The following Fedora 13 Security updates need testing:
https://admin.fedoraproject.org/updates/pcsc-lite-1.5.5-5.fc13
https://admin.fedoraproject.org/updates/ccid-1.3.11-2.fc13
https://admin.fedoraproject.org/updates/wireshark-1.2.13-2.fc13
https://admin.fedoraproject.org/updates/dbus-1.2.24-2.fc13
https://admin.fedoraproject.org/updates/subversion-1.6.15-1.fc13
https://admin.fedoraproject.org/updates/php-5.3.5-1.fc13,maniadrive-1.2-25.fc13,php-eaccelerator-0.9.6.1-4.fc13
https://admin.fedoraproject.org/updates/perl-Convert-UUlib-1.34-1.fc13
https://admin.fedoraproject.org/updates/libuser-0.56.16-1.fc13.2
https://admin.fedoraproject.org/updates/wordpress-2.8.6-4.fc13
https://admin.fedoraproject.org/updates/Django-1.2.4-1.fc13
https://admin.fedoraproject.org/updates/feh-1.10.1-1.fc13
https://admin.fedoraproject.org/updates/mod_auth_mysql-3.0.0-12.fc13
https://admin.fedoraproject.org/updates/perl-CGI-Simple-1.112-2.fc13
https://admin.fedoraproject.org/updates/wireshark-1.2.13-1.fc13
The following Fedora 13 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/libuser-0.56.16-1.fc13.2
https://admin.fedoraproject.org/updates/dosfstools-3.0.9-3.fc13
https://admin.fedoraproject.org/updates/attr-2.4.44-4.fc13
https://admin.fedoraproject.org/updates/livecd-tools-13.1-1.fc13
https://admin.fedoraproject.org/updates/selinux-policy-3.7.19-80.fc13
https://admin.fedoraproject.org/updates/libical-0.46-2.fc13
https://admin.fedoraproject.org/updates/pm-utils-1.2.6.1-4.fc13
https://admin.fedoraproject.org/updates/mash-0.5.20-1.fc13
https://admin.fedoraproject.org/updates/openldap-2.4.21-11.fc13
https://admin.fedoraproject.org/updates/nss-3.12.7-4.fc13,nss-util-3.12.7-2.fc13,nss-softokn-3.12.7-3.fc13,nspr-4.8.6-1.fc13
https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-7.fc13
The following builds have been pushed to Fedora 13 updates-testing
digikam-1.7.0-1.fc13
kdepim-4.4.9-1.fc13
kdepim-runtime-4.4.9-1.fc13
kipi-plugins-1.7.0-1.fc13
libXcm-0.4.0-1.fc13
libuser-0.56.16-1.fc13.2
maniadrive-1.2-25.fc13
oyranos-0.2.0-2.fc13
pacemaker-1.1.4-5.fc13
perl-NetPacket-1.0.1-1.fc13
php-5.3.5-1.fc13
php-eaccelerator-0.9.6.1-4.fc13
python-cement-0.8.14-5.fc13
subversion-api-docs-1.6.15-1.fc13
texinfo-4.13a-13.fc13
wordpress-2.8.6-4.fc13
Details about builds:
================================================================================
digikam-1.7.0-1.fc13 (FEDORA-2011-0317)
A digital camera accessing & photo management application
--------------------------------------------------------------------------------
Update Information:
Digikam 1.7 is a bugfix release, for a more detailed list of changes see http://www.digikam.org/drupal/node/557 and http://www.digikam.org/drupal/node/558
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 22 2010 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 1.7.0-1
- digikam-1.7.0
--------------------------------------------------------------------------------
================================================================================
kdepim-4.4.9-1.fc13 (FEDORA-2011-0319)
KDE PIM (Personal Information Manager) applications
--------------------------------------------------------------------------------
Update Information:
kdepim 4.4.9 is a bugfix release, needed for future KDE 4.6 compatibility
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 23 2010 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.4.9-1
- 4.4.9
--------------------------------------------------------------------------------
================================================================================
kdepim-runtime-4.4.9-1.fc13 (FEDORA-2011-0319)
KDE PIM Runtime Environment
--------------------------------------------------------------------------------
Update Information:
kdepim 4.4.9 is a bugfix release, needed for future KDE 4.6 compatibility
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 23 2010 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.4.9-1
- 4.4.9
--------------------------------------------------------------------------------
================================================================================
kipi-plugins-1.7.0-1.fc13 (FEDORA-2011-0317)
Plugins to use with Kipi
--------------------------------------------------------------------------------
Update Information:
Digikam 1.7 is a bugfix release, for a more detailed list of changes see http://www.digikam.org/drupal/node/557 and http://www.digikam.org/drupal/node/558
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 22 2010 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.7.0-1
- kipi-plugins-1.7.0
--------------------------------------------------------------------------------
================================================================================
libXcm-0.4.0-1.fc13 (FEDORA-2011-0318)
X Color Management Library
--------------------------------------------------------------------------------
Update Information:
This update fix a problem when some color ICC profiles are missing.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 7 2011 Nicolas Chauvet <kwizart@xxxxxxxxx> - 0.4.0-1
- Update to 0.4.0
* Fri Nov 5 2010 Nicolas Chauvet <kwizart@xxxxxxxxx> - 0.3.0-1
- Update to 0.3.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #635243 - [abrt] icc_examin-0.47-2.fc13: GL_Ansicht::punkteAuffrischen: Process /usr/bin/iccexamin was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=635243
--------------------------------------------------------------------------------
================================================================================
libuser-0.56.16-1.fc13.2 (FEDORA-2011-0320)
A user and group account administration library
--------------------------------------------------------------------------------
Update Information:
Fixes default userPassword value on LDAP; note that this affects only accounts for which the password was not changed later.
In addition to installing this update, maintainers of LDAP servers used for authentication should review their LDAP directory for unexpected plaintext userPassword values.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 10 2011 Miloslav TrmaÄ <mitr@xxxxxxxxxx> - 0.56.16-1.2
- Correctly mark the LDAP default password value as encrypted (CVE-2011-0002)
Resolves: #668534
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #643227 - CVE-2011-0002 libuser creates LDAP users with a default password
https://bugzilla.redhat.com/show_bug.cgi?id=643227
--------------------------------------------------------------------------------
================================================================================
maniadrive-1.2-25.fc13 (FEDORA-2011-0321)
3D stunt driving game
--------------------------------------------------------------------------------
Update Information:
This release resolves a critical issue, reported as PHP bug #53632 and CVE-2010-4645, where conversions from string to double might cause the PHP interpreter to hang on systems using x87 FPU registers.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jan 9 2011 Hans de Goede <hdegoede@xxxxxxxxxx> 1.2-25
- Fix a crash when pressing 't', which enables the drawing of ode
wire frames (rhbz#657353)
* Sat Jan 8 2011 Remi Collet <Fedora@xxxxxxxxxxxxxxxxx> 1.2-24
- Rebuild for new php 5.3.5
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #667806 - CVE-2010-4645 php: hang on numeric value 2.2250738585072011e-308 with x87 fpu
https://bugzilla.redhat.com/show_bug.cgi?id=667806
--------------------------------------------------------------------------------
================================================================================
oyranos-0.2.0-2.fc13 (FEDORA-2011-0318)
The Oyranos Color Management System (CMS)
--------------------------------------------------------------------------------
Update Information:
This update fix a problem when some color ICC profiles are missing.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 7 2011 Nicolas Chauvet <kwizart@xxxxxxxxx> - 0.2.0-2
- Update to 0.2.0
- Exclude autostart desktop file for now
- Disable lcms2 for now
* Sun Nov 7 2010 Nicolas Chauvet <kwizart@xxxxxxxxx> - 0.1.12-2
- Update to 0.1.12
- Back to upstream tarball usage
(ICC profiles are redistributed elsewhere)
- Fix pkg-config file.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #635243 - [abrt] icc_examin-0.47-2.fc13: GL_Ansicht::punkteAuffrischen: Process /usr/bin/iccexamin was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=635243
--------------------------------------------------------------------------------
================================================================================
pacemaker-1.1.4-5.fc13 (FEDORA-2011-0307)
Scalable High-Availability cluster resource manager
--------------------------------------------------------------------------------
Update Information:
Restores support for the Heartbeat and Corosync stacks.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 11 2011 Andrew Beekhof <andrew@xxxxxxxxxxx> 1.1.4-5
- Re-enable corosync and heartbeat support with correct bcond variable
usage
--------------------------------------------------------------------------------
================================================================================
perl-NetPacket-1.0.1-1.fc13 (FEDORA-2011-0305)
Assemble/disassemble network packets at the protocol level
--------------------------------------------------------------------------------
Update Information:
New package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #573848 - Review Request: perl-NetPacket - Modules to assemble/disassemble network packets at the protocol level
https://bugzilla.redhat.com/show_bug.cgi?id=573848
--------------------------------------------------------------------------------
================================================================================
php-5.3.5-1.fc13 (FEDORA-2011-0321)
PHP scripting language for creating dynamic web sites
--------------------------------------------------------------------------------
Update Information:
This release resolves a critical issue, reported as PHP bug #53632 and CVE-2010-4645, where conversions from string to double might cause the PHP interpreter to hang on systems using x87 FPU registers.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 7 2011 Remi Collet <Fedora@xxxxxxxxxxxxxxxxx> 5.3.5-1
- update to 5.3.5
http://www.php.net/ChangeLog-5.php#5.3.5
- clean duplicate configure options
- remove all RPM_SOURCE_DIR
- use mysql_config in libdir directly to avoid biarch build failures
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #667806 - CVE-2010-4645 php: hang on numeric value 2.2250738585072011e-308 with x87 fpu
https://bugzilla.redhat.com/show_bug.cgi?id=667806
--------------------------------------------------------------------------------
================================================================================
php-eaccelerator-0.9.6.1-4.fc13 (FEDORA-2011-0321)
PHP accelerator, optimizer, encoder and dynamic content cacher
--------------------------------------------------------------------------------
Update Information:
This release resolves a critical issue, reported as PHP bug #53632 and CVE-2010-4645, where conversions from string to double might cause the PHP interpreter to hang on systems using x87 FPU registers.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jan 8 2011 Remi Collet <Fedora@xxxxxxxxxxxxxxxxx> - 1:0.9.6.1-4
- rebuild against PHP 5.3.5
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #667806 - CVE-2010-4645 php: hang on numeric value 2.2250738585072011e-308 with x87 fpu
https://bugzilla.redhat.com/show_bug.cgi?id=667806
--------------------------------------------------------------------------------
================================================================================
python-cement-0.8.14-5.fc13 (FEDORA-2011-0311)
CLI Application Framework for Python
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #609295 - Review Request: python-cement - CLI Application Framework for Python
https://bugzilla.redhat.com/show_bug.cgi?id=609295
--------------------------------------------------------------------------------
================================================================================
subversion-api-docs-1.6.15-1.fc13 (FEDORA-2011-0322)
Subversion API documentation
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 10 2011 Bojan Smojver <bojan@xxxxxxxxxxxxx> 1.6.15-1
- bump up to 1.6.15
--------------------------------------------------------------------------------
================================================================================
texinfo-4.13a-13.fc13 (FEDORA-2011-0328)
Tools needed to create Texinfo format documentation files
--------------------------------------------------------------------------------
Update Information:
The directory file /usr/share/info/dir was not updated when the texinfo package was installed, this issue is fixed in this updated texinfo package.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 11 2011 Vitezslav Crhonek <vcrhonek@xxxxxxxxxx> - 4.13a-13
- Fix missing Texinfo manual in the Directory node
Resolves: #662382
--------------------------------------------------------------------------------
================================================================================
wordpress-2.8.6-4.fc13 (FEDORA-2011-0306)
WordPress blogging software
--------------------------------------------------------------------------------
Update Information:
Security fix for HTML sanitation issue.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 3 2011 Jon Ciesla <limb@xxxxxxxxxxxx> - 2.8.6-4
- Patch for security vulnerability, BZ 666782.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #666782 - Wordpress: XSS flaw in HTML sanitation library [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=666782
--------------------------------------------------------------------------------
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
