Fedora 14 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 14 Security updates need testing:

    https://admin.fedoraproject.org/updates/mailman-2.1.13-6.fc14
    https://admin.fedoraproject.org/updates/udunits2-2.1.19-1.fc14
    https://admin.fedoraproject.org/updates/libvpx-0.9.5-2.fc14
    https://admin.fedoraproject.org/updates/dracut-006-5.fc14,udev-161-7.fc14
    https://admin.fedoraproject.org/updates/libtlen-0-0.10.20060309.fc14
    https://admin.fedoraproject.org/updates/exim-4.72-2.fc14
    https://admin.fedoraproject.org/updates/openconnect-2.26-4.fc14


The following Fedora 14 Critical Path updates have yet to be approved:

    https://admin.fedoraproject.org/updates/alsa-lib-1.0.23-2.fc14
    https://admin.fedoraproject.org/updates/parted-2.3-4.fc14
    https://admin.fedoraproject.org/updates/dracut-006-5.fc14,udev-161-7.fc14
    https://admin.fedoraproject.org/updates/makebootfat-1.4-11.fc14
    https://admin.fedoraproject.org/updates/livecd-tools-14.0-1.fc14
    https://admin.fedoraproject.org/updates/libgsf-1.14.18-6.fc14
    https://admin.fedoraproject.org/updates/perl-5.12.2-138.fc14
    https://admin.fedoraproject.org/updates/perl-5.12.2-137.fc14
    https://admin.fedoraproject.org/updates/libwnck-2.30.4-1.fc14


The following builds have been pushed to Fedora 14 updates-testing

    ReviewBoard-1.5.1-18.fc14
    alsa-lib-1.0.23-2.fc14
    augeas-0.7.4-1.fc14
    culmus-fonts-0.120-1.fc14
    debootstrap-1.0.26-1.fc14
    django-evolution-0.6.2-1.fc14
    dracut-006-5.fc14
    erlang-rebar-2-3.20101120git90058c7.fc14
    evince-2.32.0-2.fc14
    freefem++-3.10-1.fc14
    gdcm-2.0.16-7.fc14
    gnucash-2.3.17-1.fc14
    ibus-1.3.7-14.fc14
    iscan-firmware-2.25.1-1.fc14
    lightsquid-1.8-9.fc14
    lshw-B.02.15-1.fc14
    mingw32-boost-1.44.0-1.fc14
    mrtg-2.16.4-2.fc14
    openconnect-2.26-4.fc14
    perl-Image-ExifTool-8.40-1.fc14
    pyliblo-0.9.0-2.fc14
    python-djblets-0.6.6-11.fc14
    qbittorrent-2.4.11-1.fc14
    rhn-custom-info-5.4.5-1.fc14
    rubygem-i18n-0.4.2-2.fc14
    samba-3.5.6-71.fc14
    solfege-3.18.7-1.fc14
    udev-161-7.fc14
    wireshark-1.4.2-1.fc14
    x-tile-1.8.3-1.fc14
    xsettings-kde-0.11-2.fc14

Details about builds:


================================================================================
 ReviewBoard-1.5.1-18.fc14 (FEDORA-2010-18062)
 Web-based code review tool
--------------------------------------------------------------------------------
Update Information:

    - New Features
    -      Permission denied errors are shown when accessing unreachable local Git
    -      repositories. (Bug #1765)
    -      Previously, if a Git repository was used and there wasnât sufficient
    -      file permissions to access it, a vague error saying that the repository
    -      was unreachable would appear. Now we check to find out if itâs a
    -      permissions error, and display an appropriate error message.
    - Performance Improvements
    -      Reduce the number of SQL queries in the legacy JSON API.
    -      Some of the legacy API handlers performed more queries than necessary.
    -      We now perform fewer queries. Patch by Ben Hollis.
    - Bug Fixes
    -      Fixed several small problems in the Admin UI from bundling Django media
    -      files.
    -      For historical reasons, weâve always shipped the Django Admin media
    -      files as part of Review Board. This comes from a time before rb-site
    -      existed, when we needed a single media directory with everything inside
    -      it. However, it just introduces various compatibility problems these
    -      days. We now make use of the media files that are installed with Django
    -      Fixed a breakage in the diff viewer with SCons files. (Bug #1864)
    -      Any SCons files put up for review would break the diff viewer, due to a
    -      typo when looking up information on that type of file.
    -      Added the Parent Diff field to the New Review Request page. (Bug #1651)
    -      The Parent Diff field was missing for Git, Bazaar, and Mercurial,
    -      making it impossible to upload a parent diff through the web UI when
    -      creating a new review request.
    -      Fixed some common installation problems with the generated
    -      lighttpd.conf file. (Bug #1618, Bug #1639)
    -      Several installs with lighttpd would give 404 Not Found errors, due to
    -      some configuration problems in the sample config file.
    -      Fixed support for multiple e-mail addresses assigned to a group.
    -      (Bug #1661)
    -      Multiple e-mail addresses for a group were supported, but broken in
    -      1.5. We now split them out properly.
    -      The screenshot area is no longer hidden immediately after uploading a
    -      screenshot.
    -      Fixed an error in the web API when serializing to XML.
    -      Fixed broken intervals for search updating in the generated crontab
    -      file.
    -      The intervals would cause a full index to happen at every minute at 2AM
    -      on Sundays, rather than only at 2AM.
    -      Fixed an error when permanently deleting a review request.
    -      The administrator-specific ability to permanently delete a review
    -      request would succeed but generate an error page.

--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 22 2010 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 1.5.1-18
- New Features
-      Permission denied errors are shown when accessing unreachable local Git
-      repositories. (Bug #1765)
-      Previously, if a Git repository was used and there wasnât sufficient
-      file permissions to access it, a vague error saying that the repository
-      was unreachable would appear. Now we check to find out if itâs a
-      permissions error, and display an appropriate error message.
- Performance Improvements
-      Reduce the number of SQL queries in the legacy JSON API.
-      Some of the legacy API handlers performed more queries than necessary.
-      We now perform fewer queries. Patch by Ben Hollis.
- Bug Fixes
-      Fixed several small problems in the Admin UI from bundling Django media
-      files.
-      For historical reasons, weâve always shipped the Django Admin media
-      files as part of Review Board. This comes from a time before rb-site
-      existed, when we needed a single media directory with everything inside
-      it. However, it just introduces various compatibility problems these
-      days. We now make use of the media files that are installed with Django
-      Fixed a breakage in the diff viewer with SCons files. (Bug #1864)
-      Any SCons files put up for review would break the diff viewer, due to a
-      typo when looking up information on that type of file.
-      Added the Parent Diff field to the New Review Request page. (Bug #1651)
-      The Parent Diff field was missing for Git, Bazaar, and Mercurial,
-      making it impossible to upload a parent diff through the web UI when
-      creating a new review request.
-      Fixed some common installation problems with the generated
-      lighttpd.conf file. (Bug #1618, Bug #1639)
-      Several installs with lighttpd would give 404 Not Found errors, due to
-      some configuration problems in the sample config file.
-      Fixed support for multiple e-mail addresses assigned to a group.
-      (Bug #1661)
-      Multiple e-mail addresses for a group were supported, but broken in
-      1.5. We now split them out properly.
-      The screenshot area is no longer hidden immediately after uploading a
-      screenshot.
-      Fixed an error in the web API when serializing to XML.
-      Fixed broken intervals for search updating in the generated crontab
-      file.
-      The intervals would cause a full index to happen at every minute at 2AM
-      on Sundays, rather than only at 2AM.
-      Fixed an error when permanently deleting a review request.
-      The administrator-specific ability to permanently delete a review
-      request would succeed but generate an error page.
--------------------------------------------------------------------------------


================================================================================
 alsa-lib-1.0.23-2.fc14 (FEDORA-2010-18065)
 The Advanced Linux Sound Architecture (ALSA) library
--------------------------------------------------------------------------------
Update Information:

Make sure that alsa plugins will been
search at /usr/lib64/alsa-lib on 64-bit
systems.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Nov  9 2010 Jochen Schmitt <Jochen herr-schmitt de> 1.0.23-2
- Set plugindir to %{_libdir}/alsa-lib (bz#651507)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #651507 - pulsaudio plugins will not find on 64 bit systems
        https://bugzilla.redhat.com/show_bug.cgi?id=651507
--------------------------------------------------------------------------------


================================================================================
 augeas-0.7.4-1.fc14 (FEDORA-2010-18045)
 A library for changing configuration files
--------------------------------------------------------------------------------
Update Information:

Update to the latest stable version of augeas. Note that this version
makes some incompatible changes to the parsing of the following files:
* /etc/fstab:
Mount options with values now have the option name and value parsed
separately.
* /etc/squid/squid.conf:
refresh_pattern, upgrade_http0.9, broken_vary_encoding and
extension_methods now have their options parsed individually.
* /etc/xinetd.d/*:
Service names are now parsed as values of a key named 'service'
Fix a crash on i686 (RHBZ#651992)
--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 22 2010 Matthew Booth <mbooth@xxxxxxxxxx> - 0.7.4-1
- Update to version 0.7.4
* Thu Nov 18 2010 Matthew Booth <mbooth@xxxxxxxxxx> - 0.7.3-2
- Fix crasher on i686 when compiled with gcc 4.5 (RHBZ#651992)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #651992 - Segfault in augeas 0.7.3 when calling aug_save
        https://bugzilla.redhat.com/show_bug.cgi?id=651992
--------------------------------------------------------------------------------


================================================================================
 culmus-fonts-0.120-1.fc14 (FEDORA-2010-18037)
 Fonts for Hebrew from Culmus project
--------------------------------------------------------------------------------
Update Information:

- Added new families Hadasim, Keter YG, Simple, Stam Ashkenaz, Stam Sefarad
- so this package now have 5 new rpms for above package
--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 22 2010 Pravin Satpute <psatpute@xxxxxxxxxx> - 0.120-1
- Upstream new release.
- Added new families Hadasim CLM, Keter YG, Simple CLM, Stam Ashkenaz CLM, Stam Sefarad CLM
--------------------------------------------------------------------------------


================================================================================
 debootstrap-1.0.26-1.fc14 (FEDORA-2010-18042)
 Debian GNU/Linux bootstrapper
--------------------------------------------------------------------------------
Update Information:

New upstream release.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 22 2010 Jan Vcelak <jvcelak@xxxxxxxxxx> 1.0.26-1
- new upstream release (fix typos and remove old workaround for md5sum)
--------------------------------------------------------------------------------


================================================================================
 django-evolution-0.6.2-1.fc14 (FEDORA-2010-18062)
 Schema evolution for Django
--------------------------------------------------------------------------------
Update Information:

    - New Features
    -      Permission denied errors are shown when accessing unreachable local Git
    -      repositories. (Bug #1765)
    -      Previously, if a Git repository was used and there wasnât sufficient
    -      file permissions to access it, a vague error saying that the repository
    -      was unreachable would appear. Now we check to find out if itâs a
    -      permissions error, and display an appropriate error message.
    - Performance Improvements
    -      Reduce the number of SQL queries in the legacy JSON API.
    -      Some of the legacy API handlers performed more queries than necessary.
    -      We now perform fewer queries. Patch by Ben Hollis.
    - Bug Fixes
    -      Fixed several small problems in the Admin UI from bundling Django media
    -      files.
    -      For historical reasons, weâve always shipped the Django Admin media
    -      files as part of Review Board. This comes from a time before rb-site
    -      existed, when we needed a single media directory with everything inside
    -      it. However, it just introduces various compatibility problems these
    -      days. We now make use of the media files that are installed with Django
    -      Fixed a breakage in the diff viewer with SCons files. (Bug #1864)
    -      Any SCons files put up for review would break the diff viewer, due to a
    -      typo when looking up information on that type of file.
    -      Added the Parent Diff field to the New Review Request page. (Bug #1651)
    -      The Parent Diff field was missing for Git, Bazaar, and Mercurial,
    -      making it impossible to upload a parent diff through the web UI when
    -      creating a new review request.
    -      Fixed some common installation problems with the generated
    -      lighttpd.conf file. (Bug #1618, Bug #1639)
    -      Several installs with lighttpd would give 404 Not Found errors, due to
    -      some configuration problems in the sample config file.
    -      Fixed support for multiple e-mail addresses assigned to a group.
    -      (Bug #1661)
    -      Multiple e-mail addresses for a group were supported, but broken in
    -      1.5. We now split them out properly.
    -      The screenshot area is no longer hidden immediately after uploading a
    -      screenshot.
    -      Fixed an error in the web API when serializing to XML.
    -      Fixed broken intervals for search updating in the generated crontab
    -      file.
    -      The intervals would cause a full index to happen at every minute at 2AM
    -      on Sundays, rather than only at 2AM.
    -      Fixed an error when permanently deleting a review request.
    -      The administrator-specific ability to permanently delete a review
    -      request would succeed but generate an error page.

--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 22 2010 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 0.6.2-1
- Upgrade to django-evolution 0.6.2 to support ReviewBoard 1.5.1
* Wed Nov 10 2010 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 0.6.1-1
- Upgrade to latest upstream release
--------------------------------------------------------------------------------


================================================================================
 dracut-006-5.fc14 (FEDORA-2010-17930)
 Initramfs generator using udev
--------------------------------------------------------------------------------
Update Information:

It was discovered that /dev/systty device file created by dracut-generated initramfs scripts used an insecure file permissions.  This could possibly allow local user to snoop on other user's terminal.

Updated dracut no longer creates this file as device file, rather creates it a symbolic link to tty0 device file.  However, for this change to take effect, user needs to re-generate initramfs (any initramfs for all kernels that are going to be booted in the future) using updated dracut version and reboot the system.

This update also provides updated udev packages that replace systty device file with a symlink on udev package upgrade and each udev start.  This provides a work-around fix for users that fail to regenerate their initramfs and reboot as described above.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 22 2010 Harald Hoyer <harald@xxxxxxxxxx> 006-5
- removed umask
Resolves: rhbz#655345 rhbz#655472 rhbz#654935
* Thu Nov 18 2010 Harald Hoyer <harald@xxxxxxxxxx> 006-4
- fix /dev/systty
Resolves: rhbz#654935
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #654489 - CVE-2010-4176  dracut: /dev/systty permissions could allow remote users to snoop on local users
        https://bugzilla.redhat.com/show_bug.cgi?id=654489
--------------------------------------------------------------------------------


================================================================================
 erlang-rebar-2-3.20101120git90058c7.fc14 (FEDORA-2010-18039)
 Erlang Build Tools
--------------------------------------------------------------------------------
Update Information:

* Initial commit (see review reques in rhbz #639263)

--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #639263 - Review Request: erlang-rebar - Erlang Build Tools
        https://bugzilla.redhat.com/show_bug.cgi?id=639263
--------------------------------------------------------------------------------


================================================================================
 evince-2.32.0-2.fc14 (FEDORA-2010-18050)
 Document viewer
--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 22 2010 Marek Kasik <mkasik@xxxxxxxxxx> - 2.32.0-2
- Fix crash in clear_job_selection()
- Remove unused patch
- Resolves: #647689
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #647689 - [abrt] evince-2.32.0-1.fc14: clear_job_selection: Process /usr/bin/evince was killed by signal 11 (SIGSEGV)
        https://bugzilla.redhat.com/show_bug.cgi?id=647689
--------------------------------------------------------------------------------


================================================================================
 freefem++-3.10-1.fc14 (FEDORA-2010-18051)
 PDE solving tool
--------------------------------------------------------------------------------
Update Information:

Update to latest upstream release. Numerous bugfixes, see upstream changelog: http://www.freefem.org/ff++/ftp/INNOVATION
--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 15 2010 Dominik Mierzejewski <rpm@xxxxxxxxxxxxxx> 3.10-1
- update to 3.10-1
- drop no longer necessary gcc-4.5 patch
* Sat Sep  4 2010 Dominik Mierzejewski <rpm@xxxxxxxxxxxxxx> 3.9-3.2
- update to 3.9-2
* Sun Aug 29 2010 Dominik Mierzejewski <rpm@xxxxxxxxxxxxxx> 3.9-2.1
- update to 3.9-1
* Wed Aug  4 2010 Dominik Mierzejewski <rpm@xxxxxxxxxxxxxx> 3.9-1
- update to 3.9
- fix compilation with gcc-4.5.1
--------------------------------------------------------------------------------


================================================================================
 gdcm-2.0.16-7.fc14 (FEDORA-2010-18068)
 Grassroots DiCoM is a C++ library to parse DICOM medical files
--------------------------------------------------------------------------------
Update Information:

This update fixes a problem with include directories as described in bug 655738
Enable vtk support
--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 22 2010 Mario Ceresa <mrceresa@xxxxxxxxx> 2.0.16-7
- Fixed bug 655738
* Fri Nov 19 2010 Mario Ceresa <mrceresa@xxxxxxxxx> 2.0.16-6
- Enabled VTK support
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #655738 - Wrong include path
        https://bugzilla.redhat.com/show_bug.cgi?id=655738
  [ 2 ] Bug #649669 - reenable vtk support
        https://bugzilla.redhat.com/show_bug.cgi?id=649669
--------------------------------------------------------------------------------


================================================================================
 gnucash-2.3.17-1.fc14 (FEDORA-2010-18057)
 Finance management application
--------------------------------------------------------------------------------
Update Information:

This is the GnuCash 2.4 release candidate. For more information, see http://gnucash.org/#101121-2.3.17.news.
--------------------------------------------------------------------------------
ChangeLog:

--------------------------------------------------------------------------------


================================================================================
 ibus-1.3.7-14.fc14 (FEDORA-2010-17818)
 Intelligent Input Bus for Linux OS
--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 22 2010 Takao Fujiwara <tfujiwar@xxxxxxxxxx> - 1.3.7-14
- Added ibus-621795-engineproxy-segv.patch
  Fixes crash in ibus_object_destroy
- Added ibus-626652-leak.patch
  Fixes Bug 626652 - ibus memory leak with ibus_input_context_process_key_event
- Added ibus-541492-xkb.patch
  Fixes Bug 541492 - ibus needs to support some xkb layout switching
  Fixed Bug 653806 - ibus-xkb SEGV
- Added ibus-435880-surrounding-text.patch
  Fixes Bug 435880 - ibus-gtk requires surrounding-text support
  Fixes Bug 634829 - ibus_im_context_set_surrounding() to get strings.
  Fixed Bug 639253 - ibus_engine_delete_surrounding_text with offset. 
- Added ibus-xx-g-ir-compiler.patch to fix g-ir-compiler error.
- Added ibus-xx-workaround-gtk3.patch
  Workaround for f14 http://koji.fedoraproject.org/koji/taskinfo?taskID=2516604
- Added ibus-652157-x11-ppc64.patch
  Fixes Bug 652157 - Window position of ibus-x11 in ppc64
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #653806 - [abrt] ibus-1.3.7-11.fc14: XkbGetState: Process /usr/libexec/ibus-xkb was killed by signal 11 (SIGSEGV)
        https://bugzilla.redhat.com/show_bug.cgi?id=653806
  [ 2 ] Bug #639253 - ibus: surrounding text support bug when backspacing
        https://bugzilla.redhat.com/show_bug.cgi?id=639253
--------------------------------------------------------------------------------


================================================================================
 iscan-firmware-2.25.1-1.fc14 (FEDORA-2010-18034)
 Firmware for Epson flatbed scanners
--------------------------------------------------------------------------------
Update Information:

Adds firmwares for the following Epson scanners: Perfection V33, Perfection V330 PHOTO, GT-F730, GT-S630, Perfection V600 PHOTO and GT-X820.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Nov 21 2010 Dominik Mierzejewski <rpm@xxxxxxxxxxxxxx> 2.25.1-1
- added firmwares for: V33/V330 PHOTO, V600 PHOTO
--------------------------------------------------------------------------------


================================================================================
 lightsquid-1.8-9.fc14 (FEDORA-2010-18059)
 Light, small, and fast log analyzer for squid proxy
--------------------------------------------------------------------------------


================================================================================
 lshw-B.02.15-1.fc14 (FEDORA-2010-18033)
 Hardware lister
--------------------------------------------------------------------------------
Update Information:

Update to latest upstream release lshw B.02.15, fixing some bugs and adding support for sqlite data as output.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Nov 21 2010 Terje Rosten <terje.rosten@xxxxxxx> - B.02.15-1
- B.02.15
- Remove patches now upstream
- Build with sqlite support
--------------------------------------------------------------------------------


================================================================================
 mingw32-boost-1.44.0-1.fc14 (FEDORA-2010-18035)
 MinGW Windows port of Boost C++ Libraries
--------------------------------------------------------------------------------
Update Information:

update to 1.44 to match native version, prevent DLL attachment failures due to crashing pseudo relocs
--------------------------------------------------------------------------------
ChangeLog:

* Thu Nov 18 2010 Thomas Sailer <t.sailer@xxxxxxxxxxxxxx> - 1.44.0-1
- update to 1.44.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #654424 - mingw32-boost Regex attach dll problem
        https://bugzilla.redhat.com/show_bug.cgi?id=654424
  [ 2 ] Bug #631467 - FTBFS mingw32-boost-1.41.0-2.fc14
        https://bugzilla.redhat.com/show_bug.cgi?id=631467
--------------------------------------------------------------------------------


================================================================================
 mrtg-2.16.4-2.fc14 (FEDORA-2010-18054)
 Multi Router Traffic Grapher
--------------------------------------------------------------------------------
Update Information:

When resolving 652158, it was discovered that mrtg was again conflicting with Socket6. This package reapplies the patch that was applied to Fedora 9 (but later dropped) to resolve this issue.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 22 2010 Tom "spot" Callaway <tcallawa@xxxxxxxxxx> - 2.16.4-2
- resolve conflict with Socket6 (see bz 438931, 442884, 652158)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #652158 - Use of :locked is deprecated
        https://bugzilla.redhat.com/show_bug.cgi?id=652158
--------------------------------------------------------------------------------


================================================================================
 openconnect-2.26-4.fc14 (FEDORA-2010-18055)
 Open client for Cisco AnyConnect VPN
--------------------------------------------------------------------------------
Update Information:

This update implements DTLS rekeying, elides the session cookie from
debugging output by default, and fixes a potential crash on relative
HTTP redirect during authentication. It also fixes a problem which
occurs when changing VPN hosts in the NetworkManager auth-dialog, after
the connection to the first host has already been made.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Nov 21 2010 David Woodhouse <David.Woodhouse@xxxxxxxxx> - 2.26-4
- Fix bug numbers in changelog
* Wed Sep 29 2010 jkeating - 2.26-3
- Rebuilt for gcc bug 634757
* Wed Sep 22 2010 David Woodhouse <David.Woodhouse@xxxxxxxxx> - 2.26-1
- Update to 2.26. (#629979: SIGSEGV in nm-openconnect-auth-dialog)
* Thu Aug 12 2010 David Woodhouse <David.Woodhouse@xxxxxxxxx> - 2.25-2
- Rebuild for new libproxy
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #643414 - CVE-2010-3902 OpenConnect: webvpn cookie content disclosure via debugging output
        https://bugzilla.redhat.com/show_bug.cgi?id=643414
--------------------------------------------------------------------------------


================================================================================
 perl-Image-ExifTool-8.40-1.fc14 (FEDORA-2010-18028)
 Utility for reading and writing image meta info
--------------------------------------------------------------------------------
Update Information:

Update to 8.40. Lots of changes and bugfixes since 8.25 (last stable), see: http://owl.phy.queensu.ca/~phil/exiftool/history.html
--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 22 2010 Tom "spot" Callaway <tcallawa@xxxxxxxxxx> - 8.40-1
- update to 8.40
--------------------------------------------------------------------------------


================================================================================
 pyliblo-0.9.0-2.fc14 (FEDORA-2010-18038)
 Python bindings for the liblo OSC library
--------------------------------------------------------------------------------
Update Information:

* Sun Nov 21 2010 Fabian Affolter <fabian@xxxxxxxxxxxxxxxxx> - 0.9.0-2
- Switched to Cython

* Sun Nov 21 2010 Fabian Affolter <fabian@xxxxxxxxxxxxxxxxx> - 0.9.0-1
- Update to new upstream version 0.9.0
--------------------------------------------------------------------------------
ChangeLog:

* Sun Nov 21 2010 Fabian Affolter <fabian@xxxxxxxxxxxxxxxxx> - 0.9.0-2
- Switched to Cython
* Sun Nov 21 2010 Fabian Affolter <fabian@xxxxxxxxxxxxxxxxx> - 0.9.0-1
- Update to new upstream version 0.9.0
--------------------------------------------------------------------------------


================================================================================
 python-djblets-0.6.6-11.fc14 (FEDORA-2010-18062)
 A collection of useful classes and functions for Django
--------------------------------------------------------------------------------
Update Information:

    - New Features
    -      Permission denied errors are shown when accessing unreachable local Git
    -      repositories. (Bug #1765)
    -      Previously, if a Git repository was used and there wasnât sufficient
    -      file permissions to access it, a vague error saying that the repository
    -      was unreachable would appear. Now we check to find out if itâs a
    -      permissions error, and display an appropriate error message.
    - Performance Improvements
    -      Reduce the number of SQL queries in the legacy JSON API.
    -      Some of the legacy API handlers performed more queries than necessary.
    -      We now perform fewer queries. Patch by Ben Hollis.
    - Bug Fixes
    -      Fixed several small problems in the Admin UI from bundling Django media
    -      files.
    -      For historical reasons, weâve always shipped the Django Admin media
    -      files as part of Review Board. This comes from a time before rb-site
    -      existed, when we needed a single media directory with everything inside
    -      it. However, it just introduces various compatibility problems these
    -      days. We now make use of the media files that are installed with Django
    -      Fixed a breakage in the diff viewer with SCons files. (Bug #1864)
    -      Any SCons files put up for review would break the diff viewer, due to a
    -      typo when looking up information on that type of file.
    -      Added the Parent Diff field to the New Review Request page. (Bug #1651)
    -      The Parent Diff field was missing for Git, Bazaar, and Mercurial,
    -      making it impossible to upload a parent diff through the web UI when
    -      creating a new review request.
    -      Fixed some common installation problems with the generated
    -      lighttpd.conf file. (Bug #1618, Bug #1639)
    -      Several installs with lighttpd would give 404 Not Found errors, due to
    -      some configuration problems in the sample config file.
    -      Fixed support for multiple e-mail addresses assigned to a group.
    -      (Bug #1661)
    -      Multiple e-mail addresses for a group were supported, but broken in
    -      1.5. We now split them out properly.
    -      The screenshot area is no longer hidden immediately after uploading a
    -      screenshot.
    -      Fixed an error in the web API when serializing to XML.
    -      Fixed broken intervals for search updating in the generated crontab
    -      file.
    -      The intervals would cause a full index to happen at every minute at 2AM
    -      on Sundays, rather than only at 2AM.
    -      Fixed an error when permanently deleting a review request.
    -      The administrator-specific ability to permanently delete a review
    -      request would succeed but generate an error page.

--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 22 2010 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 0.6.6-11
- New upstream release 0.6.6
- djblets.util:
-    Fixed a compatibility problem with JSONField and Django 1.1. It
-    was assuming support for Django 1.2's multi-database support.
-    Fixed multi-database support in Django 1.2 with JSONField, where
-    the default connection was always being used in one case.
* Mon Nov 22 2010 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 0.6.5-10
- djblets.datagrid:
-     MEDIA_SERIAL is now used for all the images in the datagrid
-      template. Patch by Ben Hollis.
- djblets.util:
-     Added a @root_url decorator for use with get_absolute_url
-     implementations, which appends SITE-ROOT to any returned URLs.
-     Added a CounterField for atomically updating counters.
-     CounterField can be used to atomically increment or decrement
-     an integer stored in the database, on individual models or
-     on many models at a time. It's intended to substitute for
-     potentially expensive or numerous SQL queries that retrieve
-     counts of objects.
-     Updated the custom fields for Django 1.2 multi-database
-     compatibility.
- djblets.webapi:
-     Fixed a bug in serializing 'long' values in XML.
-     Resources now Vary on HTTP Accept, meaning that the browser won't
-     cache the wrong response type when accessing the same resource
-     with two different requested mimetypes.
-     Reduced the SQL query count for resources.
-     Fixed problems that could occur with URLs when serializing objects in
-     a list and when returning links.
--------------------------------------------------------------------------------


================================================================================
 qbittorrent-2.4.11-1.fc14 (FEDORA-2010-18046)
 A Bittorrent Client
--------------------------------------------------------------------------------
Update Information:

* Sun Nov 21 2010 - Christophe Dumez <chris@xxxxxxxxxxxxxxx> - v2.4.11
    - BUGFIX: Do not report a progress of 100% in the Web UI unless the
    torrent is really complete (closes #674349)
    - BUGFIX: Fix possible incorrect behavior with queueing
    - BUGFIX: Fix RSS refresh interval saving
    - BUGFIX: Fix possible crash when setting RSS proxy (closes #676288)
    - BUGFIX: Fix HTTP redirect issue that would cause the torrent addition to
    show up for automated RSS downloads (Closes #677565)
--------------------------------------------------------------------------------
ChangeLog:

* Sun Nov 21 2010 leigh scott <leigh123linux@xxxxxxxxxxxxxx> - 1:2.4.11-1
- update to 2.4.11
--------------------------------------------------------------------------------


================================================================================
 rhn-custom-info-5.4.5-1.fc14 (FEDORA-2010-18064)
 Set and list custom values for RHN-enabled machines
--------------------------------------------------------------------------------
Update Information:

new package
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #553649 - Review Request: rhn-custom-info - Set and list custom values for RHN-enabled machines
        https://bugzilla.redhat.com/show_bug.cgi?id=553649
--------------------------------------------------------------------------------


================================================================================
 rubygem-i18n-0.4.2-2.fc14 (FEDORA-2010-18043)
 New wave Internationalization support for Ruby
--------------------------------------------------------------------------------
Update Information:

Initial update
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #652216 - Review Request: rubygem-i18n - New wave Internationalization support for Ruby
        https://bugzilla.redhat.com/show_bug.cgi?id=652216
--------------------------------------------------------------------------------


================================================================================
 samba-3.5.6-71.fc14 (FEDORA-2010-18044)
 Server and Client software to interoperate with Windows machines
--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 22 2010 Guenther Deschner <gdeschner@xxxxxxxxxx> - 3.5.6-71
- Handle no network case in init scripts
- resolves: #655766
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #655766 - Error message from initscript
        https://bugzilla.redhat.com/show_bug.cgi?id=655766
  [ 2 ] Bug #654408 - Nautilus fails to write to windows share
        https://bugzilla.redhat.com/show_bug.cgi?id=654408
--------------------------------------------------------------------------------


================================================================================
 solfege-3.18.7-1.fc14 (FEDORA-2010-18041)
 Music education software
--------------------------------------------------------------------------------
Update Information:

new upstream bugfix release
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov 17 2010 Christian Krause <chkr@xxxxxxxxxxx> - 3.18.7-1
- Update to new upstream release (BZ 648180)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #648180 - solfege-3.18.7 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=648180
--------------------------------------------------------------------------------


================================================================================
 udev-161-7.fc14 (FEDORA-2010-17930)
 A rule-based device node and kernel event manager
--------------------------------------------------------------------------------
Update Information:

It was discovered that /dev/systty device file created by dracut-generated initramfs scripts used an insecure file permissions.  This could possibly allow local user to snoop on other user's terminal.

Updated dracut no longer creates this file as device file, rather creates it a symbolic link to tty0 device file.  However, for this change to take effect, user needs to re-generate initramfs (any initramfs for all kernels that are going to be booted in the future) using updated dracut version and reboot the system.

This update also provides updated udev packages that replace systty device file with a symlink on udev package upgrade and each udev start.  This provides a work-around fix for users that fail to regenerate their initramfs and reboot as described above.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Nov 18 2010 Harald Hoyer <harald@xxxxxxxxxx> 161-7
- fix /dev/systty
Resolves: rhbz#654935
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #654489 - CVE-2010-4176  dracut: /dev/systty permissions could allow remote users to snoop on local users
        https://bugzilla.redhat.com/show_bug.cgi?id=654489
--------------------------------------------------------------------------------


================================================================================
 wireshark-1.4.2-1.fc14 (FEDORA-2010-18060)
 Network traffic analyzer
--------------------------------------------------------------------------------
Update Information:

The following vulnerabilities have been fixed. See the security advisory[1] for details and a workaround.
* Nephi Johnson of BreakingPoint discovered that the LDSS dissector could overflow a buffer. (Upstream bug 5318)
* The ZigBee ZCL dissector could go into an infinite loop. (Upstream bug 5303)

[1]http://www.wireshark.org/security/wnpa-sec-2010-14.html
http://www.wireshark.org/security/wnpa-sec-2010-13.html
--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 22 2010 Jan Safranek <jsafrane@xxxxxxxxxx> - 1.4.2-1
- upgrade to 1.4.2
- see http://www.wireshark.org/docs/relnotes/wireshark-1.4.2.html
--------------------------------------------------------------------------------


================================================================================
 x-tile-1.8.3-1.fc14 (FEDORA-2010-18056)
 A GNOME panel applet to tile windows in different ways
--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 22 2010 Mohamed El Morabity <melmorabity@xxxxxxxxxxxxxxxxx> - 1.8.3-1
- Update to 1.8.3
--------------------------------------------------------------------------------


================================================================================
 xsettings-kde-0.11-2.fc14 (FEDORA-2010-18049)
 XSettings Daemon for KDE
--------------------------------------------------------------------------------
Update Information:

This update makes GTK+/GNOME applications display icons in menus when running in a KDE (Plasma) session, as Qt/KDE applications do.

You will have to restart your session (log out and log back in) or manually restart xsettings-kde for the change to take effect.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 22 2010 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> - 0.11-2
- make GTK+ apps display menu images in KDE
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe: 
https://admin.fedoraproject.org/mailman/listinfo/test



[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux