 (rhbz#645169).
- Installed TestVectors and TestData in cryptopp-progs.
- Patched cryptest for using data files in /usr/share/cryptopp.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 21 2010 Alexey Kurov <nucleo@xxxxxxxxxxxxxxxxx> - 5.6.1-2
- add -DCRYPTOPP_DISABLE_SSE2 to CXXFLAGS instead of config.h for non-x86_64 (rhbz#645169)
- install TestVectors and TestData in cryptopp-progs
- patch cryptest for using data files in /usr/share/cryptopp
- build cryptestcwd for build time test only
- fix check section
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #645169 - conflict between cryptopp-devel i686 and x86_64 pkgs
https://bugzilla.redhat.com/show_bug.cgi?id=645169
--------------------------------------------------------------------------------
================================================================================
cvs-1.11.23-10.fc13 (FEDORA-2010-16600)
A version control system
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 21 2010 Petr Pisar <ppisar@xxxxxxxxxx> - 1.11.23-10
- Fix CVE-2010-3846 (bug #645386)
* Tue Jan 12 2010 Jiri Moskovcak <jmoskovc@xxxxxxxxxx> 1.11.23-9
- spec file fixes based on review
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #642146 - CVE-2010-3846 cvs: Heap-based buffer overflow by applying RCS file changes
https://bugzilla.redhat.com/show_bug.cgi?id=642146
--------------------------------------------------------------------------------
================================================================================
django-simple-captcha-0.2.0-4.fc13 (FEDORA-2010-16602)
Django application to add captcha images to any Django form
--------------------------------------------------------------------------------
Update Information:
Here is where you
give an explanation of
your update.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #644883 - Review Request: django-simple-captcha - Django application to add captcha images to any Django form.
https://bugzilla.redhat.com/show_bug.cgi?id=644883
--------------------------------------------------------------------------------
================================================================================
emacs-common-ddskk-14.1-4.fc13 (FEDORA-2010-16620)
Daredevil SKK - Simple Kana to Kanji conversion program for Emacs
--------------------------------------------------------------------------------
Update Information:
Daredevil SKK is a branch of SKK (Simple Kana to Kanji conversion program, an input method of Japanese)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #582894 - Review Request: emacs-common-ddskk - Daredevil SKK - Simple Kana to Kanji conversion program for Emacs
https://bugzilla.redhat.com/show_bug.cgi?id=582894
--------------------------------------------------------------------------------
================================================================================
erlang-etap-0.3.4-5.fc13 (FEDORA-2010-16598)
Erlang testing library
--------------------------------------------------------------------------------
Update Information:
* Fixed runtime issues in EL-4
* Added %check target
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 21 2010 Peter Lemenkov <lemenkov@xxxxxxxxx> 0.3.4-5
- Fixed missing runtime dependency on EL-4
- Added %check target
* Tue Sep 28 2010 Peter Lemenkov <lemenkov@xxxxxxxxx> 0.3.4-4
- Narrowed BuildRequires
* Mon Jul 12 2010 Peter Lemenkov <lemenkov@xxxxxxxxx> 0.3.4-3
- Rebuild for Erlang/OTP R14A
- Simplified spec-file
--------------------------------------------------------------------------------
================================================================================
flies-python-client-0.2.0-1.fc13 (FEDORA-2010-16606)
Python Client for Flies Server
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 21 2010 James Ni <jni@xxxxxxxxxx> - 0.2.0-1
- Add extension support and update translation command
* Wed Sep 29 2010 James Ni <jni@xxxxxxxxxx> - 0.1.0-1
- Modify the user configuration file and command line options
* Wed Sep 8 2010 James Ni <jni@xxxxxxxxxx> - 0.0.6-1
- Try to resolve the dependency of python-setuptools
--------------------------------------------------------------------------------
================================================================================
flies-python-client-0.3.0-1.fc13 (FEDORA-2010-16610)
Python Client for Flies Server
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 21 2010 James Ni <jni@xxxxxxxxxx> - 0.3.0-1
- Fix the issues in extension support and update translation command
* Thu Oct 21 2010 James Ni <jni@xxxxxxxxxx> - 0.2.0-1
- Add extension support and update translation command
* Wed Sep 29 2010 James Ni <jni@xxxxxxxxxx> - 0.1.0-1
- Modify the user configuration file and command line options
* Wed Sep 8 2010 James Ni <jni@xxxxxxxxxx> - 0.0.6-1
- Try to resolve the dependency of python-setuptools
--------------------------------------------------------------------------------
================================================================================
gnucash-2.3.15-2.fc13 (FEDORA-2010-16605)
Finance management application
--------------------------------------------------------------------------------
Update Information:
This updates GnuCash to the latest 2.4 development release, and removes an unneeded file that could cause a security issue if ran from a directory that other users had write access to.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 21 2010 Bill Nottingham <notting@xxxxxxxxxx>
- don't ship gnc-test-env (#644933, CVE-2010-3999)
* Mon Aug 23 2010 Bill Nottingham <notting@xxxxxxxxxx> - 2.3.15-1
- update to 2.3.15
- include upstream patch for config migration (#571621)
* Tue Jul 6 2010 Bill Nottingham <notting@xxxxxxxxxx> - 2.3.13-2
- rebuild against newer webkitgtk
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #644933 - CVE-2010-3999 gnucash: insecure library loading vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=644933
--------------------------------------------------------------------------------
