The following Fedora 12 Security updates need testing: https://admin.fedoraproject.org/updates/freetype-2.3.11-7.fc12 https://admin.fedoraproject.org/updates/bzip2-1.0.6-1.fc12 https://admin.fedoraproject.org/updates/mailman-2.1.12-10.fc12 https://admin.fedoraproject.org/updates/gif2png-2.5.1-1202.fc12 https://admin.fedoraproject.org/updates/cups-1.4.4-11.fc12 https://admin.fedoraproject.org/updates/pam-1.1.1-6.fc12 https://admin.fedoraproject.org/updates/clamav-0.96.4-1200.fc12 https://admin.fedoraproject.org/updates/libtlen-0-0.10.20060309.fc12 https://admin.fedoraproject.org/updates/mod_fcgid-2.3.6-1.fc12 The following Fedora 12 Critical Path updates have yet to be approved: https://admin.fedoraproject.org/updates/freetype-2.3.11-7.fc12 https://admin.fedoraproject.org/updates/mingetty-1.08-6.fc12 https://admin.fedoraproject.org/updates/tzdata-2010o-1.fc12 https://admin.fedoraproject.org/updates/pungi-2.0.20.1-1.fc12 https://admin.fedoraproject.org/updates/NetworkManager-0.8.1-10.git20100831.fc12 https://admin.fedoraproject.org/updates/pam-1.1.1-6.fc12 https://admin.fedoraproject.org/updates/findutils-4.4.2-7.fc12 https://admin.fedoraproject.org/updates/nss-softokn-3.12.4-16.fc12 https://admin.fedoraproject.org/updates/xorg-x11-drv-ati-6.13.0-0.22.20100316git819b4015.fc12 https://admin.fedoraproject.org/updates/binutils-2.19.51.0.14-38.fc12 https://admin.fedoraproject.org/updates/util-linux-ng-2.16.2-4.fc12 https://admin.fedoraproject.org/updates/xorg-x11-drv-synaptics-1.2.0-3.fc12 https://admin.fedoraproject.org/updates/findutils-4.4.2-5.fc12 The following builds have been pushed to Fedora 12 updates-testing freetype-2.3.11-7.fc12 libtlen-0-0.10.20060309.fc12 scantailor-0.9.9.2-1.fc12 smartmontools-5.39.1-3.fc12 Details about builds: ================================================================================ freetype-2.3.11-7.fc12 (FEDORA-2010-17755) A free and portable font rendering engine -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 15 2010 Marek Kasik <mkasik@xxxxxxxxxx> 2.3.11-7 - Add freetype-2.3.11-CVE-2010-3855.patch (Protect against invalid `runcnt' values.) - Resolves: #651764 -------------------------------------------------------------------------------- References: [ 1 ] Bug #645275 - CVE-2010-3855 Freetype : Heap based buffer overflow in ft_var_readpackedpoints() https://bugzilla.redhat.com/show_bug.cgi?id=645275 -------------------------------------------------------------------------------- ================================================================================ libtlen-0-0.10.20060309.fc12 (FEDORA-2010-17762) Tlen.pl client library -------------------------------------------------------------------------------- Update Information: This update unbundles the old copy of expat included in libtlen, fixing CVE-2009-3720 and possibly other vulnerabilities already fixed in system expat. -------------------------------------------------------------------------------- ChangeLog: * Sun Nov 14 2010 Dominik Mierzejewski <rpm@xxxxxxxxxxxxxx> 0-0.10.20060309 - fix source URL - unbundle expat (fix bug #652502, CVE-2009-3720) -------------------------------------------------------------------------------- References: [ 1 ] Bug #652502 - libtlen contains an embedded copy of expat, prone to CVE-2009-3720 https://bugzilla.redhat.com/show_bug.cgi?id=652502 -------------------------------------------------------------------------------- ================================================================================ scantailor-0.9.9.2-1.fc12 (FEDORA-2010-17753) An interactive post-processing tool for scanned pages -------------------------------------------------------------------------------- Update Information: * Fixed page sorting issues on Linux. * Fixed improper calculation of cut-off page outline. * Fixed pages re-appearing in a project after being removed half-by-half. * German and French translations were added. * Compatibility with the latest version of boost. -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 15 2010 Jan Horak <jhorak@xxxxxxxxxx> - 0.9.9.2-1 - Update to 0.9.9.2 -------------------------------------------------------------------------------- ================================================================================ smartmontools-5.39.1-3.fc12 (FEDORA-2010-17748) Tools for monitoring SMART capable hard disks -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 15 2010 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 1:5.39.1-3 - megaraid: Fix segfault on non-data commands (#577935) * Wed Nov 10 2010 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 1:5.39.1-2 - don't forget to restart smartd service after update (#651211) -------------------------------------------------------------------------------- References: [ 1 ] Bug #651211 - smartd doesn't restart after smartmontools package update https://bugzilla.redhat.com/show_bug.cgi?id=651211 [ 2 ] Bug #577935 - Smartctl segmentation fault and crash followed by kernel invalid opcode trace https://bugzilla.redhat.com/show_bug.cgi?id=577935 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test