The following Fedora 16 Security updates need testing:
Age URL
0
https://admin.fedoraproject.org/updates/FEDORA-2012-17376/seamonkey-2.13....
40
https://admin.fedoraproject.org/updates/FEDORA-2012-14452/bacula-5.0.3-33...
0
https://admin.fedoraproject.org/updates/FEDORA-2012-17388/kdelibs-4.8.5-2...
0
https://admin.fedoraproject.org/updates/FEDORA-2012-17408/xen-4.1.3-3.fc16
12
https://admin.fedoraproject.org/updates/FEDORA-2012-16490/xlockmore-5.40-...
13
https://admin.fedoraproject.org/updates/FEDORA-2012-16415/389-ds-base-1.2...
118
https://admin.fedoraproject.org/updates/FEDORA-2012-10314/revelation-0.4....
38
https://admin.fedoraproject.org/updates/FEDORA-2012-14654/tor-0.2.2.39-16...
4
https://admin.fedoraproject.org/updates/FEDORA-2012-16986/cumin-0.1.5522-...
4
https://admin.fedoraproject.org/updates/FEDORA-2012-16988/firefox-16.0.2-...
44
https://admin.fedoraproject.org/updates/FEDORA-2012-14126/dbus-1.4.10-4.fc16
4
https://admin.fedoraproject.org/updates/FEDORA-2012-17019/pcp-3.6.9-1.fc16
19
https://admin.fedoraproject.org/updates/FEDORA-2012-16032/cobbler-2.4.0-b...
7
https://admin.fedoraproject.org/updates/FEDORA-2012-16772/claws-mail-3.8....
1
https://admin.fedoraproject.org/updates/FEDORA-2012-17218/rt3-3.8.15-1.fc16
0
https://admin.fedoraproject.org/updates/FEDORA-2012-17291/thunderbird-16....
4
https://admin.fedoraproject.org/updates/FEDORA-2012-16673/viewvc-1.1.17-1...
0
https://admin.fedoraproject.org/updates/FEDORA-2012-17318/mcrypt-2.6.8-10...
The following Fedora 16 Critical Path updates have yet to be approved:
Age URL
0
https://admin.fedoraproject.org/updates/FEDORA-2012-17403/fuse-2.8.7-2.fc16
0
https://admin.fedoraproject.org/updates/FEDORA-2012-17388/kdelibs-4.8.5-2...
0
https://admin.fedoraproject.org/updates/FEDORA-2012-17291/thunderbird-16....
0
https://admin.fedoraproject.org/updates/FEDORA-2012-17316/xdg-utils-1.1.0...
1
https://admin.fedoraproject.org/updates/FEDORA-2012-17192/qt-4.8.3-7.fc16
4
https://admin.fedoraproject.org/updates/FEDORA-2012-17029/mdadm-3.2.6-1.fc16
7
https://admin.fedoraproject.org/updates/FEDORA-2012-16832/plymouth-0.8.4-...
The following builds have been pushed to Fedora 16 updates-testing
berusky-data-1.5-1.fc16
epson-inkjet-printer-escpr-1.2.2-1.1lsb3.2.fc16
fuse-2.8.7-2.fc16
ibus-typing-booster-0.0.18-1.fc16
kdelibs-4.8.5-2.fc16
krusader-2.4.0-0.8.beta3.fc16
libguestfs-1.16.33-1.fc16
opendkim-2.7.1-1.fc16
pcp-gui-1.5.6-1.fc16
php-pear-1.9.4-5.fc16.1
pyodbc-2.1.11-1.fc16
python-testtools-0.9.21-1.fc16
seamonkey-2.13.2-1.fc16
sha-1.0.4b-1.fc16
xen-4.1.3-3.fc16
Details about builds:
================================================================================
berusky-data-1.5-1.fc16 (FEDORA-2012-17378)
A datafile for Berusky
--------------------------------------------------------------------------------
Update Information:
Datafile for berusky game.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Sep 1 2012 Martin Stransky <stransky(a)redhat.com> 1.5-1
- Update to 1.5
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.4-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
epson-inkjet-printer-escpr-1.2.2-1.1lsb3.2.fc16 (FEDORA-2012-17373)
Drivers for Epson inkjet printers
--------------------------------------------------------------------------------
Update Information:
Support more printers.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.1.1-2.1lsb3.2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #871752 - Upgrade Epson Printer Driver ESC/P-R to 1.2.2
https://bugzilla.redhat.com/show_bug.cgi?id=871752
--------------------------------------------------------------------------------
================================================================================
fuse-2.8.7-2.fc16 (FEDORA-2012-17403)
File System in Userspace (FUSE) utilities
--------------------------------------------------------------------------------
Update Information:
Applied change from fuse upstream which fixes a crash caused by freeing a stack address.
* Ver. 2.8.7
* Ver. 2.8.7
Delete needless udev rule in /etc.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 31 2012 Tom Callaway <spot(a)fedoraproject.org> - 2.8.7-2
- apply upstream fix for crash caused by freeing a stack address (bz870485)
* Thu Apr 19 2012 Peter Lemenkov <lemenkov(a)gmail.com> - 2.8.7-1
- Ver. 2.8.7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #870485 - Please backport upstream patch for missing dereference in free on
error path
https://bugzilla.redhat.com/show_bug.cgi?id=870485
[ 2 ] Bug #784823 - fuse-2.8.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=784823
[ 3 ] Bug #748204 - fuse: please drop needless udev rules file
https://bugzilla.redhat.com/show_bug.cgi?id=748204
--------------------------------------------------------------------------------
================================================================================
ibus-typing-booster-0.0.18-1.fc16 (FEDORA-2012-17401)
The Table engine for IBus platform
--------------------------------------------------------------------------------
Update Information:
Save setup option “Enable suggestions by Tab Key” correctly in dconf
Make enabling the lookup table with the TAB key work correctly.
Make sure the lookup table is hidden if there are no candidates to suggest
858980-.desktop file is added but i-t-b's pref will be enable only after , it has
added support in g-c-c
New Feature, suggestions can be turned on by Tab Key
Fixed bugs #852993,#852994
New Feature, suggestions can be turned on by Tab Key
Fixed bugs #852993,#852994
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 31 2012 Mike FABIAN <mfabian(a)redhat.com> - 0.0.18-1
- Update to 0.0.18 upstream version
- Resolves: #871056
- Save setup option “Enable suggestions by Tab Key” correctly in dconf (Resolves:
#871056)
- Make setup dialog translatable and add German translations
* Wed Oct 24 2012 Mike FABIAN <mfabian(a)redhat.com> - 0.0.16-1
- Update to 0.0.16 upstream version
- Resolves: #869687
- Make enabling the lookup table with the TAB key work correctly
- Simplify code in add_input()
- Make German input typed in NFD work
* Mon Oct 22 2012 Mike FABIAN <mfabian(a)redhat.com> - 0.0.15-1
- Update to 0.0.15 upstream version
- Resolves: #869050
- Make sure the lookup table is hidden if there are no candidates to suggest (#869050)
* Mon Oct 22 2012 Mike FABIAN <mfabian(a)redhat.com> - 0.0.14-1
- Update to 0.0.14 upstream version
- Show an obvious warning when the hunspell dictionary needed is not found
- Show exact matches in the .dic files as suggestions as well
- Do not forget the input method used last when activating a previously used engine
- Make spelling of the value of “symbol” in the .conf files more consistent
- include the file ru_RU.conf
* Thu Oct 18 2012 Mike FABIAN <mfabian(a)redhat.com> - 0.0.13-1
- Update to 0.0.13 upstream version, in 0.0.12 I forgot to
include the file de_DE.conf
* Thu Oct 18 2012 Mike FABIAN <mfabian(a)redhat.com> - 0.0.12-1
- Update to 0.0.12 upstream version, in 0.0.11 I forgot to
include the file keysym2ucs.py
* Thu Oct 18 2012 Mike FABIAN <mfabian(a)redhat.com> - 0.0.11-1
- Upstream has released 0.0.11 version containing the following
improvements:
- Add .conf files for many languages and improve some existing .conf files
- Read other_ime option case insensitively
- Split only at the first = in a line in a .conf file
- Fix the problem that the user defined phrases are lost when switching engines
- use “layout = default” instead of “layout = us” in all .conf files
- Make sure the input of transliterate() is UTF-8 encoded
- Add a keysym2unichr() function and use it to support languages which have non Latin1
input
- Let first letter start with index 1 in autogenerated tabdict
- Use autogenerated tabdict always, not only in m17n mode
- Use special value 'NoIme' to indicate that no input method should be used
- Use contents of lang_chars for the regexp to match words in the dictionaries
- In process_key_event, do not return False when a non-ASCII character has been typed
- Read option valid_input_chars as UTF-8
- Use the encoding option from the .conf file always, not only in m17n mode
- Whether m17n mode is used should depend on the .conf file, not the language
- Use correct encoding to decode the dictionary file
- Some other minor fixes
* Wed Sep 26 2012 Anish Patil <apatil(a)redhat.com> - 0.0.10-1
- Upstream has released new version.
* Thu Sep 13 2012 Anish Patil <apatil(a)redhat.com> - 0.0.9-1
- Upstream has released new version.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #871056 - The setup option “Enable suggestions by Tab Key” in
ibus-typing-booster is never saved
https://bugzilla.redhat.com/show_bug.cgi?id=871056
[ 2 ] Bug #869687 - The feature to enable the display of the suggestions only when
typing TAB doesn’t work correctly
https://bugzilla.redhat.com/show_bug.cgi?id=869687
[ 3 ] Bug #869050 - ibus-typing-booster shows a lookup table even if there are zero
candidates to suggest
https://bugzilla.redhat.com/show_bug.cgi?id=869050
[ 4 ] Bug #857280 - should have Obsoletes and Provides lines for older typing-boosters
https://bugzilla.redhat.com/show_bug.cgi?id=857280
[ 5 ] Bug #858980 - ibus-typing-booster setup is not enabled in gnome-control-center
region, .desktop file is missing
https://bugzilla.redhat.com/show_bug.cgi?id=858980
[ 6 ] Bug #859438 - unable to see suggestions in candidate window
https://bugzilla.redhat.com/show_bug.cgi?id=859438
[ 7 ] Bug #860113 - [ibus-typing-booster] please list hunspell en JM dictionary as GB
(British English)
https://bugzilla.redhat.com/show_bug.cgi?id=860113
[ 8 ] Bug #852993 - ibus-hunspell-table lacks config file for en_GB
https://bugzilla.redhat.com/show_bug.cgi?id=852993
[ 9 ] Bug #852994 - [typo] only one 'n' in Danish
https://bugzilla.redhat.com/show_bug.cgi?id=852994
--------------------------------------------------------------------------------
================================================================================
kdelibs-4.8.5-2.fc16 (FEDORA-2012-17388)
KDE Libraries
--------------------------------------------------------------------------------
Update Information:
- CVE-2012-4515
- Fix crash when trying to reuse a frame with a null part
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 31 2012 Than Ngo <than(a)redhat.com> - 6:4.8.5-2
- Resolves: CVE-2012-4515, CVE-2012-4514
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #865831 - CVE-2012-4515 kdelibs: Use-after-free when context menu being used
whilst the document DOM is being changed from within JavaScript
https://bugzilla.redhat.com/show_bug.cgi?id=865831
[ 2 ] Bug #869681 - CVE-2012-4514 kdelibs (khtml): NULL pointer dereference when trying
to reuse a frame with null part
https://bugzilla.redhat.com/show_bug.cgi?id=869681
--------------------------------------------------------------------------------
================================================================================
krusader-2.4.0-0.8.beta3.fc16 (FEDORA-2012-17203)
An advanced twin-panel (commander-style) file-manager for KDE
--------------------------------------------------------------------------------
Update Information:
An update of Krusader to version 2.4.0-beta3.
Compared to the previously packaged 2.4.0-beta1, the main improvements are:
* Assignable global shortcut to bring Krusader's main window to top
* Go to Other Panel's Directory - shortcut: CTRL+=
* Use Okteta kpart as hex-viewer by default
* Configurable media menu
* Quicker (un)mounting: pressing CTRL+RETURN when media menu is open (un)mounts the
highlighted device
In addition, many bugs were fixed.
See
http://www.krusader.org/release/2.4.0-beta3/changelog/ for a full list of changes.
This package includes an additional fix for a regression in 2.4.0 beta 2 and 3: F3 preview
of video files was crashing (kde#309159).
--------------------------------------------------------------------------------
ChangeLog:
* Tue Oct 30 2012 Kevin Kofler <Kevin(a)tigcc.ticalc.org> - 2.4.0-0.8.beta3
- Fix crash in video file preview on F3 (kde#309159, upstream patch)
* Sun Oct 28 2012 Kevin Kofler <Kevin(a)tigcc.ticalc.org> - 2.4.0-0.7.beta3
- Update to 2.4.0-beta3
* Mon Oct 15 2012 Radek Novacek <rnovacek(a)redhat.com> - 2.4.0-0.6.beta2
- Update to 2.4.0-beta2
- Drop g++ 4.7 patch (upstreamed)
- Add patch for generating manual page
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.4.0-0.5.beta1
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Mon Jan 16 2012 Radek Novacek <rnovacek(a)redhat.com> 2.4.0-0.4.beta1
- Fix build failure with g++ 4.7
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.4.0-0.3.beta1
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Thu Jul 28 2011 Kevin Kofler <Kevin(a)tigcc.ticalc.org> 2.4.0-0.2.beta1
- Run desktop-file-validate
--------------------------------------------------------------------------------
================================================================================
libguestfs-1.16.33-1.fc16 (FEDORA-2012-17404)
Access and modify virtual machine disk images
--------------------------------------------------------------------------------
Update Information:
New upstream stable version 1.16.33.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Oct 30 2012 Richard W.M. Jones <rjones(a)redhat.com> - 1:1.16.33-1
- New upstream stable version 1.16.33.
--------------------------------------------------------------------------------
================================================================================
opendkim-2.7.1-1.fc16 (FEDORA-2012-17384)
A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail
--------------------------------------------------------------------------------
Update Information:
Updating package to match newer upstream 2.7.1 source.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Oct 30 2012 Steve Jenkins <steve stevejenkins com> 2.7.1-1
- Updated to use newer upstream 2.7.1 source code
- Updated to reflect source code move of files from /usr/bin to /usr/sbin
- Removed --enable-stats configure option to avoid additional dependencies
- Added support for strlcat() and strlcopy() previously in libopendkim
- Added new MinimumKeyBits configuration option with default of 1024
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #869994 - opendkim: Add library option DKIM_OPTS_MINKEYBITS allowing one to
specify a minimum number of key bits for acceptable signatures, defaulting to 1024 bits.
https://bugzilla.redhat.com/show_bug.cgi?id=869994
--------------------------------------------------------------------------------
================================================================================
pcp-gui-1.5.6-1.fc16 (FEDORA-2012-17386)
Visualization tools for the Performance Co-Pilot toolkit
--------------------------------------------------------------------------------
Update Information:
Upstream pcp-gui release.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 26 2012 Nathan Scott <nathans(a)redhat.com> - 1.5.6-1
- Update to latest PCP GUI sources.
- Introduces new pcp-gui-testsuite sub-package.
* Fri Jul 20 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.5.5-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
php-pear-1.9.4-5.fc16.1 (FEDORA-2012-17400)
PHP Extension and Application Repository framework
--------------------------------------------------------------------------------
Update Information:
* provides value for %{pear_metadir} = %{pear_phpdir}
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 31 2012 Remi Collet <remi(a)fedoraproject.org> 1:1.9.4-5.1
- provides value for %{pear_metadir}
--------------------------------------------------------------------------------
================================================================================
pyodbc-2.1.11-1.fc16 (FEDORA-2012-17395)
Python DB API 2.0 Module for ODBC
--------------------------------------------------------------------------------
Update Information:
This is an update that fixes several bugs mentioned in release notes, including Unicode
support reworking.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 31 2012 Honza Horak <hhorak(a)redhat.com> - 2.1.11-1
- Updated to 2.1.11 because of Unicode and other fixes
- Re-added missing LICENSE.txt, it is included in 3.0.x again
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.1.5-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.1.5-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #870433 - pyodbc unicode handling broken on 64bit systems
https://bugzilla.redhat.com/show_bug.cgi?id=870433
--------------------------------------------------------------------------------
================================================================================
python-testtools-0.9.21-1.fc16 (FEDORA-2012-17382)
Extensions to the Python unit testing framework
--------------------------------------------------------------------------------
Update Information:
0.9.20:
Three new matchers: MatchesDict, ContainsDict, ContainedByDict
0.9.21:
Correctly expose DirContains, accidentally hidden since 0.9.17
* Better discover support and Python3.x improvements
* Python 3 builds now enabled for Fedora releases
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 27 2012 Michel Alexandre Salim <michel@sojourner> - 0.9.21-1
- Update to 0.9.21
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #870345 - python-testtools-0.9.21 is available
https://bugzilla.redhat.com/show_bug.cgi?id=870345
--------------------------------------------------------------------------------
================================================================================
seamonkey-2.13.2-1.fc16 (FEDORA-2012-17376)
Web browser, e-mail, news, IRC client, HTML editor
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 26 2012 Martin Stransky <stransky(a)redhat.com> 2.13.2-1
- Update to 2.13.2
--------------------------------------------------------------------------------
================================================================================
sha-1.0.4b-1.fc16 (FEDORA-2012-17402)
File hashing utility
--------------------------------------------------------------------------------
Update Information:
sha 1.0.4b.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #859795 - Review Request: sha - File hashing utility
https://bugzilla.redhat.com/show_bug.cgi?id=859795
--------------------------------------------------------------------------------
================================================================================
xen-4.1.3-3.fc16 (FEDORA-2012-17408)
Xen is a virtual machine monitor
--------------------------------------------------------------------------------
Update Information:
limit the size of guest kernels and ramdisks to avoid running out
of memory on dom0 during guest boot [XSA-25,CVE-2012-4544] (#870414)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Oct 30 2012 Michael Young <m.a.young(a)durham.ac.uk> - 4.1.3-3
- limit the size of guest kernels and ramdisks to avoid running out
of memory on dom0 during guest boot [XSA-25, CVE-2012-4544] (#870414)
- remove pygrub.size.limits.patch patch included in new patch
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #870412 - CVE-2012-4544 xen: Xen domain builder Out-of-memory due to malicious
kernel/ramdisk
https://bugzilla.redhat.com/show_bug.cgi?id=870412
--------------------------------------------------------------------------------