Fedora 12 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The following Fedora 12 Security updates need testing:

    https://admin.fedoraproject.org/updates/bzip2-1.0.6-1.fc12
    https://admin.fedoraproject.org/updates/glpi-0.72.4-3.svn11497.fc12
    https://admin.fedoraproject.org/updates/gnome-xcf-thumbnailer-1.0-4.fc12
    https://admin.fedoraproject.org/updates/seamonkey-2.0.10-1.fc12
    https://admin.fedoraproject.org/updates/mailman-2.1.12-10.fc12
    https://admin.fedoraproject.org/updates/bugzilla-3.4.9-1.fc12
    https://admin.fedoraproject.org/updates/gif2png-2.5.1-1202.fc12
    https://admin.fedoraproject.org/updates/clamav-0.96.3-1200.fc12
    https://admin.fedoraproject.org/updates/bristol-0.40.7-7.fc12
    https://admin.fedoraproject.org/updates/pam-1.1.1-6.fc12
    https://admin.fedoraproject.org/updates/banshee-1.6.1-4.fc12
    https://admin.fedoraproject.org/updates/pidgin-2.7.5-1.fc12
    https://admin.fedoraproject.org/updates/pootle-2.1.2-1.fc12
    https://admin.fedoraproject.org/updates/moodle-1.9.10-1.fc12
    https://admin.fedoraproject.org/updates/libsmi-0.4.8-5.fc12
    https://admin.fedoraproject.org/updates/proftpd-1.3.3c-1.fc12


The following Fedora 12 Critical Path updates have yet to be approved:

    https://admin.fedoraproject.org/updates/NetworkManager-0.8.1-10.git20100831.fc12
    https://admin.fedoraproject.org/updates/pam-1.1.1-6.fc12
    https://admin.fedoraproject.org/updates/findutils-4.4.2-7.fc12
    https://admin.fedoraproject.org/updates/nss-softokn-3.12.4-16.fc12
    https://admin.fedoraproject.org/updates/xorg-x11-drv-ati-6.13.0-0.22.20100316git819b4015.fc12
    https://admin.fedoraproject.org/updates/binutils-2.19.51.0.14-38.fc12
    https://admin.fedoraproject.org/updates/util-linux-ng-2.16.2-4.fc12
    https://admin.fedoraproject.org/updates/xorg-x11-drv-synaptics-1.2.0-3.fc12
    https://admin.fedoraproject.org/updates/findutils-4.4.2-5.fc12


The following builds have been pushed to Fedora 12 updates-testing

    bugzilla-3.4.9-1.fc12
    kdebase-workspace-4.4.5-2.fc12
    qbittorrent-2.4.9-1.fc12
    rubygem-cairo-1.10.0-3.fc12
    sane-backends-1.0.21-4.fc12
    skf-1.97.3-1.fc12
    workrave-1.9.2-1.fc12

Details about builds:


================================================================================
 bugzilla-3.4.9-1.fc12 (FEDORA-2010-17235)
 Bug tracking system
--------------------------------------------------------------------------------
Update Information:

The following security issues have been discovered in Bugzilla:

* There is a way to inject both headers and content to users, causing a serious Cross-Site Scripting vulnerability.

* It was possible to see graphs from Old Charts even if you did not have access to a particular product, and you could browse a particular URL to see all product names.

* YUI 2.8.1, which shipped with Bugzilla starting with 3.7.x, contained a security vulnerability. The version of YUI shipped with Bugzilla 4.0rc1 and above has been updated to 2.8.2.

These are tracked by CVE-2010-3764.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Nov  4 2010 Emmanuel Seyman <emmanuel.seyman@xxxxxxxxxxxxxxxx> - 3.4.9-1
- Update to 3.4.9
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #649398 - CVE-2010-3172 bugzilla: header and content injection vulnerability via Server Push
        https://bugzilla.redhat.com/show_bug.cgi?id=649398
  [ 2 ] Bug #649404 - CVE-2010-3764 bugzilla: information leak via Old Charts system
        https://bugzilla.redhat.com/show_bug.cgi?id=649404
--------------------------------------------------------------------------------


================================================================================
 kdebase-workspace-4.4.5-2.fc12 (FEDORA-2010-17243)
 KDE Workspace
--------------------------------------------------------------------------------
Update Information:

