Fedora 13 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The following Fedora 13 Security updates need testing:

    https://admin.fedoraproject.org/updates/nbd-2.9.20-1.fc13
    https://admin.fedoraproject.org/updates/dbus-1.2.24-2.fc13
    https://admin.fedoraproject.org/updates/subversion-1.6.15-1.fc13
    https://admin.fedoraproject.org/updates/kernel-2.6.34.8-67.fc13
    https://admin.fedoraproject.org/updates/openoffice.org-3.2.0-12.35.fc13
    https://admin.fedoraproject.org/updates/dhcp-4.1.2-2.ESV.R1.fc13
    https://admin.fedoraproject.org/updates/patch-2.6.1-7.fc13
    https://admin.fedoraproject.org/updates/krb5-1.7.1-17.fc13
    https://admin.fedoraproject.org/updates/webkitgtk-1.2.7-1.fc13
    https://admin.fedoraproject.org/updates/feh-1.10.1-1.fc13
    https://admin.fedoraproject.org/updates/mod_auth_mysql-3.0.0-12.fc13
    https://admin.fedoraproject.org/updates/tor-0.2.1.29-1300.fc13


The following Fedora 13 Critical Path updates have yet to be approved:

    https://admin.fedoraproject.org/updates/tzdata-2011b-1.fc13
    https://admin.fedoraproject.org/updates/patch-2.6.1-7.fc13
    https://admin.fedoraproject.org/updates/kernel-2.6.34.8-67.fc13
    https://admin.fedoraproject.org/updates/system-config-users-1.2.107-1.fc13
    https://admin.fedoraproject.org/updates/python-ethtool-0.6-1.fc13
    https://admin.fedoraproject.org/updates/livecd-tools-13.1-1.fc13
    https://admin.fedoraproject.org/updates/libical-0.46-2.fc13
    https://admin.fedoraproject.org/updates/pm-utils-1.2.6.1-4.fc13
    https://admin.fedoraproject.org/updates/mash-0.5.20-1.fc13
    https://admin.fedoraproject.org/updates/nss-3.12.7-4.fc13,nss-util-3.12.7-2.fc13,nss-softokn-3.12.7-3.fc13,nspr-4.8.6-1.fc13
    https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-7.fc13


The following builds have been pushed to Fedora 13 updates-testing

    boinc-client-6.10.58-3.r22930svn.fc13
    e2tools-0.0.16-17.fc13
    krb5-1.7.1-17.fc13
    mupdf-0.7-7.fc13
    python-BeautifulSoup-3.2.0-1.fc13
    skf-1.97.4-1.fc13
    system-config-printer-1.2.7-1.fc13
    tzdata-2011b-1.fc13
    webkitgtk-1.2.7-1.fc13

Details about builds:


================================================================================
 boinc-client-6.10.58-3.r22930svn.fc13 (FEDORA-2011-1208)
 The BOINC client core
--------------------------------------------------------------------------------
Update Information:

-Fix BZ#620585
-Update to bugfix release 5.10.58, see http://boinc.berkeley.edu/trac/wiki/VersionHistory
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb  9 2011 MiloÅ JakubÃÄek <xjakub@xxxxxxxxxx> - 6.10.58-3.r22930svn
- Add boinc-gui-rpc-port.patch, fixing BZ#620585
* Thu Jan 20 2011 MiloÅ JakubÃÄek <xjakub@xxxxxxxxxx> - 6.10.58-1.r22930svn
- Rebase the 6.10 branch to 6.10.58
- Fix rpmlint complaining:
- E: executable-marked-as-config-file /etc/sysconfig/boinc-client
- E: script-without-shebang /etc/sysconfig/boinc-client
* Wed Jul 14 2010 Dan HorÃk <dan@xxxxxxxx> - 6.10.45-2.r21128svn
- rebuilt against wxGTK-2.8.11-2
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #620585 - [abrt] crash in boinc-client-6.10.45-1.r21128svn.fc13: ____strtol_l_internal: Process /usr/bin/boinc_client was killed by signal 11 (SIGSEGV)
        https://bugzilla.redhat.com/show_bug.cgi?id=620585
--------------------------------------------------------------------------------


================================================================================
 e2tools-0.0.16-17.fc13 (FEDORA-2011-1220)
 Manipulate files in unmounted ext2/ext3 filesystems
--------------------------------------------------------------------------------
Update Information:

Fix broken patch (broken by CVS keyword substitution), and make sure this package actually builds.

