Fedora 13 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 13 Security updates need testing:

    https://admin.fedoraproject.org/updates/bind-9.7.2-1.P3.fc13,bind-dyndb-ldap-0.1.0-0.10.a1.20091210git.fc13,dnsperf-1.0.1.0-19.fc13
    https://admin.fedoraproject.org/updates/kernel-2.6.34.7-63.fc13
    https://admin.fedoraproject.org/updates/mailman-2.1.12-16.fc13
    https://admin.fedoraproject.org/updates/phpMyAdmin-3.3.8.1-1.fc13
    https://admin.fedoraproject.org/updates/wireshark-1.2.13-1.fc13
    https://admin.fedoraproject.org/updates/krb5-1.7.1-16.fc13
    https://admin.fedoraproject.org/updates/bareftp-0.3.7-1.fc13


The following Fedora 13 Critical Path updates have yet to be approved:

    https://admin.fedoraproject.org/updates/kernel-2.6.34.7-63.fc13
    https://admin.fedoraproject.org/updates/selinux-policy-3.7.19-74.fc13
    https://admin.fedoraproject.org/updates/perl-5.10.1-121.fc13,perl-CGI-3.50-2.fc13
    https://admin.fedoraproject.org/updates/elfutils-0.150-2.fc13
    https://admin.fedoraproject.org/updates/livecd-tools-13.0-1.fc13
    https://admin.fedoraproject.org/updates/mingetty-1.08-6.fc13
    https://admin.fedoraproject.org/updates/sendmail-8.14.4-6.fc13
    https://admin.fedoraproject.org/updates/mash-0.5.20-1.fc13
    https://admin.fedoraproject.org/updates/openldap-2.4.21-11.fc13
    https://admin.fedoraproject.org/updates/nss-3.12.7-4.fc13,nss-util-3.12.7-2.fc13,nss-softokn-3.12.7-3.fc13,nspr-4.8.6-1.fc13
    https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-7.fc13


The following builds have been pushed to Fedora 13 updates-testing

    3Depict-0.0.3-1.fc13
    PyQuante-1.6.3-7.174svn.fc13
    bind-9.7.2-1.P3.fc13
    bind-dyndb-ldap-0.1.0-0.10.a1.20091210git.fc13
    cobbler-2.0.8-1.fc13
    dnsperf-1.0.1.0-19.fc13
    elfutils-0.150-2.fc13
    ibus-input-pad-0.1.4-1.fc13
    jnr-netdb-1.0.1-3.fc13
    jnr-posix-1.1.4-3.fc13
    kernel-2.6.34.7-63.fc13
    publican-2.5-1.fc13
    rubygem-boxgrinder-build-0.6.4-3.fc13
    tortoisehg-1.1.7-1.fc13
    wmfrog-0.3.1-1.fc13

Details about builds:


================================================================================
 3Depict-0.0.3-1.fc13 (FEDORA-2010-18487)
 Valued 3D point cloud visualization and analysis
--------------------------------------------------------------------------------
Update Information:

Update to 0.0.3
--------------------------------------------------------------------------------
ChangeLog:

* Fri Nov 26 2010 D Haley <mycae(a!t)yahoo.com> - 0.0.3-1
- Update to 0.0.3
--------------------------------------------------------------------------------


================================================================================
 PyQuante-1.6.3-7.174svn.fc13 (FEDORA-2010-18497)
 Python Quantum Chemistry
--------------------------------------------------------------------------------
Update Information:

Rebuild against newly recompiled libint. Added Requires: openbabel. Split libint module into separate package due to different licensing.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Dec  2 2010 Jussi Lehtola <jussilehtola@xxxxxxxxxxxxxxxxx> - 1.6.3-7.174svn
- Rebuild against libint, which was recompiled to support basis sets of
  larger angular momentum.
* Wed Dec  1 2010 Jussi Lehtola <jussilehtola@xxxxxxxxxxxxxxxxx> - 1.6.3-6.174svn
- Added Requires: openbabel.
- Split libint library in a separate package due to the resulting binary
  being GPLv2+ licensed.
--------------------------------------------------------------------------------


================================================================================
 bind-9.7.2-1.P3.fc13 (FEDORA-2010-18521)
 The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server
--------------------------------------------------------------------------------
Update Information:

Update to 9.7.2-P3 release which contains various security fixes.

This update also provides bind-dyndb-ldap and dnsperf packages rebuild against updated bind.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Dec  2 2010 Adam Tkac <atkac redhat com> 32:9.7.2-1.P3
- update to 9.7.2-P3
* Mon Nov 29 2010 Jan GÃrig <jgorig redhat com> 32:9.7.1-3.P2
- added root zone DNS key
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #658974 - CVE-2010-3613 bind: failure to clear existing RRSIG records when a NO DATA is negatively cached could DoS named
        https://bugzilla.redhat.com/show_bug.cgi?id=658974
  [ 2 ] Bug #658977 - CVE-2010-3614 bind: key algorithm rollover may mark secure answers as insecure
        https://bugzilla.redhat.com/show_bug.cgi?id=658977
--------------------------------------------------------------------------------


================================================================================
 bind-dyndb-ldap-0.1.0-0.10.a1.20091210git.fc13 (FEDORA-2010-18521)
 LDAP back-end plug-in for BIND
--------------------------------------------------------------------------------
Update Information:

Update to 9.7.2-P3 release which contains various security fixes.

This update also provides bind-dyndb-ldap and dnsperf packages rebuild against updated bind.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec  3 2010 Adam Tkac <atkac redhat com> - 0.1.0-0.10.a1.20091210git
- rebuild against new bind
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #658974 - CVE-2010-3613 bind: failure to clear existing RRSIG records when a NO DATA is negatively cached could DoS named
        https://bugzilla.redhat.com/show_bug.cgi?id=658974
  [ 2 ] Bug #658977 - CVE-2010-3614 bind: key algorithm rollover may mark secure answers as insecure
        https://bugzilla.redhat.com/show_bug.cgi?id=658977
--------------------------------------------------------------------------------


================================================================================
 cobbler-2.0.8-1.fc13 (FEDORA-2010-18507)
 Boot server configurator
--------------------------------------------------------------------------------
Update Information:

New upstream release, see CHANGELOG for full list of updates.

Cobbler 2.0.4 release

Cobbler 2.0.4 release

Cobbler 2.0.4 release



Cobbler 2.0.4 release

--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec  3 2010 Scott Henson <shenson@xxxxxxxxxx> - 2.0.8-1
- New upstream release
* Mon Oct 18 2010 Scott Henson <shenson@xxxxxxxxxx> - 2.0.7-1
- Bug fix relase, see Changelog for details
* Tue Jul 13 2010 Scott Henson <shenson@xxxxxxxxxx> - 2.0.5-1
- Bug fix release, see Changelog for details
* Tue Apr 27 2010 Scott Henson <shenson@xxxxxxxxxx> - 2.0.4-1
- Bug fix release, see Changelog for details
--------------------------------------------------------------------------------


================================================================================
 dnsperf-1.0.1.0-19.fc13 (FEDORA-2010-18521)
 Benchmarking authorative and recursing DNS servers
--------------------------------------------------------------------------------
Update Information:

Update to 9.7.2-P3 release which contains various security fixes.

This update also provides bind-dyndb-ldap and dnsperf packages rebuild against updated bind.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec  3 2010 Adam Tkac <atkac redhat com> - 1.0.1.0-19
- rebuild against new bind
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #658974 - CVE-2010-3613 bind: failure to clear existing RRSIG records when a NO DATA is negatively cached could DoS named
        https://bugzilla.redhat.com/show_bug.cgi?id=658974
  [ 2 ] Bug #658977 - CVE-2010-3614 bind: key algorithm rollover may mark secure answers as insecure
        https://bugzilla.redhat.com/show_bug.cgi?id=658977
--------------------------------------------------------------------------------


================================================================================
 elfutils-0.150-2.fc13 (FEDORA-2010-18148)
 A collection of utilities and DSOs to handle compiled objects
--------------------------------------------------------------------------------
Update Information:

This update fixes bugs in handling prelinked DSO files with separate debug files and in handling files with very large .debug_aranges sections.

--------------------------------------------------------------------------------
ChangeLog:

* Thu Dec  2 2010 Roland McGrath <roland@xxxxxxxxxx> - 0.150-2
- libdwfl: Remove bogus assert. (#658268)
* Tue Nov 23 2010 Roland McGrath <roland@xxxxxxxxxx> - 0.150-1
- Update to 0.150
  - libdw: Fix for handling huge .debug_aranges section. (#638432)
  - libdwfl: Fix for handling prelinked DSO with separate debug file. (#652857)
  - findtextrel: Fix diagnostics to work with usual section ordering.
* Wed Sep 29 2010 jkeating - 0.149-2
- Rebuilt for gcc bug 634757
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #638432 - [abrt] elfutils-0.149-1.fc13: dwarf_getaranges: Process /usr/bin/eu-findtextrel was killed by signal 11 (SIGSEGV)
        https://bugzilla.redhat.com/show_bug.cgi?id=638432
  [ 2 ] Bug #652857 - misaddresed user-space probes on prelinked shared libraries on i686 (REL)
        https://bugzilla.redhat.com/show_bug.cgi?id=652857
--------------------------------------------------------------------------------


================================================================================
 ibus-input-pad-0.1.4-1.fc13 (FEDORA-2010-18513)
 Input Pad for IBus
--------------------------------------------------------------------------------
Update Information:

Updated package is available.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec  3 2010 Takao Fujiwara <tfujiwar@xxxxxxxxxx> - 0.1.4-1
- Bumped to 0.1.4
--------------------------------------------------------------------------------


================================================================================
 jnr-netdb-1.0.1-3.fc13 (FEDORA-2010-18494)
 Network services database access for java
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #646637 - Review Request: jnr-netdb - Network services database access for java
        https://bugzilla.redhat.com/show_bug.cgi?id=646637
--------------------------------------------------------------------------------


================================================================================
 jnr-posix-1.1.4-3.fc13 (FEDORA-2010-18503)
 Java Posix layer
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #561477 - Review Request: jnr-posix - Java Posix layer
        https://bugzilla.redhat.com/show_bug.cgi?id=561477
--------------------------------------------------------------------------------


================================================================================
 kernel-2.6.34.7-63.fc13 (FEDORA-2010-18506)
 The Linux kernel
--------------------------------------------------------------------------------
Update Information:

Various security fixes and bug fixes.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec  3 2010 Kyle McMartin <kyle@xxxxxxxxxx> 2.6.34.7-63
- Enable hpilo.ko on x86_64. (#571329)
* Mon Nov 29 2010 Kyle McMartin <kyle@xxxxxxxxxx>
- Make ima an opt-in parameter like we did in F-14. Pass ima=on if you want
  it enabled.
* Mon Nov 29 2010 Kyle McMartin <kyle@xxxxxxxxxx>
- Backport XFS fixes for the kernel.org xfs boog. [4d4e307a]
  Needed two other backports to simplify life.
* Fri Nov 26 2010 Kyle McMartin <kyle@xxxxxxxxxx>
- Quiet a netlink build warning the INET_DIAG fix caused.
* Fri Nov 26 2010 Kyle McMartin <kyle@xxxxxxxxxx>
- Plug stack leaks in tty/serial drivers. (#648663, #648660)
* Fri Nov 26 2010 Kyle McMartin <kyle@xxxxxxxxxx>
- r8169 fixes from sgruszka@xxxxxxxxxx (#502974)
* Wed Nov 24 2010 John W. Linville <linville@xxxxxxxxxx>
- rtl8180: improve signal reporting for rtl8185 hardware
- rtl8180: improve signal reporting for actual rtl8180 hardware
* Tue Nov 23 2010 Kyle McMartin <kyle@xxxxxxxxxx>
- zero struct memory in ipc compat (CVE-2010-4073) (#648658)
- zero struct memory in ipc shm (CVE-2010-4072) (#648656)
- fix logic error in INET_DIAG bytecode auditing (CVE-2010-3880) (#651264)
- posix-cpu-timers: workaround to suppress the problems with mt exec
  (rhbz#656264)
- clear memory in viafb ioctl (CVE-2010-4082) (#648671)
* Fri Oct 22 2010 Kyle McMartin <kyle@xxxxxxxxxx> 2.6.34.7-62
- tpm-autodetect-itpm-devices.patch: Auto-fix TPM issues on various
  laptops which prevented suspend/resume.
- depessimize-rds_copy_page_user.patch: Fix CVE-2010-3904, local
  privilege escalation via RDS protocol.
- rt2x00: Backport fixes for #642031 from Stanislaw Gruszka.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #648663 - CVE-2010-4077 kernel: drivers/char/nozomi.c: reading uninitialized stack memory
        https://bugzilla.redhat.com/show_bug.cgi?id=648663
  [ 2 ] Bug #648660 - CVE-2010-4075 kernel: drivers/serial/serial_core.c: reading uninitialized stack memory
        https://bugzilla.redhat.com/show_bug.cgi?id=648660
  [ 3 ] Bug #648658 - CVE-2010-4073 kernel: ipc/compat*.c: reading uninitialized stack memory
        https://bugzilla.redhat.com/show_bug.cgi?id=648658
  [ 4 ] Bug #648656 - CVE-2010-4072 kernel: ipc/shm.c: reading uninitialized stack memory
        https://bugzilla.redhat.com/show_bug.cgi?id=648656
  [ 5 ] Bug #651264 - CVE-2010-3880 kernel: logic error in INET_DIAG bytecode auditing
        https://bugzilla.redhat.com/show_bug.cgi?id=651264
  [ 6 ] Bug #656264 - CVE-2010-4248 kernel: posix-cpu-timers: workaround to suppress the problems with mt exec
        https://bugzilla.redhat.com/show_bug.cgi?id=656264
  [ 7 ] Bug #648671 - CVE-2010-4082 kernel: drivers/video/via/ioctl.c: reading uninitialized stack memory
        https://bugzilla.redhat.com/show_bug.cgi?id=648671
--------------------------------------------------------------------------------


