The following Fedora 13 Security updates need testing:
https://admin.fedoraproject.org/updates/dhcp-4.1.1-27.P1.fc13
https://admin.fedoraproject.org/updates/banshee-1.6.1-4.fc13
https://admin.fedoraproject.org/updates/mod_fcgid-2.3.6-1.fc13
https://admin.fedoraproject.org/updates/gromacs-4.5.2-2.fc13
https://admin.fedoraproject.org/updates/seamonkey-2.0.10-1.fc13
https://admin.fedoraproject.org/updates/mailman-2.1.12-16.fc13
https://admin.fedoraproject.org/updates/bugzilla-3.4.9-1.fc13
https://admin.fedoraproject.org/updates/bristol-0.40.7-7.fc13
https://admin.fedoraproject.org/updates/moodle-1.9.10-1.fc13
https://admin.fedoraproject.org/updates/clamav-0.96.4-1300.fc13
https://admin.fedoraproject.org/updates/proftpd-1.3.3c-1.fc13
https://admin.fedoraproject.org/updates/libguestfs-1.6.0-1.fc13.1
https://admin.fedoraproject.org/updates/libsmi-0.4.8-5.fc13
The following Fedora 13 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/sendmail-8.14.4-6.fc13
https://admin.fedoraproject.org/updates/hunspell-1.2.8-18.fc13
https://admin.fedoraproject.org/updates/livecd-tools-0.3.5-1.fc13
https://admin.fedoraproject.org/updates/NetworkManager-0.8.1-10.git20100831.fc13
https://admin.fedoraproject.org/updates/crontabs-1.11-1.20101022git.fc13
https://admin.fedoraproject.org/updates/gnome-settings-daemon-2.30.1-9.fc13
https://admin.fedoraproject.org/updates/selinux-policy-3.7.19-69.fc13
https://admin.fedoraproject.org/updates/upstart-0.6.5-7.fc13
https://admin.fedoraproject.org/updates/mash-0.5.20-1.fc13
https://admin.fedoraproject.org/updates/openldap-2.4.21-11.fc13
https://admin.fedoraproject.org/updates/nss-3.12.7-4.fc13,nss-util-3.12.7-2.fc13,nss-softokn-3.12.7-3.fc13,nspr-4.8.6-1.fc13
https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-7.fc13
The following builds have been pushed to Fedora 13 updates-testing
clamav-0.96.4-1300.fc13
cmake-fedora-0.3.1-1.fc13
django-tracking-0.2.7-1.fc13
gummi-0.5.3-1.fc13
hunspell-1.2.8-18.fc13
mod_fcgid-2.3.6-1.fc13
mozc-0.13.523.102-0.1.20101104svn.fc13
netpbm-10.47.21-1.fc13
perl-SystemPerl-1.336-1.fc13
perl-Verilog-Perl-3.304-1.fc13
python-dulwich-0.6.2-1.fc13
quassel-0.7.1-1.fc13
recoll-1.14.2-1.fc13
rubygem-atk-0.90.5-2.fc13
rubygem-commander-4.0.3-3.fc13
rubygem-gdk_pixbuf2-0.90.5-2.fc13
rubygem-gio2-0.90.5-3.fc13
rubygem-glib2-0.90.5-3.fc13
rubygem-gtk2-0.90.5-2.fc13
rubygem-pango-0.90.5-2.fc13
rubygem-progressbar-0.9.0-2.fc13
rubygem-sequel-3.16.0-6.fc13
sendmail-8.14.4-6.fc13
tkabber-0.11.1-2.svn1948.fc13
uget-1.6.1-1.fc13
verilator-3.805-1.fc13
Details about builds:
================================================================================
clamav-0.96.4-1300.fc13 (FEDORA-2010-17439)
End-user tools for the Clam Antivirus scanner
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 31 2010 Enrico Scholz <enrico.scholz@xxxxxxxxxxxxxxxxxxxxxxxxx> - 0.96.4-1300
- updated to 0.96.4
- execute 'make check' (#640347) but ignore errors for now because
four checks are failing on f13
* Wed Sep 29 2010 Enrico Scholz <enrico.scholz@xxxxxxxxxxxxxxxxxxxxxxxxx>
- lowered stop priority of sysv initscripts (#629435)
* Wed Sep 22 2010 Enrico Scholz <enrico.scholz@xxxxxxxxxxxxxxxxxxxxxxxxx> - 0.96.3-1300
- updated to 0.96.3
- fixes CVE-2010-0405 in shipped bzlib.c copy
* Sun Aug 15 2010 Enrico Scholz <enrico.scholz@xxxxxxxxxxxxxxxxxxxxxxxxx> - 0.96.2-1300
- updated to 0.96.2
- rediffed patches
- removed the -jit-disable patch which is replaced upstream by a more
detailed configuration option.
* Wed Aug 11 2010 Enrico Scholz <enrico.scholz@xxxxxxxxxxxxxxxxxxxxxxxxx>
- use 'groupmems', not 'usermod' to add a user to a group because
'usermod' does not work when user does not exist in local /etc/passwd
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #627882 - CVE-2010-0405 bzip2: integer overflow flaw in BZ2_decompress
https://bugzilla.redhat.com/show_bug.cgi?id=627882
--------------------------------------------------------------------------------
================================================================================
cmake-fedora-0.3.1-1.fc13 (FEDORA-2010-17440)
CMake helper modules for fedora developers
--------------------------------------------------------------------------------
Update Information:
- SETTING_FILE_GET_VARIABLES_PATTERN:
Fixed: unable to use relative path problem.
Fixed: UNQUOTE and NOESCAPE_SEMICOLON can now used together.
- New macro: SETTING_FILE_GET_VARIABLES_PATTERN
- New macro: PACK_SOURCE_FILES
- Fixed: Variable lost in SETTING_FILE_GET_ALL_VARIABLES and
SETTING_FILE_GET_VARABLE.
- Fixed: Variable values won't apply in SETTING_FILE_GET_ALL_VARIABLES
- UseUninstall finds cmake_uninstall.in in additional paths:
/usr/share/cmake/Modules and /usr/share/cmake/Modules
- Minor improvements in CMakeLists.txt and project.spec.in templates.
- Add new project building script.
- Build for EL-5, EL-6
- Add el5, el6 build.
- Fixed errors in UseFedpkg.
- Fixed target: tag
- Fixed target: bodhi_new
Initial submission.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 8 2010 Ding-Yi Chen <dchen at redhat.com> - 0.3.1-1
- SETTING_FILE_GET_VARIABLES_PATTERN:
Fixed: unable to use relative path problem.
Fixed: UNQUOTE and NOESCAPE_SEMICOLON can now used together.
* Wed Oct 20 2010 Ding-Yi Chen <dchen at redhat.com> - 0.2.4-1
- cmake-fedora-newprj.sh: New option "-e" that extract value from specified
spec or spec.in.
- Now usage is printed instead of junk output when project_name is not given.
- Source code (whatever is packed) and tarball dependency now checked.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #639816 - Review Request: cmake-fedora - CMake helper modules for fedora developers
https://bugzilla.redhat.com/show_bug.cgi?id=639816
--------------------------------------------------------------------------------
================================================================================
django-tracking-0.2.7-1.fc13 (FEDORA-2010-17442)
Django site visitor tracking, including basic blacklisting
--------------------------------------------------------------------------------
Update Information:
Here is where you
give an explanation of
your update.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #645354 - Review Request: django-tracking - Django site visitor tracking, including basic blacklisting
https://bugzilla.redhat.com/show_bug.cgi?id=645354
--------------------------------------------------------------------------------
================================================================================
gummi-0.5.3-1.fc13 (FEDORA-2010-17449)
A simple LaTeX editor
--------------------------------------------------------------------------------
Update Information:
* Mon Nov 01 2010 Fabian Affolter <fabian@xxxxxxxxxxxxxxxxx> - 0.5.3-1
- BRs adjusted
- Updated to new upstream version 0.5.3
* Sat Oct 23 2010 Fabian Affolter <fabian@xxxxxxxxxxxxxxxxx> - 0.5.2-1
- Updated to new upstream version 0.5.2
* Sun Oct 10 2010 Fabian Affolter <fabian@xxxxxxxxxxxxxxxxx> - 0.5.1-1
- Updated to new upstream version 0.5.1
* Sat Sep 25 2010 Fabian Affolter <fabian@xxxxxxxxxxxxxxxxx> - 0.5.0-1
