Fedora 11 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Sat Apr 10 10:34:59 UTC 2010
The following builds have been pushed to Fedora 11 updates-testing
bzflag-2.0.16-1.fc11
cdpr-2.4-1.fc11
grep-2.6.3-1.fc11
httrack-3.43.2-4.fc11
ikiwiki-3.20100403-1.fc11
kdesvn-1.5.3-1.fc11
lcgdm-1.7.4.4-2.fc11
libsvm-2.91-1.fc11
mediawiki-1.15.3-53.fc11
mod_auth_shadow-2.2-8.fc11
nss_db-2.2-46.fc11
psi-0.14-3.fc11
pygsl-0.9.5-1.fc11
python-amara-1.2.0.2-6.fc11
rekonq-0.4.0-1.fc11
voms-1.9.16.1-2.fc11
Details about builds:
================================================================================
bzflag-2.0.16-1.fc11 (FEDORA-2010-6363)
3D multi-player tank battle game
--------------------------------------------------------------------------------
Update Information:
This is an upstream bug-fix release. These are the most noticeable changes: *
Fix regression in protocol handling by server * Add bullet tails as seen out
the viewport * Add TimeLimit plugin
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 9 2010 Nils Philippsen <nils at redhat.com> 2.0.16-1
- version 2.0.16
- drop obsolete gold patch
--------------------------------------------------------------------------------
================================================================================
cdpr-2.4-1.fc11 (FEDORA-2010-6347)
Cisco Discovery Protocol Analyzer
--------------------------------------------------------------------------------
Update Information:
New upstream version.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 30 2010 Michael Stahnke <stahnma at fedoraproject.org> - 2.4-1
- New Version
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
grep-2.6.3-1.fc11 (FEDORA-2010-6351)
Pattern matching utilities
--------------------------------------------------------------------------------
Update Information:
This is new version of grep with many bug fixes, UTF-8/multibyte matching
improvements and speedups (compared to 2.5* versions). It also fix some bugs
presented in the recent 2.6 release, including the Bug 579544. For more
information see: https://savannah.gnu.org/forum/forum.php?forum_id=6254
--------------------------------------------------------------------------------
ChangeLog:
* Sun Apr 4 2010 Jaroslav Škarvada <jskarvad at redhat.com> - 2.6.3-1
- New version: grep-2.6.3
- make check is not silent now
* Fri Mar 26 2010 Jaroslav Škarvada <jskarvad at redhat.com> - 2.6.1-1
- New version: grep-2.6.1
- Dropped sigsegv patch (integrated upstream)
* Tue Mar 23 2010 Jaroslav Škarvada <jskarvad at redhat.com> - 2.6-1
- New version: grep-2.6
- Added sigsegv patch (after release patch from upstream)
- Dropped obsoleted patches: fedora-tests, pcrewrap, case, egf-speedup,
bz460641, utf8, dfa-optional, w
* Fri Mar 5 2010 Jaroslav Škarvada <jskarvad at redhat.com> - 2.5.4-2
- Added w patch to fix -w switch behaviour broken by dfa-optional patch
* Wed Feb 10 2010 Jaroslav Škarvada <jskarvad at redhat.com> - 2.5.4-1
- New version: grep-2.5.4 (#502931)
- Fixed typos in %description
- Updated utf-8 patch
- Added dfa-optional patch (#538423)
* Tue Aug 11 2009 Lubomir Rintel <lkundrak at v3.sk> 2.5.3-6
- Silence possible scriptlets errors
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.5.3-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #515047 - grep ......... large-file.txt is Very slow with en_US.UTF-8
https://bugzilla.redhat.com/show_bug.cgi?id=515047
[ 2 ] Bug #194471 - grep --ignore-case is very slow in UTF-8
https://bugzilla.redhat.com/show_bug.cgi?id=194471
[ 3 ] Bug #481765 - grep-mem-exhausted.patch introduces regressions
https://bugzilla.redhat.com/show_bug.cgi?id=481765
[ 4 ] Bug #579544 - [abrt] crash in grep-2.6.1-1.fc12: Process /bin/grep was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=579544
--------------------------------------------------------------------------------
================================================================================
httrack-3.43.2-4.fc11 (FEDORA-2010-6306)
Website copier and offline browser
--------------------------------------------------------------------------------
Update Information:
Bumped to fix broken dependency due to change in the OpenSSL library name which
is used via dlopen.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 9 2010 Tomas Mraz <tmraz at redhat.com> - 3.43.2-4
- Use library soname for openssl dlopen and dependency
--------------------------------------------------------------------------------
================================================================================
ikiwiki-3.20100403-1.fc11 (FEDORA-2010-6358)
A wiki compiler
--------------------------------------------------------------------------------
Update Information:
Update to 3.20100403, with various bug fixes and enhancements. See
http://ikiwiki.info/news/version_3.20100403/ for a list of changes.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 6 2010 Thomas Moschny <thomas.moschny at gmx.de> - 3.20100403-1
- Update to 3.20100403.
