The following Fedora 13 Security updates need testing: https://admin.fedoraproject.org/updates/libvirt-0.8.2-3.fc13 https://admin.fedoraproject.org/updates/dbus-1.2.24-2.fc13 https://admin.fedoraproject.org/updates/krb5-1.7.1-18.fc13 https://admin.fedoraproject.org/updates/tor-0.2.1.29-1300.fc13 https://admin.fedoraproject.org/updates/php-pear-1.9.2-1.fc13 https://admin.fedoraproject.org/updates/libxml2-2.7.7-2.fc13 https://admin.fedoraproject.org/updates/dhcp-4.1.2-2.ESV.R1.fc13 https://admin.fedoraproject.org/updates/openldap-2.4.21-12.fc13 https://admin.fedoraproject.org/updates/php-5.3.6-1.fc13,maniadrive-1.2-27.fc13,php-eaccelerator-0.9.6.1-6.fc13 https://admin.fedoraproject.org/updates/389-admin-1.1.15-1.fc13 https://admin.fedoraproject.org/updates/gnash-0.8.9-1.fc13 https://admin.fedoraproject.org/updates/phpMyAdmin-3.3.10-1.fc13 https://admin.fedoraproject.org/updates/libcgroup-0.35.1-5.fc13 https://admin.fedoraproject.org/updates/wordpress-3.1-1.fc13 https://admin.fedoraproject.org/updates/feh-1.10.1-1.fc13 https://admin.fedoraproject.org/updates/postfix-2.7.3-1.fc13 https://admin.fedoraproject.org/updates/mhonarc-2.6.18-3.fc13 The following Fedora 13 Critical Path updates have yet to be approved: https://admin.fedoraproject.org/updates/selinux-policy-3.7.19-101.fc13 https://admin.fedoraproject.org/updates/policycoreutils-2.0.83-33.4.fc13 https://admin.fedoraproject.org/updates/tzdata-2011d-1.fc13 https://admin.fedoraproject.org/updates/tzdata-2011b-3.fc13 https://admin.fedoraproject.org/updates/perl-ExtUtils-XSpp-0.15-2.fc13,perl-5.10.1-122.fc13,perl-Wx-0.98-5.fc13 https://admin.fedoraproject.org/updates/libxml2-2.7.7-2.fc13 https://admin.fedoraproject.org/updates/fuse-2.8.5-5.fc13 https://admin.fedoraproject.org/updates/NetworkManager-0.8.3.997-1.fc13 https://admin.fedoraproject.org/updates/libcgroup-0.35.1-5.fc13 https://admin.fedoraproject.org/updates/openldap-2.4.21-12.fc13 https://admin.fedoraproject.org/updates/livecd-tools-13.2-1.fc13 https://admin.fedoraproject.org/updates/lua-5.1.4-7.fc13 https://admin.fedoraproject.org/updates/librsvg2-2.26.3-3.fc13 https://admin.fedoraproject.org/updates/mobile-broadband-provider-info-1.20110218-1.fc13 https://admin.fedoraproject.org/updates/dosfstools-3.0.9-4.fc13 https://admin.fedoraproject.org/updates/file-5.04-7.fc13 https://admin.fedoraproject.org/updates/system-config-users-1.2.107-1.fc13 https://admin.fedoraproject.org/updates/python-ethtool-0.6-1.fc13 https://admin.fedoraproject.org/updates/libical-0.46-2.fc13 https://admin.fedoraproject.org/updates/mash-0.5.20-1.fc13 https://admin.fedoraproject.org/updates/libfprint-0.3.0-1.fc13 https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-7.fc13 https://admin.fedoraproject.org/updates/lldpad-0.9.26-2.fc13 The following builds have been pushed to Fedora 13 updates-testing bzr-2.1.3-1.fc13 mfiler3-4.2.5-1.fc13 phpMyAdmin-3.3.10-1.fc13 saphire-1.3.5-1.fc13 ufraw-0.18-2.fc13 wordpress-3.1-1.fc13 zarafa-6.40.6-1.fc13 Details about builds: ================================================================================ bzr-2.1.3-1.fc13 (FEDORA-2011-3752) Friendly distributed version control system -------------------------------------------------------------------------------- Update Information: Upstream 2.1.3 bugfix release -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 20 2011 Henrik Nordstrom <henrik@xxxxxxxxxxxxxxxxxxx> - 2.1.3-1 - Upstream 2.1.3 bugfix release -------------------------------------------------------------------------------- ================================================================================ mfiler3-4.2.5-1.fc13 (FEDORA-2011-3744) Two pane file manager under UNIX console -------------------------------------------------------------------------------- Update Information: New version saphire 1.3.5 / mfiler3 4.2.5 are released. -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 20 2011 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxx> - 4.2.5-1 - 4.2.5 -------------------------------------------------------------------------------- ================================================================================ phpMyAdmin-3.3.10-1.fc13 (FEDORA-2011-3733) Web based MySQL browser written in php -------------------------------------------------------------------------------- Update Information: Changes for 3.3.10.0 (2011-03-19) - [structure] Aria table size printed as unknown, thanks to erickoh75 - erickoh75 - [structure] Ordering by size gives incorrect results, thanks to Madhura Jayaratne - madhuracj - [core] 0 row(s) affected - [core] Edit relational page and page number - [security] Minor security fixes, see PMASA-2010-9 and PMASA-2010-10 - [lang] German update, thanks to jannicars@xxxxxxxxxxxxxxxxxxxxxx -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 21 2011 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 3.3.10-1 - Upstream released 3.3.10 (#661335, #662366, #662367, #689213) -------------------------------------------------------------------------------- References: [ 1 ] Bug #661335 - CVE-2010-4480 phpMyAdmin: XSS vulnerability via crafted BBCode tag in error.php https://bugzilla.redhat.com/show_bug.cgi?id=661335 [ 2 ] Bug #662366 - CVE-2010-4481 phpMyAdmin: information disclosure flaw (PMASA-2010-10) https://bugzilla.redhat.com/show_bug.cgi?id=662366 -------------------------------------------------------------------------------- ================================================================================ saphire-1.3.5-1.fc13 (FEDORA-2011-3744) Yet another shell -------------------------------------------------------------------------------- Update Information: New version saphire 1.3.5 / mfiler3 4.2.5 are released. -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 20 2011 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxx> - 1.3.5-1 - 1.3.5 -------------------------------------------------------------------------------- ================================================================================ ufraw-0.18-2.fc13 (FEDORA-2011-3745) Raw image data retrieval tool for digital cameras -------------------------------------------------------------------------------- Update Information: New Traditional Chinese translation, update to dcraw-9.06 base which has bug fixes and support for new models: Nikon D3100 & D7000 & P7000, Panasonic FZ40 & FZ100 & LX5, Samsung WB2000, Nokia X2, Canon SX120 & PowerShot G12, Hasselblad H4D, Pentax 645D & K-5 & K-r, Sony SLT-A33 & SLT-A55V -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 15 2011 Nils Philippsen <nils@xxxxxxxxxx> - 0.18-2 - fix crash when loading dark frame (#683199) * Fri Mar 4 2011 Nils Philippsen <nils@xxxxxxxxxx> - 0.18-1 - version 0.18 - add/update versioned build requirements * Mon Feb 7 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.17-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild * Sun Jan 2 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 0.17-3 - rebuild (exiv2) * Fri Dec 3 2010 Nils Philippsen <nils@xxxxxxxxxx> - 0.17-2 - rebuild (exiv2) -------------------------------------------------------------------------------- References: [ 1 ] Bug #683199 - [abrt] ufraw-0.18-1.fc14: Process /usr/bin/ufraw was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=683199 -------------------------------------------------------------------------------- ================================================================================ wordpress-3.1-1.fc13 (FEDORA-2011-3738) WordPress blogging software -------------------------------------------------------------------------------- Update Information: In order to protect against two CVEs*, I'm upgrading Wordpress in all releases to 3.1. In addition, this will obsolete wordpress-mu, since this functionality has been migrated to the main wordpress release as of wordpress 3.0, and wordpress-mu has been deprecated upstream. I would not normally make so drastic a change on any stable release, especially EPEL, but backporting patches to the 2.x series is becoming increasingly unmaintainable. This is already done for rawhide and F15, and I intend to build for F13, F14, EL5 and EL6 today, and send them to testing, and then push to stable one the appropriate period has elapsed. Please redistribute this to anyone you know who might be affected and may not be on this list. Thank you, Jon * https://bugzilla.redhat.com/show_bug.cgi?id=687909 https://bugzilla.redhat.com/show_bug.cgi?id=687911 -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 23 2011 Jon Ciesla <limb@xxxxxxxxxxxx> - 3.1-1 - 3.1. * Mon Feb 7 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.0.4-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #687909 - CVE-2011-0700 CVE-2011-0701 wordpress: multiple vulnerabilities corrected in 3.0.5 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=687909 -------------------------------------------------------------------------------- ================================================================================ zarafa-6.40.6-1.fc13 (FEDORA-2011-3753) Open Source Edition of the Zarafa Collaboration Platform -------------------------------------------------------------------------------- Update Information: Changelog 6.40.6 final [25584] ============================== Backend: - Feature #6630: Zarafa-gateway hostname in greeting. - Feature #6950: Added more logging to spooler, dagent server and Outlook client. - Fix #6730: Error in server.log: SQL Failed: Mixing of GROUP columns. - Fix #7068: Indexer not used for searches in shared folders. - Fix #7152: unable to run zarafa-msr. - Fix #7156: Zarafa-msr does not work on a 6.40.6 server (non-unicode). - Fix #6774: BES license check fails. - Fix #6810: Some fields are not shown in the GAB contact details. - Fix #7056: Merge mail store relocator for 6.40. - Fix #7112: Rules are not working any more after store relocated via zarafa-msr. - Fix #7116: Webaccess still destubed archived messages the wrong way. - Fix #7124: Permissions on store are missing after msr move action. - Fix #7126: Windows 7 ssl shows cert accept dialogue or can not create profile. - Fix #7146: zarafa-msr has no man-page. - Fix #6876: zarafa-admin/outlook crash with ldap attribute 0x3A4E001E. - Fix #7111: Zarafa-msr will not migrate WebAccess settings and out of office settings. - Fix #7058 Upgrading from 6.40.4 to 6.40.5 can break the rules. - Fix #6067: Installer does not install the indexer or checks if initscript is available to enable. - Fix #7079: Segfault Zarafa-indexer 6.40.5.(Rare occasion). - Fix #7028: Zarafa-indexer still fails in certain cases when index_sync_stream is enabled. - Fix #7098: Message stay in the outbox with cached mode. - Fix #7072: No error given when wrong options are in the admin.cfg. - Fix #7039: Unable to dismiss specific reminders. - Fix #7030: Mac Ical cannot work with German(non English) folder names. - Fix #6964: Search on attachment content in Sent Items of Outlook 2007 will show no results. - Fix #6887: Segfault zarafa-server 6.40.4. (Rare occasion). - Fix #6165: Recursive restore does not stop on error. - Fix #6326: caldav: Deleted appointments are still shown in sunbird. - Fix #6825: ZARAFA_USERSCRIPT_LOCALE is not defined in any configuration file when using Debian. - Fix #6858: migration with exchange, RTF mail with large body crashes. - Fix #6891: Memleak in spooler, introduced in [15597]. - Fix #6901: php-ext: don't use short tags in library classes. - Fix #6913: Spooler log contains "BUG: invalid data in OutgoingQueue" notifications. - Fix #6915: Zarafa-dagent.cfg(5) manpage missing in deb packages. - Fix #6930: Installer gives false errors on Ubuntu / Debian. - Fix #6937: IMAP literal problem. - Fix #7007: Error in include configfile gives wrong error on screen. Webaccess: - Fix #5939: Possible to execute shell commands with WebAccess - Fix #7138: Tasks requests with umlauts in body will break. - Fix #5962: Dropdown box Zoom in MUC does not work in Safari and Chromium. - Fix #7022: Meting request occurence can be changed by an attendee without permission from the organizer. - Fix #6425: Script error pop-up when adding categories to email. - Fix #6461: Caldav: reminder times in sunbird/lightning are different than in WebAccess - Fix #6484: Switching weeks in you calendar with arrow top right will show empty calendar if you have all day event. - Fix #6589: Limit the TO field in print view of email always to 1 line (max 20 addresses). - Fix #6838: Cannot open task request message with preview pane off or bottom view. - Fix #6864: Convert to task doesn't set default priority. - Fix #6910: Folder list view is not set to last opened folder if scrollbar is present. - Fix #6948: Unsaved appointment print dialog doesn't show anything, and never stops loading. - Fix #6951: Rename convert to task to "Create task from email" for better understanding of the function. - Fix #6952: Webaccess in en_US language will still show military time format in print overview. - Fix #6992: Using the edit as new option in your Sent Items twice does not work, it will edit the first message. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 21 2011 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 6.40.6-1 - Upgrade to 6.40.6 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test