The following Fedora 16 Security updates need testing: Age URL 5 https://admin.fedoraproject.org/updates/FEDORA-2012-15748/hostapd-0.7.3-10.f... 99 https://admin.fedoraproject.org/updates/FEDORA-2012-10402/bcfg2-1.2.3-1.fc16 23 https://admin.fedoraproject.org/updates/FEDORA-2012-14452/bacula-5.0.3-33.fc... 5 https://admin.fedoraproject.org/updates/FEDORA-2012-15746/gitolite3-3.04-4.f... 71 https://admin.fedoraproject.org/updates/FEDORA-2012-11526/dokuwiki-0-0.11.20... 5 https://admin.fedoraproject.org/updates/FEDORA-2012-15725/phpMyAdmin-3.5.3-1... 5 https://admin.fedoraproject.org/updates/FEDORA-2012-15743/freeradius-2.2.0-0... 13 https://admin.fedoraproject.org/updates/FEDORA-2012-15203/qt-4.8.2-7.fc16 4 https://admin.fedoraproject.org/updates/FEDORA-2012-15844/drupal7-feeds-2.0-... 101 https://admin.fedoraproject.org/updates/FEDORA-2012-10314/revelation-0.4.14-... 21 https://admin.fedoraproject.org/updates/FEDORA-2012-14654/tor-0.2.2.39-1600.... 28 https://admin.fedoraproject.org/updates/FEDORA-2012-14126/dbus-1.4.10-4.fc16 3 https://admin.fedoraproject.org/updates/FEDORA-2012-15981/dhcp-4.2.4-4.P2.fc... 20 https://admin.fedoraproject.org/updates/FEDORA-2012-14707/openjpeg-1.4-14.fc... 2 https://admin.fedoraproject.org/updates/FEDORA-2012-16056/haproxy-1.4.22-1.f... 2 https://admin.fedoraproject.org/updates/FEDORA-2012-16028/mapserver-6.0.3-4.... 2 https://admin.fedoraproject.org/updates/FEDORA-2012-16032/cobbler-2.4.0-beta... 2 https://admin.fedoraproject.org/updates/FEDORA-2012-16055/thunderbird-16.0.1... 26 https://admin.fedoraproject.org/updates/FEDORA-2012-14322/pcp-3.6.8-1.fc16
The following Fedora 16 Critical Path updates have yet to be approved: Age URL 1 https://admin.fedoraproject.org/updates/FEDORA-2012-16099/kde-settings-4.7-1... 2 https://admin.fedoraproject.org/updates/FEDORA-2012-16055/thunderbird-16.0.1... 4 https://admin.fedoraproject.org/updates/FEDORA-2012-15833/firefox-16.0-1.fc1... 8 https://admin.fedoraproject.org/updates/FEDORA-2012-15556/nss-util-3.13.6-1.... 9 https://admin.fedoraproject.org/updates/FEDORA-2012-15485/mdadm-3.2.5-10.fc1... 13 https://admin.fedoraproject.org/updates/FEDORA-2012-15203/qt-4.8.2-7.fc16 The following builds have been pushed to Fedora 16 updates-testing
cagibi-0.2.0-4.fc16 ganyremote-6.1-1.fc16 kanyremote-6.1-1.fc16 mozilla-https-everywhere-3.0.1-1.fc16 ninja-ide-2.1.1-3.fc16 pencil-2.0.2-1.fc16 qpid-cpp-0.18-3.fc16 xfce4-xkb-plugin-0.5.4.3-2.fc16 ypbind-1.36-7.fc16
Details about builds:
================================================================================ cagibi-0.2.0-4.fc16 (FEDORA-2012-16149) SSDP (UPnP discovery) cache/proxy daemon -------------------------------------------------------------------------------- Update Information:
Reduce copious log output. -------------------------------------------------------------------------------- ChangeLog:
* Sat Oct 13 2012 Rex Dieter rdieter@fedoraproject.org - 0.2.0-4 - cagibi spams /var/logs/messages via dbus-daemon (#865964) - pkgconfig-style deps * Wed Jul 18 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.2.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Thu Jan 12 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.2.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #865964 - cagibi spams /var/logs/messages via dbus-daemon https://bugzilla.redhat.com/show_bug.cgi?id=865964 --------------------------------------------------------------------------------
================================================================================ ganyremote-6.1-1.fc16 (FEDORA-2012-16159) GTK frontend for anyRemote -------------------------------------------------------------------------------- Update Information:
v6.1 -------------------------------------------------------------------------------- ChangeLog:
--------------------------------------------------------------------------------
================================================================================ kanyremote-6.1-1.fc16 (FEDORA-2012-16172) KDE frontend for anyRemote -------------------------------------------------------------------------------- Update Information:
v6.1 -------------------------------------------------------------------------------- ChangeLog:
--------------------------------------------------------------------------------
================================================================================ mozilla-https-everywhere-3.0.1-1.fc16 (FEDORA-2012-16167) HTTPS/HSTS enforcement extension for Mozilla Firefox and SeaMonkey -------------------------------------------------------------------------------- Update Information:
* Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory, IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo, Shannon Health, O'Reilly Media https://trac.torproject.org/projects/tor/ticket/7080 https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.h... https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.h... * Disable broken: Springer https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.h... * Updated translations: Basque, Hungarian, Traditional Chinese - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.h... - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.h... - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.h... - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage -------------------------------------------------------------------------------- ChangeLog:
* Mon Oct 15 2012 Russell Golden niveusluna@niveusluna.org - 3.0.0-1 - Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory, IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo, Shannon Health, O'Reilly Media https://trac.torproject.org/projects/tor/ticket/7080 https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.h... https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.h... - Disable broken: Springer https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.h... - Updated translations: Basque, Hungarian, Traditional Chinese * Fri Oct 12 2012 Russell Golden niveusluna@niveusluna.org - 3.0.0-2 - Replace "firefox" in EPEL builds with "firefox >= 3.5" for EL users who think updates are for sissies and/or voiding support contracts with proprietary vendors. They can't use this if their Firefox install is older than 3.5 anyway, so what's the harm? * Tue Oct 9 2012 Russell Golden niveusluna@niveusluna.org - 3.0.0-1 - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.h... - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage --------------------------------------------------------------------------------
================================================================================ ninja-ide-2.1.1-3.fc16 (FEDORA-2012-16160) Ninja IDE for Python development -------------------------------------------------------------------------------- Update Information:
Ninja IDE for Python development -------------------------------------------------------------------------------- References:
[ 1 ] Bug #863983 - Review Request: ninja-ide - Ninja IDE for Python development https://bugzilla.redhat.com/show_bug.cgi?id=863983 --------------------------------------------------------------------------------
================================================================================ pencil-2.0.2-1.fc16 (FEDORA-2012-16156) A sketching and GUI prototyping tool -------------------------------------------------------------------------------- Update Information:
Update new release 2.0.2 from upstream for xulrunner 16.0.1 compatibility. -------------------------------------------------------------------------------- ChangeLog:
* Sun Oct 14 2012 Truong Anh Tuan tuanta@iwayvietnam.com - 2.0.2-1 - Update new release 2.0.2 from upstream for xulrunner 16.0.1 compatibility. --------------------------------------------------------------------------------
================================================================================ qpid-cpp-0.18-3.fc16 (FEDORA-2012-16153) Libraries for Qpid C++ client applications -------------------------------------------------------------------------------- Update Information:
Fixed directory ownership and building the C++ examples. -------------------------------------------------------------------------------- ChangeLog:
* Fri Oct 12 2012 Darryl L. Pierce dpierce@redhat.com - 0.18-3 - Fixed building C++ messaging examples. - Fixed ownership for /usr/share/qpidc and /usr/shar/qpidc/messaging - Resolves: BZ#802791 - Resolves: BZ#756927 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #802791 - qpid-cpp examples building error https://bugzilla.redhat.com/show_bug.cgi?id=802791 [ 2 ] Bug #756927 - [PATCH] Spec file fixes for qpid-cpp https://bugzilla.redhat.com/show_bug.cgi?id=756927 --------------------------------------------------------------------------------
================================================================================ xfce4-xkb-plugin-0.5.4.3-2.fc16 (FEDORA-2012-16146) XKB layout switcher for the Xfce panel -------------------------------------------------------------------------------- Update Information:
This update fixes two crashes and a bug where some weird characters appeared in some keyboard variants. -------------------------------------------------------------------------------- ChangeLog:
* Mon Oct 15 2012 Christoph Wickert cwickert@fedoraproject.org - 0.5.4.3-2 - Build against libxfce4ui instead of libxfcegui4 - Make xfce4-panel version dependency conditional - Add VCS tag - Spec file cleanup * Mon Oct 15 2012 Christoph Wickert cwickert@fedoraproject.org - 0.5.4.3-1 - Update to 0.5.4.3 (#742744, #768737, #828307) * Sun Jul 22 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.5.4.1-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sun Apr 15 2012 Kevin Fenzi kevin@scrye.com - 0.5.4.1-5 - Rebuild for Xfce 4.10(pre2) * Thu Apr 5 2012 Kevin Fenzi kevin@scrye.com - 0.5.4.1-4 - Rebuild for Xfce 4.10 * Sat Jan 14 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.5.4.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Tue Dec 6 2011 Adam Jackson ajax@redhat.com - 0.5.4.1-2 - Rebuild for new libpng -------------------------------------------------------------------------------- References:
[ 1 ] Bug #742744 - [abrt] xfce4-xkb-plugin-0.5.4.1-1.fc16: __stpcpy_sse2_unaligned: Process /usr/libexec/xfce4/panel-plugins/xfce4-xkb-plugin was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=742744 [ 2 ] Bug #768737 - Error with variants https://bugzilla.redhat.com/show_bug.cgi?id=768737 [ 3 ] Bug #828307 - [abrt] xfce4-xkb-plugin-0.5.4.1-3.fc17: __stpcpy_sse2: Process /usr/libexec/xfce4/panel-plugins/xfce4-xkb-plugin was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=828307 --------------------------------------------------------------------------------
================================================================================ ypbind-1.36-7.fc16 (FEDORA-2012-14965) The NIS daemon which binds NIS clients to an NIS domain -------------------------------------------------------------------------------- Update Information:
This is an update that fixes starting issues of ypbind daemon. -------------------------------------------------------------------------------- ChangeLog:
* Thu Oct 4 2012 Honza Horak hhorak@redhat.com - 3:1.36-7 - Run %triggerun regardless of systemd_post variable definition * Mon Sep 24 2012 Honza Horak hhorak@redhat.com - 3:1.36-6 - Use sdnotify to inform systemd that daemon is ready - Minor spec file cleanup - Use new systemd macros Resolves: #850375 - Add After: NetworkManager-wait-online.service Related: #846767 * Thu Aug 23 2012 Honza Horak hhorak@redhat.com - 3:1.36-5 - Enhance ypbind(8) with info about NISTIMEOUT - Add suggestion about extending NISTIMEOUT if ypbind timeouts * Mon Jul 23 2012 Honza Horak hhorak@redhat.com - 3:1.36-4 - Add SIGPIPE to proper signal set Related: #842228 - Fixed sending TERM signal in ypbind-post-waitbind * Sun Jul 22 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 3:1.36-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Wed Jul 11 2012 Honza Horak hhorak@redhat.com - 3:1.36-2 - Minor spec file fixes - Helper scripts moved to /usr/libexec * Wed Jul 11 2012 Honza Horak hhorak@redhat.com - 3:1.36-1 - Update to new version 1.36 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #846767 - ypbind fails on boot https://bugzilla.redhat.com/show_bug.cgi?id=846767 --------------------------------------------------------------------------------