Fedora 12 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Thu Nov 4 23:50:05 UTC 2010
The following Fedora 12 Security updates need testing:
https://admin.fedoraproject.org/updates/bzip2-1.0.6-1.fc12
https://admin.fedoraproject.org/updates/glpi-0.72.4-3.svn11497.fc12
https://admin.fedoraproject.org/updates/gnome-xcf-thumbnailer-1.0-4.fc12
https://admin.fedoraproject.org/updates/seamonkey-2.0.10-1.fc12
https://admin.fedoraproject.org/updates/mailman-2.1.12-10.fc12
https://admin.fedoraproject.org/updates/bugzilla-3.4.9-1.fc12
https://admin.fedoraproject.org/updates/gif2png-2.5.1-1202.fc12
https://admin.fedoraproject.org/updates/clamav-0.96.3-1200.fc12
https://admin.fedoraproject.org/updates/bristol-0.40.7-7.fc12
https://admin.fedoraproject.org/updates/pam-1.1.1-6.fc12
https://admin.fedoraproject.org/updates/banshee-1.6.1-4.fc12
https://admin.fedoraproject.org/updates/pidgin-2.7.5-1.fc12
https://admin.fedoraproject.org/updates/pootle-2.1.2-1.fc12
https://admin.fedoraproject.org/updates/moodle-1.9.10-1.fc12
https://admin.fedoraproject.org/updates/libsmi-0.4.8-5.fc12
https://admin.fedoraproject.org/updates/proftpd-1.3.3c-1.fc12
The following Fedora 12 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/NetworkManager-0.8.1-10.git20100831.fc12
https://admin.fedoraproject.org/updates/pam-1.1.1-6.fc12
https://admin.fedoraproject.org/updates/findutils-4.4.2-7.fc12
https://admin.fedoraproject.org/updates/nss-softokn-3.12.4-16.fc12
https://admin.fedoraproject.org/updates/xorg-x11-drv-ati-6.13.0-0.22.20100316git819b4015.fc12
https://admin.fedoraproject.org/updates/binutils-2.19.51.0.14-38.fc12
https://admin.fedoraproject.org/updates/util-linux-ng-2.16.2-4.fc12
https://admin.fedoraproject.org/updates/xorg-x11-drv-synaptics-1.2.0-3.fc12
https://admin.fedoraproject.org/updates/findutils-4.4.2-5.fc12
The following builds have been pushed to Fedora 12 updates-testing
bugzilla-3.4.9-1.fc12
kdebase-workspace-4.4.5-2.fc12
qbittorrent-2.4.9-1.fc12
rubygem-cairo-1.10.0-3.fc12
sane-backends-1.0.21-4.fc12
skf-1.97.3-1.fc12
workrave-1.9.2-1.fc12
Details about builds:
================================================================================
bugzilla-3.4.9-1.fc12 (FEDORA-2010-17235)
Bug tracking system
--------------------------------------------------------------------------------
Update Information:
The following security issues have been discovered in Bugzilla:
* There is a way to inject both headers and content to users, causing a serious Cross-Site Scripting vulnerability.
* It was possible to see graphs from Old Charts even if you did not have access to a particular product, and you could browse a particular URL to see all product names.
* YUI 2.8.1, which shipped with Bugzilla starting with 3.7.x, contained a security vulnerability. The version of YUI shipped with Bugzilla 4.0rc1 and above has been updated to 2.8.2.
These are tracked by CVE-2010-3764.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 4 2010 Emmanuel Seyman <emmanuel.seyman at club-internet.fr> - 3.4.9-1
- Update to 3.4.9
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #649398 - CVE-2010-3172 bugzilla: header and content injection vulnerability via Server Push
https://bugzilla.redhat.com/show_bug.cgi?id=649398
[ 2 ] Bug #649404 - CVE-2010-3764 bugzilla: information leak via Old Charts system
https://bugzilla.redhat.com/show_bug.cgi?id=649404
--------------------------------------------------------------------------------
================================================================================
kdebase-workspace-4.4.5-2.fc12 (FEDORA-2010-17243)
KDE Workspace
--------------------------------------------------------------------------------
Update Information:
This update makes fast user switching work in a KDE/Plasma session running under GDM.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 3 2010 Kevin Kofler <Kevin at tigcc.ticalc.org> - 4.4.5-2
- use upstream ck-shutdown patch from 4.6 trunk (instead of my old one),
supports GDM session switching (#560511, kde#186198)
- drop old F11- version of the ck-shutdown patch, F11 is EOL
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #560511 - Unable to switch user from KDE under GDM
https://bugzilla.redhat.com/show_bug.cgi?id=560511
--------------------------------------------------------------------------------
================================================================================
qbittorrent-2.4.9-1.fc12 (FEDORA-2010-17260)
A Bittorrent Client
--------------------------------------------------------------------------------
Update Information:
* Sun Oct 31 2010 - Christophe Dumez <chris at qbittorrent.org> - v2.4.9
- BUGFIX: Fix crash when pressing enter in save path field in torrent addition dialog
- BUGFIX: Fix crash when deleting a torrent with no metadata (closes #667528)
- BUGFIX: Fix possible crash on clicking a RSS article (closes #575624)
- BUGFIX: Correctly update total number of torrents when a torrent is automatically removed (closes #668726)
- BUGFIX: Correctly display the hash of torrents with no metadata
- BUGFIX: Elide status bar text if it is too wide
- BUGFIX: Make sure the splash screen is displayed for 2 seconds
- BUGFIX: Make listening on a particular interface more reliable
- BUGFIX: Fix torrent size update in torrent addition dialog
- BUGFIX: Fix possible crash on qBittorrent shutdown
- BUGFIX: Fix and improve file priorities editing (closes #669084)
- I18N: Updated Arabic, Italian and Croatian translations
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 1 2010 leigh scott <leigh123linux at googlemail.com> - 1:2.4.9-1
- update to 2.4.9
--------------------------------------------------------------------------------
================================================================================
rubygem-cairo-1.10.0-3.fc12 (FEDORA-2010-17237)
Ruby bindings for cairo
--------------------------------------------------------------------------------
Update Information:
Move C extension library so that 'require "cairo"' works without compat ruby-cairo subpackage being installed.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 31 2010 Mamoru Taska <mtasaka at ioa.s.u-tokyo.ac.jp> 1.10.0-3
- Move C extension so that "require %gemname" works correctly
--------------------------------------------------------------------------------
================================================================================
sane-backends-1.0.21-4.fc12 (FEDORA-2010-17264)
Scanner access software
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 3 2010 Nils Philippsen <nils at redhat.com> - 1.0.21-4
- xerox_mfp: correct color mode malfunction (#614949)
- xerox_mfp: add USB id for SCX-4500W (#614948)
* Fri Jun 25 2010 Nils Philippsen <nils at redhat.com> - 1.0.21-3
- build with -fno-strict-aliasing
- use PIC/PIE because SANE-enabled software is likely to deal with data coming
from untrusted sources (client <-> saned via network)
* Mon Jun 7 2010 Nils Philippsen <nils at redhat.com>
- rectify devel subpackage description
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #614948 - No SCX-4500W in libsane.rules
https://bugzilla.redhat.com/show_bug.cgi?id=614948
[ 2 ] Bug #614949 - sane-backends-1.0.21-2 broke SCX-4500W color scanning
https://bugzilla.redhat.com/show_bug.cgi?id=614949
--------------------------------------------------------------------------------
================================================================================
skf-1.97.3-1.fc12 (FEDORA-2010-17267)
Utility binary files in Simple Kanji Filter
--------------------------------------------------------------------------------
Update Information:
New version 1.97.3 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 4 2010 Mamoru Tasaka <mtasaka at ioa.s.u-tokyo.ac.jp> - 1.97.3-1
- 1.97.3
--------------------------------------------------------------------------------
================================================================================
workrave-1.9.2-1.fc12 (FEDORA-2010-17246)
Program that assists in the recovery and prevention of RSI
--------------------------------------------------------------------------------
Update Information:
This new upstream release adds a few small UI improvements and fixes many bugs including some aborts due to X errors.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 3 2010 Tomas Mraz <tmraz at redhat.com> - 1.9.2-1
- new upstream release hopefully fixing at least some of the aborts
--------------------------------------------------------------------------------
More information about the test
mailing list