- New BRs added
- It's no longer a python package, no longer noarch
- Updated to new upstream version 0.5.0
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 1 2010 Fabian Affolter <fabian@xxxxxxxxxxxxxxxxx> - 0.5.3-1
- BRs adjusted
- Updated to new upstream version 0.5.3
* Sat Oct 23 2010 Fabian Affolter <fabian@xxxxxxxxxxxxxxxxx> - 0.5.2-1
- Updated to new upstream version 0.5.2
* Sun Oct 10 2010 Fabian Affolter <fabian@xxxxxxxxxxxxxxxxx> - 0.5.1-1
- Updated to new upstream version 0.5.1
* Sat Sep 25 2010 Fabian Affolter <fabian@xxxxxxxxxxxxxxxxx> - 0.5.0-1
- New BRs added
- It's no longer a python package, no longer noarch
- Updated to new upstream version 0.5.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #629707 - Gummi will not start due to OSError: /lib/libgobject-2.0.so.0: wrong ELF class: ELFCLASS32
https://bugzilla.redhat.com/show_bug.cgi?id=629707
[ 2 ] Bug #598603 - [abrt] crash in gummi-0.4.5-1.fc13: ConfigParser.py:315:get:NoOptionError: No option 'GtkCheckButton' in section: 'DEFAULT'
https://bugzilla.redhat.com/show_bug.cgi?id=598603
--------------------------------------------------------------------------------
================================================================================
hunspell-1.2.8-18.fc13 (FEDORA-2010-17458)
A spell checker and morphological analyzer library
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 8 2010 Caolan McNamara <caolanm@xxxxxxxxxx> - 1.2.8-18
- Resolves: rhbz#650503 crash in Arabic spellchecking
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #650503 - [abrt] openoffice.org-writer-1:3.2.0-12.33.fc13: Process /usr/lib64/openoffice.org3/program/swriter.bin was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=650503
--------------------------------------------------------------------------------
================================================================================
mod_fcgid-2.3.6-1.fc13 (FEDORA-2010-17434)
FastCGI interface module for Apache 2
--------------------------------------------------------------------------------
Update Information:
This update to the current upstream maintenance release includes a fix for a possible stack buffer overwrite (CVE-2010-3872).
It also changes the default value of FcgidMaxRequestLen from 1GB to 128K; administrators should change this to an appropriate value based on site requirements.
Other changes are described in CHANGES-FCGID document included in the package.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 4 2010 Paul Howarth <paul@xxxxxxxxxxxx> 2.3.6-1
- Update to 2.3.6 (see CHANGES-FCGID for full details)
- Fix possible stack buffer overwrite (CVE-2010-3872)
- Change the default for FcgidMaxRequestLen from 1GB to 128K; administrators
should change this to an appropriate value based on site requirements
- Correct a problem that resulted in FcgidMaxProcesses being ignored in some
situations
- Return 500 instead of segfaulting when the application returns no output
- Don't include SELinux policy for RHEL-5 builds since RHEL >= 5.5 includes it
- Explicitly require /bin/sed for fixconf script
* Tue Jun 8 2010 Paul Howarth <paul@xxxxxxxxxxxx> 2.3.5-2
- SELinux policy module not needed for RHEL-6 onwards
--------------------------------------------------------------------------------
================================================================================
mozc-0.13.523.102-0.1.20101104svn.fc13 (FEDORA-2010-17466)
Open-sourced Google Japanese Input
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 4 2010 Akira TAGOH <tagoh@xxxxxxxxxx> - 0.13.523.102-0.1.20101104svn
- Update to 0.13.523.102.
