The following Fedora 13 Security updates need testing: https://admin.fedoraproject.org/updates/dhcp-4.1.1-27.P1.fc13 https://admin.fedoraproject.org/updates/freetype-2.3.11-7.fc13 https://admin.fedoraproject.org/updates/mod_fcgid-2.3.6-1.fc13 https://admin.fedoraproject.org/updates/mailman-2.1.12-16.fc13 https://admin.fedoraproject.org/updates/cups-1.4.4-11.fc13 https://admin.fedoraproject.org/updates/clamav-0.96.4-1300.fc13 https://admin.fedoraproject.org/updates/libtlen-0-0.10.20060309.fc13 https://admin.fedoraproject.org/updates/mingw32-OpenSceneGraph-2.8.2-3.fc13 The following Fedora 13 Critical Path updates have yet to be approved: https://admin.fedoraproject.org/updates/gcc-4.4.5-2.fc13 https://admin.fedoraproject.org/updates/freetype-2.3.11-7.fc13 https://admin.fedoraproject.org/updates/gnome-desktop-2.30.2-1.fc13 https://admin.fedoraproject.org/updates/mingetty-1.08-6.fc13 https://admin.fedoraproject.org/updates/chkconfig-1.3.49-1.fc13 https://admin.fedoraproject.org/updates/tzdata-2010o-1.fc13 https://admin.fedoraproject.org/updates/libcap-ng-0.6.5-1.fc13 https://admin.fedoraproject.org/updates/sendmail-8.14.4-6.fc13 https://admin.fedoraproject.org/updates/hunspell-1.2.8-18.fc13 https://admin.fedoraproject.org/updates/livecd-tools-0.3.5-1.fc13 https://admin.fedoraproject.org/updates/NetworkManager-0.8.1-10.git20100831.fc13 https://admin.fedoraproject.org/updates/gnome-settings-daemon-2.30.1-9.fc13 https://admin.fedoraproject.org/updates/mash-0.5.20-1.fc13 https://admin.fedoraproject.org/updates/openldap-2.4.21-11.fc13 https://admin.fedoraproject.org/updates/nss-3.12.7-4.fc13,nss-util-3.12.7-2.fc13,nss-softokn-3.12.7-3.fc13,nspr-4.8.6-1.fc13 https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-7.fc13 The following builds have been pushed to Fedora 13 updates-testing eazykeyboard-2.0-3.fc13 erlang-lfe-0.6.1-4.fc13 extremetuxracer-0.4-5.fc13 freetype-2.3.11-7.fc13 gcc-4.4.5-2.fc13 ibus-skk-1.3.3-1.fc13 ipython-0.10.1-3.fc13 libtlen-0-0.10.20060309.fc13 openarena-0.8.5-2.fc13 pdfjam-2.07-1.fc13 python-visual-5.32-10.fc13 quake3-1.36-8.svn1802.fc13 quvi-0.2.8-1.fc13 rubygem-echoe-4.3.1-2.fc13 rubygem-timecop-0.3.5-2.fc13 scantailor-0.9.9.2-1.fc13 smartmontools-5.40-3.fc13 Details about builds: ================================================================================ eazykeyboard-2.0-3.fc13 (FEDORA-2010-17752) A simple onscreen keyboard -------------------------------------------------------------------------------- Update Information: Description: Eazykeyboard provides a simple onscreen keyboard that can be used to type with keyboard or mouse into application windows. It is useful for physically impaired people and who are unfamiliar with certain keyboard layout. -------------------------------------------------------------------------------- References: [ 1 ] Bug #616177 - Review Request: eazykeyboard - A simple onscreen keyboard https://bugzilla.redhat.com/show_bug.cgi?id=616177 -------------------------------------------------------------------------------- ================================================================================ erlang-lfe-0.6.1-4.fc13 (FEDORA-2010-17723) Lisp Flavoured Erlang -------------------------------------------------------------------------------- Update Information: * Initial build -------------------------------------------------------------------------------- References: [ 1 ] Bug #639278 - Review Request: erlang-lfe - Lisp Flavoured Erlang https://bugzilla.redhat.com/show_bug.cgi?id=639278 -------------------------------------------------------------------------------- ================================================================================ extremetuxracer-0.4-5.fc13 (FEDORA-2010-17741) 3D racing game featuring Tux -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 15 2010 Nils Philippsen <nils@xxxxxxxxxx> 0.4-5 - don't call null members (#652913) * Mon Nov 15 2010 Nils Philippsen <nils@xxxxxxxxxx> 0.4-4 - rebuild against new toolchain -------------------------------------------------------------------------------- References: [ 1 ] Bug #652913 - [abrt] extremetuxracer-0.4-3.fc12: Process /usr/bin/etracer was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=652913 -------------------------------------------------------------------------------- ================================================================================ freetype-2.3.11-7.fc13 (FEDORA-2010-17728) A free and portable font rendering engine -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 15 