Fedora 12 updates-testing report

updates@xxxxxxxxxxxxxxxxx · Wed, 01 Dec 2010 22:04:28 +0000

The following Fedora 12 Security updates need testing:

    https://admin.fedoraproject.org/updates/mailman-2.1.12-10.fc12
    https://admin.fedoraproject.org/updates/wireshark-1.2.13-1.fc12
    https://admin.fedoraproject.org/updates/phpMyAdmin-3.3.8.1-1.fc12
    https://admin.fedoraproject.org/updates/clamav-0.96.4-1200.fc12
    https://admin.fedoraproject.org/updates/krb5-1.7.1-16.fc12
    https://admin.fedoraproject.org/updates/bareftp-0.3.7-1.fc12

The following Fedora 12 Critical Path updates have yet to be approved:

    https://admin.fedoraproject.org/updates/glibc-2.11.3-1
    https://admin.fedoraproject.org/updates/pungi-2.0.20.1-1.fc12
    https://admin.fedoraproject.org/updates/findutils-4.4.2-7.fc12
    https://admin.fedoraproject.org/updates/nss-softokn-3.12.4-16.fc12
    https://admin.fedoraproject.org/updates/xorg-x11-drv-ati-6.13.0-0.22.20100316git819b4015.fc12
    https://admin.fedoraproject.org/updates/util-linux-ng-2.16.2-4.fc12
    https://admin.fedoraproject.org/updates/xorg-x11-drv-synaptics-1.2.0-3.fc12
    https://admin.fedoraproject.org/updates/findutils-4.4.2-5.fc12

The following builds have been pushed to Fedora 12 updates-testing

    krb5-1.7.1-16.fc12
    phpwapmail-0.9.4-1.fc12
    spyder-2.0.1-1.fc12
    xl2tpd-1.2.7-1.fc12

Details about builds:

================================================================================
 krb5-1.7.1-16.fc12 (FEDORA-2010-18421)
 The Kerberos network authentication system
--------------------------------------------------------------------------------
Update Information:

This update incorporates the upstream patches to correct bugs outlined in MITKRB5-SA-2010-007 (CVE-2010-1323, CVE-2010-1324, and CVE-2010-4020).
--------------------------------------------------------------------------------
ChangeLog:

* Tue Nov 30 2010 Nalin Dahyabhai <nalin@xxxxxxxxxx> 1.7.1-16
- add upstream patch to fix various issues from MITKRB5-SA-2010-007
  (CVE-2010-1323, #648734, CVE-2010-1324, #648674)
* Thu Sep 23 2010 Nalin Dahyabhai <nalin@xxxxxxxxxx> 1.7.1-15
- make -libs actually own /usr/kerberos, because it may be the only reason
  that directory exists, due to owning /usr/kerberos/share (#636746)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #648734 - CVE-2010-1323 krb5: incorrect acceptance of certain checksums (MITKRB5-SA-2010-007)
        https://bugzilla.redhat.com/show_bug.cgi?id=648734
  [ 2 ] Bug #648674 - CVE-2010-1324 krb5: multiple checksum handling vulnerabilities (MITKRB5-SA-2010-007)
        https://bugzilla.redhat.com/show_bug.cgi?id=648674
  [ 3 ] Bug #648735 - CVE-2010-4020 krb5: krb5 may accept authdata checksums with low-entropy derived keys (MITKRB5-SA-2010-007)
        https://bugzilla.redhat.com/show_bug.cgi?id=648735
--------------------------------------------------------------------------------

================================================================================
 phpwapmail-0.9.4-1.fc12 (FEDORA-2010-18423)
 WAP-based e-mail client
--------------------------------------------------------------------------------
Update Information:

Update to 0.9.4 to fix issues with php 5.3 and later
--------------------------------------------------------------------------------
ChangeLog:

* Wed Dec  1 2010 Dmitry Butskoy <Dmitry@xxxxxxxxxxxx> - 0.9.4-1
- update to 0.9.4
--------------------------------------------------------------------------------

================================================================================
 spyder-2.0.1-1.fc12 (FEDORA-2010-18395)
 Scientific Python Development Environment
--------------------------------------------------------------------------------
Update Information:

Update to 2.0.1
--------------------------------------------------------------------------------
ChangeLog:

* Wed Dec  1 2010 Chen Lei <supercyper@xxxxxxx> - 2.0.1-1
- Update to 2.0.1
--------------------------------------------------------------------------------

================================================================================
 xl2tpd-1.2.7-1.fc12 (FEDORA-2010-18417)
 Layer 2 Tunnelling Protocol Daemon (RFC 2661)
--------------------------------------------------------------------------------
Update Information:

Updated to latest upstream
--------------------------------------------------------------------------------
ChangeLog:

* Tue Nov 30 2010 Paul Wouters <paul@xxxxxxxxxxxxx> - 1.2.7-1
- Updated to 1.2.7
- Added more DEBUG build options to the make command
- Minor cleanups
* Sat Jan  9 2010 Paul Wouters <paul@xxxxxxxxxxxxx> - 1.2.5-2
- Bump for broken tag
* Sat Jan  9 2010 Paul Wouters <paul@xxxxxxxxxxxxx> - 1.2.5-1
- Upgraded to 1.2.5. (fixes interop with two Windows machines behind same NAT)
- Fix mix space/tab in spec file
- Added missing keyword Default-Stop
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #547316 - xl2tpd-1.2.7 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=547316
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe: 
https://admin.fedoraproject.org/mailman/listinfo/test