The following Fedora 14 Security updates need testing: https://admin.fedoraproject.org/updates/couchdb-1.0.2-1.fc14 https://admin.fedoraproject.org/updates/mediawiki-1.16.2-56.fc14 https://admin.fedoraproject.org/updates/xorg-x11-server-utils-7.5-5.fc14 https://admin.fedoraproject.org/updates/tor-0.2.1.29-1400.fc14 https://admin.fedoraproject.org/updates/openldap-2.4.23-10.fc14 https://admin.fedoraproject.org/updates/feh-1.10.1-1.fc14 https://admin.fedoraproject.org/updates/avahi-0.6.27-6.fc14 https://admin.fedoraproject.org/updates/libmodplug-0.8.8.2-1.fc14 https://admin.fedoraproject.org/updates/seamonkey-2.0.13-1.fc14 https://admin.fedoraproject.org/updates/proftpd-1.3.3e-1.fc14 https://admin.fedoraproject.org/updates/libtiff-3.9.5-1.fc14 https://admin.fedoraproject.org/updates/darktable-0.8-7.fc14.1,exiv2-0.21.1-1.fc14,geeqie-1.0-9.fc14.1,gipfel-0.3.2-7.fc14,gnome-commander-1.2.8.10-1.fc14.1,gpscorrelate-1.6.1-3.fc14,gthumb-2.12.2-1.fc14.2,hugin-2010.2.0-2.fc14,immix-1.3.2-10.fc14,kde-l10n-4.6.2-1.fc14.1,kdeaccessibility-4.6.2-1.fc14,kdeadmin-4.6.2-2.fc14,kdeartwork-4.6.2-1.fc14,kdebase-4.6.2-1.fc14,kdebase-runtime-4.6.2-1.fc14,kdebase-workspace-4.6.2-2.fc14,kdebindings-4.6.2-1.fc14,kdeedu-4.6.2-1.fc14,kdegames-4.6.2-1.fc14,kdegraphics-4.6.2-1.fc14,kdelibs-4.6.2-1.fc14,kdemultimedia-4.6.2-1.fc14,kdenetwork-4.6.2-1.fc14,kdepimlibs-4.6.2-1.fc14,kdeplasma-addons-4.6.2-1.fc14,kdesdk-4.6.2-1.fc14,kdetoys-4.6.2-1.fc14,kdeutils-4.6.2-1.fc14,koffice-2.3.3-1.fc14.1,kphotoalbum-4.1.1-8.fc14,krename-4.0.7-2.fc14,libextractor-0.6.2-1402.fc14,libgexiv2-0.2.2-2.fc14,merkaartor-0.17.2-2.fc14,oxygen-icon-theme-4.6.2-1.fc14,pyexiv2-0.3.0-1.fc14,qtpfsgui-1.9.3-6.fc14,rawstudio-2.0-0.1.fc14.beta1.1,shotwell-0.8.1-3.fc14,strigi-0.7.2-5.fc14.1,ufraw-0.18-2.fc14.1 https://admin.fedoraproject.org/updates/python-feedparser-5.0.1-1.fc14 https://admin.fedoraproject.org/updates/ikiwiki-3.20110328-1.fc14 https://admin.fedoraproject.org/updates/tmux-1.4-3.fc14 https://admin.fedoraproject.org/updates/fail2ban-0.8.4-27.fc14 The following Fedora 14 Critical Path updates have yet to be approved: https://admin.fedoraproject.org/updates/less-436-11.fc14 https://admin.fedoraproject.org/updates/python-ethtool-0.7-2.fc14 https://admin.fedoraproject.org/updates/libtiff-3.9.5-1.fc14 https://admin.fedoraproject.org/updates/nss-3.12.9-10.fc14 https://admin.fedoraproject.org/updates/pygtk2-2.17.0-8.fc14 https://admin.fedoraproject.org/updates/xorg-x11-drv-nouveau-0.0.16-14.20101010git8c8f15c.fc14 https://admin.fedoraproject.org/updates/dosfstools-3.0.9-6.fc14 https://admin.fedoraproject.org/updates/libimobiledevice-1.0.6-1.fc14 https://admin.fedoraproject.org/updates/libconcord-0.23-5.fc14,udev-161-9.fc14,concordance-0.23-2.fc14 https://admin.fedoraproject.org/updates/usbmuxd-1.0.7-1.fc14 https://admin.fedoraproject.org/updates/openldap-2.4.23-10.fc14 https://admin.fedoraproject.org/updates/avahi-0.6.27-6.fc14 https://admin.fedoraproject.org/updates/mobile-broadband-provider-info-1.20110218-1.fc14 https://admin.fedoraproject.org/updates/xorg-x11-drv-geode-2.11.11-4.fc14 The following builds have been pushed to Fedora 14 updates-testing dexter-0.18-3.fc14 garmin-sync-0.3-4.fc14 hivex-1.2.5-1.fc14 klatexformula-3.2.3-2.fc14 less-436-11.fc14 libtiff-3.9.5-1.fc14 nss-3.12.9-10.fc14 oxygen-gtk-1.0.4-1.fc14 phonon-4.5.0-2.fc14 phonon-backend-gstreamer-4.5.0-1.fc14 pygtk2-2.17.0-8.fc14 python-ethtool-0.7-2.fc14 qt-4.7.2-8.fc14 rcrpanel-3.5-4.fc14 sssd-1.5.5-1.fc14 tigervnc-1.0.90-0.25.20100813svn4123.fc14 xtide-2.12-0.3.dev20101029.fc14 Details about builds: ================================================================================ dexter-0.18-3.fc14 (FEDORA-2011-5293) Address Book that goes hand in hand with Postler -------------------------------------------------------------------------------- Update Information: Dexter is a very simple, easy to use address book, designed with the home user in mind. This personal contact manager integrates with Postler, and can import and export contacts in vCard format. Dexter is a very simple, easy to use address book, designed with the home user in mind. This personal contact manager integrates with Postler, and can import and export contacts in vCard format. -------------------------------------------------------------------------------- References: [ 1 ] Bug #690953 - Review Request: dexter - A sexy, simple address book with end users in mind https://bugzilla.redhat.com/show_bug.cgi?id=690953 -------------------------------------------------------------------------------- ================================================================================ garmin-sync-0.3-4.fc14 (FEDORA-2011-5306) Download data from Garmin fitness computers -------------------------------------------------------------------------------- Update Information: Re-activate garmin-sync garmin-sync was orphaned for F12, bring it back. -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 12 2011 Tony Breeds <tony@xxxxxxxxxxxxxxxxxx> - 0.3-4 - Reactivate package for F13+ - Add patch from Launchpad to store cadence data - Also address review feedback -------------------------------------------------------------------------------- References: [ 1 ] Bug #541463 - Review Request: garmin-sync - Download data from Garmin fitness computers https://bugzilla.redhat.com/show_bug.cgi?id=541463 -------------------------------------------------------------------------------- ================================================================================ hivex-1.2.5-1.fc14 (FEDORA-2011-5303) Read and write Windows Registry binary hive files -------------------------------------------------------------------------------- Update Information: - New upstream version 1.2.5. - This version fixes a number of important memory issues found by valgrind and upgrading to this version is recommended for all users. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 13 2011 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1.2.5-1 - New upstream version 1.2.5. - This version fixes a number of important memory issues found by valgrind and upgrading to this version is recommended for all users. - Remove patch now upstream. * Tue Sep 7 2010 Dan HorÃk <dan[at]danny.cz> - 1.2.2-3 - conditionalize ocaml support -------------------------------------------------------------------------------- ================================================================================ klatexformula-3.2.3-2.fc14 (FEDORA-2011-5305) Application for easy image creating from a LaTeX equation -------------------------------------------------------------------------------- Update Information: KLatexFormula 3.2.3 - corrected some typos - minor bugfixes and enhancements See changelog: http://klatexformula.sourceforge.net/klfwiki/index.php/Changelog -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 13 2011 Alexey Kurov <nucleo@xxxxxxxxxxxxxxxxx> - 3.2.3-2 - require qt4 version used at build time * Wed Apr 13 2011 Alexey Kurov <nucleo@xxxxxxxxxxxxxxxxx> - 3.2.3-1 - update to 3.2.3 * Mon Feb 7 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.2.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ less-436-11.fc14 (FEDORA-2011-5296) A text file browser similar to more, but better -------------------------------------------------------------------------------- Update Information: [one-liner patch] Fix regression described in Bug 638312 Comment 12. Don't convert files with UTF-16/UTF-32 string in filename. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 13 2011 Vojtech Vitek (V-Teq) <vvitek@xxxxxxxxxx> - 436-11 - Don't convert files with UTF-16/UTF-32 string in filename Resolve: #638312 -------------------------------------------------------------------------------- References: [ 1 ] Bug #638312 - RFE: [patch] allow less to display utf-16 text files https://bugzilla.redhat.com/show_bug.cgi?id=638312 -------------------------------------------------------------------------------- ================================================================================ libtiff-3.9.5-1.fc14 (FEDORA-2011-5304) Library of functions for manipulating TIFF format image files -------------------------------------------------------------------------------- Update Information: Update to libtiff 3.9.5, incorporating all our previous patches plus other fixes, notably the fix for CVE-2009-5022 -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 12 2011 Tom Lane <tgl@xxxxxxxxxx> 3.9.5-1 - Update to libtiff 3.9.5, incorporating all our previous patches plus other fixes, notably the fix for CVE-2009-5022 Related: #695885 -------------------------------------------------------------------------------- References: [ 1 ] Bug #695885 - CVE-2009-5022 libtiff ojpeg buffer overflow https://bugzilla.redhat.com/show_bug.cgi?id=695885 [ 2 ] Bug #695887 - CVE-2010-4665 libtiff tiffdump integer overflow https://bugzilla.redhat.com/show_bug.cgi?id=695887 -------------------------------------------------------------------------------- ================================================================================ nss-3.12.9-10.fc14 (FEDORA-2011-5287) Network Security Services -------------------------------------------------------------------------------- Update Information: The PEM module implements its debug logging in top of NSPR calls. That fixes crashes on debug builds that occurred when the PEM module invoked as a regular user tried to update a log file that had been created by root. rhbz #695011 Update an expired test certificate with a longer lived one. -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 11 2011 Elio Maldonado <emaldona@xxxxxxxxxx> - 3.12.9-10 - Implement PEM logging using NSPR's own (#695011) - Update the expired PayPalEE test certificate to one good until April 1, 2013 -------------------------------------------------------------------------------- References: [ 1 ] Bug #695011 - PEM module's segfaults on debug builds when logging file was created by root https://bugzilla.redhat.com/show_bug.cgi?id=695011 -------------------------------------------------------------------------------- ================================================================================ oxygen-gtk-1.0.4-1.fc14 (FEDORA-2011-5291) Oxygen GTK theme -------------------------------------------------------------------------------- Update Information: new upstream bugfix release -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 12 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.0.4-1 - 1.0.4 * Mon Mar 14 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.0.3-1 - 1.0.3 -------------------------------------------------------------------------------- ================================================================================ phonon-4.5.0-2.fc14 (FEDORA-2011-5285) Multimedia framework api -------------------------------------------------------------------------------- Update Information: New upstream qt, phonon releases. See also: http://labs.qt.nokia.com/2011/03/01/qt-4-7-2-has-been-released/ http://qt.nokia.com/developer/changes/changes-4.7.2/ http://apachelog.wordpress.com/2011/03/25/introducing-phonon-4-5-0/ http://wm161.net/2011/04/10/phonon-gstreamer-4-5-0/ -------------------------------------------------------------------------------- ChangeLog: * Fri Apr 8 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.5.0-2 - avoid Conflicts with judicious (Build)Requires: qt4(-devel) instead * Fri Mar 25 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.5.0-1 - phonon-4.5.0 - qt-designer-plugin-phonon moved here (from qt) * Wed Feb 9 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 4.4.4-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #667175 - libQtWebKit.so has no debug info https://bugzilla.redhat.com/show_bug.cgi?id=667175 [ 2 ] Bug #696011 - Update Error https://bugzilla.redhat.com/show_bug.cgi?id=696011 -------------------------------------------------------------------------------- ================================================================================ phonon-backend-gstreamer-4.5.0-1.fc14 (FEDORA-2011-5285) Gstreamer phonon backend -------------------------------------------------------------------------------- Update Information: New upstream qt, phonon releases. See also: http://labs.qt.nokia.com/2011/03/01/qt-4-7-2-has-been-released/ http://qt.nokia.com/developer/changes/changes-4.7.2/ http://apachelog.wordpress.com/2011/03/25/introducing-phonon-4-5-0/ http://wm161.net/2011/04/10/phonon-gstreamer-4-5-0/ -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 10 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2:4.5.0-1 - 4.5.0 * Tue Feb 15 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2:4.4.4-3 - upstream patch for better(working) dvd playback -------------------------------------------------------------------------------- References: [ 1 ] Bug #667175 - libQtWebKit.so has no debug info https://bugzilla.redhat.com/show_bug.cgi?id=667175 [ 2 ] Bug #696011 - Update Error https://bugzilla.redhat.com/show_bug.cgi?id=696011 -------------------------------------------------------------------------------- ================================================================================ pygtk2-2.17.0-8.fc14 (FEDORA-2011-5290) Python bindings for GTK+ -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 12 2011 Christopher Aillon <caillon@xxxxxxxxxx> - 2.17.0-8 - Reduce wakeups - Fix a 100% CPU issue -------------------------------------------------------------------------------- References: [ 1 ] Bug #660137 - 100% CPU usage with Python + twisted framework using glib2 or gtk2 reactors https://bugzilla.redhat.com/show_bug.cgi?id=660137 -------------------------------------------------------------------------------- ================================================================================ python-ethtool-0.7-2.fc14 (FEDORA-2011-5307) Ethernet settings python bindings -------------------------------------------------------------------------------- Update Information: Fixed several memory leak issues and NETLINK socket issues which could cause SELinux to report AVC if python-ethtool is used with scripts which forks out sub-processes. Also added man pages for pethtool and pifconfig. (This is a re-push, with man pages included for real). -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 13 2011 David Sommerseth <davids@xxxxxxxxxx> - 0.7-2 - Fixed missing man page packaging * Mon Apr 11 2011 David Sommerseth <davids@xxxxxxxxxx> - 0.7-1 - Fixed several memory leaks (commit aa2c20e697af, abc7f912f66d) - Improved error checking towards NULL values(commit 4e928d62a8e3) - Fixed typo in pethtool --help (commit 710766dc722) - Only open a NETLINK connection when needed (commit 508ffffbb3c) - Added man page for pifconfig and pethtool (commit 9f0d17aa532, rhbz#638475) - Force NETLINK socket to close on fork() using FD_CLOEXEC (commit 1680cbeb40e) * Tue Feb 8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #638475 - python-ethtool is missing man pages https://bugzilla.redhat.com/show_bug.cgi?id=638475 [ 2 ] Bug #689843 - Python ethtool opens NETLINK_ROUTE when loaded which causes leaked descriptor https://bugzilla.redhat.com/show_bug.cgi?id=689843 -------------------------------------------------------------------------------- ================================================================================ qt-4.7.2-8.fc14 (FEDORA-2011-5285) Qt toolkit -------------------------------------------------------------------------------- Update Information: New upstream qt, phonon releases. See also: http://labs.qt.nokia.com/2011/03/01/qt-4-7-2-has-been-released/ http://qt.nokia.com/developer/changes/changes-4.7.2/ http://apachelog.wordpress.com/2011/03/25/introducing-phonon-4-5-0/ http://wm161.net/2011/04/10/phonon-gstreamer-4-5-0/ -------------------------------------------------------------------------------- ChangeLog: * Fri Apr 1 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1:4.7.2-8 - -devel-private: qt-creator/QmlDesigner requires qt private headers (#657498) * Fri Mar 25 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1:4.7.2-7 - followup patch for QTBUG-18338, blacklist fraudulent SSL certifcates * Fri Mar 25 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1:4.7.2-6 - drop qt-designer-plugin-phonon * Fri Mar 25 2011 Than Ngo <than@xxxxxxxxxx> - 1:4.7.2-5 - apply patch to fix QTBUG-18338, blacklist fraudulent SSL certifcates * Tue Mar 22 2011 Jaroslav Reznik <jreznik@xxxxxxxxxx> 1:4.7.2-4 - rebuild (mysql) * Fri Mar 11 2011 Dan HorÃk <dan[at]danny.cz> 1:4.7.2-3 - workaround memory exhaustion during linking of libQtWebKit on s390 * Mon Mar 7 2011 Jaroslav Reznik <jreznik@xxxxxxxxxx> 1:4.7.2-2 - Fix QNetworkConfigurationManager crash