2010 Marek Kasik <mkasik@xxxxxxxxxx> 2.3.11-7 - Add freetype-2.3.11-CVE-2010-3855.patch (Protect against invalid `runcnt' values.) - Resolves: #651764 -------------------------------------------------------------------------------- References: [ 1 ] Bug #645275 - CVE-2010-3855 Freetype : Heap based buffer overflow in ft_var_readpackedpoints() https://bugzilla.redhat.com/show_bug.cgi?id=645275 -------------------------------------------------------------------------------- ================================================================================ gcc-4.4.5-2.fc13 (FEDORA-2010-17739) Various compilers (C, C++, Objective-C, Java, ...) -------------------------------------------------------------------------------- ChangeLog: * Sat Nov 13 2010 Jakub Jelinek <jakub@xxxxxxxxxx> 4.4.5-2 - update from gcc-4_4-branch - PRs bootstrap/44621, c++/18451, c++/40738, c++/46024, fortran/33595, fortran/42169, fortran/46140, libfortran/45710, libgfortran/46010, libgfortran/46373, middle-end/43690, middle-end/44569, middle-end/46019, middle-end/46419, target/45820, target/45946, target/46419, testsuite/40858, testsuite/45543, tree-optimization/46107 - fix asm goto handling (PR rtl-opt/46226) - -Wunused-but-set* fix for computed goto (PR c/46015) - fix -Wunused-but-set* for ObjC and ObjC++ - VTA backports - PRs debug/45656, debug/45939, debug/46252, debug/46255, tree-optimization/46066, tree-optimization/46099 * Fri Oct 1 2010 Jakub Jelinek <jakub@xxxxxxxxxx> 4.4.5-1 - update from gcc-4_4-branch - GCC 4.4.5 release - PRs boehm-gc/34544, c++/44991, c++/45315, c/44555, fortran/31588, fortran/43954, fortran/44660, fortran/45595, libffi/45677, libfortran/45532, middle-end/40386, middle-end/41551, middle-end/42245, middle-end/42509, middle-end/44554, middle-end/44632, middle-end/44763, middle-end/45234, middle-end/45262, middle-end/45312, middle-end/45423, middle-end/45678, other/45443, rtl-optimization/39453, rtl-optimization/40101, rtl-optimization/41697, rtl-optimization/42246, rtl-optimization/42249, rtl-optimization/42294, rtl-optimization/42388, rtl-optimization/42389, rtl-optimization/42775, rtl-optimization/44691, rtl-optimization/44919, rtl-optimization/45353, rtl-optimization/45728, target/35664, target/41484, target/44452, target/44575, target/44805, target/45070, target/45296, target/45843, tree-optimization/44977, tree-optimization/45109, tree-optimization/45709 - yet another -Wunused-but-set* fix for C++ consts in templates (PR c++/45588) - emit slightly more compact .eh_frame - VTA backports - PRs debug/45055, debug/45500, middle-end/45484, rtl-optimization/45137 - fix ICE in output_die with function local types (#527510, PR debug/41063) - speed up locale::locale() ctor if _S_global hasn't been changed (#635708, PR libstdc++/40088) - fix ICE in dwarf2out_finish (#632847, PR debug/45660) - fix VTA ICE in caller-save.c (#622060, PR debug/45259) - fix -freorder-blocks-and-partition -fnon-call-exceptions (PR middle-end/45458) - ivopts improvements (#592502) * Tue Aug 31 2010 Dennis Gilmore <dennis@xxxxxxxx> 4.4.4-14 - enable cloog on sparc arches * Mon Jul 26 2010 Jakub Jelinek <jakub@xxxxxxxxxx> 4.4.4-13 - update from gcc-4_4-branch - PRs fortran/45019, target/42869, target/44942, testsuite/38946 - VTA backports - PRs debug/45015, bootstrap/45028 - var-tracking improvements (#616050, PR debug/45003, PR debug/45006) - fix fortran SELECT CASE handling with CHARACTER type (PR fortran/40206) - small OpenMP debug info improvements (#533181) * Tue Jul 13 2010 Jakub Jelinek <jakub@xxxxxxxxxx> 4.4.4-12 - update from gcc-4_4-branch - PRs fortran/44582, fortran/44773, fortran/44847, pch/14940, target/33743 - fix inline-asm check for auto-inc-dec operands (PR testsuite/44701) - use DW_OP_const[48]u instead of DW_OP_addr for DW_OP_GNU_push_tls_address operand * Wed Jul 7 2010 Jakub Jelinek <jakub@xxxxxxxxxx> 4.4.4-11 - update from gcc-4_4-branch - PRs target/44597, target/44705 - VTA backports - PR c++/44808 - avoid outputting invalid registers in debug info (#610455) - -Wunused-but-set-* vector assignment fix (PR c++/44780) - fix PowerPC address reloading for inline-asms (#608768, PR target/44707) - fix predictive commoning (#609488, PR tree-optimization/40421) - fix SRA not to do useless sign-extensions that confuses ivopts (#610785) - fix IPP handling in libgcj (#578382) -------------------------------------------------------------------------------- ================================================================================ ibus-skk-1.3.3-1.fc13 (FEDORA-2010-17744) Japanese SKK input method for ibus -------------------------------------------------------------------------------- Update Information: new upstream release -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 9 2010 Daiki Ueno <dueno@xxxxxxxxxx> - 1.3.3-1 - new upstream release -------------------------------------------------------------------------------- ================================================================================ ipython-0.10.1-3.fc13 (FEDORA-2010-17754) An enhanced interactive Python shell -------------------------------------------------------------------------------- Update Information: This makes ipython not require gtk anymore, when using a console. -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 15 2010 Thomas Spura <tomspur@xxxxxxxxxxxxxxxxx> - 0.10.1-3 - add fix for #646079 and use upstream fix for #628742 * Mon Oct 18 2010 Thomas Spura <tomspur@xxxxxxxxxxxxxxxxx> - 0.10.1-2 - argparse is in python 2.7 and 3.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #646079 - [abrt] ipython-0.10.1-1.fc13: __init__.py:52:_init:RuntimeError: could not open display https://bugzilla.redhat.com/show_bug.cgi?id=646079 [ 2 ] Bug #628742 - [abrt] ipython-0.10-6.fc13: PyColorize.py:281:main:IOError: [Errno 2] No such file or directory: 'HI' https://bugzilla.redhat.com/show_bug.cgi?id=628742 -------------------------------------------------------------------------------- ================================================================================ libtlen-0-0.10.20060309.fc13 (FEDORA-2010-17732) Tlen.pl client library -------------------------------------------------------------------------------- Update Information: This update unbundles the old copy of expat included in libtlen, fixing CVE-2009-3720 and possibly other vulnerabilities already fixed in system expat. -------------------------------------------------------------------------------- ChangeLog: * Sun Nov 14 2010 Dominik Mierzejewski <rpm@xxxxxxxxxxxxxx> 0-0.10.20060309 - fix source URL - unbundle expat (fix bug #652502, CVE-2009-3720) -------------------------------------------------------------------------------- References: [ 1 ] Bug #652502 - libtlen contains an embedded copy of expat, prone to CVE-2009-3720 https://bugzilla.redhat.com/show_bug.cgi?id=652502 -------------------------------------------------------------------------------- ================================================================================ openarena-0.8.5-2.fc13 (FEDORA-2010-17749) Open source first person shooter -------------------------------------------------------------------------------- Update Information: Fix compatibility with network play with official openarena servers -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 12 2010 Hans de Goede <hdegoede@xxxxxxxxxx> - 0.8.5-2 - Fix compability with network play with official openarena servers (#565763) - Various specfile cleanups -------------------------------------------------------------------------------- References: [ 1 ] Bug #565763 - Multiplayer errors https://bugzilla.redhat.com/show_bug.cgi?id=565763 -------------------------------------------------------------------------------- ================================================================================ pdfjam-2.07-1.fc13 (FEDORA-2010-17759) Utilities for joining, rotating and aligning PDFs -------------------------------------------------------------------------------- Update Information: - update to latest upstream release - test suite now enabled during build process -------------------------------------------------------------------------------- ChangeLog: * Sun Nov 14 2010 Michel Salim <salimma@xxxxxxxxxxxxxxxxx> - 2.07-1 - Update to 2.07 -------------------------------------------------------------------------------- References: [ 1 ] Bug #640530 - pdfjam: update package to new version (2.0.7) https://bugzilla.redhat.com/show_bug.cgi?id=640530 -------------------------------------------------------------------------------- ================================================================================ python-visual-5.32-10.fc13 (FEDORA-2010-17721) 3D Programming -------------------------------------------------------------------------------- Update Information: Initial import of this package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #580984 - SIGSEGV in gdk_gl_get_proc_address as called by cvisual::display_kernel::realize by cvisualmodule.so https://bugzilla.redhat.com/show_bug.cgi?id=580984 [ 2 ] Bug #537983 - Review Request: python-visual - 3D Programming https://bugzilla.redhat.com/show_bug.cgi?id=537983 -------------------------------------------------------------------------------- ================================================================================ quake3-1.36-8.svn1802.fc13 (FEDORA-2010-17749) Quake 3 Arena engine (ioquake3 version) -------------------------------------------------------------------------------- Update Information: Fix compatibility with network play with official openarena servers -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 11 2010 Hans de Goede <hdegoede@xxxxxxxxxx> 1.36-8.svn1802 - Update release to svn revision (r1802) - Add a whole bunch of patches from Debian which allow using ioquake3 as an engine for total conversions and compability with network play with official openarena servers (#565763) - Remove our own hacks for ioquake3 as an engine for total conversions -------------------------------------------------------------------------------- References: [ 1 ] Bug #565763 - Multiplayer errors https://bugzilla.redhat.com/show_bug.cgi?id=565763 -------------------------------------------------------------------------------- ================================================================================ quvi-0.2.8-1.fc13 (FEDORA-2010-17740) Command line tool for parsing video download links -------------------------------------------------------------------------------- Update Information: Update to 0.2.8 -------------------------------------------------------------------------------- ChangeLog: * Sun Nov 14 2010 Nicoleau Fabien <nicoleau.fabien@xxxxxxxxx> 0.2.8-1 - Update to 0.2.8 -------------------------------------------------------------------------------- ================================================================================ rubygem-echoe-4.3.1-2.fc13 (FEDORA-2010-17736) A Rubygems packaging tool that provides Rake tasks for documentation, extension compiling, testing, and deployment -------------------------------------------------------------------------------- References: [ 1 ] Bug #588433 - Review Request: rubygem-echoe - ruby gem pacaking tool https://bugzilla.redhat.com/show_bug.cgi?id=588433 -------------------------------------------------------------------------------- ================================================================================ rubygem-timecop-0.3.5-2.fc13 (FEDORA-2010-17724) Provides a unified method to mock Time.now, Date.today in a single call -------------------------------------------------------------------------------- References: [ 1 ] Bug #642985 - Review Request: rubygem-timecop - Provides a unified method to mock Time.now, Date.today in a single call https://bugzilla.redhat.com/show_bug.cgi?id=642985 -------------------------------------------------------------------------------- ================================================================================ scantailor-0.9.9.2-1.fc13 (FEDORA-2010-17746) An interactive post-processing tool for scanned pages -------------------------------------------------------------------------------- Update Information: * Fixed page sorting issues on Linux. * Fixed improper calculation of cut-off page outline. * Fixed pages re-appearing in a project after being removed half-by-half. * German and French translations were added. * Compatibility with the latest version of boost. -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 15 2010 Jan Horak <jhorak@xxxxxxxxxx> - 0.9.9.2-1 - Update to 0.9.9.2 -------------------------------------------------------------------------------- ================================================================================ smartmontools-5.40-3.fc13 (FEDORA-2010-17580) Tools for monitoring SMART capable hard disks -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 15 2010 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 1:5.40-3 - megaraid: Fix segfault on non-data commands (#577935) * Tue Nov 9 2010 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 1:5.40-2 - don't forget to restart smartd service after update (#651211) -------------------------------------------------------------------------------- References: [ 1 ] Bug #651211 - smartd doesn't restart after smartmontools package update https://bugzilla.redhat.com/show_bug.cgi?id=651211 [ 2 ] Bug #577935 - Smartctl segmentation fault and crash followed by kernel invalid opcode trace https://bugzilla.redhat.com/show_bug.cgi?id=577935 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test