This update makes fast user switching work in a KDE/Plasma session running under GDM.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov  3 2010 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> - 4.4.5-2
- use upstream ck-shutdown patch from 4.6 trunk (instead of my old one),
  supports GDM session switching (#560511, kde#186198)
- drop old F11- version of the ck-shutdown patch, F11 is EOL
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #560511 - Unable to switch user from KDE under GDM
        https://bugzilla.redhat.com/show_bug.cgi?id=560511
--------------------------------------------------------------------------------


================================================================================
 qbittorrent-2.4.9-1.fc12 (FEDORA-2010-17260)
 A Bittorrent Client
--------------------------------------------------------------------------------
Update Information:

* Sun Oct 31 2010 - Christophe Dumez <chris@xxxxxxxxxxxxxxx> - v2.4.9
    - BUGFIX: Fix crash when pressing enter in save path field in torrent addition dialog
    - BUGFIX: Fix crash when deleting a torrent with no metadata (closes #667528)
    - BUGFIX: Fix possible crash on clicking a RSS article (closes #575624)
    - BUGFIX: Correctly update total number of torrents when a torrent is automatically removed (closes #668726)
    - BUGFIX: Correctly display the hash of torrents with no metadata
    - BUGFIX: Elide status bar text if it is too wide
    - BUGFIX: Make sure the splash screen is displayed for 2 seconds
    - BUGFIX: Make listening on a particular interface more reliable
    - BUGFIX: Fix torrent size update in torrent addition dialog
    - BUGFIX: Fix possible crash on qBittorrent shutdown
    - BUGFIX: Fix and improve file priorities editing (closes #669084)
    - I18N: Updated Arabic, Italian and Croatian translations
--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov  1 2010 leigh scott <leigh123linux@xxxxxxxxxxxxxx> - 1:2.4.9-1
- update to 2.4.9
--------------------------------------------------------------------------------


================================================================================
 rubygem-cairo-1.10.0-3.fc12 (FEDORA-2010-17237)
 Ruby bindings for cairo
--------------------------------------------------------------------------------
Update Information:

Move C extension library so that 'require "cairo"' works without compat ruby-cairo subpackage being installed.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Oct 31 2010 Mamoru Taska  <mtasaka@xxxxxxxxxxxxxxxxxxx> 1.10.0-3
- Move C extension so that "require %gemname" works correctly
--------------------------------------------------------------------------------


================================================================================
 sane-backends-1.0.21-4.fc12 (FEDORA-2010-17264)
 Scanner access software
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov  3 2010 Nils Philippsen <nils@xxxxxxxxxx> - 1.0.21-4
- xerox_mfp: correct color mode malfunction (#614949)
- xerox_mfp: add USB id for SCX-4500W (#614948)
* Fri Jun 25 2010 Nils Philippsen <nils@xxxxxxxxxx> - 1.0.21-3
- build with -fno-strict-aliasing
- use PIC/PIE because SANE-enabled software is likely to deal with data coming
  from untrusted sources (client <-> saned via network)
* Mon Jun  7 2010 Nils Philippsen <nils@xxxxxxxxxx>
- rectify devel subpackage description
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #614948 - No SCX-4500W in libsane.rules
        https://bugzilla.redhat.com/show_bug.cgi?id=614948
  [ 2 ] Bug #614949 - sane-backends-1.0.21-2 broke SCX-4500W color scanning
        https://bugzilla.redhat.com/show_bug.cgi?id=614949
--------------------------------------------------------------------------------


================================================================================
 skf-1.97.3-1.fc12 (FEDORA-2010-17267)
 Utility binary files in Simple Kanji Filter
--------------------------------------------------------------------------------
Update Information:

New version 1.97.3 is released.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Nov  4 2010 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxxxx> - 1.97.3-1
- 1.97.3
--------------------------------------------------------------------------------


================================================================================
 workrave-1.9.2-1.fc12 (FEDORA-2010-17246)
 Program that assists in the recovery and prevention of RSI
--------------------------------------------------------------------------------
Update Information:

This new upstream release adds a few small UI improvements and fixes many bugs including some aborts due to X errors.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov  3 2010 Tomas Mraz <tmraz@xxxxxxxxxx> - 1.9.2-1
- new upstream release hopefully fixing at least some of the aborts
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe: 
https://admin.fedoraproject.org/mailman/listinfo/test
[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux