The following Fedora 13 Security updates need testing: https://admin.fedoraproject.org/updates/dbus-1.2.24-2.fc13 https://admin.fedoraproject.org/updates/subversion-1.6.15-1.fc13 https://admin.fedoraproject.org/updates/php-5.3.5-1.fc13,maniadrive-1.2-26.fc13.1,php-eaccelerator-0.9.6.1-4.fc13,maniadrive-data-1.2-5.fc13 https://admin.fedoraproject.org/updates/perl-Convert-UUlib-1.34-1.fc13 https://admin.fedoraproject.org/updates/libuser-0.56.16-1.fc13.2 https://admin.fedoraproject.org/updates/wordpress-2.8.6-4.fc13 https://admin.fedoraproject.org/updates/wordpress-mu-2.9.2-3.fc13 https://admin.fedoraproject.org/updates/dpkg-1.15.5.6-6.fc13 https://admin.fedoraproject.org/updates/sssd-1.3.0-40.fc13 https://admin.fedoraproject.org/updates/feh-1.10.1-1.fc13 https://admin.fedoraproject.org/updates/mod_auth_mysql-3.0.0-12.fc13 https://admin.fedoraproject.org/updates/chm2pdf-0.9.1-8.fc13 https://admin.fedoraproject.org/updates/wireshark-1.2.14-1.fc13 https://admin.fedoraproject.org/updates/sudo-1.7.4p5-1.fc13 https://admin.fedoraproject.org/updates/hplip-3.10.9-14.fc13 https://admin.fedoraproject.org/updates/java-1.6.0-openjdk-1.6.0.0-48.1.8.4.fc13 https://admin.fedoraproject.org/updates/myproxy-5.3-1.fc13 https://admin.fedoraproject.org/updates/perl-CGI-Simple-1.112-2.fc13 The following Fedora 13 Critical Path updates have yet to be approved: https://admin.fedoraproject.org/updates/procps-3.2.8-8.fc13 https://admin.fedoraproject.org/updates/sudo-1.7.4p5-1.fc13 https://admin.fedoraproject.org/updates/elfutils-0.151-1.fc13 https://admin.fedoraproject.org/updates/util-linux-ng-2.17.2-10.fc13 https://admin.fedoraproject.org/updates/libuser-0.56.16-1.fc13.2 https://admin.fedoraproject.org/updates/dosfstools-3.0.9-3.fc13 https://admin.fedoraproject.org/updates/attr-2.4.44-4.fc13 https://admin.fedoraproject.org/updates/livecd-tools-13.1-1.fc13 https://admin.fedoraproject.org/updates/selinux-policy-3.7.19-80.fc13 https://admin.fedoraproject.org/updates/libical-0.46-2.fc13 https://admin.fedoraproject.org/updates/pm-utils-1.2.6.1-4.fc13 https://admin.fedoraproject.org/updates/mash-0.5.20-1.fc13 https://admin.fedoraproject.org/updates/openldap-2.4.21-11.fc13 https://admin.fedoraproject.org/updates/nss-3.12.7-4.fc13,nss-util-3.12.7-2.fc13,nss-softokn-3.12.7-3.fc13,nspr-4.8.6-1.fc13 https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-7.fc13 The following builds have been pushed to Fedora 13 updates-testing automaton-1.11r5-1.fc13 dokuwiki-0-0.6.20101107.a.fc13 filezilla-3.3.5.1-2.fc13 fpm2-0.79-1.fc13 google-lato-fonts-1.011-1.fc13 hplip-3.10.9-14.fc13 ibus-table-chinese-1.3.0.20110114-1.fc13 java-1.6.0-openjdk-1.6.0.0-48.1.8.4.fc13 jd-2.8.0-0.3.beta110118.fc13 mpop-1.0.22-1.fc13 myproxy-5.3-1.fc13 netpbm-10.47.25-1.fc13 netxen-firmware-4.0.534-3.fc13 printoxx-2.8.1-1.fc13 procps-3.2.8-8.fc13 system-config-printer-1.2.6-2.fc13 topgit-0.9-0.3.gitd279e292.fc13 Details about builds: ================================================================================ automaton-1.11r5-1.fc13 (FEDORA-2011-0539) A Java finite state automata/regular expression library -------------------------------------------------------------------------------- Update Information: This update fixes a bug in Gibson's AutomatonMatcher. -------------------------------------------------------------------------------- ChangeLog: * Mon Jan 17 2011 Jerry James <loganjerry@xxxxxxxxx> - 1.11r5-1 - Upgrade to 1.11-5 - BR openjdk to get better javadoc generation -------------------------------------------------------------------------------- ================================================================================ dokuwiki-0-0.6.20101107.a.fc13 (FEDORA-2011-0517) Standards compliant simple to use wiki -------------------------------------------------------------------------------- Update Information: Upgraded to latest upstream 2010-11-07a -------------------------------------------------------------------------------- ChangeLog: * Mon Jan 17 2011 Andrew Colin Kissa <andrew@xxxxxxxxxxxxx> - 0-0.6.20101107.a - Fix selinux sub package * Mon Jan 17 2011 Andrew Colin Kissa <andrew@xxxxxxxxxxxxx> - 0-0.5.20101107.a - Upgrade to latest upstream - Split package to create selinux package - Fix Bugzilla bug #668386 -------------------------------------------------------------------------------- References: [ 1 ] Bug #668386 - SELinux prevents Dokuwiki from writing its own config files https://bugzilla.redhat.com/show_bug.cgi?id=668386 -------------------------------------------------------------------------------- ================================================================================ filezilla-3.3.5.1-2.fc13 (FEDORA-2011-0497) FTP, FTPS and SFTP client -------------------------------------------------------------------------------- Update Information: Permanently trusting certificates had no effect until FileZilla was restarted Fix downloading of symbolic links to files Updated language files -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 29 2010 Nicolas Chauvet <kwizart@xxxxxxxxx> - 3.3.5.1-2 - Keep docs in the appropriate place - Improve summary * Sun Nov 28 2010 Nicolas Chauvet <kwizart@xxxxxxxxx> - 3.3.5.1-1 - Update to 3.3.5.1 * Thu Nov 18 2010 Nicolas Chauvet <kwizart@xxxxxxxxx> - 3.3.5-0.1 - Update to 3.3.5 - Add RPM registration for system wide settings * Sun Aug 22 2010 Nicolas Chauvet <kwizart@xxxxxxxxx> - 3.3.4.1-1 - Update to 3.3.4.1 * Fri Aug 13 2010 Nicolas Chauvet <kwizart@xxxxxxxxx> - 3.3.4-1 - Update to 3.3.4 * Wed Jul 14 2010 Dan HorÃk <dan@xxxxxxxx> - 3.3.3-1.1 - rebuilt against wxGTK-2.8.11-2 -------------------------------------------------------------------------------- ================================================================================ fpm2-0.79-1.fc13 (FEDORA-2011-0520) Password manager with GTK2 GUI -------------------------------------------------------------------------------- Update Information: Update to new upstream version. -------------------------------------------------------------------------------- ChangeLog: * Mon Jan 17 2011 AleÅ Koval <als@xxxxxxxxx> - 0.79-1 - Update to 0.79 - Fixed crash due to incorrectly call xmlCleanupParser() (#669102) -------------------------------------------------------------------------------- ================================================================================ google-lato-fonts-1.011-1.fc13 (FEDORA-2011-0526) A sanserif typeface family -------------------------------------------------------------------------------- References: [ 1 ] Bug #668639 - Review Request: google-lato-fonts - A sanserif typeface family https://bugzilla.redhat.com/show_bug.cgi?id=668639 -------------------------------------------------------------------------------- ================================================================================ hplip-3.10.9-14.fc13 (FEDORA-2011-0525) HP Linux Imaging and Printing Project -------------------------------------------------------------------------------- Update Information: Applied patch to fix CVE-2010-4267, remote stack overflow vulnerability (bug #670252). -------------------------------------------------------------------------------- ChangeLog: * Mon Jan 17 2011 Tim Waugh <twaugh@xxxxxxxxxx> - 3.10.9-14 - Applied patch to fix CVE-2010-4267, remote stack overflow vulnerability (bug #670252). * Wed Jan 12 2011 Tim Waugh <twaugh@xxxxxxxxxx> - 3.10.9-13 - Removed unused hpcac filter to avoid unnecessary perl dependency. * Wed Jan 12 2011 Tim Waugh <twaugh@xxxxxxxxxx> - 3.10.9-12 - Removed duplicate pstotiff files. * Wed Jan 12 2011 Tim Waugh <twaugh@xxxxxxxxxx> - 3.10.9-11 - Fixed "CUPS Web Interface" button (bug #633899). - Set mimedir explicitly via configure. * Wed Jan 5 2011 Jiri Popelka <jpopelka@xxxxxxxxxx> 3.10.9-10 - Catch GError exception when notification showing failed (bug #665577). -------------------------------------------------------------------------------- References: [ 1 ] Bug #662740 - CVE-2010-4267 hplip: remote stack overflow vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=662740 -------------------------------------------------------------------------------- ================================================================================ ibus-table-chinese-1.3.0.20110114-1.fc13 (FEDORA-2011-0510) Chinese input tables for IBus -------------------------------------------------------------------------------- Update Information: - Fix Bug 667877: ibus-table-yinma and ibus-table-xingma have been obsoleted. - Now depends on cmake-fedora - Support out-of-source build - Remove ibus-table-chinese-all - Support out-of-source build - Remove ibus-table-chinese-all -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 14 2011 Ding-Yi Chen <dchen@xxxxxxxxxx> - 1.3.0.20110114-1 - Fix Bug 667877: ibus-table-yinma and ibus-table-xingma have been obsoleted. - Now depends on cmake-fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #667877 - Few ibus-table-\* packages conflicts with few other ibus-table-\* packages. https://bugzilla.redhat.com/show_bug.cgi?id=667877 -------------------------------------------------------------------------------- ================================================================================ java-1.6.0-openjdk-1.6.0.0-48.1.8.4.fc13 (FEDORA-2011-0500) OpenJDK Runtime Environment -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 5 2011 Jiri Vanek <jvanek@xxxxxxxxxx> -1:1.6.0-47.1.8.4.48 - updated to icedtea 1.8.4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #569121 - Java applications are unable to use tray icon when using compiz https://bugzilla.redhat.com/show_bug.cgi?id=569121 [ 2 ] Bug #525870 - The Java plugin does not report available fonts accurately https://bugzilla.redhat.com/show_bug.cgi?id=525870 [ 3 ] Bug #597227 - Dashed Lines Off Clip Can Black Out Graphics https://bugzilla.redhat.com/show_bug.cgi?id=597227 [ 4 ] Bug #530642 - Bug in java.awt.geom.IllegalPathStateException https://bugzilla.redhat.com/show_bug.cgi?id=530642 [ 5 ] Bug #647674 - JTextPane produces incorrect content after parsing the html text https://bugzilla.redhat.com/show_bug.cgi?id=647674 -------------------------------------------------------------------------------- ================================================================================ jd-2.8.0-0.3.beta110118.fc13 (FEDORA-2011-0536) A 2ch browser -------------------------------------------------------------------------------- Update Information: 2.8.0 beta 111018 is released. -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 18 2011 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxxxx> - 2.8.0-0.3.beta110118 - 2.8.0 beta 110118 -------------------------------------------------------------------------------- ================================================================================ mpop-1.0.22-1.fc13 (FEDORA-2011-0519) POP3 client for recieving mail from POP3 mailboxes -------------------------------------------------------------------------------- Update Information: * Mon Jan 17 2011 Fabian Affolter <fabian@xxxxxxxxxxxxxxxxx> - 1.0.22-1 - Updated to new upstream version 1.0.22 -------------------------------------------------------------------------------- ChangeLog: * Mon Jan 17 2011 Fabian Affolter <fabian@xxxxxxxxxxxxxxxxx> - 1.0.22-1 - Updated to new upstream version 1.0.22 -------------------------------------------------------------------------------- ================================================================================ myproxy-5.3-1.fc13 (FEDORA-2011-0512) Manage X.509 Public Key Infrastructure (PKI) security credentials -------------------------------------------------------------------------------- Update Information: Release 5.3 fixes a myproxy-logon security bug in MyProxy versions 5.0-5.2 that disabled server identity verification: The myproxy-logon program in MyProxy versions 5.0 through 5.2 does not enforce the check that the myproxy-server's certificate contains the expected hostname or identity. The impacted MyProxy versions are included in Globus Toolkit releases 5.0.0-5.0.2. This issue is addressed in MyProxy 5.3. Full details are available: http://grid.ncsa.illinois.edu/myproxy/security/myproxy-adv-2011-01.txt Other changes in this release: * if myproxy-logon GSI mutual authentication with the myproxy-server fails, try again with client-side anonymous authentication, in case the client-side GSI credentials are unacceptable to the myproxy-server (for example, signed by an untrusted CA), but the myproxy-server would accept an anonymous client (http://bugzilla.globus.org/bugzilla/show_bug.cgi?id=7103) * fix configure checks for globus_usage_stats_send, globus_usage_stats_send_array, and globus_gsi_proxy_handle_set_extensions when installing without existing Globus libraries in LD_LIBRARY_PATH (http://bugzilla.globus.org/bugzilla/show_bug.cgi?id=7098) * in myproxy-server-setup, look in /sbin and /usr/sbin for chkconfig or update-rc.d in case they're not in PATH * add certificate_issuer_subca_certfile option in myproxy-server.config (http://bugzilla.globus.org/bugzilla/show_bug.cgi?id=7119) * make all Globus Usage library errors non-fatal (http://bugzilla.globus.org/bugzilla/show_bug.cgi?id=7111) -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 18 2011 Steve Traylen <steve.traylen@xxxxxxx> - 5.3-1 - New upstream 5.3. -------------------------------------------------------------------------------- ================================================================================ netpbm-10.47.25-1.fc13 (FEDORA-2011-0523) A library for handling different graphics file formats -------------------------------------------------------------------------------- Update Information: Updates to netpbm-10.47.25. -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 18 2011 Jindrich Novy <jnovy@xxxxxxxxxx> 10.47.25-1 - update to 10.47.25 - fix asciitopgm (#670082), thanks to Jonathan Kamens -------------------------------------------------------------------------------- References: [ 1 ] Bug #670082 - asciitopgm memory corruption on too-long lines; doesn't handle blank lines https://bugzilla.redhat.com/show_bug.cgi?id=670082 -------------------------------------------------------------------------------- ================================================================================ netxen-firmware-4.0.534-3.fc13 (FEDORA-2011-0535) QLogic Linux Intelligent Ethernet (3000 and 3100 Series) Adapter Firmware -------------------------------------------------------------------------------- Update Information: New package - netxen-firmware - QLogic Linux Intelligent Ethernet (3000 and 3100 Series) Adapter Firmware -------------------------------------------------------------------------------- References: [ 1 ] Bug #660393 - Review Request: netxen-firmware - QLogic Linux Intelligent Ethernet (3000 and 3100 Series) Adapter Firmware https://bugzilla.redhat.com/show_bug.cgi?id=660393 -------------------------------------------------------------------------------- ================================================================================ printoxx-2.8.1-1.fc13 (FEDORA-2011-0537) Print image files -------------------------------------------------------------------------------- ChangeLog: * Mon Jan 17 2011 Pavel Alexeev <Pahan@xxxxxxxxxxxxx> - 2.8.1-1 - New version 2.8.1 as requested in BZ#668577 - Delete old patch. - Replace $RPM_BUILD_ROOT to %{buildroot} - Added man. -------------------------------------------------------------------------------- References: [ 1 ] Bug #668577 - Please update Printoxx https://bugzilla.redhat.com/show_bug.cgi?id=668577 -------------------------------------------------------------------------------- ================================================================================ procps-3.2.8-8.fc13 (FEDORA-2011-0502) System and process monitoring utilities -------------------------------------------------------------------------------- Update Information: This is an update that fixes crashing in top utility. -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 11 2011 Jan GÃrig <jgorig@xxxxxxxxxx> 3.2.8-8 - fixed procps-3.2.8-threads.patch (SIGABRT) (#670289) -------------------------------------------------------------------------------- References: [ 1 ] Bug #670289 - top command crashes with -H and invalid pid https://bugzilla.redhat.com/show_bug.cgi?id=670289 -------------------------------------------------------------------------------- ================================================================================ system-config-printer-1.2.6-2.fc13 (FEDORA-2010-19111) A printer administration tool -------------------------------------------------------------------------------- Update Information: New upstream release that fixes several bugs. -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 18 2011 Jiri Popelka <jpopelka@xxxxxxxxxx> 1.2.6-2 - Allow %, ( and ) characters in dnssd URI (bug #669820). * Mon Jan 17 2011 Jiri Popelka <jpopelka@xxxxxxxxxx> 1.2.6-1 - 1.2.6: - Remove reference to current printer on exit (bug #556548). - Handle cups.Connection() failure in PrinterURIIndexr (bug #648014). - Block unwanted characters when editing queue name (bug #658550). - Initialise D-Bus threading in timedops module (bug #662047). - many other fixes * Mon Dec 20 2010 Jiri Popelka <jpopelka@xxxxxxxxxx> 1.2.5-8 - Updated pycups to 1.9.53 (bug #662805). * Thu Dec 2 2010 Tim Waugh <twaugh@xxxxxxxxxx> - 1.2.5-7 - Grab focus on the IconView after setting it editable (bug #650995). -------------------------------------------------------------------------------- References: [ 1 ] Bug #650995 - [Compiz] Unable to rename printer https://bugzilla.redhat.com/show_bug.cgi?id=650995 [ 2 ] Bug #662805 - [abrt] system-config-printer-1.2.5-6.fc14: PyObject_Call: Process /usr/bin/python was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=662805 [ 3 ] Bug #648014 - [abrt] system-config-printer-1.2.4-1.fc13: jobviewer.py:125:_map_printer:RuntimeError: failed to connect to server https://bugzilla.redhat.com/show_bug.cgi?id=648014 [ 4 ] Bug #658550 - Spaces in printer name get removed https://bugzilla.redhat.com/show_bug.cgi?id=658550 [ 5 ] Bug #662047 - troubleshooter uses D-Bus from two threads https://bugzilla.redhat.com/show_bug.cgi?id=662047 [ 6 ] Bug #668127 - [abrt] system-config-printer-1.2.5-8.fc14: system-config-printer.py:5634:entry_changed:UnicodeDecodeError: 'utf8' codec can't decode byte 0xaa in position 52: invalid start byte https://bugzilla.redhat.com/show_bug.cgi?id=668127 [ 7 ] Bug #669820 - dnssd unable to resolve URI for HP network printer https://bugzilla.redhat.com/show_bug.cgi?id=669820 -------------------------------------------------------------------------------- ================================================================================ topgit-0.9-0.3.gitd279e292.fc13 (FEDORA-2011-0499) A different patch queue manager -------------------------------------------------------------------------------- Update Information: Update to the latest head version. This is a release candidate for the upcoming topgit 0.9 version. It adds tg-prev and tg-next commands. The tg-mail and tg-summary commands accept -i/-w switches now (base the operation on the index/working dir instead of branch). -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 26 2010 Thomas Moschny <thomas.moschny@xxxxxx> - 0.9-0.3.gitd279e292 - Update to revision d279e292. -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test