Fedora 17 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Sun Sep 2 00:30:21 UTC 2012
The following Fedora 17 Security updates need testing:
Age URL
11 https://admin.fedoraproject.org/updates/FEDORA-2012-12377/keepalived-1.2.5-2.fc17
58 https://admin.fedoraproject.org/updates/FEDORA-2012-10269/revelation-0.4.14-1.fc17
2 https://admin.fedoraproject.org/updates/FEDORA-2012-12958/seamonkey-2.12-1.fc17
2 https://admin.fedoraproject.org/updates/FEDORA-2012-12973/trousers-0.3.9-1.fc17
11 https://admin.fedoraproject.org/updates/FEDORA-2012-12352/GraphicsMagick-1.3.16-5.fc17
2 https://admin.fedoraproject.org/updates/FEDORA-2012-12985/pcp-3.6.6-1.fc17
10 https://admin.fedoraproject.org/updates/FEDORA-2012-12483/tor-0.2.2.38-1700.fc17
10 https://admin.fedoraproject.org/updates/FEDORA-2012-12523/libvirt-0.9.11.5-3.fc17
1 https://admin.fedoraproject.org/updates/FEDORA-2012-13075/openstack-keystone-2012.1.2-2.fc17
9 https://admin.fedoraproject.org/updates/FEDORA-2012-12598/dnsmasq-2.63-1.fc17
55 https://admin.fedoraproject.org/updates/FEDORA-2012-10391/bcfg2-1.2.3-1.fc17
27 https://admin.fedoraproject.org/updates/FEDORA-2012-11485/dokuwiki-0-0.12.20120125.b.fc17
0 https://admin.fedoraproject.org/updates/FEDORA-2012-13129/munin-2.0.6-1.fc17
0 https://admin.fedoraproject.org/updates/FEDORA-2012-13131/java-1.7.0-openjdk-1.7.0.6-2.3.1.fc17.2
0 https://admin.fedoraproject.org/updates/FEDORA-2012-13135/asterisk-10.7.1-1.fc17
11 https://admin.fedoraproject.org/updates/FEDORA-2012-12368/gnome-keyring-3.4.1-3.fc17
The following Fedora 17 Critical Path updates have yet to be approved:
Age URL
0 https://admin.fedoraproject.org/updates/FEDORA-2012-13142/sane-backends-1.0.23-1.fc17
1 https://admin.fedoraproject.org/updates/FEDORA-2012-13085/xorg-x11-drv-synaptics-1.6.2-2.fc17
1 https://admin.fedoraproject.org/updates/FEDORA-2012-13078/libvdpau-0.4.1-9.fc17
1 https://admin.fedoraproject.org/updates/FEDORA-2012-13029/webkitgtk3-1.8.3-1.fc17
1 https://admin.fedoraproject.org/updates/FEDORA-2012-13037/wpa_supplicant-1.0-1.fc17
2 https://admin.fedoraproject.org/updates/FEDORA-2012-12981/kde-settings-4.8-19.fc17
2 https://admin.fedoraproject.org/updates/FEDORA-2012-12976/colord-0.1.23-1.fc17,colord-gtk-0.1.23-1.fc17
The following builds have been pushed to Fedora 17 updates-testing
asterisk-10.7.1-1.fc17
fedmsg-0.3.9-1.fc17
fedmsg-0.4.0-1.fc17
fping-3.3-2.fc17
htmldoc-1.8.27-19.fc17
jacorb-2.3.1-3.20120215git.fc17
java-1.7.0-openjdk-1.7.0.6-2.3.1.fc17.2
jboss-as-7.1.1-8.fc17
jboss-jts-4.16.2-8.fc17
jboss-rmi-1.0-api-1.0.4-5.fc17
mingw-webkitgtk3-1.8.3-1.fc17
munin-2.0.6-1.fc17
olpc-os-builder-5.0.0-1.fc17
openconnect-4.07-1.fc17
python-alembic-0.3.4-4.fc17
python-rhsm-1.0.7-1.fc17
sane-backends-1.0.23-1.fc17
supervisor-3.0-0.10.a12.fc17
tomcatjss-7.0.0-3.fc17
wine-1.5.12-2.fc17
xfce4-places-plugin-1.4.0-2.fc17
Details about builds:
================================================================================
asterisk-10.7.1-1.fc17 (FEDORA-2012-13135)
The Open Source PBX
--------------------------------------------------------------------------------
Update Information:
The Asterisk Development Team has announced security releases for Certified
Asterisk 1.8.11 and Asterisk 1.8 and 10. The available security releases are
released as versions 1.8.11-cert7, 1.8.15.1, 10.7.1, and 10.7.1-digiumphones.
These releases are available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/releases
The release of Asterisk 1.8.11-cert7, 1.8.15.1, 10.7.1, and 10.7.1-digiumphones
resolve the following two issues:
* A permission escalation vulnerability in Asterisk Manager Interface. This
would potentially allow remote authenticated users the ability to execute
commands on the system shell with the privileges of the user running the
Asterisk application. Please note that the README-SERIOUSLY.bestpractices.txt
file delivered with Asterisk has been updated due to this and other related
vulnerabilities fixed in previous versions of Asterisk.
* When an IAX2 call is made using the credentials of a peer defined in a
dynamic Asterisk Realtime Architecture (ARA) backend, the ACL rules for that
peer are not applied to the call attempt. This allows for a remote attacker
who is aware of a peer's credentials to bypass the ACL rules set for that
peer.
These issues and their resolutions are described in the security advisories.
For more information about the details of these vulnerabilities, please read
security advisories AST-2012-012 and AST-2012-013, which were released at the
same time as this announcement.
For a full list of changes in the current releases, please see the ChangeLogs:
http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.11-cert7
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.15.1
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.7.1
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.7.1-digiumphones
The security advisories are available at:
* http://downloads.asterisk.org/pub/security/AST-2012-012.pdf
* http://downloads.asterisk.org/pub/security/AST-2012-013.pdf
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 30 2012 Jeffrey Ollie <jeff at ocjtech.us> - 10.7.1-1
- The Asterisk Development Team has announced security releases for Certified
- Asterisk 1.8.11 and Asterisk 1.8 and 10. The available security releases are
- released as versions 1.8.11-cert7, 1.8.15.1, 10.7.1, and 10.7.1-digiumphones.
-
- These releases are available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The release of Asterisk 1.8.11-cert7, 1.8.15.1, 10.7.1, and 10.7.1-digiumphones
- resolve the following two issues:
-
- * A permission escalation vulnerability in Asterisk Manager Interface. This
- would potentially allow remote authenticated users the ability to execute
- commands on the system shell with the privileges of the user running the
- Asterisk application. Please note that the README-SERIOUSLY.bestpractices.txt
- file delivered with Asterisk has been updated due to this and other related
- vulnerabilities fixed in previous versions of Asterisk.
-
- * When an IAX2 call is made using the credentials of a peer defined in a
- dynamic Asterisk Realtime Architecture (ARA) backend, the ACL rules for that
- peer are not applied to the call attempt. This allows for a remote attacker
- who is aware of a peer's credentials to bypass the ACL rules set for that
- peer.
-
- These issues and their resolutions are described in the security advisories.
-
- For more information about the details of these vulnerabilities, please read
- security advisories AST-2012-012 and AST-2012-013, which were released at the
- same time as this announcement.
-
- For a full list of changes in the current releases, please see the ChangeLogs:
-
- http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.11-cert7
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.15.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.7.1
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.7.1-digiumphones
-
- The security advisories are available at:
-
- * http://downloads.asterisk.org/pub/security/AST-2012-012.pdf
- * http://downloads.asterisk.org/pub/security/AST-2012-013.pdf
* Thu Aug 30 2012 Jeffrey Ollie <jeff at ocjtech.us> - 10.7.0-1
- The Asterisk Development Team has announced the release of Asterisk 10.7.0.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 10.7.0 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release:
-
- * --- Fix deadlock potential with ast_set_hangupsource() calls.
- (Closes issue ASTERISK-19801. Reported by Alec Davis)
-
- * --- Fix request routing issue when outboundproxy is used.
- (Closes issue ASTERISK-20008. Reported by Marcus Hunger)
-
- * --- Set the Caller ID "tag" on peers even if remote party
- information is present.
- (Closes issue ASTERISK-19859. Reported by Thomas Arimont)
-
- * --- Fix NULL pointer segfault in ast_sockaddr_parse()
- (Closes issue ASTERISK-20006. Reported by Michael L. Young)
-
- * --- Do not perform install on existing directories
- (Closes issue ASTERISK-19492. Reported by Karl Fife)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-10.7.0
* Thu Aug 30 2012 Jeffrey Ollie <jeff at ocjtech.us> - 10.6.1-1
- The Asterisk Development Team has announced the release of Asterisk 10.6.1.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 10.6.1 resolves an issue reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is the issue resolved in this release:
-
- * --- Remove a superfluous and dangerous freeing of an SSL_CTX.
- (Closes issue ASTERISK-20074. Reported by Trevor Helmsley)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-10.6.1
* Thu Aug 30 2012 Jeffrey Ollie <jeff at ocjtech.us> - 10.6.0-1
- The Asterisk Development Team has announced the release of Asterisk 10.6.0.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 10.6.0 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following is a sample of the issues resolved in this release:
-
- * --- format_mp3: Fix a possible crash in mp3_read().
- (Closes issue ASTERISK-19761. Reported by Chris Maciejewsk)
-
- * --- Fix local channel chains optimizing themselves out of a call.
- (Closes issue ASTERISK-16711. Reported by Alec Davis)
-
- * --- Re-add LastMsgsSent value for SIP peers
- (Closes issue ASTERISK-17866. Reported by Steve Davies)
-
- * --- Prevent sip_pvt refleak when an ast_channel outlasts its
- corresponding sip_pvt.
- (Closes issue ASTERISK-19425. Reported by David Cunningham)
-
- * --- Send more accurate identification information in dialog-info SIP
- NOTIFYs.
- (Closes issue ASTERISK-16735. Reported by Maciej Krajewski)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-10.6.0
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 10.5.2-1.2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Mon Jul 9 2012 Petr Pisar <ppisar at redhat.com> - 10.5.2-1.1
- Perl 5.16 rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #853541 - CVE-2012-2186 Asterisk: Asterisk Manager User Unauthorized Shell Access
https://bugzilla.redhat.com/show_bug.cgi?id=853541
--------------------------------------------------------------------------------
================================================================================
fedmsg-0.3.9-1.fc17 (FEDORA-2012-13133)
Tools for Fedora Infrastructure real-time messaging
--------------------------------------------------------------------------------
Update Information:
Fix fedmsg-gateway. Enhancements to fedmsg.encoding. Convenient default config for end users.
0.3.8 new commands, options, and enhanced API.
Unicode bugfix. repr enhancements.
IRC colors, fedmsg2repr updates, and removed fedmsg-status
threadsafety and licensing
Bugfix - Added a forgotten new requirement on python-requests.
Bugfix to -logger and enhancement to -irc
Require latest moksha.
API enhancement.
0.2.5 with more realistic X509 capacity
0.2.4 with fix for disabled ssl
python-argparse fix for epel-6.
Fixes for fedmsg-irc and a new crypto module.
Require moksha >= 0.8.3.
0.2.3 with upstream typo fixes
Remove unnecessary %%ghost on /var/run/fedmsg
Fix to creation of /var/run/fedmsg.
bugfix to fedmsg.text.
0.3.1 for msg2repr updates and fedmsg-logger grepping.
fedmsg.text updates for scm.
thread safety bugfix for fedmsg-tail and fedmsg.text items from lmacken
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 31 2012 Ralph Bean <rbean at redhat.com> - 0.3.9-1
- Bugfix to fedmsg-gateway.
- to_json utility for sqlalchemy.
- More convenient default config for end users.
* Thu Aug 23 2012 Ralph Bean <rbean at redhat.com> - 0.3.8-1
- fedmsg-gateway command, new!
- Improved thread cleanup with weakref.
- --terse option for fedmsg-tail
- Meetbot text processing support.
- Update to consumer API.. systematized enablement.
* Fri Aug 17 2012 Ralph Bean <rbean at redhat.com> - 0.3.6-1
- Expanded reprs. Support for fedoratagger-0.2.2-1 messages.
- Unicode bugfix.
* Tue Aug 14 2012 Ralph Bean <rbean at redhat.com> - 0.3.5-1
- IRC colors
- fedmsg2repr updates (Luke Macken)
- Removed fedmsg-status and the heartbeat producer
* Mon Aug 13 2012 Ralph Bean <rbean at redhat.com> - 0.3.4-1
- Threadsafety bugfixes to fedmsg-tail
- New fedmsg.text items from Luke Macken.
* Sun Aug 12 2012 Ralph Bean <rbean at redhat.com> - 0.3.3-1
- thread safety (for bodhi masher)
* Wed Aug 8 2012 Ralph Bean <rbean at redhat.com> - 0.3.2-1
- msg2repr updates for scm.
* Wed Aug 8 2012 Ralph Bean <rbean at redhat.com> - 0.3.1-1
- msg2repr updates
- fedmsg-logger grepping.
* Tue Aug 7 2012 Ralph Bean <rbean at redhat.com> - 0.3.0-1
- Bugfix to fedmsg.text.
* Tue Aug 7 2012 Ralph Bean <rbean at redhat.com> - 0.2.9-1
- Upstream update including nicer message for fedmsg-irc.
- fedmsg.text.msg2repr
* Mon Aug 6 2012 Ralph Bean <rbean at redhat.com> - 0.2.7-4
- Remove unnecessary %ghost on /var/run/fedmsg.
* Mon Aug 6 2012 Ralph Bean <rbean at redhat.com> - 0.2.7-3
- Hopefully fix to creation of /var/run/fedmsg.
* Mon Aug 6 2012 Ralph Bean <rbean at redhat.com> - 0.2.7-2
- Added a forgotten new requirement on python-requests.
* Sun Aug 5 2012 Ralph Bean <rbean at redhat.com> - 0.2.7-1
- Upstream bugfix to -logger and enhancement to -irc.
* Mon Jul 30 2012 Ralph Bean <rbean at redhat.com> - 0.2.6-2
- Require moksha >= 0.8.8
* Mon Jul 30 2012 Ralph Bean <rbean at redhat.com> - 0.2.6-1
- Upstream bugfixes and API enhancements.
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.2.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Sun Jul 15 2012 Ralph Bean <rbean at redhat.com> - 0.2.5-1
- Upstream crypto updates in preparation for a more realistic X509 setup.
* Fri Jul 13 2012 Ralph Bean <rbean at redhat.com> - 0.2.4-1
- Upstream bugfix for when ssl is disabled.
* Wed Jul 11 2012 Ralph Bean <rbean at redhat.com> - 0.2.3-1
- Upstream bump that fixes some typos.
* Tue Jul 10 2012 Ralph Bean <rbean at redhat.com> - 0.2.2-3
- Added deps on python-argparse for py < 2.7 (rhel6)
* Sat Jul 7 2012 Ralph Bean <rbean at redhat.com> - 0.2.2-2
- Added deps on m2crypto and python-m2ext
* Sat Jul 7 2012 Ralph Bean <rbean at redhat.com> - 0.2.2-1
- Update to fedmsg-irc to fix lineRate issues
- fedmsg.crypto module - sign and validate messages
--------------------------------------------------------------------------------
================================================================================
fedmsg-0.4.0-1.fc17 (FEDORA-2012-13132)
Tools for Fedora Infrastructure real-time messaging
--------------------------------------------------------------------------------
Update Information:
Bugfix to fedmsg.encoding
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 31 2012 Ralph Bean <rbean at redhat.com> - 0.4.0-1
- Bugfix to fedmsg.encoding.
* Fri Aug 31 2012 Ralph Bean <rbean at redhat.com> - 0.3.9-1
- Bugfix to fedmsg-gateway.
- to_json utility for sqlalchemy.
- More convenient default config for end users.
* Thu Aug 23 2012 Ralph Bean <rbean at redhat.com> - 0.3.8-1
- fedmsg-gateway command, new!
- Improved thread cleanup with weakref.
- --terse option for fedmsg-tail
- Meetbot text processing support.
- Update to consumer API.. systematized enablement.
* Fri Aug 17 2012 Ralph Bean <rbean at redhat.com> - 0.3.6-1
- Expanded reprs. Support for fedoratagger-0.2.2-1 messages.
- Unicode bugfix.
* Tue Aug 14 2012 Ralph Bean <rbean at redhat.com> - 0.3.5-1
- IRC colors
- fedmsg2repr updates (Luke Macken)
- Removed fedmsg-status and the heartbeat producer
* Mon Aug 13 2012 Ralph Bean <rbean at redhat.com> - 0.3.4-1
- Threadsafety bugfixes to fedmsg-tail
- New fedmsg.text items from Luke Macken.
* Sun Aug 12 2012 Ralph Bean <rbean at redhat.com> - 0.3.3-1
- thread safety (for bodhi masher)
* Wed Aug 8 2012 Ralph Bean <rbean at redhat.com> - 0.3.2-1
- msg2repr updates for scm.
* Wed Aug 8 2012 Ralph Bean <rbean at redhat.com> - 0.3.1-1
- msg2repr updates
- fedmsg-logger grepping.
* Tue Aug 7 2012 Ralph Bean <rbean at redhat.com> - 0.3.0-1
- Bugfix to fedmsg.text.
* Tue Aug 7 2012 Ralph Bean <rbean at redhat.com> - 0.2.9-1
- Upstream update including nicer message for fedmsg-irc.
- fedmsg.text.msg2repr
* Mon Aug 6 2012 Ralph Bean <rbean at redhat.com> - 0.2.7-4
- Remove unnecessary %ghost on /var/run/fedmsg.
* Mon Aug 6 2012 Ralph Bean <rbean at redhat.com> - 0.2.7-3
- Hopefully fix to creation of /var/run/fedmsg.
* Mon Aug 6 2012 Ralph Bean <rbean at redhat.com> - 0.2.7-2
- Added a forgotten new requirement on python-requests.
* Sun Aug 5 2012 Ralph Bean <rbean at redhat.com> - 0.2.7-1
- Upstream bugfix to -logger and enhancement to -irc.
* Mon Jul 30 2012 Ralph Bean <rbean at redhat.com> - 0.2.6-2
- Require moksha >= 0.8.8
* Mon Jul 30 2012 Ralph Bean <rbean at redhat.com> - 0.2.6-1
- Upstream bugfixes and API enhancements.
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.2.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Sun Jul 15 2012 Ralph Bean <rbean at redhat.com> - 0.2.5-1
- Upstream crypto updates in preparation for a more realistic X509 setup.
* Fri Jul 13 2012 Ralph Bean <rbean at redhat.com> - 0.2.4-1
- Upstream bugfix for when ssl is disabled.
