The following Fedora 15 Security updates need testing:
https://admin.fedoraproject.org/updates/FEDORA-2012-9117/quagga-0.99.20.1...
https://admin.fedoraproject.org/updates/FEDORA-2012-9008/boost-1.46.0-4.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-9329/roundcubemail-0....
https://admin.fedoraproject.org/updates/FEDORA-2012-7246/libsoup-2.34.3-2...
https://admin.fedoraproject.org/updates/FEDORA-2012-8702/arpwatch-2.1a15-...
https://admin.fedoraproject.org/updates/FEDORA-2012-6629/gdb-7.3.1-50.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-8685/asterisk-1.8.12....
https://admin.fedoraproject.org/updates/FEDORA-2012-8912/rubygem-actionpa...
https://admin.fedoraproject.org/updates/FEDORA-2012-8915/postgresql-9.0.8...
https://admin.fedoraproject.org/updates/FEDORA-2012-8911/php-symfony-symf...
https://admin.fedoraproject.org/updates/FEDORA-2012-8960/mumble-1.2.3-4.f...
https://admin.fedoraproject.org/updates/FEDORA-2011-17233/tor-0.2.1.32-15...
https://admin.fedoraproject.org/updates/FEDORA-2012-9328/gd-2.0.35-17.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-9349/mysql-5.5.24-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-8972/rubygem-activere...
https://admin.fedoraproject.org/updates/FEDORA-2012-9155/perl-Gtk2-MozEmb...
https://admin.fedoraproject.org/updates/FEDORA-2012-7131/seamonkey-2.9.1-...
https://admin.fedoraproject.org/updates/FEDORA-2012-9079/thunderbird-13.0...
https://admin.fedoraproject.org/updates/FEDORA-2012-8010/sudo-1.7.4p5-5.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-8931/kernel-2.6.43.8-...
https://admin.fedoraproject.org/updates/FEDORA-2012-8962/bind-9.8.3-2.P1....
The following Fedora 15 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/FEDORA-2012-9349/mysql-5.5.24-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-9280/lxpanel-0.5.9-1....
https://admin.fedoraproject.org/updates/FEDORA-2012-9062/python-bugzilla-...
https://admin.fedoraproject.org/updates/FEDORA-2012-9079/thunderbird-13.0...
https://admin.fedoraproject.org/updates/FEDORA-2012-8931/kernel-2.6.43.8-...
https://admin.fedoraproject.org/updates/iproute-2.6.38.1-7.fc15
https://admin.fedoraproject.org/updates/dracut-009-15.fc15
The following builds have been pushed to Fedora 15 updates-testing
abi-compliance-checker-1.97.8-1.fc15
gd-2.0.35-17.fc15
libmnl-1.0.3-1.fc15
mysql-5.5.24-1.fc15
roundcubemail-0.7.2-2.fc15
Details about builds:
================================================================================
abi-compliance-checker-1.97.8-1.fc15 (FEDORA-2012-9336)
An ABI Compliance Checker
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 11 2012 Richard Shaw <hobbes1069(a)gmail.com> - 1.97.8-1
- Update to latest upstream release.
* Mon Jun 4 2012 Richard Shaw <hobbes1069(a)gmail.com> - 1.97.7-1
- Update to latest upstream release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #827944 - abi-compliance-checker-1.97.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=827944
--------------------------------------------------------------------------------
================================================================================
gd-2.0.35-17.fc15 (FEDORA-2012-9328)
A graphics library for quick creation of PNG or JPEG images
--------------------------------------------------------------------------------
Update Information:
This is an update, that fixes insufficient input validation in _gdGetColors().
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 11 2012 Honza Horak <hhorak(a)redhat.com> - 2.0.35-17
- fixed CVE-2009-3546 gd: insufficient input validation in _gdGetColors()
Resolves: #830745
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #830745 - CVE-2009-3546 gd: insufficient input validation in _gdGetColors()
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=830745
--------------------------------------------------------------------------------
================================================================================
libmnl-1.0.3-1.fc15 (FEDORA-2012-9295)
A minimalistic Netlink library
--------------------------------------------------------------------------------
Update Information:
Update to latest 1.0.3 version.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 11 2012 Hushan Jia <hushan.jia(a)gmail.com> 1.0.3-1
- Update to 1.0.3.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #827992 - libmnl-1.0.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=827992
--------------------------------------------------------------------------------
================================================================================
mysql-5.5.24-1.fc15 (FEDORA-2012-9349)
MySQL client programs and shared libraries
--------------------------------------------------------------------------------
Update Information:
Update to MySQL 5.5.24, for various fixes described at
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-24.html
including the fix for CVE-2012-2122
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 11 2012 Tom Lane <tgl(a)redhat.com> 5.5.24-1
- Update to MySQL 5.5.24, for various fixes described at
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-24.html
including the fix for CVE-2012-2122
Resolves: #830680
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #814605 - CVE-2012-2122 mysql: incorrect type cast in check_scramble() leading
to authentication bypass
https://bugzilla.redhat.com/show_bug.cgi?id=814605
--------------------------------------------------------------------------------
================================================================================
roundcubemail-0.7.2-2.fc15 (FEDORA-2012-9329)
Round Cube Webmail is a browser-based multilingual IMAP client
--------------------------------------------------------------------------------
Update Information:
Resolves:
CVE-2011-1491
CVE-2011-1492
CVE-2012-1253
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #828558 - CVE-2012-1253 roundcubemail: XSS flaw fixed in 0.7 [fedora-16]
https://bugzilla.redhat.com/show_bug.cgi?id=828558
[ 2 ] Bug #772351 - Upgrade to 0.7
https://bugzilla.redhat.com/show_bug.cgi?id=772351
[ 3 ] Bug #828557 - CVE-2012-1253 roundcubemail: XSS flaw fixed in 0.7 [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=828557
[ 4 ] Bug #690458 - CVE-2011-1491 CVE-2011-1492 roundcubemail: v0.5.1 two security fixes
[epel-6]
https://bugzilla.redhat.com/show_bug.cgi?id=690458
[ 5 ] Bug #816914 - Where is the maintainer?
https://bugzilla.redhat.com/show_bug.cgi?id=816914
--------------------------------------------------------------------------------