The following Fedora 15 Security updates need testing:
https://admin.fedoraproject.org/updates/perl-FCGI-0.74-1.fc15
https://admin.fedoraproject.org/updates/thunderbird-lightning-1.0-0.50.b7...
https://admin.fedoraproject.org/updates/tomcat6-6.0.32-8.fc15
https://admin.fedoraproject.org/updates/quagga-0.99.20-1.fc15
https://admin.fedoraproject.org/updates/drupal6-views_bulk_operations-1.1...
https://admin.fedoraproject.org/updates/bcfg2-1.1.3-1.fc15
https://admin.fedoraproject.org/updates/cyrus-imapd-2.4.11-1.fc15
https://admin.fedoraproject.org/updates/php-5.3.8-3.fc15
https://admin.fedoraproject.org/updates/openttd-1.1.3-1.fc15
The following Fedora 15 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/livecd-tools-15.10-1.fc15
https://admin.fedoraproject.org/updates/system-setup-keyboard-0.8.7-2.fc15
https://admin.fedoraproject.org/updates/gdb-7.3-44.fc15
https://admin.fedoraproject.org/updates/evolution-data-server-3.0.3.1-1.fc15
https://admin.fedoraproject.org/updates/tzdata-2011k-0.1.20110921.fc15
https://admin.fedoraproject.org/updates/m4-1.4.16-2.fc15
https://admin.fedoraproject.org/updates/xfwm4-4.8.1-3.fc15
https://admin.fedoraproject.org/updates/redhat-rpm-config-9.1.0-13.fc15
https://admin.fedoraproject.org/updates/sendmail-8.14.5-2.fc15.1
https://admin.fedoraproject.org/updates/xorg-x11-drv-qxl-0.0.21-5.fc15
https://admin.fedoraproject.org/updates/openldap-2.4.24-5.fc15
https://admin.fedoraproject.org/updates/lldpad-0.9.41-4.fc15
https://admin.fedoraproject.org/updates/evolution-mapi-3.0.3-2.fc15,evolu...
https://admin.fedoraproject.org/updates/nspr-4.8.8-4.fc15
https://admin.fedoraproject.org/updates/nss-softokn-3.12.10-4.fc15
https://admin.fedoraproject.org/updates/mash-0.5.22-1.fc15
https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-1...
https://admin.fedoraproject.org/updates/libfprint-0.4.0-1.fc15,fprintd-0....
The following builds have been pushed to Fedora 15 updates-testing
cab-0.1.6-1.fc15
compiz-fusion-extras-0.9.5.0-2.fc15
condor-7.7.1-0.1.fc15
deltacloud-core-0.4.0-4.fc15
drupal6-pathauto-2.0-0.4.rc2.fc15
eekboard-1.0.4-1.fc15
facter-1.6.1-1.fc15
ghc-data-default-0.3.0-1.fc15
ghc-rpm-macros-0.13.11-1.fc15
gromacs-4.5.5-1.fc15
groonga-1.2.6-1.fc15
haveged-1.2-3.fc15
kmymoney-4.6.0-1.fc15
libalkimia-4.3.1-3.fc15
libjingle-0.6.0-2.fc15
mfiler3-4.4.3-2.fc15
mk-files-20110808-1.fc15
mozc-1.2.831.102-1.fc15
mozilla-noscript-2.1.4-1.fc15
ncl-6.0.0-2.fc15
php-bartlett-PHP-Reflect-1.0.2-2.fc15
python-asciitable-0.7.1-1.fc15
quagga-0.99.20-1.fc15
saphire-3.5.3-1.fc15
scsi-target-utils-1.0.18-2.fc15
thunderbird-7.0-1.fc15
thunderbird-lightning-1.0-0.50.b7.fc15
Details about builds:
================================================================================
cab-0.1.6-1.fc15 (FEDORA-2011-13588)
Maintenance command for Haskell cabal packages
--------------------------------------------------------------------------------
Update Information:
cab is a wrapper over Haskell cabal-install and cabal-dev.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #731972 - Review Request: cab - Haskell Cabal package maintenance program
https://bugzilla.redhat.com/show_bug.cgi?id=731972
--------------------------------------------------------------------------------
================================================================================
compiz-fusion-extras-0.9.5.0-2.fc15 (FEDORA-2011-13565)
Additional plugins for Compiz
--------------------------------------------------------------------------------
Update Information:
obsolete compiz-fusion-extras-gnome
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 30 2011 Leigh Scott <leigh123linux(a)googlemail.com> - 0.9.5.0-2
- obsolete compiz-fusion-extras-gnome
--------------------------------------------------------------------------------
================================================================================
condor-7.7.1-0.1.fc15 (FEDORA-2011-13567)
Condor: High Throughput Computing
--------------------------------------------------------------------------------
Update Information:
Update to condor 7.7.1 package
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 16 2011 <tstclair(a)redhat.com> - 7.7.1-0.1
- Fast forward to 7.7.1 official release tag V7_7_1
- ghost var/lock and var/run in spec (BZ656562)
--------------------------------------------------------------------------------
================================================================================
deltacloud-core-0.4.0-4.fc15 (FEDORA-2011-13585)
Deltacloud REST API
--------------------------------------------------------------------------------
Update Information:
Re-enable the condor driver.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 29 2011 Chris Lalancette <clalance(a)redhat.com> - 0.4.0-4
- Add a patch to re-enable deltacloud-core-condor
--------------------------------------------------------------------------------
================================================================================
drupal6-pathauto-2.0-0.4.rc2.fc15 (FEDORA-2011-13590)
Automatically generates path aliases
--------------------------------------------------------------------------------
Update Information:
Updated to 2.0.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 30 2011 Peter Borsa <asrob@claire> - 2.0-0.4.rc2
- Updated to 2.0 version.
--------------------------------------------------------------------------------
================================================================================
eekboard-1.0.4-1.fc15 (FEDORA-2011-13577)
An Easy-to-use Virtual Keyboard Toolkit
--------------------------------------------------------------------------------
Update Information:
* add eekboard -k option to specify keyboards
* fix Hebrew keyboard rendering
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 30 2011 Daiki Ueno <dueno(a)redhat.com> - 1.0.4-1
- new upstream release (fixes #737441)
* Thu Sep 29 2011 Daiki Ueno <dueno(a)redhat.com> - 1.0.3-5
- add eekboard-command-line-keyboards.patch (#737441)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #737441 - RFE: provide back eekboard-inscript
https://bugzilla.redhat.com/show_bug.cgi?id=737441
--------------------------------------------------------------------------------
================================================================================
facter-1.6.1-1.fc15 (FEDORA-2011-13587)
Ruby module for collecting simple facts about a host operating system
--------------------------------------------------------------------------------
Update Information:
Upstream bugfix release. Refer to the release announcement for full details:
http://groups.google.com/group/puppet-users/browse_thread/thread/d2061ec6...
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 29 2011 Todd Zullinger <tmz(a)pobox.com> - 1.6.1-1
- Update to 1.6.1
- Minor spec file reformatting
--------------------------------------------------------------------------------
================================================================================
ghc-data-default-0.3.0-1.fc15 (FEDORA-2011-13581)
Provides a class for types with a default value
--------------------------------------------------------------------------------
Update Information:
This package provides a class for types with a default value.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #737228 - Review Request: ghc-data-default - A class for types with a default
value
https://bugzilla.redhat.com/show_bug.cgi?id=737228
--------------------------------------------------------------------------------
================================================================================
ghc-rpm-macros-0.13.11-1.fc15 (FEDORA-2011-13571)
Macros for building packages for GHC
--------------------------------------------------------------------------------
Update Information:
Fix versions in obsoletes/provides generated for ghc's devel subpackages.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 30 2011 Jens Petersen <petersen(a)redhat.com> - 0.13.11-1
- fix devel subpackage's prof and doc obsoletes and provides versions
for multiple lib packages like ghc (reported by Henrik Nordström)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #742407 - broken obsoletes/provides in ghc-7.0.2-16.4.fc15
https://bugzilla.redhat.com/show_bug.cgi?id=742407
--------------------------------------------------------------------------------
================================================================================
gromacs-4.5.5-1.fc15 (FEDORA-2011-13593)
Fast, Free and Flexible Molecular Dynamics
--------------------------------------------------------------------------------
Update Information:
Bugfix update to 4.5.5, see
http://lists.gromacs.org/pipermail/gmx-users/2011-September/064683.html for release info.
First build in EL6.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 20 2011 Jussi Lehtola <jussilehtola(a)fedoraproject.org> - 4.5.5-1
- Update to 4.5.5.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #739875 - gromacs-4.5.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=739875
[ 2 ] Bug #739212 - EL-6 branch is missing
https://bugzilla.redhat.com/show_bug.cgi?id=739212
--------------------------------------------------------------------------------
================================================================================
groonga-1.2.6-1.fc15 (FEDORA-2011-13591)
An Embeddable Fulltext Search Engine
--------------------------------------------------------------------------------
Update Information:
new upstream release
new upstream release
new upstream release
new upstream release
new upstream release
new upstream release
new upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 30 2011 Daiki Ueno <dueno(a)redhat.com> - 1.2.6-1
- build in fedora
* Thu Sep 29 2011 Kouhei Sutou <kou(a)clear-code.com> - 1.2.6-0
- new upstream release.
* Mon Sep 5 2011 Daiki Ueno <dueno(a)redhat.com> - 1.2.5-1
- build in fedora
* Mon Aug 29 2011 Kouhei Sutou <kou(a)clear-code.com> - 1.2.5-0
- new upstream release.
* Fri Jul 29 2011 Daiki Ueno <dueno(a)redhat.com> - 1.2.4-1
- build in fedora
* Fri Jul 29 2011 Kouhei Sutou <kou(a)clear-code.com> - 1.2.4-0
- new upstream release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #742181 - groonga-1.2.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=742181
[ 2 ] Bug #734043 - groonga-1.2.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=734043
--------------------------------------------------------------------------------
================================================================================
haveged-1.2-3.fc15 (FEDORA-2011-13572)
A Linux entropy source using the HAVEGE algorithm.
--------------------------------------------------------------------------------
Update Information:
A Linux entropy source using the HAVEGE algorithm. Feed entropy into random pool
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #739347 - Review Request: haveged - A Linux entropy source using the HAVEGE
algorithm. Feed entropy into random pool
https://bugzilla.redhat.com/show_bug.cgi?id=739347
--------------------------------------------------------------------------------
================================================================================
kmymoney-4.6.0-1.fc15 (FEDORA-2011-13564)
Personal finance
--------------------------------------------------------------------------------
Update Information:
New kmymoney release, includes several new features, many bugfixes, and improved
translations.
See also
http://sourceforge.net/news/?group_id=4708
--------------------------------------------------------------------------------
ChangeLog:
* Sun Aug 21 2011 Rex Dieter <rdieter(a)fedoraproject.org> 4.6.0-1
- 4.6.0
- use more pkgconfig-type build deps
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #728701 - Review Request: libalkimia - Financial library
https://bugzilla.redhat.com/show_bug.cgi?id=728701
--------------------------------------------------------------------------------
================================================================================
libalkimia-4.3.1-3.fc15 (FEDORA-2011-13564)
Financial library
--------------------------------------------------------------------------------
Update Information:
New kmymoney release, includes several new features, many bugfixes, and improved
translations.
See also
http://sourceforge.net/news/?group_id=4708
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #728701 - Review Request: libalkimia - Financial library
https://bugzilla.redhat.com/show_bug.cgi?id=728701
--------------------------------------------------------------------------------
================================================================================
libjingle-0.6.0-2.fc15 (FEDORA-2011-13596)
GoogleTalk implementation of Jingle
--------------------------------------------------------------------------------
Update Information:
Update libjingle to 0.6.0, needed for chromium 14+.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 27 2011 Tom Callaway <spot(a)fedoraproject.org> - 0.6.0-2
- fix phone bits up
- properly bump to 0.6
* Tue Sep 27 2011 Tom Callaway <spot(a)fedoraproject.org> - 0.6.0-1
- update to 0.6.0
--------------------------------------------------------------------------------
================================================================================
mfiler3-4.4.3-2.fc15 (FEDORA-2011-13574)
Two pane file manager under UNIX console
--------------------------------------------------------------------------------
Update Information:
saphire 3.5.3 is released. mfiler3 is rebuilt against this new saphire.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 30 2011 Mamoru Tasaka <mtasaka(a)fedoraproject.org> - 4.4.3-2
- Rebuild against new saphire
--------------------------------------------------------------------------------
================================================================================
mk-files-20110808-1.fc15 (FEDORA-2011-13584)
Support files for bmake, the NetBSD make(1) tool
--------------------------------------------------------------------------------
Update Information:
Support files for bmake, the NetBSD make(1) tool
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 29 2011 Luis Bazan <bazanluis20(a)gmail.com> - 20110808-1
- New upstream version
--------------------------------------------------------------------------------
================================================================================
mozc-1.2.831.102-1.fc15 (FEDORA-2011-13579)
Open-sourced Google Japanese Input
--------------------------------------------------------------------------------
Update Information:
various bug fixes and enhancements included
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 30 2011 Akira TAGOH <tagoh(a)redhat.com> - 1.2.831.102-1
- New upstream release.
--------------------------------------------------------------------------------
================================================================================
mozilla-noscript-2.1.4-1.fc15 (FEDORA-2011-13563)
JavaScript white list extension for Mozilla Firefox
--------------------------------------------------------------------------------
Update Information:
With this update, it's possible to use noscript with firefox 7 again.
Other update notes at:
http://noscript.net/changelog
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 30 2011 Thomas Spura <tomspur(a)fedoraproject.org> - 2.1.4-1
- update to new version (#712331)
* Fri Aug 5 2011 Thomas Spura <tomspur(a)fedoraproject.org> - 2.1.1-2
- change the macros to match MozillaExtensionsDraft
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #712331 - mozilla-noscript-2.1.2.9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=712331
--------------------------------------------------------------------------------
================================================================================
ncl-6.0.0-2.fc15 (FEDORA-2011-13586)
NCAR Command Language and NCAR Graphics
--------------------------------------------------------------------------------
Update Information:
- Update to 6.0.0, enable cairo and gdal support.
- Use system udunits by linking it into where ncl expects it, drop udunits patch. Fixes
bug 742307.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 29 2011 - Orion Poplawski <orion(a)cora.nwra.com> - 6.0.0-2
- Use system udunits by linking it into where ncl expects it, drop
udunits patch. Fixes bug 742307.
* Thu Sep 1 2011 - Orion Poplawski <orion(a)cora.nwra.com> - 6.0.0-1
- Update to 6.0.0 final
* Wed May 18 2011 - Orion Poplawski <orion(a)cora.nwra.com> - 6.0.0-0.2.beta
- Rebuild for hdf5 1.8.7
* Thu Mar 31 2011 - Orion Poplawski <orion(a)cora.nwra.com> - 6.0.0-0.1.beta
- Update to 6.0.0-beta
- Enable cairo and gdal support
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #742307 - Segmentation fault
https://bugzilla.redhat.com/show_bug.cgi?id=742307
--------------------------------------------------------------------------------
================================================================================
php-bartlett-PHP-Reflect-1.0.2-2.fc15 (FEDORA-2011-13576)
Adds the ability to reverse-engineer PHP
--------------------------------------------------------------------------------
Update Information:
PHP_Reflect adds the ability to reverse-engineer classes, interfaces, functions, constants
and more, by connecting php callbacks to other tokens.
HTML Documentation: /usr/share/doc/pear/PHP_Reflect/docs/index.html
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #693200 - Review Request: php-bartlett-PHP-Reflect - Adds the ability to
reverse-engineer PHP
https://bugzilla.redhat.com/show_bug.cgi?id=693200
--------------------------------------------------------------------------------
================================================================================
python-asciitable-0.7.1-1.fc15 (FEDORA-2011-13589)
Extensible ASCII table reader and writer
--------------------------------------------------------------------------------
Update Information:
This is a minor feature and bug-fix release
- Add a method inconsistent_handler() to the BaseReader
class as a hook to handle rows with an inconsistent number
of data columns (contributed by Erik Tollerud).
- Output a more informative error message when guessing fails.
- Fix issues in column type handling, mostly related to the
MemoryReader class which is used for writing tables.
- Fix a problem in guessing where user-supplied args were
not filtering the guess possibilities correctly.
- Fix problem reading a single column, string-only table with
MemoryReader on MacOS.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 30 2011 Sergio Pascual <sergiopr(a)fedoraproject.org> - 0.7.1-1
- New upstream version, with bugfixes
--------------------------------------------------------------------------------
================================================================================
quagga-0.99.20-1.fc15 (FEDORA-2011-13504)
Routing daemon
--------------------------------------------------------------------------------
Update Information:
fixes CVE-2011-332{3..7}
update to latest upstream 0.99.20
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 30 2011 Jiri Skala <jskala(a)redhat.com> - 0.99.20-1
- updated to latest upstream version 0.99.20
- fixes #741343 - CVE-2011-3325 corrected fix
* Thu Sep 29 2011 Jiri Skala <jskala(a)redhat.com> - 0.99.19-1
- fixes #741343 - CVE-2011-3323 CVE-2011-3324 CVE-2011-3325 CVE-2011-3326 CVE-2011-3327
- fixes #741580 - updated to latest upstream version 0.99.19
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #738393 - CVE-2011-3323 Quagga (ospf6d): Stack-based buffer overflow while
decoding Link State Update packet with malformed Inter Area Prefix LSA
https://bugzilla.redhat.com/show_bug.cgi?id=738393
[ 2 ] Bug #738394 - CVE-2011-3324 Quagga (ospf6d): Denial of service by decoding
malformed Database Description packet headers
https://bugzilla.redhat.com/show_bug.cgi?id=738394
[ 3 ] Bug #738396 - CVE-2011-3325 Quagga (ospfd): Denial of service by decoding too
short Hello packet or Hello packet with invalid OSPFv2 header type
https://bugzilla.redhat.com/show_bug.cgi?id=738396
[ 4 ] Bug #738398 - CVE-2011-3326 Quagga (ospfd): Denial of service by decoding Link
State Update LSAs of unknown type
https://bugzilla.redhat.com/show_bug.cgi?id=738398
[ 5 ] Bug #738400 - CVE-2011-3327 Quagga (bgpd): Heap-based buffer overflow by decoding
BGP UPDATE message with unknown AS_PATH attributes
https://bugzilla.redhat.com/show_bug.cgi?id=738400
--------------------------------------------------------------------------------
================================================================================
saphire-3.5.3-1.fc15 (FEDORA-2011-13574)
Yet another shell
--------------------------------------------------------------------------------
Update Information:
saphire 3.5.3 is released. mfiler3 is rebuilt against this new saphire.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 30 2011 Mamoru Tasaka <mtasaka(a)fedoraproject.org> - 3.5.3-1
- 3.5.3
* Fri Sep 9 2011 Mamoru Tasaka <mtasaka(a)fedoraproject.org> - 3.5.1-1
- 3.5.1
--------------------------------------------------------------------------------
================================================================================
scsi-target-utils-1.0.18-2.fc15 (FEDORA-2011-13562)
The SCSI target daemon and utility programs
--------------------------------------------------------------------------------
Update Information:
Fixes crash on stop.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 29 2011 Andy Grover <agrover(a)redhat.com> - 1.0.18-2
- Add patch
* scsi-target-utils-fix-segfault-on-exit.patch
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #712807 - [abrt] scsi-target-utils-1.0.14-2.el6: __list_del: Process
/usr/sbin/tgtd was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=712807
--------------------------------------------------------------------------------
================================================================================
thunderbird-7.0-1.fc15 (FEDORA-2011-13442)
Mozilla Thunderbird mail/newsgroup client
--------------------------------------------------------------------------------
Update Information:
The latest version of Thunderbird has the following changes:
- Fixed several security issues:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#th...
- Numerous platform fixes that improve speed, performance and stability
The latest version of Firefox and Thunderbird has the following changes:
- Revoked the root certificate for DigiNotar due to fraudulent SSL certificate issuance
(see bug mozbz#682927 and the security advisory)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 27 2011 Jan Horak <jhorak(a)redhat.com> - 7.0-1
- Update to 7.0
--------------------------------------------------------------------------------
================================================================================
thunderbird-lightning-1.0-0.50.b7.fc15 (FEDORA-2011-13442)
The calendar extension to Thunderbird
--------------------------------------------------------------------------------
Update Information:
The latest version of Thunderbird has the following changes:
- Fixed several security issues:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#th...
- Numerous platform fixes that improve speed, performance and stability
The latest version of Firefox and Thunderbird has the following changes:
- Revoked the root certificate for DigiNotar due to fraudulent SSL certificate issuance
(see bug mozbz#682927 and the security advisory)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 28 2011 Orion Poplawski <orion(a)cora.nwra.com> - 1.0-0.50.b7
- Use lightning 1.0b7 source for TB 7
- Update l10n source
- Drop tbver patch
* Wed Aug 31 2011 Dan Horák <dan[at]danny.cz> - 1.0-0.49.b5
- sync secondary arches support with xulrunner/thunderbird
--------------------------------------------------------------------------------