The following Fedora 14 Security updates need testing:
https://admin.fedoraproject.org/updates/perl-FCGI-0.74-1.fc14 https://admin.fedoraproject.org/updates/quagga-0.99.20-1.fc14 https://admin.fedoraproject.org/updates/drupal6-views_bulk_operations-1.11-1... https://admin.fedoraproject.org/updates/NetworkManager-0.8.5.92-1.git2011092... https://admin.fedoraproject.org/updates/bcfg2-1.1.3-1.fc14 https://admin.fedoraproject.org/updates/tomcat6-6.0.26-27.fc14 https://admin.fedoraproject.org/updates/kernel-2.6.35.14-97.fc14 https://admin.fedoraproject.org/updates/cyrus-imapd-2.3.17-1.fc14 https://admin.fedoraproject.org/updates/php-5.3.8-3.fc14 https://admin.fedoraproject.org/updates/thunderbird-3.1.15-1.fc14 https://admin.fedoraproject.org/updates/firefox-3.6.23-1.fc14,xulrunner-1.9....
The following Fedora 14 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/livecd-tools-14.5-1.fc14 https://admin.fedoraproject.org/updates/NetworkManager-0.8.5.92-1.git2011092... https://admin.fedoraproject.org/updates/lldpad-0.9.41-4.fc14 https://admin.fedoraproject.org/updates/ModemManager-0.4.998-1.git20110706.f... https://admin.fedoraproject.org/updates/mash-0.5.22-1.fc14 https://admin.fedoraproject.org/updates/policycoreutils-2.0.85-30.3.fc14 https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-8.fc... https://admin.fedoraproject.org/updates/xorg-x11-drv-qxl-0.0.21-3.fc14 https://admin.fedoraproject.org/updates/xorg-x11-drv-nouveau-0.0.16-14.20101... https://admin.fedoraproject.org/updates/libconcord-0.23-5.fc14,udev-161-9.fc...
The following builds have been pushed to Fedora 14 updates-testing
cab-0.1.6-1.fc14 facter-1.6.1-1.fc14 ghc-data-default-0.3.0-1.fc14 ghc-rpm-macros-0.10.60-1.fc14 groonga-1.2.6-1.fc14 libjingle-0.6.0-2.fc14 mfiler3-4.4.3-2.fc14 mozc-1.2.831.102-1.fc14 ncl-6.0.0-2.fc14 olpc-utils-1.3.5-1.fc14 python-asciitable-0.7.1-1.fc14 quagga-0.99.20-1.fc14 saphire-3.5.3-1.fc14 scsi-target-utils-1.0.18-2.fc14
Details about builds:
================================================================================ cab-0.1.6-1.fc14 (FEDORA-2011-13594) Maintenance command for Haskell cabal packages -------------------------------------------------------------------------------- Update Information:
cab is a wrapper over Haskell cabal-install and cabal-dev. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #731972 - Review Request: cab - Haskell Cabal package maintenance program https://bugzilla.redhat.com/show_bug.cgi?id=731972 --------------------------------------------------------------------------------
================================================================================ facter-1.6.1-1.fc14 (FEDORA-2011-13580) Ruby module for collecting simple facts about a host operating system -------------------------------------------------------------------------------- Update Information:
Upstream bugfix release. Refer to the release announcement for full details:
http://groups.google.com/group/puppet-users/browse_thread/thread/d2061ec6263... -------------------------------------------------------------------------------- ChangeLog:
* Thu Sep 29 2011 Todd Zullinger tmz@pobox.com - 1.6.1-1 - Update to 1.6.1 - Minor spec file reformatting --------------------------------------------------------------------------------
================================================================================ ghc-data-default-0.3.0-1.fc14 (FEDORA-2011-13578) Provides a class for types with a default value -------------------------------------------------------------------------------- Update Information:
This package provides a class for types with a default value. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #737228 - Review Request: ghc-data-default - A class for types with a default value https://bugzilla.redhat.com/show_bug.cgi?id=737228 --------------------------------------------------------------------------------
================================================================================ ghc-rpm-macros-0.10.60-1.fc14 (FEDORA-2011-13583) Macros for building packages for GHC -------------------------------------------------------------------------------- Update Information:
Fix versions in obsoletes/provides generated for ghc's devel subpackages. -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 30 2011 Jens Petersen petersen@redhat.com - 0.10.60-1 - fix devel subpackage's prof and doc obsoletes and provides versions for multiple lib packages like ghc (reported by Henrik Nordström) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #742407 - broken obsoletes/provides in ghc-7.0.2-16.4.fc15 https://bugzilla.redhat.com/show_bug.cgi?id=742407 --------------------------------------------------------------------------------
================================================================================ groonga-1.2.6-1.fc14 (FEDORA-2011-13570) An Embeddable Fulltext Search Engine -------------------------------------------------------------------------------- Update Information:
new upstream release new upstream release new upstream release new upstream release new upstream release new upstream release new upstream release -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 30 2011 Daiki Ueno dueno@redhat.com - 1.2.6-1 - build in fedora * Thu Sep 29 2011 Kouhei Sutou kou@clear-code.com - 1.2.6-0 - new upstream release. * Mon Sep 5 2011 Daiki Ueno dueno@redhat.com - 1.2.5-1 - build in fedora * Mon Aug 29 2011 Kouhei Sutou kou@clear-code.com - 1.2.5-0 - new upstream release. * Fri Jul 29 2011 Daiki Ueno dueno@redhat.com - 1.2.4-1 - build in fedora * Fri Jul 29 2011 Kouhei Sutou kou@clear-code.com - 1.2.4-0 - new upstream release. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #742181 - groonga-1.2.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=742181 [ 2 ] Bug #734043 - groonga-1.2.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=734043 --------------------------------------------------------------------------------
================================================================================ libjingle-0.6.0-2.fc14 (FEDORA-2011-13592) GoogleTalk implementation of Jingle -------------------------------------------------------------------------------- Update Information:
Update libjingle to 0.6.0, needed for chromium 14+. -------------------------------------------------------------------------------- ChangeLog:
* Tue Sep 27 2011 Tom Callaway spot@fedoraproject.org - 0.6.0-2 - fix phone bits up - properly bump to 0.6 * Tue Sep 27 2011 Tom Callaway spot@fedoraproject.org - 0.6.0-1 - update to 0.6.0 --------------------------------------------------------------------------------
================================================================================ mfiler3-4.4.3-2.fc14 (FEDORA-2011-13575) Two pane file manager under UNIX console -------------------------------------------------------------------------------- Update Information:
saphire 3.5.3 is released. mfiler3 is rebuilt against this new saphire. -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 30 2011 Mamoru Tasaka mtasaka@fedoraproject.org - 4.4.3-2 - Rebuild against new saphire --------------------------------------------------------------------------------
================================================================================ mozc-1.2.831.102-1.fc14 (FEDORA-2011-13573) Open-sourced Google Japanese Input -------------------------------------------------------------------------------- Update Information:
various bug fixes and enhancements included -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 30 2011 Akira TAGOH tagoh@redhat.com - 1.2.831.102-1 - New upstream release. --------------------------------------------------------------------------------
================================================================================ ncl-6.0.0-2.fc14 (FEDORA-2011-13561) NCAR Command Language and NCAR Graphics -------------------------------------------------------------------------------- Update Information:
- Update to 6.0.0, enable cairo and gdal support. - Use system udunits by linking it into where ncl expects it, drop udunits patch. Fixes bug 742307. -------------------------------------------------------------------------------- ChangeLog:
* Thu Sep 29 2011 - Orion Poplawski orion@cora.nwra.com - 6.0.0-2 - Use system udunits by linking it into where ncl expects it, drop udunits patch. Fixes bug 742307. * Thu Sep 1 2011 - Orion Poplawski orion@cora.nwra.com - 6.0.0-1 - Update to 6.0.0 final * Wed May 18 2011 - Orion Poplawski orion@cora.nwra.com - 6.0.0-0.2.beta - Rebuild for hdf5 1.8.7 * Thu Mar 31 2011 - Orion Poplawski orion@cora.nwra.com - 6.0.0-0.1.beta - Update to 6.0.0-beta - Enable cairo and gdal support -------------------------------------------------------------------------------- References:
[ 1 ] Bug #742307 - Segmentation fault https://bugzilla.redhat.com/show_bug.cgi?id=742307 --------------------------------------------------------------------------------
================================================================================ olpc-utils-1.3.5-1.fc14 (FEDORA-2011-13568) OLPC utilities -------------------------------------------------------------------------------- Update Information:
Enable hwcursor and rotation on XO-1.75. Fix creation of lockdev/screen directories. Disable XO-1.75 renderaccel to avoid hangs. Disable tap-to-click and pad scrolling on sentelic driver. Create runtime directories for screen and lockdev. -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 30 2011 Daniel Drake dsd@laptop.org - 1.3.5-1 - Enable XO-1.75 hardware cursor and screen rotation - Fix permissions on screen/lockdev runtime directories * Sun Sep 25 2011 Daniel Drake dsd@laptop.org - 1.3.4-1 - Disable XO-1.75 renderaccel to avoid hangs - Disable tap-to-click and pad scrolling on sentelic driver - Create runtime directories for screen and lockdev --------------------------------------------------------------------------------
================================================================================ python-asciitable-0.7.1-1.fc14 (FEDORA-2011-13595) Extensible ASCII table reader and writer -------------------------------------------------------------------------------- Update Information:
This is a minor feature and bug-fix release
- Add a method inconsistent_handler() to the BaseReader class as a hook to handle rows with an inconsistent number of data columns (contributed by Erik Tollerud). - Output a more informative error message when guessing fails. - Fix issues in column type handling, mostly related to the MemoryReader class which is used for writing tables. - Fix a problem in guessing where user-supplied args were not filtering the guess possibilities correctly. - Fix problem reading a single column, string-only table with MemoryReader on MacOS.
-------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 30 2011 Sergio Pascual sergiopr@fedoraproject.org - 0.7.1-1 - New upstream version, with bugfixes --------------------------------------------------------------------------------
================================================================================ quagga-0.99.20-1.fc14 (FEDORA-2011-13499) Routing daemon -------------------------------------------------------------------------------- Update Information:
fixes CVE-2011-332{3..7} update to latest upstream 0.99.20 -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 30 2011 Jiri Skala jskala@redhat.com - 0.99.20-1 - updated to latest upstream version 0.99.20 - fixes #741343 - CVE-2011-3325 corrected fix * Thu Sep 29 2011 Jiri Skala jskala@redhat.com - 0.99.19-1 - fixes #741343 - CVE-2011-3323 CVE-2011-3324 CVE-2011-3325 CVE-2011-3326 CVE-2011-3327 - fixes #741580 - updated to latest upstream version 0.99.19 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #738393 - CVE-2011-3323 Quagga (ospf6d): Stack-based buffer overflow while decoding Link State Update packet with malformed Inter Area Prefix LSA https://bugzilla.redhat.com/show_bug.cgi?id=738393 [ 2 ] Bug #738394 - CVE-2011-3324 Quagga (ospf6d): Denial of service by decoding malformed Database Description packet headers https://bugzilla.redhat.com/show_bug.cgi?id=738394 [ 3 ] Bug #738396 - CVE-2011-3325 Quagga (ospfd): Denial of service by decoding too short Hello packet or Hello packet with invalid OSPFv2 header type https://bugzilla.redhat.com/show_bug.cgi?id=738396 [ 4 ] Bug #738398 - CVE-2011-3326 Quagga (ospfd): Denial of service by decoding Link State Update LSAs of unknown type https://bugzilla.redhat.com/show_bug.cgi?id=738398 [ 5 ] Bug #738400 - CVE-2011-3327 Quagga (bgpd): Heap-based buffer overflow by decoding BGP UPDATE message with unknown AS_PATH attributes https://bugzilla.redhat.com/show_bug.cgi?id=738400 --------------------------------------------------------------------------------
================================================================================ saphire-3.5.3-1.fc14 (FEDORA-2011-13575) Yet another shell -------------------------------------------------------------------------------- Update Information:
saphire 3.5.3 is released. mfiler3 is rebuilt against this new saphire. -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 30 2011 Mamoru Tasaka mtasaka@fedoraproject.org - 3.5.3-1 - 3.5.3 * Fri Sep 9 2011 Mamoru Tasaka mtasaka@fedoraproject.org - 3.5.1-1 - 3.5.1 --------------------------------------------------------------------------------
================================================================================ scsi-target-utils-1.0.18-2.fc14 (FEDORA-2011-13566) The SCSI target daemon and utility programs -------------------------------------------------------------------------------- Update Information:
Fixes crash on stop. -------------------------------------------------------------------------------- ChangeLog:
* Thu Sep 29 2011 Andy Grover agrover@redhat.com - 1.0.18-2 - Add patch * scsi-target-utils-fix-segfault-on-exit.patch -------------------------------------------------------------------------------- References:
[ 1 ] Bug #712807 - [abrt] scsi-target-utils-1.0.14-2.el6: __list_del: Process /usr/sbin/tgtd was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=712807 --------------------------------------------------------------------------------