The following Fedora 14 Security updates need testing:
https://admin.fedoraproject.org/updates/libuser-0.56.18-3.fc14
https://admin.fedoraproject.org/updates/wordpress-mu-2.9.2-3.fc14
https://admin.fedoraproject.org/updates/dpkg-1.15.5.6-6.fc14
https://admin.fedoraproject.org/updates/sssd-1.5.0-2.fc14
https://admin.fedoraproject.org/updates/php-5.3.5-1.fc14,maniadrive-1.2-26.fc14.1,php-eaccelerator-0.9.6.1-4.fc14,maniadrive-data-1.2-5.fc14
https://admin.fedoraproject.org/updates/feh-1.10.1-1.fc14
https://admin.fedoraproject.org/updates/socat-1.7.1.3-1.fc14
https://admin.fedoraproject.org/updates/mod_auth_mysql-3.0.0-12.fc14
https://admin.fedoraproject.org/updates/chm2pdf-0.9.1-9.fc14
https://admin.fedoraproject.org/updates/wireshark-1.4.3-1.fc14
https://admin.fedoraproject.org/updates/hplip-3.10.9-14.fc14
https://admin.fedoraproject.org/updates/myproxy-5.3-1.fc14
https://admin.fedoraproject.org/updates/proftpd-1.3.3d-1.fc14
https://admin.fedoraproject.org/updates/perl-CGI-Simple-1.112-2.fc14
https://admin.fedoraproject.org/updates/exim-4.72-2.fc14
The following Fedora 14 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/selinux-policy-3.9.7-25.fc14
https://admin.fedoraproject.org/updates/glibc-2.13-1
https://admin.fedoraproject.org/updates/dmidecode-2.11-1.fc14
https://admin.fedoraproject.org/updates/procps-3.2.8-15.fc14
https://admin.fedoraproject.org/updates/system-setup-keyboard-0.8.6-3.fc14
https://admin.fedoraproject.org/updates/xorg-x11-drv-geode-2.11.11-2.fc14
https://admin.fedoraproject.org/updates/libuser-0.56.18-3.fc14
The following builds have been pushed to Fedora 14 updates-testing
ElectricFence-2.2.2-30.fc14
R-qtl-1.19.20-1.fc14
bicon-0.2.0-1.fc14
boinc-client-6.10.58-1.r22930svn.fc14
cvs-1.11.23-12.fc14
dhcp-4.2.0-18.P2.fc14
drupal6-advanced-help-1.2-2.fc14
drupal6-footnotes-2.5-1.fc14
glibc-2.13-1
gnome-commander-1.2.8.10-1.fc14
holland-1.0.6-2.fc14
k3b-2.0.2-2.fc14
libmcs-0.7.2-3.fc14
mfiler3-4.2.1-1.fc14
perl-CDB_File-0.96-2.fc14
perl-IO-Socket-SSL-1.38-1.fc14
proftpd-1.3.3d-1.fc14
python-dialog-2.7-13.fc14
rubygem-hashery-1.4.0-2.fc14
saphire-1.2.4-1.fc14
selinux-policy-3.9.7-25.fc14
setroubleshoot-plugins-3.0.11-1.fc14
xmlstarlet-1.0.4-1.fc14
Details about builds:
================================================================================
ElectricFence-2.2.2-30.fc14 (FEDORA-2011-0594)
A debugger which detects memory allocation violations
--------------------------------------------------------------------------------
Update Information:
Use the same formula as glibc uses to compute the memory alignment.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 19 2011 Petr Machata <pmachata@xxxxxxxxxx> - 2.2.2-30
- Use the same formula as glibc uses to align memory
- Resolves: #662085
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #662085 - ElectricFence (ef/efence) doesn't properly align memory by default
https://bugzilla.redhat.com/show_bug.cgi?id=662085
--------------------------------------------------------------------------------
================================================================================
R-qtl-1.19.20-1.fc14 (FEDORA-2011-0622)
Tools for analyzing QTL experiments
--------------------------------------------------------------------------------
Update Information:
New version from http://www.rqtl.org/
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 19 2011 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 1.19.20-1
- New upstream release
--------------------------------------------------------------------------------
================================================================================
bicon-0.2.0-1.fc14 (FEDORA-2011-0600)
Bidirectional Console
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #670090 - Review Request: bicon - Bidirectional Console
https://bugzilla.redhat.com/show_bug.cgi?id=670090
--------------------------------------------------------------------------------
================================================================================
boinc-client-6.10.58-1.r22930svn.fc14 (FEDORA-2011-0609)
The BOINC client core
--------------------------------------------------------------------------------
Update Information:
-Update to bugfix release 5.10.58, see http://boinc.berkeley.edu/trac/wiki/VersionHistory
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 20 2011 MiloÅ JakubÃÄek <xjakub@xxxxxxxxxx> - 6.10.58-1.r22930svn
- Rebase the 6.10 branch to 6.10.58
- Fix rpmlint complaining:
- E: executable-marked-as-config-file /etc/sysconfig/boinc-client
- E: script-without-shebang /etc/sysconfig/boinc-client
--------------------------------------------------------------------------------
================================================================================
cvs-1.11.23-12.fc14 (FEDORA-2011-0599)
A version control system
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 20 2011 Petr Pisar <ppisar@xxxxxxxxxx> - 1.11.23-12
- Make cvs.csh valid CSH script (bug #671003)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #671003 - /etc/profile.d/cvs.csh uses non-tcsh syntax
https://bugzilla.redhat.com/show_bug.cgi?id=671003
--------------------------------------------------------------------------------
================================================================================
dhcp-4.2.0-18.P2.fc14 (FEDORA-2011-0618)
Dynamic host configuration protocol software
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 13 2011 Jiri Popelka <jpopelka@xxxxxxxxxx> - 12:4.2.0-18.P2
- Fix loading of configuration when LDAP is used (#668276)
* Mon Jan 3 2011 Jiri Popelka <jpopelka@xxxxxxxxxx> - 12:4.2.0-17.P2
- Fix OMAPI (#666441)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #666441 - OMAPI doesn't work, and causes DHCPD cpu usage to spike to 100%
https://bugzilla.redhat.com/show_bug.cgi?id=666441
[ 2 ] Bug #668276 - dhcp-ldap config load problem
https://bugzilla.redhat.com/show_bug.cgi?id=668276
[ 3 ] Bug #671105 - dhclient can't apply IPV6 address (from Windows Server 2008 DHCP Server) to eth0
https://bugzilla.redhat.com/show_bug.cgi?id=671105
--------------------------------------------------------------------------------
================================================================================
drupal6-advanced-help-1.2-2.fc14 (FEDORA-2011-0604)
Allows module developers to store their help outside the module system in html
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #642857 - Review Request: drupal6-advanced-help - Allows module developers to store their help outside the module system in html
https://bugzilla.redhat.com/show_bug.cgi?id=642857
--------------------------------------------------------------------------------
================================================================================
drupal6-footnotes-2.5-1.fc14 (FEDORA-2011-0623)
Allows to easily create automatically numbered footnote references
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #642858 - Review Request: drupal6-footnotes - Allows to easily create automatically numbered footnote references
https://bugzilla.redhat.com/show_bug.cgi?id=642858
--------------------------------------------------------------------------------
================================================================================
glibc-2.13-1 (FEDORA-2011-0601)
The GNU libc libraries
--------------------------------------------------------------------------------
Update Information:
Update to 2.13 release
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 18 2011 Andreas Schwab <schwab@xxxxxxxxxx> - 2.13-1
- Update to 2.13 release
- Define AT_NO_AUTOMOUNT
- Define MADV_HUGEPAGE and MADV_NOHUGEPAGE
- Add definitions for new socket protocols
- Signal temporary host lookup errors in nscd as such to the
requester (BZ#6812)
- Change setgroups to affect all the threads in the process
(BZ#10563)
- FIx handling of unterminated [ expression in fnmatch (BZ#12378)
- Relax requirement on close in child created by posix_spawn
- Fix handling of missing syscall in Linux mkdirat (BZ#12397)
- Handle long lines in host lookups in the right place (BZ#10484)
- Fix assertion when handling DSTs during auditing
- Fix alignment in x86 destructor calls
- Fix grouping when rounding increases number of integer digits
(BZ#12394)
- Update Japanese translations
- Fix infloop on persistent failing calloc in regex (BZ#12348)
- Use prlimit64 for 32-bit [gs]etrlimit64 implementation (BZ#12201)
- Change XPG-compliant strerror_r function to return error code
(BZ#12204)
- Always allow overwriting printf modifiers etc.
- Make PowerPC64 default to nonexecutable stack
--------------------------------------------------------------------------------
================================================================================
gnome-commander-1.2.8.10-1.fc14 (FEDORA-2011-0616)
A nice and fast file manager for the GNOME desktop
--------------------------------------------------------------------------------
Update Information:
New version 1.2.8.10 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 20 2011 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxxxx> - 3:1.2.8.10-1
- Update to 1.2.8.10
--------------------------------------------------------------------------------
================================================================================
holland-1.0.6-2.fc14 (FEDORA-2011-0597)
Pluggable Backup Framework
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 13 2011 BJ Dierkes <wdierkes@xxxxxxxxxxxxx> - 1.0.6-2
- Remove Requires: xtrabackup from holland-xtrabackup. Fedora
doesn't provide xtrabackup currently, however there are solutions
out there that people may want to use holland-xtrabackup for.
* Wed Jan 12 2011 BJ Dierkes <wdierkes@xxxxxxxxxxxxx> - 1.0.6-1
- Latest sources from upstream. Full change log available at:
http://hollandbackup.org/releases/stable/1.0/CHANGES.txt
- ChangeLog became CHANGES.txt
- Add pgdump and xtrabackup by default
- No longer package -random by default (shouldn't have been in
anyway). Main package Obsoletes: holland-random < 1.0.6
* Tue Dec 14 2010 BJ Dierkes <wdierkes@xxxxxxxxxxxxx> - 1.0.5-1
- Development version
* Tue Dec 14 2010 BJ Dierkes <wdierkes@xxxxxxxxxxxxx> - 1.0.4-3
- Remove condition check around setting python_site{lib,arch} as
it is not supported in el4.
- No longer set python_sitearch as we aren't using it
--------------------------------------------------------------------------------
================================================================================
k3b-2.0.2-2.fc14 (FEDORA-2011-0598)
CD/DVD/Blu-ray burning application
--------------------------------------------------------------------------------
Update Information:
New upstream release, includes a handful of crash fixes. Fedora's build
has been patched to prefer use of growisofs (over wodim) for dvd/blueray.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 20 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 1:2.0.2-2
- use growisofs for blueray too (#610976)
* Wed Jan 19 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 1:2.0.2-1
- k3b-2.0.2 (#670325)
- use growisofs for dvd's (#610976)
* Tue Nov 23 2010 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 1:2.0.1-5
- turns out existing hal support is mostly harmless (not required, but will
use if present), so back out those changes.
* Tue Nov 23 2010 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 1:2.0.1-4
- build without ENABLE_HAL_SUPPORT (f15+)
- spec cleanup
* Tue Nov 23 2010 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 1:2.0.1-3
- Requires: hal-storage-addon
* Tue Oct 5 2010 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 1:2.0.1-2
- drop workaround patch if building on/for kde-4.5.2+ (#582764)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #610976 - unable to burn dual layer DVD+R
https://bugzilla.redhat.com/show_bug.cgi?id=610976
[ 2 ] Bug #670325 - k3b-2.0.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=670325
--------------------------------------------------------------------------------
================================================================================
libmcs-0.7.2-3.fc14 (FEDORA-2011-0596)
Configuration file abstraction library
--------------------------------------------------------------------------------
Update Information:
Update from 0.7.1 to 0.7.2 to reduce patch count and to get additional fixes. The API documentation is included as HTML now.
The package has been renamed from "mcs".
For testers, libmcs is used by Audacious, which must continue to work during basic usage.
--------------------------------------------------------------------------------
================================================================================
mfiler3-4.2.1-1.fc14 (FEDORA-2011-0603)
Two pane file manager under UNIX console
--------------------------------------------------------------------------------
Update Information:
saphire 1.2.4 / mfiler3 4.2.1 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 19 2011 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxxxx> - 4.2.1-1
- 4.2.1
* Tue Jan 18 2011 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxxxx> - 4.2.0-1
- 4.2.0
--------------------------------------------------------------------------------
================================================================================
perl-CDB_File-0.96-2.fc14 (FEDORA-2011-0620)
Perl extension for access to cdb databases
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #656084 - Review Request: perl-CDB_File - Perl extension for access to cdb databases
https://bugzilla.redhat.com/show_bug.cgi?id=656084
--------------------------------------------------------------------------------
================================================================================
perl-IO-Socket-SSL-1.38-1.fc14 (FEDORA-2011-0612)
Perl library for transparent SSL
--------------------------------------------------------------------------------
Update Information:
This update, to the current upstream release, fixes CPAN RT#64864, where the wildcards_in_cn setting for the HTTP protocol was wrongly set in the previous version to "1" instead of "anywhere".
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 18 2011 Paul Howarth <paul@xxxxxxxxxxxx> - 1.38-1
- Update to 1.38
- fixed wildcards_in_cn setting for http, wrongly set in 1.34 to 1 instead of
anywhere (CPAN RT#64864)
--------------------------------------------------------------------------------
================================================================================
proftpd-1.3.3d-1.fc14 (FEDORA-2011-0610)
Flexible, stable and highly-configurable FTP server
--------------------------------------------------------------------------------
Update Information:
This is an update to the current upstream maintenance release, which addresses a security issue that could affect users of the mod_sql module (not enabled by default).
* A heap-based buffer overflow flaw was found in the way ProFTPD FTP server prepared SQL queries for certain usernames, when the mod_sql module was enabled. A remote, unauthenticated attacker could use this flaw to cause the proftpd daemon to crash or, potentially, to execute arbitrary code with the privileges of the user running 'proftpd' via a specially-crafted username, provided in the authentication dialog.
The update also fixes a CPU spike when handling .ftpaccess files, and handling of SFTP uploads when compression is used.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 19 2011 Paul Howarth <paul@xxxxxxxxxxxx> 1.3.3d-1
- Updated to 1.3.3d
- Fixed sql_prepare_where() buffer overflow (bug 3536, CVE-2010-4652)
- Fixed CPU spike when handling .ftpaccess files
- Fixed handling of SFTP uploads when compression is used
- Add Default-Stop LSB keyword in initscript (for runlevels 0, 1, and 6)
- Fix typos in config file and initscript
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #670170 - CVE-2010-4652 ProFTPD (mod_sql): Heap-based buffer overflow by processing certain usernames, when mod_sql module enabled
https://bugzilla.redhat.com/show_bug.cgi?id=670170
--------------------------------------------------------------------------------
================================================================================
python-dialog-2.7-13.fc14 (FEDORA-2011-0625)
Python interface to the Unix dialog utility
--------------------------------------------------------------------------------
Update Information:
Fix BZ#594988
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 20 2011 MiloÅ JakubÃÄek <xjakub@xxxxxxxxxx> - 2.7-13
- Added python-dialog-demo.patch, fix BZ#594988
- Fix rpmlint: W: file-not-utf8 /usr/share/doc/python-dialog-2.7/TODO
- Fix rpmlint: W: file-not-utf8 /usr/share/doc/python-dialog-2.7/README
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #594988 - demo.py crashes when run from different location
https://bugzilla.redhat.com/show_bug.cgi?id=594988
--------------------------------------------------------------------------------
================================================================================
rubygem-hashery-1.4.0-2.fc14 (FEDORA-2011-0619)
Facets bread collection of Hash-like classes
--------------------------------------------------------------------------------
Update Information:
Updated to new upstream release: 1.4.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 20 2011 Marek Goldmann <mgoldman@xxxxxxxxxx> - 1.4.0-2
- Fixed files section
* Thu Jan 20 2011 Marek Goldmann <mgoldman@xxxxxxxxxx> - 1.4.0-1
- Updated to new upstream release: 1.4.0
--------------------------------------------------------------------------------
================================================================================
saphire-1.2.4-1.fc14 (FEDORA-2011-0603)
Yet another shell
--------------------------------------------------------------------------------
Update Information:
saphire 1.2.4 / mfiler3 4.2.1 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 19 2011 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxxxx> - 1.2.4-1
- 1.2.4
* Tue Jan 18 2011 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxxxx> - 1.2.3-1
- 1.2.3
--------------------------------------------------------------------------------
================================================================================
selinux-policy-3.9.7-25.fc14 (FEDORA-2011-0602)
SELinux policy configuration
--------------------------------------------------------------------------------
Update Information:
- .forward.* Needs to be labeled mail_home_t
- .forward file can cause postfix_local to execute local content
- Add puppetmaster_uses_db boolean
- Add oracle ports and allow apache to connect to them if the connect_db boolean is turned on
- sandbox fixes
- Allow shorewall to read iptables conf files
- Allow dirsrv to use kerberos
- Make kernel_t domain MLS trusted for lowering the level of file.
- Add label for /var/lib/tftpboot/grub directory
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 20 2011 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.9.7-25
- .forward.* Needs to be labeled mail_home_t
- .forward file can cause postfix_local to execute local content
* Wed Jan 19 2011 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.9.7-24
- Add sepgsql fixes from KaiGai Kohei
* Wed Jan 19 2011 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.9.7-23
- Add puppetmaster_uses_db boolean
- Add oracle ports and allow apache to connect to them if the connect_db boolean is turned on
- sandbox fixes
- Allow shorewall to read iptables conf files
* Fri Jan 14 2011 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.9.7-22
- Add namespace policy
- Update for screen policy to handle pipe in homedir
- Fixes for polyinstatiated homedir
- Allow dirsrv to use kerberos
* Fri Jan 7 2011 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.9.7-21
- Make kernel_t domain MLS trusted for lowering the level of file.
- Add label for /var/lib/tftpboot/grub directory
- Fixes for mpd policy
- Fix amanda_search_lib interface
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #667800 - SELinux is preventing /usr/bin/python "write" access on cobbler.
https://bugzilla.redhat.com/show_bug.cgi?id=667800
[ 2 ] Bug #667303 - SELinux is preventing mysqld_safe from using the 'signull' accesses on a process.
https://bugzilla.redhat.com/show_bug.cgi?id=667303
[ 3 ] Bug #667353 - SELinux is preventing /usr/bin/mpd from 'connectto' accesses on the unix_stream_socket @/tmp/.X11-unix/X0.
https://bugzilla.redhat.com/show_bug.cgi?id=667353
[ 4 ] Bug #669385 - SELinux errors - ns-slapd
https://bugzilla.redhat.com/show_bug.cgi?id=669385
[ 5 ] Bug #670358 - SELinux is preventing /usr/bin/perl from 'execute' accesses on the file /usr/bin/python.
https://bugzilla.redhat.com/show_bug.cgi?id=670358
[ 6 ] Bug #670180 - avc: SELinux and Shorewall with IPSets (FC14)
https://bugzilla.redhat.com/show_bug.cgi?id=670180
[ 7 ] Bug #670730 - sectool prevented from running tests
https://bugzilla.redhat.com/show_bug.cgi?id=670730
[ 8 ] Bug #670864 - httpd denied read to /etc/cobbler/power
https://bugzilla.redhat.com/show_bug.cgi?id=670864
[ 9 ] Bug #670894 - cobblerd and httpd have many denials
https://bugzilla.redhat.com/show_bug.cgi?id=670894
[ 10 ] Bug #662938 - SELinux is preventing /usr/bin/newrole "setpcap" access .
https://bugzilla.redhat.com/show_bug.cgi?id=662938
[ 11 ] Bug #670929 - Postfix, SELinux and .forward
https://bugzilla.redhat.com/show_bug.cgi?id=670929
--------------------------------------------------------------------------------
================================================================================
setroubleshoot-plugins-3.0.11-1.fc14 (FEDORA-2011-0611)
Analysis plugins for use with setroubleshoot
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 18 2011 <dwalsh@xxxxxxxxxx> - 3.0.11-1
- Update translations
- Add findexecstack to allow_execstack to find offending libraries
* Wed Jan 12 2011 <dwalsh@xxxxxxxxxx> - 3.0.10-1
- Add dac_override plugin and update po
--------------------------------------------------------------------------------
================================================================================
xmlstarlet-1.0.4-1.fc14 (FEDORA-2011-0627)
Command Line XML Toolkit
--------------------------------------------------------------------------------
Update Information:
Bug fixes:
* encode special XML characters in arguments (can now include quotes in xpath)
* non-zero exit code when input file is not found
* ed with --pf/--ps options doesn't reformat output
* exit() instead of segfault when trying to delete namespace nodes
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 19 2011 Paul W. Frields <stickster@xxxxxxxxx> - 1.0.4-1
- Update to new upstream 1.0.4
- Drop patches for fixed upstream issues
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #670592 - xmlstarlet-1.0.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=670592
--------------------------------------------------------------------------------
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
