Fedora 11 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Fri Mar 12 04:30:52 UTC 2010
The following builds have been pushed to Fedora 11 updates-testing
adaptx-0.9.13-9.fc11
cpio-2.9.90-8.fc11
cronie-1.3-4.fc11
ksh-20100309-1.fc11
lxdm-0.1.1-0.2.20100303gite4f7b39.fc11
mercurial-1.5-2.fc11
piklab-0.15.7-1.fc11
python-suds-0.3.9-1.fc11
shared-desktop-ontologies-0.3-1.fc11
tar-1.22-5.fc11
tor-0.2.1.24-1101.fc11
trac-0.11.7-1.fc11
viewvc-1.1.4-1.fc11
xmlrpc-2.0.1-5.6.fc11
xmlunit-1.0-7.3.fc11
xom-1.0-4.6.fc11
zinnia-0.05-4.fc11
Details about builds:
================================================================================
adaptx-0.9.13-9.fc11 (FEDORA-2010-4291)
AdaptX XSLT processor and XPath engine
--------------------------------------------------------------------------------
Update Information:
Missing requires added
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 11 2010 Peter Lemenkov <lemenkov at gmail.com> - 0.9.13-9
- Added missing requires jpackage-utils
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.9.13-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
cpio-2.9.90-8.fc11 (FEDORA-2010-4302)
A GNU archiving program
--------------------------------------------------------------------------------
Update Information:
- CVE-2010-0624 fix heap-based buffer overflow by expanding a specially-
crafted archive(#572150)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 10 2010 Ondrej Vasik <ovasik at redhat.com> 2.9.90-8
- CVE-2010-0624 fix heap-based buffer overflow by expanding
a specially-crafted archive(#572150)
* Thu Feb 25 2010 Ondrej Vasik <ovasik at redhat.com> 2.9.90-7
- fix segfault with nonexisting file with patternnames
(#567022)
- do process install-info only without --excludedocs(#515924)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #564368 - CVE-2010-0624 tar, cpio: Heap-based buffer overflow by expanding a specially-crafted archive
https://bugzilla.redhat.com/show_bug.cgi?id=564368
--------------------------------------------------------------------------------
================================================================================
cronie-1.3-4.fc11 (FEDORA-2010-4300)
Cron daemon for executing programs at set times
--------------------------------------------------------------------------------
Update Information:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0424
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 9 2010 Marcela Mašláňová <mmaslano at redhat.com> - 1.3-4
- CVE-2010-0424 Race condition by setting timestamp of user's crontab file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #565809 - CVE-2010-0424 vixie-cron, cronie: Race condition by setting timestamp of user's crontab file, when editing the file
https://bugzilla.redhat.com/show_bug.cgi?id=565809
--------------------------------------------------------------------------------
================================================================================
ksh-20100309-1.fc11 (FEDORA-2010-4289)
The Original ATT Korn Shell
--------------------------------------------------------------------------------
Update Information:
- fix mock building - detection of /dev/fd/X - updated to 2010-03-09 - A
varibale unset memory leak has been fixed - Documentation, comment, and
diagnostic spelling typos corrected - fixed bug in which the get discipline
function was not invoked for associative array subscripts for unset array
elements - fixed bug which could occur if the last line of a script was an eval
that executed multiple commands
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 10 2010 Michal Hlavinka <mhlavink at redhat.com> - 20100309-1
- updated to 2010-03-09
- fix mock building - detection of /dev/fd/X
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #572024 - ksh process substitution is broken
https://bugzilla.redhat.com/show_bug.cgi?id=572024
--------------------------------------------------------------------------------
================================================================================
lxdm-0.1.1-0.2.20100303gite4f7b39.fc11 (FEDORA-2010-3534)
Lightweight X11 Display Manager
--------------------------------------------------------------------------------
Update Information:
New version adds support for themes (enable it in /etc/lxdm/lxdm.conf) Together
with the latest selinux-policy package this update also fixes SELinux issues.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 11 2010 Christoph Wickert <cwickert at fedoraproject.org> - 0.1.1-0.2.20100303gite4f7b39
- Make sure lxdm.conf get's updated to avoid login problems
* Wed Mar 3 2010 Christoph Wickert <cwickert at fedoraproject.org> - 0.1.1-0.1.20100303gite4f7b39
- Update to git release e4f7b39 (fixes #564995)
- Fix SELinux problems (#564320)
* Wed Feb 24 2010 Christoph Wickert <cwickert at fedoraproject.org> - 0.1.1-0.1.20100223gitdf819fd
- Update to latest git
- BR iso-codes-devel
- Don't hardcode tty1 in the source, use lxdm.conf instead
* Fri Jan 8 2010 Christoph Wickert <cwickert at fedoraproject.org> - 0.1.0-1
- Update to 0.1.0
- Change license to GPLv2+ and LGPLv2+
- Use tty1 by default
- PAM fixes for SELinux (#552885)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #564320 - can't login via lxdm with selinux enforcing
https://bugzilla.redhat.com/show_bug.cgi?id=564320
--------------------------------------------------------------------------------
================================================================================
mercurial-1.5-2.fc11 (FEDORA-2010-4332)
A fast, lightweight distributed source control management system
--------------------------------------------------------------------------------
Update Information:
see http://mercurial.selenic.com/wiki/WhatsNew
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 6 2010 Neal Becker <ndbecker2 at gmail.com> - 1.5-2
- doc/ja seems to be gone
* Sat Mar 6 2010 Neal Becker <ndbecker2 at gmail.com> - 1.5-1
- Update to 1.5
--------------------------------------------------------------------------------
================================================================================
piklab-0.15.7-1.fc11 (FEDORA-2010-4328)
Development environment for applications based on PIC & dsPIC microcontrollers
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 10 2010 Alain Portal <alain.portal[AT]univ-montp2[DOT]fr> 0.15.7-1
- New upstream version
- Remove patches 2 & 3 that are no more needed
--------------------------------------------------------------------------------
================================================================================
python-suds-0.3.9-1.fc11 (FEDORA-2010-4308)
A python SOAP client
--------------------------------------------------------------------------------
Update Information:
Released new features and bug fixes.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 17 2009 jortel <jortel at redhat.com> - 0.3.9-1
- Bumped python requires to 2.4
- Replaced stream-based caching in the transport package with document-based caching.
- Caches pickled Document objects instead of XML text. 2x Faster!
- No more SAX parsing exceptions on damaged or incomplete cached files.
- Cached WSDL objects. Entire Definitions object including contained Schema object cached via pickle.
- Copy of soap encoding schema packaged with suds.
- Refactor Transports to use ProxyHandler instead of urllib2.Request.set_proxy().
- Added WSSE enhancements <Timestamp/> and <Expires/> support. See: Timestamp token.
- Fixed Tickets: #256, #291, #294, #295, #296
--------------------------------------------------------------------------------
================================================================================
shared-desktop-ontologies-0.3-1.fc11 (FEDORA-2010-4307)
Shared ontologies needed for semantic environments
--------------------------------------------------------------------------------
Update Information:
Fixes a bug/typo or two, plus adds some new classes and properties. See also
http://sourceforge.net/projects/oscaf/files/shared-desktop-ontologies/0.3
/shared-desktop-ontologies-0.3-release-notes/view
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 10 2010 Rex Dieter <rdieter at fedoraproject.org> - 0.3-1
- 0.3
--------------------------------------------------------------------------------
================================================================================
tar-1.22-5.fc11 (FEDORA-2010-4306)
A GNU file archiving program
--------------------------------------------------------------------------------
Update Information:
- CVE-2010-0624 tar, cpio: Heap-based buffer overflow by expanding a
specially-crafted archive (#572149) - realloc within check_exclusion_tags()
caused invalid write (#570591) - not closing file descriptors for excluded
files/dirs with exlude-tag... options could cause descriptor exhaustion
(#570591) - do not fail with POSIX 2008 glibc futimens() (#552320) - fix
segfault with corrupted metadata in code_ns_fraction (#531441) - commented
patches and sources - store xattrs for symlinks (#525992) - by Kamil Dudka -
update tar(1) manpage (#539787) - fix memory leak in xheader (#518079) - store
SELinux context for symlinks (#525992) - provide symlink manpage for gtar - do
process install-info only without --excludedocs(#515923)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 10 2010 Ondrej Vasik <ovasik at redhat.com> 2:1.22-5
- CVE-2010-0624 tar, cpio: Heap-based buffer overflow
by expanding a specially-crafted archive (#572149)
- realloc within check_exclusion_tags() caused invalid write
(#570591)
- not closing file descriptors for excluded files/dirs with
exlude-tag... options could cause descriptor exhaustion
(#570591)
- do not fail with POSIX 2008 glibc futimens() (#552320)
- fix segfault with corrupted metadata in code_ns_fraction
(#531441)
- commented patches and sources
- store xattrs for symlinks (#525992) - by Kamil Dudka
- update tar(1) manpage (#539787)
- fix memory leak in xheader (#518079)
- store SELinux context for symlinks (#525992)
- provide symlink manpage for gtar
- do process install-info only without --excludedocs(#515923)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #564368 - CVE-2010-0624 tar, cpio: Heap-based buffer overflow by expanding a specially-crafted archive
https://bugzilla.redhat.com/show_bug.cgi?id=564368
--------------------------------------------------------------------------------
================================================================================
tor-0.2.1.24-1101.fc11 (FEDORA-2010-4296)
Anonymizing overlay network for TCP (The onion router)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 11 2010 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 0.2.1.24-1101
- removed /var/lib/tor-data dir (Chen Lei)
* Tue Mar 2 2010 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 0.2.1.24-1100
- updated to 0.2.1.24
- require tor-core, not tor in -upstart (thx to Dave Jones)
* Mon Feb 15 2010 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 0.2.1.23-1100
- updated to 0.2.1.23
* Thu Jan 21 2010 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 0.2.1.22-1100
- updated to 0.2.1.22
* Thu Dec 31 2009 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 0.2.1.21-1100
- updated to 0.2.1.21
* Sat Nov 14 2009 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 0.2.1.20-1200
- updated URLs (#532373)
- removed (inactive) update mechanism for GeoIP data; this might
reduce anonimity (#532373)
- use the pidfile at various places in the LSB initscript to operate
on the correct process (#532373)
- set a higher 'nofile' limit in the upstart initscript to allow fast
relays; LSB users will have to add a 'ulimit -n' into /etc/sysconfig/tor
to get a similar effect (#532373)
- let the LSB initscript wait until process exits within a certain
time; this fixes shutdown/restart problems when working as a server
(#532373)
- fixed initng related typo in logrotate script (#532373)
- removed <linux/netfilter_ipv4.h> hack; it is fixed upstream and/or
in the kernel sources
- use %postun, not %post as a -upstart scriptlet and send INT, not
TERM signal to stop/restart daemon
--------------------------------------------------------------------------------
================================================================================
trac-0.11.7-1.fc11 (FEDORA-2010-4287)
Enhanced wiki and issue tracking system
--------------------------------------------------------------------------------
Update Information:
Update to upstream version 0.11.7, fixing one security flaw and multiple bugs.
Refer to upstream changelog for further details: *
http://trac.edgewall.org/wiki/ChangeLog#a0.11.7
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 10 2010 Felix Schwarz <felix.schwarz at oss.schwarz.eu> - 0.11.7-1
- New upstream release (including security fix)
* Sat Mar 6 2010 Felix Schwarz <felix.schwarz at oss.schwarz.eu> - 0.11.6-3
- don't package Windows commit hook
- package now includes trac.test module
* Sun Jan 24 2010 Felix Schwarz <felix.schwarz at oss.schwarz.eu> - 0.11.6-2
- add missing setuptools requirement
--------------------------------------------------------------------------------
================================================================================
viewvc-1.1.4-1.fc11 (FEDORA-2010-4326)
Browser interface for CVS and SVN version control repositories
--------------------------------------------------------------------------------
Update Information:
Update to upstream version 1.1.4, fixing one XSS flaw and several bugs: *
http://viewvc.tigris.org/source/browse/viewvc/trunk/CHANGES?revision=2341 *
security fix: escape user-provided query form input to avoid XSS attack * fix
standalone.py failure (when per-root options aren't used) (issue #445) * fix
annotate failure caused by ignored svn_config_dir (issue #447)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 11 2010 Bojan Smojver <bojan at rexursive.com> - 1.1.4-1
- bump up to 1.1.4
--------------------------------------------------------------------------------
================================================================================
xmlrpc-2.0.1-5.6.fc11 (FEDORA-2010-4314)
Java XML-RPC implementation
--------------------------------------------------------------------------------
Update Information:
Added missing requires.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 11 2010 Peter Lemenkov <lemenkov at gmail.com> - 0:2.0.1-5.6
- Added missing requires jpackage-utils
--------------------------------------------------------------------------------
================================================================================
xmlunit-1.0-7.3.fc11 (FEDORA-2010-4283)
Provides classes to do asserts on xml
--------------------------------------------------------------------------------
Update Information:
Missing requires jpackage-utils
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 11 2010 Peter Lemenkov <lemenkov at gmail.com> - 0:1.0-7.3
- Added missing Requires jpackage-utils
--------------------------------------------------------------------------------
================================================================================
xom-1.0-4.6.fc11 (FEDORA-2010-4323)
XML Pull Parser
--------------------------------------------------------------------------------
Update Information:
Added missing requires.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 11 2010 Peter Lemenkov <lemenkov at gmail.com> - 0:1.0-4.6
- Added missing Requires: jpackage-utils (%{_javadir} and %{_javadocdir})
--------------------------------------------------------------------------------
================================================================================
zinnia-0.05-4.fc11 (FEDORA-2010-4322)
Online handwriting recognition system with machine learning
--------------------------------------------------------------------------------
Update Information:
This is the first build of zinnia
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #562366 - Review request: zinnia - online handwriting recognition system with machine learning
https://bugzilla.redhat.com/show_bug.cgi?id=562366
--------------------------------------------------------------------------------
More information about the test
mailing list