The following Fedora 15 Security updates need testing:
https://admin.fedoraproject.org/updates/tmux-1.4-4.fc15
https://admin.fedoraproject.org/updates/mediawiki-1.16.4-57.fc15
https://admin.fedoraproject.org/updates/openldap-2.4.24-2.fc15
https://admin.fedoraproject.org/updates/libtiff-3.9.5-1.fc15
https://admin.fedoraproject.org/updates/kde-l10n-4.6.2-1.fc15.1,kdeaccessibility-4.6.2-1.fc15,kdeadmin-4.6.2-2.fc15,kdeartwork-4.6.2-1.fc15,kdebase-4.6.2-1.fc15,kdebase-runtime-4.6.2-1.fc15,kdebase-workspace-4.6.2-2.fc15,kdebindings-4.6.2-1.fc15,kdeedu-4.6.2-1.fc15,kdegames-4.6.2-1.fc15,kdegraphics-4.6.2-1.fc15,kdelibs-4.6.2-1.fc15,kdemultimedia-4.6.2-1.fc15,kdenetwork-4.6.2-1.fc15,kdepimlibs-4.6.2-1.fc15,kdeplasma-addons-4.6.2-1.fc15,kdesdk-4.6.2-1.fc15,kdetoys-4.6.2-1.fc15,kdeutils-4.6.2-1.fc15,oxygen-icon-theme-4.6.2-1.fc15
The following Fedora 15 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/curl-7.21.3-6.fc15
https://admin.fedoraproject.org/updates/gnome-themes-2.32.0-6.fc15
https://admin.fedoraproject.org/updates/module-init-tools-3.12-5.fc15
https://admin.fedoraproject.org/updates/libdrm-2.4.25-1.fc15
https://admin.fedoraproject.org/updates/libassuan-2.0.0-4.fc15
https://admin.fedoraproject.org/updates/python-ethtool-0.7-2.fc15
https://admin.fedoraproject.org/updates/libtiff-3.9.5-1.fc15
https://admin.fedoraproject.org/updates/libcgroup-0.37.1-2.fc15
https://admin.fedoraproject.org/updates/libbonoboui-2.24.5-1.fc15
https://admin.fedoraproject.org/updates/libbonobo-2.32.1-1.fc15
https://admin.fedoraproject.org/updates/livecd-tools-15.6-1.fc15
https://admin.fedoraproject.org/updates/python-nss-0.11-2.fc15
The following builds have been pushed to Fedora 15 updates-testing
apache-commons-compress-1.1-1.fc15
curl-7.21.3-6.fc15
deja-dup-18.1.1-1.fc15
geeqie-1.0-10.fc15
gphotoframe-1.3-1.fc15
libguestfs-1.10.0-2.fc15
mediawiki-1.16.4-57.fc15
mfiler3-4.2.8-1.fc15
nautilus-image-converter-0.3.1-0.1.git430afce31.fc15
perl-NetPacket-1.1.1-1.fc15
pootle-2.1.6-1.fc15
rt3-3.8.10-1.fc15
rt3-3.8.10-2.fc15
saphire-1.4.2-1.fc15
tmux-1.4-4.fc15
ultimatestunts-0.7.5-7.fc15
wine-1.3.18-1.fc15
xfce4-session-4.8.1-4.fc15
xpa-2.1.13-2.fc15
Details about builds:
================================================================================
apache-commons-compress-1.1-1.fc15 (FEDORA-2011-5489)
Java API for working with tar, zip and bzip2 files
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 16 2011 Chris Spike <spike@xxxxxxxxxxxxxxxxx> 1.1-1
- Updated to 1.1
- Adapted to current java packaging guidelines
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #639891 - apache-commons-compress-1.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=639891
--------------------------------------------------------------------------------
================================================================================
curl-7.21.3-6.fc15 (FEDORA-2011-5497)
A utility for getting files from remote servers (FTP, HTTP, and others)
--------------------------------------------------------------------------------
Update Information:
Exclude valgrind on the ARM platform
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 16 2011 Peter Robinson <pbrobinson@xxxxxxxxx> 7.21.3-5
- no valgrind on ARMv5 arches
* Sat Mar 5 2011 Kamil Dudka <kdudka@xxxxxxxxxx> 7.21.3-5
- work around valgrind bug (#678518)
* Sat Mar 5 2011 Dennis Gilmore <dennis@xxxxxxxx> - 7.21.3-4
- no valgrind on sparc
--------------------------------------------------------------------------------
================================================================================
deja-dup-18.1.1-1.fc15 (FEDORA-2011-5481)
Simple backup tool and frontend for duplicity
--------------------------------------------------------------------------------
Update Information:
Update to upstream 18.1.1
works with NetworkManager 0.9.
This update includes compatibility with NetworkManager 0.9.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 16 2011 Chris Smart <csmart@xxxxxxxxxxxxxxxxx> - 18.1.1-1
- Update to latest upstream realease, which will "actually work with NetworkManager 0.9"
- http://bazaar.launchpad.net/~deja-dup-team/deja-dup/18/revision/888
* Wed Apr 13 2011 Chris Smart <csmart@xxxxxxxxxxxxxxxxx> - 18.1-1
- Update to latest upstream release, 18.1
- https://launchpad.net/deja-dup/18/18.1
* Sat Apr 9 2011 Chris Smart <csmart@xxxxxxxxxxxxxxxxx> - 18.0-1
- Update to latest upstream release, 18.0
- https://launchpad.net/deja-dup/18/18.0
* Wed Apr 6 2011 Dan Williams <dcbw@xxxxxxxxxx> - 17.92-3
- Really fix for NM 0.9
* Tue Apr 5 2011 Dan Williams <dcbw@xxxxxxxxxx> - 17.92-2
- Update for NetworkManager 0.9
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #692727 - After the last updates Deja Dup remains paused waiting for anetwork connection
https://bugzilla.redhat.com/show_bug.cgi?id=692727
--------------------------------------------------------------------------------
================================================================================
geeqie-1.0-10.fc15 (FEDORA-2011-5483)
Image browser and viewer
--------------------------------------------------------------------------------
Update Information:
For anyone, who uses file grouping (e.g. JPG+CR2) and who modifies the current working-directory with external tools, please use this build, and report any trouble via ABRT or directly in bugzilla.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 15 2011 Michael Schwendt <mschwendt@xxxxxxxxxxxxxxxxx> - 1.0-10
- Let's see how we do with a simpler vflist_setup_iter_recursive().
--------------------------------------------------------------------------------
================================================================================
gphotoframe-1.3-1.fc15 (FEDORA-2011-5491)
Photo Frame Gadget for the GNOME Desktop
--------------------------------------------------------------------------------
Update Information:
Formal 1.3 is released.
New version 1.3 rc2 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Apr 17 2011 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxx> - 1.3-1
- 1.3
* Tue Apr 12 2011 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxx> - 1.3-0.3.rc2
- 1.3 rc2
--------------------------------------------------------------------------------
================================================================================
libguestfs-1.10.0-2.fc15 (FEDORA-2011-5480)
Access and modify virtual machine disk images
--------------------------------------------------------------------------------
Update Information:
- Rebuilt because of changes in the ntfsprogs package.
- New upstream stable branch version 1.10.0.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 15 2011 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.10.0-2
- Bump and rebuild.
* Tue Apr 12 2011 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.10.0-1
- New upstream stable branch 1.10.0.
- New Source URL.
- Remove patches which are now upstream.
* Sun Apr 10 2011 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.9.18-4
- Include further fixes to virt-resize from upstream.
* Sat Apr 9 2011 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.9.18-2
- New upstream version 1.9.18.
- Requires ocaml-pcre for new virt-resize.
- Remove libguestfs-test-tool-helper program which is no longer used.
- Include upstream fix for virt-resize build.
* Wed Apr 6 2011 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.9.17-2
- Remove partially translated Ukrainian manpages.
* Tue Apr 5 2011 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.9.17-1
- New upstream version 1.9.17.
* Fri Apr 1 2011 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.9.16-1
- New upstream version 1.9.16.
* Fri Apr 1 2011 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1:1.9.15-1
- New upstream version 1.9.15.
- Add BR libconfig-devel.
- Add /etc/libguestfs-tools.conf (config file for guestfish, guestmount,
virt-rescue; in future for other tools as well).
--------------------------------------------------------------------------------
================================================================================
mediawiki-1.16.4-57.fc15 (FEDORA-2011-5495)
A wiki engine
--------------------------------------------------------------------------------
Update Information:
This update brings mediawiki to version 1.16.2, which is the latest stable release at the moment, but currently also the only supported and recommended release by the mediawiki developer community.
Further changes:
* some simple wiki management functionality was added:
* mw-createinstance <path> creates a wiki instance under
<path>, which is autoupgraded upon package updates.
* any wiki path entered in /etc/mediawiki/instances will be
autoupgraded upon package updates.
* /var/www/wiki is entered into this list automatically, but
you can remove it if you don't want this instance to be
autoupgraded.
* opensearch and suggestions are enabled by default
* several bug fixes (see changelog).
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 16 2011 Axel Thimm <Axel.Thimm@xxxxxxxxxx> - 1.16.4-57
- Update to 1.16.4.
* Sun Apr 3 2011 Axel Thimm <Axel.Thimm@xxxxxxxxxx> - 1.16.2-56
- Update to 1.16.2.
- Fixes RH bugs #614065, #644325, #682281, #662402
- Enable suggestions while typing in search boxes by default.
- Add some basic mediawiki management scripts.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #614065 - mediawiki opensearch_desc.php has bad path
https://bugzilla.redhat.com/show_bug.cgi?id=614065
[ 2 ] Bug #644325 - /etc/httpd/conf.d/mediawiki.conf has execute permission
https://bugzilla.redhat.com/show_bug.cgi?id=644325
[ 3 ] Bug #682281 - Mediawiki uses the reserved word Namespace introduced in latest release of PHP
https://bugzilla.redhat.com/show_bug.cgi?id=682281
[ 4 ] Bug #662402 - Cannot enable math display for mediawiki
https://bugzilla.redhat.com/show_bug.cgi?id=662402
[ 5 ] Bug #674456 - CVE-2011-0047 mediawiki: multiple vulnerabilities corrected in mediawiki 1.16.2 [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=674456
[ 6 ] Bug #667201 - CVE-2011-0003 mediawiki: clickjacking vulnerability [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=667201
[ 7 ] Bug #620226 - CVE-2010-2787 CVE-2010-2788 mediawiki various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=620226
[ 8 ] Bug #696361 - CVE-2011-1578 CVE-2011-1579 CVE-2011-1580 mediawiki: multiple vulnerabilities fixed in 1.16.3 [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=696361
--------------------------------------------------------------------------------
================================================================================
mfiler3-4.2.8-1.fc15 (FEDORA-2011-5487)
Two pane file manager under UNIX console
--------------------------------------------------------------------------------
Update Information:
saphire 1.4.2 / mfiler3 4.2.8 are released.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 16 2011 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxx> - 4.2.8-1
- 4.2.8
- enable gc on F-14+
* Thu Apr 14 2011 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxx> - 4.2.7-2
- Fix compilation error with saphire 1.4.0 (and actually fix
symbol error)
- Prefer less over lv for help pager
--------------------------------------------------------------------------------
================================================================================
nautilus-image-converter-0.3.1-0.1.git430afce31.fc15 (FEDORA-2011-5492)
Nautilus extension to mass resize images
--------------------------------------------------------------------------------
Update Information:
Gtk3 git snapshot.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 15 2011 Brian Pepple <bpepple@xxxxxxxxxxxxxxxxx> - 0.3.1-0.1.git430afce31
- Update to gtk3 git snapshot.
- Drop buildroot.
- Drop unused variable patch. Fixed upstream.
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.3.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Sun Apr 25 2010 Brian Pepple <bpepple@xxxxxxxxxxxxxxxxx> - 0.3.0-5
- Removed clean section. No longer needed.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #660846 - FTBFS nautilus-image-converter-0.3.0-4.fc13
https://bugzilla.redhat.com/show_bug.cgi?id=660846
--------------------------------------------------------------------------------
================================================================================
perl-NetPacket-1.1.1-1.fc15 (FEDORA-2011-5485)
Assemble/disassemble network packets at the protocol level
--------------------------------------------------------------------------------
Update Information:
Update to version 1.1.1.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 10 2011 Jose Pedro Oliveira <jpo at di.uminho.pt> - 1.1.1-1
- Update to 1.1.1.
--------------------------------------------------------------------------------
================================================================================
pootle-2.1.6-1.fc15 (FEDORA-2011-5490)
Localization and translation management web application
--------------------------------------------------------------------------------
Update Information:
**Update to 2.1.6**
- Ensure compatability with Django 1.2.5 and 1.3.0
- Other fixes:
- Fixed another bug with GNU style projects language detection.
- Added a separate project type for UTF-8 encoded Java properties.
- Fixed a bug that would under rare conditions hide some strings from translate page.
- Fixed a bug that caused some translation project level statistics to be miscalculated.
- Fix for Qt TS format based on changes in Translate Toolkit 1.9.0
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 16 2011 Dwayne Bailey <dwayne@xxxxxxxxxxxxxxxx> - 2.1.6-1
- Update to 2.1.6
- Ensure compatability with Django 1.2.5 and 1.3.0 (require Translate
Toolkit >= 1.9.0)
- Other fixes:
- Fixed another bug with GNU style projects language detection.
- Added a separate project type for UTF-8 encoded Java properties.
- Fixed a bug that would under rare conditions hide some strings from
translate page.
- Fixed a bug that caused some translation project level statistics
to be miscalculated.
- Fix for Qt TS format based on changes in Translate Toolkit 1.9.0
--------------------------------------------------------------------------------
================================================================================
rt3-3.8.10-1.fc15 (FEDORA-2011-5493)
Request tracker 3
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 16 2011 Ralf CorsÃpius <corsepiu@xxxxxxxxxxxxxxxxx> - 3.8.10-1
- Upstream update.
- Rebase patches.
- Spec cleanup.
--------------------------------------------------------------------------------
================================================================================
rt3-3.8.10-2.fc15 (FEDORA-2011-5482)
Request tracker 3
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 16 2011 Ralf CorsÃpius <corsepiu@xxxxxxxxxxxxxxxxx> - 3.8.10-2
- Work-around rpm's depgenerator defect:
Filter Requires: perl(DBIx::SearchBuilder::Handle::).
* Sat Apr 16 2011 Ralf CorsÃpius <corsepiu@xxxxxxxxxxxxxxxxx> - 3.8.10-1
- Upstream update.
- Rebase patches.
- Spec cleanup.
--------------------------------------------------------------------------------
================================================================================
saphire-1.4.2-1.fc15 (FEDORA-2011-5487)
Yet another shell
--------------------------------------------------------------------------------
Update Information:
saphire 1.4.2 / mfiler3 4.2.8 are released.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 16 2011 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxx> - 1.4.2-1
- 1.4.2
- Use gc for F-14+
* Wed Apr 13 2011 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxx> - 1.4.0-1
- 1.4.0
- Prefer less over lv for help pager
* Sat Apr 9 2011 Mamoru Tasaka <mtasaka@xxxxxxxxxxxxxxxxx> - 1.3.8-1
- 1.3.8
--------------------------------------------------------------------------------
================================================================================
tmux-1.4-4.fc15 (FEDORA-2011-5486)
A terminal multiplexer
--------------------------------------------------------------------------------
Update Information:
tmux didn't drop group privileges correctly in all cases.
This is fixed by using an updated patch originating from the debian tmux package.
Fixes RHBZ 694563, 656704, 697134, CVE-2011-1496
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 16 2011 Sven Lankes <sven@xxxxxxx> 1.4-4
- Add /var/run/tmp to tmpdir.d - fixes rhbz 656704 and 697134
* Sun Apr 10 2011 Sven Lankes <sven@xxxxxxx> 1.4-3
- Fix CVE-2011-1496
- Fixes rhbz #693824
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #693824 - CVE-2011-1496 tmux does not drop group tmux privileges properly
https://bugzilla.redhat.com/show_bug.cgi?id=693824
--------------------------------------------------------------------------------
================================================================================
ultimatestunts-0.7.5-7.fc15 (FEDORA-2011-5494)
Remake of the famous DOS-game Stunts
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 16 2011 Dan HorÃk <dan[at]danny.cz> 0.7.5-7
- fix crash in replay (#652855)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #652855 - [abrt] ultimatestunts-0.7.5-5.fc12: CBinBuffer::getUint8: Process /usr/bin/ustunts was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=652855
--------------------------------------------------------------------------------
================================================================================
wine-1.3.18-1.fc15 (FEDORA-2011-5484)
A Windows 16/32/64 bit emulator
--------------------------------------------------------------------------------
Update Information:
* Support for mouse pointer clipping.
* Raw mouse events support using XInput2.
* First steps of a DIB engine implementation.
* More properties supported in DXDiag.
* New security tab in the Internet control panel.
* Various bug fixes.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 16 2011 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
- 1.3.18-1
- version upgrade
* Thu Apr 7 2011 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
- 1.3.17-3
- add fix for office installation (upstream #26650)
* Tue Apr 5 2011 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
- 1.3.17-2
- cleanup spec file
- remove rpath via chrpath
- convert README files to utf8
- move SysV init script so sysvinit subpackage (>=f15)
- add some missing lsb keywords to init file
- create systemd subpackage and require it in the wine-desktop package (>=f15)
- disable embedded bitmaps in tahoma (#693180)
- provide readme how to disable wine-tahoma in fontconfig (#693180)
--------------------------------------------------------------------------------
================================================================================
xfce4-session-4.8.1-4.fc15 (FEDORA-2011-5496)
Xfce session manager
--------------------------------------------------------------------------------
Update Information:
This update makes sure that polkit-gnome-authentication-agent gets started in an Xfce session.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 16 2011 Christoph Wickert <cwickert@xxxxxxxxxxxxxxxxx> - 4.8.1-4
- Autostart polkit-gnome-authentication-agent-1 (#693152)
- Remove --enable-gen-doc configure option as it requires network access
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #693152 - XFCE does not provide authentication dialog for Firewall, PackageKit GUIs
https://bugzilla.redhat.com/show_bug.cgi?id=693152
--------------------------------------------------------------------------------
================================================================================
xpa-2.1.13-2.fc15 (FEDORA-2011-5488)
The X Public Access messaging system
--------------------------------------------------------------------------------
Update Information:
Latest upstream version
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 16 2011 Sergio Pascual <sergiopr at fedoraproject.org> - 2.1.13-1
- New upstream source
--------------------------------------------------------------------------------
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
