Fedora 13 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 13 Security updates need testing:

    https://admin.fedoraproject.org/updates/thunderbird-3.1.5-1.fc13,sunbird-1.0-0.29.b2pre.fc13
    https://admin.fedoraproject.org/updates/glpi-0.72.4-3.svn11497.fc13
    https://admin.fedoraproject.org/updates/tomcat6-6.0.26-11.fc13
    https://admin.fedoraproject.org/updates/banshee-1.6.1-4.fc13
    https://admin.fedoraproject.org/updates/perl-libwww-perl-5.837-2.fc13
    https://admin.fedoraproject.org/updates/monotone-0.48.1-1.fc13
    https://admin.fedoraproject.org/updates/horde-3.3.9-1.fc13
    https://admin.fedoraproject.org/updates/mailman-2.1.12-16.fc13
    https://admin.fedoraproject.org/updates/luci-0.22.4-2.0.b9faf868074git.fc13
    https://admin.fedoraproject.org/updates/xpdf-3.02-16.fc13
    https://admin.fedoraproject.org/updates/clamav-0.96.3-1400.fc13
    https://admin.fedoraproject.org/updates/gnucash-2.3.15-2.fc13
    https://admin.fedoraproject.org/updates/bristol-0.40.7-7.fc13
    https://admin.fedoraproject.org/updates/moodle-1.9.10-1.fc13
    https://admin.fedoraproject.org/updates/seamonkey-2.0.9-1.fc13
    https://admin.fedoraproject.org/updates/pidgin-2.7.4-1.fc13


The following builds have been pushed to Fedora 13 updates-testing

    389-admin-1.1.12-0.2.a2.fc13
    389-adminutil-1.1.13-1.fc13
    389-ds-base-1.2.7-0.6.a3.fc13
    389-dsgw-1.1.6-1.fc13
    banshee-1.6.1-4.fc13
    glpi-0.72.4-3.svn11497.fc13
    kcm-gtk-0.5.3-5.fc13
    kcm_touchpad-0.3.1-3.fc13
    kdebase3-3.5.10-17.fc13
    kdepim-4.4.7-1.fc13.1
    kdepim-runtime-4.4.7-1.fc13.1
    libguestfs-1.4.3-5.fc13
    monotone-0.48.1-1.fc13
    mozilla-firetray-0.2.8-3.fc13
    perl-Pegex-0.11-1.fc13
    virt-what-1.3-3.fc13
    xscreensaver-5.12-6.fc13

Details about builds:


================================================================================
 389-admin-1.1.12-0.2.a2.fc13 (FEDORA-2010-16911)
 389 Administration Server (admin)
--------------------------------------------------------------------------------
Update Information:

the 1.2.7 alpha 3 release
--------------------------------------------------------------------------------
ChangeLog:

* Tue Oct 26 2010 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.12-0.2.a2
- fix mozldap build breakage
* Tue Sep 28 2010 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.12-0.1.a1
- This is the 1.1.12 alpha 1 release - with openldap support
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #576869 - Tracking bug for 389 Directory Server 1.2.7
        https://bugzilla.redhat.com/show_bug.cgi?id=576869
--------------------------------------------------------------------------------


================================================================================
 389-adminutil-1.1.13-1.fc13 (FEDORA-2010-16911)
 Utility library for 389 administration
--------------------------------------------------------------------------------
Update Information:

the 1.2.7 alpha 3 release
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 22 2010 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.13-1
- add nss_inc to libadminutil build flags
* Tue Oct 19 2010 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.12-1
- fix building with mozldap
* Tue Oct 19 2010 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.11-1
- the 1.1.11 release
* Fri Feb 26 2010 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.10-1
- Bug 460168 - FedoraDS' adminutil requires non-existent "icu.pc" on non-RH/Fedora systems
- this is the 1.1.10 release
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #576869 - Tracking bug for 389 Directory Server 1.2.7
        https://bugzilla.redhat.com/show_bug.cgi?id=576869
--------------------------------------------------------------------------------


================================================================================
 389-ds-base-1.2.7-0.6.a3.fc13 (FEDORA-2010-16911)
 389 Directory Server (base)
--------------------------------------------------------------------------------
Update Information:

the 1.2.7 alpha 3 release
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct 27 2010 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.7-0.6.a3
- fix more git merge problems
* Wed Oct 27 2010 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.7-0.5.a3
- fix git merge problems
* Wed Oct 27 2010 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.7-0.4.a3
- 1.2.7.a3 release - a2 was never released - this is a rebuild to pick up
- Bug 644608 - RHDS 8.1->8.2 upgrade fails to properly migrate ACIs
- Adding the ancestorid fix code to ##upgradednformat.pl.
* Fri Oct 22 2010 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.7-0.3.a3
- 1.2.7.a3 release - a2 was never released
- Bug 644608 - RHDS 8.1->8.2 upgrade fails to properly migrate ACIs
- Bug 629681 - Retro Changelog trimming does not behave as expected
- Bug 645061 - Upgrade: 06inetorgperson.ldif and 05rfc4524.ldif
-              are not upgraded in the server instance schema dir
* Tue Oct 19 2010 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.7-0.2.a2
- 1.2.7.a2 release - a1 was the OpenLDAP testday release
- git tag 389-ds-base-1.2.7.a2
- added openldap support on platforms that use openldap with moznss
- for crypto (F-14 and later)
- many bug fixes
- Account Policy Plugin (keep track of last login, disable old accounts)
* Fri Oct  8 2010 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.7-0.1.a1
- added openldap support
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #576869 - Tracking bug for 389 Directory Server 1.2.7
        https://bugzilla.redhat.com/show_bug.cgi?id=576869
--------------------------------------------------------------------------------


================================================================================
 389-dsgw-1.1.6-1.fc13 (FEDORA-2010-16911)
 389 Directory Server Gateway (dsgw)
--------------------------------------------------------------------------------
Update Information:

the 1.2.7 alpha 3 release
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct  8 2010 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.6-1
- bump version to 1.1.6
- support for openldap
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #576869 - Tracking bug for 389 Directory Server 1.2.7
        https://bugzilla.redhat.com/show_bug.cgi?id=576869
--------------------------------------------------------------------------------


================================================================================
 banshee-1.6.1-4.fc13 (FEDORA-2010-16916)
 Easily import, manage, and play selections from your music collection
--------------------------------------------------------------------------------
ChangeLog:

* Mon Oct 25 2010 Christian Krause <chkr@xxxxxxxxxxxxxxxxx> - 1.6.1-4
- Add a patch to fix CVE-2010-3998
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #644554 - CVE-2010-3998 banshee: insecure library loading vulnerability
        https://bugzilla.redhat.com/show_bug.cgi?id=644554
--------------------------------------------------------------------------------


================================================================================
 glpi-0.72.4-3.svn11497.fc13 (FEDORA-2010-16912)
 Free IT asset management software
--------------------------------------------------------------------------------
Update Information:

Switch to system phpCAS.

--------------------------------------------------------------------------------
ChangeLog:

* Thu May 20 2010 Remi Collet <Fedora@xxxxxxxxxxxxxxxxx> - 0.72.4-3.svn11497
- use system phpCAS instead of bundled copy
- minor bug fixes from SVN
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #620743 - CVE-2010-2795 php-pear-CAS: authenticated session hijack by providing new well formed ticket (PHPCAS-61)
        https://bugzilla.redhat.com/show_bug.cgi?id=620743
  [ 2 ] Bug #620751 - CVE-2010-2796 php-pear-CAS: XSS in proxy mode (PHPCAS-67)
        https://bugzilla.redhat.com/show_bug.cgi?id=620751
  [ 3 ] Bug #646659 - CVE-2010-3690 CVE-2010-3691 CVE-2010-3692 phpCAS: multiple vulnerabilities fixes in 1.1.3
        https://bugzilla.redhat.com/show_bug.cgi?id=646659
--------------------------------------------------------------------------------


================================================================================
 kcm-gtk-0.5.3-5.fc13 (FEDORA-2010-16895)
 Configure the appearance of GTK apps in KDE
--------------------------------------------------------------------------------
ChangeLog:

* Wed Sep  8 2010 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.5.3-5
- kcm-gtk : "GTK+ Appearance" in systemsettings->lost and found (#628381)
- Requires: kdebase-runtime
* Wed Jul  7 2010 Ville Skyttà <ville.skytta@xxxxxx> - 0.5.3-4
- Apply modified upstream patch to add cursor theme support (#600976).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #628381 - kcm-gtk : "GTK+ Appearance" in systemsettings->lost and found
        https://bugzilla.redhat.com/show_bug.cgi?id=628381
--------------------------------------------------------------------------------


================================================================================
 kcm_touchpad-0.3.1-3.fc13 (FEDORA-2010-16884)
 Synaptics driver based touchpads kcontrol module
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep  7 2010 Ryan Rix <ry@xxxxxxxx> - 0.3.1-3
- Update the category to adhere to new SC 4.5 systemsettings layout. Will now
  appear under the "input devices" section.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #628378 - kcm_touchpad: systemsettings item in "lost and found"
        https://bugzilla.redhat.com/show_bug.cgi?id=628378
--------------------------------------------------------------------------------


================================================================================
 kdebase3-3.5.10-17.fc13 (FEDORA-2010-16910)
 KDE 3 core files
--------------------------------------------------------------------------------
Update Information:

Removes errant Obsoletes/Provides: kdebase(-devel), which can cause
dependency problems elsewhere.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun 10 2010 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 3.5.10-17
- drop old Obsoletes/Provides: kdebase(-devel)
--------------------------------------------------------------------------------


================================================================================
 kdepim-4.4.7-1.fc13.1 (FEDORA-2010-16903)
 KDE PIM (Personal Information Manager) applications
--------------------------------------------------------------------------------
Update Information:

