The following Fedora 16 Security updates need testing: Age URL 0 https://admin.fedoraproject.org/updates/FEDORA-2012-16421/drupal7-7.16-1.fc1... 102 https://admin.fedoraproject.org/updates/FEDORA-2012-10402/bcfg2-1.2.3-1.fc16 26 https://admin.fedoraproject.org/updates/FEDORA-2012-14452/bacula-5.0.3-33.fc... 0 https://admin.fedoraproject.org/updates/FEDORA-2012-16415/389-ds-base-1.2.10... 0 https://admin.fedoraproject.org/updates/FEDORA-2012-16417/Django-1.3.4-1.fc1... 74 https://admin.fedoraproject.org/updates/FEDORA-2012-11526/dokuwiki-0-0.11.20... 8 https://admin.fedoraproject.org/updates/FEDORA-2012-15725/phpMyAdmin-3.5.3-1... 7 https://admin.fedoraproject.org/updates/FEDORA-2012-15844/drupal7-feeds-2.0-... 104 https://admin.fedoraproject.org/updates/FEDORA-2012-10314/revelation-0.4.14-... 1 https://admin.fedoraproject.org/updates/FEDORA-2012-15877/seamonkey-2.13.1-1... 24 https://admin.fedoraproject.org/updates/FEDORA-2012-14654/tor-0.2.2.39-1600.... 31 https://admin.fedoraproject.org/updates/FEDORA-2012-14126/dbus-1.4.10-4.fc16 6 https://admin.fedoraproject.org/updates/FEDORA-2012-15981/dhcp-4.2.4-4.P2.fc... 23 https://admin.fedoraproject.org/updates/FEDORA-2012-14707/openjpeg-1.4-14.fc... 5 https://admin.fedoraproject.org/updates/FEDORA-2012-16056/haproxy-1.4.22-1.f... 5 https://admin.fedoraproject.org/updates/FEDORA-2012-16028/mapserver-6.0.3-4.... 5 https://admin.fedoraproject.org/updates/FEDORA-2012-16032/cobbler-2.4.0-beta... 5 https://admin.fedoraproject.org/updates/FEDORA-2012-16055/thunderbird-16.0.1... 29 https://admin.fedoraproject.org/updates/FEDORA-2012-14322/pcp-3.6.8-1.fc16
The following Fedora 16 Critical Path updates have yet to be approved: Age URL 0 https://admin.fedoraproject.org/updates/FEDORA-2012-16338/kernel-3.6.2-1.fc1... 1 https://admin.fedoraproject.org/updates/FEDORA-2012-16249/thunderbird-lightn... 1 https://admin.fedoraproject.org/updates/FEDORA-2012-16243/xulrunner-16.0.1-2... 1 https://admin.fedoraproject.org/updates/FEDORA-2012-16252/curl-7.21.7-8.fc16 1 https://admin.fedoraproject.org/updates/FEDORA-2012-16251/perl-5.14.3-202.fc... 4 https://admin.fedoraproject.org/updates/FEDORA-2012-16099/kde-settings-4.7-1... 5 https://admin.fedoraproject.org/updates/FEDORA-2012-16055/thunderbird-16.0.1... 11 https://admin.fedoraproject.org/updates/FEDORA-2012-15556/nss-util-3.13.6-1.... 12 https://admin.fedoraproject.org/updates/FEDORA-2012-15485/mdadm-3.2.5-10.fc1... The following builds have been pushed to Fedora 16 updates-testing
389-ds-base-1.2.10.16-1.fc16 Django-1.3.4-1.fc16 ScrollZ-2.2.2-2.fc16 dojo-1.8.1-1.fc16 drupal7-7.16-1.fc16 ecryptfs-utils-100-3.fc16 maniadrive-1.2-32.fc16.10 ninja-ide-2.1.1-4.fc16 perl-DateTime-0.77-1.fc16 perl-DateTime-TimeZone-1.51-1.fc16 php-5.3.18-1.fc16 php-eaccelerator-0.9.6.1-9.fc16.10 spandsp-0.0.6-0.8.pre21.fc16
Details about builds:
================================================================================ 389-ds-base-1.2.10.16-1.fc16 (FEDORA-2012-16415) 389 Directory Server (base) -------------------------------------------------------------------------------- Update Information:
Here is where you give an explanation of your update. cleanallruv support - Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in ACL (ACL rules bypass possible) -------------------------------------------------------------------------------- ChangeLog:
* Thu Oct 18 2012 Mark Reynolds mreynolds@redhat.com - 1.2.10.16-1 - 569c2d3 bump version to 1.2.10.16 - Ticket 403 - CLEANALLRUV - minor fixes and add support for replica-force-cleaning * Tue Oct 16 2012 Rich Megginson rmeggins@redhat.com - 1.2.10.15-1 - Trac Ticket #340 - Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in acl - Ticket #491 - multimaster_extop_cleanruv returns wrong error codes - 7bbaf35 COVERITY FIXES in replica_execute_cleanall_ruv_task - 1f356fa CLEANALLRUV - remove calls to agmt_get_enabled because this feature is not in 1.2.10 - Ticket 477 - CLEANALLRUV if there are only winsync agmts task will hang - Ticket 467 - CLEANALLRUV abort task should be able to ignore down replicas - Ticket 450 - CLEANALLRUV task gets stuck on winsync replication agreement - 8545947 CLEANALLRUV coverity fixes - Ticket 403 - fix CLEANALLRUV regression from last commit - Ticket 403 - CLEANALLRUV revisions - Ticket 403 - cleanallruv coverity fixes - Ticket 403 - CLEANALLRUV feature - 4753f97 Update the slapi-plugin documentation on new slapi functions, and added a slapi function for checking on shutdowns - b3f5a71 Coverity Fix - Ticket 368 - Make the cleanAllRUV task one step - Ticket #337 - Improve CLEANRUV task - Ticket #353 - coverity 12625-12629 - leaks, dead code, unchecked return - Ticket #337 - RFE - Improve CLEANRUV functionality -------------------------------------------------------------------------------- References:
[ 1 ] Bug #860608 - CVE-2012-4450 389-ds-base: Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in ACL (ACL rules bypass possible) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=860608 --------------------------------------------------------------------------------
================================================================================ Django-1.3.4-1.fc16 (FEDORA-2012-16417) A high-level Python Web framework -------------------------------------------------------------------------------- Update Information:
Security releases issued - Host header poisoning -------------------------------------------------------------------------------- ChangeLog:
* Thu Oct 18 2012 Matthias Runge mrunge@matthias-runge.de - 1.3.4-1 - security update to upstream version 1.3.4 https://www.djangoproject.com/weblog/2012/oct/17/security/ -------------------------------------------------------------------------------- References:
[ 1 ] Bug #865164 - CVE-2012-4520 Django: Host header poisoning vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=865164 --------------------------------------------------------------------------------
================================================================================ ScrollZ-2.2.2-2.fc16 (FEDORA-2012-16423) Advanced IRC client based on ircII code -------------------------------------------------------------------------------- Update Information:
ScrollZ IRC client -------------------------------------------------------------------------------- References:
[ 1 ] Bug #867334 - Review Request: ScrollZ - ScrollZ IRC client https://bugzilla.redhat.com/show_bug.cgi?id=867334 --------------------------------------------------------------------------------
================================================================================ dojo-1.8.1-1.fc16 (FEDORA-2012-16419) Modular JavaScript toolkit -------------------------------------------------------------------------------- Update Information:
Update to latest upstream Update to Version 1.8.0 -------------------------------------------------------------------------------- ChangeLog:
* Wed Oct 17 2012 Felix Kaechele heffer@fedoraproject.org - 1.8.1-1 - update to latest upstream --------------------------------------------------------------------------------
================================================================================ drupal7-7.16-1.fc16 (FEDORA-2012-16421) An open-source content-management platform -------------------------------------------------------------------------------- Update Information:
Fixes SA-CORE-2012-003 - Drupal core - Arbitrary PHP code execution and Information disclosure - http://drupal.org/node/1815904 -------------------------------------------------------------------------------- ChangeLog:
* Tue Oct 16 2012 Orion Poplawski orion@cora.nwra.com - 7.16-1 - New upstream - SA-CORE-2012-003 security update --------------------------------------------------------------------------------
================================================================================ ecryptfs-utils-100-3.fc16 (FEDORA-2012-16437) The eCryptfs mount helper and support libraries -------------------------------------------------------------------------------- Update Information:
- fix typo in restorecon path -------------------------------------------------------------------------------- ChangeLog:
* Thu Oct 18 2012 Michal Hlavinka mhlavink@redhat.com - 100-3 - fix typo in restorecon path (#865839) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #865839 - typo iin ecryptfs-migrate-home https://bugzilla.redhat.com/show_bug.cgi?id=865839 --------------------------------------------------------------------------------
================================================================================ maniadrive-1.2-32.fc16.10 (FEDORA-2012-16427) 3D stunt driving game -------------------------------------------------------------------------------- Update Information:
Upstream Chagelog:
Core: * Fixed bug #63111 (is_callable() lies for abstract static method). (Dmitry) * Fixed bug #63093 (Segfault while load extension failed in zts-build). (Laruence) * Fixed bug #62976 (Notice: could not be converted to int when comparing some builtin classes). (Laruence) * Fixed bug #61767 (Shutdown functions not called in certain error situation). (Dmitry) * Fixed bug #61442 (exception threw in __autoload can not be catched). (Laruence) * Fixed bug #60909 (custom error handler throwing Exception + fatal error = no shutdown function). (Dmitry)
cURL: * Fixed bug #62085 (file_get_contents a remote file by Curl wrapper will cause cpu Soaring). (Pierrick)
FPM: * Fixed bug #62954 (startup problems fpm / php-fpm). (fat) * Fixed bug #62886 (PHP-FPM may segfault/hang on startup). (fat) * Fixed bug #63085 (Systemd integration and daemonize). (remi, fat) * Fixed bug #62947 (Unneccesary warnings on FPM). (fat) * Fixed bug #62887 (Only /status?plain&full gives "last request cpu"). (fat) * Fixed bug #62216 (Add PID to php-fpm init.d script). (fat)
Intl: * Fix bug #62915 (defective cloning in several intl classes). (Gustavo)
SOAP * Fixed bug #50997 (SOAP Error when trying to submit 2nd Element of a choice). (Dmitry)
SPL: * Bug #62987 (Assigning to ArrayObject[null][something] overrides all undefined variables). (Laruence)
-------------------------------------------------------------------------------- ChangeLog:
* Thu Oct 18 2012 Remi Collet remi@fedoraproject.org - 1.2-32.10 - rebuild against PHP 5.3.18 --------------------------------------------------------------------------------
================================================================================ ninja-ide-2.1.1-4.fc16 (FEDORA-2012-16418) Ninja IDE for Python development -------------------------------------------------------------------------------- Update Information:
added missing dependency Ninja IDE for Python development -------------------------------------------------------------------------------- References:
[ 1 ] Bug #863983 - Review Request: ninja-ide - Ninja IDE for Python development https://bugzilla.redhat.com/show_bug.cgi?id=863983 --------------------------------------------------------------------------------
================================================================================ perl-DateTime-0.77-1.fc16 (FEDORA-2012-16411) Date and time object -------------------------------------------------------------------------------- Update Information:
Various fixes and leap second on 2012-06-30 added. -------------------------------------------------------------------------------- ChangeLog:
* Thu Oct 18 2012 Petr Pisar ppisar@redhat.com - 2:0.77-1 - 0.77 bump -------------------------------------------------------------------------------- References:
[ 1 ] Bug #838120 - perl-DateTime is too old https://bugzilla.redhat.com/show_bug.cgi?id=838120 --------------------------------------------------------------------------------
================================================================================ perl-DateTime-TimeZone-1.51-1.fc16 (FEDORA-2012-16420) Time zone object base class and factory -------------------------------------------------------------------------------- Update Information:
Update to Olson 2012g database. -------------------------------------------------------------------------------- ChangeLog:
* Thu Oct 18 2012 Petr Pisar ppisar@redhat.com - 1.51-1 - update to latest upstream version - Olson 2012g -------------------------------------------------------------------------------- References:
[ 1 ] Bug #857845 - perl-DateTime-TimeZone-1.51 is available https://bugzilla.redhat.com/show_bug.cgi?id=857845 --------------------------------------------------------------------------------
================================================================================ php-5.3.18-1.fc16 (FEDORA-2012-16427) PHP scripting language for creating dynamic web sites -------------------------------------------------------------------------------- Update Information:
Upstream Chagelog:
Core: * Fixed bug #63111 (is_callable() lies for abstract static method). (Dmitry) * Fixed bug #63093 (Segfault while load extension failed in zts-build). (Laruence) * Fixed bug #62976 (Notice: could not be converted to int when comparing some builtin classes). (Laruence) * Fixed bug #61767 (Shutdown functions not called in certain error situation). (Dmitry) * Fixed bug #61442 (exception threw in __autoload can not be catched). (Laruence) * Fixed bug #60909 (custom error handler throwing Exception + fatal error = no shutdown function). (Dmitry)
cURL: * Fixed bug #62085 (file_get_contents a remote file by Curl wrapper will cause cpu Soaring). (Pierrick)
FPM: * Fixed bug #62954 (startup problems fpm / php-fpm). (fat) * Fixed bug #62886 (PHP-FPM may segfault/hang on startup). (fat) * Fixed bug #63085 (Systemd integration and daemonize). (remi, fat) * Fixed bug #62947 (Unneccesary warnings on FPM). (fat) * Fixed bug #62887 (Only /status?plain&full gives "last request cpu"). (fat) * Fixed bug #62216 (Add PID to php-fpm init.d script). (fat)
Intl: * Fix bug #62915 (defective cloning in several intl classes). (Gustavo)
SOAP * Fixed bug #50997 (SOAP Error when trying to submit 2nd Element of a choice). (Dmitry)
SPL: * Bug #62987 (Assigning to ArrayObject[null][something] overrides all undefined variables). (Laruence)
-------------------------------------------------------------------------------- ChangeLog:
* Thu Oct 18 2012 Remi Collet remi@fedoraproject.org 5.3.18-1 - update to 5.3.18 - provides php-phar --------------------------------------------------------------------------------
================================================================================ php-eaccelerator-0.9.6.1-9.fc16.10 (FEDORA-2012-16427) PHP accelerator, optimizer, encoder and dynamic content cacher -------------------------------------------------------------------------------- Update Information:
Upstream Chagelog:
Core: * Fixed bug #63111 (is_callable() lies for abstract static method). (Dmitry) * Fixed bug #63093 (Segfault while load extension failed in zts-build). (Laruence) * Fixed bug #62976 (Notice: could not be converted to int when comparing some builtin classes). (Laruence) * Fixed bug #61767 (Shutdown functions not called in certain error situation). (Dmitry) * Fixed bug #61442 (exception threw in __autoload can not be catched). (Laruence) * Fixed bug #60909 (custom error handler throwing Exception + fatal error = no shutdown function). (Dmitry)
cURL: * Fixed bug #62085 (file_get_contents a remote file by Curl wrapper will cause cpu Soaring). (Pierrick)
FPM: * Fixed bug #62954 (startup problems fpm / php-fpm). (fat) * Fixed bug #62886 (PHP-FPM may segfault/hang on startup). (fat) * Fixed bug #63085 (Systemd integration and daemonize). (remi, fat) * Fixed bug #62947 (Unneccesary warnings on FPM). (fat) * Fixed bug #62887 (Only /status?plain&full gives "last request cpu"). (fat) * Fixed bug #62216 (Add PID to php-fpm init.d script). (fat)
Intl: * Fix bug #62915 (defective cloning in several intl classes). (Gustavo)
SOAP * Fixed bug #50997 (SOAP Error when trying to submit 2nd Element of a choice). (Dmitry)
SPL: * Bug #62987 (Assigning to ArrayObject[null][something] overrides all undefined variables). (Laruence)
-------------------------------------------------------------------------------- ChangeLog:
* Thu Oct 18 2012 Remi Collet remi@fedoraproject.org - 1:0.9.6.1-9.10 - rebuild against PHP 5.3.18 --------------------------------------------------------------------------------
================================================================================ spandsp-0.0.6-0.8.pre21.fc16 (FEDORA-2012-16416) A DSP library for telephony -------------------------------------------------------------------------------- Update Information:
Update to 0.0.6pre21 -------------------------------------------------------------------------------- ChangeLog:
* Thu Oct 18 2012 Jeffrey Ollie jeff@ocjtech.us - 0.0.6-0.8.pre21 - Update to 0.0.6pre21 * Sat Jul 21 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.0.6-0.7.pre18 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sat Jan 14 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.0.6-0.6.pre18 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #866127 - SpanDSP is over 3 years old - Update request https://bugzilla.redhat.com/show_bug.cgi?id=866127 --------------------------------------------------------------------------------