--------------------------------------------------------------------------------
================================================================================
netpbm-10.47.21-1.fc13 (FEDORA-2010-17469)
A library for handling different graphics file formats
--------------------------------------------------------------------------------
Update Information:
fixes ppmlabel and man pages
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 8 2010 Jindrich Novy <jnovy@xxxxxxxxxx> 10.47.21-1
- update to 10.47.21
- fix HTML pages from which man pages are now generated correctly (#644248)
- fix ppmlabel (#611663)
- add -fno-strict-aliasing to CFLAGS
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #644248 - Manpage for ppmtogif badly formated
https://bugzilla.redhat.com/show_bug.cgi?id=644248
[ 2 ] Bug #611663 - strange output from ppmlabel
https://bugzilla.redhat.com/show_bug.cgi?id=611663
--------------------------------------------------------------------------------
================================================================================
perl-SystemPerl-1.336-1.fc13 (FEDORA-2010-17460)
SystemPerl Perl module
--------------------------------------------------------------------------------
Update Information:
Fix support for Verilog-Perl 3.305; removing defines, bug300.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 7 2010 Chitlesh GOORAH < chitlesh [AT] fedoraproject DOT org > 1.336-1
- new upstream release
* Thu Jul 1 2010 Chitlesh GOORAH < chitlesh [AT] fedoraproject DOT org > 1.335-1
- new upstream release
* Thu Mar 4 2010 Chitlesh GOORAH < chitlesh [AT] fedoraproject DOT org > 1.334-1
- new upstream release
* Tue Sep 15 2009 Chitlesh GOORAH < chitlesh [AT] fedoraproject DOT org > 1.331-1
- New upsteam release
--------------------------------------------------------------------------------
================================================================================
perl-Verilog-Perl-3.304-1.fc13 (FEDORA-2010-17437)
Verilog parsing routines
--------------------------------------------------------------------------------
Update Information:
Fix wrong filename on include file errors, bug289. [Brad Parker]
--------------------------------------------------------------------------------
ChangeLog:
* Sat Nov 6 2010 Chitlesh Goorah <chitlesh [AT] fedoraproject DOT org> 3.304-1
- New upstream release
--------------------------------------------------------------------------------
================================================================================
python-dulwich-0.6.2-1.fc13 (FEDORA-2010-17477)
A python implementation of the Git file formats and protocols
--------------------------------------------------------------------------------
Update Information:
Dulwich is a python implementation of the Git file formats and
protocols. The project is named after the village in which Mr. and
Mrs. Git live in the Monty Python sketch.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #605423 - Review Request: python-dulwich - A python implementation of the Git file formats and protocols
https://bugzilla.redhat.com/show_bug.cgi?id=605423
--------------------------------------------------------------------------------
================================================================================
quassel-0.7.1-1.fc13 (FEDORA-2010-17451)
A modern distributed IRC system
--------------------------------------------------------------------------------
Update Information:
Improved Desktop Environment integration: We now properly support DBusMenu (which gives you a proper tray menu in both GNOME and KDE), improved Ayatana support, and fixed some issues with StatusNotifier
Editable shortcuts for all platforms, not only KDE
Shortcuts for navigation between chats (Alt+Left/Right/Up/Down) -- though there are still some known bugs there
Emacs-style keybindings for the input line
Marker line can now be set manually (Ctrl+R), and one can jump directly to the marker line (Ctrl+K)
Blowfish encryption (via /setkey and /delkey), also known as mircryption, FiSH or RFC 2045
Fullscreen mode
New languages: Greek, Galician, Japanese
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 7 2010 Steven M. Parrish <smparrish@xxxxxxxxx> - 0.7.1-1
- New ustream release
--------------------------------------------------------------------------------
================================================================================
recoll-1.14.2-1.fc13 (FEDORA-2010-17461)
Desktop full text search tool with Qt GUI
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release recoll 1.14.2
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 7 2010 Terje Rosten <terje.rosten@xxxxxxx> - 1.14.2-1
- 1.14.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #648273 - Recoll 1.14.2 is out
https://bugzilla.redhat.com/show_bug.cgi?id=648273
--------------------------------------------------------------------------------
================================================================================
rubygem-atk-0.90.5-2.fc13 (FEDORA-2010-17431)
Ruby binding of ATK-1.0.x
--------------------------------------------------------------------------------
Update Information:
ruby-gtk2 0.90.5 releated gems are released.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 31 2010 Mamoru Taska <mtasaka@xxxxxxxxxxxxxxxxxxx> - 0.90.5-2
- 0.90.5
- Move C extension so that "require %gemname" works correctly
--------------------------------------------------------------------------------
================================================================================
rubygem-commander-4.0.3-3.fc13 (FEDORA-2010-17467)
The complete solution for Ruby command-line executable
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #642572 - Review Request: rubygem-commander - The complete solution for Ruby command-line executable
https://bugzilla.redhat.com/show_bug.cgi?id=642572
--------------------------------------------------------------------------------
================================================================================
rubygem-gdk_pixbuf2-0.90.5-2.fc13 (FEDORA-2010-17431)
Ruby binding of GdkPixbuf-2.x
--------------------------------------------------------------------------------
Update Information:
ruby-gtk2 0.90.5 releated gems are released.
--------------------------------------------------------------------------------
================================================================================
rubygem-gio2-0.90.5-3.fc13 (FEDORA-2010-17431)
Ruby binding of gio-2.0.x
--------------------------------------------------------------------------------
Update Information:
ruby-gtk2 0.90.5 releated gems are released.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
rubygem-glib2-0.90.5-3.fc13 (FEDORA-2010-17431)
Ruby binding of GLib-2.x
--------------------------------------------------------------------------------
Update Information:
ruby-gtk2 0.90.5 releated gems are released.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 31 2010 Mamoru Taska <mtasaka@xxxxxxxxxxxxxxxxxxx> - 0.90.5-3
- 0.90.5
- Move C extension so that "require %gemname" works correctly
--------------------------------------------------------------------------------
================================================================================
rubygem-gtk2-0.90.5-2.fc13 (FEDORA-2010-17431)
Ruby binding of GTK+-2.x
--------------------------------------------------------------------------------
Update Information:
ruby-gtk2 0.90.5 releated gems are released.
--------------------------------------------------------------------------------
================================================================================
rubygem-pango-0.90.5-2.fc13 (FEDORA-2010-17431)
Ruby binding of pango-1.x
--------------------------------------------------------------------------------
Update Information:
ruby-gtk2 0.90.5 releated gems are released.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 31 2010 Mamoru Taska <mtasaka@xxxxxxxxxxxxxxxxxxx> - 0.90.5-2
- 0.90.5
- Move C extension so that "require %gemname" works correctly
--------------------------------------------------------------------------------
================================================================================
rubygem-progressbar-0.9.0-2.fc13 (FEDORA-2010-17481)
Ruby text progress bar generator library
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #642666 - Review Request: rubygem-progressbar - ProgressBar is a text progress bar library for Ruby
https://bugzilla.redhat.com/show_bug.cgi?id=642666
--------------------------------------------------------------------------------
================================================================================
rubygem-sequel-3.16.0-6.fc13 (FEDORA-2010-17468)
The Database Toolkit for Ruby
--------------------------------------------------------------------------------
================================================================================
sendmail-8.14.4-6.fc13 (FEDORA-2010-17464)
A widely used Mail Transport Agent (MTA)
--------------------------------------------------------------------------------
Update Information:
This is an update that fixes m4 ldap_routing macro (#650366), updates sendmail.nm-dispatcher script to handle VPN connections (#577540) and fixes MAXHOSTNAMELEN to be 255 chars.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 8 2010 Jaroslav Åkarvada <jskarvad@xxxxxxxxxx> - 8.14.4-6
- fixed m4 ldap routing macro, backported from 8.14.5.Alpha0, (#650366)
- fixed MAXHOSTNAMELEN (#485380)
- updated sendmail.nm-dispatcher script to handle VPN connections (#577540)
- added comments about purpose of files and patches
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #650366 - LDAP-less routing broken
https://bugzilla.redhat.com/show_bug.cgi?id=650366
[ 2 ] Bug #577540 - sendmail's NM dispatcher script should react to VPN connections
https://bugzilla.redhat.com/show_bug.cgi?id=577540
--------------------------------------------------------------------------------
================================================================================
tkabber-0.11.1-2.svn1948.fc13 (FEDORA-2010-17446)
Client for the Jabber instant messaging system
--------------------------------------------------------------------------------
Update Information:
Client for the Jabber instant messaging system
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #650180 - Review Request: tkabber - Client for the Jabber instant messaging system
https://bugzilla.redhat.com/show_bug.cgi?id=650180
--------------------------------------------------------------------------------
================================================================================
uget-1.6.1-1.fc13 (FEDORA-2010-17465)
Download manager using GTK+ and libcurl
--------------------------------------------------------------------------------
Update Information:
New version 1.6.1 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 29 2010 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxxxx> - 1.6.1-1
- 1.6.1
--------------------------------------------------------------------------------
================================================================================
verilator-3.805-1.fc13 (FEDORA-2010-17445)
A fast simulator for synthesizable Verilog
--------------------------------------------------------------------------------
Update Information:
Verilator 3.805 2010/11/02
Add warning when directory contains spaces, msg378. [Salman Sheikh]
Fix wrong filename on include file errors, bug289. [Brad Parker]
Fix segfault on SystemVerilog âoutput wire foo=0â, bug291. [Joshua Wise]
Fix DPI export name not found, msg369. [Terry Chen]
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 7 2010 Chitlesh Goorah <chitlesh [AT] fedoraproject DOT org> - 3.805-1
- updated to 3.805
--------------------------------------------------------------------------------
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