================================================================================
ibus-table-others-1.3.0.20100907-5.fc13 (FEDORA-2010-16616)
Various tables for IBus-Table
--------------------------------------------------------------------------------
Update Information:
* Fri Oct 22 2010 Naveen Kumar <nkumar@xxxxxxxxxx> - 1.3.0.20100907-5
- Initialize Package
--------------------------------------------------------------------------------
================================================================================
libmcrypto-0.8.0-0.1.20100629svn3775.fc13 (FEDORA-2010-16611)
A C++ library providing various cryptography related utilities
--------------------------------------------------------------------------------
Update Information:
Initial package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #626699 - Review Request: libmcrypto - A C++ library providing various cryptography related utilities
https://bugzilla.redhat.com/show_bug.cgi?id=626699
--------------------------------------------------------------------------------
================================================================================
libmstun-0.8.0-0.1.20091007svn3734.fc13 (FEDORA-2010-16603)
A C++ library providing STUN client utilities
--------------------------------------------------------------------------------
Update Information:
Initial package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #626462 - Review Request: libmstun - A C++ library providing STUN client utilities
https://bugzilla.redhat.com/show_bug.cgi?id=626462
--------------------------------------------------------------------------------
================================================================================
luci-0.22.4-2.0.b9faf868074git.fc13 (FEDORA-2010-16617)
Web-based high availability administration application
--------------------------------------------------------------------------------
Update Information:
Fix CVE-2010-3852
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 21 2010 Fabio M. Di Nitto <fdinitto@xxxxxxxxxx> - 0.22.4-2.0.b9faf868074git
- Fix CVE-2010-3852 (bug #645404)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #626504 - CVE-2010-3852 Luci: Authentication bypass via fake ticket cookie
https://bugzilla.redhat.com/show_bug.cgi?id=626504
--------------------------------------------------------------------------------
================================================================================
openeuclide-0.5-3.fc13 (FEDORA-2010-16619)
A geometry software that is intended for educational or modeling purposes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #643595 - Review Request: openeuclide - A plane geometry software
https://bugzilla.redhat.com/show_bug.cgi?id=643595
--------------------------------------------------------------------------------
================================================================================
papyon-0.5.2-1.fc13 (FEDORA-2010-16612)
Python libraries for MSN Messenger network
--------------------------------------------------------------------------------
Update Information:
Latest stable release that fixes:
* Use the right policy reference when requesting security token (fdo #31004)
* Set the peer end-points before requesting his display picture (fdo #30411)
* Don't queue all P2P chunks right away when using SB transport (fdo #29512)
* Don't send invalid command when contact is in Allow and Block lists
* Don't fail when current media that is not music (fdo #30625)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 21 2010 Brian Pepple <bpepple@xxxxxxxxxxxxxxxxx> - 0.5.2-1
- Update to 0.5.2. (#645554)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #645554 - No longer able to connect to MSN accounts
https://bugzilla.redhat.com/show_bug.cgi?id=645554
--------------------------------------------------------------------------------
================================================================================
php-pear-Net-SMTP-1.4.4-1.fc13 (FEDORA-2010-16267)
Provides an implementation of the SMTP protocol
--------------------------------------------------------------------------------
Update Information:
Upstream changelog:
Version 1.4.4
* Corrected a problem with SMTP servers that don't support the SIZE feature. (Bug 17942)
Version 1.4.3
* Reduce peak memory usage when sending large files. (Request 17887)
* Adding support for proxy authentication. (Request 17358)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 11 2010 Remi Collet <Fedora@xxxxxxxxxxxxxxxxx> 1.4.4-1
- Version 1.4.4 (stable) - API 1.1.3 (stable)
* Mon Oct 11 2010 Remi Collet <Fedora@xxxxxxxxxxxxxxxxx> 1.4.3-1
- Version 1.4.3 (stable) - API 1.1.3 (stable)
- set timezone during build
--------------------------------------------------------------------------------
================================================================================
php-pear-Net-Traceroute-0.21.3-1.fc13 (FEDORA-2010-16609)
Execute traceroute
--------------------------------------------------------------------------------
Update Information:
Upstream Changelog:
* move error-redirection to end of command-line (on Linux)
* handle arguments without a value (example: numeric) correctly
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 21 2010 Remi Collet <Fedora@xxxxxxxxxxxxxxxxx> 0.21.3-1
- Version 0.21.3 (alpha) - API 0.21.1 (alpha)
- set timezone during build
- spec cleanup
--------------------------------------------------------------------------------
================================================================================
system-config-printer-1.2.5-4.fc13 (FEDORA-2010-16242)
A printer administration tool
--------------------------------------------------------------------------------
Update Information:
New upstream release that fixes several bugs.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 22 2010 Jiri Popelka <jpopelka@xxxxxxxxxx> 1.2.5-4
- Don't check ComboBoxEntry for allowed characters (bug #644131).
