Fedora 13 updates-testing report

Mon Mar 21 21:01:34 UTC 2011

The following Fedora 13 Security updates need testing:

    https://admin.fedoraproject.org/updates/libvirt-0.8.2-3.fc13
    https://admin.fedoraproject.org/updates/dbus-1.2.24-2.fc13
    https://admin.fedoraproject.org/updates/krb5-1.7.1-18.fc13
    https://admin.fedoraproject.org/updates/tor-0.2.1.29-1300.fc13
    https://admin.fedoraproject.org/updates/php-pear-1.9.2-1.fc13
    https://admin.fedoraproject.org/updates/libxml2-2.7.7-2.fc13
    https://admin.fedoraproject.org/updates/dhcp-4.1.2-2.ESV.R1.fc13
    https://admin.fedoraproject.org/updates/openldap-2.4.21-12.fc13
    https://admin.fedoraproject.org/updates/php-5.3.6-1.fc13,maniadrive-1.2-27.fc13,php-eaccelerator-0.9.6.1-6.fc13
    https://admin.fedoraproject.org/updates/389-admin-1.1.15-1.fc13
    https://admin.fedoraproject.org/updates/gnash-0.8.9-1.fc13
    https://admin.fedoraproject.org/updates/phpMyAdmin-3.3.10-1.fc13
    https://admin.fedoraproject.org/updates/libcgroup-0.35.1-5.fc13
    https://admin.fedoraproject.org/updates/wordpress-3.1-1.fc13
    https://admin.fedoraproject.org/updates/feh-1.10.1-1.fc13
    https://admin.fedoraproject.org/updates/postfix-2.7.3-1.fc13
    https://admin.fedoraproject.org/updates/mhonarc-2.6.18-3.fc13

The following Fedora 13 Critical Path updates have yet to be approved:

    https://admin.fedoraproject.org/updates/selinux-policy-3.7.19-101.fc13
    https://admin.fedoraproject.org/updates/policycoreutils-2.0.83-33.4.fc13
    https://admin.fedoraproject.org/updates/tzdata-2011d-1.fc13
    https://admin.fedoraproject.org/updates/tzdata-2011b-3.fc13
    https://admin.fedoraproject.org/updates/perl-ExtUtils-XSpp-0.15-2.fc13,perl-5.10.1-122.fc13,perl-Wx-0.98-5.fc13
    https://admin.fedoraproject.org/updates/libxml2-2.7.7-2.fc13
    https://admin.fedoraproject.org/updates/fuse-2.8.5-5.fc13
    https://admin.fedoraproject.org/updates/NetworkManager-0.8.3.997-1.fc13
    https://admin.fedoraproject.org/updates/libcgroup-0.35.1-5.fc13
    https://admin.fedoraproject.org/updates/openldap-2.4.21-12.fc13
    https://admin.fedoraproject.org/updates/livecd-tools-13.2-1.fc13
    https://admin.fedoraproject.org/updates/lua-5.1.4-7.fc13
    https://admin.fedoraproject.org/updates/librsvg2-2.26.3-3.fc13
    https://admin.fedoraproject.org/updates/mobile-broadband-provider-info-1.20110218-1.fc13
    https://admin.fedoraproject.org/updates/dosfstools-3.0.9-4.fc13
    https://admin.fedoraproject.org/updates/file-5.04-7.fc13
    https://admin.fedoraproject.org/updates/system-config-users-1.2.107-1.fc13
    https://admin.fedoraproject.org/updates/python-ethtool-0.6-1.fc13
    https://admin.fedoraproject.org/updates/libical-0.46-2.fc13
    https://admin.fedoraproject.org/updates/mash-0.5.20-1.fc13
    https://admin.fedoraproject.org/updates/libfprint-0.3.0-1.fc13
    https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-7.fc13
    https://admin.fedoraproject.org/updates/lldpad-0.9.26-2.fc13

The following builds have been pushed to Fedora 13 updates-testing

    bzr-2.1.3-1.fc13
    mfiler3-4.2.5-1.fc13
    phpMyAdmin-3.3.10-1.fc13
    saphire-1.3.5-1.fc13
    ufraw-0.18-2.fc13
    wordpress-3.1-1.fc13
    zarafa-6.40.6-1.fc13

Details about builds:

================================================================================
 bzr-2.1.3-1.fc13 (FEDORA-2011-3752)
 Friendly distributed version control system
--------------------------------------------------------------------------------
Update Information:

Upstream 2.1.3 bugfix release
--------------------------------------------------------------------------------
ChangeLog:

* Sun Mar 20 2011 Henrik Nordstrom <henrik at henriknordstrom.net> - 2.1.3-1
- Upstream 2.1.3 bugfix release
--------------------------------------------------------------------------------

================================================================================
 mfiler3-4.2.5-1.fc13 (FEDORA-2011-3744)
 Two pane file manager under UNIX console
--------------------------------------------------------------------------------
Update Information:

New version saphire 1.3.5 / mfiler3 4.2.5 are released.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Mar 20 2011 Mamoru Tasaka <mtasaka at fedoraproject.org> - 4.2.5-1
- 4.2.5
--------------------------------------------------------------------------------

================================================================================
 phpMyAdmin-3.3.10-1.fc13 (FEDORA-2011-3733)
 Web based MySQL browser written in php
--------------------------------------------------------------------------------
Update Information:

Changes for 3.3.10.0 (2011-03-19)

 - [structure] Aria table size printed as unknown, thanks to erickoh75 - erickoh75
 - [structure] Ordering by size gives incorrect results, thanks to Madhura Jayaratne - madhuracj
 - [core] 0 row(s) affected
 - [core] Edit relational page and page number
 - [security] Minor security fixes, see PMASA-2010-9 and PMASA-2010-10
 - [lang] German update, thanks to jannicars at users.sourceforge.net.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 21 2011 Robert Scheck <robert at fedoraproject.org> 3.3.10-1
- Upstream released 3.3.10 (#661335, #662366, #662367, #689213)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #661335 - CVE-2010-4480 phpMyAdmin: XSS vulnerability via crafted BBCode tag in error.php
        https://bugzilla.redhat.com/show_bug.cgi?id=661335
  [ 2 ] Bug #662366 - CVE-2010-4481 phpMyAdmin: information disclosure flaw (PMASA-2010-10)
        https://bugzilla.redhat.com/show_bug.cgi?id=662366
--------------------------------------------------------------------------------

================================================================================
 saphire-1.3.5-1.fc13 (FEDORA-2011-3744)
 Yet another shell
--------------------------------------------------------------------------------
Update Information:

New version saphire 1.3.5 / mfiler3 4.2.5 are released.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Mar 20 2011 Mamoru Tasaka <mtasaka at fedoraproject.org> - 1.3.5-1
- 1.3.5
--------------------------------------------------------------------------------

================================================================================
 ufraw-0.18-2.fc13 (FEDORA-2011-3745)
 Raw image data retrieval tool for digital cameras
--------------------------------------------------------------------------------
Update Information:

New Traditional Chinese translation, update to dcraw-9.06 base which has bug fixes and support for new models:

Nikon D3100 & D7000 & P7000, Panasonic FZ40 & FZ100 & LX5, Samsung WB2000, Nokia X2, Canon SX120 & PowerShot G12, Hasselblad H4D, Pentax 645D & K-5 & K-r, Sony SLT-A33 & SLT-A55V
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 15 2011 Nils Philippsen <nils at redhat.com> - 0.18-2
- fix crash when loading dark frame (#683199)
* Fri Mar  4 2011 Nils Philippsen <nils at redhat.com> - 0.18-1
- version 0.18
- add/update versioned build requirements
* Mon Feb  7 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.17-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Sun Jan  2 2011 Rex Dieter <rdieter at fedoraproject.org> - 0.17-3
- rebuild (exiv2)
* Fri Dec  3 2010 Nils Philippsen <nils at redhat.com> - 0.17-2
- rebuild (exiv2)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #683199 - [abrt] ufraw-0.18-1.fc14: Process /usr/bin/ufraw was killed by signal 11 (SIGSEGV)
        https://bugzilla.redhat.com/show_bug.cgi?id=683199
--------------------------------------------------------------------------------

================================================================================
 wordpress-3.1-1.fc13 (FEDORA-2011-3738)
 WordPress blogging software
--------------------------------------------------------------------------------
Update Information:

In order to protect against two CVEs*, I'm upgrading Wordpress in all 
releases to 3.1.  In addition, this will obsolete wordpress-mu, since 
this functionality has been migrated to the main wordpress release as of 
wordpress 3.0, and wordpress-mu has been deprecated upstream.  I would 
not normally make so drastic a change on any stable release, especially 
EPEL, but backporting patches to the 2.x series is becoming increasingly 
unmaintainable.  This is already done for rawhide and F15, and I intend 
to build for F13, F14, EL5 and EL6 today, and send them to testing, and 
then push to stable one the appropriate period has elapsed.

Please redistribute this to anyone you know who might be affected and 
may not be on this list.

Thank you,
Jon

*
https://bugzilla.redhat.com/show_bug.cgi?id=687909
https://bugzilla.redhat.com/show_bug.cgi?id=687911
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 23 2011 Jon Ciesla <limb at jcomserv.net> - 3.1-1
- 3.1.
* Mon Feb  7 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.0.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #687909 - CVE-2011-0700 CVE-2011-0701 wordpress: multiple vulnerabilities corrected in 3.0.5 [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=687909
--------------------------------------------------------------------------------

================================================================================
 zarafa-6.40.6-1.fc13 (FEDORA-2011-3753)
 Open Source Edition of the Zarafa Collaboration Platform
--------------------------------------------------------------------------------
Update Information:

Changelog 6.40.6 final [25584]
==============================

Backend:

 - Feature #6630: Zarafa-gateway hostname in greeting.
 - Feature #6950: Added more logging to spooler, dagent server and Outlook client.
 - Fix #6730: Error in server.log: SQL Failed: Mixing of GROUP columns.
 - Fix #7068: Indexer not used for searches in shared folders.
 - Fix #7152: unable to run zarafa-msr.
 - Fix #7156: Zarafa-msr does not work on a 6.40.6 server (non-unicode).
 - Fix #6774: BES license check fails.
 - Fix #6810: Some fields are not shown in the GAB contact details.
 - Fix #7056: Merge mail store relocator for 6.40.
 - Fix #7112: Rules are not working any more after store relocated via zarafa-msr.
 - Fix #7116: Webaccess still destubed archived messages the wrong way.
 - Fix #7124: Permissions on store are missing after msr move action.
 - Fix #7126: Windows 7 ssl shows cert accept dialogue or can not create profile.
 - Fix #7146: zarafa-msr has no man-page.
 - Fix #6876: zarafa-admin/outlook crash with ldap attribute 0x3A4E001E.
 - Fix #7111: Zarafa-msr will not migrate WebAccess settings and out of office settings.
 - Fix #7058 	Upgrading from 6.40.4 to 6.40.5 can break the rules.
 - Fix #6067: Installer does not install the indexer or checks if initscript is available to enable.
 - Fix #7079: Segfault Zarafa-indexer 6.40.5.(Rare occasion).
 - Fix #7028: Zarafa-indexer still fails in certain cases when index_sync_stream is enabled.
 - Fix #7098: Message stay in the outbox with cached mode.
 - Fix #7072: No error given when wrong options are in the admin.cfg.
 - Fix #7039: Unable to dismiss specific reminders.
 - Fix #7030: Mac Ical cannot work with German(non English) folder names.
 - Fix #6964: Search on attachment content in Sent Items of Outlook 2007 will show no results.
 - Fix #6887: Segfault zarafa-server 6.40.4. (Rare occasion).
 - Fix #6165: Recursive restore does not stop on error.
 - Fix #6326: caldav: Deleted appointments are still shown in sunbird.
 - Fix #6825: ZARAFA_USERSCRIPT_LOCALE is not defined in any configuration file when using Debian.
 - Fix #6858: migration with exchange, RTF mail with large body crashes.
 - Fix #6891: Memleak in spooler, introduced in [15597].
 - Fix #6901: php-ext: don't use short tags in library classes.
 - Fix #6913: Spooler log contains "BUG: invalid data in OutgoingQueue" notifications.
 - Fix #6915: Zarafa-dagent.cfg(5) manpage missing in deb packages.
 - Fix #6930: Installer gives false errors on Ubuntu / Debian.
 - Fix #6937: IMAP literal problem.
 - Fix #7007: Error in include configfile gives wrong error on screen.

Webaccess:

 - Fix #5939: Possible to execute shell commands with WebAccess
 - Fix #7138: Tasks requests with umlauts in body will break.
 - Fix #5962: Dropdown box Zoom in MUC does not work in Safari and Chromium.
 - Fix #7022: Meting request occurence can be changed by an attendee without permission from the organizer.
 - Fix #6425: Script error pop-up when adding categories to email.
 - Fix #6461: Caldav: reminder times in sunbird/lightning are different than in WebAccess
 - Fix #6484: Switching weeks in you calendar with arrow top right will show empty calendar if you have all day event.
 - Fix #6589: Limit the TO field in print view of email always to 1 line (max 20 addresses).
 - Fix #6838: Cannot open task request message with preview pane off or bottom view.
 - Fix #6864: Convert to task doesn't set default priority.
 - Fix #6910: Folder list view is not set to last opened folder if scrollbar is present.
 - Fix #6948: Unsaved appointment print dialog doesn't show anything, and never stops loading.
 - Fix #6951: Rename convert to task to "Create task from email" for better understanding of the function.
 - Fix #6952: Webaccess in en_US language will still show military time format in print overview.
 - Fix #6992: Using the edit as new option in your Sent Items twice does not work, it will edit the first message.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 21 2011 Robert Scheck <robert at fedoraproject.org> 6.40.6-1
- Upgrade to 6.40.6
--------------------------------------------------------------------------------