The following Fedora 14 Security updates need testing:
https://admin.fedoraproject.org/updates/mailman-2.1.13-6.fc14
https://admin.fedoraproject.org/updates/udunits2-2.1.19-1.fc14
https://admin.fedoraproject.org/updates/libvpx-0.9.5-2.fc14
https://admin.fedoraproject.org/updates/dracut-006-5.fc14,udev-161-7.fc14
https://admin.fedoraproject.org/updates/libtlen-0-0.10.20060309.fc14
https://admin.fedoraproject.org/updates/exim-4.72-2.fc14
https://admin.fedoraproject.org/updates/openconnect-2.26-4.fc14
The following Fedora 14 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/alsa-lib-1.0.23-2.fc14
https://admin.fedoraproject.org/updates/parted-2.3-4.fc14
https://admin.fedoraproject.org/updates/dracut-006-5.fc14,udev-161-7.fc14
https://admin.fedoraproject.org/updates/makebootfat-1.4-11.fc14
https://admin.fedoraproject.org/updates/livecd-tools-14.0-1.fc14
https://admin.fedoraproject.org/updates/libgsf-1.14.18-6.fc14
https://admin.fedoraproject.org/updates/perl-5.12.2-138.fc14
https://admin.fedoraproject.org/updates/perl-5.12.2-137.fc14
https://admin.fedoraproject.org/updates/libwnck-2.30.4-1.fc14
The following builds have been pushed to Fedora 14 updates-testing
ReviewBoard-1.5.1-18.fc14
alsa-lib-1.0.23-2.fc14
augeas-0.7.4-1.fc14
culmus-fonts-0.120-1.fc14
debootstrap-1.0.26-1.fc14
django-evolution-0.6.2-1.fc14
dracut-006-5.fc14
erlang-rebar-2-3.20101120git90058c7.fc14
evince-2.32.0-2.fc14
freefem++-3.10-1.fc14
gdcm-2.0.16-7.fc14
gnucash-2.3.17-1.fc14
ibus-1.3.7-14.fc14
iscan-firmware-2.25.1-1.fc14
lightsquid-1.8-9.fc14
lshw-B.02.15-1.fc14
mingw32-boost-1.44.0-1.fc14
mrtg-2.16.4-2.fc14
openconnect-2.26-4.fc14
perl-Image-ExifTool-8.40-1.fc14
pyliblo-0.9.0-2.fc14
python-djblets-0.6.6-11.fc14
qbittorrent-2.4.11-1.fc14
rhn-custom-info-5.4.5-1.fc14
rubygem-i18n-0.4.2-2.fc14
samba-3.5.6-71.fc14
solfege-3.18.7-1.fc14
udev-161-7.fc14
wireshark-1.4.2-1.fc14
x-tile-1.8.3-1.fc14
xsettings-kde-0.11-2.fc14
Details about builds:
================================================================================
ReviewBoard-1.5.1-18.fc14 (FEDORA-2010-18062)
Web-based code review tool
--------------------------------------------------------------------------------
Update Information:
- New Features
- Permission denied errors are shown when accessing unreachable local Git
- repositories. (Bug #1765)
- Previously, if a Git repository was used and there wasnât sufficient
- file permissions to access it, a vague error saying that the repository
- was unreachable would appear. Now we check to find out if itâs a
- permissions error, and display an appropriate error message.
- Performance Improvements
- Reduce the number of SQL queries in the legacy JSON API.
- Some of the legacy API handlers performed more queries than necessary.
- We now perform fewer queries. Patch by Ben Hollis.
- Bug Fixes
- Fixed several small problems in the Admin UI from bundling Django media
- files.
- For historical reasons, weâve always shipped the Django Admin media
- files as part of Review Board. This comes from a time before rb-site
- existed, when we needed a single media directory with everything inside
- it. However, it just introduces various compatibility problems these
- days. We now make use of the media files that are installed with Django
- Fixed a breakage in the diff viewer with SCons files. (Bug #1864)
- Any SCons files put up for review would break the diff viewer, due to a
- typo when looking up information on that type of file.
- Added the Parent Diff field to the New Review Request page. (Bug #1651)
- The Parent Diff field was missing for Git, Bazaar, and Mercurial,
- making it impossible to upload a parent diff through the web UI when
- creating a new review request.
- Fixed some common installation problems with the generated
- lighttpd.conf file. (Bug #1618, Bug #1639)
- Several installs with lighttpd would give 404 Not Found errors, due to
- some configuration problems in the sample config file.
- Fixed support for multiple e-mail addresses assigned to a group.
- (Bug #1661)
- Multiple e-mail addresses for a group were supported, but broken in
- 1.5. We now split them out properly.
- The screenshot area is no longer hidden immediately after uploading a
- screenshot.
- Fixed an error in the web API when serializing to XML.
- Fixed broken intervals for search updating in the generated crontab
- file.
- The intervals would cause a full index to happen at every minute at 2AM
- on Sundays, rather than only at 2AM.
- Fixed an error when permanently deleting a review request.
- The administrator-specific ability to permanently delete a review
- request would succeed but generate an error page.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 22 2010 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 1.5.1-18
- New Features
- Permission denied errors are shown when accessing unreachable local Git
- repositories. (Bug #1765)
- Previously, if a Git repository was used and there wasnât sufficient
- file permissions to access it, a vague error saying that the repository
- was unreachable would appear. Now we check to find out if itâs a
- permissions error, and display an appropriate error message.
- Performance Improvements
- Reduce the number of SQL queries in the legacy JSON API.
- Some of the legacy API handlers performed more queries than necessary.
- We now perform fewer queries. Patch by Ben Hollis.
- Bug Fixes
- Fixed several small problems in the Admin UI from bundling Django media
- files.
- For historical reasons, weâve always shipped the Django Admin media
- files as part of Review Board. This comes from a time before rb-site
- existed, when we needed a single media directory with everything inside
- it. However, it just introduces various compatibility problems these
- days. We now make use of the media files that are installed with Django
- Fixed a breakage in the diff viewer with SCons files. (Bug #1864)
- Any SCons files put up for review would break the diff viewer, due to a
- typo when looking up information on that type of file.
- Added the Parent Diff field to the New Review Request page. (Bug #1651)
- The Parent Diff field was missing for Git, Bazaar, and Mercurial,
- making it impossible to upload a parent diff through the web UI when
- creating a new review request.
- Fixed some common installation problems with the generated
- lighttpd.conf file. (Bug #1618, Bug #1639)
- Several installs with lighttpd would give 404 Not Found errors, due to
- some configuration problems in the sample config file.
- Fixed support for multiple e-mail addresses assigned to a group.
- (Bug #1661)
- Multiple e-mail addresses for a group were supported, but broken in
- 1.5. We now split them out properly.
- The screenshot area is no longer hidden immediately after uploading a
- screenshot.
- Fixed an error in the web API when serializing to XML.
- Fixed broken intervals for search updating in the generated crontab
- file.
- The intervals would cause a full index to happen at every minute at 2AM
- on Sundays, rather than only at 2AM.
- Fixed an error when permanently deleting a review request.
- The administrator-specific ability to permanently delete a review
- request would succeed but generate an error page.
--------------------------------------------------------------------------------
================================================================================
alsa-lib-1.0.23-2.fc14 (FEDORA-2010-18065)
The Advanced Linux Sound Architecture (ALSA) library
--------------------------------------------------------------------------------
Update Information:
Make sure that alsa plugins will been
search at /usr/lib64/alsa-lib on 64-bit
systems.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 9 2010 Jochen Schmitt <Jochen herr-schmitt de> 1.0.23-2
- Set plugindir to %{_libdir}/alsa-lib (bz#651507)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #651507 - pulsaudio plugins will not find on 64 bit systems
https://bugzilla.redhat.com/show_bug.cgi?id=651507
--------------------------------------------------------------------------------
================================================================================
augeas-0.7.4-1.fc14 (FEDORA-2010-18045)
A library for changing configuration files
--------------------------------------------------------------------------------
Update Information:
Update to the latest stable version of augeas. Note that this version
makes some incompatible changes to the parsing of the following files:
* /etc/fstab:
Mount options with values now have the option name and value parsed
separately.
* /etc/squid/squid.conf:
refresh_pattern, upgrade_http0.9, broken_vary_encoding and
extension_methods now have their options parsed individually.
* /etc/xinetd.d/*:
Service names are now parsed as values of a key named 'service'
Fix a crash on i686 (RHBZ#651992)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 22 2010 Matthew Booth <mbooth@xxxxxxxxxx> - 0.7.4-1
- Update to version 0.7.4
* Thu Nov 18 2010 Matthew Booth <mbooth@xxxxxxxxxx> - 0.7.3-2
- Fix crasher on i686 when compiled with gcc 4.5 (RHBZ#651992)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #651992 - Segfault in augeas 0.7.3 when calling aug_save
https://bugzilla.redhat.com/show_bug.cgi?id=651992
--------------------------------------------------------------------------------
================================================================================
culmus-fonts-0.120-1.fc14 (FEDORA-2010-18037)
Fonts for Hebrew from Culmus project
--------------------------------------------------------------------------------
Update Information:
- Added new families Hadasim, Keter YG, Simple, Stam Ashkenaz, Stam Sefarad
- so this package now have 5 new rpms for above package
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 22 2010 Pravin Satpute <psatpute@xxxxxxxxxx> - 0.120-1
- Upstream new release.
- Added new families Hadasim CLM, Keter YG, Simple CLM, Stam Ashkenaz CLM, Stam Sefarad CLM
--------------------------------------------------------------------------------
================================================================================
debootstrap-1.0.26-1.fc14 (FEDORA-2010-18042)
Debian GNU/Linux bootstrapper
--------------------------------------------------------------------------------
Update Information:
New upstream release.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 22 2010 Jan Vcelak <jvcelak@xxxxxxxxxx> 1.0.26-1
- new upstream release (fix typos and remove old workaround for md5sum)
--------------------------------------------------------------------------------
================================================================================
django-evolution-0.6.2-1.fc14 (FEDORA-2010-18062)
Schema evolution for Django
--------------------------------------------------------------------------------
Update Information:
- New Features
- Permission denied errors are shown when accessing unreachable local Git
- repositories. (Bug #1765)
- Previously, if a Git repository was used and there wasnât sufficient
- file permissions to access it, a vague error saying that the repository
- was unreachable would appear. Now we check to find out if itâs a
- permissions error, and display an appropriate error message.
- Performance Improvements
- Reduce the number of SQL queries in the legacy JSON API.
- Some of the legacy API handlers performed more queries than necessary.
- We now perform fewer queries. Patch by Ben Hollis.
- Bug Fixes
- Fixed several small problems in the Admin UI from bundling Django media
- files.
- For historical reasons, weâve always shipped the Django Admin media
- files as part of Review Board. This comes from a time before rb-site
- existed, when we needed a single media directory with everything inside
- it. However, it just introduces various compatibility problems these
- days. We now make use of the media files that are installed with Django
- Fixed a breakage in the diff viewer with SCons files. (Bug #1864)
- Any SCons files put up for review would break the diff viewer, due to a
- typo when looking up information on that type of file.
- Added the Parent Diff field to the New Review Request page. (Bug #1651)
- The Parent Diff field was missing for Git, Bazaar, and Mercurial,
- making it impossible to upload a parent diff through the web UI when
- creating a new review request.
- Fixed some common installation problems with the generated
- lighttpd.conf file. (Bug #1618, Bug #1639)
- Several installs with lighttpd would give 404 Not Found errors, due to
- some configuration problems in the sample config file.
- Fixed support for multiple e-mail addresses assigned to a group.
- (Bug #1661)
- Multiple e-mail addresses for a group were supported, but broken in
- 1.5. We now split them out properly.
- The screenshot area is no longer hidden immediately after uploading a
- screenshot.
- Fixed an error in the web API when serializing to XML.
- Fixed broken intervals for search updating in the generated crontab
- file.
- The intervals would cause a full index to happen at every minute at 2AM
- on Sundays, rather than only at 2AM.
- Fixed an error when permanently deleting a review request.
- The administrator-specific ability to permanently delete a review
- request would succeed but generate an error page.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 22 2010 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 0.6.2-1
- Upgrade to django-evolution 0.6.2 to support ReviewBoard 1.5.1
* Wed Nov 10 2010 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 0.6.1-1
- Upgrade to latest upstream release
--------------------------------------------------------------------------------
================================================================================
dracut-006-5.fc14 (FEDORA-2010-17930)
Initramfs generator using udev
--------------------------------------------------------------------------------
Update Information:
It was discovered that /dev/systty device file created by dracut-generated initramfs scripts used an insecure file permissions. This could possibly allow local user to snoop on other user's terminal.
Updated dracut no longer creates this file as device file, rather creates it a symbolic link to tty0 device file. However, for this change to take effect, user needs to re-generate initramfs (any initramfs for all kernels that are going to be booted in the future) using updated dracut version and reboot the system.
This update also provides updated udev packages that replace systty device file with a symlink on udev package upgrade and each udev start. This provides a work-around fix for users that fail to regenerate their initramfs and reboot as described above.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 22 2010 Harald Hoyer <harald@xxxxxxxxxx> 006-5
- removed umask
Resolves: rhbz#655345 rhbz#655472 rhbz#654935
* Thu Nov 18 2010 Harald Hoyer <harald@xxxxxxxxxx> 006-4
- fix /dev/systty
Resolves: rhbz#654935
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #654489 - CVE-2010-4176 dracut: /dev/systty permissions could allow remote users to snoop on local users
https://bugzilla.redhat.com/show_bug.cgi?id=654489
--------------------------------------------------------------------------------
================================================================================
erlang-rebar-2-3.20101120git90058c7.fc14 (FEDORA-2010-18039)
Erlang Build Tools
--------------------------------------------------------------------------------
Update Information:
* Initial commit (see review reques in rhbz #639263)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #639263 - Review Request: erlang-rebar - Erlang Build Tools
https://bugzilla.redhat.com/show_bug.cgi?id=639263
--------------------------------------------------------------------------------
================================================================================
evince-2.32.0-2.fc14 (FEDORA-2010-18050)
Document viewer
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 22 2010 Marek Kasik <mkasik@xxxxxxxxxx> - 2.32.0-2
- Fix crash in clear_job_selection()
- Remove unused patch
- Resolves: #647689
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #647689 - [abrt] evince-2.32.0-1.fc14: clear_job_selection: Process /usr/bin/evince was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=647689
--------------------------------------------------------------------------------
================================================================================
freefem++-3.10-1.fc14 (FEDORA-2010-18051)
PDE solving tool
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release. Numerous bugfixes, see upstream changelog: http://www.freefem.org/ff++/ftp/INNOVATION
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 15 2010 Dominik Mierzejewski <rpm@xxxxxxxxxxxxxx> 3.10-1
- update to 3.10-1
- drop no longer necessary gcc-4.5 patch
* Sat Sep 4 2010 Dominik Mierzejewski <rpm@xxxxxxxxxxxxxx> 3.9-3.2
- update to 3.9-2
* Sun Aug 29 2010 Dominik Mierzejewski <rpm@xxxxxxxxxxxxxx> 3.9-2.1
- update to 3.9-1
* Wed Aug 4 2010 Dominik Mierzejewski <rpm@xxxxxxxxxxxxxx> 3.9-1
- update to 3.9
- fix compilation with gcc-4.5.1
--------------------------------------------------------------------------------
================================================================================
gdcm-2.0.16-7.fc14 (FEDORA-2010-18068)
Grassroots DiCoM is a C++ library to parse DICOM medical files
--------------------------------------------------------------------------------
Update Information:
This update fixes a problem with include directories as described in bug 655738
Enable vtk support
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 22 2010 Mario Ceresa <mrceresa@xxxxxxxxx> 2.0.16-7
- Fixed bug 655738
* Fri Nov 19 2010 Mario Ceresa <mrceresa@xxxxxxxxx> 2.0.16-6
- Enabled VTK support
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #655738 - Wrong include path
https://bugzilla.redhat.com/show_bug.cgi?id=655738
[ 2 ] Bug #649669 - reenable vtk support
https://bugzilla.redhat.com/show_bug.cgi?id=649669
--------------------------------------------------------------------------------
================================================================================
gnucash-2.3.17-1.fc14 (FEDORA-2010-18057)
Finance management application
--------------------------------------------------------------------------------
Update Information:
This is the GnuCash 2.4 release candidate. For more information, see http://gnucash.org/#101121-2.3.17.news.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
ibus-1.3.7-14.fc14 (FEDORA-2010-17818)
Intelligent Input Bus for Linux OS
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 22 2010 Takao Fujiwara <tfujiwar@xxxxxxxxxx> - 1.3.7-14
- Added ibus-621795-engineproxy-segv.patch
Fixes crash in ibus_object_destroy
- Added ibus-626652-leak.patch
Fixes Bug 626652 - ibus memory leak with ibus_input_context_process_key_event
- Added ibus-541492-xkb.patch
Fixes Bug 541492 - ibus needs to support some xkb layout switching
Fixed Bug 653806 - ibus-xkb SEGV
- Added ibus-435880-surrounding-text.patch
Fixes Bug 435880 - ibus-gtk requires surrounding-text support
Fixes Bug 634829 - ibus_im_context_set_surrounding() to get strings.
Fixed Bug 639253 - ibus_engine_delete_surrounding_text with offset.
- Added ibus-xx-g-ir-compiler.patch to fix g-ir-compiler error.
- Added ibus-xx-workaround-gtk3.patch
Workaround for f14 http://koji.fedoraproject.org/koji/taskinfo?taskID=2516604
- Added ibus-652157-x11-ppc64.patch
Fixes Bug 652157 - Window position of ibus-x11 in ppc64
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #653806 - [abrt] ibus-1.3.7-11.fc14: XkbGetState: Process /usr/libexec/ibus-xkb was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=653806
[ 2 ] Bug #639253 - ibus: surrounding text support bug when backspacing
https://bugzilla.redhat.com/show_bug.cgi?id=639253
--------------------------------------------------------------------------------
================================================================================
iscan-firmware-2.25.1-1.fc14 (FEDORA-2010-18034)
Firmware for Epson flatbed scanners
--------------------------------------------------------------------------------
Update Information:
Adds firmwares for the following Epson scanners: Perfection V33, Perfection V330 PHOTO, GT-F730, GT-S630, Perfection V600 PHOTO and GT-X820.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 21 2010 Dominik Mierzejewski <rpm@xxxxxxxxxxxxxx> 2.25.1-1
- added firmwares for: V33/V330 PHOTO, V600 PHOTO
--------------------------------------------------------------------------------
================================================================================
lightsquid-1.8-9.fc14 (FEDORA-2010-18059)
Light, small, and fast log analyzer for squid proxy
--------------------------------------------------------------------------------
================================================================================
lshw-B.02.15-1.fc14 (FEDORA-2010-18033)
Hardware lister
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release lshw B.02.15, fixing some bugs and adding support for sqlite data as output.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 21 2010 Terje Rosten <terje.rosten@xxxxxxx> - B.02.15-1
- B.02.15
- Remove patches now upstream
- Build with sqlite support
--------------------------------------------------------------------------------
================================================================================
mingw32-boost-1.44.0-1.fc14 (FEDORA-2010-18035)
MinGW Windows port of Boost C++ Libraries
--------------------------------------------------------------------------------
Update Information:
update to 1.44 to match native version, prevent DLL attachment failures due to crashing pseudo relocs
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 18 2010 Thomas Sailer <t.sailer@xxxxxxxxxxxxxx> - 1.44.0-1
- update to 1.44.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #654424 - mingw32-boost Regex attach dll problem
https://bugzilla.redhat.com/show_bug.cgi?id=654424
[ 2 ] Bug #631467 - FTBFS mingw32-boost-1.41.0-2.fc14
https://bugzilla.redhat.com/show_bug.cgi?id=631467
--------------------------------------------------------------------------------
================================================================================
mrtg-2.16.4-2.fc14 (FEDORA-2010-18054)
Multi Router Traffic Grapher
--------------------------------------------------------------------------------
Update Information:
When resolving 652158, it was discovered that mrtg was again conflicting with Socket6. This package reapplies the patch that was applied to Fedora 9 (but later dropped) to resolve this issue.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 22 2010 Tom "spot" Callaway <tcallawa@xxxxxxxxxx> - 2.16.4-2
- resolve conflict with Socket6 (see bz 438931, 442884, 652158)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #652158 - Use of :locked is deprecated
https://bugzilla.redhat.com/show_bug.cgi?id=652158
--------------------------------------------------------------------------------
================================================================================
openconnect-2.26-4.fc14 (FEDORA-2010-18055)
Open client for Cisco AnyConnect VPN
--------------------------------------------------------------------------------
Update Information:
This update implements DTLS rekeying, elides the session cookie from
debugging output by default, and fixes a potential crash on relative
HTTP redirect during authentication. It also fixes a problem which
occurs when changing VPN hosts in the NetworkManager auth-dialog, after
the connection to the first host has already been made.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 21 2010 David Woodhouse <David.Woodhouse@xxxxxxxxx> - 2.26-4
- Fix bug numbers in changelog
* Wed Sep 29 2010 jkeating - 2.26-3
- Rebuilt for gcc bug 634757
* Wed Sep 22 2010 David Woodhouse <David.Woodhouse@xxxxxxxxx> - 2.26-1
- Update to 2.26. (#629979: SIGSEGV in nm-openconnect-auth-dialog)
* Thu Aug 12 2010 David Woodhouse <David.Woodhouse@xxxxxxxxx> - 2.25-2
- Rebuild for new libproxy
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #643414 - CVE-2010-3902 OpenConnect: webvpn cookie content disclosure via debugging output
https://bugzilla.redhat.com/show_bug.cgi?id=643414
--------------------------------------------------------------------------------
================================================================================
perl-Image-ExifTool-8.40-1.fc14 (FEDORA-2010-18028)
Utility for reading and writing image meta info
--------------------------------------------------------------------------------
Update Information:
Update to 8.40. Lots of changes and bugfixes since 8.25 (last stable), see: http://owl.phy.queensu.ca/~phil/exiftool/history.html
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 22 2010 Tom "spot" Callaway <tcallawa@xxxxxxxxxx> - 8.40-1
- update to 8.40
--------------------------------------------------------------------------------
================================================================================
pyliblo-0.9.0-2.fc14 (FEDORA-2010-18038)
Python bindings for the liblo OSC library
--------------------------------------------------------------------------------
Update Information:
* Sun Nov 21 2010 Fabian Affolter <fabian@xxxxxxxxxxxxxxxxx> - 0.9.0-2
- Switched to Cython
* Sun Nov 21 2010 Fabian Affolter <fabian@xxxxxxxxxxxxxxxxx> - 0.9.0-1
- Update to new upstream version 0.9.0
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 21 2010 Fabian Affolter <fabian@xxxxxxxxxxxxxxxxx> - 0.9.0-2
- Switched to Cython
* Sun Nov 21 2010 Fabian Affolter <fabian@xxxxxxxxxxxxxxxxx> - 0.9.0-1
- Update to new upstream version 0.9.0
--------------------------------------------------------------------------------
================================================================================
python-djblets-0.6.6-11.fc14 (FEDORA-2010-18062)
A collection of useful classes and functions for Django
--------------------------------------------------------------------------------
Update Information:
- New Features
- Permission denied errors are shown when accessing unreachable local Git
- repositories. (Bug #1765)
- Previously, if a Git repository was used and there wasnât sufficient
- file permissions to access it, a vague error saying that the repository
- was unreachable would appear. Now we check to find out if itâs a
- permissions error, and display an appropriate error message.
- Performance Improvements
- Reduce the number of SQL queries in the legacy JSON API.
- Some of the legacy API handlers performed more queries than necessary.
- We now perform fewer queries. Patch by Ben Hollis.
- Bug Fixes
- Fixed several small problems in the Admin UI from bundling Django media
- files.
- For historical reasons, weâve always shipped the Django Admin media
- files as part of Review Board. This comes from a time before rb-site
- existed, when we needed a single media directory with everything inside
- it. However, it just introduces various compatibility problems these
- days. We now make use of the media files that are installed with Django
- Fixed a breakage in the diff viewer with SCons files. (Bug #1864)
- Any SCons files put up for review would break the diff viewer, due to a
- typo when looking up information on that type of file.
- Added the Parent Diff field to the New Review Request page. (Bug #1651)
- The Parent Diff field was missing for Git, Bazaar, and Mercurial,
- making it impossible to upload a parent diff through the web UI when
- creating a new review request.
- Fixed some common installation problems with the generated
- lighttpd.conf file. (Bug #1618, Bug #1639)
- Several installs with lighttpd would give 404 Not Found errors, due to
- some configuration problems in the sample config file.
- Fixed support for multiple e-mail addresses assigned to a group.
- (Bug #1661)
- Multiple e-mail addresses for a group were supported, but broken in
- 1.5. We now split them out properly.
- The screenshot area is no longer hidden immediately after uploading a
- screenshot.
- Fixed an error in the web API when serializing to XML.
- Fixed broken intervals for search updating in the generated crontab
- file.
- The intervals would cause a full index to happen at every minute at 2AM
- on Sundays, rather than only at 2AM.
- Fixed an error when permanently deleting a review request.
- The administrator-specific ability to permanently delete a review
- request would succeed but generate an error page.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 22 2010 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 0.6.6-11
- New upstream release 0.6.6
- djblets.util:
- Fixed a compatibility problem with JSONField and Django 1.1. It
- was assuming support for Django 1.2's multi-database support.
- Fixed multi-database support in Django 1.2 with JSONField, where
- the default connection was always being used in one case.
* Mon Nov 22 2010 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 0.6.5-10
- djblets.datagrid:
- MEDIA_SERIAL is now used for all the images in the datagrid
- template. Patch by Ben Hollis.
- djblets.util:
- Added a @root_url decorator for use with get_absolute_url
- implementations, which appends SITE-ROOT to any returned URLs.
- Added a CounterField for atomically updating counters.
- CounterField can be used to atomically increment or decrement
- an integer stored in the database, on individual models or
- on many models at a time. It's intended to substitute for
- potentially expensive or numerous SQL queries that retrieve
- counts of objects.
- Updated the custom fields for Django 1.2 multi-database
- compatibility.
- djblets.webapi:
- Fixed a bug in serializing 'long' values in XML.
- Resources now Vary on HTTP Accept, meaning that the browser won't
- cache the wrong response type when accessing the same resource
- with two different requested mimetypes.
- Reduced the SQL query count for resources.
- Fixed problems that could occur with URLs when serializing objects in
- a list and when returning links.
--------------------------------------------------------------------------------
================================================================================
qbittorrent-2.4.11-1.fc14 (FEDORA-2010-18046)
A Bittorrent Client
--------------------------------------------------------------------------------
Update Information:
* Sun Nov 21 2010 - Christophe Dumez <chris@xxxxxxxxxxxxxxx> - v2.4.11
- BUGFIX: Do not report a progress of 100% in the Web UI unless the
torrent is really complete (closes #674349)
- BUGFIX: Fix possible incorrect behavior with queueing
- BUGFIX: Fix RSS refresh interval saving
- BUGFIX: Fix possible crash when setting RSS proxy (closes #676288)
- BUGFIX: Fix HTTP redirect issue that would cause the torrent addition to
show up for automated RSS downloads (Closes #677565)
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 21 2010 leigh scott <leigh123linux@xxxxxxxxxxxxxx> - 1:2.4.11-1
- update to 2.4.11
--------------------------------------------------------------------------------
================================================================================
rhn-custom-info-5.4.5-1.fc14 (FEDORA-2010-18064)
Set and list custom values for RHN-enabled machines
--------------------------------------------------------------------------------
Update Information:
new package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #553649 - Review Request: rhn-custom-info - Set and list custom values for RHN-enabled machines
https://bugzilla.redhat.com/show_bug.cgi?id=553649
--------------------------------------------------------------------------------
================================================================================
rubygem-i18n-0.4.2-2.fc14 (FEDORA-2010-18043)
New wave Internationalization support for Ruby
--------------------------------------------------------------------------------
Update Information:
Initial update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #652216 - Review Request: rubygem-i18n - New wave Internationalization support for Ruby
https://bugzilla.redhat.com/show_bug.cgi?id=652216
--------------------------------------------------------------------------------
================================================================================
samba-3.5.6-71.fc14 (FEDORA-2010-18044)
Server and Client software to interoperate with Windows machines
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 22 2010 Guenther Deschner <gdeschner@xxxxxxxxxx> - 3.5.6-71
- Handle no network case in init scripts
- resolves: #655766
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #655766 - Error message from initscript
https://bugzilla.redhat.com/show_bug.cgi?id=655766
[ 2 ] Bug #654408 - Nautilus fails to write to windows share
https://bugzilla.redhat.com/show_bug.cgi?id=654408
--------------------------------------------------------------------------------
================================================================================
solfege-3.18.7-1.fc14 (FEDORA-2010-18041)
Music education software
--------------------------------------------------------------------------------
Update Information:
new upstream bugfix release
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 17 2010 Christian Krause <chkr@xxxxxxxxxxx> - 3.18.7-1
- Update to new upstream release (BZ 648180)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #648180 - solfege-3.18.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=648180
--------------------------------------------------------------------------------
================================================================================
udev-161-7.fc14 (FEDORA-2010-17930)
A rule-based device node and kernel event manager
--------------------------------------------------------------------------------
Update Information:
It was discovered that /dev/systty device file created by dracut-generated initramfs scripts used an insecure file permissions. This could possibly allow local user to snoop on other user's terminal.
Updated dracut no longer creates this file as device file, rather creates it a symbolic link to tty0 device file. However, for this change to take effect, user needs to re-generate initramfs (any initramfs for all kernels that are going to be booted in the future) using updated dracut version and reboot the system.
This update also provides updated udev packages that replace systty device file with a symlink on udev package upgrade and each udev start. This provides a work-around fix for users that fail to regenerate their initramfs and reboot as described above.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 18 2010 Harald Hoyer <harald@xxxxxxxxxx> 161-7
- fix /dev/systty
Resolves: rhbz#654935
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #654489 - CVE-2010-4176 dracut: /dev/systty permissions could allow remote users to snoop on local users
https://bugzilla.redhat.com/show_bug.cgi?id=654489
--------------------------------------------------------------------------------
================================================================================
wireshark-1.4.2-1.fc14 (FEDORA-2010-18060)
Network traffic analyzer
--------------------------------------------------------------------------------
Update Information:
The following vulnerabilities have been fixed. See the security advisory[1] for details and a workaround.
* Nephi Johnson of BreakingPoint discovered that the LDSS dissector could overflow a buffer. (Upstream bug 5318)
* The ZigBee ZCL dissector could go into an infinite loop. (Upstream bug 5303)
[1]http://www.wireshark.org/security/wnpa-sec-2010-14.html
http://www.wireshark.org/security/wnpa-sec-2010-13.html
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 22 2010 Jan Safranek <jsafrane@xxxxxxxxxx> - 1.4.2-1
- upgrade to 1.4.2
- see http://www.wireshark.org/docs/relnotes/wireshark-1.4.2.html
--------------------------------------------------------------------------------
================================================================================
x-tile-1.8.3-1.fc14 (FEDORA-2010-18056)
A GNOME panel applet to tile windows in different ways
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 22 2010 Mohamed El Morabity <melmorabity@xxxxxxxxxxxxxxxxx> - 1.8.3-1
- Update to 1.8.3
--------------------------------------------------------------------------------
================================================================================
xsettings-kde-0.11-2.fc14 (FEDORA-2010-18049)
XSettings Daemon for KDE
--------------------------------------------------------------------------------
Update Information:
This update makes GTK+/GNOME applications display icons in menus when running in a KDE (Plasma) session, as Qt/KDE applications do.
You will have to restart your session (log out and log back in) or manually restart xsettings-kde for the change to take effect.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 22 2010 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> - 0.11-2
- make GTK+ apps display menu images in KDE
--------------------------------------------------------------------------------
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
