Fedora 11 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Fri Apr 30 17:22:29 UTC 2010
The following builds have been pushed to Fedora 11 updates-testing
boa-0.94.14-0.15.rc21.fc11
coreutils-7.2-8.fc11
easytag-2.1.6-3.fc11
flashrom-0.9.1-4.svn995.fc11
html-xml-utils-5.7-1.fc11
kchmviewer-5.2-1.fc11
lighttpd-1.4.26-2.fc11
lsdvd-0.16-13.fc11
net-snmp-5.4.2.1-14.fc11
phonon-4.4.1-2.fc11
ruby-gnome2-0.19.4-1.fc11
soprano-2.4.3-2.fc11
synergy-plus-1.3.4-3.fc11.1
taggle-1.0-1.fc11
uqm-0.6.2-11.fc11
xar-1.5.2-6.fc11
youtube-dl-2010.04.04-1.fc11
Details about builds:
================================================================================
boa-0.94.14-0.15.rc21.fc11 (FEDORA-2010-7645)
Single-tasking HTTP server
--------------------------------------------------------------------------------
Update Information:
This update fixes CVE-2009-4496 where HTTP request logs were written without
sanitizing non-printable characters.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 28 2010 Matthias Saou <http://freshrpms.net/> 0.94.14-0.15.rc21
- Include escape-errorlog patch from Debian to fix CVE-2009-4496 (#583162).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #583162 - CVE-2009-4496 boa: sanitize nonprintable characters in error logs
https://bugzilla.redhat.com/show_bug.cgi?id=583162
--------------------------------------------------------------------------------
================================================================================
coreutils-7.2-8.fc11 (FEDORA-2010-7675)
A set of basic GNU tools commonly used in shell scripts
--------------------------------------------------------------------------------
Update Information:
- doublequote LS_COLORS in colorls.*sh scripts to speedup shell
start(#586029) - move readlink from /usr/bin to bin, keep symlink in
/usr/bin(#580682) - run tput colors in colorls profile.d scripts only in the
interactive mode(#450424) - fix exit status of terminated child processes in su
with pam(#559098) - who doesn't determine user's message status correctly
(#454261)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 28 2010 Ondrej Vasik <ovasik at redhat.com> - 7.2-8
- doublequote LS_COLORS in colorls.*sh scripts to speedup
shell start(#586029)
- move readlink from /usr/bin to bin, keep symlink in
/usr/bin(#580682)
- run tput colors in colorls profile.d scripts only
in the interactive mode(#450424)
- fix exit status of terminated child processes in su with
pam(#559098)
- who doesn't determine user's message status correctly
(#454261)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #586029 - LS_COLORS setup in /etc/profile.d has insufficient escaping
https://bugzilla.redhat.com/show_bug.cgi?id=586029
[ 2 ] Bug #580682 - move readlink from /usr/bin to /bin
https://bugzilla.redhat.com/show_bug.cgi?id=580682
[ 3 ] Bug #450424 - tput: No value for $TERM and no -T specified
https://bugzilla.redhat.com/show_bug.cgi?id=450424
[ 4 ] Bug #454261 - who does not determine user's message status correctly
https://bugzilla.redhat.com/show_bug.cgi?id=454261
--------------------------------------------------------------------------------
================================================================================
easytag-2.1.6-3.fc11 (FEDORA-2010-7650)
Tag editor for mp3, ogg, flac and other music files
--------------------------------------------------------------------------------
Update Information:
The easytag desktop file contained the type for directories, which could cause
nautilus to start launching easytag instead of showing directory content. This
update fixes this issue.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 8 2010 Matthias Saou <http://freshrpms.net/> 2.1.6-3
- Remove x-directory/normal from the desktop file (#451823).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #451823 - Nautilus, Places, Home opens easytag
https://bugzilla.redhat.com/show_bug.cgi?id=451823
--------------------------------------------------------------------------------
================================================================================
flashrom-0.9.1-4.svn995.fc11 (FEDORA-2010-7664)
Simple program for reading/writing BIOS chips content
--------------------------------------------------------------------------------
Update Information:
New svn ver. 995 (with really lots of new chips and m/b added)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 28 2010 Peter Lemenkov <lemenkov at gmail.com> 0.9.1-4.svn995
- Updated to latest svn ver. 995
- Lots of new chips and m/b
--------------------------------------------------------------------------------
================================================================================
html-xml-utils-5.7-1.fc11 (FEDORA-2010-7662)
A number of simple utilities for manipulating HTML and XML files
--------------------------------------------------------------------------------
Update Information:
- Update to 5.7 - For changes please see http://www.w3.org/Tools/HTML-XML-
utils/ChangeLog
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 28 2010 Milos Jakubicek <xjakub at fi.muni.cz> - 5.7-1
- Update to 5.7
* Tue Apr 27 2010 Milos Jakubicek <xjakub at fi.muni.cz> - 5.6-1
- Update to 5.6
- Dropped html-xml-utils-5.5-hxpipe-man.patch (merged upstream)
* Sun Oct 25 2009 Milos Jakubicek <xjakub at fi.muni.cz> - 5.5-2
- Added html-xml-utils-5.5-hxpipe-man.patch, resolves BZ#527655
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #586325 - html-xml-utils-5.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=586325
[ 2 ] Bug #586750 - html-xml-utils-5.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=586750
--------------------------------------------------------------------------------
================================================================================
kchmviewer-5.2-1.fc11 (FEDORA-2010-7654)
CHM viewer
--------------------------------------------------------------------------------
Update Information:
A new upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 28 2010 Robin Lee <robinlee.sysu at gmail.com> - 5.2-1
- update to 5.2
--------------------------------------------------------------------------------
================================================================================
lighttpd-1.4.26-2.fc11 (FEDORA-2010-7636)
Lightning fast webserver with light system requirements
--------------------------------------------------------------------------------
Update Information:
Update lighttpd to the latest version of the 1.4 branch, with the spawn-fcgi
program split out for the first time on EL. This fixes CVE-2010-0295 and also
includes a fix for upstream bug #2157 where SSL stopped working with RHEL 5.4.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 16 2010 Matthias Saou <http://freshrpms.net/> 1.4.26-2
- Update to 1.4.26.
- Update the geoip patch.
- Remove no longer provided ChangeLog from %doc.
- Include patch to fix upstream SSL related bug #2157.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #561340 - CVE-2010-0295 lighttpd: Remote DoS (excessive memory use) by handling specially-crafted HTTP request
https://bugzilla.redhat.com/show_bug.cgi?id=561340
--------------------------------------------------------------------------------
================================================================================
lsdvd-0.16-13.fc11 (FEDORA-2010-7658)
Small application for listing the contents of DVDs
--------------------------------------------------------------------------------
Update Information:
This update fixes some incorrect trailing white space stripping from DVD title
strings.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 28 2010 Matthias Saou <http://freshrpms.net/> 0.16-13
- Include patch to fix trailing spaces stripping (#556416).
* Sat Jul 25 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.16-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #556416 - Incorrect handing of certain dvd titles
https://bugzilla.redhat.com/show_bug.cgi?id=556416
--------------------------------------------------------------------------------
================================================================================
net-snmp-5.4.2.1-14.fc11 (FEDORA-2010-7625)
A collection of SNMP protocol tools and libraries
--------------------------------------------------------------------------------
Update Information:
This update fixes SELinux denials of cyrus-imapd with interaction with Net-SNMP
data files.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 5 2010 Jan Safranek <jsafrane at redhat.com> 5.4.2.1-14
- distribute .index file in mib directory to preven SELinux AVCs
in applications using net-snmp libraries (#562001)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #562001 - SELinux is preventing cyrus-master (cyrus_t) "write" usr_t
https://bugzilla.redhat.com/show_bug.cgi?id=562001
--------------------------------------------------------------------------------
================================================================================
phonon-4.4.1-2.fc11 (FEDORA-2010-7646)
Multimedia framework api
--------------------------------------------------------------------------------
Update Information:
New bugfix release, includes many small pulseaudio related fixes, and is
required for development and testing of other phonon backends (like vlc)
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 24 2010 Rex Dieter <rdieter at fedoraproject.org> - 4.4.1-2
- phonon-backend-xine-4.4.1 (with pulseaudio) = no audio (kde#235193)
* Thu Apr 22 2010 Rex Dieter <rdieter at fedoraproject.org> - 4.4.1-1
- phonon-4.4.1
--------------------------------------------------------------------------------
================================================================================
ruby-gnome2-0.19.4-1.fc11 (FEDORA-2010-7638)
Ruby binding of libgnome/libgnomeui-2.x
--------------------------------------------------------------------------------
Update Information:
New version 0.19.4 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 29 2010 Mamoru Tasaka <mtasaka at ioa.s.u-tokyo.ac.jp> - 0.19.4-1
- Update to 0.19.4, drop all upstreamed patches
--------------------------------------------------------------------------------
================================================================================
soprano-2.4.3-2.fc11 (FEDORA-2010-7627)
Qt wrapper API to different RDF storage solutions
--------------------------------------------------------------------------------
Update Information:
This build fixes some memleaks and a crasher in the Nepomuk query service.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Apr 25 2010 Rex Dieter <rdieter at fedoraproject.org> - 2.4.3-2
- fix version, and test to %check
* Thu Apr 22 2010 Rex Dieter <rdieter at fedoraproject.org> - 2.4.3-1
- soprano-2.4.3
* Sat Apr 17 2010 Rex Dieter <rdieter at fedoraproject.org> - 2.4.2-1
- soprano-2.4.2
--------------------------------------------------------------------------------
================================================================================
synergy-plus-1.3.4-3.fc11.1 (FEDORA-2010-7635)
Mouse and keyboard sharing utility
--------------------------------------------------------------------------------
Update Information:
Synergy front-ends require the "synergy" package to be installed, which
prevented them from being used with synergy-plus, even though it is meant to be
a drop-in replacement. This update makes synergy-plus virtually provide synergy
to fix this.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 28 2010 Matthias Saou <http://freshrpms.net/> 1.3.4-3.1
- Provide synergy, useful for front-ends (#524910).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #524910 - Hard dependency on synergy
https://bugzilla.redhat.com/show_bug.cgi?id=524910
--------------------------------------------------------------------------------
================================================================================
taggle-1.0-1.fc11 (FEDORA-2010-7639)
An online french word game
--------------------------------------------------------------------------------
Update Information:
Update sources to 1.0
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 26 2010 Le Coz Florent <louizatakk at fedoraproject.org> - 1.0-1
- Update sources to 1.0
--------------------------------------------------------------------------------
================================================================================
uqm-0.6.2-11.fc11 (FEDORA-2010-7671)
The Ur-Quan Masters, a port of the classic game Star Control II
--------------------------------------------------------------------------------
Update Information:
Fix for autodownloader issue.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 28 2010 Jon Ciesla <limb at jcomserv.net> - 0.6.2-11
- Fix for autodl urls, BZ 494465.
* Sun Jul 26 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.6.2-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #494465 - uqm autodownloader is broken
https://bugzilla.redhat.com/show_bug.cgi?id=494465
--------------------------------------------------------------------------------
================================================================================
xar-1.5.2-6.fc11 (FEDORA-2010-7670)
The eXtensible ARchiver
--------------------------------------------------------------------------------
Update Information:
This update fixes CVE-2010-0055, an issue where xar did not properly validate
package signatures, which allows attackers to have an unspecified impact via a
modified package.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 28 2010 Matthias Saou <http://freshrpms.net/> 1.5.2-6
- Include patch to fix CVE-2010-0055 (#570678).
* Fri Aug 21 2009 Tomas Mraz <tmraz at redhat.com> - 1.5.2-5
- rebuilt with new openssl
* Mon Jul 27 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.5.2-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #570678 - CVE-2010-0055 xar: signature bypass vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=570678
--------------------------------------------------------------------------------
================================================================================
youtube-dl-2010.04.04-1.fc11 (FEDORA-2010-7630)
Small command-line program to download videos from YouTube
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 29 2010 Till Maas <opensource at till.name> - 2010.04.04-1
- Update to latest release to fix some download issues RH #582372
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #582372 - youtube-dl 2010.04.04 is available
https://bugzilla.redhat.com/show_bug.cgi?id=582372
--------------------------------------------------------------------------------
More information about the test
mailing list