Latest kdepim-4.4.x bugfix release.  See also,
http://www.kdedevelopers.org/node/4344
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 28 2010 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.4.7-1.1
- rebuild for kde-4.5 (f13)
* Fri Oct 22 2010 Thomas Janssen <thomasj@xxxxxxxxxxxxxxxxx> 4.4.7-1
- update to 4.4.7
* Tue Oct 19 2010 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 6:4.4.6-4 
- own %_libdir/akonadi/contact (#644540)
* Thu Oct 14 2010 Jesse Keating <jkeating@xxxxxxxxxx> - 6:4.4.6-3.1
- Rebuild for gcc bug 634757
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #628379 - kdepim-runtime : Akonadi Configuration shows in systemsettings->lost and found
        https://bugzilla.redhat.com/show_bug.cgi?id=628379
--------------------------------------------------------------------------------


================================================================================
 kdepim-runtime-4.4.7-1.fc13.1 (FEDORA-2010-16903)
 KDE PIM Runtime Environment
--------------------------------------------------------------------------------
Update Information:

Latest kdepim-4.4.x bugfix release.  See also,
http://www.kdedevelopers.org/node/4344
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 28 2010 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.4.7-1.1
- rebuild for kde-4.5 (f13)
* Fri Oct 22 2010 Thomas Janssen <thomasj@xxxxxxxxxxxxxxxxx> 4.4.7-1
- update to 4.4.7-1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #628379 - kdepim-runtime : Akonadi Configuration shows in systemsettings->lost and found
        https://bugzilla.redhat.com/show_bug.cgi?id=628379
--------------------------------------------------------------------------------


================================================================================
 libguestfs-1.4.3-5.fc13 (FEDORA-2010-16913)
 Access and modify virtual machine disk images
--------------------------------------------------------------------------------
Update Information:

Fix networking in the appliance.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 28 2010 Marek Goldmann <mgoldman@xxxxxxxxxx> - 1:1.4.3-5
- Fix networking in the appliance.
--------------------------------------------------------------------------------


================================================================================
 monotone-0.48.1-1.fc13 (FEDORA-2010-16902)
 A free, distributed version control system
--------------------------------------------------------------------------------
Update Information:

Update to monotone-0.48.1, which contains a fix for a DoS:

Running "mtn ''" or "mtn ls ''" doesn't cause an internal error anymore. In monotone 0.48 and earlier this behavior could be used to crash a server remotely (but only if it was configured to allow execution of remote commands). Therefore everyone running such a server should update as soon as possible.

There's also a fix for a non-critical issue:

Using mtn:// style URIs for netsync operations didn't work with 0.48 on systems which only have a 'monotone' entry in /etc/services. Failing to find a corresponding entry for the schema in a given URI isn't considered fatal now, instead mtn falls back to its default port.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct 27 2010 Thomas Moschny <thomas.moschny@xxxxxx> - 0.48.1-1
- Update to 0.48.1.
- Add patch from upstream to support newer sqlite.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #647302 - CVE-2010-4098 monotone: remote DoS via empty arg to mtn command
        https://bugzilla.redhat.com/show_bug.cgi?id=647302
--------------------------------------------------------------------------------


================================================================================
 mozilla-firetray-0.2.8-3.fc13 (FEDORA-2010-16898)
 A system tray addon for mozilla
--------------------------------------------------------------------------------
Update Information:

Please test if update goes fine from mozilla-firetray-sunbird-0.2.8-2
--------------------------------------------------------------------------------
ChangeLog:

* Sun Oct 24 2010 Hicham HAOUARI <hicham.haouari@xxxxxxxxx> - 0.2.8-3
- Symlink the extension's directory for sunbird the same way of the
  other applications using gecko >= 1.9.2, fixes rhbz #646185
- Add workaround for rhbz #646523
- Spec cleanup
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #646185 - mozilla-firetray-sunbird prevents sunbird from starting
        https://bugzilla.redhat.com/show_bug.cgi?id=646185
--------------------------------------------------------------------------------


================================================================================
 perl-Pegex-0.11-1.fc13 (FEDORA-2010-16900)
 Pegex Parser Generator
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #639684 - Review Request: perl-Pegex -  Pegex Parser Generator
        https://bugzilla.redhat.com/show_bug.cgi?id=639684
--------------------------------------------------------------------------------


================================================================================
 virt-what-1.3-3.fc13 (FEDORA-2010-16894)
 Detect if we are running in a virtual machine
--------------------------------------------------------------------------------
Update Information:

virt-what - detect if we are running in a virtual machine.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #644259 - Review Request: virt-what - detect if we are running in a virtual machine
        https://bugzilla.redhat.com/show_bug.cgi?id=644259
--------------------------------------------------------------------------------


================================================================================
 xscreensaver-5.12-6.fc13 (FEDORA-2010-16901)
 X screen saver and locker
--------------------------------------------------------------------------------
Update Information:

Currently lauching xscreensaver-demo shows GTK warning about using non-zero value of page-size when using GtkSpinButton. This issue is fixed in this rpm.

--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 28 2010 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxxxx> - 1:5.12-6
- Remove GTK warning about non-zero page-size on GtkSpinButton
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe: 
https://admin.fedoraproject.org/mailman/listinfo/test



[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux