Fedora 12 updates-testing report

Wed Nov 24 22:46:17 UTC 2010

The following Fedora 12 Security updates need testing:

    https://admin.fedoraproject.org/updates/mailman-2.1.12-10.fc12
    https://admin.fedoraproject.org/updates/wireshark-1.2.13-1.fc12
    https://admin.fedoraproject.org/updates/kdenetwork-4.4.5-4.fc12
    https://admin.fedoraproject.org/updates/openconnect-2.26-1.fc12
    https://admin.fedoraproject.org/updates/clamav-0.96.4-1200.fc12

The following Fedora 12 Critical Path updates have yet to be approved:

    https://admin.fedoraproject.org/updates/openssl-1.0.0b-1.fc12.1,libguestfs-1.2.11-1.fc12.1
    https://admin.fedoraproject.org/updates/mingetty-1.08-6.fc12
    https://admin.fedoraproject.org/updates/pungi-2.0.20.1-1.fc12
    https://admin.fedoraproject.org/updates/NetworkManager-0.8.1-10.git20100831.fc12
    https://admin.fedoraproject.org/updates/findutils-4.4.2-7.fc12
    https://admin.fedoraproject.org/updates/nss-softokn-3.12.4-16.fc12
    https://admin.fedoraproject.org/updates/xorg-x11-drv-ati-6.13.0-0.22.20100316git819b4015.fc12
    https://admin.fedoraproject.org/updates/binutils-2.19.51.0.14-38.fc12
    https://admin.fedoraproject.org/updates/util-linux-ng-2.16.2-4.fc12
    https://admin.fedoraproject.org/updates/xorg-x11-drv-synaptics-1.2.0-3.fc12
    https://admin.fedoraproject.org/updates/findutils-4.4.2-5.fc12

The following builds have been pushed to Fedora 12 updates-testing

    389-admin-1.1.13-1.fc12
    389-ds-base-1.2.7.1-1.fc12
    crda-1.1.1_2010.11.22-1.fc12
    java-1.6.0-openjdk-1.6.0.0-43.1.8.3.fc12
    libguestfs-1.2.11-1.fc12.1
    openjpeg-1.3-10.fc12
    openssl-1.0.0b-1.fc12.1
    wireshark-1.2.13-1.fc12
    yash-2.25-1.fc12

Details about builds:

================================================================================
 389-admin-1.1.13-1.fc12 (FEDORA-2010-18135)
 389 Administration Server (admin)
--------------------------------------------------------------------------------
Update Information:

1.2.7.1 release - git tag 389-ds-base-1.2.7.1

- 1.2.7.1 release - git tag 389-ds-base-1.2.7.1
- Bug 656515 - Allow Name and Optional UID syntax for grouping attributes
- Bug 656392 - Remove calls to ber_err_print()
- Bug 625950 - hash nsslapd-rootpw changes in audit log

Final stable candidate builds for 389-ds-base-1.2.7 adn 389-admin-1.1.12.

Notable changes are that the dirsrv and dirsrv-admin SELinux policy modules have been removed and are now a part of the base OS SELinux policy (selinux-policy package).
Final stable candidate builds for 389-ds-base-1.2.7 adn 389-admin-1.1.12.

Notable changes are that the dirsrv and dirsrv-admin SELinux policy modules have been removed and are now a part of the base OS SELinux policy (selinux-policy package).
--------------------------------------------------------------------------------
ChangeLog:

* Tue Nov 23 2010 Rich Megginson <rmeggins at redhat.com> - 1.1.13-1
- This is the final 1.1.13 release
- git tag 389-admin-1.1.13
- Bug 656441 - Missing library path entry causes LD_PRELOAD error
- setup-ds-admin.pl -u exits with ServerAdminID and as_uid related error
* Fri Nov 12 2010 Nathan Kinder <nkinder at redhat.com> - 1.1.1.12-1
- This is the final 1.1.12 release
- git tag 389-admin-1.1.12
* Tue Oct 26 2010 Rich Megginson <rmeggins at redhat.com> - 1.1.12-0.2.a2
- fix mozldap build breakage
* Tue Sep 28 2010 Rich Megginson <rmeggins at redhat.com> - 1.1.12-0.1.a1
- This is the 1.1.12 alpha 1 release - with openldap support
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #576869 - Tracking bug for 389 Directory Server 1.2.7
        https://bugzilla.redhat.com/show_bug.cgi?id=576869
--------------------------------------------------------------------------------

================================================================================
 389-ds-base-1.2.7.1-1.fc12 (FEDORA-2010-18135)
 389 Directory Server (base)
--------------------------------------------------------------------------------
Update Information:

1.2.7.1 release - git tag 389-ds-base-1.2.7.1

- 1.2.7.1 release - git tag 389-ds-base-1.2.7.1
- Bug 656515 - Allow Name and Optional UID syntax for grouping attributes
- Bug 656392 - Remove calls to ber_err_print()
- Bug 625950 - hash nsslapd-rootpw changes in audit log

Final stable candidate builds for 389-ds-base-1.2.7 adn 389-admin-1.1.12.

Notable changes are that the dirsrv and dirsrv-admin SELinux policy modules have been removed and are now a part of the base OS SELinux policy (selinux-policy package).
Final stable candidate builds for 389-ds-base-1.2.7 adn 389-admin-1.1.12.

Notable changes are that the dirsrv and dirsrv-admin SELinux policy modules have been removed and are now a part of the base OS SELinux policy (selinux-policy package).
--------------------------------------------------------------------------------
ChangeLog:

* Tue Nov 23 2010 Rich Megginson <rmeggins at redhat.com> - 1.2.7.1-1
- 1.2.7.1 release - git tag 389-ds-base-1.2.7.1
- Bug 656515 - Allow Name and Optional UID syntax for grouping attributes
- Bug 656392 - Remove calls to ber_err_print()
- Bug 625950 - hash nsslapd-rootpw changes in audit log
* Tue Nov 16 2010 Nathan Kinder <nkinder at redhat.com> - 1.2.7-2
- 1.2.7 release - git tag 389-ds-base-1.2.7
* Fri Nov 12 2010 Nathan Kinder <nkinder at redhat.com> - 1.2.7-1
- Bug 648949 - Merge dirsrv and dirsrv-admin policy modules into base policy
* Tue Nov  9 2010 Rich Megginson <rmeggins at redhat.com> - 1.2.7-0.8.a5
- 1.2.7.a5 release - git tag 389-ds-base-1.2.7.a5
- Bug 643979 - Strange byte sequence for attribute with no values (nsslapd-ref
erral)
- Bug 635009 - Add one-way AD sync capability
- Bug 572018 - Upgrading from 1.2.5 to 1.2.6.a2 deletes userRoot
- put replication config entries in separate file
- Bug 567282 - server can not abandon searchRequest of "simple paged results"
- Bug 329751 - "nested" filtered roles searches candidates more than needed
- Bug 521088 - DNA should check ACLs before getting a value from the range
* Mon Nov  1 2010 Rich Megginson <rmeggins at redhat.com> - 1.2.7-0.7.a4
- 1.2.7.a4 release - git tag 389-ds-base-1.2.7.a4
- Bug 647932 - multiple memberOf configuration adding memberOf where there is no member
- Bug 491733 - dbtest crashes
- Bug 606545 - core schema should include numSubordinates
- Bug 638773 - permissions too loose on pid and lock files
- Bug 189985 - Improve attribute uniqueness error message
- Bug 619623 - attr-unique-plugin ignores requiredObjectClass on modrdn operations
- Bug 619633 - Make attribute uniqueness obey requiredObjectClass
* Wed Oct 27 2010 Rich Megginson <rmeggins at redhat.com> - 1.2.7-0.6.a3
- fix more git merge problems
* Wed Oct 27 2010 Rich Megginson <rmeggins at redhat.com> - 1.2.7-0.5.a3
- fix git merge problems
* Wed Oct 27 2010 Rich Megginson <rmeggins at redhat.com> - 1.2.7-0.4.a3
- 1.2.7.a3 release - a2 was never released - this is a rebuild to pick up
- Bug 644608 - RHDS 8.1->8.2 upgrade fails to properly migrate ACIs
- Adding the ancestorid fix code to ##upgradednformat.pl.
* Fri Oct 22 2010 Rich Megginson <rmeggins at redhat.com> - 1.2.7-0.3.a3
- 1.2.7.a3 release - a2 was never released
- Bug 644608 - RHDS 8.1->8.2 upgrade fails to properly migrate ACIs
- Bug 629681 - Retro Changelog trimming does not behave as expected
- Bug 645061 - Upgrade: 06inetorgperson.ldif and 05rfc4524.ldif
-              are not upgraded in the server instance schema dir
* Tue Oct 19 2010 Rich Megginson <rmeggins at redhat.com> - 1.2.7-0.2.a2
- 1.2.7.a2 release - a1 was the OpenLDAP testday release
- git tag 389-ds-base-1.2.7.a2
- added openldap support on platforms that use openldap with moznss
- for crypto (F-14 and later)
- many bug fixes
- Account Policy Plugin (keep track of last login, disable old accounts)
* Fri Oct  8 2010 Rich Megginson <rmeggins at redhat.com> - 1.2.7-0.1.a1
- added openldap support
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #576869 - Tracking bug for 389 Directory Server 1.2.7
        https://bugzilla.redhat.com/show_bug.cgi?id=576869
--------------------------------------------------------------------------------

================================================================================
 crda-1.1.1_2010.11.22-1.fc12 (FEDORA-2010-18151)
 Regulatory compliance daemon for 802.11 wireless networking
--------------------------------------------------------------------------------
Update Information:

Update regulatory rules as of 2010-11-22
--------------------------------------------------------------------------------
ChangeLog:

* Tue Nov 23 2010 John W. Linville <linville at redhat.com> 1.1.0_2010.11.22-1
- Update wireless-regdb to version 2010.11.22
* Thu Feb 25 2010 John W. Linville <linville at redhat.com> 1.1.1_2009.11.25-3
- Correct license tag from BSD to ISC
- Comment purpose of regulatory-rules-setregdomain.patch
- Add copyright and license statement to setregdomain
- Add comment for why /lib is hardcoded in files section
- Reformat Dec 21 2009 changelog entry so rpmlint stops complaining
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #656481 - update crda for wireless-regdb-2010.11.22
        https://bugzilla.redhat.com/show_bug.cgi?id=656481
--------------------------------------------------------------------------------

================================================================================
 java-1.6.0-openjdk-1.6.0.0-43.1.8.3.fc12 (FEDORA-2010-18127)
 OpenJDK Runtime Environment
--------------------------------------------------------------------------------
Update Information:

update to icedtea 1.8.3 which brings many improvements
--------------------------------------------------------------------------------
ChangeLog:

* Fri Nov 19 2010 Jiri Vanek <jvanek at redhat.com> -1:1.6.0-43.1.8.3
- updated to iced tea 1.8.3
* Tue Nov  2 2010 Jiri Vanek <jvanek at redhat.com> -1:1.6.0-42.1.8.2
-fixing  rhbz#648499 - BuildRequires: redhat-lsb
--------------------------------------------------------------------------------

================================================================================
 libguestfs-1.2.11-1.fc12.1 (FEDORA-2010-17860)
 Access and modify virtual machine disk images
--------------------------------------------------------------------------------
Update Information:

Don't depend on OpenSSL .*.hmac files.

Added openssl build to this so they are pushed at the same time.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Nov 18 2010 Richard Jones <rjones at redhat.com> - 1:1.2.11-1.fc12.1
- Remove FIPS .*.hmac files from the supermin appliance (RHBZ#654638).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #654638 - openssl updated to 1.0.0b libguestfs depends on exact file names
        https://bugzilla.redhat.com/show_bug.cgi?id=654638
--------------------------------------------------------------------------------

================================================================================
 openjpeg-1.3-10.fc12 (FEDORA-2010-18156)
 JPEG 2000 command line tools
--------------------------------------------------------------------------------
Update Information:

Fixes a couple of crash bugs.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct  1 2010 Tomas Hoger <thoger at fedoraproject.org> - 1.3-10
- Use calloc in opj_image_create0 (SVN r501, rhbz#579548)
- Avoid NULL pointer deref in jp2_decode (SVN r505, rhbz#609385)
* Wed Jul  7 2010 Rex Dieter <rdieter at fedoraproject.org> - 1.3-9
- include test samples, enable tests
- tighten subpkg deps
- explicitly set/use -DBUILD_SHARED_LIBS:BOOL=ON
- move %doc files to -libs
* Wed Feb 17 2010 Adam Goode <adam at spicenitz.org> - 1.3-8
- Fix typo in description
- Fix charset of ChangeLog (rpmlint)
- Fix file permissions (rpmlint)
- Make summary more clear (rpmlint)
* Sun Feb 14 2010 Rex Dieter <rdieter at fedoraproject.org> - 1.3-7
- FTBFS openjpeg-1.3-6.fc12: ImplicitDSOLinking (#564783)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #579548 - [abrt] openjpeg: crash in evince-2.28.2-1.fc12: Process /usr/bin/evince-thumbnailer was killed by signal 11 (SIGSEGV)
        https://bugzilla.redhat.com/show_bug.cgi?id=579548
  [ 2 ] Bug #609385 - openjpeg: possible NULL deref in jp2_decode() on error code path
        https://bugzilla.redhat.com/show_bug.cgi?id=609385
--------------------------------------------------------------------------------

================================================================================
 openssl-1.0.0b-1.fc12.1 (FEDORA-2010-17860)
 A general purpose cryptography library with TLS implementation
--------------------------------------------------------------------------------
Update Information:

Don't depend on OpenSSL .*.hmac files.

Added openssl build to this so they are pushed at the same time.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Nov 23 2010 Tomas Mraz <tmraz at redhat.com> 1.0.0b-1.1
- revert unintentional move of libcrypto to /lib
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #654638 - openssl updated to 1.0.0b libguestfs depends on exact file names
        https://bugzilla.redhat.com/show_bug.cgi?id=654638
--------------------------------------------------------------------------------

================================================================================
 wireshark-1.2.13-1.fc12 (FEDORA-2010-18136)
 Network traffic analyzer
--------------------------------------------------------------------------------
Update Information:

Update to upstream version 1.2.13:

* http://www.wireshark.org/docs/relnotes/wireshark-1.2.12.html
* http://www.wireshark.org/docs/relnotes/wireshark-1.2.13.html

fixing multiple security issues:

* http://www.wireshark.org/security/wnpa-sec-2010-11.html
* http://www.wireshark.org/security/wnpa-sec-2010-13.html

--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov 24 2010 Jan Safranek <jsafrane at redhat.com> - 1.2.13-1
- upgrade to 1.2.13
- see http://www.wireshark.org/docs/relnotes/wireshark-1.2.13.html
- Resolves: #656463
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #656456 - CVE-2010-4300 Wireshark: Heap-based buffer overflow in LDSS dissector
        https://bugzilla.redhat.com/show_bug.cgi?id=656456
  [ 2 ] Bug #639486 - CVE-2010-3445 wireshark: stack overflow in BER dissector
        https://bugzilla.redhat.com/show_bug.cgi?id=639486
--------------------------------------------------------------------------------

================================================================================
 yash-2.25-1.fc12 (FEDORA-2010-18126)
 Yet Another SHell
--------------------------------------------------------------------------------
Update Information:

New version 2.25 is released.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Nov 23 2010 Mamoru Tasaka <mtasaka at ioa.s.u-tokyo.ac.jp> - 2.25-1
- 2.25
--------------------------------------------------------------------------------