Fedora 13 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Sat Aug 7 23:29:20 UTC 2010
The following builds have been pushed to Fedora 13 updates-testing
augeas-0.7.3-1.fc13
clementine-0.4.2-8.fc13
freeciv-2.2.2-1.fc13
gparted-0.6.2-1.fc13
guitarix-0.11.0-1.fc13
iputils-20071127-12.fc13
kernel-2.6.34.2-34.fc13
lvm2-2.02.72-4.fc13
mapserver-5.6.5-1.fc13
monit-5.1.1-2.fc13
nautilus-sound-converter-1.0.5-3.fc13
openconnect-2.25-1.fc13
php-pear-CAS-1.1.2-1.fc13
python-pycha-0.5.3-1.fc13
rekonq-0.5.0-2.fc13
roundup-1.4.15-1.fc13
shorewall-4.4.11.1-1.fc13
texmaker-2.0-1.fc13
uzbl-0-0.16.20100626gitafc0f873e.fc13
Details about builds:
================================================================================
augeas-0.7.3-1.fc13 (FEDORA-2010-12263)
A library for changing configuration files
--------------------------------------------------------------------------------
Update Information:
See http://augeas.net/news.html for details
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 6 2010 David Lutterkort <lutter at redhat.com> - 0.7.3-1
- Remove upstream patches
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #613967 - guestfsd segfaults in libaugeas.so
https://bugzilla.redhat.com/show_bug.cgi?id=613967
--------------------------------------------------------------------------------
================================================================================
clementine-0.4.2-8.fc13 (FEDORA-2010-11493)
A music player and library organizer
--------------------------------------------------------------------------------
Update Information:
Clementine is a modern music player and library organizer. It is largely a port
of Amarok 1.4, with some features rewritten to take advantage of Qt4.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #583327 - Review Request: clementine - A music player and library organizer
https://bugzilla.redhat.com/show_bug.cgi?id=583327
[ 2 ] Bug #618474 - SIGSEGV when I click on "triangle" to the left of "Last.fm" in Internet tab
https://bugzilla.redhat.com/show_bug.cgi?id=618474
--------------------------------------------------------------------------------
================================================================================
freeciv-2.2.2-1.fc13 (FEDORA-2010-12256)
A multi-player strategy game
--------------------------------------------------------------------------------
Update Information:
A lot of fixes and updates, including a security fix. Fixes #612296
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 2 2010 Thomas Janssen <thomasj at fedoraproject.org> 2.2.2-1
- security fix https://www.redhat.com/security/data/cve/CVE-2010-2445.html
- fixes #612296
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #612296 - CVE-2010-2445 freeciv: arbitrary file disclosure and command execution vulnerabilities
https://bugzilla.redhat.com/show_bug.cgi?id=612296
--------------------------------------------------------------------------------
================================================================================
gparted-0.6.2-1.fc13 (FEDORA-2010-12264)
Gnome Partition Editor
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream and remove dependence on hal.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 6 2010 Deji Akingunola <dakingun at gmail.com> - 0.6.2-1
- Update to version 0.6.2
* Mon Jun 21 2010 Deji Akingunola <dakingun at gmail.com> - 0.6.0-1
- Update to version 0.6.0
* Thu Apr 1 2010 Mike McGrath <mmcgrath at redhat.com> - 0.5.2-1.1
- Rebuilt to fix broken parted dep
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #586377 - Please don't depend on hal
https://bugzilla.redhat.com/show_bug.cgi?id=586377
--------------------------------------------------------------------------------
================================================================================
guitarix-0.11.0-1.fc13 (FEDORA-2010-12278)
Mono amplifier to JACK
--------------------------------------------------------------------------------
Update Information:
Users visible changes: - new version of the impulse response parameter
editor. You can now graphically define a gain line to be applied to the IR data,
e.g. emphasize a part of the early reflections or damping the reverb tail to
make it fit to your guitar sound. - the multi-line distortion effect now has
4 frequency bands and is better optimized - fix regression from version
0.10.0: now the default preset file is created again if it doesn't exist (e.g.
in new installations).
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 4 2010 Orcan Ogetbil <oget[DOT]fedora[AT]gmail[DOT]com> - 0.11.0-1
- Update to 0.11.0
* Tue Jul 27 2010 Orcan Ogetbil <oget[DOT]fedora[AT]gmail[DOT]com> - 0.10.0-3
- Rebuild against new boost on F-14
--------------------------------------------------------------------------------
================================================================================
iputils-20071127-12.fc13 (FEDORA-2010-12273)
Network monitoring tools including ping
--------------------------------------------------------------------------------
Update Information:
CVE-2010-2529 iputils: denial of service vulnerability in ping
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 5 2010 Jiri Skala <jskala at redhat.com> - 20071127-12
- fixes #617613 - CVE-2010-2529 iputils: denial of service vulnerability in ping
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #613819 - CVE-2010-2529 iputils: denial of service vulnerability in ping
https://bugzilla.redhat.com/show_bug.cgi?id=613819
--------------------------------------------------------------------------------
================================================================================
kernel-2.6.34.2-34.fc13 (FEDORA-2010-12279)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
Update to kernel 2.6.34.2:
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.1
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.2 Other
changes: - Re-enables function tracer and stack tracer configuration options
dropped in the 2.6.33 kernel. - Includes a fix from kernel 2.6.35 that allows
some trackpads to be detect correctly instead of being detected as regular mice.
NOTES: - Kernel 2.6.34 defaults to using ACPI for PCI bridge resources. If
you have problems with some devices not being detected, try the boot option
"pci=nocrs". (See: https://bugzilla.redhat.com/show_bug.cgi?id=620313
for an example of such a problem.) - We do not want this kernel pushed to
stable updates too soon. Give feedback, but don't add karma. We will determine
whether to push the update manually based on the feedback.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 6 2010 Ben Skeggs <bskeggs at redhat.com> 2.6.34.2-35
- nouveau: fix inter-engine race when under memory pressure (rhbz#602956)
* Thu Aug 5 2010 Chuck Ebbert <cebbert at redhat.com> 2.6.34.2-34
- Disable CONFIG_MULTICORE_RAID456
* Tue Aug 3 2010 Chuck Ebbert <cebbert at redhat.com> 2.6.34.2-33
- Linux 2.6.34.2
- Drop commented-out patches.
- Drop ancient linux-2.6-mac80211-age-scan-results-on-resume.patch
- Fix matroxfb font corruption (#617687)
- Don't resurrect dead task credentials (#591015)
- Fix "ext4 and xfs wrong data returned on read after write if
file size was changed with ftruncate" (#617699)
* Sun Aug 1 2010 Chuck Ebbert <cebbert at redhat.com> 2.6.34.2-32.rc1
- Linux 2.6.34.2-rc1
- Comment out upstream merged patches:
pci-pm-do-not-use-native-pcie-pme-by-default.patch
linux-2.6-acpi-sleep-live-sci-live.patch (slightly different upstream patch)
drm-i915-make-G4X-style-PLL-search-more-permissive.patch
drm-intel-945gm-stability-fixes.patch
drm-radeon-fix-shared-ddc-handling.patch
drm-i915-add-reclaimable-to-page-allocations.patch
drm-i915-fix-hibernate-memory-corruption.patch
iwlwifi-Recover-TX-flow-stall-due-to-stuck-queue.patch
iwlwifi-recover_from_tx_stall.patch
mac80211-do-not-wipe-out-old-supported-rates.patch
mac80211-fix-supported-rates-IE-if-AP-doesnt-give-us-its-rates.patch
iwlwifi-cancel-scan-watchdog-in-iwl_bg_abort_scan.patch
ata-generic-handle-new-mbp-with-mcp89.patch
ata-generic-implement-ata-gen-flags.patch
x86-debug-send-sigtrap-for-user-icebp.patch
ethtool-fix-buffer-overflow.patch
sched-fix-over-scheduling-bug.patch
kbuild-fix-modpost-segfault.patch
acpica-00-linux-2.6.git-0f849d2cc6863c7874889ea60a871fb71399dd3f.patch
acpica-01-linux-2.6.git-a997ab332832519c2e292db13f509e4360495a5a.patch
acpica-02-linux-2.6.git-e4e9a735991c80fb0fc1bd4a13a93681c3c17ce0.patch
acpica-03-linux-2.6.git-fd247447c1d94a79d5cfc647430784306b3a8323.patch
acpica-04-linux-2.6.git-c9a8bbb7704cbf515c0fc68970abbe4e91d68521.patch
acpica-05-linux-2.6.git-ce43ace02320a3fb9614ddb27edc3a8700d68b26.patch
acpica-06-linux-2.6.git-9d3c752de65dbfa6e522f1d666deb0ac152ef367.patch
acpi-pm-do-not-enable-gpes-for-system-wakeup-in-advance.patch
cifs-fix-malicious-redirect-problem-in-the-dns-lookup-code.patch
usb-obey-the-sysfs-power-wakeup-setting.patch
- Fix up virtqueue-wrappers.patch to apply after 2.6.34.2 due to:
virtio_net-fix-oom-handling-on-tx.patch
- Revert -stable DRM patches already in our drm-next patch:
amd64-agp-probe-unknown-agp-devices-the-right-way.patch
i915-fix-lock-imbalance-on-error-path.patch
drm-i915-hold-the-spinlock-whilst-resetting-unpin_work-along-error-path.patch
- Fix up drm-next.patch to apply after 2.6.34.2 due to:
drm-i915-gen3-page-flipping-fixes.patch
drm-i915-don-t-queue-flips-during-a-flip-pending-event.patch
- Drop patches now upstream from linux-2.6-v4l-dvb-uvcvideo-update.patch:
V4L/DVB: uvcvideo: Add support for unbranded Arkmicro 18ec:3290 webcams
V4L/DVB: uvcvideo: Add support for V4L2_PIX_FMT_Y16
- Temporarily comment out ssb_check_for_sprom.patch due to ugly conflicts with:
ssb-handle-netbook-devices-where-the-sprom-address-is-changed.patch
* Sun Aug 1 2010 Chuck Ebbert <cebbert at redhat.com> 2.6.34.1-31
- Backport initial dist-git fixes from master (377da6d08)
- Modify the prep stage so multiple trees can be prepped in a
single shared git directory.
* Mon Jul 26 2010 Chuck Ebbert <cebbert at redhat.com> 2.6.34.1-30
- usb-obey-the-sysfs-power-wakeup-setting.patch:
Restore ability of USB devices to wake the machine (#617559)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #602956 - large pages in firefox locks up X
https://bugzilla.redhat.com/show_bug.cgi?id=602956
[ 2 ] Bug #591015 - kernel BUG at kernel/cred.c:168
https://bugzilla.redhat.com/show_bug.cgi?id=591015
[ 3 ] Bug #617699 - ext4 and xfs wrong data returned on read after write if file size was changed with ftruncate
https://bugzilla.redhat.com/show_bug.cgi?id=617699
[ 4 ] Bug #617559 - IR receiver cannot wake machine
https://bugzilla.redhat.com/show_bug.cgi?id=617559
[ 5 ] Bug #600998 - Webcam does not work
https://bugzilla.redhat.com/show_bug.cgi?id=600998
[ 6 ] Bug #569074 - nouveau NULL pointer after resume
https://bugzilla.redhat.com/show_bug.cgi?id=569074
[ 7 ] Bug #613284 - Wrong screen resolution detected for Sony F11M1E/W, NVIDIA GT 330
https://bugzilla.redhat.com/show_bug.cgi?id=613284
[ 8 ] Bug #595645 - nouveau doesn't work on NV20 hardware (black screen)
https://bugzilla.redhat.com/show_bug.cgi?id=595645
[ 9 ] Bug #532711 - External DVI monitors aren't detected on Dell Latitude E6400
https://bugzilla.redhat.com/show_bug.cgi?id=532711
[ 10 ] Bug #593046 - External displays are blank
https://bugzilla.redhat.com/show_bug.cgi?id=593046
[ 11 ] Bug #608034 - No sata devices found on new mac mini 2010 (Nvidia MCP89 AHCI)
https://bugzilla.redhat.com/show_bug.cgi?id=608034
--------------------------------------------------------------------------------
================================================================================
lvm2-2.02.72-4.fc13 (FEDORA-2010-12274)
Userland logical volume management tools
--------------------------------------------------------------------------------
Update Information:
This update addresses a security problem when using the clustered LVM daemon
clvmd from the package lvm2-cluster on systems where you have non-root users.
The lvm2 package on its own is not vulnerable to this problem but if you are
using lvm2-cluster you must update both together. Further details are
given in the Red Hat Bugzilla: https://bugzilla.redhat.com/CVE-2010-2526
After updating the packages, make sure that clvmd restarted itself. This
update also includes several other important bug fixes and enhancements - see
the detailed changelog.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 2 2010 Alasdair Kergon <agk at redhat.com> - 2.02.72-4
- Merge f13, f14 and rawhide spec files.
* Sat Jul 31 2010 Alasdair Kergon <agk at redhat.com> - 2.02.72-3
- Address lvm2-cluster security flaw CVE-2010-2526.
https://bugzilla.redhat.com/CVE-2010-2526
- Change clvmd to communicate with lvm2 via a socket in /var/run/lvm.
- Return controlled error if clvmd is run by non-root user.
- Never use clvmd singlenode unless explicitly requested with -Isinglenode.
- Fix exported_symbols generation to use standard compiler arguments.
- Use #include <> not "" in lvm2app.h which gets installed on the system.
- Make liblvm.device-mapper wait for include file generation.
- Fix configure to supply DEFAULT_RUN_DIR to Makefiles.
- Fix wrong number of mirror log at allocate policy
* Wed Jul 28 2010 Alasdair Kergon <agk at redhat.com> - 2.02.71-1
- Make vgck warn about missing PVs.
- Revert failed table load preparation after "create, load and resume".
- Check if cluster log daemon is running before allowing cmirror create.
- Add dm_create_lockfile to libdm and use for pidfiles for all daemons.
- Correct LV list order used by lvconvert when splitting a mirror.
- Check if LV with specified name already exists when splitting a mirror.
- Fix suspend/resume logic for LVs resulting from splitting a mirror.
- Fix possible hang when all mirror images of a mirrored log fail.
- Adjust auto-metadata repair and caching logic to try to cope with empty mdas.
- Update pvcreate, {pv|vg}change, and lvm.conf man pages about metadataignore.
- Prompt if metadataignore with vgextend or pvchange would adjust vg_mda_copies.
- Adjust vg_mda_copies if metadataignore given with vgextend or pvchange.
- Speed up the regex matcher.
- Use "nowatch" udev rule for inappropriate devices.
- Document LVM fault handling in lvm_fault_handling.txt.
- Clarify help text for vg_mda_count.
- Add more verbose messages while checking volume_list and hosttags settings.
- Add log_error when strdup fails in {vg|lv}_change_tag().
- Do not log backtrace in valid _lv_resume() code path.
* Wed Jul 7 2010 Alasdair Kergon <agk at redhat.com> - 2.02.70-1
- Remove log directly if all mirror images of a mirrored log fail.
- Randomly select which mdas to use or ignore.
- Add printf format attributes to yes_no_prompt and fix a caller.
- Always pass unsuspended dm devices through persistent filter to other filters.
- Move test for suspended dm devices ahead of other filters.
- Fix another segfault in clvmd -R if no response from daemon received. (2.02.68)
- Remove superfluous suspended device counter from clvmd.
- Fix lvm shell crash when input is entirely whitespace.
- Update partial mode warning message.
- Preserve memlock balance in clvmd when activation triggers a resume.
- Restore the removemissing behaviour of lvconvert --repair --use-policies.
* Wed Jun 30 2010 Alasdair Kergon <agk at redhat.com> - 2.02.69-1
- Fix vgremove to allow removal of VG with missing PVs. (2.02.52)
- Add metadata/vgmetadatacopies to lvm.conf.
- Add --metadataignore to pvcreate and vgextend.
- Add vg_mda_copies, pv_mda_used_count and vg_mda_used_count to reports.
- Describe --vgmetadatacopies in lvm.conf and other man pages.
- Add --[vg]metadatacopies to select number of mdas to use in a VG.
- Make the metadata ignore bit control read/write metadata areas in a PV.
- Add pvchange --metadataignore to set or clear a metadata ignore bit.
- Refactor metadata code to prepare for --metadataignore / --vgmetadatacopies.
- Ensure region_size of mirrored log does not exceed its full size.
- Preload libc locale messages to prevent reading it in memory locked state.
- Fix handling of simultaneous mirror image and mirrored log image failure.
* Thu Jun 24 2010 Peter Rajnoha <prajnoha at redhat.com> - 2.02.68-2
- Fix udev rules to handle spurious events properly.
- Add Requires: udev >= 158-1 (needed for the change in udev rules).
* Wed Jun 23 2010 Alasdair Kergon <agk at redhat.com> - 2.02.68-1
- Have device-mapper-libs require device-mapper (circular) for udev rules.
- Clear exec_prefix.
- Use early udev synchronisation and update of dev nodes for clustered mirrors.
- Add lv_path to reports to offer full /dev pathname.
- Avoid abort when generating cmirror status.
- Fix clvmd initscript status to print only active clustered LVs.
- Fix segfault in clvmd -R if no response from daemon received.
- Honour log argument when down-converting stacked mirror.
- Sleep to workaround clvmd -S race: socket closed early and server drops cmd.
- Exit successfully when using -o help (but not -o +help) with LVM reports.
- Add man pages for lvmconf, dmeventd and non-existent lvmsadc and lvmsar tools.
- Add --force, --nofsck and --resizefs to lvresize/extend/reduce man pages.
- Fix lvm2cmd example in documentation.
- Fix typo in warning message about missing device with allocated data areas.
- Add device name and offset to raw_read_mda_header error messages.
- Allow use of lvm2app and lvm2cmd headers in C++ code.
* Fri Jun 4 2010 Alasdair Kergon <agk at redhat.com> - 2.02.67-1
- Require partial option in lvchange --refresh for partial LVs.
- Don't merge unchanged persistent cache file before dumping if tool scanned.
- Avoid selecting names under /dev/block if there is an alternative.
- Fix semctl parameter (union) to avoid misaligned parameter on some arches.
- Fix clvmd initscript restart command to start clvmd if not yet running.
- Handle failed restart of clvmd using -S switch properly.
- Use built-in absolute paths in clvmd (clvmd restart and PV and LV queries).
- Consistently return ECMD_FAILED if interrupted processing multiple LVs.
- Add --type parameter description to the lvcreate man page.
- Document 'clear' in dmsetup man page.
- Replace strncmp kernel version number checks with proper ones.
- Update clustered log kernel module name to log-userspace for 2.6.31 onwards.
- Support autoloading of dm-mod module for kernels from 2.6.35.
- Add dm_tree_node_set_presuspend_node() to presuspend child when deactivating.
- Do not fail lvm_init() if init_logging() or _init_rand() generates an errno.
- Fix incorrect memory pool deallocation while using vg_read for files.
* Thu May 20 2010 Alasdair Kergon <agk at redhat.com> - 2.02.66-2
- Simplify and fix Requires package headers.
- If unable to obtain snapshot percentage leave value blank on reports.
- Use new install_system_dirs and install_initscripts makefile targets.
- Add lvm2app functions to lookup a vgname from a pvid and pvname.
- Change internal processing of PVs in pvchange.
- Validate internal lock ordering of orphan and VG_GLOBAL locks.
* Mon May 17 2010 Alasdair Kergon <agk at redhat.com> - 2.02.65-1
- Disallow vgchange --clustered if there are active mirrors or snapshots.
- Fix truncated total size displayed by pvscan.
- Skip internal lvm devices in scan if ignore_suspended_devices is set.
- Do not merge old device cache after we run full scan. (2.02.56)
- Add new --sysinit compound option to vgchange and lvchange.
- Fix clvmd init script never to deactivate non-clustered volume groups.
- Drop duplicate errors for read failures and missing devices to verbose level.
- Do not print encryption key in message debug output (cryptsetup luksResume).
- Use -d to control level of messages sent to syslog by dmeventd.
- Change -d to -f to run dmeventd in foreground.
- Fix udev flags on remove in create_and_load error path.
- Add dm_list_splice() function to join two lists together.
- Use /bin/bash for scripts with bashisms.
- Switch Libs.private to Requires.private in devmapper.pc and lvm2app.pc.
- Use pkgconfig Requires.private for devmapper-event.pc.
* Fri Apr 30 2010 Alasdair Kergon <agk at redhat.com> - 2.02.64-1
- Avoid pointless initialisation when the 'version' command is run directly.
- Fix memory leak for invalid regex pattern input.
- Display invalid regex pattern for filter configuration in case of error.
- Fix -M and --type to use strings, not pointers that change on config refresh.
- Fix lvconvert error message when existing mirrored LV is not found.
- Set appropriate udev flags for reserved LVs.
- Disallow the direct removal of a merging snapshot.
- Don't preload the origin when removing a snapshot whose merge is pending.
- Disallow the addition of mirror images while a conversion is happening.
- Disallow primary mirror image removal when mirror is not in-sync.
- Remove obsolete --name parameter from vgcfgrestore.
- Add -S command to clvmd to restart the daemon preserving exclusive locks.
- Increment lvm2app version from 1 to 2 (memory allocation changes).
- Change lvm2app memory alloc/free for pv/vg/lv properties.
- Change daemon lock filename from lvm2_monitor to lvm2-monitor for consistency.
- Add support for new IMPORT{db} udev rule.
- Add DM_UDEV_PRIMARY_SOURCE_FLAG udev flag to recognize proper DM events.
- Also include udev libs in libdevmapper.pc.
- Cache bitset locations to speed up _calc_states.
- Add a regex optimisation pass for shared prefixes and suffixes.
- Add dm_bit_and and dm_bitset_equal to libdevmapper.
- Speed up dm_bit_get_next with ffs().
* Thu Apr 15 2010 Alasdair Kergon <agk at redhat.com> - 2.02.63-2
- Remove 'lvmconf --lockinglibdir' from cluster post: locking is now built-in.
- Move libdevmapper-event-lvm2.so to devel package.
- Explicitly specify libdevmapper-event.so* attributes.
- Drop support for upgrades from very old versions that used lvm not lvm2.
- Move libdevmapper-event plug-in libraries into new device-mapper subdirectory.
- Don't verify lvm.conf contents when using rpm --verify.
* Wed Apr 14 2010 Alasdair Kergon <agk at redhat.com> - 2.02.63-1
- Move development links to shared objects to /usr (hard-coded temporarily).
- Change libdevmapper deactivation to fail if device is open.
- Wipe memory buffers for libdevmapper dm-ioctl parameters before releasing.
- Strictly require libudev if udev_sync is used.
- Add support for ioctl's DM_UEVENT_GENERATED_FLAG.
- Allow incomplete mirror restore in lvconvert --repair upon insufficient space.
- Do not reset position in metadata ring buffer on vgrename and vgcfgrestore.
- Allow VGs with active LVs to be renamed.
- Only pass visible LVs to tools in cmdline VG name/tag expansions without -a.
- Use C locale and mlockall in clvmd and dmeventd.
- Mask LCK_HOLD in cluster VG locks for upgrade compatibility with older clvmd.
- Add activation/polling_interval to lvm.conf as --interval default.
- Don't ignore error if resuming any LV fails when resuming groups of LVs.
- Skip closing persistent filter cache file if open failed.
- Permit mimage LVs to be striped in lvcreate, lvresize and lvconvert.
- Fix pvmove allocation to take existing parallel stripes into account.
- Fix incorrect removal of symlinks after LV deactivation fails.
- Fix is_partitioned_dev not to attempt to reopen device.
- Fix another thread race in clvmd.
- Improve vg_validate to detect some loops in lists.
- Change most remaining log_error WARNING messages to log_warn.
- Always use blocking lock for VGs and orphan locks.
- Allocate all memory for segments from private VG mempool.
- Optimise searching PV segments for seeking the most recently-added.
- Remove duplicated vg_validate checks when parsing cached metadata.
- Use hash table of LVs to speed up parsing of text metadata with many LVs.
- Fix two vg_validate messages, adding whitespace and parentheses.
- When dmeventd is not forking because of -d flag, don't kill parent process.
- Fix dso resource leak in error path of dmeventd.
- Fix --alloc contiguous policy only to allocate one set of parallel areas.
- Do not allow {vg|lv}change --ignoremonitoring if on clustered VG.
- Add ability to create mirrored logs for mirror LVs.
- Fix clvmd cluster propagation of dmeventd monitoring mode.
- Allow ALLOC_ANYWHERE to split contiguous areas.
- Add some assertions to allocation code.
- Introduce pv_area_used into allocation algorithm and add debug messages.
- Add activation/monitoring to lvm.conf.
- Add --monitor and --ignoremonitoring to lvcreate.
- Don't allow resizing of internal logical volumes.
- Fix libdevmapper-event pkgconfig version string to match libdevmapper.
- Avoid scanning all pvs in the system if operating on a device with mdas.
- Disable long living process flag in lvm2app library.
- Fix pvcreate device md filter check.
- Suppress repeated errors about the same missing PV uuids.
- Bypass full device scans when using internally-cached VG metadata.
- Only do one full device scan during each read of text format metadata.
- Look up missing PVs by uuid not dev_name in pvs to avoid invalid stat.
* Tue Mar 9 2010 Alasdair Kergon <agk at redhat.com> - 2.02.62-1
- Rewrite clvmd init script.
- Add default alternative to mlockall using mlock to reduce pinned memory size.
- Add use_mlockall and mlock_filter to activation section of lvm.conf.
- Handle misaligned devices that report alignment_offset of -1.
- Extend core allocation code in preparation for mirrored log areas.
- No longer fall back to looking up active devices by name if uuid not found.
- Don't touch /dev in vgmknodes if activation is disabled.
- Add --showkeys parameter description to dmsetup man page.
- Add --help option as synonym for help command.
- Add lvm2app functions lvm_{vg|lv}_{get|add|remove}_tag() functions.
- Refactor snapshot-merge deptree and device removal to support info-by-uuid.
* Fri Mar 5 2010 Peter Rajnoha <prajnoha at redhat.com> - 2.02.61-2
- Change spec file to support excluding cluster components from the build.
--------------------------------------------------------------------------------
================================================================================
mapserver-5.6.5-1.fc13 (FEDORA-2010-12266)
Environment for building spatially-enabled internet applications
--------------------------------------------------------------------------------
Update Information:
- Update to 5.6.5, for various fixes described at:
http://trac.osgeo.org/mapserver/browser/tags/rel-5-6-5/mapserver/HISTORY.TXT
Also fixes CVE-2010-2539, CVE-2010-2540, per bz #617301 and #617312.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 26 2010 Devrim GÜNDÜZ <devrim at gunduz.org> - 5.6.5-1
- Update to 5.6.5, for various fixes described at:
http://trac.osgeo.org/mapserver/browser/tags/rel-5-6-5/mapserver/HISTORY.TXT
Also fixes CVE-2010-2539, CVE-2010-2540, per bz #617301 and #617312.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #617312 - CVE-2010-2539 MapServer: Buffer overflow by generating unique temporary filename(s) (Trac#3484)
https://bugzilla.redhat.com/show_bug.cgi?id=617312
[ 2 ] Bug #617301 - CVE-2010-2540 MapServer: Disable insecure mapserv CGI command-line debug args (Trac#3485)
https://bugzilla.redhat.com/show_bug.cgi?id=617301
--------------------------------------------------------------------------------
================================================================================
monit-5.1.1-2.fc13 (FEDORA-2010-12275)
Manages and monitors processes, files, directories and devices
--------------------------------------------------------------------------------
Update Information:
Enabled PAM authentication (bz #621599)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 5 2010 Maxim Burgerhout <wzzrd at fedoraproject.org> - 5.1.1-2
- Enabled PAM authentication (bz #621599)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #621599 - monit does not support pam authentication
https://bugzilla.redhat.com/show_bug.cgi?id=621599
--------------------------------------------------------------------------------
================================================================================
nautilus-sound-converter-1.0.5-3.fc13 (FEDORA-2010-12270)
Nautilus extension to convert audio files
--------------------------------------------------------------------------------
Update Information:
Added patch to fix translations.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 6 2010 Brian Pepple <bpepple at fedoraproject.org> - 1.0.5-3
- Add patch to fix translations. (#616924)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #616924 - upgrading nautilus-sound-converter results in nautilus haveing wron language
https://bugzilla.redhat.com/show_bug.cgi?id=616924
--------------------------------------------------------------------------------
================================================================================
openconnect-2.25-1.fc13 (FEDORA-2010-12257)
Open client for Cisco AnyConnect VPN
--------------------------------------------------------------------------------
Update Information:
This update enables validation of the VPN server's SSL certificate by default,
to defend against a potential man-in-the-middle attack.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Aug 1 2010 David Woodhouse <David.Woodhouse at intel.com> - 2.25-1
- Update to 2.25. (#620219: Check server cert against hostname)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #620219 - OpenConnect: Always validate server certificate, check server hostname against its certificate
https://bugzilla.redhat.com/show_bug.cgi?id=620219
--------------------------------------------------------------------------------
================================================================================
php-pear-CAS-1.1.2-1.fc13 (FEDORA-2010-12258)
Central Authentication Service client library in php
--------------------------------------------------------------------------------
Update Information:
Security fixes * Fix a session hijacking hole CVE-2010-2795 [PHPCAS-61] *
callbackurl in proxy mode should be urlencoded, possible XSS CVE-2010-2796
[PHPCAS-67] Bug fixes * Fix warnings for SAML responses without attributes
[PHPCAS-59] * Fix duplicate SAML debug output [PHPCAS-64] * Providing a new
ST/PT/SA during an authenticated session will be ignored and a warning will be
issued to the debug log. [PHPCAS-61] * fix 2 undefinded variable notices in
serviceWeb() [PHPCAS-68] * Prevent domxml-php4-to-php5 to be inclueded twice
[PHPCAS-48] Improvement * Debuglog now contains phpCAS version information
[PHPCAS-62]
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 3 2010 Remi Collet <Fedora at FamilleCollet.com> - 1.1.2-1
- update to 1.1.2
- fix CVE-2010-2795, CVE-2010-2796, #620753
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #620753 - CVE-2010-2795 CVE-2010-2796 php-pear-CAS various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=620753
[ 2 ] Bug #620759 - CVE-2010-2795 CVE-2010-2796 glpi various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=620759
--------------------------------------------------------------------------------
================================================================================
python-pycha-0.5.3-1.fc13 (FEDORA-2010-12248)
A library for drawing charts with Python and Cairo
--------------------------------------------------------------------------------
Update Information:
