Fedora 13 updates-testing report

updates@xxxxxxxxxxxxxxxxx · Sun, 10 Apr 2011 21:20:37 +0000

The following Fedora 13 Security updates need testing:

    https://admin.fedoraproject.org/updates/dbus-1.2.24-2.fc13
    https://admin.fedoraproject.org/updates/tor-0.2.1.29-1300.fc13
    https://admin.fedoraproject.org/updates/libxml2-2.7.7-2.fc13
    https://admin.fedoraproject.org/updates/proftpd-1.3.3e-1.fc13
    https://admin.fedoraproject.org/updates/nss-3.12.9-9.fc13
    https://admin.fedoraproject.org/updates/mediawiki-1.16.2-56.fc13
    https://admin.fedoraproject.org/updates/gdm-2.30.2-2.fc13
    https://admin.fedoraproject.org/updates/feh-1.10.1-1.fc13
    https://admin.fedoraproject.org/updates/perl-5.10.1-123.fc13
    https://admin.fedoraproject.org/updates/libtiff-3.9.4-4.fc13
    https://admin.fedoraproject.org/updates/quagga-0.99.18-1.fc13
    https://admin.fedoraproject.org/updates/openldap-2.4.21-12.fc13
    https://admin.fedoraproject.org/updates/dhcp-4.1.2-4.ESV.R2.fc13
    https://admin.fedoraproject.org/updates/seamonkey-2.0.13-1.fc13
    https://admin.fedoraproject.org/updates/libcgroup-0.35.1-5.fc13
    https://admin.fedoraproject.org/updates/python-feedparser-5.0.1-1.fc13
    https://admin.fedoraproject.org/updates/xorg-x11-server-utils-7.4-17.fc13
    https://admin.fedoraproject.org/updates/libvirt-0.8.2-6.fc13
    https://admin.fedoraproject.org/updates/tmux-1.4-3.fc13
    https://admin.fedoraproject.org/updates/fail2ban-0.8.4-27.fc13

The following Fedora 13 Critical Path updates have yet to be approved:

    https://admin.fedoraproject.org/updates/hunspell-1.2.8-19.fc13
    https://admin.fedoraproject.org/updates/xorg-x11-server-utils-7.4-17.fc13
    https://admin.fedoraproject.org/updates/dosfstools-3.0.9-5.fc13
    https://admin.fedoraproject.org/updates/perl-5.10.1-123.fc13
    https://admin.fedoraproject.org/updates/tzdata-2011d-3.fc13
    https://admin.fedoraproject.org/updates/policycoreutils-2.0.83-33.8.fc13
    https://admin.fedoraproject.org/updates/gdm-2.30.2-2.fc13
    https://admin.fedoraproject.org/updates/nss-3.12.9-9.fc13
    https://admin.fedoraproject.org/updates/libimobiledevice-1.0.6-1.fc13
    https://admin.fedoraproject.org/updates/PackageKit-0.6.6-3.fc13
    https://admin.fedoraproject.org/updates/NetworkManager-0.8.3.998-2.fc13
    https://admin.fedoraproject.org/updates/usbmuxd-1.0.7-1.fc13
    https://admin.fedoraproject.org/updates/libtiff-3.9.4-4.fc13
    https://admin.fedoraproject.org/updates/libnl-1.1-14.fc13
    https://admin.fedoraproject.org/updates/selinux-policy-3.7.19-101.fc13
    https://admin.fedoraproject.org/updates/libxml2-2.7.7-2.fc13
    https://admin.fedoraproject.org/updates/fuse-2.8.5-5.fc13
    https://admin.fedoraproject.org/updates/libcgroup-0.35.1-5.fc13
    https://admin.fedoraproject.org/updates/openldap-2.4.21-12.fc13
    https://admin.fedoraproject.org/updates/livecd-tools-13.2-1.fc13
    https://admin.fedoraproject.org/updates/lua-5.1.4-7.fc13
    https://admin.fedoraproject.org/updates/librsvg2-2.26.3-3.fc13
    https://admin.fedoraproject.org/updates/mobile-broadband-provider-info-1.20110218-1.fc13
    https://admin.fedoraproject.org/updates/file-5.04-7.fc13
    https://admin.fedoraproject.org/updates/system-config-users-1.2.107-1.fc13
    https://admin.fedoraproject.org/updates/python-ethtool-0.6-1.fc13
    https://admin.fedoraproject.org/updates/libical-0.46-2.fc13
    https://admin.fedoraproject.org/updates/mash-0.5.20-1.fc13
    https://admin.fedoraproject.org/updates/libfprint-0.3.0-1.fc13
    https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-7.fc13
    https://admin.fedoraproject.org/updates/lldpad-0.9.26-2.fc13

The following builds have been pushed to Fedora 13 updates-testing

    anki-1.2.8-1.fc13
    fail2ban-0.8.4-27.fc13
    gnash-0.8.9-3.fc13
    libisofs-1.0.6-1.fc13
    pam_shield-0.9.5-7.fc13
    pdfmerge-1.0.4-1.fc13
    seamonkey-2.0.13-1.fc13
    tmux-1.4-3.fc13

Details about builds:

================================================================================
 anki-1.2.8-1.fc13 (FEDORA-2011-5162)
 Flashcard program for using space repetition learning
--------------------------------------------------------------------------------
Update Information:

new upstream bugfix release 1.2.8:

* various minor bug fixes
* changelog: http://www.ankisrs.net/changes.html
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr  5 2011 Christian Krause <chkr@xxxxxxxxxxxxxxxxx> - 1.2.8-1
- Update to new upstream version 1.2.8 (BZ 691342)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #691342 - anki-1.2.8 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=691342
--------------------------------------------------------------------------------

================================================================================
 fail2ban-0.8.4-27.fc13 (FEDORA-2011-5151)
 Ban IPs that make too many password failures
--------------------------------------------------------------------------------
Update Information:

fail2ban used predictable /tmp files which a local user can allocate before fail2ban does. All tmp files have been moved to /var/lib/fail2ban. This also helps with selinux policies.

Another security related fix is that fail2ban defaulted to gamin which conflicts with selinux, so users had to typically choose between fail2ban and selinux. fail2ban now defaults to inotify (thanks to Jonathan Underwood).

There are also some minor bugs fixed:
* tmpfiles.d support for tmpfs /var/run
* example mail domains changed to normalized example.com.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Apr  9 2011 Axel Thimm <Axel.Thimm@xxxxxxxxxx> - 0.8.4-27
- Move tmp files to /var/lib (suggested by Phil Anderson).
- Enable inotify support (by Jonathan Underwood).
- Fixes RH bugs #669966, #669965, #551895, #552947, #658849, #656584.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #669966 - fail2ban can't work with tmp files
        https://bugzilla.redhat.com/show_bug.cgi?id=669966
  [ 2 ] Bug #669965 - unsafe use of /tmp
        https://bugzilla.redhat.com/show_bug.cgi?id=669965
  [ 3 ] Bug #551895 - RFE: Add patch to enable inotify support
        https://bugzilla.redhat.com/show_bug.cgi?id=551895
  [ 4 ] Bug #552947 - RFE: conform fail2ban example email sending domains to RFC 2606
        https://bugzilla.redhat.com/show_bug.cgi?id=552947
  [ 5 ] Bug #658849 - Please change fail2ban to not use gam_server
        https://bugzilla.redhat.com/show_bug.cgi?id=658849
  [ 6 ] Bug #656584 - Please Update Spec File to use %ghost on files in /var/run and /var/lock
        https://bugzilla.redhat.com/show_bug.cgi?id=656584
--------------------------------------------------------------------------------

================================================================================
 gnash-0.8.9-3.fc13 (FEDORA-2011-5154)
 GNU flash movie player
--------------------------------------------------------------------------------
ChangeLog:

* Sat Apr  9 2011 Hicham HAOUARI <hicham.haouari@xxxxxxxxx> - 1:0.8.9-3
- Fix rhbz #692779
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #692779 - [abrt] gnash-1:0.8.9-1.fc14: boost::mutex::lock(): Process /usr/bin/gtk-gnash was killed by signal 6 (SIGABRT)
        https://bugzilla.redhat.com/show_bug.cgi?id=692779
--------------------------------------------------------------------------------

================================================================================
 libisofs-1.0.6-1.fc13 (FEDORA-2011-5166)
 Library to create ISO 9660 disk images
--------------------------------------------------------------------------------
Update Information:

Changes towards previous version 1.0.4:

  * Burning DVD-R DAO with 2 kB size granularity rather than 32 kB
  * New API call burn_allow_drive_role_4()
--------------------------------------------------------------------------------
ChangeLog:

* Sun Apr 10 2011 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.0.6-1
- Upgrade to 1.0.6
--------------------------------------------------------------------------------

================================================================================
 pam_shield-0.9.5-7.fc13 (FEDORA-2011-5168)
 Pam Shield - A pam module to counter brute force attacks
--------------------------------------------------------------------------------
Update Information:

packing fixes
added %{optflags}

added %{optflags}

added %{optflags}

added %{optflags}

added %{optflags}

--------------------------------------------------------------------------------
ChangeLog:

* Sun Apr 10 2011 Carl Thompson <fedora@xxxxxxxxxxxxxx> 0.9.5-7
- restored /var/lib/pam_shield to 700
* Sat Apr  9 2011 Carl Thompson <fedora@xxxxxxxxxxxxxx> 0.9.5-6
- fixed the permissions duplications
- changed permissions on /var/lib/pam_shield to 755
- changed permissions on pam_shield.so to 755
- removed -s flag from install command to preserve
- debuginfo data
* Fri Apr  8 2011 Carl Thompson <fedora@xxxxxxxxxxxxxx> 0.9.5-5
- fixed issues with my implementation of %{optflags}
- this in turn fixed the empty -debug package
* Thu Apr  7 2011 Carl Thompson <fedora@xxxxxxxxxxxxxx> 0.9.5-4
- fixed a typo in previous release in %build section
* Thu Apr  7 2011 Carl Thompson <fedora@xxxxxxxxxxxxxx> 0.9.5-3
- updated %build section with %{optflags}
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #694557 - pam_shield not built with $RPM_OPT_FLAGS
        https://bugzilla.redhat.com/show_bug.cgi?id=694557
  [ 2 ] Bug #691153 - Review Request: pam_shield - pam module to block brute force attacks
        https://bugzilla.redhat.com/show_bug.cgi?id=691153
--------------------------------------------------------------------------------

================================================================================
 pdfmerge-1.0.4-1.fc13 (FEDORA-2011-5170)
 Command line utility program for merging PDF files
--------------------------------------------------------------------------------
Update Information:

This update brings the new pdfmerge 1.0.4 to you which fixes some issues and improves the handling of pdfmerge.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Apr 10 2011 Dominic Hopf <dmaphy@xxxxxxxxxxxxxxxxx> - 1.0.4-1
- new upstream release
--------------------------------------------------------------------------------

================================================================================
 seamonkey-2.0.13-1.fc13 (FEDORA-2011-5161)
 Web browser, e-mail, news, IRC client, HTML editor
--------------------------------------------------------------------------------
Update Information:

Adds a few certificates to the blacklist.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Apr  9 2011 Christopher Aillon <caillon@xxxxxxxxxx> 2.0.13-1
- Update to 2.0.13
--------------------------------------------------------------------------------

================================================================================
 tmux-1.4-3.fc13 (FEDORA-2011-5156)
 A terminal multiplexer
--------------------------------------------------------------------------------
Update Information:

tmux didn't drop group privileges correctly in all cases.

This is fixed by using an updated patch originating from the debian tmux package.

Fixes RHBZ #694563, CVE-2011-1496
--------------------------------------------------------------------------------
ChangeLog:

* Sun Apr 10 2011 Sven Lankes <sven@xxxxxxx> 1.4-3
- Fix CVE-2011-1496
- Fixes rhbz #693824
* Wed Feb  9 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #694563 - CVE-2011-1496 tmux does not drop group tmux privileges properly [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=694563
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe: 
https://admin.fedoraproject.org/mailman/listinfo/test