The following Fedora 13 Security updates need testing: https://admin.fedoraproject.org/updates/dbus-1.2.24-2.fc13 https://admin.fedoraproject.org/updates/subversion-1.6.15-1.fc13 https://admin.fedoraproject.org/updates/logwatch-7.3.6-55.fc13 https://admin.fedoraproject.org/updates/dhcp-4.1.2-2.ESV.R1.fc13 https://admin.fedoraproject.org/updates/openssl-1.0.0d-1.fc13 https://admin.fedoraproject.org/updates/patch-2.6.1-8.fc13 https://admin.fedoraproject.org/updates/php-pear-1.9.2-1.fc13 https://admin.fedoraproject.org/updates/asterisk-1.6.2.16.2-1.fc13 https://admin.fedoraproject.org/updates/moodle-1.9.11-1.fc13 https://admin.fedoraproject.org/updates/openldap-2.4.21-12.fc13 https://admin.fedoraproject.org/updates/pywebdav-0.9.4.1-1.fc13 https://admin.fedoraproject.org/updates/mailman-2.1.12-17.fc13 https://admin.fedoraproject.org/updates/xulrunner-1.9.2.14-1.fc13,firefox-3.6.14-1.fc13,mozvoikko-1.0-18.fc13,gnome-web-photo-0.9-16.fc13,perl-Gtk2-MozEmbed-0.08-6.fc13.21,gnome-python2-extras-2.25.3-26.fc13,galeon-2.0.7-37.fc13 https://admin.fedoraproject.org/updates/389-admin-1.1.15-1.fc13 https://admin.fedoraproject.org/updates/TeXmacs-1.0.7.9-2.fc13 https://admin.fedoraproject.org/updates/rubygem-actionpack-2.3.5-4.fc13 https://admin.fedoraproject.org/updates/tor-0.2.1.29-1300.fc13 https://admin.fedoraproject.org/updates/moin-1.9.3-4.fc13 https://admin.fedoraproject.org/updates/kernel-2.6.34.8-68.fc13 https://admin.fedoraproject.org/updates/feh-1.10.1-1.fc13 The following Fedora 13 Critical Path updates have yet to be approved: https://admin.fedoraproject.org/updates/openldap-2.4.21-12.fc13 https://admin.fedoraproject.org/updates/nss-3.12.9-8.fc13,nss-softokn-3.12.9-5.fc13,nss-util-3.12.9-1.fc13,nspr-4.8.7-1.fc13 https://admin.fedoraproject.org/updates/NetworkManager-0.8.3.996-1.fc13 https://admin.fedoraproject.org/updates/kernel-2.6.34.8-68.fc13 https://admin.fedoraproject.org/updates/livecd-tools-13.2-1.fc13 https://admin.fedoraproject.org/updates/lua-5.1.4-7.fc13 https://admin.fedoraproject.org/updates/librsvg2-2.26.3-3.fc13 https://admin.fedoraproject.org/updates/mobile-broadband-provider-info-1.20110218-1.fc13 https://admin.fedoraproject.org/updates/less-436-9.fc13 https://admin.fedoraproject.org/updates/dosfstools-3.0.9-4.fc13 https://admin.fedoraproject.org/updates/openssl-1.0.0d-1.fc13 https://admin.fedoraproject.org/updates/patch-2.6.1-8.fc13 https://admin.fedoraproject.org/updates/file-5.04-7.fc13 https://admin.fedoraproject.org/updates/tzdata-2011b-1.fc13 https://admin.fedoraproject.org/updates/system-config-users-1.2.107-1.fc13 https://admin.fedoraproject.org/updates/python-ethtool-0.6-1.fc13 https://admin.fedoraproject.org/updates/libical-0.46-2.fc13 https://admin.fedoraproject.org/updates/pm-utils-1.2.6.1-4.fc13 https://admin.fedoraproject.org/updates/mash-0.5.20-1.fc13 https://admin.fedoraproject.org/updates/libfprint-0.3.0-1.fc13 https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-7.fc13 https://admin.fedoraproject.org/updates/lldpad-0.9.26-2.fc13 The following builds have been pushed to Fedora 13 updates-testing 389-ds-base-1.2.8-0.5.a3.fc13 R-2.12.2-1.fc13 UpTools-8.5.4-11.fc13 cgnslib-2.5-5.r1.fc13 dwarves-1.9-1.fc13 firefox-3.6.14-1.fc13 galeon-2.0.7-37.fc13 gnome-python2-extras-2.25.3-26.fc13 gnome-web-photo-0.9-16.fc13 mozvoikko-1.0-18.fc13 openldap-2.4.21-12.fc13 perl-Digest-JHash-0.07-1.fc13 perl-Gtk2-MozEmbed-0.08-6.fc13.21 perl-Test-CheckManifest-1.22-2.fc13 pywebdav-0.9.4.1-1.fc13 rkward-0.5.4-3.fc13 rpy-2.0.8-7.fc13 rubygem-hpricot-0.8.4-1.fc13 setroubleshoot-3.0.30-1.fc13 tweepy-1.7.1-3.fc13 tzdata-2011b-1.fc13 xulrunner-1.9.2.14-1.fc13 Details about builds: ================================================================================ 389-ds-base-1.2.8-0.5.a3.fc13 (FEDORA-2011-2439) 389 Directory Server (base) -------------------------------------------------------------------------------- Update Information: Split off 389-ds-base-libs to solve multilib issues 1.2.8.a3 release - git tag 389-ds-base-1.2.8.a3 see bugs for a list of bugs fixed This is the 1.2.8 alpha 2 release - many bug fixes 389-ds-base 1.2.8 