Fedora 14 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 14 Security updates need testing:

    https://admin.fedoraproject.org/updates/mantis-1.1.8-5.fc14
    https://admin.fedoraproject.org/updates/libwmf-0.2.8.4-27.fc14
    https://admin.fedoraproject.org/updates/opensc-0.11.13-6.fc14
    https://admin.fedoraproject.org/updates/wordpress-2.8.6-3.fc14
    https://admin.fedoraproject.org/updates/drupal-views-6.x.2.12-1.fc14
    https://admin.fedoraproject.org/updates/collectd-4.9.4-1.fc14
    https://admin.fedoraproject.org/updates/php-5.3.4-1.fc14.1,php-eaccelerator-0.9.6.1-3.fc14,maniadrive-1.2-23.fc14
    https://admin.fedoraproject.org/updates/perl-CGI-Simple-1.112-2.fc14
    https://admin.fedoraproject.org/updates/exim-4.72-2.fc14


The following Fedora 14 Critical Path updates have yet to be approved:

    https://admin.fedoraproject.org/updates/python-decorator-3.2.1-1.fc14
    https://admin.fedoraproject.org/updates/xorg-x11-drv-geode-2.11.10-1.fc14


The following builds have been pushed to Fedora 14 updates-testing

    cabal2spec-0.22.4-1.fc14
    ghc-rpm-macros-0.8.3-1.fc14
    identicurse-0.5.1-1.fc14
    libisofs-0.6.40-1.fc14
    libnet-1.1.5-1.fc14
    lilypond-2.13.39-3.fc14
    nicotine+-1.2.16-2.fc14
    perl-Authen-Simple-Passwd-0.6-1.fc14
    perl-CGI-Emulate-PSGI-0.10-1.fc14
    sems-1.3.1-2.fc14
    spor-1.0-3.fc14
    tmux-1.4-1.fc14
    vtk-5.6.0-38.fc14
    wordpress-2.8.6-3.fc14
    zbar-0.10-7.fc14

Details about builds:


================================================================================
 cabal2spec-0.22.4-1.fc14 (FEDORA-2010-19293)
 Tool for creating .spec files for Haskell Cabal Packages
--------------------------------------------------------------------------------
Update Information:




--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 20 2010 Jens Petersen <petersen@xxxxxxxxxx> - 0.22.4-1
- bring back debug_package override for consistency (thanks narasim_7)
* Thu Dec  9 2010 Jens Petersen <petersen@xxxxxxxxxx> - 0.22.3-1
- lower ghc-rpm-macros requires to 0.7.3 (f13) for easier backporting
- drop bcond for shared (default from f13) and hscolour (assumed from f14)
- drop debug_package override since it is in ghc-rpm-macros
- defining and cleaning buildroot is deprecated
- improve parsing of Name, Version, and Executable
--------------------------------------------------------------------------------


================================================================================
 ghc-rpm-macros-0.8.3-1.fc14 (FEDORA-2010-19299)
 Macros for building packages for GHC
--------------------------------------------------------------------------------
ChangeLog:

* Wed Dec 29 2010 Jens Petersen <petersen@xxxxxxxxxx> - 0.8.3-1
- revert disabling debug_package, since with redhat-rpm-config installed
  the behaviour depended on the position of ghc_lib_package in the spec file
  (reported by narasim_7)
--------------------------------------------------------------------------------


================================================================================
 identicurse-0.5.1-1.fc14 (FEDORA-2010-19195)
 Curses based Status.net client
--------------------------------------------------------------------------------
Update Information:

Package Name: identicurse
Short Description: A simple but powerful Identi.ca client with a curses-based UI.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #661354 - Review Request: identicurse - Curses based Status.net client
        https://bugzilla.redhat.com/show_bug.cgi?id=661354
--------------------------------------------------------------------------------


================================================================================
 libisofs-0.6.40-1.fc14 (FEDORA-2010-19285)
 Library to create ISO 9660 disk images
--------------------------------------------------------------------------------
Update Information:

This release makes the prediction of the emerging image size less expensive and is able to make images bootable for SUN SPARC systems.

Changes towards previous version 0.6.38:

  * New API call iso_write_opts_set_disc_label(), new system area type 3 = SUN Disk Label for booting SUN SPARC systems.
  * New API call iso_write_opts_set_will_cancel() avoids start of write thread and is to be used to inquire the future image size.
  * New error reply code ISO_DISPLACE_ROLLOVER for external data sources with address displacement.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Dec 28 2010 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 0.6.40-1
- Upgrade to 0.6.40
--------------------------------------------------------------------------------


================================================================================
 libnet-1.1.5-1.fc14 (FEDORA-2010-19300)
 C library for portable packet creation and injection
--------------------------------------------------------------------------------
Update Information:

Upstream changes for libnet 1.1.5:

  - IRIX: Get MAC address from ioctl(), not by spawning shell.
  - Compile fix for IRIX (added includes)
  - Don't explicitly check for UID 0, we may have capabilities even if not root.
  - Cleaned up implementations of libnet_get_hwaddr(), some leaked memory, one returned a pointer to data on the stack, and the others return a pointer to static data. I'm settling on the non-reentrant static data form.
  - Visual C++ compiler(v9.0) uses bitfield type as a hint to pad the bitfield, so struct was too long.
  - Further simplify autogen.sh
  - Removed dependency on net/bpf.h, and on pcap.h.
  - LBL_ALIGN check is unused, removing.
  - Don't include pcap.h if we've already got net/bpf.h, pcap has it's own bpf.
  - Make libnet_get_hwaddr work in the last few releases of OpenBSD
  - Get DLT types from the source, <pcap.h>.
  - Use autoconf -ivf in autogen.sh
  - Don't distribute libnet.h, it is generated by configure
  - AIX build failures fixed, cause was inclusion of system headers libnet no longer uses
  - Add a link to the old docs.
  - Added links to github and sourceforge.
  - Replace C99/C++ comments with traditional C comments.
  - checksum would segfault if a IP checksum was requested for a non-ipv4 header
  - Closer backwards compat, assume its ipv4 if it's not ipv6. This seems totally wrong, but so it goes.
  - Try using the ip_len header field to guess the input buffer's size.
  - libnet_do_checksum(), despite being "internal", is used by external code. libnet needs to maintain backwards API compatibility, tcpsic from the isic package is an example of a binary failing when calling the new API with the old arguments.
  - merged icmpv6 patch in, but I believe either it or the sample/icmp6_unreach generates the cksum incorrectly
  - Use libtool-1 or libtool-2 whatever available
  - Avoid looking at /dev and /usr/include when cross-compiling Alon: The following code support cross compiling: 1. You CANNOT check for /usr/include stuff as cross compiler is installed else-where. Autoconf know how to do this, use its header detection logic and ask the result. 2. Testing for /dev/ can be done only when not cross compiling...
  - Corrected target_os check, it was broke for linuxgnu, and m4 syntax was invalid Alon:The following change is needed in order to solve two issues: 1. linuxgnu and such target os. 2. You cannot set variable with space before '=' as it tries to execute the variable... 3. Print result of test in case of linux
  - --with-link-layer broken, was using wrong macro name, and didn't include all link types
  - ac_cv_c_bigendian is yes, not "big"
  - Remove dead code.
  - h_len is calculated for ip, udp, tcp, icmp, and igmp, so is allowed to be zero.
  - libnet_t's fd should be initialized to an invalid value, or libnet_destroy() will close stdin.
  - Alon's use of AC_CHECK_HEADERS fails to detect headers. Reverted part of 57acd56f09158decb69f301e7547ce8cde6ac63f
  - With link_none, the link apis were failing with not error message.
  - man doc makefile wasn't correctly referring to the srcdir
  - Avoid mallocing zero bytes, it perturbs electric fence.
  - autotools patches for cross compiling and seperate builddir
  - html doc makefile wasn't correctly referring to the srcdir
  - ip_offset is now calculated on the fly, and UDP and TCP no longer use h_len
  - IP offset calculation should allow nesting of IP protocols.
  - Remove gccisms in bitfield definitions.
  - injection type of LIBNET_NONE, for packet construction without injection (also, more const correctness) 
  - Notes about checksumming. 
  - libnet_build_tcp was not returning the ptag. 
  - Packet boundaries are now passed to _do_checksum(), so it can validate its input. Hopefully, this will end the recurring segmentation faults due to buffer overruns. 
  - TCP building is triggering memory overwrites; closer examination shows the link list manipulation to be wrong, and the checksumming approach to be incapable of working. I reworked code to simplify and clarify how it works currently, in preparation to fixing it. 
  - Updated comments and notes. 
  - Null the pointer in the about-to-be-freed structure, not the one on the stack.
  - Added missing pblock types, and made strings consistent with definitions.
  - Change version policy, we will be 1.1.4 until 1.1.5 is released.
  - Bring CHANGELOG up to date with today, and script used to generated it.
  - Begin implementation and tests for repairing pblocks after an update.
  - libnet_pblock_insert_before() didn't remove ptag2 from old location
  - Clarifications in document comments.
  - Don't doxygen process internal header libnet-headers.h
  - Declared many constant arguments as const, const-correct code spews warnings when built against libnet.
  - Include pcap DLT_ types from correct header, was using an internal one before.
  - Declared many constant arguments as const, const-correct code spews warnings when built against libnet.
  - Note about build_data, which doesn't update ip_offset, among other problems.
  - libnet_clear_packet() wasn't clearing all packet context.
  - Why don't TCP and UDP use the DATA pblock type?
  - whitespace cleanup
  - Add libnet_dll.c as extra, so its there for win32, and build libnet_link.c
  - This file wasn't being built, and needed to include bpf to build.
  - Forgot to make device a const string here, too.
  - make string argument constant
  - only ignore Makefile in libnet/
  - Replace u_intX_t with C99 uintX_t.
  - pclose() following popen(), not fclose()
  - snoof & dlpi: don't free on libnet_link_close()
  - Summarize changes for log.
  - Reindented, removing hard tabs, and using consistent brace positioning.
  - The non-standard types are no longer used.
  - /sw/.. path doesn't always exist
  - src/libnet_link_snoop.c: Only fclose if f!=NULL
  - src/libnet_link_snoop.c: fixed snoop-based backend. Works on IRIX.
  - Use uint64_t, not u_int64_t
  - define a lying gethostbyname2() if it's not defined
  - define STDOUT_FILENO if it's not defined
  - configure.in: check for gethostbyname2
  - configure.in: Check for uint{16,32,64}_t
  - Configure switch to install samples
  - Attempt at applying a patch to get installable samples, which doesn't work.
  - Pointers not cleared after free could lead to double deallocation.
  - Convert CRLF to LF.
  - Auto* changes to work on OS X from git checkout.
  - Update autobuild endianness and unaligned checks.
  - Add srcdir to include path.
  - Adjust srcdir and builddir so libnet can build out-of-tree
--------------------------------------------------------------------------------
ChangeLog:

* Tue Dec 28 2010 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.1.5-1
- Upgrade to 1.1.5
--------------------------------------------------------------------------------


================================================================================
 lilypond-2.13.39-3.fc14 (FEDORA-2010-18912)
 A typesetting system for music notation
--------------------------------------------------------------------------------
Update Information:

Updated to new upstream as rebuild was needed for Python 2.7 and the old version wasn't build.

Fix vim paths.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Dec 29 2010 Jon Ciesla <limb@xxxxxxxxxxxx> - 2.13.39-3
- Scriptlet fix.
* Mon Dec 20 2010 Jon Ciesla <limb@xxxxxxxxxxxx> - 2.13.39-2
- Update for new vim, BZ 663889.
* Mon Nov 15 2010 Jon Ciesla <limb@xxxxxxxxxxxx> - 2.13.39-1
- Update to first Beta for 2.14.x to fix FTBFS BZ 631363.
* Wed Aug 11 2010 David Malcolm <dmalcolm@xxxxxxxxxx> - 2.12.3-3
- recompiling .py files against Python 2.7 (rhbz#623331)
* Thu Jul 15 2010 Jon Ciesla <limb@xxxxxxxxxxxx> - 2.12.3-2
- Update for new licensing guidelines.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #623331 - lilypond may need to be rebuilt against Python 2.7 in F14 and rawhide
        https://bugzilla.redhat.com/show_bug.cgi?id=623331
  [ 2 ] Bug #663889 - vim version should now be 73 but still is 72
        https://bugzilla.redhat.com/show_bug.cgi?id=663889
  [ 3 ] Bug #666065 - Old package won't remove when new version installed
        https://bugzilla.redhat.com/show_bug.cgi?id=666065
--------------------------------------------------------------------------------


================================================================================
 nicotine+-1.2.16-2.fc14 (FEDORA-2010-19295)
 A client for the SoulSeek file sharing network
--------------------------------------------------------------------------------
ChangeLog:

* Wed Dec 29 2010 Mohamed El Morabity <melmorabity@xxxxxxxxxxxxxxxx> - 1.2.16-2
- Add nicotine+-1.2.16-RHBZ662786.patch paych to fix RHBZ #66278
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #662786 - [abrt] nicotine+-1.2.16-1.fc13: slskmessages.py:69:__init__:Exception: Programming bug
        https://bugzilla.redhat.com/show_bug.cgi?id=662786
--------------------------------------------------------------------------------


================================================================================
 perl-Authen-Simple-Passwd-0.6-1.fc14 (FEDORA-2010-19291)
 Simple Passwd authentication
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #664904 - Review Request: perl-Authen-Simple-Passwd - Simple Passwd authentication
        https://bugzilla.redhat.com/show_bug.cgi?id=664904
--------------------------------------------------------------------------------


================================================================================
 perl-CGI-Emulate-PSGI-0.10-1.fc14 (FEDORA-2010-19303)
 PSGI adapter for CGI applications
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #664815 - Review Request: perl-CGI-Emulate-PSGI - PSGI adapter for CGI
        https://bugzilla.redhat.com/show_bug.cgi?id=664815
  [ 2 ] Bug #575497 - Review Request: perl-CGI-Emulate-PSGI - PSGI adapter for CGI applications
        https://bugzilla.redhat.com/show_bug.cgi?id=575497
--------------------------------------------------------------------------------


================================================================================
 sems-1.3.1-2.fc14 (FEDORA-2010-19294)
 SIP Express Media Server, an extensible SIP media server
--------------------------------------------------------------------------------
Update Information:

- Fixed segfault in gateway module
- Properly install email template for voicemail module
- Don't start py_sems by default (causes issues with python2.7)
- Ver. 1.3.1 (Fully API/ABI compatible with previous version)
Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version.
Fixed severe issue, which caused segfaults
Several minor bugfixes and one big fix for regression in modules conference and early_media.
- Ver. 1.3.1 (Fully API/ABI compatible with previous version)
Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version.
Fixed severe issue, which caused segfaults
Several minor bugfixes and one big fix for regression in modules conference and early_media.
- Ver. 1.3.1 (Fully API/ABI compatible with previous version)
Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version.
Fixed severe issue, which caused segfaults
Several minor bugfixes and one big fix for regression in modules conference and early_media.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Dec 29 2010 Peter Lemenkov <lemenkov@xxxxxxxxx> 1.3.1-2
- Fixed segfault in gateway module
- Properly install email template for voicemail module
- Don't start py_sems by default (causes issues with python2.7)
* Mon Dec 27 2010 Peter Lemenkov <lemenkov@xxxxxxxxx> 1.3.1-1
- Ver. 1.3.1 (Bugfix release)
* Wed Sep 29 2010 Peter Lemenkov <lemenkov@xxxxxxxxx> 1.3.0-2
- Workaround for missing atomic built-ins in EPEL5 old gcc
--------------------------------------------------------------------------------


================================================================================
 spor-1.0-3.fc14 (FEDORA-2010-19289)
 Store file modes (permission/ownership) recursively
--------------------------------------------------------------------------------
Update Information:

Making new package available.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #650744 - Review Request: spor - Store file modes (permission/ownership) recursively
        https://bugzilla.redhat.com/show_bug.cgi?id=650744
--------------------------------------------------------------------------------


================================================================================
 tmux-1.4-1.fc14 (FEDORA-2010-19305)
 A terminal multiplexer
--------------------------------------------------------------------------------
Update Information:

New upstream release
--------------------------------------------------------------------------------
ChangeLog:

* Tue Dec 28 2010 Filipe Rosset <rosset.filipe@xxxxxxxxx> 1.4-1
- New upstream release
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #665992 - tmux-1.4 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=665992
--------------------------------------------------------------------------------


================================================================================
 vtk-5.6.0-38.fc14 (FEDORA-2010-19284)
 The Visualization Toolkit - A high level 3D visualization library
--------------------------------------------------------------------------------
Update Information:

Enable Qt4 support
--------------------------------------------------------------------------------
ChangeLog:

* Tue Dec 28 2010 Orion Poplawski <orion@xxxxxxxxxxxxx> - 5.6.0-38
- Enable qt4 support, drop qt3 support
* Wed Oct 20 2010 Adam Jackson <ajax@xxxxxxxxxx> 5.6.0-37
- Rebuild for new libOSMesa soname
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #644865 - missing qt files
        https://bugzilla.redhat.com/show_bug.cgi?id=644865
--------------------------------------------------------------------------------


================================================================================
 wordpress-2.8.6-3.fc14 (FEDORA-2010-19296)
 WordPress blogging software
--------------------------------------------------------------------------------
Update Information:

Security fix:

http://core.trac.wordpress.org/changeset/16625
--------------------------------------------------------------------------------
ChangeLog:

* Thu Dec 23 2010 Jon Ciesla <limb@xxxxxxxxxxxx> - 2.8.6-3
- Change Requires from httpd to webserver, BZ 523480.
- Patch for Hello Dolly lyrics, BZ 663966.
- Patch for security vulnerability, BZ 659319.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #659265 - CVE-2010-4257 Wordpress: SQL injection flaw by processing trackbacks
        https://bugzilla.redhat.com/show_bug.cgi?id=659265
--------------------------------------------------------------------------------


================================================================================
 zbar-0.10-7.fc14 (FEDORA-2010-19298)
 Bar code reader
--------------------------------------------------------------------------------
Update Information:

If zbar supports, use the hardware formats first, instead of the libv4l software-emulated ones.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Dec 25 2010 mchehab - 0.10-7
- Prefer to use non-emulated formats
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #666013 - Only use libv4l conversion if needed
        https://bugzilla.redhat.com/show_bug.cgi?id=666013
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe: 
https://admin.fedoraproject.org/mailman/listinfo/test


[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux