Fedora 13 updates-testing report

updates@xxxxxxxxxxxxxxxxx · Thu, 20 Jan 2011 19:57:32 +0000

The following Fedora 13 Security updates need testing:

    https://admin.fedoraproject.org/updates/dbus-1.2.24-2.fc13
    https://admin.fedoraproject.org/updates/subversion-1.6.15-1.fc13
    https://admin.fedoraproject.org/updates/php-5.3.5-1.fc13,maniadrive-1.2-26.fc13.1,php-eaccelerator-0.9.6.1-4.fc13,maniadrive-data-1.2-5.fc13
    https://admin.fedoraproject.org/updates/libuser-0.56.16-1.fc13.2
    https://admin.fedoraproject.org/updates/wordpress-mu-2.9.2-3.fc13
    https://admin.fedoraproject.org/updates/dpkg-1.15.5.6-6.fc13
    https://admin.fedoraproject.org/updates/sssd-1.3.0-40.fc13
    https://admin.fedoraproject.org/updates/feh-1.10.1-1.fc13
    https://admin.fedoraproject.org/updates/mod_auth_mysql-3.0.0-12.fc13
    https://admin.fedoraproject.org/updates/chm2pdf-0.9.1-8.fc13
    https://admin.fedoraproject.org/updates/wireshark-1.2.14-1.fc13
    https://admin.fedoraproject.org/updates/sudo-1.7.4p5-1.fc13
    https://admin.fedoraproject.org/updates/hplip-3.10.9-14.fc13
    https://admin.fedoraproject.org/updates/myproxy-5.3-1.fc13
    https://admin.fedoraproject.org/updates/proftpd-1.3.3d-1.fc13
    https://admin.fedoraproject.org/updates/perl-CGI-Simple-1.112-2.fc13

The following Fedora 13 Critical Path updates have yet to be approved:

    https://admin.fedoraproject.org/updates/procps-3.2.8-8.fc13
    https://admin.fedoraproject.org/updates/sudo-1.7.4p5-1.fc13
    https://admin.fedoraproject.org/updates/elfutils-0.151-1.fc13
    https://admin.fedoraproject.org/updates/util-linux-ng-2.17.2-10.fc13
    https://admin.fedoraproject.org/updates/libuser-0.56.16-1.fc13.2
    https://admin.fedoraproject.org/updates/attr-2.4.44-4.fc13
    https://admin.fedoraproject.org/updates/livecd-tools-13.1-1.fc13
    https://admin.fedoraproject.org/updates/selinux-policy-3.7.19-80.fc13
    https://admin.fedoraproject.org/updates/libical-0.46-2.fc13
    https://admin.fedoraproject.org/updates/pm-utils-1.2.6.1-4.fc13
    https://admin.fedoraproject.org/updates/mash-0.5.20-1.fc13
    https://admin.fedoraproject.org/updates/openldap-2.4.21-11.fc13
    https://admin.fedoraproject.org/updates/nss-3.12.7-4.fc13,nss-util-3.12.7-2.fc13,nss-softokn-3.12.7-3.fc13,nspr-4.8.6-1.fc13
    https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-7.fc13

The following builds have been pushed to Fedora 13 updates-testing

    R-qtl-1.19.20-1.fc13
    bicon-0.2.0-1.fc13
    boinc-client-6.10.58-1.r22930svn.fc13
    cvs-1.11.23-11.fc13
    gnome-commander-1.2.8.10-1.fc13
    holland-1.0.6-2.fc13
    k3b-2.0.2-2.fc13
    libmcs-0.7.2-3.fc13
    mfiler3-4.2.1-1.fc13
    perl-CDB_File-0.96-2.fc13
    perl-IO-Socket-SSL-1.38-1.fc13
    proftpd-1.3.3d-1.fc13
    python-dialog-2.7-13.fc13
    rubygem-hashery-1.4.0-2.fc13
    saphire-1.2.4-1.fc13

Details about builds:

================================================================================
 R-qtl-1.19.20-1.fc13 (FEDORA-2011-0629)
 Tools for analyzing QTL experiments
--------------------------------------------------------------------------------
Update Information:

New version from http://www.rqtl.org/

--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 19 2011 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 1.19.20-1
- New upstream release
--------------------------------------------------------------------------------

================================================================================
 bicon-0.2.0-1.fc13 (FEDORA-2011-0606)
 Bidirectional Console
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #670090 - Review Request: bicon - Bidirectional Console
        https://bugzilla.redhat.com/show_bug.cgi?id=670090
--------------------------------------------------------------------------------

================================================================================
 boinc-client-6.10.58-1.r22930svn.fc13 (FEDORA-2011-0628)
 The BOINC client core
--------------------------------------------------------------------------------
Update Information:

-Update to bugfix release 5.10.58, see http://boinc.berkeley.edu/trac/wiki/VersionHistory
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jan 20 2011 MiloÅ JakubÃÄek <xjakub@xxxxxxxxxx> - 6.10.58-1.r22930svn
- Rebase the 6.10 branch to 6.10.58
- Fix rpmlint complaining:
- E: executable-marked-as-config-file /etc/sysconfig/boinc-client
- E: script-without-shebang /etc/sysconfig/boinc-client
* Wed Jul 14 2010 Dan HorÃk <dan@xxxxxxxx> - 6.10.45-2.r21128svn
- rebuilt against wxGTK-2.8.11-2
--------------------------------------------------------------------------------

================================================================================
 cvs-1.11.23-11.fc13 (FEDORA-2011-0605)
 A version control system
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jan 20 2011 Petr Pisar <ppisar@xxxxxxxxxx> - 1.11.23-11
- Make cvs.csh valid CSH script (bug #671003)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #671003 - /etc/profile.d/cvs.csh uses non-tcsh syntax
        https://bugzilla.redhat.com/show_bug.cgi?id=671003
--------------------------------------------------------------------------------

================================================================================
 gnome-commander-1.2.8.10-1.fc13 (FEDORA-2011-0595)
 A nice and fast file manager for the GNOME desktop
--------------------------------------------------------------------------------
Update Information:

New version 1.2.8.10 is released.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jan 20 2011 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxxxx> - 2:1.2.8.10-1
- Update to 1.2.8.10
--------------------------------------------------------------------------------

================================================================================
 holland-1.0.6-2.fc13 (FEDORA-2011-0615)
 Pluggable Backup Framework
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jan 13 2011 BJ Dierkes <wdierkes@xxxxxxxxxxxxx> - 1.0.6-2
- Remove Requires: xtrabackup from holland-xtrabackup.  Fedora
  doesn't provide xtrabackup currently, however there are solutions
  out there that people may want to use holland-xtrabackup for.
* Wed Jan 12 2011 BJ Dierkes <wdierkes@xxxxxxxxxxxxx> - 1.0.6-1
- Latest sources from upstream.  Full change log available at:
  http://hollandbackup.org/releases/stable/1.0/CHANGES.txt
- ChangeLog became CHANGES.txt
- Add pgdump and xtrabackup by default
- No longer package -random by default (shouldn't have been in
  anyway).  Main package Obsoletes: holland-random < 1.0.6
* Tue Dec 14 2010 BJ Dierkes <wdierkes@xxxxxxxxxxxxx> - 1.0.5-1
- Development version
* Tue Dec 14 2010 BJ Dierkes <wdierkes@xxxxxxxxxxxxx> - 1.0.4-3
- Remove condition check around setting python_site{lib,arch} as
  it is not supported in el4.
- No longer set python_sitearch as we aren't using it
--------------------------------------------------------------------------------

================================================================================
 k3b-2.0.2-2.fc13 (FEDORA-2011-0626)
 CD/DVD/Blu-ray burning application
--------------------------------------------------------------------------------
Update Information:

notes=New upstream release, includes a handful of crash fixes.  Fedora's build
has been patched to prefer use of growisofs (over wodim) for dvd/blueray.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jan 20 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 1:2.0.2-2
- use growisofs for blueray too (#610976)
* Wed Jan 19 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 1:2.0.2-1
- k3b-2.0.2 (#670325)
- use growisofs for dvd's (#610976)
* Tue Nov 23 2010 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 1:2.0.1-5
- turns out existing hal support is mostly harmless (not required, but will
  use if present), so back out those changes.
* Tue Nov 23 2010 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 1:2.0.1-4
- build without ENABLE_HAL_SUPPORT (f15+)
- spec cleanup
* Tue Nov 23 2010 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 1:2.0.1-3
- Requires: hal-storage-addon
* Tue Oct  5 2010 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 1:2.0.1-2
- drop workaround patch if building on/for kde-4.5.2+ (#582764)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #610976 - unable to burn dual layer DVD+R
        https://bugzilla.redhat.com/show_bug.cgi?id=610976
  [ 2 ] Bug #670325 - k3b-2.0.2 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=670325
--------------------------------------------------------------------------------

================================================================================
 libmcs-0.7.2-3.fc13 (FEDORA-2011-0608)
 Configuration file abstraction library
--------------------------------------------------------------------------------
Update Information:

Update from 0.7.1 to 0.7.2 to reduce patch count and to get additional fixes. The API documentation is included as HTML now.
The package has been renamed from "mcs".

For testers, libmcs is used by Audacious, which must continue to work during basic usage.

--------------------------------------------------------------------------------

================================================================================
 mfiler3-4.2.1-1.fc13 (FEDORA-2011-0607)
 Two pane file manager under UNIX console
--------------------------------------------------------------------------------
Update Information:

saphire 1.2.4 / mfiler3 4.2.1 is released.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 19 2011 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxxxx> - 4.2.1-1
- 4.2.1
* Tue Jan 18 2011 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxxxx> - 4.2.0-1
- 4.2.0
--------------------------------------------------------------------------------

================================================================================
 perl-CDB_File-0.96-2.fc13 (FEDORA-2011-0617)
 Perl extension for access to cdb databases
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #656084 - Review Request: perl-CDB_File - Perl extension for access to cdb databases
        https://bugzilla.redhat.com/show_bug.cgi?id=656084
--------------------------------------------------------------------------------

================================================================================
 perl-IO-Socket-SSL-1.38-1.fc13 (FEDORA-2011-0614)
 Perl library for transparent SSL
--------------------------------------------------------------------------------
Update Information:

This update, to the current upstream release, fixes CPAN RT#64864, where the wildcards_in_cn setting for the HTTP protocol was wrongly set in the previous version to "1" instead of "anywhere".

--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan 18 2011 Paul Howarth <paul@xxxxxxxxxxxx> - 1.38-1
- Update to 1.38
  - fixed wildcards_in_cn setting for http, wrongly set in 1.34 to 1 instead of
    anywhere (CPAN RT#64864)
--------------------------------------------------------------------------------

================================================================================
 proftpd-1.3.3d-1.fc13 (FEDORA-2011-0613)
 Flexible, stable and highly-configurable FTP server
--------------------------------------------------------------------------------
Update Information:

This is an update to the current upstream maintenance release, which addresses a security issue that could affect users of the mod_sql module (not enabled by default).

* A heap-based buffer overflow flaw was found in the way ProFTPD FTP server prepared SQL queries for certain usernames, when the mod_sql module was enabled. A remote, unauthenticated attacker could use this flaw to cause the proftpd daemon to crash or, potentially, to execute arbitrary code with the privileges of the user running 'proftpd' via a specially-crafted username, provided in the authentication dialog.

The update also fixes a CPU spike when handling .ftpaccess files, and handling of SFTP uploads when compression is used.

--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 19 2011 Paul Howarth <paul@xxxxxxxxxxxx> 1.3.3d-1
- Updated to 1.3.3d
  - Fixed sql_prepare_where() buffer overflow (bug 3536, CVE-2010-4652)
  - Fixed CPU spike when handling .ftpaccess files
  - Fixed handling of SFTP uploads when compression is used
- Add Default-Stop LSB keyword in initscript (for runlevels 0, 1, and 6)
- Fix typos in config file and initscript
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #670170 - CVE-2010-4652 ProFTPD (mod_sql): Heap-based buffer overflow by processing certain usernames, when mod_sql module enabled
        https://bugzilla.redhat.com/show_bug.cgi?id=670170
--------------------------------------------------------------------------------

================================================================================
 python-dialog-2.7-13.fc13 (FEDORA-2011-0624)
 Python interface to the Unix dialog utility
--------------------------------------------------------------------------------
Update Information:

Fix BZ#594988
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jan 20 2011 MiloÅ JakubÃÄek <xjakub@xxxxxxxxxx> - 2.7-13
- Added python-dialog-demo.patch, fix BZ#594988
- Fix rpmlint: W: file-not-utf8 /usr/share/doc/python-dialog-2.7/TODO
- Fix rpmlint: W: file-not-utf8 /usr/share/doc/python-dialog-2.7/README
* Thu Jul 22 2010 David Malcolm <dmalcolm@xxxxxxxxxx> - 2.7-12
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #594988 - demo.py crashes when run from different location
        https://bugzilla.redhat.com/show_bug.cgi?id=594988
--------------------------------------------------------------------------------

================================================================================
 rubygem-hashery-1.4.0-2.fc13 (FEDORA-2011-0630)
 Facets bread collection of Hash-like classes
--------------------------------------------------------------------------------
Update Information:

Updated to new upstream release: 1.4.0
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jan 20 2011 Marek Goldmann <mgoldman@xxxxxxxxxx> - 1.4.0-2
- Fixed files section
* Thu Jan 20 2011 Marek Goldmann <mgoldman@xxxxxxxxxx> - 1.4.0-1
- Updated to new upstream release: 1.4.0
--------------------------------------------------------------------------------

================================================================================
 saphire-1.2.4-1.fc13 (FEDORA-2011-0607)
 Yet another shell
--------------------------------------------------------------------------------
Update Information:

saphire 1.2.4 / mfiler3 4.2.1 is released.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 19 2011 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxxxx> - 1.2.4-1
- 1.2.4
* Tue Jan 18 2011 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxxxx> - 1.2.3-1
- 1.2.3
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe: 
https://admin.fedoraproject.org/mailman/listinfo/test