alpha 1 contains many bug fixes -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 28 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.8-0.5.a3 - Bug 676598 - 389-ds-base multilib: file conflicts - split off libs into a separate -libs package * Thu Feb 24 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.8-0.4.a3 - do not create /var/run/dirsrv - setup will create it instead - remove the fedora-ds initscript upgrade stuff - we do not support that anymore - convert the remaining lua stuff to plain old shell script * Wed Feb 9 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.8-0.3.a3 - 1.2.8.a3 release - git tag 389-ds-base-1.2.8.a3 - Bug 675320 - empty modify operation with repl on or lastmod off will crash server - Bug 675265 - preventryusn gets added to entries on a failed delete - Bug 677774 - added support for tmpfiles.d - Bug 666076 - dirsrv crash (1.2.7.5) with multiple simple paged result search es - Bug 672468 - Don't use empty path elements in LD_LIBRARY_PATH - Bug 671199 - Don't allow other to write to rundir - Bug 678646 - Ignore tombstone operations in managed entry plug-in - Bug 676053 - export task followed by import task causes cache assertion - Bug 677440 - clean up compiler warnings in 389-ds-base 1.2.8 - Bug 675113 - ns-slapd core dump in windows_tot_run if oneway sync is used - Bug 676689 - crash while adding a new user to be synced to windows - Bug 604881 - admin server log files have incorrect permissions/ownerships - Bug 668385 - DS pipe log script is executed as many times as the dirsrv serv ice is restarted - Bug 675853 - dirsrv crash segfault in need_new_pw() * Thu Feb 3 2011 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.8-0.2.a2 - 1.2.8.a2 release - git tag 389-ds-base-1.2.8.a2 - Bug 674430 - Improve error messages for attribute uniqueness - Bug 616213 - insufficient stack size for HP-UX on PA-RISC - Bug 615052 - intrinsics and 64-bit atomics code fails to compile - on PA-RISC - Bug 151705 - Need to update Console Cipher Preferences with new ciphers - Bug 668862 - init scripts return wrong error code - Bug 670616 - Allow SSF to be set for local (ldapi) connections - Bug 667935 - DS pipe log script's logregex.py plugin is not redirecting the - log output to the text file - Bug 668619 - slapd stops responding - Bug 624547 - attrcrypt should query the given slot/token for - supported ciphers - Bug 646381 - Faulty password for nsmultiplexorcredentials does not give any - error message in logs * Fri Jan 21 2011 Nathan Kinder <nkinder@xxxxxxxxxx> - 1.2.8-0.1.a1 - 1.2.8-0.1.a1 release - git tag 389-ds-base-1.2.8.a1 - many bug fixes -------------------------------------------------------------------------------- ================================================================================ R-2.12.2-1.fc13 (FEDORA-2011-2456) A language for data analysis and graphics -------------------------------------------------------------------------------- Update Information: Update to R 2.12.2. A full list of changes in this release is here: http://cran.r-project.org/src/base/NEWS Notably, it fixes this issue: Complex arithmetic (notably z^n for complex z and integer n) gave incorrect results since R 2.10.0 on platforms without C99 complex support. This and some lesser issues in trignometric functions have been corrected. Such platforms were rare (we know of Cygwin and FreeBSD). However, because of new compiler optimizations in the way complex arguments are handled, the same code was selected on x86_64 Linux with gcc 4.5.x at the default -O2 optimization (but not at -O). In addition, rpy and rkward were rebuilt to use the new R. No other changes were made to these packages. -------------------------------------------------------------------------------- ChangeLog: * Sun Feb 27 2011 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 2.12.2-1 - update to 2.12.2 * Mon Feb 7 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.12.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ UpTools-8.5.4-11.fc13 (FEDORA-2011-2453) C++ library for HPC, networking, DB, memory, etc -------------------------------------------------------------------------------- Update Information: UpTools is an open source C++ development library that contains powerful classes to facilitate and accelerate modern application development. The following aspects are covered by the library: High performance computing (HPC), Load distribution and parallel processing, Multi-threading, Time and timers, Memory management, Text and strings, Database access, Networking, and others. -------------------------------------------------------------------------------- References: [ 1 ] Bug #673589 - Review Request: UpTools - C++ library for hpc, networking, db, memory, etc. https://bugzilla.redhat.com/show_bug.cgi?id=673589 -------------------------------------------------------------------------------- ================================================================================ cgnslib-2.5-5.r1.fc13 (FEDORA-2011-2443) Computational Fluid Dynamics General Notation System -------------------------------------------------------------------------------- Update Information: Updated to new 2.5.5 release. -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 17 2011 Shakthi Kannan <shakthimaan [AT] fedoraproject DOT org> 2.5-5.r1 - Updated to 2.5-5 release. -------------------------------------------------------------------------------- ================================================================================ dwarves-1.9-1.fc13 (FEDORA-2011-2469) Debugging Information Manipulation Tools -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 28 2011 Arnaldo Carvalho de Melo <acme@xxxxxxxxxx> - 1.9-1 - New release -------------------------------------------------------------------------------- References: [ 1 ] Bug #654471 - [abrt] dwarves-1.8-1.fc13: raise: Process /usr/bin/pahole was killed by signal 6 (SIGABRT) https://bugzilla.redhat.com/show_bug.cgi?id=654471 [ 2 ] Bug #659981 - [abrt] dwarves-1.8-1.fc13: tag__delete: Process /usr/bin/pahole was killed by signal 6 (SIGABRT) https://bugzilla.redhat.com/show_bug.cgi?id=659981 [ 3 ] Bug #564671 - FTBFS dwarves-1.8-1.fc13 https://bugzilla.redhat.com/show_bug.cgi?id=564671 -------------------------------------------------------------------------------- ================================================================================ firefox-3.6.14-1.fc13 (FEDORA-2011-2447) Mozilla Firefox Web browser -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 1 2011 Jan Horak <jhorak@xxxxxxxxxx> - 3.6.14-1 - Update to 3.6.14 -------------------------------------------------------------------------------- ================================================================================ galeon-2.0.7-37.fc13 (FEDORA-2011-2447) GNOME2 Web browser based on Mozilla -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 1 2011 Jan Horak <jhorak@xxxxxxxxxx> - 2.0.7-37 - Rebuild against newer gecko -------------------------------------------------------------------------------- ================================================================================ gnome-python2-extras-2.25.3-26.fc13 (FEDORA-2011-2447) Additional PyGNOME Python extension modules -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 1 2011 Jan Horak <jhorak@xxxxxxxxxx> - 2.25.3-26 - Rebuild against newer gecko -------------------------------------------------------------------------------- ================================================================================ gnome-web-photo-0.9-16.fc13 (FEDORA-2011-2447) HTML pages thumbnailer -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 1 2011 Jan Horak <jhorak@xxxxxxxxxx> - 0.9-16 - Rebuild against newer gecko -------------------------------------------------------------------------------- ================================================================================ mozvoikko-1.0-18.fc13 (FEDORA-2011-2447) Finnish Voikko spell-checker extension for Mozilla programs -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 1 2011 Jan Horak <jhorak@xxxxxxxxxx> - 1.0-18 - Rebuild against newer gecko -------------------------------------------------------------------------------- ================================================================================ openldap-2.4.21-12.fc13 (FEDORA-2011-2446) LDAP support libraries -------------------------------------------------------------------------------- Update Information: - initscript: slaptest with '-u' to skip database opening (#667768) - fix: verification of self issued certificates (#657984) - removed slurpd options from sysconfig/ldap -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 1 2011 Jan Vcelak <jvcelak@xxxxxxxxxx> 2.4.21-12 - fix: CVE-2011-1024 ppolicy forwarded bind failure messages cause success (#680466) - fix: CVE-2011-1025 rootpw is not verified for ndb backend (#680472) - fix: security - DoS when submitting special MODRDN request (#680975) -------------------------------------------------------------------------------- References: [ 1 ] Bug #680466 - CVE-2011-1024 openldap: forwarded bind failure messages cause success https://bugzilla.redhat.com/show_bug.cgi?id=680466 [ 2 ] Bug #680472 - CVE-2011-1025 openldap: rootpw is not verified with slapd.conf https://bugzilla.redhat.com/show_bug.cgi?id=680472 [ 3 ] Bug #680975 - CVE-2011-1081 openldap: DoS when submitting special MODRDN request https://bugzilla.redhat.com/show_bug.cgi?id=680975 -------------------------------------------------------------------------------- ================================================================================ perl-Digest-JHash-0.07-1.fc13 (FEDORA-2011-2468) Perl extension for 32 bit Jenkins Hashing Algorithm -------------------------------------------------------------------------------- ================================================================================ perl-Gtk2-MozEmbed-0.08-6.fc13.21 (FEDORA-2011-2447) Interface to the Mozilla embedding widget -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 1 2011 Jan Horak <jhorak@xxxxxxxxxx> - 0.08-6.21 - Rebuild against newer gecko -------------------------------------------------------------------------------- ================================================================================ perl-Test-CheckManifest-1.22-2.fc13 (FEDORA-2011-2440) Check if your Manifest matches your distro -------------------------------------------------------------------------------- ================================================================================ pywebdav-0.9.4.1-1.fc13 (FEDORA-2011-2470) WebDAV library -------------------------------------------------------------------------------- Update Information: The server affected by the CVE is distributed only as documentation, not as a directly runnable component. -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 1 2011 Dan HorÃk <dan[at]danny.cz> 0.9.4.1-1 - update to 0.9.4.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #677718 - CVE-2011-0432 pywebdav: SQL injection due improper escaping of user credentials https://bugzilla.redhat.com/show_bug.cgi?id=677718 -------------------------------------------------------------------------------- ================================================================================ rkward-0.5.4-3.fc13 (FEDORA-2011-2456) Graphical frontend for R language -------------------------------------------------------------------------------- Update Information: Update to R 2.12.2. A full list of changes in this release is here: http://cran.r-project.org/src/base/NEWS Notably, it fixes this issue: Complex arithmetic (notably z^n for complex z and integer n) gave incorrect results since R 2.10.0 on platforms without C99 complex support. This and some lesser issues in trignometric functions have been corrected. Such platforms were rare (we know of Cygwin and FreeBSD). However, because of new compiler optimizations in the way complex arguments are handled, the same code was selected on x86_64 Linux with gcc 4.5.x at the default -O2 optimization (but not at -O). In addition, rpy and rkward were rebuilt to use the new R. No other changes were made to these packages. -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 1 2011 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 0.5.4-3 - rebuild for R 2.12.2 -------------------------------------------------------------------------------- ================================================================================ rpy-2.0.8-7.fc13 (FEDORA-2011-2456) Python interface to the R language -------------------------------------------------------------------------------- Update Information: Update to R 2.12.2. A full list of changes in this release is here: http://cran.r-project.org/src/base/NEWS Notably, it fixes this issue: Complex arithmetic (notably z^n for complex z and integer n) gave incorrect results since R 2.10.0 on platforms without C99 complex support. This and some lesser issues in trignometric functions have been corrected. Such platforms were rare (we know of Cygwin and FreeBSD). However, because of new compiler optimizations in the way complex arguments are handled, the same code was selected on x86_64 Linux with gcc 4.5.x at the default -O2 optimization (but not at -O). In addition, rpy and rkward were rebuilt to use the new R. No other changes were made to these packages. -------------------------------------------------------------------------------- ChangeLog: * Sun Feb 27 2011 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 2.0.8-7 - rebuild for R 2.12.2 -------------------------------------------------------------------------------- ================================================================================ rubygem-hpricot-0.8.4-1.fc13 (FEDORA-2011-2457) A Fast, Enjoyable HTML Parser for Ruby -------------------------------------------------------------------------------- Update Information: New version 0.8.4 is released. -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 2 2011 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxx> - 0.8.4-1 - 0.8.4 * Wed Feb 9 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.8.3-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ setroubleshoot-3.0.30-1.fc13 (FEDORA-2011-2441) Helps troubleshoot SELinux problems -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 1 2011 <dwalsh@xxxxxxxxxx> - 3.0.30-1 - Change seapplet to only check for AVCs on login, if checkonlogin flag is turned on in ~/.setroubleshoot file - Fix list_all_alerts bug causing crash on bad type * Mon Feb 21 2011 <dwalsh@xxxxxxxxxx> - 3.0.29-1 - Fix handling of "/" in alert list - Update translations * Fri Feb 18 2011 <dwalsh@xxxxxxxxxx> - 3.0.28-1 - Tighten up screen to fit on little screens * Fri Feb 18 2011 <dwalsh@xxxxxxxxxx> - 3.0.27-1 - Remove dependance on gnome python modules - Update translations * Wed Feb 9 2011 <dwalsh@xxxxxxxxxx> - 3.0.26-1 - Cleanup handling of current_alert - Change Details button to say Plugin\nDetails * Wed Feb 9 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.0.25-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ tweepy-1.7.1-3.fc13 (FEDORA-2011-2445) Twitter library for python -------------------------------------------------------------------------------- Update Information: * Initial RPM package for tweepy-1.7.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #675104 - Review Request: tweepy - Twitter library for python https://bugzilla.redhat.com/show_bug.cgi?id=675104 -------------------------------------------------------------------------------- ================================================================================ tzdata-2011b-1.fc13 (FEDORA-2011-1222) Timezone data -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 9 2011 Petr Machata <pmachata@xxxxxxxxxx> - 2011b-1 - Upstream 2011b: - America/North_Dakota/Beulah: Mercer County, North Dakota, changed from the mountain time zone to the central time zone * Mon Jan 24 2011 Petr Machata <pmachata@xxxxxxxxxx> - 2011a-1 - Upstream 2011a: - Updates of historical stamps for Hawaii -------------------------------------------------------------------------------- ================================================================================ xulrunner-1.9.2.14-1.fc13 (FEDORA-2011-2447) XUL Runtime for Gecko Applications -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 1 2011 Jan Horak <jhorak@xxxxxxxxxx> - 1.9.2.14-1 - Update to 1.9.2.14 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test