Fedora 12 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Sat Aug 7 23:29:20 UTC 2010


The following builds have been pushed to Fedora 12 updates-testing

    augeas-0.7.3-1.fc12
    clementine-0.4.2-8.fc12
    freeciv-2.2.2-1.fc12
    iputils-20071127-12.fc12
    lvm2-2.02.72-4.fc12
    monit-5.1.1-2.fc12
    openconnect-2.25-1.fc12
    php-pear-CAS-1.1.2-1.fc12
    python-pycha-0.5.3-1.fc12
    rekonq-0.5.0-2.fc12
    roundup-1.4.15-1.fc12
    texmaker-2.0-1.fc12
    uzbl-0-0.16.20100626gitafc0f873e.fc12

Details about builds:


================================================================================
 augeas-0.7.3-1.fc12 (FEDORA-2010-12268)
 A library for changing configuration files
--------------------------------------------------------------------------------
Update Information:

See http://augeas.net/news.html for details
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug  6 2010 David Lutterkort <lutter at redhat.com> - 0.7.3-1
- Version 0.7.3
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #613967 - guestfsd segfaults in libaugeas.so
        https://bugzilla.redhat.com/show_bug.cgi?id=613967
--------------------------------------------------------------------------------


================================================================================
 clementine-0.4.2-8.fc12 (FEDORA-2010-11388)
 A music player and library organizer
--------------------------------------------------------------------------------
Update Information:

Clementine is a modern music player and library organizer.  It is largely a port
of Amarok 1.4, with some features rewritten to take advantage of Qt4.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #583327 - Review Request: clementine - A music player and library organizer
        https://bugzilla.redhat.com/show_bug.cgi?id=583327
  [ 2 ] Bug #618474 - SIGSEGV when I click on "triangle" to the left of "Last.fm" in Internet tab
        https://bugzilla.redhat.com/show_bug.cgi?id=618474
--------------------------------------------------------------------------------


================================================================================
 freeciv-2.2.2-1.fc12 (FEDORA-2010-12262)
 A multi-player strategy game
--------------------------------------------------------------------------------
Update Information:

A lot of fixes and updates, including a security fix.  Fixes #612296
--------------------------------------------------------------------------------
ChangeLog:

* Mon Aug  2 2010 Thomas Janssen <thomasj at fedoraproject.org> 2.2.2-1
- security fix https://www.redhat.com/security/data/cve/CVE-2010-2445.html
- fixes #612296
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #612296 - CVE-2010-2445 freeciv: arbitrary file disclosure and command execution vulnerabilities
        https://bugzilla.redhat.com/show_bug.cgi?id=612296
--------------------------------------------------------------------------------


================================================================================
 iputils-20071127-12.fc12 (FEDORA-2010-12252)
 Network monitoring tools including ping
--------------------------------------------------------------------------------
Update Information:

CVE-2010-2529 iputils: denial of service vulnerability in ping
--------------------------------------------------------------------------------
ChangeLog:

* Thu Aug  5 2010 Jiri Skala <jskala at redhat.com> - 20071127-12
- fixes #617613 - CVE-2010-2529 iputils: denial of service vulnerability in ping
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #613819 - CVE-2010-2529 iputils: denial of service vulnerability in ping
        https://bugzilla.redhat.com/show_bug.cgi?id=613819
--------------------------------------------------------------------------------


================================================================================
 lvm2-2.02.72-4.fc12 (FEDORA-2010-12250)
 Userland logical volume management tools
--------------------------------------------------------------------------------
Update Information:

This update addresses a security problem when using the clustered LVM daemon
clvmd from the package lvm2-cluster on systems where you have non-root users.
The lvm2 package on its own is not vulnerable to this problem but if you are
using lvm2-cluster you must update both together.    Further details are given
in the Red Hat Bugzilla:       https://bugzilla.redhat.com/CVE-2010-2526
After updating the packages, make sure that clvmd restarted itself.    This
update also includes several other important bug fixes - see the detailed
changelog.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Aug  2 2010 Alasdair Kergon <agk at redhat.com> - 2.02.72-5
- Make udev configurable and merge with f12.
* Mon Aug  2 2010 Alasdair Kergon <agk at redhat.com> - 2.02.72-4
- Merge f13, f14 and rawhide spec files.
* Sat Jul 31 2010 Alasdair Kergon <agk at redhat.com> - 2.02.72-3
- Address lvm2-cluster security flaw CVE-2010-2526.
    https://bugzilla.redhat.com/CVE-2010-2526
- Change clvmd to communicate with lvm2 via a socket in /var/run/lvm.
- Return controlled error if clvmd is run by non-root user.
- Never use clvmd singlenode unless explicitly requested with -Isinglenode.
- Fix exported_symbols generation to use standard compiler arguments.
- Use #include <> not "" in lvm2app.h which gets installed on the system.
- Make liblvm.device-mapper wait for include file generation.
- Fix configure to supply DEFAULT_RUN_DIR to Makefiles.
- Fix wrong number of mirror log at allocate policy
* Wed Jul 28 2010 Alasdair Kergon <agk at redhat.com> - 2.02.71-1
- Make vgck warn about missing PVs.
- Revert failed table load preparation after "create, load and resume".
- Check if cluster log daemon is running before allowing cmirror create.
- Add dm_create_lockfile to libdm and use for pidfiles for all daemons.
- Correct LV list order used by lvconvert when splitting a mirror.
- Check if LV with specified name already exists when splitting a mirror.
- Fix suspend/resume logic for LVs resulting from splitting a mirror.
- Fix possible hang when all mirror images of a mirrored log fail.
- Adjust auto-metadata repair and caching logic to try to cope with empty mdas.
- Update pvcreate, {pv|vg}change, and lvm.conf man pages about metadataignore.
- Prompt if metadataignore with vgextend or pvchange would adjust vg_mda_copies.
- Adjust vg_mda_copies if metadataignore given with vgextend or pvchange.
- Speed up the regex matcher.
- Use "nowatch" udev rule for inappropriate devices.
- Document LVM fault handling in lvm_fault_handling.txt.
- Clarify help text for vg_mda_count.
- Add more verbose messages while checking volume_list and hosttags settings.
- Add log_error when strdup fails in {vg|lv}_change_tag().
- Do not log backtrace in valid _lv_resume() code path.
* Wed Jul  7 2010 Alasdair Kergon <agk at redhat.com> - 2.02.70-1
- Remove log directly if all mirror images of a mirrored log fail.
- Randomly select which mdas to use or ignore.
- Add printf format attributes to yes_no_prompt and fix a caller.
- Always pass unsuspended dm devices through persistent filter to other filters.
- Move test for suspended dm devices ahead of other filters.
- Fix another segfault in clvmd -R if no response from daemon received. (2.02.68)
- Remove superfluous suspended device counter from clvmd.
- Fix lvm shell crash when input is entirely whitespace.
- Update partial mode warning message.
- Preserve memlock balance in clvmd when activation triggers a resume.
- Restore the removemissing behaviour of lvconvert --repair --use-policies.
* Wed Jun 30 2010 Alasdair Kergon <agk at redhat.com> - 2.02.69-1
- Fix vgremove to allow removal of VG with missing PVs. (2.02.52)
- Add metadata/vgmetadatacopies to lvm.conf.
- Add --metadataignore to pvcreate and vgextend.
- Add vg_mda_copies, pv_mda_used_count and vg_mda_used_count to reports.
- Describe --vgmetadatacopies in lvm.conf and other man pages.
- Add --[vg]metadatacopies to select number of mdas to use in a VG.
- Make the metadata ignore bit control read/write metadata areas in a PV.
- Add pvchange --metadataignore to set or clear a metadata ignore bit.
- Refactor metadata code to prepare for --metadataignore / --vgmetadatacopies.
- Ensure region_size of mirrored log does not exceed its full size.
- Preload libc locale messages to prevent reading it in memory locked state.
- Fix handling of simultaneous mirror image and mirrored log image failure.
* Thu Jun 24 2010 Peter Rajnoha <prajnoha at redhat.com> - 2.02.68-2
- Fix udev rules to handle spurious events properly.
- Add Requires: udev >= 158-1 (needed for the change in udev rules).
* Wed Jun 23 2010 Alasdair Kergon <agk at redhat.com> - 2.02.68-1
- Have device-mapper-libs require device-mapper (circular) for udev rules.
- Clear exec_prefix.
- Use early udev synchronisation and update of dev nodes for clustered mirrors.
- Add lv_path to reports to offer full /dev pathname.
- Avoid abort when generating cmirror status.
- Fix clvmd initscript status to print only active clustered LVs.
- Fix segfault in clvmd -R if no response from daemon received.
- Honour log argument when down-converting stacked mirror.
- Sleep to workaround clvmd -S race: socket closed early and server drops cmd.
- Exit successfully when using -o help (but not -o +help) with LVM reports.
- Add man pages for lvmconf, dmeventd and non-existent lvmsadc and lvmsar tools.
- Add --force, --nofsck and --resizefs to lvresize/extend/reduce man pages.
- Fix lvm2cmd example in documentation.
- Fix typo in warning message about missing device with allocated data areas.
- Add device name and offset to raw_read_mda_header error messages.
- Allow use of lvm2app and lvm2cmd headers in C++ code.
* Fri Jun  4 2010 Alasdair Kergon <agk at redhat.com> - 2.02.67-1
- Require partial option in lvchange --refresh for partial LVs.
- Don't merge unchanged persistent cache file before dumping if tool scanned.
- Avoid selecting names under /dev/block if there is an alternative.
- Fix semctl parameter (union) to avoid misaligned parameter on some arches.
- Fix clvmd initscript restart command to start clvmd if not yet running.
- Handle failed restart of clvmd using -S switch properly.
- Use built-in absolute paths in clvmd (clvmd restart and PV and LV queries).
- Consistently return ECMD_FAILED if interrupted processing multiple LVs.
- Add --type parameter description to the lvcreate man page.
- Document 'clear' in dmsetup man page.
- Replace strncmp kernel version number checks with proper ones.
- Update clustered log kernel module name to log-userspace for 2.6.31 onwards.
- Support autoloading of dm-mod module for kernels from 2.6.35.
- Add dm_tree_node_set_presuspend_node() to presuspend child when deactivating.
- Do not fail lvm_init() if init_logging() or _init_rand() generates an errno.
- Fix incorrect memory pool deallocation while using vg_read for files.
* Thu May 20 2010 Alasdair Kergon <agk at redhat.com> - 2.02.66-2
- Simplify and fix Requires package headers.
- If unable to obtain snapshot percentage leave value blank on reports.
- Use new install_system_dirs and install_initscripts makefile targets.
- Add lvm2app functions to lookup a vgname from a pvid and pvname.
- Change internal processing of PVs in pvchange.
- Validate internal lock ordering of orphan and VG_GLOBAL locks.
* Mon May 17 2010 Alasdair Kergon <agk at redhat.com> - 2.02.65-1
- Disallow vgchange --clustered if there are active mirrors or snapshots.
- Fix truncated total size displayed by pvscan.
- Skip internal lvm devices in scan if ignore_suspended_devices is set.
- Do not merge old device cache after we run full scan. (2.02.56)
- Add new --sysinit compound option to vgchange and lvchange.
- Fix clvmd init script never to deactivate non-clustered volume groups.
- Drop duplicate errors for read failures and missing devices to verbose level.
- Do not print encryption key in message debug output (cryptsetup luksResume).
- Use -d to control level of messages sent to syslog by dmeventd.
- Change -d to -f to run dmeventd in foreground.
- Fix udev flags on remove in create_and_load error path.
- Add dm_list_splice() function to join two lists together.
- Use /bin/bash for scripts with bashisms.
- Switch Libs.private to Requires.private in devmapper.pc and lvm2app.pc.
- Use pkgconfig Requires.private for devmapper-event.pc.
* Fri Apr 30 2010 Alasdair Kergon <agk at redhat.com> - 2.02.64-1
- Avoid pointless initialisation when the 'version' command is run directly.
- Fix memory leak for invalid regex pattern input.
- Display invalid regex pattern for filter configuration in case of error.
- Fix -M and --type to use strings, not pointers that change on config refresh.
- Fix lvconvert error message when existing mirrored LV is not found.
- Set appropriate udev flags for reserved LVs.
- Disallow the direct removal of a merging snapshot.
- Don't preload the origin when removing a snapshot whose merge is pending.
- Disallow the addition of mirror images while a conversion is happening.
- Disallow primary mirror image removal when mirror is not in-sync.
- Remove obsolete --name parameter from vgcfgrestore.
- Add -S command to clvmd to restart the daemon preserving exclusive locks.
- Increment lvm2app version from 1 to 2 (memory allocation changes).
- Change lvm2app memory alloc/free for pv/vg/lv properties.
- Change daemon lock filename from lvm2_monitor to lvm2-monitor for consistency.
- Add support for new IMPORT{db} udev rule.
- Add DM_UDEV_PRIMARY_SOURCE_FLAG udev flag to recognize proper DM events.
- Also include udev libs in libdevmapper.pc.
- Cache bitset locations to speed up _calc_states.
- Add a regex optimisation pass for shared prefixes and suffixes.
- Add dm_bit_and and dm_bitset_equal to libdevmapper.
- Speed up dm_bit_get_next with ffs().
* Thu Apr 15 2010 Alasdair Kergon <agk at redhat.com> - 2.02.63-2
- Remove 'lvmconf --lockinglibdir' from cluster post: locking is now built-in.
- Move libdevmapper-event-lvm2.so to devel package.
- Explicitly specify libdevmapper-event.so* attributes.
- Drop support for upgrades from very old versions that used lvm not lvm2.
- Move libdevmapper-event plug-in libraries into new device-mapper subdirectory.
- Don't verify lvm.conf contents when using rpm --verify.
* Wed Apr 14 2010 Alasdair Kergon <agk at redhat.com> - 2.02.63-1
- Move development links to shared objects to /usr (hard-coded temporarily).
- Change libdevmapper deactivation to fail if device is open.
- Wipe memory buffers for libdevmapper dm-ioctl parameters before releasing.
- Strictly require libudev if udev_sync is used.
- Add support for ioctl's DM_UEVENT_GENERATED_FLAG.
- Allow incomplete mirror restore in lvconvert --repair upon insufficient space.
- Do not reset position in metadata ring buffer on vgrename and vgcfgrestore.
- Allow VGs with active LVs to be renamed.
- Only pass visible LVs to tools in cmdline VG name/tag expansions without -a.
- Use C locale and mlockall in clvmd and dmeventd.
- Mask LCK_HOLD in cluster VG locks for upgrade compatibility with older clvmd.
- Add activation/polling_interval to lvm.conf as --interval default.
- Don't ignore error if resuming any LV fails when resuming groups of LVs.
- Skip closing persistent filter cache file if open failed.
- Permit mimage LVs to be striped in lvcreate, lvresize and lvconvert.
- Fix pvmove allocation to take existing parallel stripes into account.
- Fix incorrect removal of symlinks after LV deactivation fails.
- Fix is_partitioned_dev not to attempt to reopen device.
- Fix another thread race in clvmd.
- Improve vg_validate to detect some loops in lists.
- Change most remaining log_error WARNING messages to log_warn.
- Always use blocking lock for VGs and orphan locks.
- Allocate all memory for segments from private VG mempool.
- Optimise searching PV segments for seeking the most recently-added.
- Remove duplicated vg_validate checks when parsing cached metadata.
- Use hash table of LVs to speed up parsing of text metadata with many LVs.
- Fix two vg_validate messages, adding whitespace and parentheses.
- When dmeventd is not forking because of -d flag, don't kill parent process.
- Fix dso resource leak in error path of dmeventd.
- Fix --alloc contiguous policy only to allocate one set of parallel areas.
- Do not allow {vg|lv}change --ignoremonitoring if on clustered VG.
- Add ability to create mirrored logs for mirror LVs.
- Fix clvmd cluster propagation of dmeventd monitoring mode.
- Allow ALLOC_ANYWHERE to split contiguous areas.
- Add some assertions to allocation code.
- Introduce pv_area_used into allocation algorithm and add debug messages.
- Add activation/monitoring to lvm.conf.
- Add --monitor and --ignoremonitoring to lvcreate.
- Don't allow resizing of internal logical volumes.
- Fix libdevmapper-event pkgconfig version string to match libdevmapper.
- Avoid scanning all pvs in the system if operating on a device with mdas.
- Disable long living process flag in lvm2app library.
- Fix pvcreate device md filter check.
- Suppress repeated errors about the same missing PV uuids.
- Bypass full device scans when using internally-cached VG metadata.
- Only do one full device scan during each read of text format metadata.
- Look up missing PVs by uuid not dev_name in pvs to avoid invalid stat.
* Tue Mar  9 2010 Alasdair Kergon <agk at redhat.com> - 2.02.62-1
- Rewrite clvmd init script.
- Add default alternative to mlockall using mlock to reduce pinned memory size.
- Add use_mlockall and mlock_filter to activation section of lvm.conf.
- Handle misaligned devices that report alignment_offset of -1.
- Extend core allocation code in preparation for mirrored log areas.
- No longer fall back to looking up active devices by name if uuid not found.
- Don't touch /dev in vgmknodes if activation is disabled.
- Add --showkeys parameter description to dmsetup man page.
- Add --help option as synonym for help command.
- Add lvm2app functions lvm_{vg|lv}_{get|add|remove}_tag() functions.
- Refactor snapshot-merge deptree and device removal to support info-by-uuid.
* Fri Mar  5 2010 Peter Rajnoha <prajnoha at redhat.com> - 2.02.61-2
- Change spec file to support excluding cluster components from the build.
* Tue Feb 16 2010 Alasdair Kergon <agk at redhat.com> - 2.02.61-1
- Add %ORIGIN support to lv{create,extend,reduce,resize} --extents.
- Accept a list of LVs with 'lvconvert --merge @tag' using process_each_lv.
- Remove false "failed to find tree node" error when activating merging origin.
- Exit with success when lvconvert --repair --use-policies performs no action.
- Avoid unnecessary second resync when adding mimage to core-logged mirror.
- Make clvmd -V return status zero.
- Fix cmirrord segfault in clog_cpg list processing when converting mirror log.
- Deactivate temporary pvmove mirror cluster-wide when activating it fails.
- Add missing metadata vg_reverts in pvmove error paths.
- Unlock shared lock in clvmd if activation calls fail.
- Add lvm_pv_get_size, lvm_pv_get_free and lvm_pv_get_dev_size to lvm2app.
- Change lvm2app to return all sizes in bytes as documented (not sectors).
- Exclude internal VG names and uuids from lists returned through lvm2app.
- Add LVM_SUPPRESS_LOCKING_FAILURE_MESSAGES environment variable.
- Add DM_UDEV_DISABLE_LIBRARY_FALLBACK udev flag to rely on udev only.
- Remove hard-coding that skipped _mimage devices from 11-dm-lvm.rules.
- Export dm_udev_create_cookie function to create new cookies on demand.
- Add --udevcookie, udevcreatecookie and udevreleasecookie to dmsetup.
- Set udev state automatically instead of using DM_UDEV_DISABLE_CHECKING.
- Set udev state automatically instead of using LVM_UDEV_DISABLE_CHECKING.
- Remove pointless versioned symlinks to dmeventd plugin libraries.
* Fri Jan 29 2010 Alasdair Kergon <agk at redhat.com> - 2.02.60-5
- Replace spaces with tabs in a couple of places in spec file.
* Sat Jan 23 2010 Alasdair Kergon <agk at redhat.com> - 2.02.60-4
- Extend cmirrord man page.
- Sleep before first progress check iff pvmove/lvconvert interval has prefix '+'.
- Fix cmirror initscript syntax problems.
- Fix first syslog message prefix for dmeventd plugins.
- Make failed locking initialisation messages more descriptive.
* Fri Jan 22 2010 Alasdair Kergon <agk at redhat.com> - 2.02.59-3
- Fix dmeventd lvm2 wrapper (plug-ins unusable in last build).
- Make failed locking initialisation messages more descriptive.
* Fri Jan 22 2010 Fabio M. Di Nitto <fdinitto at redhat.com> - 2.02.59-2
- Drop duplicated BuildRequires on openaislib-devel.
- Drop Requires on clusterlib for cmirror subpackage.
- clvmd subpackage should Requires cman (#506592).
* Fri Jan 22 2010 Alasdair Kergon <agk at redhat.com> - 2.02.59-1
- Add cmirror subpackage for clustered mirrors.
- Set 'preferred_names' in default lvm.conf.
- Add libdevmapper-event-lvm2.so to serialise dmeventd plugin liblvm2cmd use.
- Stop dmeventd trying to access already-removed snapshots.
- Fix clvmd to never scan suspended devices.
- Fix detection of completed snapshot merge.
- Improve snapshot merge metadata import validation.
* Thu Jan 14 2010 Alasdair Kergon <agk at redhat.com> - 2.02.58-1
- Fix clvmd automatic target module loading crash.
- Fix allocation code not to stop at the first area of a PV that fits.
- Add support for the "snapshot-merge" kernel target (2.6.33-rc1).
- Add --merge to lvconvert to merge a snapshot into its origin.
* Tue Jan 12 2010 Alasdair Kergon <agk at redhat.com> - 2.02.57-1
- Add --splitmirrors to lvconvert to split off part of a mirror.
- Allow vgremove to remove a VG with PVs missing after a prompt.
- Add activation/udev_rules config option in lvm.conf.
- Add --poll flag to vgchange and lvchange to control background daemon launch.
- Impose limit of 8 mirror images to match the in-kernel kcopyd restriction.
- Log failure type and recognise type 'F' (flush) in dmeventd mirror plugin.
- Add --noudevrules option for dmsetup to disable /dev node management by udev.
- Fix 'dmsetup info -c -o all' to show all fields.
- Fix coredump and memory leak for 'dmsetup help -c'.
- Rename mirror_device_fault_policy to mirror_image_fault policy.
- Use extended status of new kernel snapshot target 1.8.0 to detect when empty.
- Allow use of precommitted metadata when a PV is missing.
- Add global/abort_on_internal_errors to lvm.conf to assist testing.
- If aborting due to internal error, always send that message to stderr.
- Keep log type consistent when changing mirror image count.
- Exit with success in lvconvert --repair --use-policies on failed allocation.
- Ensure any background daemon exits without duplicating parent's functionality.
- Change background daemon process names to "(lvm2)".
- Fix internal lock state after forking.
- Remove empty PV devices if lvconvert --repair is using defined policies.
- Use fixed buffer to prevent stack overflow in persistent filter dump.
- Propagate metadata commit and revert notifications to other cluster nodes.
- Fix metadata caching and lock state propagation to remote nodes in clvmd.
- Properly decode all flags in clvmd messages including VG locks.
- Drop cached metadata after device was auto-repaired and removed from VG.
- Clear MISSING_PV flag if PV reappeared and is empty.
- Fix removal of multiple devices from a mirror.
- Also clean up PVs flagged as missing in vgreduce --removemissing --force.
- Fix some pvresize and toollib error paths with missing VG releases/unlocks.
- Explicitly call suspend for temporary mirror layer.
- Add memlock information to do_lock_lv debug output.
- Always bypass calls to remote cluster nodes for non-clustered VGs.
- Permit implicit cluster lock conversion in pre/post callbacks on local node.
- Permit implicit cluster lock conversion to the lock mode already held.
- Fix lock flag masking in clvmd so intended code paths get invoked.
- Remove newly-created mirror log from metadata if initial deactivation fails.
- Improve pvmove error message when all source LVs are skipped.
- Fix memlock imbalance in lv_suspend if already suspended.
- Fix pvmove test mode not to poll (and fail).
- Fix vgcreate error message if VG already exists.
- Fix tools to use log_error when aborted due to user response to prompt.
- Fix ignored readahead setting in lvcreate --readahead.
- Fix clvmd memory leak in lv_info_by_lvid by calling release_vg.
- If LVM_UDEV_DISABLE_CHECKING is set in environment, disable udev warnings.
- If DM_UDEV_DISABLE_CHECKING is set in environment, disable udev warnings.
- Always set environment variables for an LVM2 device in 11-dm-lvm.rules.
- Disable udev rules for change events with DISK_RO set.
- Add dm_tree_add_dev_with_udev_flags to provide wider support for udev flags.
- Correct activated or deactivated text in vgchange summary message.
- Fix fsadm man page typo (fsdam).
* Tue Nov 24 2009 Alasdair Kergon <agk at redhat.com> - 2.02.56-2
- Revert vg_read_internal change as clvmd was not ready for vg_read. (2.02.55)
- Fix unbalanced memory locking when deactivating LVs.
- Add missing vg_release to pvs and pvdisplay to fix memory leak.
- Do not try to unlock VG which is not locked when processing a VG.
- Update .cache file after every full device rescan in clvmd.
- Refresh all device filters (including sysfs) before each full device rescan.
- Return error status if vgchange fails to activate any volume.
* Thu Nov 19 2009 Alasdair Kergon <agk at redhat.com> - 2.02.55-1
- Fix deadlock when changing mirrors due to unpaired memlock refcount changes.
- Fix pvmove region_size overflow for very large PVs.
- Fix lvcreate and lvresize %PVS argument always to use sensible total size.
- Directly restrict vgchange to activating visible LVs.
- Fix hash lookup segfault when keys compared are different lengths.
- Flush stdout after yes/no prompt.
- Recognise DRBD devices and handle them like md devices.
- Add dmsetup --inactive support (requires kernel support targetted for 2.6.33).
* Fri Nov 13 2009 Peter Rajnoha <prajnoha at redhat.com> - 2.02.54-3
- Support udev flags even when udev_sync is disabled.
- Remove last_rule from udev_rules.
- Udev rules cleanup.
* Tue Nov  3 2009 Peter Rajnoha <prajnoha at redhat.com> - 2.02.54-2
- Enable udev synchronisation code.
- Install default udev rules for device-mapper and LVM2.
- Add BuildRequires: libudev-devel.
- Add Requires: libudev (to check udev is running).
- Add Requires: util-linux-ng (blkid used in udev rules).
- Add Conflicts: dracut < 002-18 (for dracut to install required udev rules)
* Tue Oct 27 2009 Alasdair Kergon <agk at redhat.com> - 2.02.54-1
- Add implict pvcreate support to vgcreate and vgextend.
- Add --pvmetadatacopies for pvcreate, vgcreate, vgextend, vgconvert.
- Distinguish between powers of 1000 and powers of 1024 in unit suffixes.
- Restart lvconverts in vgchange.
- Don't attempt to deactivate an LV if any of its snapshots are in use.
- Return error if lv_deactivate fails to remove device from kernel.
- Treat input units of both 's' and 'S' as 512-byte sectors.  (2.02.49)
- Use standard output units for 'PE Size' and 'Stripe size' in pv/lvdisplay.
- Add global/si_unit_consistency to enable cleaned-up use of units in output.
- Only do lock conversions in clvmd if we are explicitly asked for one.
- Fix clvmd segfault when refresh_toolcontext fails.
- Cleanup mimagetmp LV if allocation fails for new lvconvert mimage.
- Handle metadata with unknown segment types more gracefully.
- Make clvmd return 0 on success rather than 1.
- Correct example.conf to indicate that lvm2 not lvm1 is the default format.
- Delay announcing mirror monitoring to syslog until initialisation succeeded.
- Update lvcreate/lvconvert man pages to explain PhysicalVolume parameter.
- Document --all option in man pages and cleanup {pv|vg|lv}{s|display} pages.
* Mon Oct 19 2009 Fabio M. Di Nitto <fdinitto at redhat.com> - 2.02.53-3
- Enable openais support in clvmd.
--------------------------------------------------------------------------------


================================================================================
 monit-5.1.1-2.fc12 (FEDORA-2010-12272)
 Manages and monitors processes, files, directories and devices
--------------------------------------------------------------------------------
Update Information:

Enabled PAM authentication (bz #621599)
--------------------------------------------------------------------------------
ChangeLog:

* Thu Aug  5 2010 Maxim Burgerhout <wzzrd at fedoraproject.org> - 5.1.1-2
- Enabled PAM authentication (bz #621599)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #621599 - monit does not support pam authentication
        https://bugzilla.redhat.com/show_bug.cgi?id=621599
--------------------------------------------------------------------------------


================================================================================
 openconnect-2.25-1.fc12 (FEDORA-2010-12253)
 Open client for Cisco AnyConnect VPN
--------------------------------------------------------------------------------
Update Information:

This update enables validation of the VPN server's SSL certificate by default,
to defend against a potential man-in-the-middle attack.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Aug  1 2010 David Woodhouse <David.Woodhouse at intel.com> - 2.25-1
- Update to 2.25. (#620219: Check server cert against hostname)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #620219 - OpenConnect: Always validate server certificate, check server hostname against its certificate
        https://bugzilla.redhat.com/show_bug.cgi?id=620219
--------------------------------------------------------------------------------


================================================================================
 php-pear-CAS-1.1.2-1.fc12 (FEDORA-2010-12247)
 Central Authentication Service client library in php
--------------------------------------------------------------------------------
Update Information:

Security fixes  * Fix a session hijacking hole CVE-2010-2795 [PHPCAS-61]  *
callbackurl in proxy mode should be urlencoded, possible XSS CVE-2010-2796
[PHPCAS-67]    Bug fixes  * Fix warnings for SAML responses without attributes
[PHPCAS-59]  * Fix duplicate SAML debug output [PHPCAS-64]  * Providing a new
ST/PT/SA during an authenticated session will be ignored and a warning will be
issued to the debug log. [PHPCAS-61]  * fix 2 undefinded variable notices in
serviceWeb() [PHPCAS-68]  * Prevent domxml-php4-to-php5 to be inclueded twice
[PHPCAS-48]    Improvement  * Debuglog now contains phpCAS version information
[PHPCAS-62]
--------------------------------------------------------------------------------
ChangeLog:

* Tue Aug  3 2010 Remi Collet <Fedora at FamilleCollet.com> - 1.1.2-1
- update to 1.1.2
- fix  CVE-2010-2795, CVE-2010-2796, #620753
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #620753 - CVE-2010-2795 CVE-2010-2796 php-pear-CAS various flaws [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=620753
  [ 2 ] Bug #620759 - CVE-2010-2795 CVE-2010-2796 glpi various flaws [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=620759
--------------------------------------------------------------------------------


================================================================================
 python-pycha-0.5.3-1.fc12 (FEDORA-2010-12251)
 A library for drawing charts with Python and Cairo
--------------------------------------------------------------------------------
Update Information:

- bugfix release; please see upstream's changelog for more information:
http://pypi.python.org/pypi/pycha/0.5.3#id2
--------------------------------------------------------------------------------
ChangeLog:

* Sat Aug  7 2010 Ionuț C. Arțăriși <mapleoin at fedoraproject.org> - 0.5.3-1
- new upstream bugfix release
--------------------------------------------------------------------------------


================================================================================
 rekonq-0.5.0-2.fc12 (FEDORA-2010-12255)
 KDE browser based on QtWebkit
--------------------------------------------------------------------------------
Update Information:

Fixes CVE-2010-2536  New upstream version with following changes:  * improved
adblock, automagically updating filter lists (+abp scheme support)  * RSS
support  * new urlbar (tech preview): it's just nice and more will come..  *
auto-scrolling  * downloads history tracked  * SSL Info support  * Bookmarks &
history panels improvements  * bugfixing & users wishes  New upstream version
with following changes:  * improved adblock, automagically updating filter lists
(+abp scheme support)  * RSS support  * new urlbar (tech preview): it's just
nice and more will come..  * auto-scrolling  * downloads history tracked  * SSL
Info support  * Bookmarks & history panels improvements  * bugfixing & users
wishes
--------------------------------------------------------------------------------
ChangeLog:

* Tue Aug  3 2010 Thomas Janssen <thomasj at fedoraproject.org> 0.5.0-2
- added patch to fix CVE-2010-2536 (patch by Eelko)
- fixes #620897
* Tue Jul 13 2010 Eelko Berkenpies <fedora at berkenpi.es> 0.5.0-1
- rekonq 0.5.0
* Thu Jun 17 2010 Thomas Janssen <thomasj at fedoraproject.org> 0.4.95-1
- rekonq 0.4.95
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #620897 - CVE-2010-2536 rekonq: universal XSS issue
        https://bugzilla.redhat.com/show_bug.cgi?id=620897
--------------------------------------------------------------------------------


================================================================================
 roundup-1.4.15-1.fc12 (FEDORA-2010-12269)
 Simple and flexible issue-tracking system
--------------------------------------------------------------------------------
Update Information:

update to 1.4.15
--------------------------------------------------------------------------------
ChangeLog:

* Sun Aug  1 2010 John Khvatov <ivaxer at fedoraproject.org> - 1.4.15-1
- updated to 1.4.15
* Thu Jul 22 2010 David Malcolm <dmalcolm at redhat.com> - 1.4.13-3
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #610867 - roundup: XSS by processing PageTemplate template for a named page [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=610867
--------------------------------------------------------------------------------


================================================================================
 texmaker-2.0-1.fc12 (FEDORA-2010-12267)
 LaTeX editor
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug  6 2010 Deji Akingunola <dakingun at gmail.com> - 2.0-1
- Update to 2.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #606001 - [abrt] crash in texmaker-1:1.9.9-1.fc13: QTextCodec::fromUnicode: Process /usr/bin/texmaker was killed by signal 11 (SIGSEGV)
        https://bugzilla.redhat.com/show_bug.cgi?id=606001
  [ 2 ] Bug #608873 - [abrt] crash in texmaker-1:1.9.9-1.fc13: const: Process /usr/bin/texmaker was killed by signal 11 (SIGSEGV)
        https://bugzilla.redhat.com/show_bug.cgi?id=608873
--------------------------------------------------------------------------------


================================================================================
 uzbl-0-0.16.20100626gitafc0f873e.fc12 (FEDORA-2010-12276)
 Lightweight WebKit browser following the UNIX philosophy
--------------------------------------------------------------------------------
Update Information:

Fix a bug in the default configuration for the mouse bindings that can allow
crafted links to execute arbitrary shell code.    Please check your local
configuration and replace "\@SELECTED_URI" with "$8" in any string that is
executed as shell code (usually involves "sh 'commands_here'").
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug  6 2010 Ben Boeckel <mathstuf at gmail.com> - 0-0.16.20100626gitafc0f873e
- Add patch for shell escaping bug (BZ#621965)
* Sat Jul  3 2010 Ben Boeckel <mathstuf at gmail.com> - 0-0.15.20100626gitafc0f873e
- Rebuild against webkitgtk
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #621965 - uzbl: malicious code execution via unsanitized @SELECTED_URI [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=621965
--------------------------------------------------------------------------------



More information about the test mailing list