The following Fedora 13 Security updates need testing:
https://admin.fedoraproject.org/updates/pcsc-lite-1.5.5-5.fc13
https://admin.fedoraproject.org/updates/ccid-1.3.11-2.fc13
https://admin.fedoraproject.org/updates/wireshark-1.2.13-2.fc13
https://admin.fedoraproject.org/updates/evince-2.30.3-2.fc13
https://admin.fedoraproject.org/updates/dbus-1.2.24-2.fc13
https://admin.fedoraproject.org/updates/perl-Convert-UUlib-1.34-1.fc13
https://admin.fedoraproject.org/updates/wordpress-mu-2.9.2-2.fc13
https://admin.fedoraproject.org/updates/pyfribidi-0.10.0-1.fc13
https://admin.fedoraproject.org/updates/Django-1.2.4-1.fc13
https://admin.fedoraproject.org/updates/feh-1.10.1-1.fc13
https://admin.fedoraproject.org/updates/mod_auth_mysql-3.0.0-12.fc13
https://admin.fedoraproject.org/updates/perl-CGI-Simple-1.112-2.fc13
The following Fedora 13 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/dosfstools-3.0.9-3.fc13
https://admin.fedoraproject.org/updates/attr-2.4.44-4.fc13
https://admin.fedoraproject.org/updates/livecd-tools-13.1-1.fc13
https://admin.fedoraproject.org/updates/selinux-policy-3.7.19-80.fc13
https://admin.fedoraproject.org/updates/libical-0.46-2.fc13
https://admin.fedoraproject.org/updates/pm-utils-1.2.6.1-4.fc13
https://admin.fedoraproject.org/updates/mash-0.5.20-1.fc13
https://admin.fedoraproject.org/updates/openldap-2.4.21-11.fc13
https://admin.fedoraproject.org/updates/nss-3.12.7-4.fc13,nss-util-3.12.7-2.fc13,nss-softokn-3.12.7-3.fc13,nspr-4.8.6-1.fc13
https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-7.fc13
The following builds have been pushed to Fedora 13 updates-testing
cmake-fedora-0.4.0-1.fc13
cups-1.4.6-1.fc13
dosfstools-3.0.9-3.fc13
etckeeper-0.51-1.fc13
evince-2.30.3-2.fc13
fedora-packager-0.5.2.0-2.fc13
josm-0-0.13.3751svn.fc13
jss-4.2.6-11.fc13
netstat-nat-1.4.10-1.fc13
oprofile-0.9.6-10.fc13
osutil-2.0.0-1.fc13
osutil-2.0.0-2.fc13
perl-Data-Serializer-0.52-1.fc13
perl-Package-Stash-XS-0.19-1.fc13
perl-Perl-PrereqScanner-1.001-1.fc13
perl-Regexp-IPv6-0.03-1.fc13
perl-Test-SharedFork-0.15-1.fc13
Details about builds:
================================================================================
cmake-fedora-0.4.0-1.fc13 (FEDORA-2011-0215)
CMake helper modules for fedora developers
--------------------------------------------------------------------------------
Update Information:
- New target: release
- New target: install_rpms
- ./Module should precedes /usr/share/cmake/Modules, so
it always use latest modules.
- Fixed Reading a file that contains '\'.
- Added Macro PACK_RPM_GET_ARCH
- Added target install_rpms for bulk rpms installation.
- Target rpm now uses -bb instead of -ba.
- Target rpm now depends on srpm.
- Source version control logic is split out as ManageSourceVersionControl
- Module UseHostingService is renamed as ManageMaintainerTarget
- Macro USE_HOSTING_SERVICE_READ_SETTING_FILE is renamed as
MAINTAINER_SETTING_READ_FILE
- Fixed: Support for out-of-source build.
- Fixed: Join the next line if ended with back slash '\'.
- ChangeLog: Now generate from "cmake ." directly.
- changelog: target removed. So it won't do unnecessary rebuild.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 7 2011 Ding-Yi Chen <dchen at redhat.com> - 0.4.0-1
- New target: release
- New target: install_rpms
- ./Module should precedes /usr/share/cmake/Modules, so
it always use latest modules.
- Fixed Reading a file that contains '\'.
- Added Macro PACK_RPM_GET_ARCH
- Added target install_rpms for bulk rpms installation.
- Target rpm now uses -bb instead of -ba.
- Target rpm now depends on srpm.
- Source version control logic is split out as ManageSourceVersionControl
- Module UseHostingService is renamed as ManageMaintainerTarget
- Macro USE_HOSTING_SERVICE_READ_SETTING_FILE is renamed as
MAINTAINER_SETTING_READ_FILE
* Sun Dec 19 2010 Ding-Yi Chen <dchen at redhat.com> - 0.3.3-1
- Fixed: Support for out-of-source build.
- Fixed: Join the next line if ended with back slash '\'.
- ChangeLog: Now generate from "cmake ." directly.
- changelog: target removed. So it won't do unnecessary rebuild.
--------------------------------------------------------------------------------
================================================================================
cups-1.4.6-1.fc13 (FEDORA-2011-0214)
Common Unix Printing System
--------------------------------------------------------------------------------
Update Information:
New upstream release.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 7 2011 Jiri Popelka <jpopelka@xxxxxxxxxx> 1:1.4.6-1
- 1.4.6.
* Wed Dec 22 2010 Tim Waugh <twaugh@xxxxxxxxxx> 1:1.4.5-4
- Don't crash when job queued for browsed printer that times out
(bug #660604).
* Mon Dec 13 2010 Jiri Popelka <jpopelka@xxxxxxxxxx> 1:1.4.5-3
- Call avc_init() only once to not leak file descriptors (bug #654075).
* Fri Dec 3 2010 Jiri Popelka <jpopelka@xxxxxxxxxx> 1:1.4.5-2
- Changed subsystem lock file name in initscript
so the service is correctly stopped on reboot or halt (bug #659391).
* Fri Nov 12 2010 Jiri Popelka <jpopelka@xxxxxxxxxx> 1:1.4.5-1
- 1.4.5.
- No longer need CVE-2010-2941, str3608
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #654075 - avc calls leak file descriptors
https://bugzilla.redhat.com/show_bug.cgi?id=654075
[ 2 ] Bug #659391 - cups won't stop on reboot or halt
https://bugzilla.redhat.com/show_bug.cgi?id=659391
[ 3 ] Bug #660604 - Cupsd segfault without warnings
https://bugzilla.redhat.com/show_bug.cgi?id=660604
[ 4 ] Bug #667942 - cups-1.4.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=667942
--------------------------------------------------------------------------------
================================================================================
dosfstools-3.0.9-3.fc13 (FEDORA-2011-0242)
Utilities for making and checking MS-DOS FAT filesystems on Linux
--------------------------------------------------------------------------------
Update Information:
This is an update that fixes bug in reclaim_file which can cause SIGSEGV when doing fsck.vfat on heavily damaged FAT file system.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 7 2011 Jaroslav Åkarvada <jskarvad@xxxxxxxxxx> - 3.0.9-3
- Fixed buffer overflow in reclaim_file (#660154)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #660154 - fsck.vfat buffer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=660154
--------------------------------------------------------------------------------
================================================================================
etckeeper-0.51-1.fc13 (FEDORA-2011-0239)
Store /etc in a SCM system (git, mercurial, bzr or darcs)
--------------------------------------------------------------------------------
Update Information:
Update etckeeper to version 0.51, with these and other changes:
* Improve rpm version change detection.
* Move etckeeper out of sbin, to avoid needing to work around broken root PATH settings in eg, crontab.
Complete list of changes (including Debian bug numbers) can be found here: http://joey.kitenet.net/code/etckeeper/news/version_0.51/
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 3 2011 Thomas Moschny <thomas.moschny@xxxxxx> - 0.51-1
- Update to 0.51.
- etckeeper has been moved out of sbin.
* Sat Dec 11 2010 Thomas Moschny <thomas.moschny@xxxxxx> - 0.50-2
- Don't package INSTALL.
--------------------------------------------------------------------------------
================================================================================
evince-2.30.3-2.fc13 (FEDORA-2011-0224)
Document viewer
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 6 2011 Marek Kasik <mkasik@xxxxxxxxxx> - 2.30.3-2
- Fixes CVE-2010-2640, CVE-2010-2641, CVE-2010-2642 and CVE-2010-2643
- Resolves: #667573
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #666314 - CVE-2010-2641 evince: Array index errror in DVI file VF font parser
https://bugzilla.redhat.com/show_bug.cgi?id=666314
[ 2 ] Bug #666318 - CVE-2010-2642 evince: Heap based buffer overflow in DVI file AFM font parser
https://bugzilla.redhat.com/show_bug.cgi?id=666318
[ 3 ] Bug #666313 - CVE-2010-2640 evince: Array index errror in DVI file PK font parser
https://bugzilla.redhat.com/show_bug.cgi?id=666313
[ 4 ] Bug #666321 - CVE-2010-2643 evince: Integer overflow in DVI file TFM font parser
https://bugzilla.redhat.com/show_bug.cgi?id=666321
--------------------------------------------------------------------------------
================================================================================
fedora-packager-0.5.2.0-2.fc13 (FEDORA-2011-0223)
Tools for setting up a fedora maintainer environment
--------------------------------------------------------------------------------
Update Information:
update to upstream 0.5.2.0 read ChangeLog for full details
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 6 2011 Dennis Gilmore <dennis@xxxxxxxx> - 0.5.2.0-2
- move python-offtrac requires to fedpkg from fedora-packager
* Wed Jan 5 2011 Dennis Gilmore <dennis@xxxxxxxx> - 0.5.2.0-1
- update to new upstream release read changeLog for changes
- drop upstream patches
* Mon Oct 18 2010 Dan HorÃk <dan[at]danny.cz> - 0.5.1.4-7
- revert the last change as %ifarch doesn't work with noarch packages
and I also got ykpers built on s390(x)
* Mon Oct 18 2010 Dan HorÃk <dan[at]danny.cz> - 0.5.1.4-6
- don't Require ykpers and don't install fedora-burn-yubikey on s390(x)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #627174 - fedpkg co -B <package> dysfunctional
https://bugzilla.redhat.com/show_bug.cgi?id=627174
[ 2 ] Bug #628504 - [abrt] fedpkg-0.5.1.2-2.fc13: fedpkg:120:display_state:TypeError: 'NoneType' object is unsubscriptable
https://bugzilla.redhat.com/show_bug.cgi?id=628504
[ 3 ] Bug #632097 - [abrt] fedpkg-0.5.1.4-1.fc13: __init__.py:193:_run_command:UnboundLocalError: local variable 'proc' referenced before assignment
https://bugzilla.redhat.com/show_bug.cgi?id=632097
[ 4 ] Bug #632702 - fedpkg bash completion broken
https://bugzilla.redhat.com/show_bug.cgi?id=632702
[ 5 ] Bug #634888 - fedpkg local returns zero exit code even on failure
https://bugzilla.redhat.com/show_bug.cgi?id=634888
[ 6 ] Bug #634946 - [abrt] fedpkg-0.5.1.4-1.fc13: __init__.py:1718:_callMethod:AuthError: Invalid session or bad credentials
https://bugzilla.redhat.com/show_bug.cgi?id=634946
[ 7 ] Bug #655576 - [abrt] fedpkg-0.5.1.4-5.fc14: __init__.py:1210:gimmespec:FedpkgError: No spec file found.
https://bugzilla.redhat.com/show_bug.cgi?id=655576
[ 8 ] Bug #656897 - [abrt] fedpkg-0.5.1.4-5.fc14: __init__.py:619:sources:IOError: [Errno 2] No such file or directory: '/home/yarda/git-fedora/rrdtool/master/rrdtool-1.4.4/sources'
https://bugzilla.redhat.com/show_bug.cgi?id=656897
[ 9 ] Bug #667433 - fedpkg aborts with AttributeError
https://bugzilla.redhat.com/show_bug.cgi?id=667433
--------------------------------------------------------------------------------
================================================================================
josm-0-0.13.3751svn.fc13 (FEDORA-2011-0229)
An editor for OpenStreetMap (OSM)
--------------------------------------------------------------------------------
Update Information:
Update to 3751 svn revision
The Validator plugin has been integrated into the main program
Scaling of objects is supported. (Ctrl+Alt in select mode)
info To rotate an object click Ctrl+Shift
Layers can be displayed transparently. (new button in layer list dialog)
Plugins imagery,wmsplugin,slippymap and remotecontrol are integrated into JOSM core
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jan 2 2011 Cedric OLIVIER <cedric.olivier@xxxxxxx> 0-0.13.3751svn
- Update to 3751 svn revision
- The Validator plugin has been integrated into the main program
- Scaling of objects is supported. (Ctrl+Alt in select mode)
info To rotate an object click Ctrl+Shift
- Layers can be displayed transparently. (new button in layer list dialog)
- Plugins imagery,wmsplugin,slippymap and remotecontrol are integrated into JOSM core
--------------------------------------------------------------------------------
================================================================================
jss-4.2.6-11.fc13 (FEDORA-2011-0206)
Java Security Services (JSS)
--------------------------------------------------------------------------------
Update Information:
Incorrect socket accept error message due to bad pointer arithmetic
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 21 2010 Christina Fu <cfu@xxxxxxxxxx> - 4.2.6-11
- bug 654657 - <jdennis@xxxxxxxxxx>
Incorrect socket accept error message due to bad pointer arithmetic
- bug 661142 - <cfu@xxxxxxxxxx>
Verification should fail when a revoked certificate is added
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #654657 - Incorrect socket accept error message due to bad pointer arithmetic
https://bugzilla.redhat.com/show_bug.cgi?id=654657
--------------------------------------------------------------------------------
================================================================================
netstat-nat-1.4.10-1.fc13 (FEDORA-2011-0217)
A tool that displays NAT connections
--------------------------------------------------------------------------------
Update Information:
netstat-nat 1.4.10
- fix for properly display DNAT over SNAT connection
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 7 2011 Alexey Kurov <nucleo@xxxxxxxxxxxxxxxxx> - 1.4.10-1
- netstat-nat 1.4.10
- fix for properly display DNAT over SNAT connection
--------------------------------------------------------------------------------
================================================================================
oprofile-0.9.6-10.fc13 (FEDORA-2011-0210)
System wide profiler
--------------------------------------------------------------------------------
Update Information:
This version of OProfile include support for newer AMD family 12/14/15h processors and Intel Westmere processors.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 6 2011 Will Cohen <wcohen@xxxxxxxxxx> - 0.9.6-10
- Corrections for i386/arch_perfmon filters.
- Make nehalem events available.
- Add AMD family 12/14/15h support.
- Add Intel westemere support.
- opcontrol numeric argument checking.
--------------------------------------------------------------------------------
================================================================================
osutil-2.0.0-1.fc13 (FEDORA-2011-0233)
Operating System Utilities JNI Package
--------------------------------------------------------------------------------
Update Information:
initial checkin of build using CMake
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #654657 - Incorrect socket accept error message due to bad pointer arithmetic
https://bugzilla.redhat.com/show_bug.cgi?id=654657
--------------------------------------------------------------------------------
================================================================================
osutil-2.0.0-2.fc13 (FEDORA-2011-0216)
Operating System Utilities JNI Package
--------------------------------------------------------------------------------
Update Information:
cleaned up the spec file
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 6 2011 Kevin Wright <kwright@xxxxxxxxxx> 2.0.0-2
- Cleaned up the spec file.
- Re-added the changelog history.
* Wed Dec 1 2010 Matthew Harmsen <mharmsen@xxxxxxxxxx> 2.0.0-1
- Initial 2.0 revision. (kwright@xxxxxxxxxx & mharmsen@xxxxxxxxxx)
--------------------------------------------------------------------------------
================================================================================
perl-Data-Serializer-0.52-1.fc13 (FEDORA-2011-0236)
Modules that serialize data structures
--------------------------------------------------------------------------------
Update Information:
This update to the last upstream version
* Fixes a memory leak
* Modified JSON deserializer to handle corrupt input
* Modified dedigest function to armor against corrupt input values
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 7 2011 Iain Arnell <iarnell@xxxxxxxxx> 0.52-1
- update to latest upstream version
* Sun Jan 2 2011 Iain Arnell <iarnell@xxxxxxxxx> 0.51-1
- update to latest upstream
- clean up spec for modern rpmbuild
* Thu Dec 16 2010 Marcela Maslanova <mmaslano@xxxxxxxxxx> - 0.49-3
- 661697 rebuild for fixing problems with vendorach/lib
--------------------------------------------------------------------------------
================================================================================
perl-Package-Stash-XS-0.19-1.fc13 (FEDORA-2011-0205)
Faster and more correct implementation of the Package::Stash API
--------------------------------------------------------------------------------
Update Information:
This update provides a more correct validity test for scalars, and is needed for a forthcoming update to the current Package::Stash module.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 6 2011 Paul Howarth <paul@xxxxxxxxxxxx> - 0.19-1
- Update to 0.19 (more correct validity test for scalars)
- Update patch for old Test::More versions
--------------------------------------------------------------------------------
================================================================================
perl-Perl-PrereqScanner-1.001-1.fc13 (FEDORA-2011-0244)
Tool to scan your Perl code for its prerequisites
--------------------------------------------------------------------------------
Update Information:
This update
* adds support for Moose 1.03 -version declarations
* improves error handling
* adds a scanner for Test::More's done_testing
* fixes the scan_prereqs script
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 6 2011 Iain Arnell <iarnell@xxxxxxxxx> 1.001-1
- update to latest upstream version
- fixes scan_prereqs script
* Thu Dec 16 2010 Iain Arnell <iarnell@xxxxxxxxx> 1.000-1
- update to latest upstream version
* Mon Dec 6 2010 Iain Arnell <iarnell@xxxxxxxxx> 0.101892-1
- update to latest upstream version
- clean up spec for modern rpmbuild
* Fri Nov 19 2010 Iain Arnell <iarnell@xxxxxxxxx> 0.101891-1
- update to latest upstream version
* Sun May 30 2010 Iain Arnell <iarnell@xxxxxxxxx> 0.101480-1
- update to latest upstream version
* Fri May 28 2010 Iain Arnell <iarnell@xxxxxxxxx> 0.101250-2
- bump release for rebuild with perl-5.12.0
* Sun May 9 2010 Iain Arnell <iarnell@xxxxxxxxx> 0.101250-1
- update to latest upstream
- BR perl(Moose)
- BR perl(Moose::Role)
- BR perl(Params::Util)
- BR perl(String::RewritePrefix)
* Tue May 4 2010 Marcela Maslanova <mmaslano@xxxxxxxxxx> - 0.100960-2
- Mass rebuild with perl-5.12.0
--------------------------------------------------------------------------------
================================================================================
perl-Regexp-IPv6-0.03-1.fc13 (FEDORA-2011-0240)
Regular expression for IPv6 addresses
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #664810 - Review Request: perl-Regexp-IPv6 - Regular expression for IPv6 addresses
https://bugzilla.redhat.com/show_bug.cgi?id=664810
--------------------------------------------------------------------------------
================================================================================
perl-Test-SharedFork-0.15-1.fc13 (FEDORA-2011-0207)
Fork test
--------------------------------------------------------------------------------
Update Information:
Bugfixes with details here: http://cpansearch.perl.org/src/TOKUHIROM/Test-SharedFork-0.15/Changes
The old release was too old for rest of dependent packages.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #667873 - Upgrade perl-Test-SharedFork
https://bugzilla.redhat.com/show_bug.cgi?id=667873
--------------------------------------------------------------------------------
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
