The following Fedora 13 Security updates need testing:
https://admin.fedoraproject.org/updates/abcm2ps-5.9.21-1.fc13
https://admin.fedoraproject.org/updates/dbus-1.2.24-2.fc13
https://admin.fedoraproject.org/updates/subversion-1.6.15-1.fc13
https://admin.fedoraproject.org/updates/ruby-1.8.6.420-2.fc13
https://admin.fedoraproject.org/updates/telepathy-gabble-0.10.5-1.fc13,telepathy-glib-0.11.16-2.fc13
https://admin.fedoraproject.org/updates/dhcp-4.1.2-2.ESV.R1.fc13
https://admin.fedoraproject.org/updates/q-7.11-8.fc13
https://admin.fedoraproject.org/updates/feh-1.10.1-1.fc13
https://admin.fedoraproject.org/updates/openssl-1.0.0d-1.fc13
https://admin.fedoraproject.org/updates/patch-2.6.1-8.fc13
https://admin.fedoraproject.org/updates/asterisk-1.6.2.16.2-1.fc13
https://admin.fedoraproject.org/updates/moodle-1.9.11-1.fc13
https://admin.fedoraproject.org/updates/phpMyAdmin-3.3.9.2-1.fc13
https://admin.fedoraproject.org/updates/mailman-2.1.12-17.fc13
https://admin.fedoraproject.org/updates/389-ds-base-1.2.8-0.3.a3.fc13
https://admin.fedoraproject.org/updates/389-admin-1.1.15-1.fc13
https://admin.fedoraproject.org/updates/TeXmacs-1.0.7.9-2.fc13
https://admin.fedoraproject.org/updates/rubygem-actionpack-2.3.5-4.fc13
https://admin.fedoraproject.org/updates/tor-0.2.1.29-1300.fc13
https://admin.fedoraproject.org/updates/kernel-2.6.34.8-68.fc13
The following Fedora 13 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/kernel-2.6.34.8-68.fc13
https://admin.fedoraproject.org/updates/NetworkManager-0.8.3.995-1.fc13
https://admin.fedoraproject.org/updates/livecd-tools-13.2-1.fc13
https://admin.fedoraproject.org/updates/lua-5.1.4-7.fc13
https://admin.fedoraproject.org/updates/librsvg2-2.26.3-3.fc13
https://admin.fedoraproject.org/updates/mobile-broadband-provider-info-1.20110218-1.fc13
https://admin.fedoraproject.org/updates/less-436-9.fc13
https://admin.fedoraproject.org/updates/dosfstools-3.0.9-4.fc13
https://admin.fedoraproject.org/updates/openssl-1.0.0d-1.fc13
https://admin.fedoraproject.org/updates/patch-2.6.1-8.fc13
https://admin.fedoraproject.org/updates/file-5.04-7.fc13
https://admin.fedoraproject.org/updates/tzdata-2011b-1.fc13
https://admin.fedoraproject.org/updates/system-config-users-1.2.107-1.fc13
https://admin.fedoraproject.org/updates/python-ethtool-0.6-1.fc13
https://admin.fedoraproject.org/updates/libical-0.46-2.fc13
https://admin.fedoraproject.org/updates/pm-utils-1.2.6.1-4.fc13
https://admin.fedoraproject.org/updates/mash-0.5.20-1.fc13
https://admin.fedoraproject.org/updates/nss-3.12.7-4.fc13,nss-util-3.12.7-2.fc13,nss-softokn-3.12.7-3.fc13,nspr-4.8.6-1.fc13
https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-7.fc13
The following builds have been pushed to Fedora 13 updates-testing
389-admin-1.1.15-1.fc13
389-ds-base-1.2.8-0.3.a3.fc13
389-ds-console-1.2.4-1.fc13
NetworkManager-0.8.3.995-1.fc13
TeXmacs-1.0.7.9-2.fc13
cmake-fedora-0.4.999-1.fc13
ejabberd-2.1.6-4.fc13
idm-console-framework-1.1.6-1.fc13
kernel-2.6.34.8-68.fc13
pam_yubico-2.4-1.fc13
perl-IO-Multiplex-1.12-1.fc13
root-5.28.00a-1.fc13
rubygem-actionpack-2.3.5-4.fc13
xneur-0.12.0-3.svn859.fc13
Details about builds:
================================================================================
389-admin-1.1.15-1.fc13 (FEDORA-2011-2145)
389 Administration Server (admin)
--------------------------------------------------------------------------------
Update Information:
1.1.15 release - git tag 389-admin-1.1.15
see Bugs for the list of bugs fixed
start-ds-admin.in -- replaced "return 1" with "exit 1"
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 23 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.15-1
- 1.1.15 release - git tag 389-admin-1.1.15
- Bug 493424 - remove unneeded modules for admin server apache config
- Bug 618897 - Wrong permissions when creating instance from Console
- Bug 672468 - Don't use empty path elements in LD_LIBRARY_PATH
- Bug 245278 - Changing to a password with a single quote does not work
- Bug 604881 - admin server log files have incorrect permissions/ownerships
- Bug 387981 - plain files can be chosen on the Restore Directory dialog
- Bug 668950 - Add posix group support to Console
- Bug 618858 - move start-ds-admin env file into main admin server config path
- Bug 616260 - libds-admin-serv linking fails due to unresolved link-time depe
ndencies
- start-ds-admin.in -- replaced "return 1" with "exit 1"
- Bug 151705 - Need to update Console Cipher Preferences with new ciphers
- Bug 470576 - Migration could do addition checks before commiting actions
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #672468 - CVE-2011-0532 Directory Server: use of insecure LD_LIBRARY_PATH settings
https://bugzilla.redhat.com/show_bug.cgi?id=672468
--------------------------------------------------------------------------------
================================================================================
389-ds-base-1.2.8-0.3.a3.fc13 (FEDORA-2011-2139)
389 Directory Server (base)
--------------------------------------------------------------------------------
Update Information:
1.2.8.a3 release - git tag 389-ds-base-1.2.8.a3
see bugs for a list of bugs fixed
This is the 1.2.8 alpha 2 release - many bug fixes
389-ds-base 1.2.8 alpha 1
contains many bug fixes
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 9 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.8-0.3.a3
- 1.2.8.a3 release - git tag 389-ds-base-1.2.8.a3
- Bug 675320 - empty modify operation with repl on or lastmod off will crash server
- Bug 675265 - preventryusn gets added to entries on a failed delete
- Bug 677774 - added support for tmpfiles.d
- Bug 666076 - dirsrv crash (1.2.7.5) with multiple simple paged result search
es
- Bug 672468 - Don't use empty path elements in LD_LIBRARY_PATH
- Bug 671199 - Don't allow other to write to rundir
- Bug 678646 - Ignore tombstone operations in managed entry plug-in
- Bug 676053 - export task followed by import task causes cache assertion
- Bug 677440 - clean up compiler warnings in 389-ds-base 1.2.8
- Bug 675113 - ns-slapd core dump in windows_tot_run if oneway sync is used
- Bug 676689 - crash while adding a new user to be synced to windows
- Bug 604881 - admin server log files have incorrect permissions/ownerships
- Bug 668385 - DS pipe log script is executed as many times as the dirsrv serv
ice is restarted
- Bug 675853 - dirsrv crash segfault in need_new_pw()
* Thu Feb 3 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.8-0.2.a2
- 1.2.8.a2 release - git tag 389-ds-base-1.2.8.a2
- Bug 674430 - Improve error messages for attribute uniqueness
- Bug 616213 - insufficient stack size for HP-UX on PA-RISC
- Bug 615052 - intrinsics and 64-bit atomics code fails to compile
- on PA-RISC
- Bug 151705 - Need to update Console Cipher Preferences with new ciphers
- Bug 668862 - init scripts return wrong error code
- Bug 670616 - Allow SSF to be set for local (ldapi) connections
- Bug 667935 - DS pipe log script's logregex.py plugin is not redirecting the
- log output to the text file
- Bug 668619 - slapd stops responding
- Bug 624547 - attrcrypt should query the given slot/token for
- supported ciphers
- Bug 646381 - Faulty password for nsmultiplexorcredentials does not give any
- error message in logs
* Fri Jan 21 2011 Nathan Kinder <nkinder@xxxxxxxxxx> - 1.2.8-0.1.a1
- 1.2.8-0.1.a1 release - git tag 389-ds-base-1.2.8.a1
- many bug fixes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #672468 - CVE-2011-0532 Directory Server: use of insecure LD_LIBRARY_PATH settings
https://bugzilla.redhat.com/show_bug.cgi?id=672468
[ 2 ] Bug #671199 - CVE-2011-0022 Directory Server: insecure pid file directory permissions
https://bugzilla.redhat.com/show_bug.cgi?id=671199
--------------------------------------------------------------------------------
================================================================================
389-ds-console-1.2.4-1.fc13 (FEDORA-2011-2142)
389 Directory Server Management Console
--------------------------------------------------------------------------------
Update Information:
the 1.2.4 release - git tag 389-ds-console-1.2.4 - see Bugs for a list of bugs fixed
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 23 2011 Rich Megginson <rmeggins@xxxxxxxxxx> 1.2.4-1
- the 1.2.4 release - git tag 389-ds-console-1.2.4
- Bug 450016 - RFE- Console display values in KB/MB/GB
- Bug 387981 - plain files can be chosen on the Restore Directory dialog
- Bug 661116 - 389-console Configuration tab admin permissions (nsslapd-referral ?) and folder not expending immediatly
- Bug 151705 - Need to update Console Cipher Preferences with new ciphers
- Bug 553066 - Directory Console: do not display "subtree" index type
- Bug 599732 - Root node in directory browser shows DN syntax error
--------------------------------------------------------------------------------
================================================================================
NetworkManager-0.8.3.995-1.fc13 (FEDORA-2011-2130)
Network connection manager and user applications
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 24 2011 Dan Williams <dcbw@xxxxxxxxxx> - 0.8.3.995-1
- Update to 0.8.3.995 (0.8.4-beta1)
- core: send hostname to DHCP server by default (rh #488975)
- core: fix updating resolv.conf (rh #672282)
- core: ensure devices are cleaned up when removed
- core: handle reverse DNS in local caching nameserver configurations
- core: IPv6 addressing, routing, and compliance fixes
- core: stop touching /etc/hosts (rh #648725)
- core: fix shutdown crashes (rh #676316)
- core: suppress messages about missing user settings service (rh #655322)
- core: seamless support for RFC3442 classless static routes (rh #639935)
- wifi: fix validity checks for Ad-Hoc APs (rh #632123)
- modem: fixes for T-Mobile Rocket 2.0 modems
- keyfile: ignore MAC address case for unmanaged-devices (rh #654714)
- ifcfg-rh: fix crash when writing connections with missing IPv4 settings (rh #655002)
- ifcfg-rh: allow missing or 0.0.0.0 GATEWAYx keys (rh #647992)
- ifcfg-rh: respect GATEWAYDEV for ibft/iSCSI configurations (rh #665027)
- ifcfg-rh: read/write IPv6 gateway correctly (rh #604334, rh #666078)
- ifcfg-rh: fix missing connections when an unmanaged interface is present
- applet: fix crashes related to missing icons (rh #657352)
- applet: show IPv6 details in Connection Information dialog (rh #591929)
* Wed Nov 3 2010 Dan Williams <dcbw@xxxxxxxxxx> - 0.8.2-1
- Update to 0.8.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #488975 - Send a hostname to DHCP server by default
https://bugzilla.redhat.com/show_bug.cgi?id=488975
[ 2 ] Bug #672282 - /etc/resolv.conf is not updated with nameserver during ipv6-only static network configuration in anaconda
https://bugzilla.redhat.com/show_bug.cgi?id=672282
[ 3 ] Bug #648725 - NetworkManager adds hostname to /etc/hosts pointing to localhost
https://bugzilla.redhat.com/show_bug.cgi?id=648725
[ 4 ] Bug #676316 - NM crashes on every shutdown: dbus_g_proxy_new_for_name: assertion `connection != NULL' failed
https://bugzilla.redhat.com/show_bug.cgi?id=676316
[ 5 ] Bug #655322 - NetworkManager[1135]: <error> [1290255985.317100] [nm-manager.c:1368] user_proxy_init(): could not init user settings proxy: (3) Could not get owner of name 'org.freedesktop.NetworkManagerUserSettings': no such name
https://bugzilla.redhat.com/show_bug.cgi?id=655322
[ 6 ] Bug #639935 - RFC3442 (The Classless Static Route Option) support in dhclient
https://bugzilla.redhat.com/show_bug.cgi?id=639935
[ 7 ] Bug #632123 - [abrt] NetworkManager-gnome-1:0.8.1-6.git20100831.fc14: IA__gtk_tree_model_get_valist: Process /usr/bin/nm-applet was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=632123
[ 8 ] Bug #654714 - Can't get NM to ignore any interfaces
https://bugzilla.redhat.com/show_bug.cgi?id=654714
[ 9 ] Bug #655002 - Crash in NetworkManager trying to create invalid connection
https://bugzilla.redhat.com/show_bug.cgi?id=655002
[ 10 ] Bug #647992 - NetworkManager brings eth0 down until I login to X
https://bugzilla.redhat.com/show_bug.cgi?id=647992
[ 11 ] Bug #665027 - ifcfg-rh: honor DEFROUTE setting in BOOTPROTO="ibft" case too
https://bugzilla.redhat.com/show_bug.cgi?id=665027
[ 12 ] Bug #604334 - Network Manager IPV6 Gateway cannot be set/used in Manual mode
https://bugzilla.redhat.com/show_bug.cgi?id=604334
[ 13 ] Bug #657352 - [abrt] NetworkManager-gnome-1:0.8.1-10.git20100831.fc14: nma_icons_reload: Process /usr/bin/nm-applet was killed by signal 6 (SIGABRT)
https://bugzilla.redhat.com/show_bug.cgi?id=657352
[ 14 ] Bug #591929 - [enh] display IPv6 information in the connection information GUI box
https://bugzilla.redhat.com/show_bug.cgi?id=591929
--------------------------------------------------------------------------------
================================================================================
TeXmacs-1.0.7.9-2.fc13 (FEDORA-2011-2146)
Structured WYSIWYG scientific text editor
--------------------------------------------------------------------------------
Update Information:
fix CVE-2010-3394 (#638428)
package fonts according to fedora font packaging guidelines (#477464)
update to 1.0.7.9 (#593625)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 23 2011 Jindrich Novy <jnovy@xxxxxxxxxx> - 1.0.7.9-2
- update to 1.0.7.9
- fix CVE-2010-3394 (#638428)
- first attempt to package fonts according to fedora font
packaging guidelines (#477464)
- fix Requires
- fix build -> broken util.h usage
- fix desktop categories
- remove BuildRoot
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #638428 - CVE-2010-3394 TeXmacs: insecure library loading vulnerability [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=638428
[ 2 ] Bug #477464 - [TeXmacs] Please convert to new font packaging guidelines
https://bugzilla.redhat.com/show_bug.cgi?id=477464
[ 3 ] Bug #593625 - TeXmacs-1.0.7.9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=593625
--------------------------------------------------------------------------------
================================================================================
cmake-fedora-0.4.999-1.fc13 (FEDORA-2011-2152)
CMake helper modules for fedora developers
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 24 2011 Ding-Yi Chen <dchen at redhat.com> - 0.4.999-1
- Macro: RELEASE_ON_FEDORA added.
- Target: release_on_fedora added.
- Now has more informative error message, when cmake-fedora is not installed.
- Fixed UseUninstall
- Fixed Bug 670079 - [cmake-fedora] target "release"
will not stop when koji build failed
- Fixed Bug 671063 - [cmake-fedora] target "rpmlint"
should not depend on "koji_scratch_build"
- Protocol for hosting server should now be specified as "[Hosting]_PROTOCOL".
- Refactoring ManageMaintainerTargets.
- fedpkg and koji build for every tags are revealed.
- Now set rawhide as f16, release dists are f15,f14,f13.
- rpm build process is now refined, no unnecessary build.
- Renamed target push_svc_tag to push_post_build.
- Renamed module UseFedpkg to ManageReleaseOnFedora
* Mon Feb 14 2011 Ding-Yi Chen <dchen at redhat.com> - 0.4.8-1
- Now has more informative error message, when cmake-fedora is not installed.
- Fixed UseUninstall
- Fixed Bug 670079 - [cmake-fedora] target "release"
will not stop when koji build failed
- Fixed Bug 671063 - [cmake-fedora] target "rpmlint"
should not depend on "koji_scratch_build"
- Protocol for hosting server should now be specified as "[Hosting]_PROTOCOL".
- Refactoring ManageMaintainerTargets.
- fedpkg and koji build for every branches are revealed.
* Mon Feb 14 2011 Ding-Yi Chen <dchen at redhat.com> - 0.4.7-1
- Now has more informative error message, when cmake-fedora is not installed.
- Fixed UseUninstall
- Fixed Bug 670079 - [cmake-fedora] target "release"
will not stop when koji build failed
- Fixed Bug 671063 - [cmake-fedora] target "rpmlint"
should not depend on "koji_scratch_build"
- Protocol for hosting server should now be specified as "[Hosting]_PROTOCOL".
- Refactoring ManageMaintainerTargets.
- fedpkg and koji build for every branches are revealed.
* Mon Feb 14 2011 Ding-Yi Chen <dchen at redhat.com> - 0.4.6-1
- Now has more informative error message, when cmake-fedora is not installed.
- Fixed UseUninstall
- Fixed Bug 670079 - [cmake-fedora] target "release"
will not stop when koji build failed
- Fixed Bug 671063 - [cmake-fedora] target "rpmlint"
should not depend on "koji_scratch_build"
- Protocol for hosting server should now be specified as "[Hosting]_PROTOCOL".
- Refactoring ManageMaintainerTargets.
- fedpkg and koji build for every branches are revealed.
* Mon Feb 14 2011 Ding-Yi Chen <dchen at redhat.com> - 0.4.4-1
- Now has more informative error message, when cmake-fedora is not installed.
- Fixed UseUninstall
- Fixed Bug 670079 - [cmake-fedora] target "release"
will not stop when koji build failed
- Fixed Bug 671063 - [cmake-fedora] target "rpmlint"
should not depend on "koji_scratch_build"
- Protocol for hosting server should now be specified as "[Hosting]_PROTOCOL".
- Refactoring ManageMaintainerTargets.
- fedpkg and koji build for every branches are revealed.
* Mon Feb 14 2011 Ding-Yi Chen <dchen at redhat.com> - 0.4.3-1
- Now has more informative error message, when cmake-fedora is not installed.
- Fixed UseUninstall
- Fixed Bug 670079 - [cmake-fedora] target "release"
will not stop when koji build failed
- Fixed Bug 671063 - [cmake-fedora] target "rpmlint"
should not depend on "koji_scratch_build"
- Protocol for hosting server should now be specified as "[Hosting]_PROTOCOL".
- Refactoring ManageMaintainerTargets.
- fedpkg and koji build for every branches are revealed.
* Thu Feb 10 2011 Ding-Yi Chen <dchen at redhat.com> - 0.4.1-1
- Now has more informative error message, when cmake-fedora is not installed.
- Fixed UseUninstall
- Fixed Bug 670079 - [cmake-fedora] target "release"
will not stop when koji build failed
- Fixed Bug 671063 - [cmake-fedora] target "rpmlint"
should not depend on "koji_scratch_build"
- Protocol for hosting server should now be specified as "[Hosting]_PROTOCOL".
- Refactoring ManageMaintainerTargets.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #670079 - [cmake-fedora] target "release" will not stop when koji build failed
https://bugzilla.redhat.com/show_bug.cgi?id=670079
[ 2 ] Bug #671063 - [cmake-fedora] target "rpmlint" should not depend on "koji_scratch_build"
https://bugzilla.redhat.com/show_bug.cgi?id=671063
--------------------------------------------------------------------------------
================================================================================
ejabberd-2.1.6-4.fc13 (FEDORA-2011-2150)
A distributed, fault-tolerant Jabber/XMPP server
--------------------------------------------------------------------------------
Update Information:
- Updated @online@ patch
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 24 2011 Peter Lemenkov <lemenkov@xxxxxxxxx> - 2.1.6-4
- Updated @online@ patch
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.1.6-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
idm-console-framework-1.1.6-1.fc13 (FEDORA-2011-2126)
Identity Management Console Framework
--------------------------------------------------------------------------------
Update Information:
The 1.1.6 release see Bugs for a list of bugs fixed
fix fourth step of cert wizard for installing cert
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 23 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.6-1
- The 1.1.6 release
- Bug: 594939 - ACI editing dialog initial size is not big enough to display
- Bug 151705 - Need to update Console Cipher Preferences with new ciphers
- fix fourth step of cert wizard for installing cert
- Bug 668950 - Add posixGroup support to Console
- Bug 583652 - Console caches magic numbers instead of DNA-generated values
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #594939 - [Console] Enhance Feature: ACI editing dialog initial size is not big enough to display all elements
https://bugzilla.redhat.com/show_bug.cgi?id=594939
[ 2 ] Bug #151705 - Need to update Console Cipher Preferences with new ciphers
https://bugzilla.redhat.com/show_bug.cgi?id=151705
[ 3 ] Bug #668950 - add Editor Extension for posix group
https://bugzilla.redhat.com/show_bug.cgi?id=668950
[ 4 ] Bug #583652 - Console caches magic numbers instead of DNA-generated values
https://bugzilla.redhat.com/show_bug.cgi?id=583652
--------------------------------------------------------------------------------
================================================================================
kernel-2.6.34.8-68.fc13 (FEDORA-2011-2134)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
Stable update 2.6.34.8, extra bug fixes, some basic hardware backports for Intel Sandy Bridge upon request.
Update to kernel 2.6.34.8:
http://www.kernel.org/pub/linux/kernel/v2.6/longterm/v2.6.34/ChangeLog-2.6.34.8
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 14 2011 Kyle McMartin <kmcmartin@xxxxxxxxxx> 2.6.34.8-68
- Backport commits from longterm-2.6.35.y to 'fix' Intel Sandy Bridge
chipsets. (Requested by Intel folks.)
* Sat Feb 12 2011 Chuck Ebbert <cebbert@xxxxxxxxxx>
- bridge: Fix mglist corruption that leads to memory corruption (#650151)
* Wed Feb 9 2011 Matthew Garrett <mjg@xxxxxxxxxx>
- linux-2.6-acpi-fix-alias.patch: fix ACPI object aliasing (#608648)
* Sat Feb 5 2011 Chuck Ebbert <cebbert@xxxxxxxxxx>
- Linux 2.6.34.8
- Drop merged patches:
01-compat-make-compat_alloc_user_space-incorporate-the-access_ok-check.patch
02-compat-test-rax-for-the-system-call-number-not-eax.patch
03-compat-retruncate-rax-after-ia32-syscall-entry-tracing.patch
aio-check-for-multiplication-overflow-in-do_io_submit.patch
cifs-fix-dns-resolver.patch
inotify-fix-inotify-oneshot-support.patch
inotify-send-IN_UNMOUNT-events.patch
irda-correctly-clean-up-self-ias_obj-on-irda_bind-failure.patch
keys-fix-bug-in-keyctl-session-to-parent-if-parent-has-no-session-keyring.patch
keys-fix-rcu-no-lock-warning-in-keyctl-session-to-parent.patch
wireless-extensions-fix-kernel-heap-content-leak.patch
pci-msi-remove-unsafe-and-unnecessary-hardware-access.patch
pci-msi-restore-read_msi_msg_desc-add-get_cached_msi_msg_desc.patch
x86-tsc-sched-recompute-cyc2ns_offset-s-during-resume-from-sleep-states.patch
x86-tsc-fix-a-preemption-leak-in-restore_sched_clock_state.patch
execve-improve-interactivity-with-large-arguments.patch
execve-make-responsive-to-sigkill-with-large-arguments.patch
setup_arg_pages-diagnose-excessive-argument-size.patch
alsa-seq-oss-fix-double-free-at-error-path-of-snd_seq_oss_open.patch
tracing-do-not-allow-llseek-to-set_ftrace_filter.patch
sched-00-fix-user-time-incorrectly-accounted-as-system-time-on-32-bit.patch
xen-handle-events-as-edge-triggered.patch
xen-use-percpu-interrupts-for-ipis-and-virqs.patch
sctp-do-not-reset-the-packet-during-sctp_packet_config.patch
r8169-fix-dma-allocations.patch
skge-quirk-to-4gb-dma.patch
depessimize-rds_copy_page_user.patch
via-ioctl-prevent-reading-uninit-memory.patch
v4l1-fix-32-bit-compat-microcode-loading-translation.patch
kvm-fix-fs-gs-reload-oops-with-invalid-ldt.patch
alsa-prevent-heap-corruption-in-snd_ctl_new.patch
gdth-integer-overflow-in-ioctl.patch
- Drop from drm-next patch:
d831692 sis-agp: Remove SIS 760, handled by amd64-agp
- Drop hunk of quiet-prove_RCU-in-cgroups.patch, now upstream.
* Sun Jan 30 2011 Chuck Ebbert <cebbert@xxxxxxxxxx>
- Copy sunrpc oops fix from F14
* Wed Jan 26 2011 Chuck Ebbert <cebbert@xxxxxxxxxx>
- TCP networking fixes from 2.6.36.3, including one CVE
CVE-2010-4165: possible kernel oops from user MSS
- CVE-2011-0521: av7110 negative array offset
* Sat Jan 22 2011 Chuck Ebbert <cebbert@xxxxxxxxxx>
- Security updates
CVE-2010-4346: install_special_mapping skips security_file_mmap check
CVE-2010-4649: IB/uverbs: Handle large number of entries in poll CQ
CVE-2011-0006: ima: fix add LSM rule bug
CVE-2010-4648: orinoco: fix TKIP countermeasure behaviour
CVE-2010-4650: fuse: verify ioctl retries
* Tue Jan 18 2011 Kyle McMartin <kmcmartin@xxxxxxxxxx>
- sgruszka: hostap_cs: fix sleeping function called in invalid
context (#643758)
* Mon Jan 10 2011 Chuck Ebbert <cebbert@xxxxxxxxxx>
- CVE-2010-4163 CVE-2010-4668: panic when submitting 0-length I/O requests
* Sat Dec 18 2010 Kyle McMartin <kyle@xxxxxxxxxx>
- Fix SELinux issues with NFS/btrfs and/or xfsdump. (#662344)
* Fri Dec 17 2010 Neil Horman <nhorman@xxxxxxxxxx>
- Enhance AF_PACKET to allow non-contiguous buffer alloc (bz 637619)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #652508 - CVE-2010-4165 kernel: possible kernel oops from user MSS
https://bugzilla.redhat.com/show_bug.cgi?id=652508
[ 2 ] Bug #672398 - CVE-2011-0521 kernel: av7110 negative array offset
https://bugzilla.redhat.com/show_bug.cgi?id=672398
[ 3 ] Bug #662189 - CVE-2010-4346 kernel: install_special_mapping skips security_file_mmap check
https://bugzilla.redhat.com/show_bug.cgi?id=662189
[ 4 ] Bug #667916 - CVE-2010-4649 CVE-2011-1044 kernel: IB/uverbs: Handle large number of entries in poll CQ
https://bugzilla.redhat.com/show_bug.cgi?id=667916
[ 5 ] Bug #667912 - CVE-2011-0006 kernel: ima: fix add LSM rule bug
https://bugzilla.redhat.com/show_bug.cgi?id=667912
[ 6 ] Bug #667907 - CVE-2010-4648 kernel: orinoco: fix TKIP countermeasure behaviour
https://bugzilla.redhat.com/show_bug.cgi?id=667907
[ 7 ] Bug #667892 - CVE-2010-4650 kernel: fuse: verify ioctl retries
https://bugzilla.redhat.com/show_bug.cgi?id=667892
[ 8 ] Bug #652957 - CVE-2010-4163 CVE-2010-4668 kernel: panic when submitting certain 0-length I/O requests
https://bugzilla.redhat.com/show_bug.cgi?id=652957
--------------------------------------------------------------------------------
================================================================================
pam_yubico-2.4-1.fc13 (FEDORA-2011-2136)
A Pluggable Authentication Module for yubikeys
--------------------------------------------------------------------------------
Update Information:
update to 2.4
fixes crashing bug
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 18 2010 Dennis Gilmore <dennis@xxxxxxxx> - 2.4-1
- update to 2.4
- fixes crashing bug
* Fri Sep 3 2010 Dennis Gilmore <dennis@xxxxxxxx> - 2.3-1
- update to 2.3
--------------------------------------------------------------------------------
================================================================================
perl-IO-Multiplex-1.12-1.fc13 (FEDORA-2011-1957)
Manage IO on many file handles
--------------------------------------------------------------------------------
Update Information:
The IO::Multiplex perl module has a new maintainer, who has resolved most of the outstanding problems reported upstream over the last few years, including the following:
* Avoid warning while adding pipe (CPAN RT#16259, CPAN RT#60068)
* Avoid shutdown after close (CPAN RT#5885, CPAN RT#5715)
* Fix typo in documentation (CPAN RT#21085)
* Use length of outbuf, not exists to see if it is empty
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 24 2011 Paul Howarth <paul@xxxxxxxxxxxx> 1.12-1
- Update to 1.12
- Fixes for Windows (CPAN RT#66096)
* Mon Feb 21 2011 Paul Howarth <paul@xxxxxxxxxxxx> - 1.11-1
- Update to 1.11
- Avoid warning while adding pipe (CPAN RT#16259, CPAN RT#60068)
- Add EWOULDBLOCK and non-blocking mode for windows (CPAN RT#23982)
- Fix typo in documentation (CPAN RT#21085)
- Avoid shutdown after close (CPAN RT#5885, CPAN RT#5715)
- Use length of outbuf, not exists to see if it is empty
- Turn "use warnings" on
- This release by MARKOV -> update source URL
- Use %{_fixperms} rather than our own chmod incantation
- Tidy up %summary and %description
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.10-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Mon Dec 20 2010 Marcela Maslanova <mmaslano@xxxxxxxxxx> - 1.10-8
- Rebuild to fix problems with vendorarch/lib (#661697)
* Sun May 2 2010 Marcela Maslanova <mmaslano@xxxxxxxxxx> - 1.10-7
- Mass rebuild with perl 5.12.0
--------------------------------------------------------------------------------
================================================================================
root-5.28.00a-1.fc13 (FEDORA-2011-1355)
Numerical data analysis framework
--------------------------------------------------------------------------------
Update Information:
New patch release 5.28.00a. For a summary of changes from the 5.28.00 release see the release notes at:
http://root.cern.ch/drupal/content/root-version-v5-28-00-patch-release-notes
This update also fixes an issue where the last item in a TGFontTypeComboBox was almost invisible.
If you experience issues with plotting circular markers in batch mode you should update your libAfterImage package to version 1.20 or later.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 21 2011 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 5.28.00a-1
- Update to 5.28.00a
- Drop patches fixed upstream: root-afterimage.patch, root-htmldoc.patch,
root-xlibs-ppc.patch, root-cstddef.patch
- Remove the fedpkg workaround - no longer needed
* Sat Feb 12 2011 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 5.28.00-4
- Add workaround for changes in fedpkg
* Thu Feb 10 2011 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 5.28.00-3
- Add Requires on root-graf-postscript to root-gpad
- Require libAfterImage 1.20 or later to fix issues with circular markers in
batch mode
- Add python26 subpackage for EPEL 5
- Fix an issue where the last item in a TGFontTypeComboBox is almost
invisible (backported from upstream)
- Add missing cstddef includes for gcc 4.6
* Wed Feb 9 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 5.28.00-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Fri Jan 14 2011 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 5.28.00-1.1
- Fix linking of Xlibs on ppc
--------------------------------------------------------------------------------
================================================================================
rubygem-actionpack-2.3.5-4.fc13 (FEDORA-2011-2138)
Web-flow and rendering framework putting the VC in MVC
--------------------------------------------------------------------------------
Update Information:
Security fixes (CVE-2011-0446, CVE-2011-0447).
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 24 2011 VÃt Ondruch <vondruch@xxxxxxxxxx> - 1:2.3.5-4
- Fixed CVE-2011-0446
- Fixed CVE-2011-0447
- Fixed Patch2 to apply cleanly
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #677626 - CVE-2011-0446 rubygem-actionpack: Multiple XSS flaws via crafted name or email value in the mail_to_helper
https://bugzilla.redhat.com/show_bug.cgi?id=677626
[ 2 ] Bug #677631 - CVE-2011-0447 rubygem-actionpack: CSRF flaws due improper validation of HTTP headers containing X-Requested-With header
https://bugzilla.redhat.com/show_bug.cgi?id=677631
--------------------------------------------------------------------------------
================================================================================
xneur-0.12.0-3.svn859.fc13 (FEDORA-2011-2153)
X Neural Switcher
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 7 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.12.0-3.svn859
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
