Fedora 13 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Wed Feb 9 20:24:14 UTC 2011
The following Fedora 13 Security updates need testing:
https://admin.fedoraproject.org/updates/nbd-2.9.20-1.fc13
https://admin.fedoraproject.org/updates/dbus-1.2.24-2.fc13
https://admin.fedoraproject.org/updates/subversion-1.6.15-1.fc13
https://admin.fedoraproject.org/updates/kernel-2.6.34.8-67.fc13
https://admin.fedoraproject.org/updates/openoffice.org-3.2.0-12.35.fc13
https://admin.fedoraproject.org/updates/dhcp-4.1.2-2.ESV.R1.fc13
https://admin.fedoraproject.org/updates/patch-2.6.1-7.fc13
https://admin.fedoraproject.org/updates/krb5-1.7.1-17.fc13
https://admin.fedoraproject.org/updates/webkitgtk-1.2.7-1.fc13
https://admin.fedoraproject.org/updates/feh-1.10.1-1.fc13
https://admin.fedoraproject.org/updates/mod_auth_mysql-3.0.0-12.fc13
https://admin.fedoraproject.org/updates/tor-0.2.1.29-1300.fc13
The following Fedora 13 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/tzdata-2011b-1.fc13
https://admin.fedoraproject.org/updates/patch-2.6.1-7.fc13
https://admin.fedoraproject.org/updates/kernel-2.6.34.8-67.fc13
https://admin.fedoraproject.org/updates/system-config-users-1.2.107-1.fc13
https://admin.fedoraproject.org/updates/python-ethtool-0.6-1.fc13
https://admin.fedoraproject.org/updates/livecd-tools-13.1-1.fc13
https://admin.fedoraproject.org/updates/libical-0.46-2.fc13
https://admin.fedoraproject.org/updates/pm-utils-1.2.6.1-4.fc13
https://admin.fedoraproject.org/updates/mash-0.5.20-1.fc13
https://admin.fedoraproject.org/updates/nss-3.12.7-4.fc13,nss-util-3.12.7-2.fc13,nss-softokn-3.12.7-3.fc13,nspr-4.8.6-1.fc13
https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-7.fc13
The following builds have been pushed to Fedora 13 updates-testing
boinc-client-6.10.58-3.r22930svn.fc13
e2tools-0.0.16-17.fc13
krb5-1.7.1-17.fc13
mupdf-0.7-7.fc13
python-BeautifulSoup-3.2.0-1.fc13
skf-1.97.4-1.fc13
system-config-printer-1.2.7-1.fc13
tzdata-2011b-1.fc13
webkitgtk-1.2.7-1.fc13
Details about builds:
================================================================================
boinc-client-6.10.58-3.r22930svn.fc13 (FEDORA-2011-1208)
The BOINC client core
--------------------------------------------------------------------------------
Update Information:
-Fix BZ#620585
-Update to bugfix release 5.10.58, see http://boinc.berkeley.edu/trac/wiki/VersionHistory
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 9 2011 Miloš Jakubíček <xjakub at fi.muni.cz> - 6.10.58-3.r22930svn
- Add boinc-gui-rpc-port.patch, fixing BZ#620585
* Thu Jan 20 2011 Miloš Jakubíček <xjakub at fi.muni.cz> - 6.10.58-1.r22930svn
- Rebase the 6.10 branch to 6.10.58
- Fix rpmlint complaining:
- E: executable-marked-as-config-file /etc/sysconfig/boinc-client
- E: script-without-shebang /etc/sysconfig/boinc-client
* Wed Jul 14 2010 Dan Horák <dan at danny.cz> - 6.10.45-2.r21128svn
- rebuilt against wxGTK-2.8.11-2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #620585 - [abrt] crash in boinc-client-6.10.45-1.r21128svn.fc13: ____strtol_l_internal: Process /usr/bin/boinc_client was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=620585
--------------------------------------------------------------------------------
================================================================================
e2tools-0.0.16-17.fc13 (FEDORA-2011-1220)
Manipulate files in unmounted ext2/ext3 filesystems
--------------------------------------------------------------------------------
Update Information:
Fix broken patch (broken by CVS keyword substitution), and make sure this package actually builds.
Should have no user visible changes.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 9 2011 Hans Ulrich Niedermann <hun at n-dimensional.de> - 0.0.16-17
- Remove unused code parts triggering new gcc warning in f15
* Wed Feb 9 2011 Hans Ulrich Niedermann <hun at n-dimensional.de> - 0.0.16-16
- Fix CVS keyword substitution breaking our patch file
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.0.16-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
krb5-1.7.1-17.fc13 (FEDORA-2011-1210)
The Kerberos network authentication system
--------------------------------------------------------------------------------
Update Information:
This update incorporates fixes from upstream advisories MITKRB5-SA-2011-001 (standalone kpropd exits if a per-client child exits with an error) and MITKRB5-SA-2011-002 (uninitialized pointer crash in the KDC, hang or crash in the KDC with the LDAP backend).
