Fedora 12 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Tue Nov 30 22:48:43 UTC 2010


The following Fedora 12 Security updates need testing:

    https://admin.fedoraproject.org/updates/mailman-2.1.12-10.fc12
    https://admin.fedoraproject.org/updates/wireshark-1.2.13-1.fc12
    https://admin.fedoraproject.org/updates/phpMyAdmin-3.3.8.1-1.fc12
    https://admin.fedoraproject.org/updates/clamav-0.96.4-1200.fc12
    https://admin.fedoraproject.org/updates/bareftp-0.3.7-1.fc12


The following Fedora 12 Critical Path updates have yet to be approved:

    https://admin.fedoraproject.org/updates/glibc-2.11.3-1
    https://admin.fedoraproject.org/updates/pungi-2.0.20.1-1.fc12
    https://admin.fedoraproject.org/updates/findutils-4.4.2-7.fc12
    https://admin.fedoraproject.org/updates/nss-softokn-3.12.4-16.fc12
    https://admin.fedoraproject.org/updates/xorg-x11-drv-ati-6.13.0-0.22.20100316git819b4015.fc12
    https://admin.fedoraproject.org/updates/util-linux-ng-2.16.2-4.fc12
    https://admin.fedoraproject.org/updates/xorg-x11-drv-synaptics-1.2.0-3.fc12
    https://admin.fedoraproject.org/updates/findutils-4.4.2-5.fc12


The following builds have been pushed to Fedora 12 updates-testing

    QTeXEngine-0.3-1.fc12
    darktable-0.7-1.fc12
    glibc-2.11.3-1
    phpMyAdmin-3.3.8.1-1.fc12
    tomcat6-6.0.26-4.fc12

Details about builds:


================================================================================
 QTeXEngine-0.3-1.fc12 (FEDORA-2010-18376)
 Library enabling Qt based applications to easily export graphics to TeX
--------------------------------------------------------------------------------
Update Information:

Fixed a bug leading to the creation of empty drawing paths.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Nov 30 2010 Chen Lei <supercyper at 163.com> - 0.3-1
- Update to 0.3
--------------------------------------------------------------------------------


================================================================================
 darktable-0.7-1.fc12 (FEDORA-2010-18364)
 Utility to organize and develop raw images
--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 29 2010 Edouard Bourguignon <madko at linuxed.net> - 0.7-1
- Upgrade to darktable 0.7
--------------------------------------------------------------------------------


================================================================================
 glibc-2.11.3-1 (FEDORA-2010-18359)
 The GNU libc libraries
--------------------------------------------------------------------------------
Update Information:

Update to 2.11.3 release
--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 22 2010 Andreas Schwab <schwab at redhat.com> - 2.11.3-1
- Update to 2.11.3 release
  - Allow aux_cache_file open()ing to fail silently even in the chroot
    mode (BZ#11149)
  - Fix multiple nss_compat initgroups() bugs (BZ#10085)
  - Properly convert f_fsid in statvfs (BZ#11611)
  - Define MAP_HUGETLB and SWAP_FLAG_DISCARD
  - Avoid too much stack use in fnmatch (BZ#11883)
  - Fix comparison in sqrtl for IBM long double 128
  - Fix warnings in __bswap_16 (BZ#12194)
  - Properly quote output of locale (BZ#11904)
  - Fix concurrency problem between dl_open and dl_iterate_phdr
  - Fix perturbing in malloc on free (BZ#12140)
  - Don't expand DST twice in dl_open
  - Fix memory leak for some invalid regular expressions (BZ#12078)
  - Linux getifaddrs might return entries with ->ifa_addr being NULL
    (BZ#12093)
  - Handle large malloc requests (BZ#12005)
  - getdents64 fallback d_type support
  - Fix _FORITY_SOURCE version of longjmp for Linux/x86-64 (BZ#11968)
  - Fix array overflow in floating point parser (BZ#7066)
  - Missing server address again leads to localhost being used (BZ#10851)
  - Document M_PERTURB
  - Fix vDSO synthetic hwcap handling so they are not masked out from
    ld.so.cache matching
  - 32bit memset-sse2.S fails with uneven cache size (BZ#12191)
  - Verify in ttyname that the symlink is valid (BZ#12167)
  - Fix x86-64 strchr propagation of search byte into all bytes of SSE
    register (BZ#12159)
  - Fix alignment of AVX safe area on x86-64 (BZ#12113, #643889)
  - Fix strstr and memmem algorithm (BZ#12092)
  - Fix handling of tail bytes of buffer in SSE2/SSSE3 x86-64 version
    strn{,case}cmp (BZ#12077)
  - Fix use of extend_alloca in NIS
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #643889 - Dynamic linker failed to align TCB for AVX
        https://bugzilla.redhat.com/show_bug.cgi?id=643889
--------------------------------------------------------------------------------


================================================================================
 phpMyAdmin-3.3.8.1-1.fc12 (FEDORA-2010-18348)
 Web based MySQL browser written in php
--------------------------------------------------------------------------------
Update Information:

Changes for 3.3.8.1 (2010-11-29)

- [security] XSS on db search, see PMASA-2010-8
- http://www.phpmyadmin.net/home_page/security/PMASA-2010-8.php
- CVE-2010-4329
--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 29 2010 Robert Scheck <robert at fedoraproject.org> 3.3.8.1-1
- Upstream released 3.3.8.1
--------------------------------------------------------------------------------


================================================================================
 tomcat6-6.0.26-4.fc12 (FEDORA-2010-18336)
 Apache Servlet/JSP Engine, RI for Servlet 2.5/JSP 2.1 API
--------------------------------------------------------------------------------
Update Information:

Fixes directory destruction during uninstall. F14 and F15 builds already have this fixed. tomcat6-6.0.26-13.fc15 & tomcat6-6.0.26-14.fc14. 

tomcat6-6.0.26-4.fc12 and tomcat6-6.0.26-12.fc13 are new builds
--------------------------------------------------------------------------------
ChangeLog:

* Tue Nov 23 2010 David Knox <dknox at redhat.com> 0:6.0.26-4
- resolves: rhbz#640686  Upgrade of tomcat6 wipes out directories
- Removed __rm appdir, confdir, and libdir from post
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #640686 - Upgrade of tomcat6 wipes out directories
        https://bugzilla.redhat.com/show_bug.cgi?id=640686
--------------------------------------------------------------------------------



More information about the test mailing list