Fedora 16 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Sun Feb 3 13:52:46 UTC 2013 

The following Fedora 16 Security updates need testing:
 Age  URL
  54  https://admin.fedoraproject.org/updates/FEDORA-2012-20157/libproxy-0.4.11-1.fc16
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-1748/sssd-1.8.6-1.fc16
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-1713/libupnp-1.6.18-1.fc16
  53  https://admin.fedoraproject.org/updates/FEDORA-2012-20236/rssh-2.3.4-1.fc16
  11  https://admin.fedoraproject.org/updates/FEDORA-2013-1257/libexif-0.6.21-2.fc16
 212  https://admin.fedoraproject.org/updates/FEDORA-2012-10314/revelation-0.4.14-1.fc16
 132  https://admin.fedoraproject.org/updates/FEDORA-2012-14654/tor-0.2.2.39-1600.fc16
   8  https://admin.fedoraproject.org/updates/FEDORA-2013-1485/Zim-0.59-1.fc16
  25  https://admin.fedoraproject.org/updates/FEDORA-2012-19347/cups-1.5.4-12.fc16
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-1666/android-tools-20130123git98d0789-1.fc16
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-1716/samba-3.6.12-1.fc16
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-1745/rubygem-activesupport-3.0.10-6.fc16
  15  https://admin.fedoraproject.org/updates/FEDORA-2013-0935/samba4-4.0.0-39.alpha16.fc16
   4  https://admin.fedoraproject.org/updates/FEDORA-2013-1642/libvirt-0.9.6.4-1.fc16
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-1735/wordpress-3.5.1-1.fc16
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-1898/java-1.6.0-openjdk-1.6.0.0-69.1.11.6.fc16


The following Fedora 16 Critical Path updates have yet to be approved:
 Age URL
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-1897/phonon-backend-gstreamer-4.6.3-1.fc16
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-1531/qrencode-3.4.1-1.fc16
  11  https://admin.fedoraproject.org/updates/FEDORA-2013-1257/libexif-0.6.21-2.fc16
 278  https://admin.fedoraproject.org/updates/FEDORA-2012-6994/upower-0.9.16-1.fc16


The following builds have been pushed to Fedora 16 updates-testing

    java-1.6.0-openjdk-1.6.0.0-69.1.11.6.fc16
    phonon-backend-gstreamer-4.6.3-1.fc16

Details about builds:


================================================================================
 java-1.6.0-openjdk-1.6.0.0-69.1.11.6.fc16 (FEDORA-2013-1898)
 OpenJDK Runtime Environment
--------------------------------------------------------------------------------
Update Information:

- Rewritten java-1.6.0-openjdk-java-access-bridge-security.patch 
- Updated to icedtea6 1.11.6
 - Security fixes
  - S6563318, CVE-2013-0424: RMI data sanitization
  - S6664509, CVE-2013-0425: Add logging context
  - S6664528, CVE-2013-0426: Find log level matching its name or value given at construction time
  - S6776941: CVE-2013-0427: Improve thread pool shutdown
  - S7141694, CVE-2013-0429: Improving CORBA internals
  - S7173145: Improve in-memory representation of splashscreens
  - S7186945: Unpack200 improvement
  - S7186946: Refine unpacker resource usage
  - S7186948: Improve Swing data validation
  - S7186952, CVE-2013-0432: Improve clipboard access
  - S7186954: Improve connection performance
  - S7186957: Improve Pack200 data validation
  - S7192392, CVE-2013-0443: Better validation of client keys
  - S7192393, CVE-2013-0440: Better Checking of order of TLS Messages
  - S7192977, CVE-2013-0442: Issue in toolkit thread
  - S7197546, CVE-2013-0428: (proxy) Reflect about creating reflective proxies
  - S7200491: Tighten up JTable layout code
  - S7200500: Launcher better input validation
  - S7201064: Better dialogue checking
  - S7201066, CVE-2013-0441: Change modifiers on unused fields
  - S7201068, CVE-2013-0435: Better handling of UI elements
  - S7201070: Serialization to conform to protocol
  - S7201071, CVE-2013-0433: InetSocketAddress serialization issue
  - S8000210: Improve JarFile code quality
  - S8000537, CVE-2013-0450: Contextualize RequiredModelMBean class
  - S8000540, CVE-2013-1475: Improve IIOP type reuse management
  - S8000631, CVE-2013-1476: Restrict access to class constructor
  - S8001235, CVE-2013-0434: Improve JAXP HTTP handling
  - S8001242: Improve RMI HTTP conformance
  - S8001307: Modify ACC_SUPER behavior
  - S8001972, CVE-2013-1478: Improve image processing
  - S8002325, CVE-2013-1480: Improve management of images
 - Backports
  - S7010849: 5/5 Extraneous javac source/target options when building sa-jdi
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan 15 2013 Jiri Vanek <jvanek at redhat.com> - 1:1.6.0.0-1.69.1.11.6
- Rewritten java-1.6.0-openjdk-java-access-bridge-security.patch 
- Updated to icedtea6 1.11.6
 - Security fixes
  - S6563318, CVE-2013-0424: RMI data sanitization
  - S6664509, CVE-2013-0425: Add logging context
  - S6664528, CVE-2013-0426: Find log level matching its name or value given at construction time
  - S6776941: CVE-2013-0427: Improve thread pool shutdown
  - S7141694, CVE-2013-0429: Improving CORBA internals
  - S7173145: Improve in-memory representation of splashscreens
  - S7186945: Unpack200 improvement
  - S7186946: Refine unpacker resource usage
  - S7186948: Improve Swing data validation
  - S7186952, CVE-2013-0432: Improve clipboard access
  - S7186954: Improve connection performance
  - S7186957: Improve Pack200 data validation
  - S7192392, CVE-2013-0443: Better validation of client keys
  - S7192393, CVE-2013-0440: Better Checking of order of TLS Messages
  - S7192977, CVE-2013-0442: Issue in toolkit thread
  - S7197546, CVE-2013-0428: (proxy) Reflect about creating reflective proxies
  - S7200491: Tighten up JTable layout code
  - S7200500: Launcher better input validation
  - S7201064: Better dialogue checking
  - S7201066, CVE-2013-0441: Change modifiers on unused fields
  - S7201068, CVE-2013-0435: Better handling of UI elements
  - S7201070: Serialization to conform to protocol
  - S7201071, CVE-2013-0433: InetSocketAddress serialization issue
  - S8000210: Improve JarFile code quality
  - S8000537, CVE-2013-0450: Contextualize RequiredModelMBean class
  - S8000540, CVE-2013-1475: Improve IIOP type reuse management
  - S8000631, CVE-2013-1476: Restrict access to class constructor
  - S8001235, CVE-2013-0434: Improve JAXP HTTP handling
  - S8001242: Improve RMI HTTP conformance
  - S8001307: Modify ACC_SUPER behavior
  - S8001972, CVE-2013-1478: Improve image processing
  - S8002325, CVE-2013-1480: Improve management of images
 - Backports
  - S7010849: 5/5 Extraneous javac source/target options when building sa-jdi
--------------------------------------------------------------------------------


================================================================================
 phonon-backend-gstreamer-4.6.3-1.fc16 (FEDORA-2013-1897)
 Gstreamer phonon backend
--------------------------------------------------------------------------------
Update Information:

New bugfix release, http://wm161.net/2013/02/01/phonon-gstreamer-4-6-3/
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb  1 2013 Rex Dieter <rdieter at fedoraproject.org> 4.6.3-1
- 4.6.3
--------------------------------------------------------------------------------

More information about the test mailing list