Fedora 15 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Fri Aug 19 22:01:15 UTC 2011
The following Fedora 15 Security updates need testing:
https://admin.fedoraproject.org/updates/ecryptfs-utils-90-1.fc15
https://admin.fedoraproject.org/updates/cups-1.4.8-2.fc15
https://admin.fedoraproject.org/updates/php-5.3.7-1.fc15,php-eaccelerator-0.9.6.1-8.fc15,maniadrive-1.2-31.fc15
https://admin.fedoraproject.org/updates/nip2-7.24.2-1.fc15,vips-7.24.7-2.fc15
https://admin.fedoraproject.org/updates/xen-4.1.1-3.fc15
https://admin.fedoraproject.org/updates/apache-commons-daemon-1.0.7-1.fc15
https://admin.fedoraproject.org/updates/mingw32-libpng-1.4.8-1.fc15
https://admin.fedoraproject.org/updates/libvpx-0.9.7.1-1.fc15
https://admin.fedoraproject.org/updates/dhcp-4.2.1-10.P1.fc15
https://admin.fedoraproject.org/updates/thunderbird-6.0-1.fc15
https://admin.fedoraproject.org/updates/foomatic-4.0.8-3.fc15
https://admin.fedoraproject.org/updates/hplip-3.11.7-2.fc15
The following Fedora 15 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/system-config-date-1.9.63-1.fc15
https://admin.fedoraproject.org/updates/yum-3.2.29-9.fc15
https://admin.fedoraproject.org/updates/rpm-4.9.1.1-1.fc15
https://admin.fedoraproject.org/updates/libXi-1.4.3-2.fc15
https://admin.fedoraproject.org/updates/gdb-7.3-43.fc15
https://admin.fedoraproject.org/updates/gdb-7.3-42.fc15
https://admin.fedoraproject.org/updates/curl-7.21.3-10.fc15
https://admin.fedoraproject.org/updates/audit-2.1.3-1.fc15
https://admin.fedoraproject.org/updates/system-config-users-1.2.108-1.fc15
https://admin.fedoraproject.org/updates/libtalloc-2.0.6-1.fc15
https://admin.fedoraproject.org/updates/selinux-policy-3.9.16-38.fc15
https://admin.fedoraproject.org/updates/sendmail-8.14.5-3.fc15
https://admin.fedoraproject.org/updates/nspr-4.8.8-4.fc15
https://admin.fedoraproject.org/updates/nss-softokn-3.12.10-4.fc15
https://admin.fedoraproject.org/updates/mash-0.5.22-1.fc15
https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-14.fc15.1
https://admin.fedoraproject.org/updates/lldpad-0.9.41-3.fc15
https://admin.fedoraproject.org/updates/libfprint-0.4.0-1.fc15,fprintd-0.4.1-1.fc15
The following builds have been pushed to Fedora 15 updates-testing
TurboGears2-2.1.1-1.fc15
bzflag-2.4.0-2.fc15
cppcheck-1.50-1.fc15
cups-1.4.8-2.fc15
edg-gridftp-client-1.2.9.2-2.fc15
foomatic-4.0.8-3.fc15
ghc-case-insensitive-0.2.0.2-1.fc15
gnatcoll-2011-5.fc15
gnome-do-0.8.5-7.fc15
hplip-3.11.7-2.fc15
ibus-1.3.99.20110419-17.fc15
libspnav-0.2.2-2.fc15
maniadrive-1.2-31.fc15
netatalk-2.2.0-2.fc15
octave-3.4.2-2.fc15
octave-audio-1.1.4-3.fc15
octave-control-2.0.2-3.fc15
octave-image-1.0.14-2.fc15
octave-miscellaneous-1.0.11-3.fc15
octave-octcdf-1.1.2-2.fc15
octave-specfun-1.0.9-4.fc15
octave-struct-1.0.9-5.fc15
octave-symbolic-1.0.9-3.fc15
perl-Dist-Zilla-4.200017-1.fc15
perl-Perl-PrereqScanner-1.005-1.fc15
pfstools-1.8.3-2.fc15
php-5.3.7-1.fc15
php-eaccelerator-0.9.6.1-8.fc15
php-oauth-1.0-0.9.svn1262.fc15
plplot-5.9.7-9.fc15.2
pyppd-0.4.9-1.fc15
python-lockfile-0.9.1-1.fc15
python-shove-0.2.5-1.fc15
python-webob-1.0.8-1.fc15
quota-4.00-0.14.pre1.fc15
quvi-0.2.16.1-1.fc15
rawtherapee-3.0.0-1.fc15
ristretto-0.0.93-2.fc15
root-5.28.00f-1.fc15
rubygem-hoe-2.12.0-2.fc15
rubygem-test-unit-2.3.2-1.fc15
rubygem-thin-1.2.11-10.fc15
sawfish-pager-0.90.2-3.fc15
system-config-date-1.9.63-1.fc15
xapian-bindings-1.2.7-1.fc15
xapian-core-1.2.7-1.fc15
Details about builds:
================================================================================
TurboGears2-2.1.1-1.fc15 (FEDORA-2011-11193)
Next generation front-to-back web development megaframework built on Pylons
--------------------------------------------------------------------------------
Update Information:
This update fixes an issue where genshi templates would always use self-closing (XML-like) tags, even in HTML documents. See the upstream release announcement for details about other fixed bugs: http://codersbuffet.blogspot.com/2011/06/announcement-turbogears-211-released.html
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 17 2011 Nils Philippsen <nils at redhat.com>
- Update to 2.1.1 (#663117)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #663117 - genshi 0.6 generates <script> tags that are not parsed correctly by firefox
https://bugzilla.redhat.com/show_bug.cgi?id=663117
--------------------------------------------------------------------------------
================================================================================
bzflag-2.4.0-2.fc15 (FEDORA-2011-11211)
3D multi-player tank battle game
--------------------------------------------------------------------------------
Update Information:
This updates BZFlag to version 2.4, which is not compatible with version 2.0 servers. Most of the public game servers already require this new version.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 17 2011 Jeff Makey <jeff at makey.net> 2.4.0-2
- build require zlib-devel
* Wed Aug 17 2011 Jeff Makey <jeff at makey.net> 2.4.0-1
- version 2.4.0
- build require glew-devel
- remove obsolete --disable-static and --enable-shared configure options
- set plugin directory with --libdir
- use new sample maps source directory
- it is no longer necessary to remove bzfquery man page
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #722813 - bzflag 2.4.0 release July 12, 2011
https://bugzilla.redhat.com/show_bug.cgi?id=722813
--------------------------------------------------------------------------------
================================================================================
cppcheck-1.50-1.fc15 (FEDORA-2011-11207)
A tool for static C/C++ code analysis
--------------------------------------------------------------------------------
Update Information:
Update to version 1.50, full changelog at https://raw.github.com/danmar/cppcheck/master/Changelog .
--------------------------------------------------------------------------------
ChangeLog:
* Sun Aug 14 2011 Jussi Lehtola <jussilehtola at fedoraproject.org> - 1.50-1
- Update to 1.50.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #730540 - cppcheck-1.50 is available
https://bugzilla.redhat.com/show_bug.cgi?id=730540
--------------------------------------------------------------------------------
================================================================================
cups-1.4.8-2.fc15 (FEDORA-2011-11197)
Common Unix Printing System
--------------------------------------------------------------------------------
Update Information:
This update avoids a GIF reader loop (CVE-2011-2896).
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 19 2011 Tim Waugh <twaugh at redhat.com> 1:1.4.8-2
- Avoid GIF reader loop (CVE-2011-2896, STR #3914, bug #727800).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #727800 - CVE-2011-2896 David Koblas' GIF decoder LZW decoder buffer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=727800
--------------------------------------------------------------------------------
================================================================================
edg-gridftp-client-1.2.9.2-2.fc15 (FEDORA-2011-11220)
Command line clients to GridFTP libraries
--------------------------------------------------------------------------------
Update Information:
Command line clients to GridFTP libraries
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #719456 - Review Request: edg-gridftp-client - Command line clients to GridFTP libraries
https://bugzilla.redhat.com/show_bug.cgi?id=719456
--------------------------------------------------------------------------------
================================================================================
foomatic-4.0.8-3.fc15 (FEDORA-2011-11196)
Tools for using the foomatic database of printers and printer drivers
--------------------------------------------------------------------------------
Update Information:
This package fixes CVE-2011-2924 by using mktemp when creating a debug log file in debug mode.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 18 2011 Tim Waugh <twaugh at redhat.com> - 4.0.8-3
- Another fix for CVE-2011-2924 (bug #726426).
* Thu Aug 18 2011 Tim Waugh <twaugh at redhat.com> - 4.0.8-2
- Use mktemp when creating debug log file in foomatic-rip
(CVE-2011-2924, bug #726426).
* Mon Jul 25 2011 Jiri Popelka <jpopelka at redhat.com> - 4.0.8-1
- 4.0.8 (all patches merged upstream)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #726426 - CVE-2011-2923 CVE-2011-2924 foomatic: foomatic-rip (debug mode) insecure temporary file use in renderer command line by processing PostScript data
https://bugzilla.redhat.com/show_bug.cgi?id=726426
--------------------------------------------------------------------------------
================================================================================
ghc-case-insensitive-0.2.0.2-1.fc15 (FEDORA-2011-11191)
Haskell case insensitive string comparison
--------------------------------------------------------------------------------
Update Information:
New Haskell case-sensitive string comparison library
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #717864 - Review Request: ghc-case-insensitive - Haskell case-insensitive string comparison
https://bugzilla.redhat.com/show_bug.cgi?id=717864
--------------------------------------------------------------------------------
================================================================================
gnatcoll-2011-5.fc15 (FEDORA-2011-11180)
Suite of reusable software components and utilities
--------------------------------------------------------------------------------
Update Information:
New package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #731524 - Review Request: gnatcoll - Suite of reusable software components and utilities
https://bugzilla.redhat.com/show_bug.cgi?id=731524
--------------------------------------------------------------------------------
================================================================================
gnome-do-0.8.5-7.fc15 (FEDORA-2011-11208)
Quick launch and search
--------------------------------------------------------------------------------
Update Information:
This update is mainly a rebuild required due to the trailing slash bug present in RPM 4.9.1. It also adds a requirement on the GNOME 2 desktop libraries needed for various important parts of GNOME Do to work.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 18 2011 Theodore Lee <theo148 at gmail.com> - 0.8.5-7
- Explicitly require gnome-desktop
* Thu Aug 18 2011 Theodore Lee <theo148 at gmail.com> - 0.8.5-6
- Rebuild for rpm-4.9.1 bug
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #708881 - gnome-do is missing a dependency for gnome-desktop
https://bugzilla.redhat.com/show_bug.cgi?id=708881
--------------------------------------------------------------------------------
================================================================================
hplip-3.11.7-2.fc15 (FEDORA-2011-11189)
HP Linux Imaging and Printing Project
--------------------------------------------------------------------------------
Update Information:
This update fixes a temporary file vulnerability in the fax support of HPLIP when debugging is enabled.
This update adds support for some new printers and fixes several issues.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 18 2011 Tim Waugh <twaugh at redhat.com> 3.11.7-2
- Create debugging files securely (CVE-2011-2722, bug #725830).
* Mon Jul 25 2011 Jiri Popelka <jpopelka at redhat.com> 3.11.7-1
- 3.11.7
* Tue Jun 28 2011 Tim Waugh <twaugh at redhat.com> 3.11.5-4
- Added Device ID for HP LaserJet Professional P1606dn (bug #708472).
- Update IEEE 1284 Device IDs in hpijs.drv from hpcups.drv.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #725830 - CVE-2011-2722 hplip: insecure temporary file handling
https://bugzilla.redhat.com/show_bug.cgi?id=725830
--------------------------------------------------------------------------------
================================================================================
ibus-1.3.99.20110419-17.fc15 (FEDORA-2011-11214)
Intelligent Input Bus for Linux OS
--------------------------------------------------------------------------------
Update Information:
Coding style is changed for JavaScript.
This update fixes bug 731610 about the IM status between input contexts.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 19 2011 Takao Fujiwara <tfujiwar at redhat.com> - 1.3.99.20110419-17
- Updated ibus-HEAD.patch for upstream.
- Removed ibus-435880-surrounding-text.patch as upstream.
- Added ibus-711632-fedora-fallback-icon.patch
Fixed SEGV with no icon in oxygen-gtk icon theme.
- Added ibus-xx-icon-symbol.patch
Fixed Bug 700472 Use a symbol icon instead of an image icon.
- Added ibus-xx-bridge-hotkey.patch
Triaged Bug 707370 SetEngine timeout
Fixed Bug 731610 Keep IM state when text input focus changes
- Added transitional ibus-gnome3 package.
Fixed Bug 718110 Use a shell icon instead of pygtk2 icon.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #731910 - Turn off input method: r-click or shortcut Ctrl+Space, does not work anymore
https://bugzilla.redhat.com/show_bug.cgi?id=731910
--------------------------------------------------------------------------------
================================================================================
libspnav-0.2.2-2.fc15 (FEDORA-2011-11215)
Open source alternative to 3DConnextion drivers
--------------------------------------------------------------------------------
Update Information:
The spacenav project provides a free, compatible alternative to the proprietary
3Dconnexion device driver and SDK, for their 3D input devices (called "space
navigator", "space pilot", "space traveller", etc).
This package provides the library needed for applications to connect to the
user land daemon.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #731191 - Review Request: libspnav - Open source alternative to 3DConnextion drivers
https://bugzilla.redhat.com/show_bug.cgi?id=731191
--------------------------------------------------------------------------------
================================================================================
maniadrive-1.2-31.fc15 (FEDORA-2011-11194)
3D stunt driving game
--------------------------------------------------------------------------------
Update Information:
Security Enhancements and Fixes in PHP 5.3.7:
* Updated crypt_blowfish to 1.2. (CVE-2011-2483)
* Fixed crash in error_log(). Reported by Mateusz Kocielski
* Fixed buffer overflow on overlog salt in crypt().
* Fixed bug #54939 (File path injection vulnerability in RFC1867 File upload filename). Reported by Krzysztof Kotowicz. (CVE-2011-2202)
* Fixed stack buffer overflow in socket_connect(). (CVE-2011-1938)
* Fixed bug #54238 (use-after-free in substr_replace()). (CVE-2011-1148)
Upstream announce: http://www.php.net/archive/2011.php#id2011-08-18-1
Full Changelog: http://www.php.net/ChangeLog-5.php#5.3.7
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 19 2011 Remi Collet <remi at fedoraproject.org> - 1.2-31
- rebuild against PHP 5.3.7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #715025 - CVE-2011-2483 crypt_blowfish: 8-bit character mishandling allows different password pairs to produce the same hash
https://bugzilla.redhat.com/show_bug.cgi?id=715025
[ 2 ] Bug #713194 - CVE-2011-2202 php: file path injection vulnerability in RFC1867 file upload filename
https://bugzilla.redhat.com/show_bug.cgi?id=713194
[ 3 ] Bug #709067 - CVE-2011-1938 php: stack-based buffer overflow in socket_connect()
https://bugzilla.redhat.com/show_bug.cgi?id=709067
[ 4 ] Bug #688958 - CVE-2011-1148 php: use-after-free vulnerability in substr_replace()
https://bugzilla.redhat.com/show_bug.cgi?id=688958
--------------------------------------------------------------------------------
================================================================================
netatalk-2.2.0-2.fc15 (FEDORA-2011-11210)
Daemon which provides POSIX-compliant *NIX/*BSD systems with the ability to share files and printers with Apple Macintosh
--------------------------------------------------------------------------------
Update Information:
fixed new buildrequires
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 19 2011 Jiri Skala <jskala at redhat.com> - 4:2.2.0-2
- fixes #726928 - BuildRequires: avahi-devel libacl-devel openldap-devel
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #726928 - BuildRequires: avahi-devel libacl-devel openldap-devel
https://bugzilla.redhat.com/show_bug.cgi?id=726928
--------------------------------------------------------------------------------
================================================================================
octave-3.4.2-2.fc15 (FEDORA-2011-10809)
A high-level language for numerical computations
--------------------------------------------------------------------------------
Update Information:
Bugfix upgrade of Octave to 3.4.2.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 11 2011 Orion Poplawski <orion[AT]cora.nwra com> - 6:3.4.2-2
- Drop smp build - seems to be failing
- Add patch to fix tar argument handling
- Add patch to fix xzip
* Sat Aug 6 2011 Jussi Lehtola <jussilehtola at fedoraproject.org> - 6:3.4.2-1
- Update to 3.4.2.
* Fri May 27 2011 Orion Poplawski <orion[AT]cora.nwra com> - 6:3.4.0-8
- Add patch to fix Fl_File_Chooser.H location
- Add BR tex(dvips)
* Thu May 26 2011 Orion Poplawski <orion[AT]cora.nwra com> - 6:3.4.0-7
- Rebuild for fltk 1.3.0
* Tue May 17 2011 Orion Poplawski <orion[AT]cora.nwra com> - 6:3.4.0-6
- Rebuild for hdf5 1.8.7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #728639 - Various plotting bugs in Octave 3.4.0 are solved by upgrade to 3.4.2
https://bugzilla.redhat.com/show_bug.cgi?id=728639
--------------------------------------------------------------------------------
================================================================================
octave-audio-1.1.4-3.fc15 (FEDORA-2011-10809)
Audio for Octave
--------------------------------------------------------------------------------
Update Information:
Bugfix upgrade of Octave to 3.4.2.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Aug 6 2011 Jussi Lehtola <jussilehtola at fedoraproject.org> - 1.1.4-3
- Bump spec due to change of octave api version.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #728639 - Various plotting bugs in Octave 3.4.0 are solved by upgrade to 3.4.2
https://bugzilla.redhat.com/show_bug.cgi?id=728639
--------------------------------------------------------------------------------
================================================================================
octave-control-2.0.2-3.fc15 (FEDORA-2011-10809)
Control systems for Octave
--------------------------------------------------------------------------------
Update Information:
Bugfix upgrade of Octave to 3.4.2.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Aug 6 2011 Jussi Lehtola <jussilehtola at fedoraproject.org> - 2.0.2-3
- Bump spec due to change of octave api version.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #728639 - Various plotting bugs in Octave 3.4.0 are solved by upgrade to 3.4.2
https://bugzilla.redhat.com/show_bug.cgi?id=728639
--------------------------------------------------------------------------------
================================================================================
octave-image-1.0.14-2.fc15 (FEDORA-2011-10809)
Image processing for Octave
--------------------------------------------------------------------------------
Update Information:
Bugfix upgrade of Octave to 3.4.2.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 8 2011 Orion Poplawski <orion at cora.nwra.com> 1.0.14-2
- Rebuild for octave 3.4.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #728639 - Various plotting bugs in Octave 3.4.0 are solved by upgrade to 3.4.2
https://bugzilla.redhat.com/show_bug.cgi?id=728639
--------------------------------------------------------------------------------
================================================================================
octave-miscellaneous-1.0.11-3.fc15 (FEDORA-2011-10809)
Miscellaneous functions for Octave
--------------------------------------------------------------------------------
Update Information:
Bugfix upgrade of Octave to 3.4.2.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Aug 6 2011 Jussi Lehtola <jussilehtola at fedoraproject.org> - 1.0.11-3
- Bump spec due to change of octave api version.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #728639 - Various plotting bugs in Octave 3.4.0 are solved by upgrade to 3.4.2
https://bugzilla.redhat.com/show_bug.cgi?id=728639
--------------------------------------------------------------------------------
================================================================================
octave-octcdf-1.1.2-2.fc15 (FEDORA-2011-10809)
A NetCDF interface for octave
--------------------------------------------------------------------------------
Update Information:
Bugfix upgrade of Octave to 3.4.2.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #728639 - Various plotting bugs in Octave 3.4.0 are solved by upgrade to 3.4.2
https://bugzilla.redhat.com/show_bug.cgi?id=728639
--------------------------------------------------------------------------------
================================================================================
octave-specfun-1.0.9-4.fc15 (FEDORA-2011-10809)
Special functions for Octave, including ellipitic functions
--------------------------------------------------------------------------------
Update Information:
Bugfix upgrade of Octave to 3.4.2.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 16 2011 Jussi Lehtola <jussilehtola at fedoraproject.org> - 1.0.9-4
- Bump spec since buildroot override was not in place.
* Mon Aug 15 2011 Jussi Lehtola <jussilehtola at fedoraproject.org> - 1.0.9-3
- Comply to Octave Packaging Guidelines by requiring exact version of
octave(api).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #728639 - Various plotting bugs in Octave 3.4.0 are solved by upgrade to 3.4.2
https://bugzilla.redhat.com/show_bug.cgi?id=728639
--------------------------------------------------------------------------------
================================================================================
octave-struct-1.0.9-5.fc15 (FEDORA-2011-10809)
Structure handling for Octave
--------------------------------------------------------------------------------
Update Information:
Bugfix upgrade of Octave to 3.4.2.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 16 2011 Jussi Lehtola <jussilehtola at fedoraproject.org> - 1.0.9-5
- Bump spec since buildroot override was not in place.
* Mon Aug 15 2011 Jussi Lehtola <jussilehtola at fedoraproject.org> - 1.0.9-4
- Comply to Octave Packaging Guidelines by requiring exact version of
octave(api).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #728639 - Various plotting bugs in Octave 3.4.0 are solved by upgrade to 3.4.2
https://bugzilla.redhat.com/show_bug.cgi?id=728639
--------------------------------------------------------------------------------
================================================================================
octave-symbolic-1.0.9-3.fc15 (FEDORA-2011-10809)
Symbolic computations for Octave
--------------------------------------------------------------------------------
Update Information:
Bugfix upgrade of Octave to 3.4.2.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Aug 6 2011 Jussi Lehtola <jussilehtola at fedoraproject.org> - 1.0.9-3
- Bump spec due to change of octave api version.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #728639 - Various plotting bugs in Octave 3.4.0 are solved by upgrade to 3.4.2
https://bugzilla.redhat.com/show_bug.cgi?id=728639
--------------------------------------------------------------------------------
================================================================================
perl-Dist-Zilla-4.200017-1.fc15 (FEDORA-2011-11223)
Distribution builder; installer not included!
--------------------------------------------------------------------------------
Update Information:
This update includes:
* require and adapt to the new Perl::PrereqScanner, which does not prune out prereqs just because they're core and common
* add options to exclude files from GatherDir
* don't build the dist in a directory with -TRIAL in the name; this should fix bugs in `dzil release --trial` and probably other related bugs
* add documentation for TemplateModule
* `dzil listdeps --missing` no longer dies if it encounters an invalid $VERSION
* PkgVersion and PkgDist no longer use BEGIN blocks
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 18 2011 Iain Arnell <iarnell at gmail.com> 4.200017-1
- update to latest upstream version
--------------------------------------------------------------------------------
================================================================================
perl-Perl-PrereqScanner-1.005-1.fc15 (FEDORA-2011-11223)
Tool to scan your Perl code for its prerequisites
--------------------------------------------------------------------------------
Update Information:
This update includes:
* require and adapt to the new Perl::PrereqScanner, which does not prune out prereqs just because they're core and common
* add options to exclude files from GatherDir
* don't build the dist in a directory with -TRIAL in the name; this should fix bugs in `dzil release --trial` and probably other related bugs
* add documentation for TemplateModule
* `dzil listdeps --missing` no longer dies if it encounters an invalid $VERSION
* PkgVersion and PkgDist no longer use BEGIN blocks
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 18 2011 Iain Arnell <iarnell at gmail.com> 1.005-1
- update to latest upstream version
* Tue Jul 19 2011 Petr Sabata <contyk at redhat.com> - 1.004-2
- Perl mass rebuild
* Sun Jun 5 2011 Iain Arnell <iarnell at gmail.com> 1.004-1
- update to latest upstream version
--------------------------------------------------------------------------------
================================================================================
pfstools-1.8.3-2.fc15 (FEDORA-2011-10809)
Programs for handling high-dynamic range images
--------------------------------------------------------------------------------
Update Information:
Bugfix upgrade of Octave to 3.4.2.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 18 2011 Jussi Lehtola <jussilehtola at fedoraproject.org> - 1.8.3-2
- Add dependecy on octave(api) in -octave.
- Rebuild for octave 3.4.2.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #728639 - Various plotting bugs in Octave 3.4.0 are solved by upgrade to 3.4.2
https://bugzilla.redhat.com/show_bug.cgi?id=728639
--------------------------------------------------------------------------------
================================================================================
php-5.3.7-1.fc15 (FEDORA-2011-11194)
PHP scripting language for creating dynamic web sites
--------------------------------------------------------------------------------
Update Information:
Security Enhancements and Fixes in PHP 5.3.7:
* Updated crypt_blowfish to 1.2. (CVE-2011-2483)
* Fixed crash in error_log(). Reported by Mateusz Kocielski
* Fixed buffer overflow on overlog salt in crypt().
* Fixed bug #54939 (File path injection vulnerability in RFC1867 File upload filename). Reported by Krzysztof Kotowicz. (CVE-2011-2202)
* Fixed stack buffer overflow in socket_connect(). (CVE-2011-1938)
* Fixed bug #54238 (use-after-free in substr_replace()). (CVE-2011-1148)
Upstream announce: http://www.php.net/archive/2011.php#id2011-08-18-1
Full Changelog: http://www.php.net/ChangeLog-5.php#5.3.7
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 18 2011 Remi Collet <remi at fedoraproject.org> 5.3.7-1
- update to 5.3.7
http://www.php.net/ChangeLog-5.php#5.3.7
- enable mhash extension (emulated by hash extension)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #715025 - CVE-2011-2483 crypt_blowfish: 8-bit character mishandling allows different password pairs to produce the same hash
https://bugzilla.redhat.com/show_bug.cgi?id=715025
[ 2 ] Bug #713194 - CVE-2011-2202 php: file path injection vulnerability in RFC1867 file upload filename
https://bugzilla.redhat.com/show_bug.cgi?id=713194
[ 3 ] Bug #709067 - CVE-2011-1938 php: stack-based buffer overflow in socket_connect()
https://bugzilla.redhat.com/show_bug.cgi?id=709067
[ 4 ] Bug #688958 - CVE-2011-1148 php: use-after-free vulnerability in substr_replace()
https://bugzilla.redhat.com/show_bug.cgi?id=688958
--------------------------------------------------------------------------------
================================================================================
php-eaccelerator-0.9.6.1-8.fc15 (FEDORA-2011-11194)
PHP accelerator, optimizer, encoder and dynamic content cacher
--------------------------------------------------------------------------------
Update Information:
Security Enhancements and Fixes in PHP 5.3.7:
* Updated crypt_blowfish to 1.2. (CVE-2011-2483)
* Fixed crash in error_log(). Reported by Mateusz Kocielski
* Fixed buffer overflow on overlog salt in crypt().
* Fixed bug #54939 (File path injection vulnerability in RFC1867 File upload filename). Reported by Krzysztof Kotowicz. (CVE-2011-2202)
* Fixed stack buffer overflow in socket_connect(). (CVE-2011-1938)
* Fixed bug #54238 (use-after-free in substr_replace()). (CVE-2011-1148)
Upstream announce: http://www.php.net/archive/2011.php#id2011-08-18-1
Full Changelog: http://www.php.net/ChangeLog-5.php#5.3.7
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 18 2011 Remi Collet <remi at fedoraproject.org> - 1:0.9.6.1-8
- rebuild against PHP 5.3.7
- add filter (to avoid private-shared-object-provides)
* Wed Jul 13 2011 Matthias Saou <http://freshrpms.net/> 1:0.9.6.1-7
- Add missing tmpwatch requirement (#711236).
- Stop using macros for simple commands, following recent guidelines changes.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #715025 - CVE-2011-2483 crypt_blowfish: 8-bit character mishandling allows different password pairs to produce the same hash
https://bugzilla.redhat.com/show_bug.cgi?id=715025
[ 2 ] Bug #713194 - CVE-2011-2202 php: file path injection vulnerability in RFC1867 file upload filename
https://bugzilla.redhat.com/show_bug.cgi?id=713194
[ 3 ] Bug #709067 - CVE-2011-1938 php: stack-based buffer overflow in socket_connect()
https://bugzilla.redhat.com/show_bug.cgi?id=709067
[ 4 ] Bug #688958 - CVE-2011-1148 php: use-after-free vulnerability in substr_replace()
https://bugzilla.redhat.com/show_bug.cgi?id=688958
--------------------------------------------------------------------------------
================================================================================
php-oauth-1.0-0.9.svn1262.fc15 (FEDORA-2011-11216)
PHP Authentication library for desktop to web applications
--------------------------------------------------------------------------------
Update Information:
Update to SVN 1262.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 19 2011 F. Kooman <fkooman at tuxed.net> - 1.0-0.9.svn1262
- update to svn1262
- move test server class to examples
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #706113 - update php-oauth to newer upstream version
https://bugzilla.redhat.com/show_bug.cgi?id=706113
--------------------------------------------------------------------------------
================================================================================
plplot-5.9.7-9.fc15.2 (FEDORA-2011-10809)
Library of functions for making scientific plots
--------------------------------------------------------------------------------
Update Information:
Bugfix upgrade of Octave to 3.4.2.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 17 2011 Orion Poplawski <orion at cora.nwra.com> - 5.9.7-9.2
- Really rebuild for octave 3.4.2
* Wed Aug 17 2011 Orion Poplawski <orion at cora.nwra.com> - 5.9.7-9.1
- Rebuild for octave 3.4.2
- Disable epsqt, pdfqt, and svgqt tests again. Cannot reproduce failure outside
of mock.
* Tue Apr 5 2011 Orion Poplawski <orion at cora.nwra.com> - 5.9.7-9
- Add patch to use octave-config to handle moved octave directories
* Mon Feb 21 2011 Orion Poplawski <orion at cora.nwra.com> - 5.9.7-8
- Re-enable epsqt, pdfqt, and svgqt tests.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #728639 - Various plotting bugs in Octave 3.4.0 are solved by upgrade to 3.4.2
https://bugzilla.redhat.com/show_bug.cgi?id=728639
--------------------------------------------------------------------------------
================================================================================
pyppd-0.4.9-1.fc15 (FEDORA-2011-11174)
PPD file compressor and generator for CUPS
--------------------------------------------------------------------------------
Update Information:
This program holds a compressed archive of PostScript Printer Description files. It can generate the PPD files on the fly for CUPS.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #731683 - Review Request: pyppd - PPD file compressor and generator for CUPS
https://bugzilla.redhat.com/show_bug.cgi?id=731683
--------------------------------------------------------------------------------
================================================================================
python-lockfile-0.9.1-1.fc15 (FEDORA-2011-11184)
A platform-independent file locking module
--------------------------------------------------------------------------------
Update Information:
Needed for python-daemon 0.6+
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jul 24 2011 Silas Sewell <silas at sewell.org> - 1:0.9.1-1
- Update to 0.9.1
--------------------------------------------------------------------------------
================================================================================
python-shove-0.2.5-1.fc15 (FEDORA-2011-11175)
Common object storage frontend
--------------------------------------------------------------------------------
Update Information:
Latest upstream bugfix release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 16 2011 Luke Macken <lmacken at redhat.com> - 0.2.5-1
- Update to 0.2.5 (#681829)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #681829 - python-shove-0.2.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=681829
--------------------------------------------------------------------------------
================================================================================
python-webob-1.0.8-1.fc15 (FEDORA-2011-11193)
WSGI request and response object
--------------------------------------------------------------------------------
Update Information:
This update fixes an issue where genshi templates would always use self-closing (XML-like) tags, even in HTML documents. See the upstream release announcement for details about other fixed bugs: http://codersbuffet.blogspot.com/2011/06/announcement-turbogears-211-released.html
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 17 2011 Nils Philippsen <nils at redhat.com> - 1.0.8-1
- Update to 1.0.8 for TurboGears 2.1.1 which needs 1.0.7 (#663117)
* Mon Mar 21 2011 Luke Macken <lmacken at redhat.com> - 1.0.5-1
- Update to 1.0.5, which restores Python 2.4 support
* Thu Feb 24 2011 Luke Macken <lmacken at redhat.com> - 1.0.3-1
- Update to 1.0.3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #663117 - genshi 0.6 generates <script> tags that are not parsed correctly by firefox
https://bugzilla.redhat.com/show_bug.cgi?id=663117
--------------------------------------------------------------------------------
================================================================================
quota-4.00-0.14.pre1.fc15 (FEDORA-2011-11218)
System administration tools for monitoring users' disk usage
--------------------------------------------------------------------------------
Update Information:
Suppress errors about missing TTY in syslog
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 18 2011 Petr Pisar <ppisar at redhat.com> - 1:4.00-0.14.pre1
- Do not report missing utmp record to syslog (bug #731622)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #731622 - quota_nld: Failed to find tty of user 0 to report warning to.
https://bugzilla.redhat.com/show_bug.cgi?id=731622
--------------------------------------------------------------------------------
================================================================================
quvi-0.2.16.1-1.fc15 (FEDORA-2011-11181)
Command line tool for parsing video download links
--------------------------------------------------------------------------------
Update Information:
Fix 728646
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 15 2011 Nicoleau Fabien <nicoleau.fabien at gmail.com> 0.2.16.1-1
- Fix #728646
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #728646 - Can't download video.
https://bugzilla.redhat.com/show_bug.cgi?id=728646
--------------------------------------------------------------------------------
================================================================================
rawtherapee-3.0.0-1.fc15 (FEDORA-2011-11176)
Raw image processing software
--------------------------------------------------------------------------------
Update Information:
- Stable release 3.0.0
- The executable is now called rawtherapee instead of rt
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 18 2011 Thibault North <tnorth at fedoraproject.org> - 3.0.0-1
- Upgrade to stable release 3.0.0
--------------------------------------------------------------------------------
================================================================================
ristretto-0.0.93-2.fc15 (FEDORA-2011-11219)
Image-viewer for the Xfce desktop environment
--------------------------------------------------------------------------------
Update Information:
This update fixes two major memory leaks in ristretto.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 16 2011 Christoph Wickert <cwickert at fedoraproject.org> - 0.0.93-2
- Fix two major memory leaks (bugzilla.xfce.org #7882)
--------------------------------------------------------------------------------
================================================================================
root-5.28.00f-1.fc15 (FEDORA-2011-11188)
Numerical data analysis framework
--------------------------------------------------------------------------------
Update Information:
Update of root to version 5.28.00f. For a list of new features and fixed bugs see: http://root.cern.ch/drupal/content/root-version-v5-28-00-patch-release-notes
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 17 2011 Mattias Ellert <mattias.ellert at fysast.uu.se> - 5.28.00f-1
- Update to 5.28.00f
--------------------------------------------------------------------------------
================================================================================
rubygem-hoe-2.12.0-2.fc15 (FEDORA-2011-11212)
Hoe is a simple rake/rubygems helper for project Rakefiles
--------------------------------------------------------------------------------
Update Information:
New version 2.12.0 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 18 2011 Mamoru Tasaka <mtasaka at fedoraproject.org> - 2.12.0-2
- Fix glob order issue under test/
* Thu Aug 18 2011 Mamoru Tasaka <mtasaka at fedoraproject.org> - 2.12.0-1
- 2.12.0
--------------------------------------------------------------------------------
================================================================================
rubygem-test-unit-2.3.2-1.fc15 (FEDORA-2011-11185)
Improved version of Test::Unit bundled in Ruby 1.8.x
--------------------------------------------------------------------------------
Update Information:
New version 2.3.2 is released.
New version 2.3.1 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 18 2011 Mamoru Tasaka <mtasaka at fedoraproject.org> - 2.3.2-1
- 2.3.2
* Sun Aug 14 2011 Mamoru Tasaka <mtasaka at fedoraproject.org> - 2.3.1-1
- 2.3.1
--------------------------------------------------------------------------------
================================================================================
rubygem-thin-1.2.11-10.fc15 (FEDORA-2011-11186)
A thin and fast web server
--------------------------------------------------------------------------------
Update Information:
Update F-15 to conform to the rawhide package. Fix a bug where thin would fail to launch becuase of a missing file.
Version bump
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 18 2011 Chris Lalancette <clalance at redhat.com> - 1.2.11-10
- Move stats.html.erb to the main package (it is a runtime requirement)
* Thu Aug 18 2011 Chris Lalancette <clalance at redhat.com> - 1.2.11-9
- Make F-15 use the same parse path patch as rawhide
* Thu Jul 14 2011 Michal Fojtik <mfojtik at redhat.com> - 1.2.11-8
- Updated to patch for version 1.2.11
* Thu Jul 14 2011 Michal Fojtik <mfojtik at redhat.com> - 1.2.11-7
- Fixed typo in prep section
* Thu Jul 14 2011 Michal Fojtik <mfojtik at redhat.com> - 1.2.11-6
- Copied native extension loading patch from EL6 (thanks to David Lutterkort)
* Thu Jul 14 2011 Michal Fojtik <mfojtik at redhat.com> - 1.2.11-5
- Fixed patch format
* Thu Jul 14 2011 Michal Fojtik <mfojtik at redhat.com> - 1.2.11-4
- Removed deprecated Prereq
* Thu Jul 14 2011 Michal Fojtik <mfojtik at redhat.com> - 1.2.11-3
- Added ldconfig to refresh cache after update
* Thu Jul 14 2011 Michal Fojtik <mfojtik at redhat.com> - 1.2.11-2
- Added patch to fix loading of thin_parser.so
* Thu Jul 14 2011 Michal Fojtik <mfojtik at redhat.com> - 1.2.11-1
- Version bump
* Tue Mar 1 2011 Michal Fojtik <mfojtik at redhat.com> - 1.2.8-3
- Removed Rake dependency completely
* Tue Mar 1 2011 Michal Fojtik <mfojtik at redhat.com> - 1.2.8-2
- Fixed RSpec tests
* Tue Mar 1 2011 Michal Fojtik <mfojtik at redhat.com> - 1.2.8-1
- Updated to upstream version
--------------------------------------------------------------------------------
================================================================================
sawfish-pager-0.90.2-3.fc15 (FEDORA-2011-11201)
Pager for Sawfish window manager
--------------------------------------------------------------------------------
Update Information:
Sawfish specific configurable pager map of your desktop with a viewport support. It can be configured to follow where you are, or optionally show all workspaces at once.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #697049 - Review Request: sawfish-pager - A pager for the Sawfish window manager
https://bugzilla.redhat.com/show_bug.cgi?id=697049
--------------------------------------------------------------------------------
================================================================================
system-config-date-1.9.63-1.fc15 (FEDORA-2011-11200)
A graphical interface for modifying system date and time
--------------------------------------------------------------------------------
Update Information:
This update properly ties dialog to toplevel windows and doesn't conflict with generically named desktop configuration tools.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 19 2011 Nils Philippsen <nils at redhat.com> - 1.9.63-1
- don't bail out if ntpdate can't be run (#731667)
- cope with systemd or SysVinit, alternatively
* Tue Aug 16 2011 Nils Philippsen <nils at redhat.com> - 1.9.63-1
- add support for chrony (#616385, patch by Miroslav Lichvár)
* Tue Aug 16 2011 Nils Philippsen <nils at redhat.com> - 1.9.62-1
- improve building/cleaning message files (Martin Pitt)
- properly tie dialogs to toplevels, set slightly better dialog titles, set
dialogs transient for notebook due to firstboot (#528157)
- use branded name in desktop file (#727204)
- use Transifex and pull updated translations
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #727204 - Make system-config-* progs that have naming conflicts with other packages not show up in Gnome
https://bugzilla.redhat.com/show_bug.cgi?id=727204
--------------------------------------------------------------------------------
================================================================================
xapian-bindings-1.2.7-1.fc15 (FEDORA-2011-11179)
Bindings for the Xapian Probabilistic Information Retrieval Library
--------------------------------------------------------------------------------
Update Information:
New upstream 1.2.7 bugfix release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 18 2011 Peter Robinson <pbrobinson at fedoraproject.org> - 1.2.7-1
- Update to 1.2.7
--------------------------------------------------------------------------------
================================================================================
xapian-core-1.2.7-1.fc15 (FEDORA-2011-11179)
The Xapian Probabilistic Information Retrieval Library
--------------------------------------------------------------------------------
Update Information:
New upstream 1.2.7 bugfix release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 18 2011 Peter Robinson <pbrobinson at fedoraproject.org> - 1.2.7-1
- Update to 1.2.7
--------------------------------------------------------------------------------
More information about the test
mailing list