Should have no user visible changes.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb  9 2011 Hans Ulrich Niedermann <hun@xxxxxxxxxxxxxxxx> - 0.0.16-17
- Remove unused code parts triggering new gcc warning in f15
* Wed Feb  9 2011 Hans Ulrich Niedermann <hun@xxxxxxxxxxxxxxxx> - 0.0.16-16
- Fix CVS keyword substitution breaking our patch file
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.0.16-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 krb5-1.7.1-17.fc13 (FEDORA-2011-1210)
 The Kerberos network authentication system
--------------------------------------------------------------------------------
Update Information:

This update incorporates fixes from upstream advisories MITKRB5-SA-2011-001 (standalone kpropd exits if a per-client child exits with an error) and MITKRB5-SA-2011-002 (uninitialized pointer crash in the KDC, hang or crash in the KDC with the LDAP backend).
--------------------------------------------------------------------------------
ChangeLog:

* Tue Feb  8 2011 Nalin Dahyabhai <nalin@xxxxxxxxxx> 1.7.1-17
- add upstream patches to fix standalone kpropd exiting if the per-client
  child process exits with an error (MITKRB5-SA-2011-001), and a hang or
  crash in the KDC when using the LDAP kdb backend (MITKRB5-SA-2011-002)
  (CVE-2010-4022, #664009, CVE-2011-0281, #668719, CVE-2011-0282, #668726)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #664009 - CVE-2010-4022 krb5: kpropd unexpected termination on invalid input (MITKRB5-SA-2011-001)
        https://bugzilla.redhat.com/show_bug.cgi?id=664009
  [ 2 ] Bug #668719 - CVE-2011-0281 krb5: KDC hang when using LDAP backend caused by special principal name (MITKRB5-SA-2011-002)
        https://bugzilla.redhat.com/show_bug.cgi?id=668719
  [ 3 ] Bug #668726 - CVE-2011-0282 krb5: KDC crash when using LDAP backend caused by a special principal name (MITKRB5-SA-2011-002)
        https://bugzilla.redhat.com/show_bug.cgi?id=668726
--------------------------------------------------------------------------------


================================================================================
 mupdf-0.7-7.fc13 (FEDORA-2011-1212)
 A lightweight PDF viewer and toolkit
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #669311 - Review Request: mupdf -  A lightweight PDF viewer and toolkit written in portable C
        https://bugzilla.redhat.com/show_bug.cgi?id=669311
--------------------------------------------------------------------------------


================================================================================
 python-BeautifulSoup-3.2.0-1.fc13 (FEDORA-2011-1209)
 HTML/XML parser for quick-turnaround applications like screen-scraping
--------------------------------------------------------------------------------
Update Information:

Update to latest upstream release BeautifulSoup 3.2.0.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Feb  8 2011 Terje Rosten <terje.rosten@xxxxxxx> - 1:3.2.0-1
- 3.2.0
* Wed Jul 21 2010 David Malcolm <dmalcolm@xxxxxxxxxx> - 1:3.0.8.1-2
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
--------------------------------------------------------------------------------


================================================================================
 skf-1.97.4-1.fc13 (FEDORA-2011-1219)
 Utility binary files in Simple Kanji Filter
--------------------------------------------------------------------------------
Update Information:

New version 1.97.4 is released.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb  9 2011 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxxxx> - 1.97.4-1
- 1.97.4
--------------------------------------------------------------------------------


================================================================================
 system-config-printer-1.2.7-1.fc13 (FEDORA-2010-19111)
 A printer administration tool
--------------------------------------------------------------------------------
Update Information:

New upstream release that fixes several bugs.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb  9 2011 Jiri Popelka <jpopelka@xxxxxxxxxx> 1.2.7-1
- 1.2.7:
  - Handle failure to connect in PrinterURIIndex (bug #668568).
  - Fixed bugs in gtk_label_autowrap.py (bug #637829).
  - Improvements for DNS-SD support from Till Kamppeter
* Fri Jan 21 2011 Jiri Popelka <jpopelka@xxxxxxxxxx> 1.2.6-3
- Fixed driver selection when there are duplicate PPDs available. (#667571)
- Grabbing focus for editing breaks it (bug #650995).
* Tue Jan 18 2011 Jiri Popelka <jpopelka@xxxxxxxxxx> 1.2.6-2
- Allow %, ( and ) characters in dnssd URI (bug #669820).
* Mon Jan 17 2011 Jiri Popelka <jpopelka@xxxxxxxxxx> 1.2.6-1
- 1.2.6:
  - Remove reference to current printer on exit (bug #556548).
  - Handle cups.Connection() failure in PrinterURIIndexr (bug #648014).
  - Block unwanted characters when editing queue name (bug #658550).
  - Initialise D-Bus threading in timedops module (bug #662047).
  - many other fixes
* Mon Dec 20 2010 Jiri Popelka <jpopelka@xxxxxxxxxx> 1.2.5-8
- Updated pycups to 1.9.53 (bug #662805).
* Thu Dec  2 2010 Tim Waugh <twaugh@xxxxxxxxxx> - 1.2.5-7
- Grab focus on the IconView after setting it editable (bug #650995).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #637829 - Display artifacts in PPD change confirmation dialog
        https://bugzilla.redhat.com/show_bug.cgi?id=637829
  [ 2 ] Bug #650995 - [Compiz] Unable to rename printer
        https://bugzilla.redhat.com/show_bug.cgi?id=650995
  [ 3 ] Bug #648014 - [abrt] system-config-printer-1.2.4-1.fc13: jobviewer.py:125:_map_printer:RuntimeError: failed to connect to server
        https://bugzilla.redhat.com/show_bug.cgi?id=648014
  [ 4 ] Bug #658550 - Spaces in printer name get removed
        https://bugzilla.redhat.com/show_bug.cgi?id=658550
  [ 5 ] Bug #662047 - troubleshooter uses D-Bus from two threads
        https://bugzilla.redhat.com/show_bug.cgi?id=662047
  [ 6 ] Bug #662805 - [abrt] system-config-printer-1.2.5-6.fc14: PyObject_Call: Process /usr/bin/python was killed by signal 11 (SIGSEGV)
        https://bugzilla.redhat.com/show_bug.cgi?id=662805
  [ 7 ] Bug #667571 - Did something change my CUPS driver from Postscript to pxlmono?
        https://bugzilla.redhat.com/show_bug.cgi?id=667571
  [ 8 ] Bug #668127 - [abrt] system-config-printer-1.2.5-8.fc14: system-config-printer.py:5634:entry_changed:UnicodeDecodeError: 'utf8' codec can't decode byte 0xaa in position 52: invalid start byte
        https://bugzilla.redhat.com/show_bug.cgi?id=668127
  [ 9 ] Bug #668568 - [abrt] system-config-printer-1.2.95-4.fc15: jobviewer.py:71:__init__:RuntimeError: failed to connect to server
        https://bugzilla.redhat.com/show_bug.cgi?id=668568
  [ 10 ] Bug #669820 - dnssd unable to resolve URI for HP network printer
        https://bugzilla.redhat.com/show_bug.cgi?id=669820
--------------------------------------------------------------------------------


================================================================================
 tzdata-2011b-1.fc13 (FEDORA-2011-1222)
 Timezone data
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb  9 2011 Petr Machata <pmachata@xxxxxxxxxx> - 2011b-1
- Upstream 2011b:
  - America/North_Dakota/Beulah: Mercer County, North Dakota, changed
    from the mountain time zone to the central time zone
* Mon Jan 24 2011 Petr Machata <pmachata@xxxxxxxxxx> - 2011a-1
- Upstream 2011a:
  - Updates of historical stamps for Hawaii
--------------------------------------------------------------------------------


================================================================================
 webkitgtk-1.2.7-1.fc13 (FEDORA-2011-1224)
 GTK+ Web content engine library
--------------------------------------------------------------------------------
Update Information:

* Fixes the following CVEs: CVE-2010-4492 CVE-2010-4493 CVE-2011-0482 CVE-2010-4199 CVE-2010-4578 CVE-2010-4040 CVE-2011-0778 CVE-2010-2901 CVE-2010-4042

* Fixes a regression caused by earlier fix for CVE-2010-1791. This caused webkitgtk to crash on certain sites with javascript.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb  9 2011 Huzaifa Sidhpurwala <huzaifas@xxxxxxxxxx> - 1.2.7
- Update to 1.2.7
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #676201 - CVE-2010-4492 WebKit: Use-after-free vulnerability in SVG animations
        https://bugzilla.redhat.com/show_bug.cgi?id=676201
  [ 2 ] Bug #676202 - CVE-2010-4493 WebKit: Use-after-free vulnerability related to handling of mouse dragging events.
        https://bugzilla.redhat.com/show_bug.cgi?id=676202
  [ 3 ] Bug #676203 - CVE-2011-0482 WebKit: Bad cast during handling of anchors causes crash via crafted HTML documents
        https://bugzilla.redhat.com/show_bug.cgi?id=676203
  [ 4 ] Bug #656122 - CVE-2010-4199 WebKit: Improper cast of an unspecified variable during processing of an SVG use element
        https://bugzilla.redhat.com/show_bug.cgi?id=656122
  [ 5 ] Bug #676207 - CVE-2010-4578 WebKit: Stale SVG pointer in Cursors DOM
        https://bugzilla.redhat.com/show_bug.cgi?id=676207
  [ 6 ] Bug #657101 - CVE-2010-4040 WebKit: crafted animated GIF image could cause DoS (memory corruption)
        https://bugzilla.redhat.com/show_bug.cgi?id=657101
  [ 7 ] Bug #676209 - CVE-2011-0778 WebKit: restrict cross-origin drag+drop in WebKit
        https://bugzilla.redhat.com/show_bug.cgi?id=676209
  [ 8 ] Bug #676210 - CVE-2010-2901 WebKit: Memory corruption with crash in RenderObject::containingBlock()
        https://bugzilla.redhat.com/show_bug.cgi?id=676210
  [ 9 ] Bug #676212 - CVE-2010-4042 WebKit: Stale elements in an element map causes webkit to crash
        https://bugzilla.redhat.com/show_bug.cgi?id=676212
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe: 
https://admin.fedoraproject.org/mailman/listinfo/test
[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux