Fedora 16 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Sat Jan 12 15:34:51 UTC 2013
The following Fedora 16 Security updates need testing:
Age URL
0 https://admin.fedoraproject.org/updates/FEDORA-2013-0723/thunderbird-17.0.2-1.fc16
32 https://admin.fedoraproject.org/updates/FEDORA-2012-20156/389-ds-base-1.2.10.24-1.fc16
32 https://admin.fedoraproject.org/updates/FEDORA-2012-20157/libproxy-0.4.11-1.fc16
112 https://admin.fedoraproject.org/updates/FEDORA-2012-14452/bacula-5.0.3-33.fc16
3 https://admin.fedoraproject.org/updates/FEDORA-2013-0468/proftpd-1.3.4b-4.fc16
31 https://admin.fedoraproject.org/updates/FEDORA-2012-20236/rssh-2.3.4-1.fc16
190 https://admin.fedoraproject.org/updates/FEDORA-2012-10314/revelation-0.4.14-1.fc16
110 https://admin.fedoraproject.org/updates/FEDORA-2012-14654/tor-0.2.2.39-1600.fc16
7 https://admin.fedoraproject.org/updates/FEDORA-2013-0225/pl-5.10.2-9.fc16
7 https://admin.fedoraproject.org/updates/FEDORA-2013-0244/rubygem-activerecord-3.0.10-4.fc16
0 https://admin.fedoraproject.org/updates/FEDORA-2013-0640/moin-1.9.6-1.fc16
0 https://admin.fedoraproject.org/updates/FEDORA-2013-0633/perl-5.14.3-205.fc16
3 https://admin.fedoraproject.org/updates/FEDORA-2013-0477/gnupg-1.4.13-2.fc16
3 https://admin.fedoraproject.org/updates/FEDORA-2012-19347/cups-1.5.4-12.fc16
7 https://admin.fedoraproject.org/updates/FEDORA-2013-0222/gnupg2-2.0.19-7.fc16
7 https://admin.fedoraproject.org/updates/FEDORA-2013-0269/drupal7-context-3.0-0.3.beta6.fc16
10 https://admin.fedoraproject.org/updates/FEDORA-2013-0061/php-ZendFramework-1.12.1-1.fc16
3 https://admin.fedoraproject.org/updates/FEDORA-2013-0270/qt-4.8.4-6.fc16
0 https://admin.fedoraproject.org/updates/FEDORA-2013-0686/rubygem-actionpack-3.0.10-10.fc16,rubygem-activerecord-3.0.10-5.fc16,rubygem-activesupport-3.0.10-5.fc16,rubygem-activemodel-3.0.10-2.fc16
The following Fedora 16 Critical Path updates have yet to be approved:
Age URL
0 https://admin.fedoraproject.org/updates/FEDORA-2013-0633/perl-5.14.3-205.fc16
0 https://admin.fedoraproject.org/updates/FEDORA-2013-0723/thunderbird-17.0.2-1.fc16
0 https://admin.fedoraproject.org/updates/FEDORA-2013-0632/perl-5.14.3-204.fc16
The following builds have been pushed to Fedora 16 updates-testing
duff-0.5.2-5.fc16
fritzing-0.7.11b-2.fc16
gfal-1.14.0-1.fc16
gfal2-2.1.1-0.fc16
html-xml-utils-6.3-1.fc16
jreen-1.1.1-1.fc16
kernel-3.6.11-4.fc16
lua-lgi-0.6.2-5.fc16
mate-control-center-1.5.2-2.fc16
mate-window-manager-1.5.2-11.fc16
moin-1.9.6-1.fc16
munin-2.0.10-1.fc16
nagios-plugins-openmanage-3.7.9-1.fc16
opendkim-2.7.4-1.fc16
perl-5.14.3-204.fc16
perl-5.14.3-205.fc16
php-horde-Horde-Cli-2.0.2-1.fc16
php-horde-Horde-Date-2.0.2-1.fc16
php-horde-Horde-Exception-2.0.2-1.fc16
php-horde-Horde-Nls-2.0.2-1.fc16
php-horde-Horde-Util-2.0.3-1.fc16
php-voms-admin-0.6.7-1.fc16
pylint-0.26.0-1.fc16
python-boto-2.5.2-3.fc16
python-fedora-0.3.30-1.fc16
python-logilab-astng-0.24.1-1.fc16
python-logilab-common-0.58.3-1.fc16
rubygem-actionpack-3.0.10-10.fc16
rubygem-activemodel-3.0.10-2.fc16
rubygem-activerecord-3.0.10-5.fc16
rubygem-activesupport-3.0.10-5.fc16
shellinabox-2.14-19.git88822c1f.fc16
srm-ifce-1.14.0-1.fc16
thunderbird-17.0.2-1.fc16
wordpress-3.5-3.fc16
zathura-djvu-0.2.1-2.fc16
Details about builds:
================================================================================
duff-0.5.2-5.fc16 (FEDORA-2013-0644)
Quickly find duplicate files
--------------------------------------------------------------------------------
Update Information:
duff 0.5.2 - Fix issues with dirs.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 25 2012 Eduardo Echeverria <echevemaster at gmail.com> - 0.5.2-5
- Added %{datadir}/duff to spec
- Remove non-existent tests
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #857639 - Review Request: duff - Quickly find duplicate files
https://bugzilla.redhat.com/show_bug.cgi?id=857639
--------------------------------------------------------------------------------
================================================================================
fritzing-0.7.11b-2.fc16 (FEDORA-2013-0623)
Electronic Design Automation software; from prototype to product
--------------------------------------------------------------------------------
Update Information:
This release fixes a **startup crash** that seems to have appeared with a recent update of qt. It also backports a fix from upstream (see bug tracker link below) that corrects problems due to a pre-generated parts sqlite database not being available.
Upstream bug tracker links for included patches:
* No parts.db available: http://code.google.com/p/fritzing/issues/detail?id=2358
* Relative paths in new panelizer off by one: http://code.google.com/p/fritzing/issues/detail?id=2365
* Remove auto-update functionality: http://code.google.com/p/fritzing/issues/detail?id=2366
* Don't use packaged libraries: http://code.google.com/p/fritzing/issues/detail?id=2367
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 8 2013 Ed Marshall <esm at logic.net> - 0.7.11b-2
- Backport upstream patch for gracefully handling missing parts database.
* Mon Jan 7 2013 Ed Marshall <esm at logic.net> - 0.7.11b-1
- Updated to 0.7.11b release.
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.7.5b-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Tue Jul 3 2012 Peter Robinson <pbrobinson at fedoraproject.org> - 0.7.5b-1
- Updated to 0.7.5b release.
- Update patches
- Cleanup and modernise spec
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #852568 - [abrt] fritzing-0.7.5b-1.fc17: Process /usr/bin/Fritzing was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=852568
[ 2 ] Bug #892556 - fritzing-0.7.11b is available
https://bugzilla.redhat.com/show_bug.cgi?id=892556
--------------------------------------------------------------------------------
================================================================================
gfal-1.14.0-1.fc16 (FEDORA-2013-0650)
Grid File access library
--------------------------------------------------------------------------------
Update Information:
Update 1.14.0-1 for fix of LCGUTIL-82
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 8 2013 Adrien Devresse <adevress at cern.ch> - 1.14.0-1
- fix for LCGUTIL-82
* Thu Nov 29 2012 Adrien Devresse <adevress at cern.ch> - 1.14.0
- correction of a warning message in lcg-util LCGUTIL-47
- change default srm timeout to 3600 seconds LCGUTIL-180
* Thu Sep 13 2012 Adrien Devresse <adevress at cern.ch> - 1.13.9-0
- fix the emi wn conflict between 32bits version and 64bits version
--------------------------------------------------------------------------------
================================================================================
gfal2-2.1.1-0.fc16 (FEDORA-2013-0662)
Grid file access library 2.0
--------------------------------------------------------------------------------
Update Information:
Update 2.1.1 of GFAL 2.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 10 2013 Adrien Devresse <adevress at cern.ch> - 2.1.1-0
- fix a minor memory issue with the gfal_transfer stack
- fix a wrong error report problem with srm third party copy
* Wed Dec 5 2012 Adrien Devresse <adevress at cern.ch> - 2.1.0-2
- fix an issue this surl to turl resolution for SRM third party copy
* Fri Nov 30 2012 Adrien Devresse <adevress at cern.ch> - 2.1.0-0
- One-globus session system for gsiftp plugin ( FTS 3.0 need )
- correct a major issue with the gass attribute system in gsiftp plugin
- change the lfc set/get env var for a one compatible with set/get opt
- add set/nb streams option for gsiftp
- add the mkdir rec function for SRM transfer
- correct an issue with opendir and srm_ls ( ENOTDIR error silent )
- correct a memory leak in the cache system
- correct timeout support for gsiftp transfer
- implement tcp buffer size support for gsiftp layer
- apply a correction on the SRM over-write logic, related to a BeStMan errcode problem on File Not Found with srmRm ( EOS )
- apply a fix on the transfer gsiftp timeout ( protection against multiple cancel )
- fix for SRM filesize problem ( defined to 0, workaround ) related to globus 426 error bad filesize
- secure the callback system for globus gass timeout
- base implementation of the http plugin
- improve reliability of the bdii resolution
- add a fallback mechanism in case of bdii bad resolution
- correct several race conditions in the bdii layer
- add thread safe support for set/get variables in liblfc
- correct a deadlock problem with globus and gisftp plugin
- implement the mkdir_rec logic for general purpose
- implement the parent folder creation logic with gridftp
- add support for lfc://host/path URL style for the lfc plugin
- switch off_t to 64bits size by default ( _FILE_OFFSET_BITS=64)
- provide a "nobdii" like option
- provide the choice of turl protocol resolution for srm plugin
--------------------------------------------------------------------------------
================================================================================
html-xml-utils-6.3-1.fc16 (FEDORA-2013-0617)
A number of simple utilities for manipulating HTML and XML files
--------------------------------------------------------------------------------
Update Information:
-See http://www.w3.org/Tools/HTML-XML-utils/ChangeLog for changes.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 10 2013 Miloš Jakubíček <xjakub at fi.muni.cz> - 6.3-1
- Update to 6.3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #893911 - html-xml-utils-6.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=893911
--------------------------------------------------------------------------------
================================================================================
jreen-1.1.1-1.fc16 (FEDORA-2013-0683)
Qt XMPP Library
--------------------------------------------------------------------------------
Update Information:
New upstream bugfix release.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 8 2013 Rex Dieter <rdieter at fedoraproject.org> 1.1.1-1
- jreen-1.1.1
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.1.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
kernel-3.6.11-4.fc16 (FEDORA-2013-0651)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
Bugfixes for a few issues.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 8 2013 Josh Boyer <jwboyer at redhat.com> - 3.6.11-4
- Add patch to fix shutdown on some machines (rhbz 890547)
* Fri Jan 4 2013 Josh Boyer <jwboyer at redhat.com>
- Fix oops on aoe module removal (rhbz 853064)
* Wed Jan 2 2013 Josh Boyer <jwboyer at redhat.com>
- Fix autofs issue in 3.6 (rhbz 874372)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #890547 - The system restarts when doing a shutdown
https://bugzilla.redhat.com/show_bug.cgi?id=890547
[ 2 ] Bug #853064 - List_del corruption when removing the module AOE
https://bugzilla.redhat.com/show_bug.cgi?id=853064
[ 3 ] Bug #874372 - kernel-3.6... updates break autofs (and consequently shutdown/reboot)
https://bugzilla.redhat.com/show_bug.cgi?id=874372
--------------------------------------------------------------------------------
================================================================================
lua-lgi-0.6.2-5.fc16 (FEDORA-2013-0680)
Lua bindings to GObject libraries
--------------------------------------------------------------------------------
Update Information:
LGI is gobject-introspection based dynamic Lua binding to GObject based libraries. It allows using GObject-based libraries directly from Lua.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #889901 - Review Request: lua-lgi - Lua bindings to GObject libraries
https://bugzilla.redhat.com/show_bug.cgi?id=889901
--------------------------------------------------------------------------------
================================================================================
mate-control-center-1.5.2-2.fc16 (FEDORA-2013-0629)
MATE Desktop control-center
--------------------------------------------------------------------------------
Update Information:
Various bugfixes for gsettings/window prefs.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 11 2013 Dan Mashal <dan.mashal at fedoraproject.org> - 1.5.2-2
- Switch back to old BR scheme.
- Drop unneeded BR's
- Add upstream patch to fix tielbar actions
* Fri Dec 21 2012 Nelson Marques <nmarques at fedoraproject.org> - 1.5.2-1
- Update to version 1.5.2 so we can receive mate-panel 1.5.3
- Remove dropped BRs: MateCORBA-2.0
- Split out libslab (now distributed)
- Minor rework for readibility and ordered BuildRequires
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #889789 - Changing the Titlebar Action has no effect
https://bugzilla.redhat.com/show_bug.cgi?id=889789
--------------------------------------------------------------------------------
================================================================================
mate-window-manager-1.5.2-11.fc16 (FEDORA-2013-0672)
MATE Desktop window manager
--------------------------------------------------------------------------------
Update Information:
Various bugfixes for gsettings/window prefs.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 11 2013 Dan Mashal <dan.mashal at fedoraproject.org> - 1.5.2-11
- Convert back to old BR format
- Drop unneeded BRs
- Own directories that are supposed to be owned (marco-1)
- Fix missing "X-Mate" category.
- Add gsettings data convert file for users upgrading from 1.4
- Fix update of gsettings enum preferences
* Mon Dec 10 2012 Dan Mashal <dan.mashal at fedoraproject.org> - 1.5.2-10
- Rebuild for ARM
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #889789 - Changing the Titlebar Action has no effect
https://bugzilla.redhat.com/show_bug.cgi?id=889789
--------------------------------------------------------------------------------
================================================================================
moin-1.9.6-1.fc16 (FEDORA-2013-0640)
MoinMoin is a WikiEngine to collaborate on easily editable web pages
--------------------------------------------------------------------------------
Update Information:
Update to 1.9.6. Fixes CVE-2012-6495
For full changes, see:
http://hg.moinmo.in/moin/1.9/raw-file/1.9.6/docs/CHANGES
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 10 2013 Kevin Fenzi <kevin at scrye.com> 1.9.6-1
- Update to 1.9.6. Fixes CVE-2012-6495
- Fix changelog dates.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #890902 - CVE-2012-6081 moinmoin: remote code execution vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=890902
[ 2 ] Bug #890903 - CVE-2012-6082 moinmoin: Wiki (XSS in rss link)
https://bugzilla.redhat.com/show_bug.cgi?id=890903
[ 3 ] Bug #890904 - CVE-2012-6080 moinmoin: Path traversal vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=890904
--------------------------------------------------------------------------------
================================================================================
munin-2.0.10-1.fc16 (FEDORA-2013-0663)
Network-wide graphing framework (grapher/gatherer)
--------------------------------------------------------------------------------
Update Information:
Update to 2.0.10 plus minor bug fixes
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 9 2013 D. Johnson <fenris02 at fedoraproject.org> - 2.0.10-1
- Update to 2.0.10
- BZ# 891940,892377 Only stop/restart services provided by sub-package, not deps.
- BZ# 881689 Fix config file so that it no longer references the build host
- BZ# 877116 Patch using '&' in the URLs instead of '&' in HTMLConfig
* Fri Dec 21 2012 D. Johnson <fenris02 at fedoraproject.org> - 2.0.9-4
- Use Makefile.config-dist instead of sed.
- BZ# 890246,890247 "su" directive is not used in epel5/6 logrotate
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #891940 - Cannot uninstall munin-node due to preun assumptions
https://bugzilla.redhat.com/show_bug.cgi?id=891940
[ 2 ] Bug #892377 - munin 2.0.8+ has a broken package ownership that prevents uninstall
https://bugzilla.redhat.com/show_bug.cgi?id=892377
[ 3 ] Bug #881689 - munin.conf contains reference to fedora project hostname
https://bugzilla.redhat.com/show_bug.cgi?id=881689
[ 4 ] Bug #877116 - munin error with XHTML validation - graph detail pages don't display properly
https://bugzilla.redhat.com/show_bug.cgi?id=877116
[ 5 ] Bug #890246 - munin has an incorrect entry in its logrotate files
https://bugzilla.redhat.com/show_bug.cgi?id=890246
[ 6 ] Bug #890247 - munin has an incorrect entry in its logrotate files
https://bugzilla.redhat.com/show_bug.cgi?id=890247
--------------------------------------------------------------------------------
================================================================================
nagios-plugins-openmanage-3.7.9-1.fc16 (FEDORA-2013-0699)
Nagios plugin to monitor hardware health on Dell servers
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 10 2013 Trond Hasle Amundsen <t.h.amundsen at usit.uio.no> - 3.7.9-1
- Upstream release 3.7.9
--------------------------------------------------------------------------------
================================================================================
opendkim-2.7.4-1.fc16 (FEDORA-2013-0628)
A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail
--------------------------------------------------------------------------------
Update Information:
This is a collection of minor bug fixes. Upgrade is required only if there is something in the release that fixes a pain point you're having at your site.
-Fix bug #SF3596147: Allow arbitrarily long configuration file lines. Based on a patch from Daniel Black.
- Fix bug #SF3596229: Fix logging of signature errors, which logged the domain name twice instead of the domain name and the selector. Patch from Daniel Black.
- Safely handle incoming Authentication-Results fields with large number of tokens. Problem noted by Motohiro Ishiyama and John Wood.
- Avoid mixing up status codes when processing conf_logresults, leading to confusing log entries. Problem reported by John Wood.
- Fix ADSP logging. Problem noted by Claus Assmann.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 8 2013 Steve Jenkins <steve stevejenkins com> 2.7.4-1
- Updated to use newer upstream 2.7.4 source code
- Added AutoRestart and AutoRestartRate directives to default configuration
- Changed default SigningTable directive to include refile: for wildcard support
--------------------------------------------------------------------------------
================================================================================
perl-5.14.3-204.fc16 (FEDORA-2013-0632)
Practical Extraction and Report Language
--------------------------------------------------------------------------------
Update Information:
App::Cpan(3pm) manual page was included in two subpackages by mistake. This release keeps the file in perl-CPAN package only.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 10 2013 Petr Pisar <ppisar at redhat.com> - 4:5.14.3-204
- Do not package App::Cpan(3pm) to perl-Test-Harness (bug #893768)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #893768 - /usr/share/man/man3/App::Cpan.3pm.gz is duplicated between perl-CPAN and perl-Test-Harness
https://bugzilla.redhat.com/show_bug.cgi?id=893768
--------------------------------------------------------------------------------
================================================================================
perl-5.14.3-205.fc16 (FEDORA-2013-0633)
Practical Extraction and Report Language
--------------------------------------------------------------------------------
Update Information:
Fix Locale::Maketext vulnerability allowing to cross-call functions from message catalogs (CVE-2012-6329).
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 11 2013 Petr Pisar <ppisar at redhat.com> - 4:5.14.3-205
- Fix CVE-2012-6329 (misparsing of maketext strings) (bug #884354)
* Thu Jan 10 2013 Petr Pisar <ppisar at redhat.com> - 4:5.14.3-204
- Do not package App::Cpan(3pm) to perl-Test-Harness (bug #893768)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #884354 - CVE-2012-6329 perl: possible arbitrary code execution via Locale::Maketext
https://bugzilla.redhat.com/show_bug.cgi?id=884354
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Cli-2.0.2-1.fc16 (FEDORA-2013-0714)
Horde Command Line Interface API
--------------------------------------------------------------------------------
Update Information:
Update to latest versions
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 11 2013 Nick Bebout <nb at fedoraproject.org> - 2.0.2-1
- Update to 2.0.2
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Date-2.0.2-1.fc16 (FEDORA-2013-0714)
Horde Date package
--------------------------------------------------------------------------------
Update Information:
Update to latest versions
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 11 2013 Nick Bebout <nb at fedoraproject.org> - 2.0.2-1
- Update to 2.0.2
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Exception-2.0.2-1.fc16 (FEDORA-2013-0714)
Horde Exception Handler
--------------------------------------------------------------------------------
Update Information:
Update to latest versions
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 11 2013 Nick Bebout <nb at fedoraproject.org> - 2.0.2-1
- Update to 2.0.2
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Nls-2.0.2-1.fc16 (FEDORA-2013-0714)
Native Language Support (NLS)
--------------------------------------------------------------------------------
Update Information:
Update to latest versions
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 11 2013 Nick Bebout <nb at fedoraproject.org> - 2.0.2-1
- Update to 2.0.2
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Util-2.0.3-1.fc16 (FEDORA-2013-0714)
Horde Utility Libraries
--------------------------------------------------------------------------------
Update Information:
Update to latest versions
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 11 2013 Nick Bebout <nb at fedoraproject.org> - 2.0.3-1
- update to 2.0.3
--------------------------------------------------------------------------------
================================================================================
php-voms-admin-0.6.7-1.fc16 (FEDORA-2013-0719)
Web based interface to control VOMS parameters written in PHP
--------------------------------------------------------------------------------
Update Information:
New upstream release. Adds support for Apache 2.4 configuration changes.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 8 2013 Mattias Ellert <mattias.ellert at fysast.uu.se> - 0.6.7-1
- Update to released version 0.6.7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #871454 - Broken configuration for httpd 2.4
https://bugzilla.redhat.com/show_bug.cgi?id=871454
--------------------------------------------------------------------------------
================================================================================
pylint-0.26.0-1.fc16 (FEDORA-2013-0626)
Analyzes Python code looking for bugs and signs of poor quality
--------------------------------------------------------------------------------
Update Information:
New upstream versions.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 10 2013 Brian C. Lane <bcl at redhat.com> 0.26.0-1
- Upstream 0.26.0
- Add python3-pylint and python3-pylint-gui subpackages. Not ready to turn it
on yet due to this upstream bug: http://www.logilab.org/ticket/110213
* Fri Aug 3 2012 Brian C. Lane <bcl at redhat.com> 0.25.2-1
- Upstream 0.25.2
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.25.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-boto-2.5.2-3.fc16 (FEDORA-2013-0703)
A simple lightweight interface to Amazon Web Services
--------------------------------------------------------------------------------
Update Information:
This update fixes boto issue 881, which made the instance objects returned by start_instances, stop_instances, and terminate_instances end up with incorrect previous and current states.
https://github.com/boto/boto/issues/881
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 8 2013 Garrett Holmstrom <gholms at fedoraproject.org> - 2.5.2-3
- Fixed parsing of current/previous instance state data (boto #881)
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.5.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-fedora-0.3.30-1.fc16 (FEDORA-2013-0616)
Python modules for talking to Fedora Infrastructure Services
--------------------------------------------------------------------------------
Update Information:
* Added a lookup_email parameter to fedora.client.AccountSystem.gravatar_url()
to allow generating gravaar urls without looking up email addresses in fas.
* Fixed a bug in fedora.tg.utils.tg_absolute_url() where it was still appending
the csrf_token.
* Add an auth adapter for flask web apps to authenticate to FAS
* New minimum version of python: requires python-2.5 or higher
* Fix localization of login templates (laxathom)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 10 2013 Toshio Kuratomi <toshio at fedoraproject.org> - 0.3.30-1
- Make TG's loginForm and CSRF's text translated from tg-apps (laxathom).
- Fix a bug in fedora.tg.utils.tg_absolute_url
- Add a lookup email parameter to gravatar lookups
- Add an auth provider for flask
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.3.29-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-logilab-astng-0.24.1-1.fc16 (FEDORA-2013-0626)
Python Abstract Syntax Tree New Generation
--------------------------------------------------------------------------------
Update Information:
New upstream versions.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 10 2013 Brian C. Lane <bcl at redhat.com> 0.24.1-1
- Upstream v0.24.1
- Add python3-logilab-astng subpackage to spec. Not ready to turn it on yet
due to this upstream bug: http://www.logilab.org/ticket/110213
--------------------------------------------------------------------------------
================================================================================
python-logilab-common-0.58.3-1.fc16 (FEDORA-2013-0626)
Common libraries for Logilab projects
--------------------------------------------------------------------------------
Update Information:
New upstream versions.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 10 2013 Brian C. Lane <bcl at redhat.com> 0.58.3-1
- Upstream 0.58.3
- Add python3-logilab-common subpackage to spec. Not ready to turn it on yet
due to this upstream bug: http://www.logilab.org/ticket/110213
--------------------------------------------------------------------------------
================================================================================
rubygem-actionpack-3.0.10-10.fc16 (FEDORA-2013-0686)
Web-flow and rendering framework putting the VC in MVC
--------------------------------------------------------------------------------
Update Information:
Fix for CVE-2013-0155 and CVE-2013-0156.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 10 2013 Vít Ondruch <vondruch at redhat.com> - 1:3.0.10-6
- Fix for CVE-2013-0155.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #892866 - CVE-2013-0155 rubygem-actionpack, rubygem-activerecord: Unsafe Query Generation Risk in Ruby on Rails
https://bugzilla.redhat.com/show_bug.cgi?id=892866
[ 2 ] Bug #892870 - CVE-2013-0156 rubygem-activesupport: Multiple vulnerabilities in parameter parsing in ActionPack
https://bugzilla.redhat.com/show_bug.cgi?id=892870
--------------------------------------------------------------------------------
================================================================================
rubygem-activemodel-3.0.10-2.fc16 (FEDORA-2013-0686)
A toolkit for building modeling frameworks
--------------------------------------------------------------------------------
Update Information:
Fix for CVE-2013-0155 and CVE-2013-0156.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 10 2013 Vít Ondruch <vondruch at redhat.com> - 3.0.10-2
- Fixing issues introduced by CVE-2013-0155 and CVE-2013-0156.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #892866 - CVE-2013-0155 rubygem-actionpack, rubygem-activerecord: Unsafe Query Generation Risk in Ruby on Rails
https://bugzilla.redhat.com/show_bug.cgi?id=892866
[ 2 ] Bug #892870 - CVE-2013-0156 rubygem-activesupport: Multiple vulnerabilities in parameter parsing in ActionPack
https://bugzilla.redhat.com/show_bug.cgi?id=892870
--------------------------------------------------------------------------------
================================================================================
rubygem-activerecord-3.0.10-5.fc16 (FEDORA-2013-0686)
Implements the ActiveRecord pattern for ORM
--------------------------------------------------------------------------------
Update Information:
Fix for CVE-2013-0155 and CVE-2013-0156.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 10 2013 Vít Ondruch <vondruch at redhat.com> - 1:3.0.10-5
- Fix for CVE-2013-0155.
* Fri Jan 4 2013 Vít Ondruch <vondruch at redhat.com> - 1:3.0.10-4
- Fix for CVE-2012-6496.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #892866 - CVE-2013-0155 rubygem-actionpack, rubygem-activerecord: Unsafe Query Generation Risk in Ruby on Rails
https://bugzilla.redhat.com/show_bug.cgi?id=892866
[ 2 ] Bug #892870 - CVE-2013-0156 rubygem-activesupport: Multiple vulnerabilities in parameter parsing in ActionPack
https://bugzilla.redhat.com/show_bug.cgi?id=892870
--------------------------------------------------------------------------------
================================================================================
rubygem-activesupport-3.0.10-5.fc16 (FEDORA-2013-0686)
Support and utility classes used by the Rails framework
--------------------------------------------------------------------------------
Update Information:
Fix for CVE-2013-0155 and CVE-2013-0156.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 10 2013 Vít Ondruch <vondruch at redhat.com> - 1:3.0.10-5
- Fix for CVE-2013-0156.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #892866 - CVE-2013-0155 rubygem-actionpack, rubygem-activerecord: Unsafe Query Generation Risk in Ruby on Rails
https://bugzilla.redhat.com/show_bug.cgi?id=892866
[ 2 ] Bug #892870 - CVE-2013-0156 rubygem-activesupport: Multiple vulnerabilities in parameter parsing in ActionPack
https://bugzilla.redhat.com/show_bug.cgi?id=892870
--------------------------------------------------------------------------------
================================================================================
shellinabox-2.14-19.git88822c1f.fc16 (FEDORA-2013-0642)
Web based AJAX terminal emulator
--------------------------------------------------------------------------------
Update Information:
Bug fix build
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 9 2013 Simone Caronni <negativo17 at gmail.com> - 2.14-19.git88822c1f
- Fix SysV init scripts.
* Wed Jan 9 2013 Simone Caronni <negativo17 at gmail.com> - 2.14-18.git88822c1f
- Updated init script according to Fedora template (#893129)
https://fedoraproject.org/wiki/Packaging:SysVInitScript?rd=Packaging/SysVInitScript
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #893129 - condrestart mode fails in init script /etc/rc.d/init.d/shellinaboxd
https://bugzilla.redhat.com/show_bug.cgi?id=893129
--------------------------------------------------------------------------------
================================================================================
srm-ifce-1.14.0-1.fc16 (FEDORA-2013-0647)
SRM client side library
--------------------------------------------------------------------------------
Update Information:
Update 1.14.0-1 for fix of LCGUTIL-82
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 8 2013 Adrien Devresse <adevress at cern.ch> - 1.14.0-1
- correct two timeout bug LCGUTIL-78 and LCGUTIL-82
* Thu Nov 29 2012 Adrien Devresse <adevress at cern.ch> - 1.14.0-0
- correct misleading namespace in PrepareToGetRequestStatus
- correct a timeout issue related to exponential backoff system in put/get
- improve reliability of the exponential backoff wait system
- big big code cleaning
- re-factory of the context system with backward compatibility
- fix the srm timeout issue
- fix the srm put done issue for long transfer
--------------------------------------------------------------------------------
================================================================================
thunderbird-17.0.2-1.fc16 (FEDORA-2013-0723)
Mozilla Thunderbird mail/newsgroup client
--------------------------------------------------------------------------------
Update Information:
- Security fixes can be found here: http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.2
- An issue that caused occasional corruption in local folders after filtering is now fixed (815012)
- An issue that caused deletion of drafts saved in IMAP folders whilst in offline mode is now fixed (805626)
More info about release:
- http://www.mozilla.org/en-US/thunderbird/16.0.2/releasenotes/
- Vulnerability outlined here: https://blog.mozilla.org/security/2012/10/10/security-vulnerability-in-firefox-16/
- Vulnerability outlined here: https://blog.mozilla.org/security/2012/10/10/security-vulnerability-in-firefox-16/
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 10 2013 Jan Horak <jhorak at redhat.com> - 17.0.2-1
- Update to 17.0.2
--------------------------------------------------------------------------------
================================================================================
wordpress-3.5-3.fc16 (FEDORA-2013-0611)
Blog tool and publishing platform
--------------------------------------------------------------------------------
Update Information:
Fix symlink to php-simplepie
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 2 2013 Remi Collet <rcollet at redhat.com> - 3.5-3
- fix links to system PHPMailer library
* Sun Dec 16 2012 Remi Collet <rcollet at redhat.com> - 3.5-2
- fix use of system Simplepie
- give access from local (httpd 2.4)
* Wed Dec 12 2012 Matěj Cepl <mcepl at redhat.com> - 3.5-1
- New upstream release.
* Tue Dec 4 2012 Matěj Cepl <mcepl at redhat.com> - 3.5-0.5.RC3
- New upstream release candidate.
* Fri Nov 30 2012 Matěj Cepl <mcepl at redhat.com> - 3.5-0.5.RC2
- New upstream release candidate.
* Sat Nov 24 2012 Matěj Cepl <mcepl at redhat.com> - 3.5-0.5.RC1
- New upstream release candidate.
* Tue Nov 13 2012 Matěj Cepl <mcepl at redhat.com> - 3.5-0.4.beta3
- New upstream beta3 version
* Mon Oct 29 2012 Remi Collet <rcollet at redhat.com> - 3.5-0.3.beta2
- use system PHPMailer
- requires needed php extensions
* Sat Oct 13 2012 Matěj Cepl <mcepl at redhat.com> - 3.5-0.2.beta2
- New upstream beta2 version
* Thu Oct 4 2012 Matěj Cepl <mcepl at redhat.com> - 3.5-0.2.beta1
- New upstream beta1 version
- Don’t even bother with removing gettext.php ... it is not used anymore
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #891764 - php-simplepie 1.3.1 breaks wordpress
https://bugzilla.redhat.com/show_bug.cgi?id=891764
--------------------------------------------------------------------------------
================================================================================
zathura-djvu-0.2.1-2.fc16 (FEDORA-2013-0690)
DjVu support for zathura
--------------------------------------------------------------------------------
Update Information:
DjVu plugin for Zathura.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #891125 - Review Request: zathura-djvu - DjVu support for zathura
https://bugzilla.redhat.com/show_bug.cgi?id=891125
--------------------------------------------------------------------------------
More information about the test
mailing list