- bugfix release; please see upstream's changelog for more information:
http://pypi.python.org/pypi/pycha/0.5.3#id2
--------------------------------------------------------------------------------
ChangeLog:
* Sat Aug 7 2010 Ionuț C. Arțăriși <mapleoin at fedoraproject.org> - 0.5.3-1
- new upstream bugfix release
--------------------------------------------------------------------------------
================================================================================
rekonq-0.5.0-2.fc13 (FEDORA-2010-12271)
KDE browser based on QtWebkit
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2010-2536 New upstream version with following changes: * improved
adblock, automagically updating filter lists (+abp scheme support) * RSS
support * new urlbar (tech preview): it's just nice and more will come.. *
auto-scrolling * downloads history tracked * SSL Info support * Bookmarks &
history panels improvements * bugfixing & users wishes New upstream version
with following changes: * improved adblock, automagically updating filter lists
(+abp scheme support) * RSS support * new urlbar (tech preview): it's just
nice and more will come.. * auto-scrolling * downloads history tracked * SSL
Info support * Bookmarks & history panels improvements * bugfixing & users
wishes
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 3 2010 Thomas Janssen <thomasj at fedoraproject.org> 0.5.0-2
- added patch to fix CVE-2010-2536 (patch by Eelko)
- fixes #620897
* Tue Jul 13 2010 Eelko Berkenpies <fedora at berkenpi.es> 0.5.0-1
- rekonq 0.5.0
* Thu Jun 17 2010 Thomas Janssen <thomasj at fedoraproject.org> 0.4.95-1
- rekonq 0.4.95
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #620897 - CVE-2010-2536 rekonq: universal XSS issue
https://bugzilla.redhat.com/show_bug.cgi?id=620897
--------------------------------------------------------------------------------
================================================================================
roundup-1.4.15-1.fc13 (FEDORA-2010-12261)
Simple and flexible issue-tracking system
--------------------------------------------------------------------------------
Update Information:
update to 1.4.15
--------------------------------------------------------------------------------
ChangeLog:
* Sun Aug 1 2010 John Khvatov <ivaxer at fedoraproject.org> - 1.4.15-1
- updated to 1.4.15
* Thu Jul 22 2010 David Malcolm <dmalcolm at redhat.com> - 1.4.13-3
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #610867 - roundup: XSS by processing PageTemplate template for a named page [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=610867
--------------------------------------------------------------------------------
================================================================================
shorewall-4.4.11.1-1.fc13 (FEDORA-2010-12265)
An iptables front end for firewall configuration
--------------------------------------------------------------------------------
Update Information:
New upstream bugfix version. Release notes:
http://www1.shorewall.net/pub/shorewall/4.4/shorewall-4.4.11/releasenotes.txt
--------------------------------------------------------------------------------
ChangeLog:
* Sat Aug 7 2010 Jonathan G. Underwood <jonathan.underwood at gmail.com> - 4.4.11.1-1
- Update to version 4.4.11.1
* Fri Jul 2 2010 Jonathan G. Underwood <jonathan.underwood at gmail.com> - 4.4.10-4
- Fix spec file typo
--------------------------------------------------------------------------------
================================================================================
texmaker-2.0-1.fc13 (FEDORA-2010-12254)
LaTeX editor
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 6 2010 Deji Akingunola <dakingun at gmail.com> - 2.0-1
- Update to 2.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #606001 - [abrt] crash in texmaker-1:1.9.9-1.fc13: QTextCodec::fromUnicode: Process /usr/bin/texmaker was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=606001
[ 2 ] Bug #608873 - [abrt] crash in texmaker-1:1.9.9-1.fc13: const: Process /usr/bin/texmaker was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=608873
--------------------------------------------------------------------------------
================================================================================
uzbl-0-0.16.20100626gitafc0f873e.fc13 (FEDORA-2010-12260)
Lightweight WebKit browser following the UNIX philosophy
--------------------------------------------------------------------------------
Update Information:
Fix a bug in the default configuration for the mouse bindings that can allow
crafted links to execute arbitrary shell code. Please check your local
configuration and replace "\@SELECTED_URI" with "$8" in any string that is
executed as shell code (usually involves "sh 'commands_here'").
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 6 2010 Ben Boeckel <mathstuf at gmail.com> - 0-0.16.20100626gitafc0f873e
- Add patch for shell escaping bug (BZ#621965)
* Sat Jul 3 2010 Ben Boeckel <mathstuf at gmail.com> - 0-0.15.20100626gitafc0f873e
- Rebuild against webkitgtk
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #621965 - uzbl: malicious code execution via unsanitized @SELECTED_URI [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=621965
--------------------------------------------------------------------------------
More information about the test
mailing list