Fedora 13 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Fri Apr 29 03:24:47 UTC 2011
The following Fedora 13 Security updates need testing:
https://admin.fedoraproject.org/updates/tor-0.2.1.29-1300.fc13
https://admin.fedoraproject.org/updates/SimGear-2.0.0-5.fc13
https://admin.fedoraproject.org/updates/libmodplug-0.8.7-3.fc13
https://admin.fedoraproject.org/updates/feh-1.10.1-1.fc13
https://admin.fedoraproject.org/updates/openldap-2.4.21-12.fc13
https://admin.fedoraproject.org/updates/mingw32-libtiff-3.9.5-1.fc13
https://admin.fedoraproject.org/updates/libcgroup-0.35.1-5.fc13
https://admin.fedoraproject.org/updates/libtiff-3.9.5-1.fc13
https://admin.fedoraproject.org/updates/polkit-0.96-2.fc13
https://admin.fedoraproject.org/updates/mingw32-openssl-1.0.0-0.7.beta4.fc13
https://admin.fedoraproject.org/updates/widelands-0-0.24.build16.fc13
https://admin.fedoraproject.org/updates/xorg-x11-server-utils-7.4-17.fc13
https://admin.fedoraproject.org/updates/mediawiki-1.16.4-58.fc13
https://admin.fedoraproject.org/updates/asterisk-1.6.2.18-1.fc13
https://admin.fedoraproject.org/updates/firefox-3.6.17-1.fc13,mozvoikko-1.0-21.fc13,gnome-web-photo-0.9-19.fc13,perl-Gtk2-MozEmbed-0.08-6.fc13.24,gnome-python2-extras-2.25.3-29.fc13,galeon-2.0.7-40.fc13,thunderbird-3.1.10-1.fc13,xulrunner-1.9.2.17-2.fc13
The following Fedora 13 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/polkit-0.96-2.fc13
https://admin.fedoraproject.org/updates/xorg-x11-drv-penmount-1.4.1-2.fc13
https://admin.fedoraproject.org/updates/python-ethtool-0.7-2.fc13
https://admin.fedoraproject.org/updates/libtiff-3.9.5-1.fc13
https://admin.fedoraproject.org/updates/pygtk2-2.17.0-9.fc13
https://admin.fedoraproject.org/updates/dosfstools-3.0.9-5.fc13
https://admin.fedoraproject.org/updates/libimobiledevice-1.0.6-1.fc13
https://admin.fedoraproject.org/updates/usbmuxd-1.0.7-1.fc13
https://admin.fedoraproject.org/updates/fuse-2.8.5-5.fc13
https://admin.fedoraproject.org/updates/libcgroup-0.35.1-5.fc13
https://admin.fedoraproject.org/updates/openldap-2.4.21-12.fc13
https://admin.fedoraproject.org/updates/livecd-tools-13.2-1.fc13
https://admin.fedoraproject.org/updates/lua-5.1.4-7.fc13
https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-7.fc13
https://admin.fedoraproject.org/updates/lldpad-0.9.26-2.fc13
The following builds have been pushed to Fedora 13 updates-testing
agedu-0-2.r9153.fc13
asterisk-1.6.2.18-1.fc13
firefox-3.6.17-1.fc13
galeon-2.0.7-40.fc13
gnome-python2-extras-2.25.3-29.fc13
gnome-web-photo-0.9-19.fc13
jmol-12.0.41-1.fc13
mozvoikko-1.0-21.fc13
nginx-0.8.54-1.fc13
openobex-1.4-6.fc13
perl-Convert-Color-0.08-1.fc13
perl-Gtk2-MozEmbed-0.08-6.fc13.24
python-kitchen-1.0.0-1.fc13
rcssserver3d-0.6.5-1.fc13
simspark-0.2.2-2.fc13
thunderbird-3.1.10-1.fc13
xulrunner-1.9.2.17-2.fc13
Details about builds:
================================================================================
agedu-0-2.r9153.fc13 (FEDORA-2011-6228)
An utility for tracking down wasted disk space
--------------------------------------------------------------------------------
Update Information:
Update to newest upstream release.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 28 2011 Jussi Lehtola <jussilehtola at fedoraproject.org> - 0-2.r9153
- Update to upstream r9153.
* Mon Feb 7 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0-2.r8928
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Wed Jul 7 2010 Jussi Lehtola <jussilehtola at fedoraproject.org> - 0-1.r8928
- Update to upstream r8928.
--------------------------------------------------------------------------------
================================================================================
asterisk-1.6.2.18-1.fc13 (FEDORA-2011-6208)
The Open Source PBX
--------------------------------------------------------------------------------
Update Information:
The Asterisk Development Team has announced the release of Asterisk 1.6.2.18.
This release is available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/
The release of Asterisk 1.6.2.18 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following is a sample of the issues resolved in this release:
* Only offer codecs both sides support for directmedia.
(Closes issue #17403. Reported, patched by one47)
* Resolution of several DTMF based attended transfer issues.
(Closes issue #17999, #17096, #18395, #17273. Reported by iskatel, gelo,
shihchuan, grecco. Patched by rmudgett)
NOTE: Be sure to read the ChangeLog for more information about these changes.
* Resolve deadlocks related to device states in chan_sip
(Closes issue #18310. Reported, patched by one47. Patched by jpeeler)
* Fix channel redirect out of MeetMe() and other issues with channel softhangup
(Closes issue #18585. Reported by oej. Tested by oej, wedhorn, russellb.
Patched by russellb)
* Fix voicemail sequencing for file based storage.
(Closes issue #18498, #18486. Reported by JJCinAZ, bluefox. Patched by
jpeeler)
* Guard against retransmitting BYEs indefinitely during attended transfers with
chan_sip.
(Review: https://reviewboard.asterisk.org/r/1077/)
In addition to the changes listed above, commits to resolve security issues
AST-2011-005 and AST-2011-006 have been merged into this release. More
information about AST-2011-005 and AST-2011-006 can be found at:
http://downloads.asterisk.org/pub/security/AST-2011-005.pdf
http://downloads.asterisk.org/pub/security/AST-2011-006.pdf
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.18
The Asterisk Development Team has announced security releases for Asterisk
branches 1.4, 1.6.1, 1.6.2, and 1.8. The available security releases are
released as versions 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and 1.8.3.3.
These releases are available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/releases
The releases of Asterisk 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and 1.8.3.3 resolve two
issues:
* File Descriptor Resource Exhaustion (AST-2011-005)
* Asterisk Manager User Shell Access (AST-2011-006)
The issues and resolutions are described in the AST-2011-005 and AST-2011-006
security advisories.
For more information about the details of these vulnerabilities, please read the
security advisories AST-2011-005 and AST-2011-006, which were released at the
same time as this announcement.
For a full list of changes in the current releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.4.40.1
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.1.25
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.17.3
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.3.3
Security advisory AST-2011-005 and AST-2011-006 are available at:
http://downloads.asterisk.org/pub/security/AST-2011-005.pdf
http://downloads.asterisk.org/pub/security/AST-2011-006.pdf
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 28 2011 Jeffrey C. Ollie <jeff at ocjtech.us> - 1.6.2.18-1
-
- The Asterisk Development Team has announced the release of Asterisk 1.6.2.18.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/
-
- The release of Asterisk 1.6.2.18 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release:
-
- * Only offer codecs both sides support for directmedia.
- (Closes issue #17403. Reported, patched by one47)
-
- * Resolution of several DTMF based attended transfer issues.
- (Closes issue #17999, #17096, #18395, #17273. Reported by iskatel, gelo,
- shihchuan, grecco. Patched by rmudgett)
- NOTE: Be sure to read the ChangeLog for more information about these changes.
-
- * Resolve deadlocks related to device states in chan_sip
- (Closes issue #18310. Reported, patched by one47. Patched by jpeeler)
-
- * Fix channel redirect out of MeetMe() and other issues with channel softhangup
- (Closes issue #18585. Reported by oej. Tested by oej, wedhorn, russellb.
- Patched by russellb)
-
- * Fix voicemail sequencing for file based storage.
- (Closes issue #18498, #18486. Reported by JJCinAZ, bluefox. Patched by
- jpeeler)
-
- * Guard against retransmitting BYEs indefinitely during attended transfers with
- chan_sip.
- (Review: https://reviewboard.asterisk.org/r/1077/)
-
- In addition to the changes listed above, commits to resolve security issues
- AST-2011-005 and AST-2011-006 have been merged into this release. More
- information about AST-2011-005 and AST-2011-006 can be found at:
-
- http://downloads.asterisk.org/pub/security/AST-2011-005.pdf
- http://downloads.asterisk.org/pub/security/AST-2011-006.pdf
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.18
* Fri Apr 22 2011 Jeffrey C. Ollie <jeff at ocjtech.us> - 1.6.2.17.3-1
- The Asterisk Development Team has announced security releases for Asterisk
- branches 1.4, 1.6.1, 1.6.2, and 1.8. The available security releases are
- released as versions 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and 1.8.3.3.
-
- These releases are available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The releases of Asterisk 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and 1.8.3.3 resolve two
- issues:
-
- * File Descriptor Resource Exhaustion (AST-2011-005)
- * Asterisk Manager User Shell Access (AST-2011-006)
-
- The issues and resolutions are described in the AST-2011-005 and AST-2011-006
- security advisories.
-
- For more information about the details of these vulnerabilities, please read the
- security advisories AST-2011-005 and AST-2011-006, which were released at the
- same time as this announcement.
-
- For a full list of changes in the current releases, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.4.40.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.1.25
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.17.3
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.3.3
-
- Security advisory AST-2011-005 and AST-2011-006 are available at:
-
- http://downloads.asterisk.org/pub/security/AST-2011-005.pdf
- http://downloads.asterisk.org/pub/security/AST-2011-006.pdf
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #698916 - CVE-2011-1507 Asterisk: file descriptor resource exhaustion (AST-2011-005)
https://bugzilla.redhat.com/show_bug.cgi?id=698916
[ 2 ] Bug #698917 - CVE-2011-1599 Asterisk: Shell command execution via manager Originate action (AST-2011-006)
https://bugzilla.redhat.com/show_bug.cgi?id=698917
--------------------------------------------------------------------------------
================================================================================
firefox-3.6.17-1.fc13 (FEDORA-2011-6205)
Mozilla Firefox Web browser
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 28 2011 Jan Horak <jhorak at redhat.com> - 3.6.17-1
- Update to 3.6.17
* Wed Mar 23 2011 Jan Horak <jhorak at redhat.com> - 3.6.16-2
- Enable Mozilla crash reporter
- Disable Mozilla updater
--------------------------------------------------------------------------------
================================================================================
galeon-2.0.7-40.fc13 (FEDORA-2011-6205)
GNOME2 Web browser based on Mozilla
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 28 2011 Jan Horak <jhorak at redhat.com> - 2.0.7-40
- Rebuild against newer gecko
--------------------------------------------------------------------------------
================================================================================
gnome-python2-extras-2.25.3-29.fc13 (FEDORA-2011-6205)
Additional PyGNOME Python extension modules
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 28 2011 Jan Horak <jhorak at redhat.com> - 2.25.3-29
- Rebuild against newer gecko
--------------------------------------------------------------------------------
================================================================================
gnome-web-photo-0.9-19.fc13 (FEDORA-2011-6205)
HTML pages thumbnailer
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 28 2011 Jan Horak <jhorak at redhat.com> - 0.9-19
- Rebuild against newer gecko
--------------------------------------------------------------------------------
================================================================================
jmol-12.0.41-1.fc13 (FEDORA-2011-6222)
An open-source Java viewer for chemical structures in 3D
--------------------------------------------------------------------------------
Update Information:
Update to the 12.0 branch.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 28 2011 Jussi Lehtola <jussilehtola at fedoraproject.org> - 12.0.41-1
- Update to 12.0.41.
* Wed Feb 9 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 11.8.26-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
mozvoikko-1.0-21.fc13 (FEDORA-2011-6205)
Finnish Voikko spell-checker extension for Mozilla programs
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 28 2011 Jan Horak <jhorak at redhat.com> - 1.0-21
- Rebuild against newer gecko
--------------------------------------------------------------------------------
================================================================================
nginx-0.8.54-1.fc13 (FEDORA-2011-6224)
Robust, small and high performance HTTP and reverse proxy server
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 27 2011 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.8.54-1
- Update to new legacy stable 0.8.54
--------------------------------------------------------------------------------
================================================================================
openobex-1.4-6.fc13 (FEDORA-2011-6201)
Library for using OBEX
--------------------------------------------------------------------------------
Update Information:
Drop obex_test program, as it is just for testing purposes and has some problems with multiple stack overflows etc.
rhbz#521663
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 28 2011 Vojtech Vitek (V-Teq) <vvitek at redhat.com> - 1.4-6
- Drop obex_test program, as it is just for testing purposes
and has some problems with multiple stack overflows etc.
Resolves: #521663
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #521663 - openobex-apps: Multiple stack overflows in OpenOBEX interactive test application
https://bugzilla.redhat.com/show_bug.cgi?id=521663
--------------------------------------------------------------------------------
================================================================================
perl-Convert-Color-0.08-1.fc13 (FEDORA-2011-6212)
Color space conversions and named lookups
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 28 2011 Ralf Corsépius <corsepiu at fedoraproject.org> 0.08-1
- Upstream update.
- Spec cleanup.
--------------------------------------------------------------------------------
================================================================================
perl-Gtk2-MozEmbed-0.08-6.fc13.24 (FEDORA-2011-6205)
Interface to the Mozilla embedding widget
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 28 2011 Jan Horak <jhorak at redhat.com> - 0.08-6.24
- Rebuild against newer gecko
--------------------------------------------------------------------------------
================================================================================
python-kitchen-1.0.0-1.fc13 (FEDORA-2011-6209)
Small, useful pieces of code to make python coding easier
--------------------------------------------------------------------------------
Update Information:
Update to the 1.0 final release. Has a few documentation updates and cleanups for potential unicode problems exposed by unicodenazi.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 14 2011 Toshio Kuratomi <toshio at fedoraproject.org> - 1.0.0-1
- Upstream update to 1.0 final
--------------------------------------------------------------------------------
================================================================================
rcssserver3d-0.6.5-1.fc13 (FEDORA-2011-6216)
Robocup 3D Soccer Simulation Server
--------------------------------------------------------------------------------
Update Information:
This updates brings the latest version of simspark/rcssserver3d to the users. It brings many enhancements which can be found in the project page.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 27 2011 Hedayat Vatankhah <hedayat.fwd+rpmchlog at gmail.com> - 0.6.5-1
- Updated to 0.6.5 release
- Added a patch to use correct ODE flags
- Added COPYING to -doc subpackage because of the new guidelines
--------------------------------------------------------------------------------
================================================================================
simspark-0.2.2-2.fc13 (FEDORA-2011-6216)
Spark physical simulation system
--------------------------------------------------------------------------------
Update Information:
This updates brings the latest version of simspark/rcssserver3d to the users. It brings many enhancements which can be found in the project page.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 27 2011 Hedayat Vatankhah <hedayat.fwd+rpmchlog at gmail.com> - 0.2.2-2
- Link against the correct ode library
* Wed Apr 27 2011 Hedayat Vatankhah <hedayat.fwd+rpmchlog at gmail.com> - 0.2.2-1
- Updated to latest release 0.2.2
- Fixed multilib conflict in config scripts (rh #507983)
--------------------------------------------------------------------------------
================================================================================
thunderbird-3.1.10-1.fc13 (FEDORA-2011-6205)
Mozilla Thunderbird mail/newsgroup client
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 28 2011 Jan Horak <jhorak at redhat.com> - 3.1.10-1
- Update to 3.1.10
* Wed Apr 20 2011 Christopher Aillon <caillon at redhat.com> - 3.1.9-2
- Drop the -lightning subpackage, it needs to be in its own SRPM
--------------------------------------------------------------------------------
================================================================================
xulrunner-1.9.2.17-2.fc13 (FEDORA-2011-6205)
XUL Runtime for Gecko Applications
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 28 2011 Jan Horak <jhorak at redhat.com> - 1.9.2.17-2
- Update to 1.9.2.17
--------------------------------------------------------------------------------
More information about the test
mailing list