The following Fedora 14 Security updates need testing:
https://admin.fedoraproject.org/updates/libcgroup-0.36.2-6.fc14
https://admin.fedoraproject.org/updates/policycoreutils-2.0.85-19.fc14
https://admin.fedoraproject.org/updates/php-pear-1.9.2-1.fc14
https://admin.fedoraproject.org/updates/seamonkey-2.0.12-1.fc14
https://admin.fedoraproject.org/updates/gnash-0.8.9-0.1.20110312git.fc14
https://admin.fedoraproject.org/updates/openldap-2.4.23-9.fc14
https://admin.fedoraproject.org/updates/couchdb-1.0.2-1.fc14
https://admin.fedoraproject.org/updates/mailman-2.1.13-7.fc14
https://admin.fedoraproject.org/updates/samba-3.5.8-74.fc14
https://admin.fedoraproject.org/updates/mono-addins-0.5-2.fc14,mono-2.6.7-4.fc14
https://admin.fedoraproject.org/updates/libvirt-0.8.3-5.fc14
https://admin.fedoraproject.org/updates/pango-1.28.1-5.fc14
https://admin.fedoraproject.org/updates/389-admin-1.1.15-1.fc14
https://admin.fedoraproject.org/updates/tor-0.2.1.29-1400.fc14
https://admin.fedoraproject.org/updates/subversion-1.6.16-1.fc14
https://admin.fedoraproject.org/updates/exim-4.72-2.fc14
https://admin.fedoraproject.org/updates/feh-1.10.1-1.fc14
https://admin.fedoraproject.org/updates/postfix-2.7.3-1.fc14
https://admin.fedoraproject.org/updates/avahi-0.6.27-6.fc14
https://admin.fedoraproject.org/updates/pure-ftpd-1.0.30-1.fc14
https://admin.fedoraproject.org/updates/mhonarc-2.6.18-3.fc14
The following Fedora 14 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/tzdata-2011d-1.fc14
https://admin.fedoraproject.org/updates/tzdata-2011b-3.fc14
https://admin.fedoraproject.org/updates/perl-ExtUtils-XSpp-0.15-2.fc14,perl-5.12.3-142.fc14,perl-Wx-0.98-5.fc14
https://admin.fedoraproject.org/updates/linux-firmware-20110304-1.fc14
https://admin.fedoraproject.org/updates/policycoreutils-2.0.85-19.fc14
https://admin.fedoraproject.org/updates/avahi-0.6.27-6.fc14
https://admin.fedoraproject.org/updates/pinentry-0.8.1-3.fc14
https://admin.fedoraproject.org/updates/libconfig-1.4.6-1.fc14
https://admin.fedoraproject.org/updates/openldap-2.4.23-9.fc14
https://admin.fedoraproject.org/updates/lua-5.1.4-7.fc14
https://admin.fedoraproject.org/updates/mobile-broadband-provider-info-1.20110218-1.fc14
https://admin.fedoraproject.org/updates/xorg-x11-drv-geode-2.11.11-4.fc14
https://admin.fedoraproject.org/updates/libmodman-2.0.0-1.fc14
The following builds have been pushed to Fedora 14 updates-testing
abe-1.1-12.fc14
directfb-1.4.11-3.fc14
docky-2.0.12-1.fc14
dotconf-1.3-2.fc14
flies-python-client-0.8.1-1.fc14
ghc-ForSyDe-3.1.1-4.fc14
ike-2.1.7-4.fc14
jwhois-4.0-24.fc14
kcm-gtk-0.5.3-7.fc14
kde-plasma-networkmanagement-0.9-0.39.20110314.fc14
libprojectM-2.0.1-8.fc14
libvirt-0.8.3-5.fc14
mhonarc-2.6.18-3.fc14
mono-2.6.7-4.fc14
mono-addins-0.5-2.fc14
nsd-3.2.7-5.fc14
perl-Catalyst-View-HTML-Template-0.03-2.fc14
perl-HTTP-Server-Simple-PSGI-0.14-2.fc14
perl-Package-DeprecationManager-0.10-3.fc14
perl-Test-Database-1.11-1.fc14
perl-VOMS-Lite-0.11-1.fc14
postfix-2.7.3-1.fc14
puddletag-0.10.0-1.fc14
pure-ftpd-1.0.30-1.fc14
rawstudio-1.2-10.fc14.20110226svn3835
rhnmd-5.3.8-1.fc14
scap-workbench-0.2.3-1.fc14
speech-dispatcher-0.7.1-4.fc14
tcl-8.5.9-1.fc14
tintin-2.00.6-1.fc14
tk-8.5.9-1.fc14
tzdata-2011b-3.fc14
tzdata-2011d-1.fc14
v4l-utils-0.8.3-2.fc14
vifir-0.8-1.fc14
visualvm-1.3.2-1.2.7.fc14
xine-lib-1.1.19-2.fc14.2
xsettings-kde-0.12-3.fc14
znc-0.098-0.3.rc1.fc14
Details about builds:
================================================================================
abe-1.1-12.fc14 (FEDORA-2011-3389)
Scrolling, platform-jumping, ancient pyramid exploring game
--------------------------------------------------------------------------------
Update Information:
This update fixes a double-free bug when running "abe -t" to list available video modes. It also cleans up several cosmetic issues, unlikely to be noticed by end users.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 14 2011 Jerry James <loganjerry@xxxxxxxxx> - 1.1-12
- Fix double free (bz 509052)
- Fix incorrectly-sized format specifier
- Don't use abe's extra optimization and debugging CFLAGS (fixes debuginfo)
- Remove filename extension from Icon field in desktop file
