Fedora 12 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Wed Dec 1 22:04:28 UTC 2010
The following Fedora 12 Security updates need testing:
https://admin.fedoraproject.org/updates/mailman-2.1.12-10.fc12
https://admin.fedoraproject.org/updates/wireshark-1.2.13-1.fc12
https://admin.fedoraproject.org/updates/phpMyAdmin-3.3.8.1-1.fc12
https://admin.fedoraproject.org/updates/clamav-0.96.4-1200.fc12
https://admin.fedoraproject.org/updates/krb5-1.7.1-16.fc12
https://admin.fedoraproject.org/updates/bareftp-0.3.7-1.fc12
The following Fedora 12 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/glibc-2.11.3-1
https://admin.fedoraproject.org/updates/pungi-2.0.20.1-1.fc12
https://admin.fedoraproject.org/updates/findutils-4.4.2-7.fc12
https://admin.fedoraproject.org/updates/nss-softokn-3.12.4-16.fc12
https://admin.fedoraproject.org/updates/xorg-x11-drv-ati-6.13.0-0.22.20100316git819b4015.fc12
https://admin.fedoraproject.org/updates/util-linux-ng-2.16.2-4.fc12
https://admin.fedoraproject.org/updates/xorg-x11-drv-synaptics-1.2.0-3.fc12
https://admin.fedoraproject.org/updates/findutils-4.4.2-5.fc12
The following builds have been pushed to Fedora 12 updates-testing
krb5-1.7.1-16.fc12
phpwapmail-0.9.4-1.fc12
spyder-2.0.1-1.fc12
xl2tpd-1.2.7-1.fc12
Details about builds:
================================================================================
krb5-1.7.1-16.fc12 (FEDORA-2010-18421)
The Kerberos network authentication system
--------------------------------------------------------------------------------
Update Information:
This update incorporates the upstream patches to correct bugs outlined in MITKRB5-SA-2010-007 (CVE-2010-1323, CVE-2010-1324, and CVE-2010-4020).
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 30 2010 Nalin Dahyabhai <nalin at redhat.com> 1.7.1-16
- add upstream patch to fix various issues from MITKRB5-SA-2010-007
(CVE-2010-1323, #648734, CVE-2010-1324, #648674)
* Thu Sep 23 2010 Nalin Dahyabhai <nalin at redhat.com> 1.7.1-15
- make -libs actually own /usr/kerberos, because it may be the only reason
that directory exists, due to owning /usr/kerberos/share (#636746)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #648734 - CVE-2010-1323 krb5: incorrect acceptance of certain checksums (MITKRB5-SA-2010-007)
https://bugzilla.redhat.com/show_bug.cgi?id=648734
[ 2 ] Bug #648674 - CVE-2010-1324 krb5: multiple checksum handling vulnerabilities (MITKRB5-SA-2010-007)
https://bugzilla.redhat.com/show_bug.cgi?id=648674
[ 3 ] Bug #648735 - CVE-2010-4020 krb5: krb5 may accept authdata checksums with low-entropy derived keys (MITKRB5-SA-2010-007)
https://bugzilla.redhat.com/show_bug.cgi?id=648735
--------------------------------------------------------------------------------
================================================================================
phpwapmail-0.9.4-1.fc12 (FEDORA-2010-18423)
WAP-based e-mail client
--------------------------------------------------------------------------------
Update Information:
Update to 0.9.4 to fix issues with php 5.3 and later
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 1 2010 Dmitry Butskoy <Dmitry at Butskoy.name> - 0.9.4-1
- update to 0.9.4
--------------------------------------------------------------------------------
================================================================================
spyder-2.0.1-1.fc12 (FEDORA-2010-18395)
Scientific Python Development Environment
--------------------------------------------------------------------------------
Update Information:
Update to 2.0.1
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 1 2010 Chen Lei <supercyper at 163.com> - 2.0.1-1
- Update to 2.0.1
--------------------------------------------------------------------------------
================================================================================
xl2tpd-1.2.7-1.fc12 (FEDORA-2010-18417)
Layer 2 Tunnelling Protocol Daemon (RFC 2661)
--------------------------------------------------------------------------------
Update Information:
Updated to latest upstream
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 30 2010 Paul Wouters <paul at xelerance.com> - 1.2.7-1
- Updated to 1.2.7
- Added more DEBUG build options to the make command
- Minor cleanups
* Sat Jan 9 2010 Paul Wouters <paul at xelerance.com> - 1.2.5-2
- Bump for broken tag
* Sat Jan 9 2010 Paul Wouters <paul at xelerance.com> - 1.2.5-1
- Upgraded to 1.2.5. (fixes interop with two Windows machines behind same NAT)
- Fix mix space/tab in spec file
- Added missing keyword Default-Stop
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #547316 - xl2tpd-1.2.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=547316
--------------------------------------------------------------------------------
More information about the test
mailing list