Fedora 13 updates-testing report

updates@xxxxxxxxxxxxxxxxx · Mon, 07 Mar 2011 21:08:05 +0000

The following Fedora 13 Security updates need testing:

    https://admin.fedoraproject.org/updates/wireshark-1.2.15-1.fc13
    https://admin.fedoraproject.org/updates/dbus-1.2.24-2.fc13
    https://admin.fedoraproject.org/updates/perl-File-FcntlLock-0.12-1.fc13,perl-Mail-Box-2.097-1.fc13
    https://admin.fedoraproject.org/updates/php-ZendFramework-1.11.4-1.fc13
    https://admin.fedoraproject.org/updates/libxml2-2.7.7-2.fc13
    https://admin.fedoraproject.org/updates/clamav-0.97-1300.fc13
    https://admin.fedoraproject.org/updates/logwatch-7.3.6-55.fc13
    https://admin.fedoraproject.org/updates/dhcp-4.1.2-2.ESV.R1.fc13
    https://admin.fedoraproject.org/updates/openssl-1.0.0d-1.fc13
    https://admin.fedoraproject.org/updates/subversion-1.6.16-1.fc13
    https://admin.fedoraproject.org/updates/php-pear-1.9.2-1.fc13
    https://admin.fedoraproject.org/updates/seamonkey-2.0.12-1.fc13
    https://admin.fedoraproject.org/updates/whatsup-1.12-1.fc13
    https://admin.fedoraproject.org/updates/openldap-2.4.21-12.fc13
    https://admin.fedoraproject.org/updates/cgit-0.9-1.fc13
    https://admin.fedoraproject.org/updates/pywebdav-0.9.4.1-1.fc13
    https://admin.fedoraproject.org/updates/mailman-2.1.12-17.fc13
    https://admin.fedoraproject.org/updates/asterisk-1.6.2.17-1.fc13
    https://admin.fedoraproject.org/updates/thunderbird-3.1.8-3.fc13
    https://admin.fedoraproject.org/updates/libtiff-3.9.4-3.fc13
    https://admin.fedoraproject.org/updates/389-admin-1.1.15-1.fc13
    https://admin.fedoraproject.org/updates/tor-0.2.1.29-1300.fc13
    https://admin.fedoraproject.org/updates/samba-3.5.7-73.fc13
    https://admin.fedoraproject.org/updates/libcgroup-0.35.1-5.fc13
    https://admin.fedoraproject.org/updates/vsftpd-2.3.4-1.fc13
    https://admin.fedoraproject.org/updates/feh-1.10.1-1.fc13

The following Fedora 13 Critical Path updates have yet to be approved:

    https://admin.fedoraproject.org/updates/libxml2-2.7.7-2.fc13
    https://admin.fedoraproject.org/updates/fuse-2.8.5-5.fc13
    https://admin.fedoraproject.org/updates/NetworkManager-0.8.3.997-1.fc13
    https://admin.fedoraproject.org/updates/libcgroup-0.35.1-5.fc13
    https://admin.fedoraproject.org/updates/libtiff-3.9.4-3.fc13
    https://admin.fedoraproject.org/updates/openldap-2.4.21-12.fc13
    https://admin.fedoraproject.org/updates/livecd-tools-13.2-1.fc13
    https://admin.fedoraproject.org/updates/lua-5.1.4-7.fc13
    https://admin.fedoraproject.org/updates/librsvg2-2.26.3-3.fc13
    https://admin.fedoraproject.org/updates/mobile-broadband-provider-info-1.20110218-1.fc13
    https://admin.fedoraproject.org/updates/less-436-9.fc13
    https://admin.fedoraproject.org/updates/dosfstools-3.0.9-4.fc13
    https://admin.fedoraproject.org/updates/openssl-1.0.0d-1.fc13
    https://admin.fedoraproject.org/updates/file-5.04-7.fc13
    https://admin.fedoraproject.org/updates/system-config-users-1.2.107-1.fc13
    https://admin.fedoraproject.org/updates/python-ethtool-0.6-1.fc13
    https://admin.fedoraproject.org/updates/libical-0.46-2.fc13
    https://admin.fedoraproject.org/updates/pm-utils-1.2.6.1-4.fc13
    https://admin.fedoraproject.org/updates/mash-0.5.20-1.fc13
    https://admin.fedoraproject.org/updates/libfprint-0.3.0-1.fc13
    https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-7.fc13
    https://admin.fedoraproject.org/updates/lldpad-0.9.26-2.fc13

The following builds have been pushed to Fedora 13 updates-testing

    cgit-0.9-1.fc13
    flies-python-client-0.8.0-1.fc13
    ghc-hamlet-0.6.1.2-1.fc13
    ibus-m17n-1.3.2-1.fc13
    ksh-20100621-3.fc13
    seamonkey-2.0.12-1.fc13
    whatsup-1.12-1.fc13

Details about builds:

================================================================================
 cgit-0.9-1.fc13 (FEDORA-2011-2815)
 A fast web interface for git
--------------------------------------------------------------------------------
Update Information:

In addition to closing a DOS vulnerability (thanks to Jim Meyering), this upstream feature release adds the following enhancements:

* Support for side-by-side diffs
* Support for repo content in "about" view
* Improved integration with gitolite/gitweb
* Support for git notes in commit/log view
* Support for graph in log view (similar to 'git log --graph')
* Improved handling/display of path filters
* Clients can modify diff view parameters
* Support for directory listings in plain view
* Support for remote branches
* Support for range searches in log view (like 'git log master ^stable)
* Support for expansion of environment vars in certain cgitrc options, which can simplify virtual hosting

The release announcement has a more complete changelog:

http://article.gmane.org/gmane.comp.version-control.git/168496

--------------------------------------------------------------------------------
ChangeLog:

* Sun Mar  6 2011 Todd Zullinger <tmz@xxxxxxxxx> - 0.9-1
- Update to 0.9
- Fixes: CVE-2011-1027
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1027
- Generate and install man page and html docs
- Use libcurl-devel on RHEL >= 6
- Include example filter scripts
- Update example cgitrc
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.8.2.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #680905 - CVE-2011-1027 cgit: invalid hex escape (e.g., %GG) in query triggers infinite loop
        https://bugzilla.redhat.com/show_bug.cgi?id=680905
--------------------------------------------------------------------------------

================================================================================
 flies-python-client-0.8.0-1.fc13 (FEDORA-2011-2812)
 Python Client for Flies Server
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar  7 2011 James Ni <jni@xxxxxxxxxx> - 0.8.0
- Stable release
* Wed Feb 23 2011 James Ni <jni@xxxxxxxxxx> - 0.7.6-1
- Rename the command line option, add a Logger class for better output, set copytrans default value to true, make the
  extensions to a list of gettext and comment.
* Tue Feb 22 2011 James Ni <jni@xxxxxxxxxx> - 0.7.4-1
- Fix issue 245:stop processing when type 'n', Add version service, rename the command line option and help info, add
  InternalServerError
* Mon Feb 21 2011 James Ni <jni@xxxxxxxxxx> - 0.7.3-1
- Fix issue 244, issue 245, issue 247 and issue 30, add command list for 'flies publican', rewrite the README
* Fri Feb 18 2011 James Ni <jni@xxxxxxxxxx> - 0.7.2-1
- Rename the gettextutil to publicanutil, Remove the translator from textFlowTarget, Add more help info
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.7.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------

================================================================================
 ghc-hamlet-0.6.1.2-1.fc13 (FEDORA-2011-2811)
 Haml-like template files that are compile-time checked
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #630292 - Review Request: ghc-hamlet - Haml-like template files that are compile-time checked
        https://bugzilla.redhat.com/show_bug.cgi?id=630292
--------------------------------------------------------------------------------

================================================================================
 ibus-m17n-1.3.2-1.fc13 (FEDORA-2011-2809)
 The M17N engine for IBus platform
--------------------------------------------------------------------------------
Update Information:

new upstream release
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar  7 2011 Daiki Ueno <dueno@xxxxxxxxxx> - 1.3.2-1
- New upstream release.
--------------------------------------------------------------------------------

================================================================================
 ksh-20100621-3.fc13 (FEDORA-2011-2814)
 The Original ATT Korn Shell
--------------------------------------------------------------------------------
Update Information:

- fix ( ) compound list altering environment
- updated to 2011-02-02
- fixed crash caused by wrong wctrans_t size 
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar  7 2011 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 20100621-3
- fix ( ) compound list altering environment
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #667670 - [abrt] ksh-20110104-1.fc15: towctrans: Process /bin/ksh was killed by signal 11 (SIGSEGV)
        https://bugzilla.redhat.com/show_bug.cgi?id=667670
  [ 2 ] Bug #664106 - Regression in ksh-20101212
        https://bugzilla.redhat.com/show_bug.cgi?id=664106
--------------------------------------------------------------------------------

================================================================================
 seamonkey-2.0.12-1.fc13 (FEDORA-2011-2796)
 Web browser, e-mail, news, IRC client, HTML editor
--------------------------------------------------------------------------------
Update Information:

Update to new upstream SeaMonkey version 2.0.12, fixing multiple security issues detailed in the upstream advisories:

http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.12
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar  7 2011 Martin Stransky <stransky@xxxxxxxxxx> 2.0.12-1
- Update to 2.0.12
* Tue Jan  4 2011 Adel Gadllah <adel.gadllah@xxxxxxxxx> 2.0.11-3
- BR dbus-glib-devel
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #682270 - Seamonkey is out of date - security fixex in 2.0.12
        https://bugzilla.redhat.com/show_bug.cgi?id=682270
--------------------------------------------------------------------------------

================================================================================
 whatsup-1.12-1.fc13 (FEDORA-2011-2794)
 Node up/down detection utility
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar  7 2011 Ruben Kerkhof <ruben@xxxxxxxxxxxxxxxx> 1.12-1
- Upstream released new version
- Link against system-provided expat (#652981)
- Fixes FTBFS (#661001)
- Drop patch for incorrect open which was merged upstream
- no InfiniBand on s390(x)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #652981 - libnodeupdown-backend-ganglia contains an embedded copy of expat, prone to CVE-2009-3720
        https://bugzilla.redhat.com/show_bug.cgi?id=652981
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe: 
https://admin.fedoraproject.org/mailman/listinfo/test