due to null private pointer (#682656) * Tue Mar 1 2011 Jaroslav Reznik <jreznik@xxxxxxxxxx> 1:4.7.2-1 - 4.7.2 * Wed Feb 23 2011 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1:4.7.1-18 - libQtWebKit.so has no debug info (#667175) -------------------------------------------------------------------------------- References: [ 1 ] Bug #667175 - libQtWebKit.so has no debug info https://bugzilla.redhat.com/show_bug.cgi?id=667175 [ 2 ] Bug #696011 - Update Error https://bugzilla.redhat.com/show_bug.cgi?id=696011 -------------------------------------------------------------------------------- ================================================================================ rcrpanel-3.5-4.fc14 (FEDORA-2011-5302) Lay out front panel for electronics project -------------------------------------------------------------------------------- Update Information: Updates URLs in specfile. The only ser-visible change is to yum info -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 13 2011 John McDonough <jjmcd@xxxxxxxxxxxxxxxxx> - 3.5-4 - Update web locations to new server * Wed Feb 9 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.5-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ sssd-1.5.5-1.fc14 (FEDORA-2011-5295) System Security Services Daemon -------------------------------------------------------------------------------- Update Information: * Tue Apr 12 2011 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 1.5.5-1 - New upstream release 1.5.5 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.5 - Fixes for several crash bugs - LDAP group lookups will no longer abort if there is a zero-length member - attribute - Add automatic fallback to 'cn' if the 'gecos' attribute does not exist -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 12 2011 Stephen Gallagher <sgallagh@xxxxxxxxxx> - 1.5.5-1 - New upstream release 1.5.5 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.5 - Fixes for several crash bugs - LDAP group lookups will no longer abort if there is a zero-length member - attribute - Add automatic fallback to 'cn' if the 'gecos' attribute does not exist -------------------------------------------------------------------------------- ================================================================================ tigervnc-1.0.90-0.25.20100813svn4123.fc14 (FEDORA-2011-5301) A TigerVNC remote display system -------------------------------------------------------------------------------- Update Information: This update fixes following issues: * there might have been screen artifacts after dragging windows to left. (BZ#652590) * /etc/sysconfig/vncservers referred to inaccessible content. (BZ#644975) * vncviewer incorrectly calculated if scrollbars are needed. (BZ#670993) -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 13 2011 Adam Tkac <atkac redhat com> 1.0.90-0.25.20100420svn4030 - fix wrong usage of memcpy which caused screen artifacts (#652590) - don't point to inaccessible link in sysconfig/vncservers (#644975) - improve code in vncviewer which decides if scrollbars are needed (#670993) -------------------------------------------------------------------------------- References: [ 1 ] Bug #652590 - Display artifacts when dragging windows left https://bugzilla.redhat.com/show_bug.cgi?id=652590 [ 2 ] Bug #644975 - vncservers refers users to inaccessible content https://bugzilla.redhat.com/show_bug.cgi?id=644975 [ 3 ] Bug #670993 - Tigervnc covers bottom of screen with scroll bar if only one scroll bar turned on https://bugzilla.redhat.com/show_bug.cgi?id=670993 -------------------------------------------------------------------------------- ================================================================================ xtide-2.12-0.3.dev20101029.fc14 (FEDORA-2011-5297) Calculate tide all over the world -------------------------------------------------------------------------------- Update Information: Harmonics data is upgraded to 20110410. -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 12 2011 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxx> - 2.12-0.3.dev20101029 - Update dwf data to 20110410 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test