--------------------------------------------------------------------------------
================================================================================
kdesvn-1.5.3-1.fc11 (FEDORA-2010-6312)
A subversion client for KDE4 with KIO integration
--------------------------------------------------------------------------------
Update Information:
Update to 1.5.3 version, bugfix only release. Changelog: * fixed a problem
with some svn servers where version of server and svn-filesystem differs
(usptream ticket #765) * fixed wrong default depth for update in svnqt and
frontend Release notes: http://kdesvn.alwins-
world.de/blog/2010-04-09/kdesvn_1_5_3
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 9 2010 - Jaroslav Reznik <jreznik at redhat.com> - 1.5.3-1
- Update to 1.5.3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #580868 - kdesvn-1.5.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=580868
--------------------------------------------------------------------------------
================================================================================
lcgdm-1.7.4.4-2.fc11 (FEDORA-2010-6367)
LHC Computing Grid Data Management
--------------------------------------------------------------------------------
Update Information:
The lcgdm package contains common libraries for the LCG Data Management
components: the LFC (LCG File Catalog) and the DPM (Disk Pool Manager). The
LCG File Catalog (LFC) keeps track of the locations of the physical replicas of
the logical files in a distributed storage system. The LCG Disk Pool Manager
(DPM) creates a storage element from a set of disks. It provides several
interfaces for storing and retrieving data such as RFIO and SRM version 1,
version 2 and version 2.2.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #531252 - Review Request: lcgdm - LHC Computing Grid Data Management
https://bugzilla.redhat.com/show_bug.cgi?id=531252
--------------------------------------------------------------------------------
================================================================================
libsvm-2.91-1.fc11 (FEDORA-2010-6303)
A Library for Support Vector Machines
--------------------------------------------------------------------------------
Update Information:
- Fixed Bug 564887 - FTBFS libsvm-2.90-3.fc13 - Upstream update: *
completely new python interface using ctype * new way to set the print_string
function * Java: able to load model from a BufferedReader directly * fix
grid.py so -log2c can be run under python 2.6 or after
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 7 2010 Ding-Yi Chen <dchen at redhat.com> - 2.91-1
- Fixed Bug 564887 - FTBFS libsvm-2.90-3.fc13
- Upstream update:
* completely new python interface using ctype
* new way to set the print_string function
* Java: able to load model from a BufferedReader directly
* fix grid.py so -log2c can be run under python 2.6 or after
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #564887 - FTBFS libsvm-2.90-3.fc13
https://bugzilla.redhat.com/show_bug.cgi?id=564887
--------------------------------------------------------------------------------
================================================================================
mediawiki-1.15.3-53.fc11 (FEDORA-2010-6327)
A wiki engine
--------------------------------------------------------------------------------
Update Information:
This is a security and bugfix release of MediaWiki 1.15.3. Three security
issues are fixed in this update: A CSS validation issue was discovered which
allows editors to display external images in wiki pages. A data leakage
vulnerability was discovered in thumb.php which affects wikis which restrict
access to private files using img_auth.php, or some similar scheme. MediaWiki
was found to be vulnerable to login CSRF. The upstrea authors recommend that all
public wikis should be upgraded if possible. The fix includes a breaking change
to the API login action. Any clients using it will need to be updated.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 7 2010 Axel Thimm <Axel.Thimm at ATrpms.net> - 1.15.3-53
- Update to 1.15.3 (Fixes login CSRF vulnerability).
* Wed Mar 31 2010 Axel Thimm <Axel.Thimm at ATrpms.net> - 1.15.2-51
- Update to 1.15.2 (Fixes CSS validation issue and data leakage
vulnerability).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #571926 - CVE-2010-1189 CVE-2010-1190 MediaWiki: Two security fixes in v1.15.2
https://bugzilla.redhat.com/show_bug.cgi?id=571926
--------------------------------------------------------------------------------
================================================================================
mod_auth_shadow-2.2-8.fc11 (FEDORA-2010-6323)
An Apache module for authentication using /etc/shadow
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2010-1151 mod_auth_shadow: bad wait(2) call causes randomized
authorization behaviour (#578168).
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 9 2010 Jaroslav Reznik <jreznik at redhat.com> - 2.2-8
- CVE-2010-1151: bad wait(2) call causes randomized authorization (#578168)
* Sat Jul 25 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.2-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #578168 - CVE-2010-1151 mod_auth_shadow: bad wait(2) call causes randomized authorization behaviour
https://bugzilla.redhat.com/show_bug.cgi?id=578168
--------------------------------------------------------------------------------
================================================================================
nss_db-2.2-46.fc11 (FEDORA-2010-6331)
An NSS library for the Berkeley DB
--------------------------------------------------------------------------------
Update Information:
Stephane Chazelas reported that the nss_db module attempts to read a DB_CONFIG
file in the current directory when it is used. If the contents of the file
can't be parsed properly, the copy of libdb which nss_db uses will print an
error message. If nss_db is invoked from a setuid process, it may then expose
privileged information to the unprivileged user who started the process. This
update imports Kees Cook's fix for the issue (CVE-2010-0826).
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 7 2010 Nalin Dahyabhai <nalin at redhat.com> - 2.2-46
- import Kees Cook's patch to fix accidental leakage of part of ./DB_CONFIG
(#580191, CVE-2010-0826)
* Fri Feb 5 2010 Nalin Dahyabhai <nalin at redhat.com> - 2.2-45
- correct some tests in the patch for detecting SELinux support (#562052)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #580187 - CVE-2010-0826 nss_db: Information leak due the DB_CONFIG file read from current working directory
https://bugzilla.redhat.com/show_bug.cgi?id=580187
--------------------------------------------------------------------------------
================================================================================
psi-0.14-3.fc11 (FEDORA-2010-6355)
Jabber client based on Qt
--------------------------------------------------------------------------------
Update Information:
Disable debug without breaking the -debuginfo pkg (rhbz#579131)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 8 2010 Aurelien Bompard <abompard at fedoraproject.org> - 0.14-3
- disable debug, but don't break the -debuginfo pkg (rhbz#579131)
* Sun Apr 4 2010 Aurelien Bompard <abompard at fedoraproject.org> - 0.14-2
- disable debug (rhbz#579131)
--------------------------------------------------------------------------------
================================================================================
pygsl-0.9.5-1.fc11 (FEDORA-2010-6318)
GNU Scientific Library Interface for python
--------------------------------------------------------------------------------
Update Information:
Bug fix release. A memory leak was fixed for all modules using gsl_functions:
integrate, min, roots, deriv. Includes more documentation.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 8 2010 José Matos <jamatos at fc.up.pt> - 0.9.5-1
- Bug fix release. A memory leak was fixed for all modules using
gsl_functions: integrate, min, roots, deriv.
- Include more original documentation.
- Remove patch applied upstream.
* Thu Nov 19 2009 José Matos <jamatos at fc.up.pt> - 0.9.4-7
- Revert to local patch as upstream one does not work.
* Thu Nov 19 2009 José Matos <jamatos at fc.up.pt> - 0.9.4-6
- Request build with the upstream patch.
* Thu Nov 19 2009 José Matos <jamatos at fc.up.pt> - 0.9.4-5
- Fix typo in -devel Summary. (#504881)
* Tue Sep 15 2009 José Matos <jamatos at fc.up.pt> - 0.9.4-4
- Remove gsm units taken away in gsl-1.13.
* Tue Sep 15 2009 José Matos <jamatos at fc.up.pt> - 0.9.4-3
- Rebuild for new upstream gsl version (F12+).
* Thu Jul 30 2009 José Matos <jamatos[AT]fc.up.pt> - 0.9.4-2
- Add missing BR numpy-f2py
* Thu Jul 30 2009 José Matos <jamatos[AT]fc.up.pt> - 0.9.4-1
- New upstream bugfix release
* Sun Jul 26 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.9.3-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-amara-1.2.0.2-6.fc11 (FEDORA-2010-6314)
A collection of Pythonic tools for XML data binding
--------------------------------------------------------------------------------
Update Information:
Require python-setuptools as python-amara does not work in its absence.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 8 2010 José Matos <jamatos at fc.up.pt> - 1.2.0.2-6
- Require python-setuptools as python-amara does not work in its absence.
* Sun Jul 26 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.2.0.2-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #569974 - python-amara should depend on python-setuptools
https://bugzilla.redhat.com/show_bug.cgi?id=569974
--------------------------------------------------------------------------------
================================================================================
rekonq-0.4.0-1.fc11 (FEDORA-2010-6311)
KDE browser based on QtWebkit
--------------------------------------------------------------------------------
Update Information:
New upstream version. rekonq is a KDE browser based on Webkit. Its code is
based on Nokia QtDemoBrowser, just like Arora. Anyway its implementation is
going to embrace KDE technologies to have a full-featured KDE web browser. *
moved to kdewebkit (this means based on kde 4.4) * kwallet support * KIO full
support (cookies, cache, proxy, network) * file: & ftp: protocol easy handling
* improved rekonq pages (in the about: protocol) * multithreaded url resolver
(hopefully, no more UI freezes) * adblock support, first part (load manually
links, for now...) * improved fullscreen mode * embedded inspector (A-LA
firebug) * first kget integration * optional "clickToFlash" feature * tons of
bugs fixed
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 7 2010 Thomas Janssen <thomasj at fedoraproject.org> 0.4.0-1
- Rekonq-0.4.0
--------------------------------------------------------------------------------
================================================================================
voms-1.9.16.1-2.fc11 (FEDORA-2010-6343)
Virtual Organization Membership Service
--------------------------------------------------------------------------------
Update Information:
This update fixes a bug that causes crashes in threaded applications.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 28 2010 Mattias Ellert <mattias.ellert at fysast.uu.se> - 1.9.16.1-2
- Add mutex lock for accessing private data
--------------------------------------------------------------------------------
More information about the test
mailing list