Fedora 14 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Tue Nov 2 22:19:37 UTC 2010
The following Fedora 14 Security updates need testing:
https://admin.fedoraproject.org/updates/mailman-2.1.13-6.fc14
https://admin.fedoraproject.org/updates/moodle-1.9.10-1.fc14
https://admin.fedoraproject.org/updates/cvs-1.11.23-11.fc14
https://admin.fedoraproject.org/updates/monotone-0.48.1-1.fc14
https://admin.fedoraproject.org/updates/apr-util-1.3.10-1.fc14
https://admin.fedoraproject.org/updates/horde-3.3.9-1.fc14
https://admin.fedoraproject.org/updates/tomcat6-6.0.26-14.fc14
https://admin.fedoraproject.org/updates/gnucash-2.3.15-2.fc14
https://admin.fedoraproject.org/updates/exim-4.72-2.fc14
https://admin.fedoraproject.org/updates/xpdf-3.02-16.fc14
https://admin.fedoraproject.org/updates/bristol-0.40.7-7.fc14
https://admin.fedoraproject.org/updates/pam-1.1.1-6.fc14
https://admin.fedoraproject.org/updates/gromacs-4.5.2-1.fc14
https://admin.fedoraproject.org/updates/proftpd-1.3.3c-1.fc14
https://admin.fedoraproject.org/updates/banshee-1.8.0-10.fc14
https://admin.fedoraproject.org/updates/pootle-2.1.2-1.fc14
https://admin.fedoraproject.org/updates/luci-0.22.4-2.0.b9faf868074git.fc14
https://admin.fedoraproject.org/updates/libsmi-0.4.8-5.fc14
https://admin.fedoraproject.org/updates/gnome-xcf-thumbnailer-1.0-4.fc14
The following Fedora 14 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/gawk-3.1.8-3.fc14
https://admin.fedoraproject.org/updates/pam-1.1.1-6.fc14
https://admin.fedoraproject.org/updates/crontabs-1.11-1.20101022git.fc14
https://admin.fedoraproject.org/updates/livecd-tools-0.3.5-1.fc14
https://admin.fedoraproject.org/updates/openldap-2.4.23-2.fc14
https://admin.fedoraproject.org/updates/policycoreutils-2.0.83-33.1.fc14
The following builds have been pushed to Fedora 14 updates-testing
389-ds-base-1.2.7-0.5.a4.fc14
PackageKit-0.6.10-2.fc14
R-hdf5-1.6.9-9.fc14
Thunar-1.0.2-4.fc14
cmake-fedora-0.3.0-1.fc14
crontabs-1.11-1.20101022git.fc14
gawk-3.1.8-3.fc14
gnubiff-2.2.13-4.fc14
gromacs-4.5.2-1.fc14
gvfs-1.6.4-3.fc14
hdf5-1.8.5.patch1-4.fc14
hunspell-no-2.0.10-7.fc14
inadyn-mt-2.18.50-1.fc14
libsmi-0.4.8-5.fc14
libunicap-0.9.12-6.fc14
libvpx-0.9.5-1.fc14
livecd-tools-0.3.5-1.fc14
mbuffer-20100526-3.fc14
memtester-4.2.1-1.fc14
mercurial-1.7-3.fc14
mesa-7.9-2.fc14
mysql-5.1.52-1.fc14
nagios-plugins-check-updates-1.4.9-1.fc14
openoffice.org-3.3.0-13.3.fc14
pam-1.1.1-6.fc14
perl-Config-MVP-Reader-INI-2.101461-1.fc14
perl-DBIx-SearchBuilder-1.58-1.fc14
perl-DateTime-Format-Natural-0.91-1.fc14
perl-Lingua-EN-Inflect-Phrase-0.04-1.fc14
perl-MooseX-InsideOut-0.105-1.fc14
perl-Term-ProgressBar-2.09-9.fc14
pidgin-2.7.5-1.fc14
proftpd-1.3.3c-1.fc14
python-jinja2-2.5.5-2.fc14
python-redis-2.0.0-1.fc14
python-sphinx-1.0.4-3.fc14
rabbitmq-server-2.1.1-1.fc14
rpmlint-1.0-1.fc14
sugar-0.90.3-2.fc14
wifi-radar-2.0.s08-1.fc14
xastir-2.0.0-1.fc14
xlog-2.0.4-1.fc14
xtide-2.12-0.1.dev20101029.fc14
Details about builds:
================================================================================
389-ds-base-1.2.7-0.5.a4.fc14 (FEDORA-2010-17094)
389 Directory Server (base)
--------------------------------------------------------------------------------
Update Information:
1.2.7.a4 release - git tag 389-ds-base-1.2.7.a4
Bug 647932 - multiple memberOf configuration adding memberOf where there is no member
Bug 491733 - dbtest crashes
Bug 606545 - core schema should include numSubordinates
Bug 638773 - permissions too loose on pid and lock files
Bug 189985 - Improve attribute uniqueness error message
Bug 619623 - attr-unique-plugin ignores requiredObjectClass on modrdn operations
Bug 619633 - Make attribute uniqueness obey requiredObjectClass
This is the 389-ds-base 1.2.7 Alpha 3 release. On Fedora 14 and later, this package uses openldap instead of mozldap. This release fixes some serious problems with upgrade and replication, as well as many other bugs.
new release 1.2.6.1 to fix several moderate bugs:
Bug 634561 - Server crushes when using Windows Sync Agreement
Bug 635987 - Incorrect sub scope search result with ACL containing ldap:///self
Bug 612264 - ACI issue with (targetattr='userPassword')
Bug 606920 - anonymous resource limit- nstimelimit - also applied to "cn=directory manager"
Bug 631862 - crash - delete entries not in cache + referint
Put back the selinux dependencies I removed during a merge commit . . .
new release 1.2.6.1 to fix several moderate bugs:
Bug 634561 - Server crushes when using Windows Sync Agreement
Bug 635987 - Incorrect sub scope search result with ACL containing ldap:///self
Bug 612264 - ACI issue with (targetattr='userPassword')
Bug 606920 - anonymous resource limit- nstimelimit - also applied to "cn=directory manager"
Bug 631862 - crash - delete entries not in cache + referint
Put back the selinux dependencies I removed during a merge commit . . .
This is the 389-ds-base 1.2.7 Alpha 3 release. On Fedora 14 and later, this package uses openldap instead of mozldap. This release fixes some serious problems with upgrade and replication, as well as many other bugs.
new release 1.2.6.1 to fix several moderate bugs:
Bug 634561 - Server crushes when using Windows Sync Agreement
Bug 635987 - Incorrect sub scope search result with ACL containing ldap:///self
Bug 612264 - ACI issue with (targetattr='userPassword')
Bug 606920 - anonymous resource limit- nstimelimit - also applied to "cn=directory manager"
Bug 631862 - crash - delete entries not in cache + referint
Put back the selinux dependencies I removed during a merge commit . . .
new release 1.2.6.1 to fix several moderate bugs:
Bug 634561 - Server crushes when using Windows Sync Agreement
Bug 635987 - Incorrect sub scope search result with ACL containing ldap:///self
Bug 612264 - ACI issue with (targetattr='userPassword')
Bug 606920 - anonymous resource limit- nstimelimit - also applied to "cn=directory manager"
Bug 631862 - crash - delete entries not in cache + referint
Put back the selinux dependencies I removed during a merge commit . . .
This is the 389-ds-base 1.2.7 Alpha 3 release. On Fedora 14 and later, this package uses openldap instead of mozldap. This release fixes some serious problems with upgrade and replication, as well as many other bugs.
new release 1.2.6.1 to fix several moderate bugs:
Bug 634561 - Server crushes when using Windows Sync Agreement
Bug 635987 - Incorrect sub scope search result with ACL containing ldap:///self
Bug 612264 - ACI issue with (targetattr='userPassword')
Bug 606920 - anonymous resource limit- nstimelimit - also applied to "cn=directory manager"
Bug 631862 - crash - delete entries not in cache + referint
Put back the selinux dependencies I removed during a merge commit . . .
new release 1.2.6.1 to fix several moderate bugs:
Bug 634561 - Server crushes when using Windows Sync Agreement
Bug 635987 - Incorrect sub scope search result with ACL containing ldap:///self
Bug 612264 - ACI issue with (targetattr='userPassword')
Bug 606920 - anonymous resource limit- nstimelimit - also applied to "cn=directory manager"
Bug 631862 - crash - delete entries not in cache + referint
Put back the selinux dependencies I removed during a merge commit . . .
This is the 389-ds-base 1.2.7 Alpha 3 release. On Fedora 14 and later, this package uses openldap instead of mozldap. This release fixes some serious problems with upgrade and replication, as well as many other bugs.
new release 1.2.6.1 to fix several moderate bugs:
Bug 634561 - Server crushes when using Windows Sync Agreement
Bug 635987 - Incorrect sub scope search result with ACL containing ldap:///self
Bug 612264 - ACI issue with (targetattr='userPassword')
Bug 606920 - anonymous resource limit- nstimelimit - also applied to "cn=directory manager"
Bug 631862 - crash - delete entries not in cache + referint
Put back the selinux dependencies I removed during a merge commit . . .
new release 1.2.6.1 to fix several moderate bugs:
Bug 634561 - Server crushes when using Windows Sync Agreement
Bug 635987 - Incorrect sub scope search result with ACL containing ldap:///self
Bug 612264 - ACI issue with (targetattr='userPassword')
Bug 606920 - anonymous resource limit- nstimelimit - also applied to "cn=directory manager"
Bug 631862 - crash - delete entries not in cache + referint
Put back the selinux dependencies I removed during a merge commit . . .
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 1 2010 Rich Megginson <rmeggins at redhat.com> - 1.2.7-0.5.a4
- 1.2.7.a4 release - git tag 389-ds-base-1.2.7.a4
- Bug 647932 - multiple memberOf configuration adding memberOf where there is
no member
- Bug 491733 - dbtest crashes
- Bug 606545 - core schema should include numSubordinates
- Bug 638773 - permissions too loose on pid and lock files
- Bug 189985 - Improve attribute uniqueness error message
- Bug 619623 - attr-unique-plugin ignores requiredObjectClass on modrdn operat
ions
- Bug 619633 - Make attribute uniqueness obey requiredObjectClass
* Wed Oct 27 2010 Rich Megginson <rmeggins at redhat.com> - 1.2.7-0.4.a3
- 1.2.7.a3 release - a2 was never released - this is a rebuild to pick up
- Bug 644608 - RHDS 8.1->8.2 upgrade fails to properly migrate ACIs
- Adding the ancestorid fix code to ##upgradednformat.pl.
* Fri Oct 22 2010 Rich Megginson <rmeggins at redhat.com> - 1.2.7-0.3.a3
- 1.2.7.a3 release - a2 was never released
- Bug 644608 - RHDS 8.1->8.2 upgrade fails to properly migrate ACIs
- Bug 629681 - Retro Changelog trimming does not behave as expected
- Bug 645061 - Upgrade: 06inetorgperson.ldif and 05rfc4524.ldif
- are not upgraded in the server instance schema dir
* Tue Oct 19 2010 Rich Megginson <rmeggins at redhat.com> - 1.2.7-0.2.a2
- 1.2.7.a2 release - a1 was the OpenLDAP testday release
- git tag 389-ds-base-1.2.7.a2
- added openldap support on platforms that use openldap with moznss
- for crypto (F-14 and later)
- many bug fixes
- Account Policy Plugin (keep track of last login, disable old accounts)
* Fri Oct 8 2010 Rich Megginson <rmeggins at redhat.com> - 1.2.7-0.1.a1
- added openldap support
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #576869 - Tracking bug for 389 Directory Server 1.2.7
https://bugzilla.redhat.com/show_bug.cgi?id=576869
[ 2 ] Bug #634561 - Server crushes when using Windows Sync Agreement
https://bugzilla.redhat.com/show_bug.cgi?id=634561
[ 3 ] Bug #631862 - crash - delete entries not in cache + referint
https://bugzilla.redhat.com/show_bug.cgi?id=631862
--------------------------------------------------------------------------------
================================================================================
PackageKit-0.6.10-2.fc14 (FEDORA-2010-17129)
Package management service
--------------------------------------------------------------------------------
Update Information:
- New upstream release.
- Many small bugfixes and performance increases.
- Remove selinux-policy from InfrastructurePackages
- Allow frontends to specify the cache age manually, to reduce the amount of time users sit waiting for progress bars.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 1 2010 Richard Hughes <rhughes at redhat.com> - 0.6.10-2
- Fix compile when not using Zif
* Mon Nov 1 2010 Richard Hughes <rhughes at redhat.com> - 0.6.10-1
- New upstream release.
- Many small bugfixes and performance increases.
- Remove selinux-policy from InfrastructurePackages
- Allow frontends to specify the cache age manually, to reduce the
amount of time users sit waiting for progress bars.
- Resolves #641311, #641691
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #641311 - bash response incorrect due to PackageKit
https://bugzilla.redhat.com/show_bug.cgi?id=641311
[ 2 ] Bug #641691 - Packagekit background activity annoyingly disrupts commandline yum
https://bugzilla.redhat.com/show_bug.cgi?id=641691
--------------------------------------------------------------------------------
================================================================================
R-hdf5-1.6.9-9.fc14 (FEDORA-2010-16889)
Interface to the NCSA HDF5 library
--------------------------------------------------------------------------------
Update Information:
Build parallel hdf5 packages for mpich2 and openmpi.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 8 2010 Orion Poplawski - 1.6.9-9
- Rebuild for hdf5-1.8.5.patch1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #646043 - Parallel Support for HDF5
https://bugzilla.redhat.com/show_bug.cgi?id=646043
--------------------------------------------------------------------------------
================================================================================
Thunar-1.0.2-4.fc14 (FEDORA-2010-17136)
Thunar File Manager
--------------------------------------------------------------------------------
Update Information:
Fix for missing trash icon.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 1 2010 Kevin Fenzi <kevin at tummy.com> - 1.0.2-4
- Add patch for trash icon. (#647734)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #647734 - Missing trash icon
https://bugzilla.redhat.com/show_bug.cgi?id=647734
--------------------------------------------------------------------------------
================================================================================
cmake-fedora-0.3.0-1.fc14 (FEDORA-2010-17131)
CMake helper modules for fedora developers
--------------------------------------------------------------------------------
Update Information:
- New macro: SETTING_FILE_GET_VARIABLES_PATTERN
- New macro: PACK_SOURCE_FILES
- Fixed: Variable lost in SETTING_FILE_GET_ALL_VARIABLES and
SETTING_FILE_GET_VARABLE.
- Fixed: Variable values won't apply in SETTING_FILE_GET_ALL_VARIABLES
- UseUninstall finds cmake_uninstall.in in additional paths:
/usr/share/cmake/Modules and /usr/share/cmake/Modules
- Minor improvements in CMakeLists.txt and project.spec.in templates.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 2 2010 Ding-Yi Chen <dchen at redhat.com> - 0.3.0-1
- New macro: SETTING_FILE_GET_VARIABLES_PATTERN
- New macro: PACK_SOURCE_FILES
- Fixed: Variable lost in SETTING_FILE_GET_ALL_VARIABLES and
SETTING_FILE_GET_VARABLE.
- Fixed: Variable values won't apply in SETTING_FILE_GET_ALL_VARIABLES
- UseUninstall finds cmake_uninstall.in in additional paths:
/usr/share/cmake/Modules and /usr/share/cmake/Modules
- Minor improvements in CMakeLists.txt and project.spec.in templates.
* Wed Oct 20 2010 Ding-Yi Chen <dchen at redhat.com> - 0.2.4-1
- cmake-fedora-newprj.sh: New option "-e" that extract value from specified
spec or spec.in.
- Now usage is printed instead of junk output when project_name is not given.
- Source code (whatever is packed) and tarball dependency now checked.
--------------------------------------------------------------------------------
================================================================================
crontabs-1.11-1.20101022git.fc14 (FEDORA-2010-17109)
Root crontab files used to schedule the execution of programs
--------------------------------------------------------------------------------
Update Information:
Add --list option on users request.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 22 2010 Marcela Mašláňová <mmaslano at redhat.com> 1.11-1
- use sources from source fedorahosted
* Mon Oct 18 2010 Marcela Mašláňová <mmaslano at redhat.com> 1.10-34
- add --list option into run-parts
--------------------------------------------------------------------------------
================================================================================
gawk-3.1.8-3.fc14 (FEDORA-2010-17150)
The GNU version of the awk text processing utility
--------------------------------------------------------------------------------
Update Information:
- fix #629196: Double free in free_wstr
- fix syntax issues #528623, #528625
- fix license tag, add description
- remove BuildRoot tag
- add byacc to BuildRequires
- follow updated libsigsegv option in configure script
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 2 2010 Vojtech Vitek (V-Teq) <vvitek at redhat.com> - 3.1.8-3
- fix syntax issues #528623, #528625
- add byacc to BuildRequires
- follow updated libsigsegv option in configure script
* Tue Nov 2 2010 Vojtech Vitek (V-Teq) <vvitek at redhat.com> - 3.1.8-2
- fix #629196: Double free in free_wstr
- fix license tag, add description
- remove BuildRoot tag
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #629196 - gawk regression from RHEL3/4
https://bugzilla.redhat.com/show_bug.cgi?id=629196
[ 2 ] Bug #528623 - awk assign syntax support
https://bugzilla.redhat.com/show_bug.cgi?id=528623
[ 3 ] Bug #528625 - awk syntax support
https://bugzilla.redhat.com/show_bug.cgi?id=528625
--------------------------------------------------------------------------------
================================================================================
gnubiff-2.2.13-4.fc14 (FEDORA-2010-17157)
A mail notification program
--------------------------------------------------------------------------------
Update Information:
* Mon Nov 01 2010 Fabian Affolter <fabian at bernewireless.net> - 2.2.13-4
- Rebuilt to fix #631049
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 1 2010 Fabian Affolter <fabian at bernewireless.net> - 2.2.13-4
- Rebuilt to fix #631049
* Sat Jun 19 2010 Fabian Affolter <fabian at bernewireless.net> - 2.2.13-3
- Added condition to build with "with-password" (BZ #589090)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #631049 - FTBFS gnubiff-2.2.13-2.fc14
https://bugzilla.redhat.com/show_bug.cgi?id=631049
--------------------------------------------------------------------------------
================================================================================
gromacs-4.5.2-1.fc14 (FEDORA-2010-17143)
Fast, Free and Flexible Molecular Dynamics
--------------------------------------------------------------------------------
Update Information:
Upgrade to 4.5.2, fixing CVE-2010-4001 and a bunch of other bugs. See full release notes at http://www.gromacs.org/About_Gromacs/Release_Notes/Versions_4.5.x .
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 1 2010 Jussi Lehtola <jussilehtola at fedoraproject.org> - 4.5.2-1
- Update to 4.5.2.
* Wed Oct 27 2010 Jussi Lehtola <jussilehtola at fedoraproject.org> - 4.5.1-2
- Patch around #644950.
- Split libraries in own packages to avoid multilib problems.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #644596 - CVE-2010-4001 gromacs: insecure library loading vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=644596
--------------------------------------------------------------------------------
================================================================================
gvfs-1.6.4-3.fc14 (FEDORA-2010-17116)
Backends for the gio framework in GLib
--------------------------------------------------------------------------------
Update Information:
This release fixes gphoto2 usb addressing issue and also brings truncate support for fuse daemon.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 1 2010 Tomas Bzatek <tbzatek at redhat.com> - 1.6.4-3
- Use correct "usb:" address for GPhoto mounts with gudev (#642836)
- FUSE: Add O_TRUNC support for open()
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #642836 - camera is not automounted by gvfsd
https://bugzilla.redhat.com/show_bug.cgi?id=642836
[ 2 ] Bug #630572 - gvfs-gphoto2 needs a patch to work properly with libgphoto2 >= 2.4.10
https://bugzilla.redhat.com/show_bug.cgi?id=630572
--------------------------------------------------------------------------------
================================================================================
hdf5-1.8.5.patch1-4.fc14 (FEDORA-2010-16889)
A general purpose library and file format for storing scientific data
--------------------------------------------------------------------------------
Update Information:
Build parallel hdf5 packages for mpich2 and openmpi.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 27 2010 Orion Poplawski <orion at cora.nwra.com> 1.8.5.patch1-4
- Really fixup all permissions
* Wed Oct 27 2010 Orion Poplawski <orion at cora.nwra.com> 1.8.5.patch1-3
- Add docs to the mpi packages
- Fixup example source file permissions
* Tue Oct 26 2010 Orion Poplawski <orion at cora.nwra.com> 1.8.5.patch1-2
- Build parallel hdf5 packages for mpich2 and openmpi
- Rework multiarch support and drop multiarch patch
* Tue Sep 7 2010 Orion Poplawski <orion at cora.nwra.com> 1.8.5.patch1-1
- Update to 1.8.5-patch1
* Wed Jun 23 2010 Orion Poplawski <orion at cora.nwra.com> 1.8.5-4
- Re-add rebased tstlite patch - not fixed yet
* Wed Jun 23 2010 Orion Poplawski <orion at cora.nwra.com> 1.8.5-3
- Update longdouble patch for 1.8.5
* Wed Jun 23 2010 Orion Poplawski <orion at cora.nwra.com> 1.8.5-2
- Re-add longdouble patch on ppc64 for EPEL builds
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #646043 - Parallel Support for HDF5
https://bugzilla.redhat.com/show_bug.cgi?id=646043
--------------------------------------------------------------------------------
================================================================================
hunspell-no-2.0.10-7.fc14 (FEDORA-2010-17153)
Norwegian hunspell dictionaries
--------------------------------------------------------------------------------
Update Information:
Bokmaal hunspell dictionaries cause applications to output a lot of warnings on console on spellchecking
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 2 2010 Caolan McNamara <caolanm at redhat.com> - 2.0.10-7
- Resolves: rhbz#648740 thousands of trailing empty rules spew
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #648740 - Spellcheck in oowriter, gedit and abiword gives thousands of "error: line [x]: bad flagvector"
https://bugzilla.redhat.com/show_bug.cgi?id=648740
--------------------------------------------------------------------------------
================================================================================
inadyn-mt-2.18.50-1.fc14 (FEDORA-2010-17123)
Dynamic DNS Client
--------------------------------------------------------------------------------
Update Information:
New upstream release
New upstream bugfix releasey
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 1 2010 Jochen Schmitt <Jochen herr-schmitt de> 2.18.50-1
- New upstream release
* Sun Oct 24 2010 Jochen Schmitt <Jochen herr-schmitt de> 2.18.42-1
- New upstream release
* Sat Jul 24 2010 Jochen Schmitt <Nochen herr-schmitt de> 2.18.36-2
- Fix broken inistscript
- Renaming service file in units subpackage
--------------------------------------------------------------------------------
================================================================================
libsmi-0.4.8-5.fc14 (FEDORA-2010-17104)
A library to access SMI MIB information
--------------------------------------------------------------------------------
Update Information:
Resolve CVE-2010-2891 - LibSMI smiGetNode Buffer Overflow
When Long OID Is Given In Numerical Form
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 1 2010 Tom "spot" Callaway <tcallawa at redhat.com> - 0.4.8-5
- fix CVE-2010-2891
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #647520 - CVE-2010-2891 libsmi: buffer overflow in smiGetNode can lead to arbitrary code execution
https://bugzilla.redhat.com/show_bug.cgi?id=647520
--------------------------------------------------------------------------------
================================================================================
libunicap-0.9.12-6.fc14 (FEDORA-2010-17100)
Library to access different kinds of (video) capture devices
--------------------------------------------------------------------------------
Update Information:
fix a crasher bug introduced by libunicap-0.9.12-memerrs.patch (#647880)
Use ATTRS rather SYSFS for udev where appropriate (#643729)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 2 2010 Kamil Dudka <kdudka at redhat.com> 0.9.12-6
- fix a crasher bug introduced by libunicap-0.9.12-memerrs.patch (#647880)
* Fri Oct 29 2010 Robert Scheck <robert at fedoraproject.org> 0.9.12-5
- Use ATTRS rather SYSFS for udev where appropriate (#643729)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #647880 - double-free in v4l2_cpi_close()
https://bugzilla.redhat.com/show_bug.cgi?id=647880
[ 2 ] Bug #643729 - Please update 50-euvccam.rules (SYSFS deprecated)
https://bugzilla.redhat.com/show_bug.cgi?id=643729
--------------------------------------------------------------------------------
================================================================================
libvpx-0.9.5-1.fc14 (FEDORA-2010-17158)
VP8 Video Codec SDK
--------------------------------------------------------------------------------
Update Information:
Update to 0.9.5. Notable bugfixes since 0.9.1 include:
- Fix two-pass framrate for Y4M input.
- Replace pinsrw (SSE) with MMX instructions
- Fixed rate control bug with long key frame interval.
- Fix DSO link errors on x86-64 when not using a version script
- Fixed buffer selection for UV in AltRef filtering
- Improve handling of invalid frames
- Fix valgrind errors in the NEON loop filters.
- Fix loopfilter delta zero transitions
Full changelogs here:
http://review.webmproject.org/gitweb?p=libvpx.git;a=blob_plain;f=CHANGELOG;hb=686b217ed7fa3d77ac4b7c7754edaecbd2acc1f4
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 1 2010 Tom "spot" Callaway <tcallawa at redhat.com> 0.9.5-1
- update to 0.9.5
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #647990 - [RFE] Update to 0.9.5
https://bugzilla.redhat.com/show_bug.cgi?id=647990
--------------------------------------------------------------------------------
================================================================================
livecd-tools-0.3.5-1.fc14 (FEDORA-2010-17128)
Tools for building live CDs
--------------------------------------------------------------------------------
Update Information:
Start using new NVR
Remove patches included in upstream version
--------------------------------------------------------------------------------
================================================================================
mbuffer-20100526-3.fc14 (FEDORA-2010-17103)
Measuring Buffer is an enhanced version of buffer
--------------------------------------------------------------------------------
Update Information:
* Mon Nov 02 2010 Fabian Affolter <fabian at bernewireless.net> - 20100526-3
- Removed ever piece of md5
* Mon Nov 01 2010 Fabian Affolter <fabian at bernewireless.net> - 20100526-2
- Rebuild with md5hash as requested in #608943
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 2 2010 Fabian Affolter <fabian at bernewireless.net> - 20100526-3
- Removed ever piece of md5
* Mon Nov 1 2010 Fabian Affolter <fabian at bernewireless.net> - 20100526-2
- Rebuild with md5hash as requested in #608943
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #608943 - enable md5hash by default?
https://bugzilla.redhat.com/show_bug.cgi?id=608943
--------------------------------------------------------------------------------
================================================================================
memtester-4.2.1-1.fc14 (FEDORA-2010-17089)
Utility to test for faulty memory subsystem
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream version.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 30 2010 Lucian Langa <cooly at gnome.eu.org> - 4.2.1-1
- new upstream release
--------------------------------------------------------------------------------
================================================================================
mercurial-1.7-3.fc14 (FEDORA-2010-17113)
Mercurial -- a distributed SCM
--------------------------------------------------------------------------------
Update Information:
see: http://http://mercurial.selenic.com/wiki/WhatsNew
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 1 2010 Neal Becker <ndbecker2 at gmail.com> - 1.7-3
- BR python-docutils
* Mon Nov 1 2010 Neal Becker <ndbecker2 at gmail.com> - 1.7-2
- Make that 1.7
* Mon Nov 1 2010 Neal Becker <ndbecker2 at gmail.com> - 1.7.0-1
- Update to 1.7.0
* Thu Oct 21 2010 Neal Becker <ndbecker2 at gmail.com> - 1.6.4-4
- Try another way to own directories
* Wed Oct 20 2010 Neal Becker <ndbecker2 at gmail.com> - 1.6.4-3
- Fixup unowned directories
--------------------------------------------------------------------------------
================================================================================
mesa-7.9-2.fc14 (FEDORA-2010-17107)
Mesa graphics libraries
--------------------------------------------------------------------------------
Update Information:
Disable ARB_fragment_shader on Intel 915/945/G33/Atom chips, as it's incompletely supported.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 1 2010 Adam Jackson <ajax at redhat.com> 7.9-2
- mesa-7.9-i915-no-gen3-arbfs.patch: Disable ARB_fragment_shader on intel
gen3 by default for now (#640375)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #640375 - intel dri : kwin 'blur' effect is glacially slow (with mesa 7.9)
https://bugzilla.redhat.com/show_bug.cgi?id=640375
--------------------------------------------------------------------------------
================================================================================
mysql-5.1.52-1.fc14 (FEDORA-2010-17144)
MySQL client programs and shared libraries
--------------------------------------------------------------------------------
Update Information:
Update to MySQL 5.1.52, for various fixes described at
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 1 2010 Tom Lane <tgl at redhat.com> 5.1.52-1
- Update to MySQL 5.1.52, for various fixes described at
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html
Resolves: #646569
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #646569 - Cascade Delete results in "Got error -1 from storage engine"
https://bugzilla.redhat.com/show_bug.cgi?id=646569
--------------------------------------------------------------------------------
================================================================================
nagios-plugins-check-updates-1.4.9-1.fc14 (FEDORA-2010-17137)
A Nagios plugin to check if Red Hat or Fedora system is up-to-date
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #546445 - Review Request: nagios-plugins-check-updates - A Nagios plugin to check if Red Hat or Fedora system is up-to-date
https://bugzilla.redhat.com/show_bug.cgi?id=546445
--------------------------------------------------------------------------------
================================================================================
openoffice.org-3.3.0-13.3.fc14 (FEDORA-2010-17127)
OpenOffice.org comprehensive office suite
--------------------------------------------------------------------------------
Update Information:
The libebook soname was bumped in F14. OpenOffice.org dlopens this, which is why it wasn't automatically noticed that OpenOffice.org needs to be tweaked to be able to dlopen the new name
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 1 2010 Caolán McNamara <caolanm at redhat.com>- 1:3.3.0-13.3
- Resolves: rhbz#648475 Crash in scanner dialog
* Fri Oct 29 2010 Caolán McNamara <caolanm at redhat.com>- 1:3.3.0-13.2
- Resolves: rhbz#642996 [abrt] CffSubsetterContext::readDictOp (dtardon)
* Fri Oct 29 2010 Caolán McNamara <caolanm at redhat.com>- 1:3.3.0-13.1
- latest milestone
* Thu Oct 21 2010 Caolán McNamara <caolanm at redhat.com>- 1:3.3.0-12.1
- Resolves: rhbz#635918 While inputting Hangul (Korean alphabet) with
ibus, cursor does't move (dtardon)
- Resolves: rhbz#636521 crash in undo in sc
* Mon Oct 18 2010 Caolán McNamara <caolanm at redhat.com>- 1:3.3.0-11.1
- latest milestone
* Wed Oct 13 2010 Caolán McNamara <caolanm at redhat.com>- 1:3.3.0-10.1
- latest milestone
- drop integrated openoffice.org-3.3.0.ooo114703.vcl.betterlocalize.font.patch
* Fri Oct 8 2010 Dan Horák <dan[at]danny.cz>- 1:3.3.0-9.5
- don't build langpacks on s390(x) to workaround the limited diskspace
on the builders
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #635918 - While inputting Hangul (Korean alphabet) with ibus, cursor does't move
https://bugzilla.redhat.com/show_bug.cgi?id=635918
--------------------------------------------------------------------------------
================================================================================
pam-1.1.1-6.fc14 (FEDORA-2010-17155)
An extensible library which provides authentication for applications
--------------------------------------------------------------------------------
Update Information:
This update fixes moderate vulnerabilities in pam_env, pam_namespace, pam_mail, and pam_xauth modules. Default configurations (or configurations generated by authconfig) are not affected by the pam_mail and pam_namespace vulnerabilities.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 2 2010 Tomas Mraz <tmraz at redhat.com> 1.1.1-6
- fix insecure dropping of priviledges in pam_xauth, pam_env,
and pam_mail - CVE-2010-3316 (#637898), CVE-2010-3435 (#641335)
- fix insecure executing of scripts with user supplied environment
variables in pam_namespace - CVE-2010-3853 (#643043)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #637898 - CVE-2010-3316 pam: pam_xauth missing return value checks from setuid() and similar calls
https://bugzilla.redhat.com/show_bug.cgi?id=637898
[ 2 ] Bug #641335 - CVE-2010-3435 pam: pam_env and pam_mail accessing users' file with root privileges
https://bugzilla.redhat.com/show_bug.cgi?id=641335
[ 3 ] Bug #643043 - CVE-2010-3853 pam: pam_namespace executes namespace.init with service's environment
https://bugzilla.redhat.com/show_bug.cgi?id=643043
--------------------------------------------------------------------------------
================================================================================
perl-Config-MVP-Reader-INI-2.101461-1.fc14 (FEDORA-2010-17088)
MVP config reader for .ini files
--------------------------------------------------------------------------------
Update Information:
This update allows spaces in section names.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
perl-DBIx-SearchBuilder-1.58-1.fc14 (FEDORA-2010-17147)
Encapsulate SQL queries and rows in simple perl objects
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 2 2010 Ralf Corsépius <corsepiu at fedoraproject.org> - 1.58-1
- Upstream update.
- Spec cleanup.
--------------------------------------------------------------------------------
================================================================================
perl-DateTime-Format-Natural-0.91-1.fc14 (FEDORA-2010-17135)
Create machine readable date/time with natural parsing logic
--------------------------------------------------------------------------------
Update Information:
This month's update to DateTime::Format::Natural includes:
* New supported formats:
* <time> <month> <monthday>
* <time> AM/PM <month> <monthday>
* <monthday> <month> <time>
* <monthday> <month> <time> AM/PM
* <month> <monthday> <time> AM/PM
* <variant> <weekday> <time> AM/PM
* <time> AM/PM <variant> <weekday>
* Record the grammar keyword for each valid expression parsed
* Describe trace()'s purpose and its inclusion of a grammar keyword
* Fix reference to the Calc class in the documentation of trace()
* Adjust phrasing of parse_datetime_duration()'s documentation
* Correct spelling of the examples description
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 2 2010 Iain Arnell <iarnell at gmail.com> 0.91-1
- update to latest upstream version
--------------------------------------------------------------------------------
================================================================================
perl-Lingua-EN-Inflect-Phrase-0.04-1.fc14 (FEDORA-2010-17102)
Inflect short English Phrases
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #624474 - Review Request: perl-Lingua-EN-Inflect-Phrase - Inflect short English Phrases
https://bugzilla.redhat.com/show_bug.cgi?id=624474
--------------------------------------------------------------------------------
================================================================================
perl-MooseX-InsideOut-0.105-1.fc14 (FEDORA-2010-17101)
Inside-out objects with Moose
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #640344 - Review Request: perl-MooseX-InsideOut - Inside-out objects with Moose
https://bugzilla.redhat.com/show_bug.cgi?id=640344
--------------------------------------------------------------------------------
================================================================================
perl-Term-ProgressBar-2.09-9.fc14 (FEDORA-2010-17114)
Provide a progress meter on a standard terminal
--------------------------------------------------------------------------------
Update Information:
Term::ReadKey is now mandatory requirement, which allow more features.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 2 2010 Marcela Mašláňová <mmaslano at redhat.com> - 2.09-9
- 648598 add requirement on Term::ReadKey, it add width feature
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #648598 - perl-Term-ProgressBar is missing a dependency on perl-TermReadKey
https://bugzilla.redhat.com/show_bug.cgi?id=648598
--------------------------------------------------------------------------------
================================================================================
pidgin-2.7.5-1.fc14 (FEDORA-2010-17152)
A Gtk+ based multiprotocol instant messaging client
--------------------------------------------------------------------------------
Update Information:
New release 2.7.5
Full Upstream ChangeLog:
http://developer.pidgin.im/wiki/ChangeLog
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 1 2010 Stu Tomlinson <stu at nosnilmot.com> 2.7.5-1
- 2.7.5
--------------------------------------------------------------------------------
================================================================================
proftpd-1.3.3c-1.fc14 (FEDORA-2010-17091)
Flexible, stable and highly-configurable FTP server
--------------------------------------------------------------------------------
Update Information:
This is an update to the current upstream maintenance release, which addresses two security issues that can be exploited by malicious users to manipulate certain data and compromise a vulnerable system.
* A logic error in the code for processing user input containing the Telnet IAC (Interpret As Command) escape sequence can be exploited to cause a stack-based buffer overflow by sending specially crafted input to the FTP or FTPS service. Successful exploitation may allow execution of arbitrary code. There isn't currently a CVE number for this issue but the original reporter of the problem has tagged this as ZDI-CAN-925. More details can be found at http://bugs.proftpd.org/show_bug.cgi?id=3521
* An input validation error within the "mod_site_misc" module can be exploited to e.g. create and delete directories, create symlinks, and change the time of files located outside a writable directory. Only configurations using "mod_site_misc", which is not enabled by default, and where the attacker has write access to a directory, are vulnerable to this issue, which has been assigned CVE-2010-3867. More details can be found at http://bugs.proftpd.org/show_bug.cgi?id=3519
This update also fixes an issue with SQLite authentication and adds a new module "mod_geoip", which can be used to look up geographical information on connecting clients and use that to set access controls for the server.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 1 2010 Paul Howarth <paul at city-fan.org> 1.3.3c-1
- Update to 1.3.3c (#647965)
- Fixed Telnet IAC stack overflow vulnerability (ZDI-CAN-925)
- Fixed directory traversal bug in mod_site_misc (CVE-2010-3867)
- Fixed SQLite authentications using "SQLAuthType Backend"
- New DSO module: mod_geoip
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #647965 - proftpd-1.3.3c is available
https://bugzilla.redhat.com/show_bug.cgi?id=647965
--------------------------------------------------------------------------------
================================================================================
python-jinja2-2.5.5-2.fc14 (FEDORA-2010-16861)
General purpose template engine
--------------------------------------------------------------------------------
Update Information:
Update to version 2.5.5. See http://jinja.pocoo.org/changelog/ for the full list of changes.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 1 2010 Michel Salim <salimma at fedoraproject.org> - 2.5.5-2
- Move python3 runtime requirements to python3 subpackage
* Wed Oct 27 2010 Thomas Moschny <thomas.moschny at gmx.de> - 2.5.5-1
- Update to 2.5.5.
* Wed Aug 25 2010 Thomas Moschny <thomas.moschny at gmx.de> - 2.5.2-4
- Revert to previous behavior: fail the build on failed test.
- Rebuild for Python 3.2.
* Wed Aug 25 2010 Dan Horák <dan[at]danny.cz> - 2.5.2-3
- %ifnarch doesn't work on noarch package so don't fail the build on failed tests
* Wed Aug 25 2010 Dan Horák <dan[at]danny.cz> - 2.5.2-2
- disable the testsuite on s390(x)
--------------------------------------------------------------------------------
================================================================================
python-redis-2.0.0-1.fc14 (FEDORA-2010-17120)
A Python client for redis
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #630339 - Review Request: python-redis - A Python client for redis
https://bugzilla.redhat.com/show_bug.cgi?id=630339
--------------------------------------------------------------------------------
================================================================================
python-sphinx-1.0.4-3.fc14 (FEDORA-2010-17146)
Python documentation generator
--------------------------------------------------------------------------------
Update Information:
- Actually include *.js locale files
- Generate manpages
- Fix -doc Makefile to allow regeneration of .rst files
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 1 2010 Michel Salim <salimma at fedoraproject.org> - 1.0.4-3
- Fix -doc Makefile to allow regeneration of .rst files
* Mon Nov 1 2010 Michel Salim <salimma at fedoraproject.org> - 1.0.4-2
- Actually include *.js locale files
- Generate manpages
--------------------------------------------------------------------------------
================================================================================
rabbitmq-server-2.1.1-1.fc14 (FEDORA-2010-17141)
The RabbitMQ server
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 1 2010 Hubert Plociniczak <hubert.plociniczak at gmail.com> 2.1.1-1
- New Upstream Release
--------------------------------------------------------------------------------
================================================================================
rpmlint-1.0-1.fc14 (FEDORA-2010-17115)
Tool for checking common errors in RPM packages
--------------------------------------------------------------------------------
Update Information:
Update to version 1.0.
http://rpmlint.zarb.org/cgi-bin/trac.cgi/log/trunk?stop_rev=1804&rev=1812&verbose=on
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 1 2010 Ville Skyttä <ville.skytta at iki.fi> - 1.0-1
- Update to 1.0; fixes #637956, and #639823.
- Sync Fedora license list with Wiki revision 1.85.
- Whitelist more expectedly setuid executables; fixes #646455.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #637956 - rpmlint's "python-bytecode-without-source" has false failures with Python 3.2 (PEP 3147)
https://bugzilla.redhat.com/show_bug.cgi?id=637956
[ 2 ] Bug #639823 - rpmlint --check documentation is missing
https://bugzilla.redhat.com/show_bug.cgi?id=639823
[ 3 ] Bug #646455 - Can RPMLint notice setuid apps and recommend using file capabilties
https://bugzilla.redhat.com/show_bug.cgi?id=646455
--------------------------------------------------------------------------------
================================================================================
sugar-0.90.3-2.fc14 (FEDORA-2010-17086)
Constructionist learning platform
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 1 2010 Peter Robinson <pbrobinson at gmail.com> - 0.90.3-2
- add gnome-keyring-pam as dep to fix prompt
--------------------------------------------------------------------------------
================================================================================
wifi-radar-2.0.s08-1.fc14 (FEDORA-2010-17111)
A utility for managing WiFi profiles
--------------------------------------------------------------------------------
Update Information:
Update to 2.0.s08 which fix three bugs.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 1 2010 Pablo Martin-Gomez <bouska at fedoraproject.org> -2.0.s08-1
- Update to 2.0.s08
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #493586 - Default configuration files missing/wrong
https://bugzilla.redhat.com/show_bug.cgi?id=493586
--------------------------------------------------------------------------------
================================================================================
xastir-2.0.0-1.fc14 (FEDORA-2010-17097)
Amateur Station Tracking and Reporting system for amateur radio
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream version.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 31 2010 Lucian Langa <cooly at gnome.eu.org> - 1:2.0.0-1
- add patch to fix mapdir handling
- new upstream release
--------------------------------------------------------------------------------
================================================================================
xlog-2.0.4-1.fc14 (FEDORA-2010-17156)
Logging program for Hamradio Operators
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream version.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 30 2010 Lucian Langa <cooly at gnome.eu.org> - 2.0.4-1
- update source and URL
- new upstream release
--------------------------------------------------------------------------------
================================================================================
xtide-2.12-0.1.dev20101029.fc14 (FEDORA-2010-17138)
Calculate tide all over the world
--------------------------------------------------------------------------------
Update Information:
2.12 dev20101029 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 1 2010 Mamoru Tasaka <mtasaka at ioa.s.u-tokyo.ac.jp>- 2.12-0.1.dev20101029
- Update to 2.12 dev 20101029, enabling experimental SVG support
--------------------------------------------------------------------------------
More information about the test
mailing list