The following Fedora 15 Security updates need testing:
https://admin.fedoraproject.org/updates/FEDORA-2011-15560/nss-3.12.10-7.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-16284/krb5-1.9.2-4.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-17119/icu-4.4.2-9.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-17247/glibc-2.14.1-4
https://admin.fedoraproject.org/updates/FEDORA-2011-16893/freeipa-2.1.4-1...
https://admin.fedoraproject.org/updates/FEDORA-2011-17233/tor-0.2.1.32-15...
https://admin.fedoraproject.org/updates/FEDORA-2011-16955/jasper-1.900.1-...
https://admin.fedoraproject.org/updates/FEDORA-2011-16976/dhcp-4.2.1-14.P...
https://admin.fedoraproject.org/updates/FEDORA-2011-16980/asterisk-1.8.7....
https://admin.fedoraproject.org/updates/FEDORA-2011-17071/ipmitool-1.8.11...
The following Fedora 15 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/FEDORA-2011-17247/glibc-2.14.1-4
https://admin.fedoraproject.org/updates/FEDORA-2011-17214/libical-0.48-1....
https://admin.fedoraproject.org/updates/FEDORA-2011-17171/mcpp-2.7.2-6.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-17145/xorg-x11-server...
https://admin.fedoraproject.org/updates/FEDORA-2011-17195/kernel-2.6.41.5...
https://admin.fedoraproject.org/updates/FEDORA-2011-17116/perl-5.12.4-164...
https://admin.fedoraproject.org/updates/FEDORA-2011-17089/selinux-policy-...
https://admin.fedoraproject.org/updates/FEDORA-2011-17054/xorg-x11-drv-in...
https://admin.fedoraproject.org/updates/FEDORA-2011-17034/polkit-kde-0.99...
https://admin.fedoraproject.org/updates/FEDORA-2011-17007/polkit-qt-0.103...
https://admin.fedoraproject.org/updates/FEDORA-2011-16959/flac-1.2.1-8.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-16967/xfce-utils-4.8....
https://admin.fedoraproject.org/updates/FEDORA-2011-16976/dhcp-4.2.1-14.P...
https://admin.fedoraproject.org/updates/FEDORA-2011-16955/jasper-1.900.1-...
https://admin.fedoraproject.org/updates/FEDORA-2011-16923/mesa-7.11.2-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-16858/phonon-4.5.1-2....
https://admin.fedoraproject.org/updates/FEDORA-2011-16872/xdg-utils-1.1.0...
https://admin.fedoraproject.org/updates/FEDORA-2011-16890/procmail-3.22-2...
https://admin.fedoraproject.org/updates/FEDORA-2011-16284/krb5-1.9.2-4.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-13190/phonon-backend-...
https://admin.fedoraproject.org/updates/FEDORA-2011-11955/evolution-mapi-...
The following builds have been pushed to Fedora 15 updates-testing
3Depict-0.0.9-1.fc15
chntpw-0.99.6-17.110511.fc15
cxxtest-3.10.1-5.fc15
dvisvgm-1.0.10-1.fc15
eigen3-3.0.4-1.fc15
gccxml-0.9.0-0.7.20111218.fc15
glibc-2.14.1-4
gxneur-0.15.0-2.fc15
kchmviewer-6.0-1.fc15
libphidget-2.1.8.20111121-1.fc15
mediatomb-0.12.1-14.fc15
octave-communications-1.1.0-2.fc15
rubygem-dnsruby-1.53-1.fc15
tor-0.2.1.32-1500.fc15
vmpk-0.4.0-4.fc15
xneur-0.15.0-2.fc15
Details about builds:
================================================================================
3Depict-0.0.9-1.fc15 (FEDORA-2011-17249)
Valued 3D point cloud visualization and analysis
--------------------------------------------------------------------------------
Update Information:
New upstream version
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 6 2011 Adam Jackson <mycae(a!t)yahoo.com> - 0.0.9-1
- Rebuild for new libpng
* Tue Dec 6 2011 Adam Jackson <ajax(a)redhat.com> - 0.0.8-3
- Rebuild for new libpng
--------------------------------------------------------------------------------
================================================================================
chntpw-0.99.6-17.110511.fc15 (FEDORA-2011-17226)
Change passwords in Windows SAM files
--------------------------------------------------------------------------------
Update Information:
Fixes a bug that apparently causes password reset to not work.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 18 2011 Conrad Meyer <konrad(a)tylerc.org> - 0.99.6-17.110511
- Fix 'robustness' patch (#755622)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #755622 - password reset mode of chntpw does nothing
https://bugzilla.redhat.com/show_bug.cgi?id=755622
--------------------------------------------------------------------------------
================================================================================
cxxtest-3.10.1-5.fc15 (FEDORA-2011-17237)
A JUnit-like testing framework for C++
--------------------------------------------------------------------------------
Update Information:
This update fixes the handling of invalid command-line arguments.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 19 2011 Martin Gieseking <martin.gieseking(a)uos.de> - 3.10.1-5
- Fixed
https://bugzilla.redhat.com/show_bug.cgi?id=768869
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #768869 - [abrt] cxxtest-3.10.1-4.fc15: cxxtestgen:73:abort:TypeError:
expected a character buffer object
https://bugzilla.redhat.com/show_bug.cgi?id=768869
--------------------------------------------------------------------------------
================================================================================
dvisvgm-1.0.10-1.fc15 (FEDORA-2011-17258)
DVI to SVG converter
--------------------------------------------------------------------------------
Update Information:
This is a small maintenance release with the following changes:
* The new environment variable DVISVGM_COLORS allows user-defined message colors.
* The ID format used to reference glyphs and paths has been updated in order to avoid
potential ID collisions.
For further information see
http://dvisvgm.sourceforge.net
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 19 2011 Martin Gieseking <martin.gieseking(a)uos.de> - 1.0.10-1
- updated to upstream release 1.0.10
--------------------------------------------------------------------------------
================================================================================
eigen3-3.0.4-1.fc15 (FEDORA-2011-17242)
A lightweight C++ template library for vector and matrix math
--------------------------------------------------------------------------------
Update Information:
This update contains the Eigen 3.0.4 release. A full changelog can be found at
http://eigen.tuxfamily.org/index.php?title=ChangeLog#Eigen_3.0.4
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 18 2011 Rich Mattes <richmattes(a)gmail.com> - 3.0.4-1
- Update to release 3.0.4
--------------------------------------------------------------------------------
================================================================================
gccxml-0.9.0-0.7.20111218.fc15 (FEDORA-2011-17243)
XML output extension to GCC
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream version.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 19 2011 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 0.9.0-0.7.20111218
- Updated cvs snapshot
--------------------------------------------------------------------------------
================================================================================
glibc-2.14.1-4 (FEDORA-2011-17247)
The GNU libc libraries
--------------------------------------------------------------------------------
Update Information:
* Mon Dec 19 2011 Jeff Law <law(a)redhat.com> - 2.14.1-4
- Check values from TZ file header (#767696)
* Fri Oct 28 2011 Andreas Schwab <schwab(a)redhat.com> - 2.14.1-2
- Convert tzdata-update to lua (#743034)
- Mark __clone as .cantunwind (#749556)
* Fri Oct 07 2011 Andreas Schwab <schwab(a)redhat.com> - 2.14.1-1
- Update to 2.14.1 release
- Correctly reparse group line after enlarging the buffer (#739360)
- Avoid race between {,__de}allocate_stack and __reclaim_stacks during fork
Update to 2.14.1 release
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 19 2011 Jeff Law <law(a)redhat.com> - 2.14.1-4
- Check values from TZ file header (#767696)
* Fri Oct 28 2011 Andreas Schwab <schwab(a)redhat.com> - 2.14.1-2
- Convert tzdata-update to lua (#743034)
- Mark __clone as .cantunwind (#749556)
* Fri Oct 7 2011 Andreas Schwab <schwab(a)redhat.com> - 2.14.1-1
- Update to 2.14.1 release
- Correctly reparse group line after enlarging the buffer (#739360)
- Avoid race between {,__de}allocate_stack and __reclaim_stacks during fork
* Thu Sep 8 2011 Andreas Schwab <schwab(a)redhat.com> - 2.14-7
- Update from 2.14 branch
- Fix cfi directive in audit trampoline code
- Correct cycle detection during dependency sorting (BZ#11724)
- Fix fopen (non-existing-file, "re") errno (BZ#13114)
- Fix CFI info in x86-64 trampolines
* Mon Aug 15 2011 Andreas Schwab <schwab(a)redhat.com> - 2.14-6
- Update from 2.14 branch
- Locale-independent parsing in libintl (#726536)
- Fix stack alignment on x86_64 (#728762)
- Filter out GLIBC_PRIVATE symbols again
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #761245 - CVE-2009-5029 glibc: __tzfile_read integer overflow to buffer
overflow
https://bugzilla.redhat.com/show_bug.cgi?id=761245
--------------------------------------------------------------------------------
================================================================================
gxneur-0.15.0-2.fc15 (FEDORA-2011-17251)
GTK front-end for X Neural Switcher (xneur)
--------------------------------------------------------------------------------
Update Information:
Update to new version 0.15.0
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 18 2011 Pavel Alexeev <Pahan(a)Hubbitus.info> - 0.15.0-2
- Revert back hack to do not stop build on deprecated warning.
* Sun Dec 18 2011 Pavel Alexeev <Pahan(a)Hubbitus.info> - 0.15.0-1
- Update to 0.15.0 version
* Tue Dec 6 2011 Adam Jackson <ajax(a)redhat.com> - 0.13.0-2
- Rebuild for new libpng
--------------------------------------------------------------------------------
================================================================================
kchmviewer-6.0-1.fc15 (FEDORA-2011-17250)
CHM viewer
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 19 2011 Robin Lee <cheeselee(a)fedoraproject.org> - 6.0-1
- Update to 6.0
- Remove Requires kio_msits and kchmviewer-5.1-no_msits.patch
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #768900 - kchmviewer-6.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=768900
--------------------------------------------------------------------------------
================================================================================
libphidget-2.1.8.20111121-1.fc15 (FEDORA-2011-17239)
Drivers and API for Phidget devices
--------------------------------------------------------------------------------
Update Information:
This package updates libphidget to the latest upstream release.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 18 2011 Rich Mattes <richmattes(a)gmail.com> - 2.1.8-20111121-1
- Update to 2.1.8-20111121
--------------------------------------------------------------------------------
================================================================================
mediatomb-0.12.1-14.fc15 (FEDORA-2011-15394)
MediaTomb - UPnP AV Mediaserver for Linux
--------------------------------------------------------------------------------
Update Information:
This update fixes bug 747023 and restores youtube support. It also adds support for cover
art in FLAC files, via libflac.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 6 2011 Rich Mattes <richmattes(a)gmail.com> - 0.12.1-14
- Added call to autoreconf to enable flac support
* Tue Oct 18 2011 Rich Mattes <richmattes(a)gmail.com> - 0.12.1-13
- Fix youtube support (RHBZ#747023)
- Enable FLAC cover art via libFLAC
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #747023 - YouTube support broken in Mediatomb
https://bugzilla.redhat.com/show_bug.cgi?id=747023
--------------------------------------------------------------------------------
================================================================================
octave-communications-1.1.0-2.fc15 (FEDORA-2011-17259)
Communications for Octave
--------------------------------------------------------------------------------
Update Information:
New Package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #710904 - Review Request: octave-communications - Communications for Octave
https://bugzilla.redhat.com/show_bug.cgi?id=710904
--------------------------------------------------------------------------------
================================================================================
rubygem-dnsruby-1.53-1.fc15 (FEDORA-2011-17228)
Ruby DNS(SEC) implementation
--------------------------------------------------------------------------------
Update Information:
Updated to 1.53
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 18 2011 Paul Wouters <paul(a)xelerance.com> - 1.53-1
- Updated to 1.53
--------------------------------------------------------------------------------
================================================================================
tor-0.2.1.32-1500.fc15 (FEDORA-2011-17233)
Anonymizing overlay network for TCP (The onion router)
--------------------------------------------------------------------------------
Update Information:
.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 17 2011 Enrico Scholz <enrico.scholz(a)informatik.tu-chemnitz.de> -
0.2.1.32-1500
- updated to 0.2.1.32 (security)
- CVE-2011-2778: Tor heap-based buffer overflow
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #768526 - CVE-2011-2778 Tor heap-based buffer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=768526
--------------------------------------------------------------------------------
================================================================================
vmpk-0.4.0-4.fc15 (FEDORA-2011-17231)
Virtual MIDI Piano Keyboard
--------------------------------------------------------------------------------
Update Information:
VMPK is a MIDI event generator/receiver. It doesn't produce any sound by
itself, but can be used to drive a MIDI synthesizer (either hardware or
software, internal or external). You can use the computer's keyboard to play
MIDI notes, and also the mouse. You can use the Virtual MIDI Piano Keyboard to
display the played MIDI notes from another instrument or MIDI file player.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #710917 - Review Request: vmpk - Virtual MIDI Piano Keyboard
https://bugzilla.redhat.com/show_bug.cgi?id=710917
--------------------------------------------------------------------------------
================================================================================
xneur-0.15.0-2.fc15 (FEDORA-2011-17251)
X Neural Switcher
--------------------------------------------------------------------------------
Update Information:
Update to new version 0.15.0
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 18 2011 Pavel Alexeev <Pahan(a)Hubbitus.info> - 0.15.0-2
- Disable xosd support for Fedora > 16 as it orphaned now.
* Sun Dec 18 2011 Pavel Alexeev <Pahan(a)Hubbitus.info> - 0.15.0-1
- Update to 0.15.0 version
* Tue Dec 6 2011 Adam Jackson <ajax(a)redhat.com> - 0.13.0-2
- Rebuild for new libpng
--------------------------------------------------------------------------------