* Thu Oct 14 2010 Tim Waugh <twaugh@xxxxxxxxxx> - 1.2.5-3
- Always use MFG and MDL fields for InstallPrinterDrivers interface
(bug #643073).
* Thu Oct 14 2010 Tim Waugh <twaugh@xxxxxxxxxx> - 1.2.5-2
- Show debug output whenever InstallPrinterDrivers is called.
* Wed Oct 13 2010 Tim Waugh <twaugh@xxxxxxxxxx> - 1.2.5-1
- 1.2.5:
- CMD-field matching for PPDs (bug #630058).
- Avoid crash in jobviewer (bug #640904).
- Don't try to modify firewall for SNMP broadcast responses
as it doesn't work (trac #214).
- Correctly parse snmp backend output when fetching
Device ID (bug #639394).
- XmlHelper: Don't indent output when saving to file (bug #639586).
- GroupsPaneModel: Avoid crash when removing queue (bug #639586).
- Use "Do It Later" instead of "Cancel" for adjust firewall
dialog (trac #213).
- Delete Bluetooth printer's queue when unpaired.
- Show examples of IPP URIs (bug #575795).
- Use actual Device ID strings in 'no match' debug
message (bug #630350).
- Prevent disallowed characters in text entry fields when adding
new printer (bug #621199).
- Fixed race condition while renaming printer (bug #625502).
- Request required job attributes rather than assuming they will
be present in response (bug #635719).
- Discard disallowed characters when renaming (bug #612315).
- Mark more translatable strings (bug #634436).
* Fri Oct 1 2010 Tim Waugh <twaugh@xxxxxxxxxx> - 1.2.4-3
- Use actual device ID in debug output (bug #630350).
* Mon Sep 13 2010 Tim Waugh <twaugh@xxxxxxxxxx> - 1.2.4-2
- Rebuilt with updated translations.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #575795 - should make it clearer how to set up an IPP queue manually
https://bugzilla.redhat.com/show_bug.cgi?id=575795
[ 2 ] Bug #606798 - [abrt] crash in system-config-printer-1.2.2-4.fc13: AdvancedServerSettings.py:132:disconnect:KeyError: None
https://bugzilla.redhat.com/show_bug.cgi?id=606798
[ 3 ] Bug #612315 - [abrt] crash in system-config-printer-1.2.3-3.fc13: system-config-printer.py:3137:rename_printer:AttributeError: 'NoneType' object has no attribute 'name'
https://bugzilla.redhat.com/show_bug.cgi?id=612315
[ 4 ] Bug #614516 - Caught non-fatal exception in fillDeviceTab
https://bugzilla.redhat.com/show_bug.cgi?id=614516
[ 5 ] Bug #620056 - [abrt] crash in system-config-printer-1.1.19-3.fc12: monitor.py:552:refresh:KeyError: 'job-state'
https://bugzilla.redhat.com/show_bug.cgi?id=620056
[ 6 ] Bug #621199 - Can't add new printer
https://bugzilla.redhat.com/show_bug.cgi?id=621199
[ 7 ] Bug #625502 - [abrt] system-config-printer-1.2.3-3.fc13: system-config-printer.py:3151:rename_printer:AttributeError: 'NoneType' object has no attribute 'setAccepting'
https://bugzilla.redhat.com/show_bug.cgi?id=625502
[ 8 ] Bug #630058 - Only match PPDs with compatible CMD fields
https://bugzilla.redhat.com/show_bug.cgi?id=630058
[ 9 ] Bug #630350 - debug output gives wrong Device ID
https://bugzilla.redhat.com/show_bug.cgi?id=630350
[ 10 ] Bug #635719 - s-c-p doesn't ask before renaming a printer queue
https://bugzilla.redhat.com/show_bug.cgi?id=635719
[ 11 ] Bug #639394 - getNetworkPrinterMakeModel doesn't use Device ID field
https://bugzilla.redhat.com/show_bug.cgi?id=639394
[ 12 ] Bug #639586 - [abrt] system-config-printer-1.2.4-1.fc13: GroupsPaneModel.py:125:remove_queues:AttributeError: 'NoneType' object has no attribute 'unlinkNode'
https://bugzilla.redhat.com/show_bug.cgi?id=639586
[ 13 ] Bug #640904 - [abrt] system-config-printer-1.2.4-1.fc13: jobviewer.py:1783:job_event:KeyError: 13
https://bugzilla.redhat.com/show_bug.cgi?id=640904
[ 14 ] Bug #643073 - InstallPrinterDrivers interface needs MFG and MDL keys, not MANUFACTURER and MODEL
https://bugzilla.redhat.com/show_bug.cgi?id=643073
[ 15 ] Bug #644131 - [abrt] system-config-printer-1.2.5-3.fc14: system-config-printer.py:5630:entry_changed:AttributeError: 'gtk.ComboBoxEntry' object has no attribute 'get_text'
https://bugzilla.redhat.com/show_bug.cgi?id=644131
--------------------------------------------------------------------------------
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