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 8 2011 Nalin Dahyabhai <nalin at redhat.com> 1.7.1-17
- add upstream patches to fix standalone kpropd exiting if the per-client
child process exits with an error (MITKRB5-SA-2011-001), and a hang or
crash in the KDC when using the LDAP kdb backend (MITKRB5-SA-2011-002)
(CVE-2010-4022, #664009, CVE-2011-0281, #668719, CVE-2011-0282, #668726)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #664009 - CVE-2010-4022 krb5: kpropd unexpected termination on invalid input (MITKRB5-SA-2011-001)
https://bugzilla.redhat.com/show_bug.cgi?id=664009
[ 2 ] Bug #668719 - CVE-2011-0281 krb5: KDC hang when using LDAP backend caused by special principal name (MITKRB5-SA-2011-002)
https://bugzilla.redhat.com/show_bug.cgi?id=668719
[ 3 ] Bug #668726 - CVE-2011-0282 krb5: KDC crash when using LDAP backend caused by a special principal name (MITKRB5-SA-2011-002)
https://bugzilla.redhat.com/show_bug.cgi?id=668726
--------------------------------------------------------------------------------
================================================================================
mupdf-0.7-7.fc13 (FEDORA-2011-1212)
A lightweight PDF viewer and toolkit
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #669311 - Review Request: mupdf - A lightweight PDF viewer and toolkit written in portable C
https://bugzilla.redhat.com/show_bug.cgi?id=669311
--------------------------------------------------------------------------------
================================================================================
python-BeautifulSoup-3.2.0-1.fc13 (FEDORA-2011-1209)
HTML/XML parser for quick-turnaround applications like screen-scraping
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release BeautifulSoup 3.2.0.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 8 2011 Terje Rosten <terje.rosten at ntnu.no> - 1:3.2.0-1
- 3.2.0
* Wed Jul 21 2010 David Malcolm <dmalcolm at redhat.com> - 1:3.0.8.1-2
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
--------------------------------------------------------------------------------
================================================================================
skf-1.97.4-1.fc13 (FEDORA-2011-1219)
Utility binary files in Simple Kanji Filter
--------------------------------------------------------------------------------
Update Information:
New version 1.97.4 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 9 2011 Mamoru Tasaka <mtasaka at ioa.s.u-tokyo.ac.jp> - 1.97.4-1
- 1.97.4
--------------------------------------------------------------------------------
================================================================================
system-config-printer-1.2.7-1.fc13 (FEDORA-2010-19111)
A printer administration tool
--------------------------------------------------------------------------------
Update Information:
New upstream release that fixes several bugs.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 9 2011 Jiri Popelka <jpopelka at redhat.com> 1.2.7-1
- 1.2.7:
- Handle failure to connect in PrinterURIIndex (bug #668568).
- Fixed bugs in gtk_label_autowrap.py (bug #637829).
- Improvements for DNS-SD support from Till Kamppeter
* Fri Jan 21 2011 Jiri Popelka <jpopelka at redhat.com> 1.2.6-3
- Fixed driver selection when there are duplicate PPDs available. (#667571)
- Grabbing focus for editing breaks it (bug #650995).
* Tue Jan 18 2011 Jiri Popelka <jpopelka at redhat.com> 1.2.6-2
- Allow %, ( and ) characters in dnssd URI (bug #669820).
* Mon Jan 17 2011 Jiri Popelka <jpopelka at redhat.com> 1.2.6-1
- 1.2.6:
- Remove reference to current printer on exit (bug #556548).
- Handle cups.Connection() failure in PrinterURIIndexr (bug #648014).
- Block unwanted characters when editing queue name (bug #658550).
- Initialise D-Bus threading in timedops module (bug #662047).
- many other fixes
* Mon Dec 20 2010 Jiri Popelka <jpopelka at redhat.com> 1.2.5-8
- Updated pycups to 1.9.53 (bug #662805).
* Thu Dec 2 2010 Tim Waugh <twaugh at redhat.com> - 1.2.5-7
- Grab focus on the IconView after setting it editable (bug #650995).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #637829 - Display artifacts in PPD change confirmation dialog
https://bugzilla.redhat.com/show_bug.cgi?id=637829
[ 2 ] Bug #650995 - [Compiz] Unable to rename printer
https://bugzilla.redhat.com/show_bug.cgi?id=650995
[ 3 ] Bug #648014 - [abrt] system-config-printer-1.2.4-1.fc13: jobviewer.py:125:_map_printer:RuntimeError: failed to connect to server
https://bugzilla.redhat.com/show_bug.cgi?id=648014
[ 4 ] Bug #658550 - Spaces in printer name get removed
https://bugzilla.redhat.com/show_bug.cgi?id=658550
[ 5 ] Bug #662047 - troubleshooter uses D-Bus from two threads
https://bugzilla.redhat.com/show_bug.cgi?id=662047
[ 6 ] Bug #662805 - [abrt] system-config-printer-1.2.5-6.fc14: PyObject_Call: Process /usr/bin/python was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=662805
[ 7 ] Bug #667571 - Did something change my CUPS driver from Postscript to pxlmono?
https://bugzilla.redhat.com/show_bug.cgi?id=667571
[ 8 ] Bug #668127 - [abrt] system-config-printer-1.2.5-8.fc14: system-config-printer.py:5634:entry_changed:UnicodeDecodeError: 'utf8' codec can't decode byte 0xaa in position 52: invalid start byte
https://bugzilla.redhat.com/show_bug.cgi?id=668127
[ 9 ] Bug #668568 - [abrt] system-config-printer-1.2.95-4.fc15: jobviewer.py:71:__init__:RuntimeError: failed to connect to server
https://bugzilla.redhat.com/show_bug.cgi?id=668568
[ 10 ] Bug #669820 - dnssd unable to resolve URI for HP network printer
https://bugzilla.redhat.com/show_bug.cgi?id=669820
--------------------------------------------------------------------------------
================================================================================
tzdata-2011b-1.fc13 (FEDORA-2011-1222)
Timezone data
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 9 2011 Petr Machata <pmachata at redhat.com> - 2011b-1
- Upstream 2011b:
- America/North_Dakota/Beulah: Mercer County, North Dakota, changed
from the mountain time zone to the central time zone
* Mon Jan 24 2011 Petr Machata <pmachata at redhat.com> - 2011a-1
- Upstream 2011a:
- Updates of historical stamps for Hawaii
--------------------------------------------------------------------------------
================================================================================
webkitgtk-1.2.7-1.fc13 (FEDORA-2011-1224)
GTK+ Web content engine library
--------------------------------------------------------------------------------
Update Information:
* Fixes the following CVEs: CVE-2010-4492 CVE-2010-4493 CVE-2011-0482 CVE-2010-4199 CVE-2010-4578 CVE-2010-4040 CVE-2011-0778 CVE-2010-2901 CVE-2010-4042
* Fixes a regression caused by earlier fix for CVE-2010-1791. This caused webkitgtk to crash on certain sites with javascript.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 9 2011 Huzaifa Sidhpurwala <huzaifas at redhat.com> - 1.2.7
- Update to 1.2.7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #676201 - CVE-2010-4492 WebKit: Use-after-free vulnerability in SVG animations
https://bugzilla.redhat.com/show_bug.cgi?id=676201
[ 2 ] Bug #676202 - CVE-2010-4493 WebKit: Use-after-free vulnerability related to handling of mouse dragging events.
https://bugzilla.redhat.com/show_bug.cgi?id=676202
[ 3 ] Bug #676203 - CVE-2011-0482 WebKit: Bad cast during handling of anchors causes crash via crafted HTML documents
https://bugzilla.redhat.com/show_bug.cgi?id=676203
[ 4 ] Bug #656122 - CVE-2010-4199 WebKit: Improper cast of an unspecified variable during processing of an SVG use element
https://bugzilla.redhat.com/show_bug.cgi?id=656122
[ 5 ] Bug #676207 - CVE-2010-4578 WebKit: Stale SVG pointer in Cursors DOM
https://bugzilla.redhat.com/show_bug.cgi?id=676207
[ 6 ] Bug #657101 - CVE-2010-4040 WebKit: crafted animated GIF image could cause DoS (memory corruption)
https://bugzilla.redhat.com/show_bug.cgi?id=657101
[ 7 ] Bug #676209 - CVE-2011-0778 WebKit: restrict cross-origin drag+drop in WebKit
https://bugzilla.redhat.com/show_bug.cgi?id=676209
[ 8 ] Bug #676210 - CVE-2010-2901 WebKit: Memory corruption with crash in RenderObject::containingBlock()
https://bugzilla.redhat.com/show_bug.cgi?id=676210
[ 9 ] Bug #676212 - CVE-2010-4042 WebKit: Stale elements in an element map causes webkit to crash
https://bugzilla.redhat.com/show_bug.cgi?id=676212
--------------------------------------------------------------------------------
More information about the test
mailing list