Fedora 14 updates-testing report

updates@xxxxxxxxxxxxxxxxx · Sun, 10 Apr 2011 21:20:30 +0000

The following Fedora 14 Security updates need testing:

    https://admin.fedoraproject.org/updates/libvirt-0.8.3-9.fc14
    https://admin.fedoraproject.org/updates/couchdb-1.0.2-1.fc14
    https://admin.fedoraproject.org/updates/mediawiki-1.16.2-56.fc14
    https://admin.fedoraproject.org/updates/xorg-x11-server-utils-7.5-5.fc14
    https://admin.fedoraproject.org/updates/nss-3.12.9-9.fc14
    https://admin.fedoraproject.org/updates/tor-0.2.1.29-1400.fc14
    https://admin.fedoraproject.org/updates/openldap-2.4.23-10.fc14
    https://admin.fedoraproject.org/updates/logrotate-3.7.9-2.fc14
    https://admin.fedoraproject.org/updates/feh-1.10.1-1.fc14
    https://admin.fedoraproject.org/updates/avahi-0.6.27-6.fc14
    https://admin.fedoraproject.org/updates/quagga-0.99.18-1.fc14
    https://admin.fedoraproject.org/updates/perl-5.12.3-143.fc14
    https://admin.fedoraproject.org/updates/seamonkey-2.0.13-1.fc14
    https://admin.fedoraproject.org/updates/proftpd-1.3.3e-1.fc14
    https://admin.fedoraproject.org/updates/exim-4.72-2.fc14
    https://admin.fedoraproject.org/updates/python-feedparser-5.0.1-1.fc14
    https://admin.fedoraproject.org/updates/dhcp-4.2.0-21.P2.fc14
    https://admin.fedoraproject.org/updates/tmux-1.4-3.fc14
    https://admin.fedoraproject.org/updates/fail2ban-0.8.4-27.fc14

The following Fedora 14 Critical Path updates have yet to be approved:

    https://admin.fedoraproject.org/updates/xorg-x11-server-utils-7.5-5.fc14
    https://admin.fedoraproject.org/updates/dosfstools-3.0.9-6.fc14
    https://admin.fedoraproject.org/updates/grep-2.7-2.fc14
    https://admin.fedoraproject.org/updates/perl-5.12.3-143.fc14
    https://admin.fedoraproject.org/updates/kernel-2.6.35.12-88.fc14
    https://admin.fedoraproject.org/updates/audit-2.1-1.fc14
    https://admin.fedoraproject.org/updates/policycoreutils-2.0.85-28.fc14
    https://admin.fedoraproject.org/updates/gdb-7.2-51.fc14
    https://admin.fedoraproject.org/updates/libimobiledevice-1.0.6-1.fc14
    https://admin.fedoraproject.org/updates/libconcord-0.23-5.fc14,udev-161-9.fc14,concordance-0.23-2.fc14
    https://admin.fedoraproject.org/updates/usbmuxd-1.0.7-1.fc14
    https://admin.fedoraproject.org/updates/libnl-1.1-14.fc14
    https://admin.fedoraproject.org/updates/openldap-2.4.23-10.fc14
    https://admin.fedoraproject.org/updates/avahi-0.6.27-6.fc14
    https://admin.fedoraproject.org/updates/mobile-broadband-provider-info-1.20110218-1.fc14
    https://admin.fedoraproject.org/updates/xorg-x11-drv-geode-2.11.11-4.fc14

The following builds have been pushed to Fedora 14 updates-testing

    fail2ban-0.8.4-27.fc14
    fbzx-2.5.0-1.fc14
    gnash-0.8.9-3.fc14
    identicurse-0.7.1-1.fc14
    libisofs-1.0.6-1.fc14
    nikto-2.1.4-2.fc14
    pam_shield-0.9.5-7.fc14
    pdfmerge-1.0.4-1.fc14
    qsynth-0.3.6-1.fc14
    rubygem-heroku-1.20.1-1.fc14
    seamonkey-2.0.13-1.fc14
    tmux-1.4-3.fc14

Details about builds:

================================================================================
 fail2ban-0.8.4-27.fc14 (FEDORA-2011-5153)
 Ban IPs that make too many password failures
--------------------------------------------------------------------------------
Update Information:

fail2ban used predictable /tmp files which a local user can allocate before fail2ban does. All tmp files have been moved to /var/lib/fail2ban. This also helps with selinux policies.

Another security related fix is that fail2ban defaulted to gamin which conflicts with selinux, so users had to typically choose between fail2ban and selinux. fail2ban now defaults to inotify (thanks to Jonathan Underwood).

There are also some minor bugs fixed:
* tmpfiles.d support for tmpfs /var/run
* example mail domains changed to normalized example.com.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Apr  9 2011 Axel Thimm <Axel.Thimm@xxxxxxxxxx> - 0.8.4-27
- Move tmp files to /var/lib (suggested by Phil Anderson).
- Enable inotify support (by Jonathan Underwood).
- Fixes RH bugs #669966, #669965, #551895, #552947, #658849, #656584.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #669966 - fail2ban can't work with tmp files
        https://bugzilla.redhat.com/show_bug.cgi?id=669966
  [ 2 ] Bug #669965 - unsafe use of /tmp
        https://bugzilla.redhat.com/show_bug.cgi?id=669965
  [ 3 ] Bug #551895 - RFE: Add patch to enable inotify support
        https://bugzilla.redhat.com/show_bug.cgi?id=551895
  [ 4 ] Bug #552947 - RFE: conform fail2ban example email sending domains to RFC 2606
        https://bugzilla.redhat.com/show_bug.cgi?id=552947
  [ 5 ] Bug #658849 - Please change fail2ban to not use gam_server
        https://bugzilla.redhat.com/show_bug.cgi?id=658849
  [ 6 ] Bug #656584 - Please Update Spec File to use %ghost on files in /var/run and /var/lock
        https://bugzilla.redhat.com/show_bug.cgi?id=656584
--------------------------------------------------------------------------------

================================================================================
 fbzx-2.5.0-1.fc14 (FEDORA-2011-5158)
 A ZX Spectrum emulator for FrameBuffer
--------------------------------------------------------------------------------
Update Information:

Allows to insert POKE values. Emulates B&W TV sets. Allows to load and save SCR snapshots.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Apr  7 2011 Andrea Musuruane <musuruan@xxxxxxxxx> 2.5.0-1
- Updated to new upstream release
--------------------------------------------------------------------------------

================================================================================
 gnash-0.8.9-3.fc14 (FEDORA-2011-5157)
 GNU flash movie player
--------------------------------------------------------------------------------
ChangeLog:

* Sat Apr  9 2011 Hicham HAOUARI <hicham.haouari@xxxxxxxxx> - 1:0.8.9-3
- Fix rhbz #692779
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #692779 - [abrt] gnash-1:0.8.9-1.fc14: boost::mutex::lock(): Process /usr/bin/gtk-gnash was killed by signal 6 (SIGABRT)
        https://bugzilla.redhat.com/show_bug.cgi?id=692779
--------------------------------------------------------------------------------

================================================================================
 identicurse-0.7.1-1.fc14 (FEDORA-2011-5165)
 Curses based Status.net client
--------------------------------------------------------------------------------
Update Information:

 - Bugfixes for:
      - HOME/END do not work in input box.
      - HTML entities are not expanded when encountered during remote notice expansion.
      - All known remaining reflowing bugs.
      - IdentiCurse crashes on very fast resizing of window.
      - IdentiCurse crashes when certain Unicode characters are present in a notice and are not supported by the user's system.
      - Notice time/date is displayed incorrectly when the instance has non-zero offset in its timestrings.
      - IdentiCurse crashes on attempting to view the profile of a non-existent user.
      - Spaces are discarded when at the start/end of lines in multi-line input box.

--------------------------------------------------------------------------------
ChangeLog:

--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #676241 - [abrt] identicurse-0.6.3-1.fc14: identicurse.py:714:parse_input:NameError: global name 'statusnet' is not defined
        https://bugzilla.redhat.com/show_bug.cgi?id=676241
  [ 2 ] Bug #676271 - [abrt] identicurse-0.6.3-1.fc14: statusnet.py:59:__makerequest:StatusNetError: Error 400: Only accept AtomPub for Atom feeds.
        https://bugzilla.redhat.com/show_bug.cgi?id=676271
  [ 3 ] Bug #676795 - [abrt] identicurse-0.6.3-1.fc14: wrapper.py:49:wrapper:error: nocbreak() returned ERR
        https://bugzilla.redhat.com/show_bug.cgi?id=676795
  [ 4 ] Bug #679323 - [abrt] identicurse-0.6.4-1.fc14: identicurse.py:425:loop:TypeError: ord() expected a character, but string of length 2 found
        https://bugzilla.redhat.com/show_bug.cgi?id=679323
  [ 5 ] Bug #694056 - [abrt] identicurse-0.6.4-1.fc15: identicurse.py:514:loop:AttributeError: 'Help' object has no attribute 'chosen_one'
        https://bugzilla.redhat.com/show_bug.cgi?id=694056
--------------------------------------------------------------------------------

================================================================================
 libisofs-1.0.6-1.fc14 (FEDORA-2011-5159)
 Library to create ISO 9660 disk images
--------------------------------------------------------------------------------
Update Information:

Changes towards previous version 1.0.4:

  * Burning DVD-R DAO with 2 kB size granularity rather than 32 kB
  * New API call burn_allow_drive_role_4()
--------------------------------------------------------------------------------
ChangeLog:

* Sun Apr 10 2011 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.0.6-1
- Upgrade to 1.0.6
--------------------------------------------------------------------------------

================================================================================
 nikto-2.1.4-2.fc14 (FEDORA-2011-5155)
 Web server scanner
--------------------------------------------------------------------------------
Update Information:

Bump to new bugfix release
--------------------------------------------------------------------------------
ChangeLog:

* Sat Apr  9 2011 Michal Ambroz <rebus AT seznam.cz> - 1:2.1.4-2
- Fix the default config file
* Mon Mar 28 2011 Michal Ambroz <rebus AT seznam.cz> - 1:2.1.4-1
- Version bump
* Sun Sep 12 2010 Michal Ambroz <rebus AT seznam.cz> - 1:2.1.3-1
- Version bump
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #632931 - nikto - new version 2.1.4 released
        https://bugzilla.redhat.com/show_bug.cgi?id=632931
--------------------------------------------------------------------------------

================================================================================
 pam_shield-0.9.5-7.fc14 (FEDORA-2011-5164)
 Pam Shield - A pam module to counter brute force attacks
--------------------------------------------------------------------------------
Update Information:

packing fixes
added %{optflags}

added %{optflags}

added %{optflags}

added %{optflags}

added %{optflags}

--------------------------------------------------------------------------------
ChangeLog:

* Sun Apr 10 2011 Carl Thompson <fedora@xxxxxxxxxxxxxx> 0.9.5-7
- restored /var/lib/pam_shield to 700
* Sat Apr  9 2011 Carl Thompson <fedora@xxxxxxxxxxxxxx> 0.9.5-6
- fixed the permissions duplications
- changed permissions on /var/lib/pam_shield to 755
- changed permissions on pam_shield.so to 755
- removed -s flag from install command to preserve
- debuginfo data
* Fri Apr  8 2011 Carl Thompson <fedora@xxxxxxxxxxxxxx> 0.9.5-5
- fixed issues with my implementation of %{optflags}
- this in turn fixed the empty -debug package
* Thu Apr  7 2011 Carl Thompson <fedora@xxxxxxxxxxxxxx> 0.9.5-4
- fixed a typo in previous release in %build section
* Thu Apr  7 2011 Carl Thompson <fedora@xxxxxxxxxxxxxx> 0.9.5-3
- updated %build section with %{optflags}
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #694557 - pam_shield not built with $RPM_OPT_FLAGS
        https://bugzilla.redhat.com/show_bug.cgi?id=694557
  [ 2 ] Bug #691153 - Review Request: pam_shield - pam module to block brute force attacks
        https://bugzilla.redhat.com/show_bug.cgi?id=691153
--------------------------------------------------------------------------------

================================================================================
 pdfmerge-1.0.4-1.fc14 (FEDORA-2011-5160)
 Command line utility program for merging PDF files
--------------------------------------------------------------------------------
Update Information:

This update brings the new pdfmerge 1.0.4 to you which fixes some issues and improves the handling of pdfmerge.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Apr 10 2011 Dominic Hopf <dmaphy@xxxxxxxxxxxxxxxxx> - 1.0.4-1
- new upstream release
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------

================================================================================
 qsynth-0.3.6-1.fc14 (FEDORA-2011-5163)
 Qt based Fluidsynth GUI front end
--------------------------------------------------------------------------------
Update Information:

- Main window layout fixing with regard to its user preferred size and recall when system-tray icon is not enabled.
- Channels list preset items now activated on double-click.
- Desktop environment session shutdown (eg. logout) is now tapped for graceful application exit, even though the main window is active (visible) and minimizing to system tray is enabled. Both were causing first shutdown/logout attempt to abort. Not anymore, hopefully ;).
- General standard dialog buttons layout is now in place.
- Fixed a couple of dangling pointers.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Apr  9 2011 Orcan Ogetbil <oget[DOT]fedora[AT]gmail[DOT]com> 0.3.6-1
- Update to 0.3.6
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.3.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------

================================================================================
 rubygem-heroku-1.20.1-1.fc14 (FEDORA-2011-5169)
 Client library and CLI to deploy Rails apps on Heroku
--------------------------------------------------------------------------------
Update Information:

- Updated heroku to latest upstream release (v.1.20.1 07/04/2011)

Update to upstream.
Deploy apps to Heroku

--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #661436 - Review Request: rubygem-heroku - deploy apps to Heroku
        https://bugzilla.redhat.com/show_bug.cgi?id=661436
--------------------------------------------------------------------------------

================================================================================
 seamonkey-2.0.13-1.fc14 (FEDORA-2011-5152)
 Web browser, e-mail, news, IRC client, HTML editor
--------------------------------------------------------------------------------
Update Information:

Adds a few certificates to the blacklist.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Apr  9 2011 Christopher Aillon <caillon@xxxxxxxxxx> 2.0.13-1
- Update to 2.0.13
--------------------------------------------------------------------------------

================================================================================
 tmux-1.4-3.fc14 (FEDORA-2011-5167)
 A terminal multiplexer
--------------------------------------------------------------------------------
Update Information:

tmux didn't drop group privileges correctly in all cases.

This is fixed by using an updated patch originating from the debian tmux package.

Fixes RHBZ #694563, CVE-2011-1496
--------------------------------------------------------------------------------
ChangeLog:

* Sun Apr 10 2011 Sven Lankes <sven@xxxxxxx> 1.4-3
- Fix CVE-2011-1496
- Fixes rhbz #693824
* Wed Feb  9 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #694563 - CVE-2011-1496 tmux does not drop group tmux privileges properly [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=694563
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe: 
https://admin.fedoraproject.org/mailman/listinfo/test