Fedora 13 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Thu Jan 20 19:57:32 UTC 2011
The following Fedora 13 Security updates need testing:
https://admin.fedoraproject.org/updates/dbus-1.2.24-2.fc13
https://admin.fedoraproject.org/updates/subversion-1.6.15-1.fc13
https://admin.fedoraproject.org/updates/php-5.3.5-1.fc13,maniadrive-1.2-26.fc13.1,php-eaccelerator-0.9.6.1-4.fc13,maniadrive-data-1.2-5.fc13
https://admin.fedoraproject.org/updates/libuser-0.56.16-1.fc13.2
https://admin.fedoraproject.org/updates/wordpress-mu-2.9.2-3.fc13
https://admin.fedoraproject.org/updates/dpkg-1.15.5.6-6.fc13
https://admin.fedoraproject.org/updates/sssd-1.3.0-40.fc13
https://admin.fedoraproject.org/updates/feh-1.10.1-1.fc13
https://admin.fedoraproject.org/updates/mod_auth_mysql-3.0.0-12.fc13
https://admin.fedoraproject.org/updates/chm2pdf-0.9.1-8.fc13
https://admin.fedoraproject.org/updates/wireshark-1.2.14-1.fc13
https://admin.fedoraproject.org/updates/sudo-1.7.4p5-1.fc13
https://admin.fedoraproject.org/updates/hplip-3.10.9-14.fc13
https://admin.fedoraproject.org/updates/myproxy-5.3-1.fc13
https://admin.fedoraproject.org/updates/proftpd-1.3.3d-1.fc13
https://admin.fedoraproject.org/updates/perl-CGI-Simple-1.112-2.fc13
The following Fedora 13 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/procps-3.2.8-8.fc13
https://admin.fedoraproject.org/updates/sudo-1.7.4p5-1.fc13
https://admin.fedoraproject.org/updates/elfutils-0.151-1.fc13
https://admin.fedoraproject.org/updates/util-linux-ng-2.17.2-10.fc13
https://admin.fedoraproject.org/updates/libuser-0.56.16-1.fc13.2
https://admin.fedoraproject.org/updates/attr-2.4.44-4.fc13
https://admin.fedoraproject.org/updates/livecd-tools-13.1-1.fc13
https://admin.fedoraproject.org/updates/selinux-policy-3.7.19-80.fc13
https://admin.fedoraproject.org/updates/libical-0.46-2.fc13
https://admin.fedoraproject.org/updates/pm-utils-1.2.6.1-4.fc13
https://admin.fedoraproject.org/updates/mash-0.5.20-1.fc13
https://admin.fedoraproject.org/updates/openldap-2.4.21-11.fc13
https://admin.fedoraproject.org/updates/nss-3.12.7-4.fc13,nss-util-3.12.7-2.fc13,nss-softokn-3.12.7-3.fc13,nspr-4.8.6-1.fc13
https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-7.fc13
The following builds have been pushed to Fedora 13 updates-testing
R-qtl-1.19.20-1.fc13
bicon-0.2.0-1.fc13
boinc-client-6.10.58-1.r22930svn.fc13
cvs-1.11.23-11.fc13
gnome-commander-1.2.8.10-1.fc13
holland-1.0.6-2.fc13
k3b-2.0.2-2.fc13
libmcs-0.7.2-3.fc13
mfiler3-4.2.1-1.fc13
perl-CDB_File-0.96-2.fc13
perl-IO-Socket-SSL-1.38-1.fc13
proftpd-1.3.3d-1.fc13
python-dialog-2.7-13.fc13
rubygem-hashery-1.4.0-2.fc13
saphire-1.2.4-1.fc13
Details about builds:
================================================================================
R-qtl-1.19.20-1.fc13 (FEDORA-2011-0629)
Tools for analyzing QTL experiments
--------------------------------------------------------------------------------
Update Information:
New version from http://www.rqtl.org/
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 19 2011 Mattias Ellert <mattias.ellert at fysast.uu.se> - 1.19.20-1
- New upstream release
--------------------------------------------------------------------------------
================================================================================
bicon-0.2.0-1.fc13 (FEDORA-2011-0606)
Bidirectional Console
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #670090 - Review Request: bicon - Bidirectional Console
https://bugzilla.redhat.com/show_bug.cgi?id=670090
--------------------------------------------------------------------------------
================================================================================
boinc-client-6.10.58-1.r22930svn.fc13 (FEDORA-2011-0628)
The BOINC client core
--------------------------------------------------------------------------------
Update Information:
-Update to bugfix release 5.10.58, see http://boinc.berkeley.edu/trac/wiki/VersionHistory
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 20 2011 Miloš Jakubíček <xjakub at fi.muni.cz> - 6.10.58-1.r22930svn
- Rebase the 6.10 branch to 6.10.58
- Fix rpmlint complaining:
- E: executable-marked-as-config-file /etc/sysconfig/boinc-client
- E: script-without-shebang /etc/sysconfig/boinc-client
* Wed Jul 14 2010 Dan Horák <dan at danny.cz> - 6.10.45-2.r21128svn
- rebuilt against wxGTK-2.8.11-2
--------------------------------------------------------------------------------
================================================================================
cvs-1.11.23-11.fc13 (FEDORA-2011-0605)
A version control system
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 20 2011 Petr Pisar <ppisar at redhat.com> - 1.11.23-11
- Make cvs.csh valid CSH script (bug #671003)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #671003 - /etc/profile.d/cvs.csh uses non-tcsh syntax
https://bugzilla.redhat.com/show_bug.cgi?id=671003
--------------------------------------------------------------------------------
================================================================================
gnome-commander-1.2.8.10-1.fc13 (FEDORA-2011-0595)
A nice and fast file manager for the GNOME desktop
--------------------------------------------------------------------------------
Update Information:
New version 1.2.8.10 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 20 2011 Mamoru Tasaka <mtasaka at ioa.s.u-tokyo.ac.jp> - 2:1.2.8.10-1
- Update to 1.2.8.10
--------------------------------------------------------------------------------
================================================================================
holland-1.0.6-2.fc13 (FEDORA-2011-0615)
Pluggable Backup Framework
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 13 2011 BJ Dierkes <wdierkes at rackspace.com> - 1.0.6-2
- Remove Requires: xtrabackup from holland-xtrabackup. Fedora
doesn't provide xtrabackup currently, however there are solutions
out there that people may want to use holland-xtrabackup for.
* Wed Jan 12 2011 BJ Dierkes <wdierkes at rackspace.com> - 1.0.6-1
- Latest sources from upstream. Full change log available at:
http://hollandbackup.org/releases/stable/1.0/CHANGES.txt
- ChangeLog became CHANGES.txt
- Add pgdump and xtrabackup by default
- No longer package -random by default (shouldn't have been in
anyway). Main package Obsoletes: holland-random < 1.0.6
* Tue Dec 14 2010 BJ Dierkes <wdierkes at rackspace.com> - 1.0.5-1
- Development version
* Tue Dec 14 2010 BJ Dierkes <wdierkes at rackspace.com> - 1.0.4-3
- Remove condition check around setting python_site{lib,arch} as
it is not supported in el4.
- No longer set python_sitearch as we aren't using it
--------------------------------------------------------------------------------
================================================================================
k3b-2.0.2-2.fc13 (FEDORA-2011-0626)
CD/DVD/Blu-ray burning application
--------------------------------------------------------------------------------
Update Information:
notes=New upstream release, includes a handful of crash fixes. Fedora's build
has been patched to prefer use of growisofs (over wodim) for dvd/blueray.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 20 2011 Rex Dieter <rdieter at fedoraproject.org> - 1:2.0.2-2
- use growisofs for blueray too (#610976)
* Wed Jan 19 2011 Rex Dieter <rdieter at fedoraproject.org> - 1:2.0.2-1
- k3b-2.0.2 (#670325)
- use growisofs for dvd's (#610976)
* Tue Nov 23 2010 Rex Dieter <rdieter at fedoraproject.org> - 1:2.0.1-5
- turns out existing hal support is mostly harmless (not required, but will
use if present), so back out those changes.
* Tue Nov 23 2010 Rex Dieter <rdieter at fedoraproject.org> - 1:2.0.1-4
- build without ENABLE_HAL_SUPPORT (f15+)
- spec cleanup
* Tue Nov 23 2010 Rex Dieter <rdieter at fedoraproject.org> - 1:2.0.1-3
- Requires: hal-storage-addon
* Tue Oct 5 2010 Rex Dieter <rdieter at fedoraproject.org> - 1:2.0.1-2
- drop workaround patch if building on/for kde-4.5.2+ (#582764)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #610976 - unable to burn dual layer DVD+R
https://bugzilla.redhat.com/show_bug.cgi?id=610976
[ 2 ] Bug #670325 - k3b-2.0.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=670325
--------------------------------------------------------------------------------
================================================================================
libmcs-0.7.2-3.fc13 (FEDORA-2011-0608)
Configuration file abstraction library
--------------------------------------------------------------------------------
Update Information:
Update from 0.7.1 to 0.7.2 to reduce patch count and to get additional fixes. The API documentation is included as HTML now.
The package has been renamed from "mcs".
For testers, libmcs is used by Audacious, which must continue to work during basic usage.
--------------------------------------------------------------------------------
================================================================================
mfiler3-4.2.1-1.fc13 (FEDORA-2011-0607)
Two pane file manager under UNIX console
--------------------------------------------------------------------------------
Update Information:
saphire 1.2.4 / mfiler3 4.2.1 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 19 2011 Mamoru Tasaka <mtasaka at ioa.s.u-tokyo.ac.jp> - 4.2.1-1
- 4.2.1
* Tue Jan 18 2011 Mamoru Tasaka <mtasaka at ioa.s.u-tokyo.ac.jp> - 4.2.0-1
- 4.2.0
--------------------------------------------------------------------------------
================================================================================
perl-CDB_File-0.96-2.fc13 (FEDORA-2011-0617)
Perl extension for access to cdb databases
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #656084 - Review Request: perl-CDB_File - Perl extension for access to cdb databases
https://bugzilla.redhat.com/show_bug.cgi?id=656084
--------------------------------------------------------------------------------
================================================================================
perl-IO-Socket-SSL-1.38-1.fc13 (FEDORA-2011-0614)
Perl library for transparent SSL
--------------------------------------------------------------------------------
Update Information:
This update, to the current upstream release, fixes CPAN RT#64864, where the wildcards_in_cn setting for the HTTP protocol was wrongly set in the previous version to "1" instead of "anywhere".
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 18 2011 Paul Howarth <paul at city-fan.org> - 1.38-1
- Update to 1.38
- fixed wildcards_in_cn setting for http, wrongly set in 1.34 to 1 instead of
anywhere (CPAN RT#64864)
--------------------------------------------------------------------------------
================================================================================
proftpd-1.3.3d-1.fc13 (FEDORA-2011-0613)
Flexible, stable and highly-configurable FTP server
--------------------------------------------------------------------------------
Update Information:
This is an update to the current upstream maintenance release, which addresses a security issue that could affect users of the mod_sql module (not enabled by default).
* A heap-based buffer overflow flaw was found in the way ProFTPD FTP server prepared SQL queries for certain usernames, when the mod_sql module was enabled. A remote, unauthenticated attacker could use this flaw to cause the proftpd daemon to crash or, potentially, to execute arbitrary code with the privileges of the user running 'proftpd' via a specially-crafted username, provided in the authentication dialog.
The update also fixes a CPU spike when handling .ftpaccess files, and handling of SFTP uploads when compression is used.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 19 2011 Paul Howarth <paul at city-fan.org> 1.3.3d-1
- Updated to 1.3.3d
- Fixed sql_prepare_where() buffer overflow (bug 3536, CVE-2010-4652)
- Fixed CPU spike when handling .ftpaccess files
- Fixed handling of SFTP uploads when compression is used
- Add Default-Stop LSB keyword in initscript (for runlevels 0, 1, and 6)
- Fix typos in config file and initscript
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #670170 - CVE-2010-4652 ProFTPD (mod_sql): Heap-based buffer overflow by processing certain usernames, when mod_sql module enabled
https://bugzilla.redhat.com/show_bug.cgi?id=670170
--------------------------------------------------------------------------------
================================================================================
python-dialog-2.7-13.fc13 (FEDORA-2011-0624)
Python interface to the Unix dialog utility
--------------------------------------------------------------------------------
Update Information:
Fix BZ#594988
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 20 2011 Miloš Jakubíček <xjakub at fi.muni.cz> - 2.7-13
- Added python-dialog-demo.patch, fix BZ#594988
- Fix rpmlint: W: file-not-utf8 /usr/share/doc/python-dialog-2.7/TODO
- Fix rpmlint: W: file-not-utf8 /usr/share/doc/python-dialog-2.7/README
* Thu Jul 22 2010 David Malcolm <dmalcolm at redhat.com> - 2.7-12
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #594988 - demo.py crashes when run from different location
https://bugzilla.redhat.com/show_bug.cgi?id=594988
--------------------------------------------------------------------------------
================================================================================
rubygem-hashery-1.4.0-2.fc13 (FEDORA-2011-0630)
Facets bread collection of Hash-like classes
--------------------------------------------------------------------------------
Update Information:
Updated to new upstream release: 1.4.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 20 2011 Marek Goldmann <mgoldman at redhat.com> - 1.4.0-2
- Fixed files section
* Thu Jan 20 2011 Marek Goldmann <mgoldman at redhat.com> - 1.4.0-1
- Updated to new upstream release: 1.4.0
--------------------------------------------------------------------------------
================================================================================
saphire-1.2.4-1.fc13 (FEDORA-2011-0607)
Yet another shell
--------------------------------------------------------------------------------
Update Information:
saphire 1.2.4 / mfiler3 4.2.1 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 19 2011 Mamoru Tasaka <mtasaka at ioa.s.u-tokyo.ac.jp> - 1.2.4-1
- 1.2.4
* Tue Jan 18 2011 Mamoru Tasaka <mtasaka at ioa.s.u-tokyo.ac.jp> - 1.2.3-1
- 1.2.3
--------------------------------------------------------------------------------
More information about the test
mailing list