* Wed Jul 11 2012 Ralph Bean <rbean at redhat.com> - 0.2.3-1
- Upstream bump that fixes some typos.
* Tue Jul 10 2012 Ralph Bean <rbean at redhat.com> - 0.2.2-3
- Added deps on python-argparse for py < 2.7 (rhel6)
* Sat Jul 7 2012 Ralph Bean <rbean at redhat.com> - 0.2.2-2
- Added deps on m2crypto and python-m2ext
* Sat Jul 7 2012 Ralph Bean <rbean at redhat.com> - 0.2.2-1
- Update to fedmsg-irc to fix lineRate issues
- fedmsg.crypto module - sign and validate messages
--------------------------------------------------------------------------------
================================================================================
fping-3.3-2.fc17 (FEDORA-2012-13136)
Scriptable, parallelized ping-like utility
--------------------------------------------------------------------------------
Update Information:
Package changes:
* Add missing manual page for fping6
Interesting upstream changes:
* Version 3.3
* Do not output icmp errors with -q (#1)
* Fix removing of unreachable hosts when doing loop (Thomas Liske, #13 #23)
* Fix -A for fping6 (reported by Matt LaPlante, #14)
* Fix "options inet6" breaking IPv4 name resolution (reported by Matt LaPlante, #17)
* Output statistics to stdout instead of stderr (suggested by Simon Leinen, #9)
* Set default data size to 56 bytes on all architectures (#18)
* Fix error message on DNS error for IPv6 hosts (#27)
* Fix -n flag in fping6 (#28)
* Man-page fix: TOS option typo (Thomas Liske, #23)
* Man-page fix: inconsistency in regards to numeric arguments (Robert Henney)
* Man-page fix: better description of option -q (#15)
* Version 3.2
* Improve documentation for -g option (G.W. Haywood)
* Performance optimization for big select timeouts (#10, Andrey Bondarenko)
* Fix restart of select call after interrupt signal (#8, Boian Bonev)
* Fix infinite loop caused by linked list corruption (#11, Boian Bonev)
* Version 3.1
* -g option (generate): exclude network and broadcast address for cidr ranges (idea by Eric Brander)
* Man-page fixes (Axel Beckert)
* Added -H option to specify number of hops (Paul Duda)
* Output usage information to stdout when called with -h (Paul Duda)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 30 2012 Charles R. Anderson <cra at wpi.edu> - 3.3-2
- use configure options to build ipv4 and ipv6 versions simultaneously
so we can use the standard make install to get the fping6 man page,
etc.
- build for el6 w/cap_net_raw (el5 still needs traditional setuid)
- use preferred Buildroot tag for el5
- make conditional build with/without ENABLE_F_OPTION actually work
* Thu Aug 30 2012 Charles R. Anderson <cra at wpi.edu> - 3.3-1
- update to 3.3
* Thu Jul 26 2012 Charles R. Anderson <cra at wpi.edu> - 3.2-1
- update to 3.2
- no longer need capnetraw patch
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
htmldoc-1.8.27-19.fc17 (FEDORA-2012-13134)
Converter from HTML into indexed HTML, PostScript, or PDF
--------------------------------------------------------------------------------
Update Information:
Fix PNG image corruption in output.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Sep 1 2012 Daniel Drake <dsd at laptop.org> - 1.8.27-19
- fix libpng-1.5 patch to not corrupt images
--------------------------------------------------------------------------------
================================================================================
jacorb-2.3.1-3.20120215git.fc17 (FEDORA-2012-13145)
The Java implementation of the OMG's CORBA standard
--------------------------------------------------------------------------------
Update Information:
Added org.jboss.as.jpa.jacorb module
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #852851 - Review Request: jacorb - The Java implementation of the OMG's CORBA standard
https://bugzilla.redhat.com/show_bug.cgi?id=852851
[ 2 ] Bug #805015 - Review Request: jboss-jts - Distributed Transaction Manager
https://bugzilla.redhat.com/show_bug.cgi?id=805015
--------------------------------------------------------------------------------
================================================================================
java-1.7.0-openjdk-1.7.0.6-2.3.1.fc17.2 (FEDORA-2012-13131)
OpenJDK Runtime Environment
--------------------------------------------------------------------------------
Update Information:
This update is fixing recent important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE.
It was discovered that the Beans component in OpenJDK did not perform permission checks properly. An untrusted Java application or applet could use this flaw to use classes from restricted packages, allowing it to bypass Java sandbox restrictions. (CVE-2012-4681)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 30 2012 jiri Vanek <jvanek at redhat.com> - 1.7.0.6-2.3.1.fc17.2
- Sync with rawhide
- Updated to IcedTea-Forest 2.3.1
- Resolves rhbz#RH852051, CVE-2012-4681: Reintroduce PackageAccessible checks
removed in 6788531.
- Commented out Patch500, java-1.7.0-openjdk-removing_jvisualvm_man.patch as
as already included in this Iced-Tea.
- Will be nice to verify after next upstream sync if it is still upstreamed
- Add symlink to Fedora's default soundfont rhbz#541466
--------------------------------------------------------------------------------
================================================================================
jboss-as-7.1.1-8.fc17 (FEDORA-2012-13145)
JBoss Application Server
--------------------------------------------------------------------------------
Update Information:
Added org.jboss.as.jpa.jacorb module
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 30 2012 Marek Goldmann <mgoldman at redhat.com> - 7.1.1-8
- Added org.jboss.as.jpa.jacorb module
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #852851 - Review Request: jacorb - The Java implementation of the OMG's CORBA standard
https://bugzilla.redhat.com/show_bug.cgi?id=852851
[ 2 ] Bug #805015 - Review Request: jboss-jts - Distributed Transaction Manager
https://bugzilla.redhat.com/show_bug.cgi?id=805015
--------------------------------------------------------------------------------
================================================================================
jboss-jts-4.16.2-8.fc17 (FEDORA-2012-13145)
Distributed Transaction Manager
--------------------------------------------------------------------------------
Update Information:
Added org.jboss.as.jpa.jacorb module
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 30 2012 Marek Goldmann <mgoldman at redhat.com> - 4.16.2-8
- Added jbossjts to the build
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 4.16.2-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #852851 - Review Request: jacorb - The Java implementation of the OMG's CORBA standard
https://bugzilla.redhat.com/show_bug.cgi?id=852851
[ 2 ] Bug #805015 - Review Request: jboss-jts - Distributed Transaction Manager
https://bugzilla.redhat.com/show_bug.cgi?id=805015
--------------------------------------------------------------------------------
================================================================================
jboss-rmi-1.0-api-1.0.4-5.fc17 (FEDORA-2012-13145)
Java Remote Method Invocation 1.0 API
--------------------------------------------------------------------------------
Update Information:
Added org.jboss.as.jpa.jacorb module
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #852851 - Review Request: jacorb - The Java implementation of the OMG's CORBA standard
https://bugzilla.redhat.com/show_bug.cgi?id=852851
[ 2 ] Bug #805015 - Review Request: jboss-jts - Distributed Transaction Manager
https://bugzilla.redhat.com/show_bug.cgi?id=805015
--------------------------------------------------------------------------------
================================================================================
mingw-webkitgtk3-1.8.3-1.fc17 (FEDORA-2012-13146)
MinGW Windows GTK+ Web content engine library
--------------------------------------------------------------------------------
Update Information:
WebKitGTK+ 1.8.3 bug fix release.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 30 2012 Kalev Lember <kalevlember at gmail.com> - 1.8.3-1
- Update to 1.8.3
--------------------------------------------------------------------------------
================================================================================
munin-2.0.6-1.fc17 (FEDORA-2012-13129)
Network-wide graphing framework (grapher/gatherer)
--------------------------------------------------------------------------------
Update Information:
Update to 2.0.6, and bug fixes
Added init files for asyncd
Updated to 2.0.5
Update to munin 2
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 31 2012 D. Johnson <fenris02 at fedoraproject.org> - 2.0.6-1
- BZ# 851375 Replace @@GOODSH@@ in epel init scripts
- BZ# 849831,849834 CVE-2012-3512 munin: insecure state file handling, munin->root privilege [fedora-all]
* Mon Aug 20 2012 D. Johnson <fenris02 at fedoraproject.org> - 2.0.5-3
- rebuilt for epel
* Tue Aug 14 2012 D. Johnson <fenris02 at fedoraproject.org> - 2.0.5-2
- Added munin-asyncd init files
* Tue Aug 14 2012 D. Johnson <fenris02 at fedoraproject.org> - 2.0.5-1
- Updated to 2.0.5
- BZ# 603344 / upstream 1180, ACPI thermal information changed with 3.x kernels
* Tue Aug 7 2012 D. Johnson <fenris02 at fedoraproject.org> - 2.0.4-3
- BZ# 823533 "hddtemp_smartctl plugin has a bug" - upstream patched
- BZ# 825820 Munin memcache plugin requires "perl(Cache::Memcached)"
- BZ# 834055 Munin updates changing permissions, conflicts with what munin-check does
- BZ# 812893,812894,839786,840496 - updated to munin2
* Sun Aug 5 2012 D. Johnson <fenris02 at fedoraproject.org> - 2.0.4-2
- Changing permissions on html directories to minimize cron messages.
* Sat Aug 4 2012 D. Johnson <fenris02 at fedoraproject.org> - 2.0.4-1
- updated to 2.0.4
- backported el6 packaging items
* Tue Jul 24 2012 fenris02 at fedoraproject.org - 2.0.3-1
- Adjust default conf.d entry.
- updated to 2.0.3
* Fri Jul 20 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.0.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Thu Jul 19 2012 D. Johnson <fenris02 at fedoraproject.org> - 2.0.2-2
- fixed conflicts
* Sat Jul 14 2012 D. Johnson <fenris02 at fedoraproject.org> - 2.0.2-1
- updated to 2.0.2
* Thu Jun 7 2012 D. Johnson <fenris02 at fedoraproject.org> - 2.0.0-1
- initial 2.0 release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #851375 - -bash: /etc/init.d/munin-asyncd: @@GOODSH@@: bad interpreter: No such file or directory
https://bugzilla.redhat.com/show_bug.cgi?id=851375
[ 2 ] Bug #849831 - CVE-2012-3512 munin: insecure state file handling, munin->root privilege [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=849831
[ 3 ] Bug #849834 - CVE-2012-3512 munin: insecure state file handling, munin->root privilege [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=849834
[ 4 ] Bug #603344 - On install, Fedora selected all Linux swap partitions and entered them for mounting in fstab
https://bugzilla.redhat.com/show_bug.cgi?id=603344
[ 5 ] Bug #823533 - hddtemp_smartctl plugin has a bug
https://bugzilla.redhat.com/show_bug.cgi?id=823533
[ 6 ] Bug #825820 - Libvirt is missing important hooks
https://bugzilla.redhat.com/show_bug.cgi?id=825820
[ 7 ] Bug #834055 - Munin updates changing permissions, conflicts with what munin-check does
https://bugzilla.redhat.com/show_bug.cgi?id=834055
[ 8 ] Bug #812893 - munin various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=812893
[ 9 ] Bug #812894 - munin various flaws [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=812894
[ 10 ] Bug #839786 - RFE: Update munin to 2.0.x release
https://bugzilla.redhat.com/show_bug.cgi?id=839786
[ 11 ] Bug #840496 - Update to upstream 2.0.2
https://bugzilla.redhat.com/show_bug.cgi?id=840496
--------------------------------------------------------------------------------
================================================================================
olpc-os-builder-5.0.0-1.fc17 (FEDORA-2012-13124)
A development tool to build and customize OLPC OS images
--------------------------------------------------------------------------------
Update Information:
New release for OLPC OS 12.1.0.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 31 2012 Daniel Drake <dsd at laptop.org> - 5.0.0-1
- new release for OLPC OS 12.1.0
--------------------------------------------------------------------------------
================================================================================
openconnect-4.07-1.fc17 (FEDORA-2012-13147)
Open client for Cisco AnyConnect VPN
--------------------------------------------------------------------------------
Update Information:
This update fixes a bug when lots of outbound traffic causes buffers to get full
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 31 2012 David Woodhouse <David.Woodhouse at intel.com> - 4.07-1
- Update to 4.07 release (Fix #845636 CSTP write stall handling)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #845636 - openconnect error: SSL wrote too few bytes! Asked for 1375, sent 0
https://bugzilla.redhat.com/show_bug.cgi?id=845636
--------------------------------------------------------------------------------
================================================================================
python-alembic-0.3.4-4.fc17 (FEDORA-2012-13122)
Database migration tool for SQLAlchemy
--------------------------------------------------------------------------------
Update Information:
Initial import (#837988)
--------------------------------------------------------------------------------
================================================================================
python-rhsm-1.0.7-1.fc17 (FEDORA-2012-13140)
A Python library to communicate with a Red Hat Unified Entitlement Platform
--------------------------------------------------------------------------------
Update Information:
Support arbitrary bit length serial numbers, fix attempts to use certificate file when it doesn't exist.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 29 2012 Alex Wood <awood at redhat.com> 1.0.7-1
- 851644: Only use the cert file if it exists (bkearney at redhat.com)
* Tue Aug 28 2012 Alex Wood <awood at redhat.com> 1.0.6-1
- 848742: support arbitrary bit length serial numbers (jbowes at redhat.com)
- Stop doing F15 Fedora builds, add EL5 public builds. (dgoodwin at redhat.com)
--------------------------------------------------------------------------------
================================================================================
sane-backends-1.0.23-1.fc17 (FEDORA-2012-13142)
Scanner access software
--------------------------------------------------------------------------------
Update Information:
New upstream version:
Changes since 1.0.22
====================
* New backends: kvs40xx (Panasonic KV-S40xx), kodakaio (Kodak AiO ESP and Hero)
* Significant enhancements to several backends
* 30 new scanner models supported
* V4L support improvements
* Improvements for builds on multiple platforms
* Improved udev rules
* Updated software deskew algorithm
* Documentation updates
* Bugfixes
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 31 2012 Nils Philippsen <nils at redhat.com> - 1.0.23-1
- version 1.0.23
- update udev patch, remove obsolete patches
- use %_hardened_build macro from F-16 on instead of tweaking flags manually
- don't use the same SONAME for backend libs and main lib
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.0.22-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Wed Jul 11 2012 Rex Dieter <rdieter at fedoraproject.org> 1.0.22-12
- rebuild (gphoto2)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #740990 - sane-backends-drivers- is providing libsane.so.1, this seems wrong
https://bugzilla.redhat.com/show_bug.cgi?id=740990
--------------------------------------------------------------------------------
================================================================================
supervisor-3.0-0.10.a12.fc17 (FEDORA-2012-13141)
A System for Allowing the Control of Process State on UNIX
--------------------------------------------------------------------------------
Update Information:
Fix enabling/disabling of the service with systemctl.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 30 2012 Nils Philippsen <nils at redhat.com> - 3.0-0.10.a12
- add [Install] section to service file, so systemctl can enable it
* Tue Aug 21 2012 Nils Philippsen <nils at redhat.com> - 3.0-0.9.a12
- use systemd macros from F-18/RHEL-7 on
- use %{_unitdir} macro for systemd unit paths
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.0-0.8.a12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
tomcatjss-7.0.0-3.fc17 (FEDORA-2012-13130)
JSSE implementation using JSS for Tomcat
--------------------------------------------------------------------------------
Update Information:
Bugzilla Bug 819554 - tomcatjss: Please migrate from tomcat6 to tomcat7
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 2 2012 Matthew Harmsen <mharmsen at redhat.com> 7.0.0-3
- PKI TRAC Ticket #283 - Dogtag 10: Integrate Tomcat 6 'tomcatjss.jar' and
Tomcat 7 'tomcat7jss.jar' in Fedora 18 tomcatjss package
* Thu Jul 26 2012 Matthew Harmsen <mharmsen at redhat.com> 7.0.0-2
- Fixed runtime 'Requires' cut/paste typos
* Wed Jun 6 2012 Matthew Harmsen <mharmsen at redhat.com> 7.0.0-1
- Bugzilla Bug #819554 - tomcatjss: Please migrate from tomcat6 to tomcat7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #819554 - tomcatjss: Please migrate from tomcat6 to tomcat7
https://bugzilla.redhat.com/show_bug.cgi?id=819554
--------------------------------------------------------------------------------
================================================================================
wine-1.5.12-2.fc17 (FEDORA-2012-13137)
A compatibility layer for windows applications
--------------------------------------------------------------------------------
Update Information:
* Support for disabling individual joysticks.
* Better support for D3DX9 constant tables.
* Some XRandR improvements.
* Various bug fixes.
1.5.11
* Multi-channel support in the ALSA driver.
* Removal of the big X11 lock.
* Support for pair positioning adjustments in Uniscribe.
* More I/O stream implementations in the C++ runtime.
* Various bug fixes.
1.5.10
* New version of the Gecko engine based on Firefox 14.
* Support for OpenGL in the DIB engine using libOSMesa.
* Off-screen rendering is now the default in Direct3D.
* Some more WMI infrastructure.
* Various bug fixes.
* Support for GPOS font tables in Uniscribe.
* Support for XRandr 1.2 and 1.3.
* Parser improvements for the HLSL compiler.
* Relay tracing on ARM.
* Various bug fixes.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 31 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
- 1.5.12-1
- version upgrade
* Thu Aug 30 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
- 1.5.11-2
- rebuild on rawhide for fixed libOSMesa
--------------------------------------------------------------------------------
================================================================================
xfce4-places-plugin-1.4.0-2.fc17 (FEDORA-2012-13144)
Places menu for the Xfce panel
--------------------------------------------------------------------------------
Update Information:
The latest version of the 'Places' plugin has an improved button layout, correctly uses the preferred file manager as set in Xfce settings and saves settings when the configuration dialog box is closed to avoid configuration loss. The "Mount and Open" function was fixed and translations were updated.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 31 2012 Christoph Wickert <cwickert at fedoraproject.org> - 1.4.0-2
- Bump release for koji miracle
* Fri Aug 31 2012 Christoph Wickert <cwickert at fedoraproject.org> - 1.4.0-1
- Update to 1.4.0 (fixes #757180)
- Bring back the icon naming patch
- No longer require Thunar (not using thunar-vfs any more)
* Sun Jul 22 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.3.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Sat Apr 21 2012 Kevin Fenzi <kevin at scrye.com> - 1.3.0-1
- Update to 1.3.0
* Sun Apr 15 2012 Kevin Fenzi <kevin at scrye.com> - 1.2.0-10
- Rebuild for Xfce 4.10(pre2)
* Thu Apr 5 2012 Kevin Fenzi <kevin at scrye.com> - 1.2.0-9
- Rebuild for Xfce 4.10
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #757180 - [PATCH] xfce4-places-plugin doesn't launch the preferred filemanager correctly
https://bugzilla.redhat.com/show_bug.cgi?id=757180
--------------------------------------------------------------------------------
More information about the test
mailing list