Fedora 11 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Sat Mar 6 03:56:00 UTC 2010
The following builds have been pushed to Fedora 11 updates-testing
SoQt-1.5.0-1.fc11
asterisk-1.6.1.17-1.fc11
audex-0.72-0.5.beta1.fc11
bakefile-0.2.8-3.fc11
cups-1.4.2-26.fc11
fetch-crl-2.8.2-1.fc11
freeciv-2.2.0-1.fc11
gdesklets-0.36.2-1.fc11
gwsmhg-0.8.4-1.fc11
ikiwiki-3.20100302-1.fc11
kmplayer-0.11.2-1.fc11
lftp-3.7.14-3.fc11
libchewing-0.3.2-26.fc11
libpng10-1.0.53-1.fc11
perl-Color-Calc-1.061-1.fc11
perl-Config-INI-MVP-0.024-1.fc11
perl-File-DirCompare-0.5-1.fc11
perl-URI-Find-20100211-1.fc11
pidgin-2.6.6-2.fc11
poppler-0.10.7-4.fc11
python-empy-3.3-5.fc11
rubygem-gemcutter-0.3.0-3.fc11
terminator-0.14-2.fc11
uget-1.5.0.2-1.fc11
waf-1.5.13-1.fc11
Details about builds:
================================================================================
SoQt-1.5.0-1.fc11 (FEDORA-2010-3807)
High-level 3D visualization library
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 3 2010 Ralf Corsépius <corsepiu at fedoraproject.org> - 1.5.0-1
- Upstream update.
- Spec file overhaul.
--------------------------------------------------------------------------------
================================================================================
asterisk-1.6.1.17-1.fc11 (FEDORA-2010-3724)
The Open Source PBX
--------------------------------------------------------------------------------
Update Information:
Update to 1.6.1.17 * AST-2010-003: Invalid parsing of ACL rules can compromise
security * AST-2010-002: This security release is intended to raise awareness of
how it is possible to insert malicious strings into dialplans, and to advise
developers to read the best practices documents so that they may easily avoid
these dangers. * AST-2010-001: An attacker attempting to negotiate T.38 over SIP
can remotely crash Asterisk by modifying the FaxMaxDatagram field of the SDP to
contain either a negative or exceptionally large value. The same crash occurs
when the FaxMaxDatagram field is omitted from the SDP as well.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 1 2010 Jeffrey C. Ollie <jeff at ocjtech.us> - 1.6.1.17-1
- Update to 1.6.1.17
-
- * AST-2010-003: Invalid parsing of ACL rules can compromise security
- * AST-2010-002: This security release is intended to raise awareness
- of how it is possible to insert malicious strings into dialplans,
- and to advise developers to read the best practices documents so
- that they may easily avoid these dangers.
- * AST-2010-001: An attacker attempting to negotiate T.38 over SIP can
- remotely crash Asterisk by modifying the FaxMaxDatagram field of
- the SDP to contain either a negative or exceptionally large value.
- The same crash occurs when the FaxMaxDatagram field is omitted from
- the SDP as well.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #561332 - CVE-2010-0441 Asterisk: Remote DoS via specially-crafted FaxMaxDatagram SDP packets (AST-2010-001)
https://bugzilla.redhat.com/show_bug.cgi?id=561332
--------------------------------------------------------------------------------
================================================================================
audex-0.72-0.5.beta1.fc11 (FEDORA-2010-3782)
Audio ripper
--------------------------------------------------------------------------------
Update Information:
Fixed compile on KDE 4.4, also fixed dso linking.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 3 2010 Roland Wolters <wolters.liste at gmx.net> 0.72-0.5.beta1
- Fix compile bug
--------------------------------------------------------------------------------
================================================================================
bakefile-0.2.8-3.fc11 (FEDORA-2010-3757)
A cross-platform, cross-compiler native makefiles generator
--------------------------------------------------------------------------------
Update Information:
Bakefile is cross-platform, cross-compiler native makefiles generator. It takes
compiler-independent description of build tasks as input and generates native
makefile (autoconf's Makefile.in, Visual C++ project, bcc makefile etc.).
--------------------------------------------------------------------------------
================================================================================
cups-1.4.2-26.fc11 (FEDORA-2010-2743)
Common Unix Printing System
--------------------------------------------------------------------------------
Update Information:
This update addresses a denial of service security issue (CVE-2010-0302) as well
as fixing several other small problems: * classes.conf is now updated when a
class member is deleted. * the usermode dependency has been removed. * the
udev rules are now installed in the correct location. * cups-config now has
no multilib conflict. * the ipp backend now clears the printer status on
completion. * cupsGetNamedDest() is no longer confused by old configuration
files. * the scheduler no longer treats SIGPIPE as a filter error. * the
gcrypt threading patch has been reverted. * the package no longer owns
filesystem-owned directories.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 5 2010 Tim Waugh <twaugh at redhat.com> - 1:1.4.2-26
- Applied patch for CVE-2010-0302 (incomplete fix for CVE-2009-3553,
bug #557775).
* Tue Mar 2 2010 Tim Waugh <twaugh at redhat.com> - 1:1.4.2-25
- Don't own filesystem locale directories (bug #569403).
- Don't apply gcrypt threading patch (bug #553834).
- Don't treat SIGPIPE as an error (bug #569770).
* Wed Feb 24 2010 Jiri Popelka <jpopelka at redhat.com> 1:1.4.2-24
- Fixed cupsGetNamedDest() so it falls back to the real default
printer when a default from configuration file does not exist (bug #565569, STR #3503).
* Tue Feb 23 2010 Tim Waugh <twaugh at redhat.com> - 1:1.4.2-23
- Update classes.conf when a class member printer is deleted
(bug #565878, STR #3505).
* Tue Feb 23 2010 Tim Waugh <twaugh at redhat.com> - 1:1.4.2-22
- Re-initialize the resolver if getnameinfo() returns EAI_AGAIN
(bug #567353).
* Fri Jan 15 2010 Tim Waugh <twaugh at redhat.com> - 1:1.4.2-21
- Reset status after successful ipp job (bug #548219, STR #3460).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #557775 - CVE-2010-0302 cups Incomplete fix for CVE-2009-3553
https://bugzilla.redhat.com/show_bug.cgi?id=557775
--------------------------------------------------------------------------------
================================================================================
fetch-crl-2.8.2-1.fc11 (FEDORA-2010-3759)
Downloads Certificate Revocation Lists
--------------------------------------------------------------------------------
Update Information:
This tool and associated cron entry ensure that Certificate Revocation Lists
(CRLs) are periodically retrieved from the web sites of the respective
Certification Authorities. It assumes that the installed CA files follow the
hash.crl_url convention. This latest version contains bugfix: When more than one
URL was listed in the crl_url file, fetch-crl would download /all/ of these
CRLs, even if the download of the first one was already successful. And it
would complain loudly if any of these failed. This kind-of defeats the purpose
of having multiple URLs there.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #564143 - Review Request: fetch-crl - Downloads Certificate Revocation Lists
https://bugzilla.redhat.com/show_bug.cgi?id=564143
--------------------------------------------------------------------------------
================================================================================
freeciv-2.2.0-1.fc11 (FEDORA-2010-3793)
A multi-player strategy game
--------------------------------------------------------------------------------
Update Information:
Way to much changes/bugfixes to post it here. Please see the installed
changelog.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 2 2010 Thomas Janssen <thomasj at fedoraproject.org> 2.2.0
- New upstream source 2.2.0
--------------------------------------------------------------------------------
================================================================================
gdesklets-0.36.2-1.fc11 (FEDORA-2010-3772)
An interactive Imlib2 console for the X Window system
--------------------------------------------------------------------------------
Update Information:
This is an upstream update that is also addressing compatibility issue with
python 2.6.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 3 2010 Luya Tshimbalanga <luya at fedoraproject.org> 0.36.2-1
- New upstream version
- Dropped patch related to python 2.6 compatibility
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #567148 - [abrt] crash in gdesklets-0.36.1-7.fc12
https://bugzilla.redhat.com/show_bug.cgi?id=567148
--------------------------------------------------------------------------------
================================================================================
gwsmhg-0.8.4-1.fc11 (FEDORA-2010-3808)
A PyGTK GUI wrapper for hg and mq
--------------------------------------------------------------------------------
Update Information:
Upstream bugfix release
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 5 2010 Mads Kiilerich <mads at kiilerich.com> - 0.8.4-1
- New upstream bugfix release 0.8.4
--------------------------------------------------------------------------------
================================================================================
ikiwiki-3.20100302-1.fc11 (FEDORA-2010-3791)
A wiki compiler
--------------------------------------------------------------------------------
Update Information:
Update to 3.20100302, with various bug fixes and enhancements. See
http://ikiwiki.info/news/ for a list of changes.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 3 2010 Thomas Moschny <thomas.moschny at gmx.de> - 3.20100302-1
- Update to 3.20100302.
--------------------------------------------------------------------------------
================================================================================
kmplayer-0.11.2-1.fc11 (FEDORA-2010-3801)
A simple frontend for MPlayer/FFMpeg/Phonon
--------------------------------------------------------------------------------
Update Information:
Second 0.11 release for KDE4 Lots of improvement in the SMIL engine, now many
of the 2.1 and 3.0 tests play correctly. On the porting from KDE3 front,
language and subtitle selection works again for the MPlayer player when playing
a DVD.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 5 2010 Orcan Ogetbil <oget[DOT]fedora[AT]gmail[DOT]com> - 0.11.2-1
- kmplayer-0.11.2
- Drop upstreamed dso linking patch
* Sat Feb 13 2010 Orcan Ogetbil <oget[DOT]fedora[AT]gmail[DOT]com> - 0.11.1b-4
- Fix DSO linking RHBZ#564937
* Thu Aug 6 2009 Orcan Ogetbil <oget[DOT]fedora[AT]gmail[DOT]com> - 0.11.1b-3
- Update the .desktop file
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.11.1b-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
lftp-3.7.14-3.fc11 (FEDORA-2010-3731)
A sophisticated file transfer program
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 4 2010 Jiri Skala <jskala at redhat.com> - 3.7.14-3
- fixes #566562 - lftp doesn't properly implement CCC
* Wed Jun 10 2009 Jiri Skala <jskala at redhat.com> - 3.7.14-2
- fixed bug in ls via http - corrupted file names containing spaces
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #566562 - lftp doesn't properly implement CCC
https://bugzilla.redhat.com/show_bug.cgi?id=566562
--------------------------------------------------------------------------------
================================================================================
libchewing-0.3.2-26.fc11 (FEDORA-2010-3711)
Intelligent phonetic input method library for Traditional Chinese
--------------------------------------------------------------------------------
Update Information:
Fix Dvorak Hsu's 4th tone. (ibus Google code issue 755, comment 12)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 4 2010 Ding-Yi Chen <dchen at redhat dot com> - 0.3.2-26
- Fix Dvorak Hsu 4th tone key (ibus google issue 755 comment 12,
chewing google issue 10)
- Resolves: #555192
* Mon Feb 15 2010 Ding-Yi Chen <dchen at redhat dot com> - 0.3.2-24
- Fix Hsu and Dvorak Hsu input (ibus google issue 755,
chewing google issue 10)
- Resolves: #555192
* Mon Feb 15 2010 Ding-Yi Chen <dchen at redhat dot com> - 0.3.2-23
- Fix Hsu and Dvorak Hsu input (ibus google issue 755,
chewing google issue 10)
- Resolves: #555192
--------------------------------------------------------------------------------
================================================================================
libpng10-1.0.53-1.fc11 (FEDORA-2010-3414)
Old version of libpng, needed to run old binaries
--------------------------------------------------------------------------------
Update Information:
This is the latest upstream maintenance release. In addition to a number of
minor bugfixes, it mitigates the resource-consumption effects of highly
compressed ancillary chunks in hostile PNG files as described at
http://libpng.sourceforge.net/ADVISORY-1.4.1.html This issue has been
assigned CVE-2010-0205 by CERT.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 25 2010 Paul Howarth <paul at city-fan.org> 1.0.53-1
- update to 1.0.53 (minor changes, see ANNOUNCE for details)
- drop patch for #555485, included upstream
* Thu Jan 7 2010 Paul Howarth <paul at city-fan.org> 1.0.52-2
- add upstream fix reinstating PNG_READ_16_TO_8_SUPPORTED and
PNG_READ_GRAY_TO_RGB_SUPPORTED (not defined in 1.0.51 and 1.0.52),
causing API/ABI regressions (#555485)
* Mon Jan 4 2010 Paul Howarth <paul at city-fan.org> 1.0.52-1
- update to 1.0.52 (minor changes, see ANNOUNCE for details)
* Thu Dec 3 2009 Paul Howarth <paul at city-fan.org> 1.0.51-1
- update to 1.0.51 (see ANNOUNCE for details)
- update soname patch to apply to 1.0.51
* Fri Sep 11 2009 Paul Howarth <paul at city-fan.org> 1.0.50-1
- update to 1.0.50 (garbage removal patch upstreamed)
* Thu Sep 10 2009 Paul Howarth <paul at city-fan.org> 1.0.49-1
- update to 1.0.49 (minor bugfixes)
- patch out garbage in source files left over from edit gone wrong
* Thu Aug 13 2009 Paul Howarth <paul at city-fan.org> 1.0.48-1
- update to 1.0.48
- avoid a possible NULL dereference in debug build, in png_set_text_2()
- reject attempt to write iCCP chunk with negative embedded profile length
- rebase soname patch to remove fuzz
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> 1.0.47-2
- rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Fri Jul 17 2009 Paul Howarth <paul at city-fan.org> 1.0.47-1
- update to 1.0.47 (changes to unknown chunk handling and documentation)
* Thu Jun 18 2009 Paul Howarth <paul at city-fan.org> 1.0.46-1
- garbage removal patch upstreamed
* Thu Jun 18 2009 Paul Howarth <paul at city-fan.org> 1.0.45-2
- patch out garbage in devel config files left over from edit gone wrong
* Thu Jun 4 2009 Paul Howarth <paul at city-fan.org> 1.0.45-1
- update to 1.0.45 (mainly cosmetic code changes)
* Fri May 8 2009 Paul Howarth <paul at city-fan.org> 1.0.44-1
- update to 1.0.44 (fix possible UMR/memory leak issues, revise fflush() usage)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #566234 - CVE-2010-0205 libpng: excessive memory consumption due to highly compressed huge ancillary chunk
https://bugzilla.redhat.com/show_bug.cgi?id=566234
--------------------------------------------------------------------------------
================================================================================
perl-Color-Calc-1.061-1.fc11 (FEDORA-2010-3733)
Simple calculations with RGB colors
--------------------------------------------------------------------------------
================================================================================
perl-Config-INI-MVP-0.024-1.fc11 (FEDORA-2010-3775)
Multi-value capable .ini file reader (for plugins)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #567041 - Review Request: perl-Config-INI-MVP - Multi-value capable .ini file reader (for plugins)
https://bugzilla.redhat.com/show_bug.cgi?id=567041
--------------------------------------------------------------------------------
================================================================================
perl-File-DirCompare-0.5-1.fc11 (FEDORA-2010-3743)
Perl module to compare two directories using callbacks
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #569660 - Review Request: perl-File-DirCompare - Perl module to compare two directories using callbacks
https://bugzilla.redhat.com/show_bug.cgi?id=569660
--------------------------------------------------------------------------------
================================================================================
perl-URI-Find-20100211-1.fc11 (FEDORA-2010-3742)
Find URIs in plain text
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 2 2010 Chris Weyl <cweyl at alumni.drew.edu> 20100211-1
- update by Fedora::App::MaintainerTools 0.004
- updating to latest GA CPAN version (20100211)
- added a new req on perl(URI) (version 1.00)
- added a new req on perl(URI::URL) (version 5.00)
* Mon Dec 7 2009 Stepan Kasal <skasal at redhat.com> - 20090319-4
- rebuild against perl 5.10.1
* Thu Jul 30 2009 Ralf Corsépius <corsepiu at fedoraproject.org> - 20090319-3
- Use Build.PL (Fix mass rebuild breakdown).
* Sun Jul 26 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 20090319-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Tue May 19 2009 Chris Weyl <cweyl at alumni.drew.edu> 20090319-1
- auto-update to 20090319 (by cpan-spec-update 0.01)
- added a new br on perl(Test::More) (version 0.82)
- added a new br on perl(Module::Build) (version 0.30)
--------------------------------------------------------------------------------
================================================================================
pidgin-2.6.6-2.fc11 (FEDORA-2010-3784)
A Gtk+ based multiprotocol instant messaging client
--------------------------------------------------------------------------------
Update Information:
- Upstream backports: 0e3079d15adeb12c1e57ceaf5bf037f9b71c8abd Fix AIM SSL
clientLogin b14ee507e932a395a0e1f29298af162c8614ca0f Fix AIM clientLogin with
proxy Basically, this update makes the AIM protocol work without the disable
SSL workaround.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 4 2010 Warren Togami <wtogami at redhat.com> - 2.6.6-2
- Upstream backports:
0e3079d15adeb12c1e57ceaf5bf037f9b71c8abd Fix AIM SSL clientLogin
b14ee507e932a395a0e1f29298af162c8614ca0f Fix AIM clientLogin with proxy
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #554923 - Cannot connect to AIM - OSCAR HTTP 400 login error: useTLS not allowed
https://bugzilla.redhat.com/show_bug.cgi?id=554923
--------------------------------------------------------------------------------
================================================================================
poppler-0.10.7-4.fc11 (FEDORA-2010-3758)
PDF rendering library
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 4 2010 Marek Kasik <mkasik at redhat.com> - 0.10.7-4
- Fix showing of radio buttons (#480868)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #480868 - evince (poppler?) doesn't display correct checkbox status on OpenOffice.org exported .pdf (but acroread can)
https://bugzilla.redhat.com/show_bug.cgi?id=480868
--------------------------------------------------------------------------------
================================================================================
python-empy-3.3-5.fc11 (FEDORA-2010-3740)
A powerful and robust template system for Python
--------------------------------------------------------------------------------
Update Information:
EmPy is a system for embedding Python expressions and statements in template
text; it takes an EmPy source file, processes it, and produces output.
--------------------------------------------------------------------------------
================================================================================
rubygem-gemcutter-0.3.0-3.fc11 (FEDORA-2010-3811)
The gemcutter client gem
--------------------------------------------------------------------------------
Update Information:
A bug is found that gemcutter gem actually cannot be activated. This is because
gemcutter tries to require "json_pure" gem although Fedora provides "json" gem.
The new rpm will solve this issue.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #570254 - gemcutter cannot be activated
https://bugzilla.redhat.com/show_bug.cgi?id=570254
--------------------------------------------------------------------------------
================================================================================
terminator-0.14-2.fc11 (FEDORA-2010-3715)
Store and run multiple GNOME terminals in one window
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 3 2010 Steven Fernandez <lonetwin at fedoraproject.org> - 0.14-2
- Added dependency for deskbar-applets and gnome-python2-{bonobo,canvas}
packages (bug 540551 and bug 509461)
* Thu Jan 14 2010 Dominic Hopf <dmaphy at fedoraproject.org> - 0.14-1
- New terminator version 0.14
* Sun Jul 26 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.13-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Tue Jul 7 2009 Ian Weller <ian at ianweller.org> - 0.13-2
- BuildRequires: intltool
* Thu Jul 2 2009 Ian Weller <ian at ianweller.org> - 0.13-1
- New upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #540551 - Missing Requires
https://bugzilla.redhat.com/show_bug.cgi?id=540551
[ 2 ] Bug #509461 - Port the 'quake mode' feature to the fedora version of terminator
https://bugzilla.redhat.com/show_bug.cgi?id=509461
--------------------------------------------------------------------------------
================================================================================
uget-1.5.0.2-1.fc11 (FEDORA-2010-3773)
Download manager using GTK+ and libcurl
--------------------------------------------------------------------------------
Update Information:
New version 1.5.0.2 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 4 2010 Mamoru Tasaka <mtasaka at ioa.s.u-tokyo.ac.jp> - 1.5.0.2-1
- 1.5.0.2
--------------------------------------------------------------------------------
================================================================================
waf-1.5.13-1.fc11 (FEDORA-2010-3741)
A Python-based build system
--------------------------------------------------------------------------------
Update Information:
Update to 1.5.13, a bugfix release. See
http://code.google.com/p/waf/source/browse/tags/waf-1.5.13/ChangeLog for the
full list of changes.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 3 2010 Thomas Moschny <thomas.moschny at gmx.de> - 1.5.13-1
- Update to 1.5.13.
--------------------------------------------------------------------------------
More information about the test
mailing list