- Remove BuildRoot tag
- Add post/postun scripts, fix Requires for those scripts
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #509052 - Invalid free with abe -t
https://bugzilla.redhat.com/show_bug.cgi?id=509052
--------------------------------------------------------------------------------
================================================================================
directfb-1.4.11-3.fc14 (FEDORA-2011-3363)
Graphics abstraction library for the Linux Framebuffer Device
--------------------------------------------------------------------------------
Update Information:
Drop broken ABI version modification patch from DirectFB, rebuild xine-lib against the fixed one.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 7 2011 Nicolas Chauvet <kwizart@xxxxxxxxx> - 1.4.11-3
- Drop abi patch
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #673842 - directfb-1.4.11-2.fc14 / xine-lib-1.1.19-2.fc14.1 broken
https://bugzilla.redhat.com/show_bug.cgi?id=673842
--------------------------------------------------------------------------------
================================================================================
docky-2.0.12-1.fc14 (FEDORA-2011-3373)
Advanced shortcut bar written in Mono
--------------------------------------------------------------------------------
Update Information:
Resolving bug with recycle bin.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 10 2011 Lukas Zapletal <lzap+rpm@xxxxxxxxxx> - 2.0.12-1
- version bump
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.0.11-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Tue Jan 18 2011 Lukas Zapletal <lzap+rpm@xxxxxxxxxx> - 2.0.11-1
- version bump
* Mon Jan 10 2011 Dan HorÃk <dan[at]danny.cz> - 2.0.10-2
- updated the supported arch list
* Mon Jan 10 2011 Lukas Zapletal <lzap+rpm@xxxxxxxxxx> - 2.0.10-1
- Version bump
- Man page added
- Patch for shebang not needed anymore (fixed in mainstream)
--------------------------------------------------------------------------------
================================================================================
dotconf-1.3-2.fc14 (FEDORA-2011-3400)
Libraries to parse configuration files
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Wed Dec 8 2010 Peter Robinson <pbrobinson@xxxxxxxxx> - 1.3-1
- New upstream 1.3 release, update URL/Source
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #569531 - jovie (formerly kttsd) doesn't start & installed voices cannot be selected
https://bugzilla.redhat.com/show_bug.cgi?id=569531
[ 2 ] Bug #649403 - [abrt] speech-dispatcher-0.7.1-2.fc14: _int_free: Process /usr/bin/speech-dispatcher was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=649403
[ 3 ] Bug #654585 - speech-dispatcher cannot load modules
https://bugzilla.redhat.com/show_bug.cgi?id=654585
[ 4 ] Bug #666681 - [abrt] speech-dispatcher-0.7.1-1.fc14.1: _int_free: Process /usr/bin/speech-dispatcher was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=666681
[ 5 ] Bug #678045 - [abrt] speech-dispatcher-0.7.1-2.fc14: Process /usr/bin/speech-dispatcher was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=678045
[ 6 ] Bug #681722 - [abrt] speech-dispatcher-0.7.1-2.fc14: fileinput.py:322:readline:OSError: [Errno 2] No such file or directory
https://bugzilla.redhat.com/show_bug.cgi?id=681722
[ 7 ] Bug #654607 - Crash in speech-dispatcher: Update to dotconf version 1.3
https://bugzilla.redhat.com/show_bug.cgi?id=654607
--------------------------------------------------------------------------------
================================================================================
flies-python-client-0.8.1-1.fc14 (FEDORA-2011-3379)
Python Client for Flies Server
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 10 2011 James Ni <jni@xxxxxxxxxx> - 0.8.1
- Fix bugs(issue 272, issue 274) of retrieve the translation
* Mon Mar 7 2011 James Ni <jni@xxxxxxxxxx> - 0.8.0
- Stable release
* Wed Feb 23 2011 James Ni <jni@xxxxxxxxxx> - 0.7.6-1
- Rename the command line option, add a Logger class for better output, set copytrans default value to true, make the
extensions to a list of gettext and comment.
* Tue Feb 22 2011 James Ni <jni@xxxxxxxxxx> - 0.7.4-1
- Fix issue 245:stop processing when type 'n', Add version service, rename the command line option and help info, add
InternalServerError
* Mon Feb 21 2011 James Ni <jni@xxxxxxxxxx> - 0.7.3-1
- Fix issue 244, issue 245, issue 247 and issue 30, add command list for 'flies publican', rewrite the README
* Fri Feb 18 2011 James Ni <jni@xxxxxxxxxx> - 0.7.2-1
- Rename the gettextutil to publicanutil, Remove the translator from textFlowTarget, Add more help info
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.7.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
ghc-ForSyDe-3.1.1-4.fc14 (FEDORA-2011-3384)
Haskell ForSyDe library
--------------------------------------------------------------------------------
Update Information:
Enabled build for sparcv9.
A Formal System Design methodology package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #680473 - Review Request: ghc-ForSyDe - Formal System Design methodology
https://bugzilla.redhat.com/show_bug.cgi?id=680473
--------------------------------------------------------------------------------
================================================================================
ike-2.1.7-4.fc14 (FEDORA-2011-3361)
Shrew Soft VPN Client For Linux
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #518441 - Review Request: ike - Shrew Soft VPN Client For Linux
https://bugzilla.redhat.com/show_bug.cgi?id=518441
--------------------------------------------------------------------------------
================================================================================
jwhois-4.0-24.fc14 (FEDORA-2011-3354)
Internet whois/nicname client
--------------------------------------------------------------------------------
Update Information:
This updated jwhois package fixes lookup fail when quering domain with very long name and giving options to the whois server simultaneously.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 15 2011 Vitezslav Crhonek <vcrhonek@xxxxxxxxxx> - 4.0-24
- Fix IDN encoding failed with error code 5
Resolves: #682841
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #682841 - IDN encoding failed with error code 5
https://bugzilla.redhat.com/show_bug.cgi?id=682841
--------------------------------------------------------------------------------
================================================================================
kcm-gtk-0.5.3-7.fc14 (FEDORA-2011-3380)
Configure the appearance of GTK apps in KDE
--------------------------------------------------------------------------------
Update Information:
This update to xsettings-kde ensures GTK+ applications running in KDE Plasma sessions automatically inherit the cursor theme set in KDE System Settings.
A previous update for kcm-gtk added a separate setting in KDE System Settings for the cursor theme for GTK+ applications. This duplicate option would now have no effect, so it has been removed. Use the cursor theme setting under Input Devices / Mouse in System Settings to set the cursor theme for all applications running in your KDE Plasma session, including GTK+ applications. (A session restart will be needed for the setting to take effect on GTK+ applications.)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 14 2011 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> 0.5.3-7
- drop cursortheme patch, now set automatically by xsettings-kde (#591746)
* Mon Feb 7 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> 0.5.3-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #591746 - xsettings-kde should set Gtk/CursorThemeName based on the KDE setting
https://bugzilla.redhat.com/show_bug.cgi?id=591746
--------------------------------------------------------------------------------
================================================================================
kde-plasma-networkmanagement-0.9-0.39.20110314.fc14 (FEDORA-2011-3395)
NetworkManager KDE 4 integration
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 14 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1:0.9-0.39.20110314
- 20110314 snapshot
* Mon Mar 14 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1:0.9-0.38.20110310
- fix "In file (unencrypted)" secrets storage (#682972)
* Thu Mar 10 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1:0.9-0.37.20110310
- 20110310 snapshot
- Updated code to fix "Enable ..." checkbox handling
* Tue Mar 8 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1:0.9-0.36.20110308
- 20110308 snapshot
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #682972 - kde-plasma-networkmanagement: WiFi authentication regression
https://bugzilla.redhat.com/show_bug.cgi?id=682972
--------------------------------------------------------------------------------
================================================================================
libprojectM-2.0.1-8.fc14 (FEDORA-2011-3385)
The libraries for the projectM music visualization plugin
--------------------------------------------------------------------------------
Update Information:
Replace obsolete bitstream-vera font requirements with dejavu
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 15 2011 Jameson Pugh (imntreal@xxxxxxxxx) - 2.0.1-8
- Replace obsolete bitstream-vera font requirements with dejavu
--------------------------------------------------------------------------------
================================================================================
libvirt-0.8.3-5.fc14 (FEDORA-2011-3365)
Library providing a simple API virtualization
--------------------------------------------------------------------------------
Update Information:
fix a lack of API check on read-only connections
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 15 2011 Daniel Veillard <veillard@xxxxxxxxxx> 0.8.3-5
- fix a lack of API check on read-only connections 683655
- CVE-2011-1146
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #683650 - CVE-2011-1146 libvirt: several API calls do not honour read-only connection
https://bugzilla.redhat.com/show_bug.cgi?id=683650
--------------------------------------------------------------------------------
================================================================================
mhonarc-2.6.18-3.fc14 (FEDORA-2011-3390)
Perl mail-to-HTML converter
--------------------------------------------------------------------------------
Update Information:
Update to latest stable release:
- Fixes CVE-2010-1677 mhonarc: remote DoS via certain tags
- Fixes CVE-2010-4524 MHonArc: Improper escaping of certain HTML sequences (XSS)
- Fixes dealing with ISO-2022-JP charset.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 15 2011 Josà Matos <jamatos@xxxxxxxxxxxxxxxxx> - 2.6.18-3
- Fix requires filter.
* Sat Mar 12 2011 Josà Matos <jamatos@xxxxxxxxxxxxxxxxx> - 2.6.18-2
- Take back the unwanted dependencies filter with new clothes.
* Sat Mar 12 2011 Josà Matos <jamatos@xxxxxxxxxxxxxxxxx> - 2.6.18-1
- Thanks to Jeff Schroeder for the ideas to fix the spec file (bz 664730)
- New upstream release
- Fixes CVE-2010-1677 and CVE-2010-4524 (bz 664730)
- Use %{version} in Source
- Simplify the filter usage for perl requirements
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.6.16-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #667478 - CVE-2010-1677 mhonarc: remote DoS via certain tags
https://bugzilla.redhat.com/show_bug.cgi?id=667478
[ 2 ] Bug #664718 - CVE-2010-4524 MHonArc: Improper escaping of certain HTML sequences (XSS)
https://bugzilla.redhat.com/show_bug.cgi?id=664718
--------------------------------------------------------------------------------
================================================================================
mono-2.6.7-4.fc14 (FEDORA-2011-3393)
A .NET runtime environment
--------------------------------------------------------------------------------
Update Information:
* CVE-2010-4159
* CVE-2010-4254
* mono-core and mono-addins do not depend on mono-devel anymore
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 15 2011 Christian Krause <chkr@xxxxxxxxxxxxxxxxx> - 2.6.7-4
- Move xbuild.exe and dependencies into -devel sub-package (BZ 671917)
- Ensure that the symbolic links and the actual libraries in the GAC are
always in the same sub-package
- CVE-2010-4159 (BZ 654405)
- CVE-2010-4254 (BZ 659911)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #654403 - CVE-2010-4159 mono: untrusted search path vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=654403
[ 2 ] Bug #659910 - CVE-2010-4254 mono: vulnerability when Moonlight is used may allow arbitrary code execution
https://bugzilla.redhat.com/show_bug.cgi?id=659910
--------------------------------------------------------------------------------
================================================================================
mono-addins-0.5-2.fc14 (FEDORA-2011-3393)
Addins for mono
--------------------------------------------------------------------------------
Update Information:
* CVE-2010-4159
* CVE-2010-4254
* mono-core and mono-addins do not depend on mono-devel anymore
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 13 2011 Christian Krause <chkr@xxxxxxxxxxxxxxxxx> - 0.5-2
- Use official 0.5 release linked from http://ftp.novell.com/pub/mono/archive/2.6.7/sources/
- Move MSBuild parts into -devel package so that the main package does not
depend on mono-devel (BZ 671917)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #654403 - CVE-2010-4159 mono: untrusted search path vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=654403
[ 2 ] Bug #659910 - CVE-2010-4254 mono: vulnerability when Moonlight is used may allow arbitrary code execution
https://bugzilla.redhat.com/show_bug.cgi?id=659910
--------------------------------------------------------------------------------
================================================================================
nsd-3.2.7-5.fc14 (FEDORA-2011-3398)
Fast and lean authoritative DNS Name Server
--------------------------------------------------------------------------------
Update Information:
Upgraded to 3.2.7. fix use of NSD_AUTOREBUILD for cron. Add %ghost for /var/run/nsd, fix initscript to properly display ok/failed.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 9 2011 Paul Wouters <paul@xxxxxxxxxxxxx> - 3.2.7-5
- Fix misnamed variable NSD_AUTORELOAD which should be NSD_AUTOREBUILD
- Fix for init script properly returning OK/Failed (bz#535107) by Noa Resare
- Add ghost directive to /var/run/nsd (bz#656642)
- Bump release for EVR
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #656642 - Please Update Spec File to use %ghost on files in /var/run and /var/lock
https://bugzilla.redhat.com/show_bug.cgi?id=656642
[ 2 ] Bug #535107 - need to use the new auto-group icon
https://bugzilla.redhat.com/show_bug.cgi?id=535107
--------------------------------------------------------------------------------
================================================================================
perl-Catalyst-View-HTML-Template-0.03-2.fc14 (FEDORA-2011-3396)
HTML::Template View Class
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #684087 - Review Request: perl-Catalyst-View-HTML-Template - HTML::Template View Class
https://bugzilla.redhat.com/show_bug.cgi?id=684087
--------------------------------------------------------------------------------
================================================================================
perl-HTTP-Server-Simple-PSGI-0.14-2.fc14 (FEDORA-2011-3397)
PSGI handler for HTTP::Server::Simple
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #670477 - Review Request: perl-HTTP-Server-Simple-PSGI - PSGI handler for HTTP::Server::Simple
https://bugzilla.redhat.com/show_bug.cgi?id=670477
--------------------------------------------------------------------------------
================================================================================
perl-Package-DeprecationManager-0.10-3.fc14 (FEDORA-2011-3369)
Manage deprecation warnings for your distribution
--------------------------------------------------------------------------------
Update Information:
This update, to the current upstream release, addresses issues in 'ignore' handling, which is used to ignore packages in your distribution that can appear on the call stack when a deprecated feature is used. The update also supports the use of regular expressions for the 'ignore' feature.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.10-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Sat Jan 8 2011 Paul Howarth <paul@xxxxxxxxxxxx> - 0.10-2
- Update patches for old Test::More and no Test::Requires
- perl(Pod::Coverage::TrustPod) now available everywhere except EPEL-4
* Sat Jan 8 2011 Iain Arnell <iarnell@xxxxxxxxx> - 0.10-1
- Update to 0.10:
- Test suite uses Test::Fatal instead of Test::Exception
* Mon Oct 18 2010 Paul Howarth <paul@xxxxxxxxxxxx> - 0.09-1
- Update to 0.09:
- Added a compilation test
* Fri Oct 15 2010 Paul Howarth <paul@xxxxxxxxxxxx> - 0.08-1
- Update to 0.08:
- The use of regular expressions in ignores didn't really work in 0.06
- Added missing deps on List::MoreUtils and Test::Requires
- Replaced Test::Warn with Test::Output in the tests
- Made the tests actually test what they should be testing
- BR: Test::Output rather than Test::Warn
- Update patches
* Fri Oct 15 2010 Paul Howarth <paul@xxxxxxxxxxxx> - 0.06-1
- Update to 0.06:
- Removed hard dep on Test::Warn for the benefit of Moose
- Fixed what looked like a bug in -ignore handling
- The -ignore parameter now accepts regexes as well as package names
- Update compatibility patches
- BR: List::MoreUtils
- BR: Test::Requires where possible, patch it out elsewhere
--------------------------------------------------------------------------------
================================================================================
perl-Test-Database-1.11-1.fc14 (FEDORA-2011-3372)
Database handles ready for testing
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #684645 - Review Request: perl-Test-Database - Database handles ready for testing
https://bugzilla.redhat.com/show_bug.cgi?id=684645
--------------------------------------------------------------------------------
================================================================================
perl-VOMS-Lite-0.11-1.fc14 (FEDORA-2011-3381)
Perl extension for VOMS Attribute certificate creation
--------------------------------------------------------------------------------
Update Information:
VOMS (virtual organisation membership service) is a system for managing grid level authorization data within multi-institutional collaborations via membership and roles within that membership.
VOMS::Lite provides a perl library and client tools for interacting with an existing voms service including the well known C impementation of voms.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #565949 - Review Request: perl-VOMS-Lite - Perl extension for VOMS Attribute certificate creation
https://bugzilla.redhat.com/show_bug.cgi?id=565949
--------------------------------------------------------------------------------
================================================================================
postfix-2.7.3-1.fc14 (FEDORA-2011-3394)
Postfix Mail Transport Agent
--------------------------------------------------------------------------------
Update Information:
This is an update that fixes the CVE-2011-0411 and other bugs.
For more details about the CVE-2011-0411 see: http://www.postfix.org/CVE-2011-0411.html
For full list of changes see changelog that is available from: http://www.postfix.org/download.html
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 13 2011 Jaroslav Åkarvada <jskarvad@xxxxxxxxxx> - 2:2.7.3-1
- update to 2.7.3
fixes CVE-2011-0411 (#683168)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #674814 - CVE-2011-0411 postfix: SMTP commands injection during plaintext to TLS session switch
https://bugzilla.redhat.com/show_bug.cgi?id=674814
--------------------------------------------------------------------------------
================================================================================
puddletag-0.10.0-1.fc14 (FEDORA-2011-3350)
Feature rich, easy to use tag editor
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release puddletag 0.10.0.
For more information about the release, please visit:
http://puddletag.sourceforge.net/news.html
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 13 2011 Terje Rosten <terje.rosten@xxxxxxx> - 0.10.0-1
- 0.10.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #682434 - [abrt] puddletag-0.9.11-2.fc14: amazon.py:178:retrieve_album:KeyError: 'artist'
https://bugzilla.redhat.com/show_bug.cgi?id=682434
--------------------------------------------------------------------------------
================================================================================
pure-ftpd-1.0.30-1.fc14 (FEDORA-2011-3349)
Lightweight, fast and secure FTP server
--------------------------------------------------------------------------------
Update Information:
Wietse Venema and Victor Duchovni discovered and reported an issue that could lead to a potential information disclosure.
An unencrypted FTP command immediately following STARTTLS request would get buffered and processed prior to SSL/TLS handshake, resulting in potential authentication bypass in case a client certificate authentication was configured to provide user identity.
A report of similar issue that was originally discovered in Postfix MTA contains further technical details and discusses possible impact: http://www.postfix.org/CVE-2011-0411.html
Users of pure-ftpd are advised to install this updated package which contains a fix for the issue.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 14 2011 Michal Ingeli <mi@xxxxx> - 1.0.30-1
- version 1.0.30
- security bug fix #683221 by upstream
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #683221 - pure-ftpd: command injection during plaintext to TLS session switch
https://bugzilla.redhat.com/show_bug.cgi?id=683221
--------------------------------------------------------------------------------
================================================================================
rawstudio-1.2-10.fc14.20110226svn3835 (FEDORA-2011-3351)
Read, manipulate and convert digital camera raw images
--------------------------------------------------------------------------------
Update Information:
Upgrade to recent snapshot, supposedly fixes several reported crashes.
Upgrade to recent snapshot, supposedly fixes several reported crashes.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 14 2011 Gianluca Sforna <giallu@xxxxxxxxx> - 1.2-10
- update to newer snapshot, another fixed crash
* Mon Feb 21 2011 Gianluca Sforna <giallu@xxxxxxxxx> - 1.2-9
- update to newer snapshot, includes fixes for #635964 and #636919
- remove upstreamed patch, add new one to remove -Werror
- require gphoto2
* Wed Feb 9 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.2-8.20100907svn3521
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Sun Jan 2 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 1.2-7.20100907svn3521
- rebuild (exiv2)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #635964 - [abrt] rawstudio-1.2-6.fc13.20100907svn3521: pixops_scale_nearest: Process /usr/bin/rawstudio was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=635964
[ 2 ] Bug #665999 - [abrt] rawstudio-1.2-6.fc14.20100907svn3521: Process /usr/bin/rawstudio was killed by signal 6 (SIGABRT)
https://bugzilla.redhat.com/show_bug.cgi?id=665999
[ 3 ] Bug #678967 - [abrt] rawstudio-1.2-6.fc14.20100907svn3521: Process /usr/bin/rawstudio was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=678967
--------------------------------------------------------------------------------
================================================================================
rhnmd-5.3.8-1.fc14 (FEDORA-2011-3352)
Red Hat Network Monitoring Daemon
--------------------------------------------------------------------------------
Update Information:
new package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #538057 - Review Request: rhnmd - Red Hat Network Monitoring Daemon
https://bugzilla.redhat.com/show_bug.cgi?id=538057
--------------------------------------------------------------------------------
================================================================================
scap-workbench-0.2.3-1.fc14 (FEDORA-2011-3370)
Scanning, tailoring, editing and validation tool for SCAP content
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
================================================================================
speech-dispatcher-0.7.1-4.fc14 (FEDORA-2011-3400)
To provide a high-level device independent layer for speech synthesis
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 9 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.7.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Wed Dec 8 2010 Peter Robinson <pbrobinson@xxxxxxxxx> - 0.7.1-3
- Bump build for new dotconf
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #569531 - jovie (formerly kttsd) doesn't start & installed voices cannot be selected
https://bugzilla.redhat.com/show_bug.cgi?id=569531
[ 2 ] Bug #649403 - [abrt] speech-dispatcher-0.7.1-2.fc14: _int_free: Process /usr/bin/speech-dispatcher was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=649403
[ 3 ] Bug #654585 - speech-dispatcher cannot load modules
https://bugzilla.redhat.com/show_bug.cgi?id=654585
[ 4 ] Bug #666681 - [abrt] speech-dispatcher-0.7.1-1.fc14.1: _int_free: Process /usr/bin/speech-dispatcher was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=666681
[ 5 ] Bug #678045 - [abrt] speech-dispatcher-0.7.1-2.fc14: Process /usr/bin/speech-dispatcher was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=678045
[ 6 ] Bug #681722 - [abrt] speech-dispatcher-0.7.1-2.fc14: fileinput.py:322:readline:OSError: [Errno 2] No such file or directory
https://bugzilla.redhat.com/show_bug.cgi?id=681722
[ 7 ] Bug #654607 - Crash in speech-dispatcher: Update to dotconf version 1.3
https://bugzilla.redhat.com/show_bug.cgi?id=654607
--------------------------------------------------------------------------------
================================================================================
tcl-8.5.9-1.fc14 (FEDORA-2011-3367)
Tool Command Language, pronounced tickle
--------------------------------------------------------------------------------
Update Information:
This is an update that fixes many bugs (including crashes). For full list of bugs fixed see change logs that are shipped with packages (in /usr/share/doc/)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 15 2011 Jaroslav Åkarvada <jskarvad@xxxxxxxxxx> - 1:8.5.9-1
- New version (fixes #681263)
- Updated hidden patch
- Removed sigabrt patch (integrated upstream)
- Rebuilt with TCL_NO_STACK_CHECK
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #668788 - [abrt] tcl-1:8.5.8-2.fc14: TclGetNamespaceForQualName: Process /usr/bin/tclsh8.5 was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=668788
[ 2 ] Bug #652889 - [abrt] tk-1:8.5.8-2.fc14: Process /usr/bin/wish8.5 was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=652889
[ 3 ] Bug #671329 - [abrt] tk-1:8.5.8-2.fc14: reset: Process /usr/bin/wish8.5 was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=671329
[ 4 ] Bug #681263 - [abrt] tk-1:8.5.8-2.fc14: UnsetVarStruct: Process /usr/bin/wish8.5 was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=681263
--------------------------------------------------------------------------------
================================================================================
tintin-2.00.6-1.fc14 (FEDORA-2011-3374)
TinTin++, aka tt++, is a free MUD client
--------------------------------------------------------------------------------
Update Information:
TinTin++ 2.00.6 bump
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 14 2011 Petr Sabata <psabata@xxxxxxxxxx> - 2.00.6-1
- 2.00.6 bump
- Removing obsolete attr definitions and utf8 conversion
- Upstream now supports DESTDIR, removing the DESTDIR patch
--------------------------------------------------------------------------------
================================================================================
tk-8.5.9-1.fc14 (FEDORA-2011-3367)
The graphical toolkit for the Tcl scripting language
--------------------------------------------------------------------------------
Update Information:
This is an update that fixes many bugs (including crashes). For full list of bugs fixed see change logs that are shipped with packages (in /usr/share/doc/)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 15 2011 Jaroslav Åkarvada <jskarvad@xxxxxxxxxx> - 1:8.5.9-1
- New version 8.5.9
- Updated make patch
- Removed color patch (integrated upstream)
- Removed wmiconphoto-fix patch (integrated upstream)
- Fix xft detection (#677692)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #668788 - [abrt] tcl-1:8.5.8-2.fc14: TclGetNamespaceForQualName: Process /usr/bin/tclsh8.5 was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=668788
[ 2 ] Bug #652889 - [abrt] tk-1:8.5.8-2.fc14: Process /usr/bin/wish8.5 was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=652889
[ 3 ] Bug #671329 - [abrt] tk-1:8.5.8-2.fc14: reset: Process /usr/bin/wish8.5 was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=671329
[ 4 ] Bug #681263 - [abrt] tk-1:8.5.8-2.fc14: UnsetVarStruct: Process /usr/bin/wish8.5 was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=681263
--------------------------------------------------------------------------------
================================================================================
tzdata-2011b-3.fc14 (FEDORA-2011-3362)
Timezone data
--------------------------------------------------------------------------------
Update Information:
- Kemerovo oblast should use OMST/OMSST abbreviation.
- Update of historical stamps for Juneau, Sitka, and histcurrent stamps for Metlakatla. Sitka and Metlakatla are new zones.
- Delay end of DST in Chile in 2011 until first Sunday in April.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 4 2011 Petr Machata <pmachata@xxxxxxxxxx> - 2011b-3
- Kemerovo oblast should use OMST/OMSST abbreviation (tzdata-2011b-kemerovo.patch)
* Thu Mar 3 2011 Petr Machata <pmachata@xxxxxxxxxx> - 2011b-2
- Update of historical stamps for Juneau, Sitka, and histcurrent stamps
for Metlakatla. Sitka and Metlakatla are new zones.
- Delay end of DST in Chile in 2011 until first Sunday in April. (tzdata-2011b-c.patch)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #684840 - Summer time extended in Chile until April 2 this year
https://bugzilla.redhat.com/show_bug.cgi?id=684840
--------------------------------------------------------------------------------
================================================================================
tzdata-2011d-1.fc14 (FEDORA-2011-3376)
Timezone data
--------------------------------------------------------------------------------
Update Information:
- Change end of DST in Samoa in 2011.
- Change start of DST in Cuba in 2011.
- Move start of DST in Turkey by one day in 2011.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 15 2011 Petr Machata <pmachata@xxxxxxxxxx> - 2011d-1
- Upstream 2011d:
- Change end of DST in Samoa in 2011.
- Change start of DST in Cuba in 2011.
- Move start of DST in Turkey by one day in 2011.
- Dropped tzdata-2011b-c.patch
* Fri Mar 4 2011 Petr Machata <pmachata@xxxxxxxxxx> - 2011b-3
- Kemerovo oblast should use OMST/OMSST abbreviation (tzdata-2011b-kemerovo.patch)
* Thu Mar 3 2011 Petr Machata <pmachata@xxxxxxxxxx> - 2011b-2
- Update of historical stamps for Juneau, Sitka, and histcurrent stamps
for Metlakatla. Sitka and Metlakatla are new zones.
- Delay end of DST in Chile in 2011 until first Sunday in April. (tzdata-2011b-c.patch)
--------------------------------------------------------------------------------
================================================================================
v4l-utils-0.8.3-2.fc14 (FEDORA-2011-3386)
Utilities for video4linux and DVB devices
--------------------------------------------------------------------------------
Update Information:
v4l-utils is a new Fedora package. Note that v4l-utils is a new v4l / dvb utility bundle which includes libv4l, this package thus replaces libv4l (this change comes from upstream).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #671883 - Review Request: v4l-utils - Utilities for video4linux and DVB devices
https://bugzilla.redhat.com/show_bug.cgi?id=671883
--------------------------------------------------------------------------------
================================================================================
vifir-0.8-1.fc14 (FEDORA-2011-3387)
A viewer for electronic aviation charts
--------------------------------------------------------------------------------
Update Information:
Update to upstream vifir-0.8
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 14 2011 Dave Ludlow <dave@xxxxxxxxxx> - 0.8-1
- Clip airport elevations to 32,767 feet when importing X-Plane data
* Sun Mar 13 2011 Marek Kasik <mkasik@xxxxxxxxxx> - 0.7-8
- Rebuild (poppler-0.16.3)
* Mon Feb 7 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.7-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Sun Jan 2 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 0.7-6
- rebuild (poppler)
* Wed Dec 15 2010 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 0.7-5
- rebuild (poppler)
* Sat Nov 6 2010 Fabian Affolter <fabian@xxxxxxxxxxxxxxxxx> - 0.7-4
- rebuild (poppler)
* Thu Sep 30 2010 Fabian Affolter <fabian@xxxxxxxxxxxxxxxxx> - 0.7-3
- rebuild (poppler)
- Duplicated variable definitions removed
--------------------------------------------------------------------------------
================================================================================
visualvm-1.3.2-1.2.7.fc14 (FEDORA-2011-3392)
Lightweight profiler that integrates many command-line JDK tools
--------------------------------------------------------------------------------
Update Information:
updated for visualvm 1.3.2
updated to 1.3.1
fixed bugs pushing last version to unstable (https://bugzilla.redhat.com/show_bug.cgi?id=667314)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 8 2011 Jiri Vanek <jvanek@xxxxxxxxxx> - 1.3.2-1.2.7
- updated for vm 1.3.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #640205 - Review Request: visualvm - Lightweight profiler that integrates many command-line JDK tools
https://bugzilla.redhat.com/show_bug.cgi?id=640205
--------------------------------------------------------------------------------
================================================================================
xine-lib-1.1.19-2.fc14.2 (FEDORA-2011-3363)
A multimedia engine
--------------------------------------------------------------------------------
Update Information:
Drop broken ABI version modification patch from DirectFB, rebuild xine-lib against the fixed one.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 14 2011 Ville Skyttà <ville.skytta@xxxxxx> - 1.1.19-2.2
- Rebuild for new DirectFB (#673842).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #673842 - directfb-1.4.11-2.fc14 / xine-lib-1.1.19-2.fc14.1 broken
https://bugzilla.redhat.com/show_bug.cgi?id=673842
--------------------------------------------------------------------------------
================================================================================
xsettings-kde-0.12-3.fc14 (FEDORA-2011-3380)
XSettings Daemon for KDE
--------------------------------------------------------------------------------
Update Information:
This update to xsettings-kde ensures GTK+ applications running in KDE Plasma sessions automatically inherit the cursor theme set in KDE System Settings.
A previous update for kcm-gtk added a separate setting in KDE System Settings for the cursor theme for GTK+ applications. This duplicate option would now have no effect, so it has been removed. Use the cursor theme setting under Input Devices / Mouse in System Settings to set the cursor theme for all applications running in your KDE Plasma session, including GTK+ applications. (A session restart will be needed for the setting to take effect on GTK+ applications.)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 14 2011 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> - 0.12-3
- add support for Gtk/CursorThemeName (#591746)
- drop SVN checkout script, we have a tarball now
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.12-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Mon Feb 7 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.12-1
- 0.12
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #591746 - xsettings-kde should set Gtk/CursorThemeName based on the KDE setting
https://bugzilla.redhat.com/show_bug.cgi?id=591746
--------------------------------------------------------------------------------
================================================================================
znc-0.098-0.3.rc1.fc14 (FEDORA-2011-3360)
An advanced IRC bouncer
--------------------------------------------------------------------------------
Update Information:
Upgrade to 0.098-rc1
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 12 2011 Nick Bebout <nb@xxxxxxxxxxxxxxxxx> - 0.098-0.3.rc1
- Update to znc-0.098-rc1
--------------------------------------------------------------------------------
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
