The following Fedora 14 Security updates need testing:
https://admin.fedoraproject.org/updates/bugzilla-3.6.4-1.fc14
https://admin.fedoraproject.org/updates/asterisk-1.6.2.16.1-1.fc14
https://admin.fedoraproject.org/updates/util-linux-ng-2.18-4.8.fc14
https://admin.fedoraproject.org/updates/dhcp-4.2.0-19.P2.fc14
https://admin.fedoraproject.org/updates/feh-1.10.1-1.fc14
https://admin.fedoraproject.org/updates/socat-1.7.1.3-1.fc14
https://admin.fedoraproject.org/updates/mod_auth_mysql-3.0.0-12.fc14
https://admin.fedoraproject.org/updates/wireshark-1.4.3-1.fc14
https://admin.fedoraproject.org/updates/tor-0.2.1.29-1400.fc14
https://admin.fedoraproject.org/updates/perl-CGI-Simple-1.113-1.fc14
https://admin.fedoraproject.org/updates/perl-CGI-3.51-1.fc14
https://admin.fedoraproject.org/updates/exim-4.72-2.fc14
The following Fedora 14 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/alsa-lib-1.0.24-1.fc14
https://admin.fedoraproject.org/updates/util-linux-ng-2.18-4.8.fc14
https://admin.fedoraproject.org/updates/system-config-users-1.2.106-1.fc14
https://admin.fedoraproject.org/updates/openldap-2.4.23-7.fc14
https://admin.fedoraproject.org/updates/python-ethtool-0.6-1.fc14
https://admin.fedoraproject.org/updates/perl-5.12.3-141.fc14
https://admin.fedoraproject.org/updates/nss-3.12.9-2.fc14
https://admin.fedoraproject.org/updates/glibc-2.13-1
https://admin.fedoraproject.org/updates/dmidecode-2.11-1.fc14
https://admin.fedoraproject.org/updates/xorg-x11-drv-geode-2.11.11-2.fc14
The following builds have been pushed to Fedora 14 updates-testing
alsa-lib-1.0.24-1.fc14
amanda-3.1.3-2.fc14
anki-1.2.5-1.fc14
clawsker-0.7.2-2.fc14
dhcp-4.2.0-19.P2.fc14
erlang-luke-0.2.3-2.fc14
gdesklets-0.36.3-1.fc14
ghc-xml-1.3.7-1.fc14
ksh-20110127-1.fc14
libmicrohttpd-0.9.6-1.fc14
libpagemap-0.0.1-4.fc14
perl-Eval-Closure-0.02-1.fc14
pssh-2.2.1-1.fc14
python-keyring-0.5.1-1.fc14
setroubleshoot-plugins-3.0.12-1.fc14
spice-gtk-0.5-1.fc14
sssd-1.5.1-2.1.fc14
tcsh-6.17-11.fc14
util-linux-ng-2.18-4.8.fc14
Details about builds:
================================================================================
alsa-lib-1.0.24-1.fc14 (FEDORA-2011-0840)
The Advanced Linux Sound Architecture (ALSA) library
--------------------------------------------------------------------------------
Update Information:
updated to 1.0.24 from upstream
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 28 2011 Jaroslav Kysela <jkysela@xxxxxxxxxx> - 1.0.24-1
- Updated to 1.0.24 final
--------------------------------------------------------------------------------
================================================================================
amanda-3.1.3-2.fc14 (FEDORA-2011-0855)
A network-capable tape backup solution
--------------------------------------------------------------------------------
Update Information:
This is an update that fixes problem with pipe output in amrestore.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 28 2011 Jan GÃrig <jgorig@xxxxxxxxxx> - 3.1.3-2
- fix #666968 - amrestore should restore one file when outputting to a pipe
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #666968 - amrestore should restore one file when outputting to a pipe
https://bugzilla.redhat.com/show_bug.cgi?id=666968
--------------------------------------------------------------------------------
================================================================================
anki-1.2.5-1.fc14 (FEDORA-2011-0481)
Flashcard program for using space repetition learning
--------------------------------------------------------------------------------
Update Information:
* update to new upstream version 1.2.5
* full changelog: http://www.ankisrs.net/changes.html
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 27 2011 Christian Krause <chkr@xxxxxxxxxxxxxxxxx> - 1.2.5-1
- Update to new upstream version 1.2.5 (BZ 665163)
* Sun Jan 23 2011 Christian Krause <chkr@xxxxxxxxxxxxxxxxx> - 1.2.4-1
- Update to new upstream version 1.2.4 (BZ 665163)
* Fri Jan 14 2011 Christian Krause <chkr@xxxxxxxxxxxxxxxxx> - 1.2.2-1
- Update to new upstream version 1.2.2 (BZ 665163)
* Tue Dec 14 2010 Christian Krause <chkr@xxxxxxxxxxxxxxxxx> - 1.1.10-1
- Update to new upstream version 1.1.10 (BZ 655939)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #665163 - anki-1.2.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=665163
--------------------------------------------------------------------------------
================================================================================
clawsker-0.7.2-2.fc14 (FEDORA-2011-0853)
Dialog to edit Claws Mail's hidden preferences
--------------------------------------------------------------------------------
Update Information:
Clawsker is a Perl-GTK2 applet to edit hidden preferences for Claws Mail, and to do it in a safe and user friendly way, preventing users from raw editing of configuration files.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #620191 - Review Request: clawsker - Dialog to edit Claws Mail's hidden preferences
https://bugzilla.redhat.com/show_bug.cgi?id=620191
--------------------------------------------------------------------------------
================================================================================
dhcp-4.2.0-19.P2.fc14 (FEDORA-2011-0862)
Dynamic host configuration protocol software
--------------------------------------------------------------------------------
Update Information:
A flaw was discovered in the way the dhcpd daemon processed a message for an address that had been previously declined and internally tagged as abandoned. Processing such a message could trigger an assert failure that could crash dhcpd if it was running as a DHCPv6 server. DHCPv4 servers are unaffected. (CVE-2011-0413)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 27 2011 Jiri Popelka <jpopelka@xxxxxxxxxx> - 12:4.2.0-19.P2
- CVE-2011-0413: Unexpected abort caused by a DHCPv6 decline message (#672996)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #672755 - CVE-2011-0413 dhcp: unexpected abort caused by a DHCPv6 decline message
https://bugzilla.redhat.com/show_bug.cgi?id=672755
--------------------------------------------------------------------------------
================================================================================
erlang-luke-0.2.3-2.fc14 (FEDORA-2011-0863)
Dataflow / MapReduce coordination framework
--------------------------------------------------------------------------------
Update Information:
* Remove useless runtime dependency on eunit
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 28 2011 Peter Lemenkov <lemenkov@xxxxxxxxx> - 0.2.3-2
- Remove useless runtime dependency on eunit
--------------------------------------------------------------------------------
================================================================================
gdesklets-0.36.3-1.fc14 (FEDORA-2011-0839)
Architecture for desktop applets
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 27 2011 Luya Tshimbalanga <luya@xxxxxxxxxxxxxxxxx> - 0.36.3-1
- New upstream version
- Fixed spec
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #657463 - [abrt] gdesklets-0.36.2-3.fc14: Process /usr/bin/python was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=657463
--------------------------------------------------------------------------------
================================================================================
ghc-xml-1.3.7-1.fc14 (FEDORA-2011-0851)
A simple XML library
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #648100 - Review Request: ghc-xml - A simple XML library
https://bugzilla.redhat.com/show_bug.cgi?id=648100
--------------------------------------------------------------------------------
================================================================================
ksh-20110127-1.fc14 (FEDORA-2011-0484)
The Original ATT Korn Shell
--------------------------------------------------------------------------------
Update Information:
- updated to 2011-01-04
- fixed crash caused by wrong wctrans_t size
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 28 2011 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 20110127-1
- ksh updated to 2011-01-27
* Thu Jan 20 2011 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 20110118-1
- ksh updated to 2011-01-18
* Mon Jan 17 2011 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 20110104-1
- ksh updated to 2011-01-04
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #667670 - [abrt] ksh-20110104-1.fc15: towctrans: Process /bin/ksh was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=667670
--------------------------------------------------------------------------------
================================================================================
libmicrohttpd-0.9.6-1.fc14 (FEDORA-2011-0846)
Lightweight library for embedding a webserver in applications
--------------------------------------------------------------------------------
Update Information:
Update to 0.9.6, fixes some bugs, introduces basic authentication.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 26 2011 Tim Niemueller <tim@xxxxxxxxxxxxx> - 0.9.6-1
- Update to new upstream release 0.9.6
* Mon Jan 24 2011 Tim Niemueller <tim@xxxxxxxxxxxxx> - 0.9.5-1
- Update to new upstream release 0.9.5
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #659035 - libmicrohttpd-0.9.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=659035
--------------------------------------------------------------------------------
================================================================================
libpagemap-0.0.1-4.fc14 (FEDORA-2011-0859)
Pagemap interface library
--------------------------------------------------------------------------------
Update Information:
- memory leaks fixed
- new plotting utility in contrib/ section
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 28 2011 Petr Holasek <pholasek at redhat.com> 0.0.1-4
- added pagemapvisual script for plotting of memory metrics to contrib/
- basic parts of library were rewritten to python as pagemapdata.py module
- fixed memory leak in pgmap
--------------------------------------------------------------------------------
================================================================================
perl-Eval-Closure-0.02-1.fc14 (FEDORA-2011-0857)
Safely and cleanly create closures via string eval
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #672015 - Review Request: perl-Eval-Closure - Safely and cleanly create closures via string eval
https://bugzilla.redhat.com/show_bug.cgi?id=672015
--------------------------------------------------------------------------------
================================================================================
pssh-2.2.1-1.fc14 (FEDORA-2011-0849)
Parallel SSH tools
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release pssh 2.2.1, fixing various bugs.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 27 2011 Terje Rosten <terje.rosten@xxxxxxx> - 2.2.1-1
- 2.2.1
* Sat Jan 22 2011 Terje Rosten <terje.rosten@xxxxxxx> - 2.2-1
- 2.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #641466 - [abrt] pssh-2.1.1-1.fc13: psshutil.py:18:read_hosts:IOError: [Errno 2] No such file or directory: 'pssh/wsb22'
https://bugzilla.redhat.com/show_bug.cgi?id=641466
--------------------------------------------------------------------------------
================================================================================
python-keyring-0.5.1-1.fc14 (FEDORA-2011-0844)
Python library to access the system keyring service
--------------------------------------------------------------------------------
Update Information:
*Remove a spurious KDE debug message when using KWallet
*Fix a bug that caused an exception if the user canceled the KWallet dialog
*Removed sub-packages: gnome and kwallet; removed "Requires: PyKDE4 PyQt4"
Pushing python-keyring-0.4-1 to fc13 and fc14 for testing
Pushing python-keyring-0.4-1 to fc13 and fc14 for testing
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #593800 - Review Request: python-keyring - keyring module for python
https://bugzilla.redhat.com/show_bug.cgi?id=593800
--------------------------------------------------------------------------------
================================================================================
setroubleshoot-plugins-3.0.12-1.fc14 (FEDORA-2011-0860)
Analysis plugins for use with setroubleshoot
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 24 2011 <dwalsh@xxxxxxxxxx> - 3.0.12-1
- Update translations
--------------------------------------------------------------------------------
================================================================================
spice-gtk-0.5-1.fc14 (FEDORA-2011-0864)
A GTK2 widget for SPICE clients
--------------------------------------------------------------------------------
Update Information:
spice-gtk release 0.5
Client libraries for SPICE desktop servers.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #657403 - Review Request: spice-gtk - A GTK widget for SPICE clients
https://bugzilla.redhat.com/show_bug.cgi?id=657403
--------------------------------------------------------------------------------
================================================================================
sssd-1.5.1-2.1.fc14 (FEDORA-2011-0852)
System Security Services Daemon
--------------------------------------------------------------------------------
Update Information:
- New upstream release 1.5.1
- Addresses CVE-2010-4341 - DoS in sssd PAM responder can prevent logins
- Vast performance improvements when enumerate = true
- All PAM actions will now perform a forced initgroups lookup instead of just
- a user information lookup
- This guarantees that all group information is available to other
- providers, such as the simple provider.
- For backwards-compatibility, DNS lookups will also fall back to trying the
- SSSD domain name as a DNS discovery domain.
- Support for more password expiration policies in LDAP
- 389 Directory Server
- FreeIPA
- ActiveDirectory
- Support for ldap_tls_{cert,key,cipher_suite} config options
- Assorted bugfixes
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 27 2011 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 1.5.1-2.1
- Remove requirement on krb5-devel 1.9
* Thu Jan 27 2011 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 1.5.1-2
- Restore Requires: cyrus-sasl-gssapi as it is not auto-detected during
- rpmbuild
* Thu Jan 27 2011 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 1.5.1-1
- New upstream release 1.5.1
- Addresses CVE-2010-4341 - DoS in sssd PAM responder can prevent logins
- Vast performance improvements when enumerate = true
- All PAM actions will now perform a forced initgroups lookup instead of just
- a user information lookup
- This guarantees that all group information is available to other
- providers, such as the simple provider.
- For backwards-compatibility, DNS lookups will also fall back to trying the
- SSSD domain name as a DNS discovery domain.
- Support for more password expiration policies in LDAP
- 389 Directory Server
- FreeIPA
- ActiveDirectory
- Support for ldap_tls_{cert,key,cipher_suite} config options
-Assorted bugfixes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #656906 - sssd krb5 backend does a DNS SRV query for _KERBEROS._tcp then talks UDP
https://bugzilla.redhat.com/show_bug.cgi?id=656906
[ 2 ] Bug #668144 - Typos in SSSD manual
https://bugzilla.redhat.com/show_bug.cgi?id=668144
--------------------------------------------------------------------------------
================================================================================
tcsh-6.17-11.fc14 (FEDORA-2011-0845)
An enhanced version of csh, the C shell
--------------------------------------------------------------------------------
Update Information:
- Modify verbose patch to match with upstream (don't print on history -S)
Resolves: #672810
- Fix error message on exit
Resolves: #672810
- Make wait builtin command interruptible
Resolves: #440465
- Remove fork when tcsh processes backquotes
Resolves: #594536
- Don't set $REMOTEHOST on the local machine
Resolves: #669176
- Don't print history in verbose mode
Resolves: #583075, #658171
- Don't allow illegal variable names to be set
Resolves: #436901
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 28 2011 Vojtech Vitek (V-Teq) <vvitek@xxxxxxxxxx> - 6.17-11
- Modify verbose patch to match with upstream (don't print on history -S)
Resolves: #672810
* Wed Jan 26 2011 Vojtech Vitek (V-Teq) <vvitek@xxxxxxxxxx> - 6.17-10
- Fix error message on exit
Resolves: #672810
* Tue Jan 25 2011 Vojtech Vitek (V-Teq) <vvitek@xxxxxxxxxx> - 6.17-9
- Make wait builtin command interruptible
Resolves: #440465
- Remove fork when tcsh processes backquotes
Resolves: #594536
- Don't set $REMOTEHOST on the local machine
Resolves: #669176
- Don't print history in verbose mode
Resolves: #583075, #658171
- Don't allow illegal variable names to be set
Resolves: #436901
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #672810 - [tcsh] returns "verbose: Undefined variable." upon exit
https://bugzilla.redhat.com/show_bug.cgi?id=672810
[ 2 ] Bug #440465 - the wait command in csh is not interruptible
https://bugzilla.redhat.com/show_bug.cgi?id=440465
[ 3 ] Bug #594536 - Extra fork when tcsh processes backquotes
https://bugzilla.redhat.com/show_bug.cgi?id=594536
[ 4 ] Bug #669176 - $REMOTEHOST is set empty on the local machine in csh and tcsh
https://bugzilla.redhat.com/show_bug.cgi?id=669176
[ 5 ] Bug #583075 - Running tcsh with '-v' option dumps contents of ~/.history
https://bugzilla.redhat.com/show_bug.cgi?id=583075
[ 6 ] Bug #658171 - Running tcsh with '-v' option dumps contents of ~/.history
https://bugzilla.redhat.com/show_bug.cgi?id=658171
[ 7 ] Bug #436901 - It should not be allowed if environment variable begins with a digit
https://bugzilla.redhat.com/show_bug.cgi?id=436901
--------------------------------------------------------------------------------
================================================================================
util-linux-ng-2.18-4.8.fc14 (FEDORA-2011-0854)
A collection of basic system utilities
--------------------------------------------------------------------------------
Update Information:
util-linux-ng update with fixes for mount/umount required by the fuse fix for CVE-2010-3879 (properly working --no-canonicalize and --fake options).
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 27 2011 Karel Zak <kzak@xxxxxxxxxx> 2.18-4.8
- fix #651183, CVE-2010-3879, fix --no-canonicalize, necessary for fuse
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #673254 - CVE-2010-3879 fuse: unprivileged user can unmount arbitrary locations via symlink attack [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=673254
--------------------------------------------------------------------------------
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