================================================================================
 publican-2.5-1.fc13 (FEDORA-2010-18499)
 Common files and scripts for publishing with DocBook XML
--------------------------------------------------------------------------------
Update Information:

* Thu Dec 2 2010 RÃdiger Landmann <r.landmann@xxxxxxxxxx> 2.5-1
- Rebase on new upstream version -- BZ#659589 BZ#659590 BZ#659591
--------------------------------------------------------------------------------
ChangeLog:

* Thu Dec  2 2010 RÃdiger Landmann <r.landmann@xxxxxxxxxx> 2.5-1
- Rebase on new upstream version -- BZ#659589 BZ#659590 BZ#659591
* Thu Dec  2 2010 RÃdiger Landmann <r.landmann@xxxxxxxxxx> 2.4-1
- Rebase on new upstream version -- BZ#659127 BZ#659128 BZ#659129
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #659591 - Update to new upstream version
        https://bugzilla.redhat.com/show_bug.cgi?id=659591
--------------------------------------------------------------------------------


================================================================================
 rubygem-boxgrinder-build-0.6.4-3.fc13 (FEDORA-2010-18511)
 A tool for creating appliances from simple plain text files
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #652400 - Review Request: rubygem-boxgrinder-build - Creates appliances for various virtual environments
        https://bugzilla.redhat.com/show_bug.cgi?id=652400
--------------------------------------------------------------------------------


================================================================================
 tortoisehg-1.1.7-1.fc13 (FEDORA-2010-18520)
 Mercurial GUI command line tool hgtk
--------------------------------------------------------------------------------
Update Information:

This is a bug fix release, with minor improvements. Users are recommended to upgrade.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Dec  2 2010 Mads Kiilerich <mads@xxxxxxxxxxxxx> - 1.1.7-1
- tortoisehg-1.1.7
* Tue Nov 16 2010 Mads Kiilerich <mads@xxxxxxxxxxxxx> - 1.1.6.1-1
- tortoisehg-1.1.6.1
* Tue Nov 16 2010 Mads Kiilerich <mads@xxxxxxxxxxxxx> - 1.1.6-1
- tortoisehg-1.1.6
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #659431 - tortoisehg-1.1.7 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=659431
--------------------------------------------------------------------------------


================================================================================
 wmfrog-0.3.1-1.fc13 (FEDORA-2010-18492)
 A weather application, it shows the weather in a graphical way
--------------------------------------------------------------------------------
Update Information:

Fix weather parser
--------------------------------------------------------------------------------
ChangeLog:

* Thu Dec  2 2010 Petr Pisar <ppisar@xxxxxxxxxx> - 0.3.1-1
- 0.3.1 bump
- Fixed clouds/wind parsing issues
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe: 
https://admin.fedoraproject.org/mailman/listinfo/test



[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux