Fedora 14 updates-testing report

Fri Jun 3 05:36:54 UTC 2011

The following Fedora 14 Security updates need testing:

    https://admin.fedoraproject.org/updates/bind-9.7.4-0.2.b1.fc14
    https://admin.fedoraproject.org/updates/couchdb-1.0.2-4.fc14
    https://admin.fedoraproject.org/updates/avahi-0.6.27-6.fc14
    https://admin.fedoraproject.org/updates/pure-ftpd-1.0.32-1.fc14
    https://admin.fedoraproject.org/updates/unbound-1.4.8-2.fc14
    https://admin.fedoraproject.org/updates/drupal7-7.2-1.fc14
    https://admin.fedoraproject.org/updates/drupal-6.22-1.fc14
    https://admin.fedoraproject.org/updates/cyrus-imapd-2.3.16-8.fc14
    https://admin.fedoraproject.org/updates/tomcat6-6.0.26-21.fc14
    https://admin.fedoraproject.org/updates/openldap-2.4.23-10.fc14
    https://admin.fedoraproject.org/updates/kernel-2.6.35.13-92.fc14
    https://admin.fedoraproject.org/updates/jabberd-2.2.14-1.fc14
    https://admin.fedoraproject.org/updates/phpMyAdmin-3.4.1-1.fc14
    https://admin.fedoraproject.org/updates/mutt-1.5.21-5.fc14
    https://admin.fedoraproject.org/updates/rdesktop-1.6.0-11.fc14
    https://admin.fedoraproject.org/updates/mumble-1.2.3-2.fc14
    https://admin.fedoraproject.org/updates/wireshark-1.4.7-1.fc14
    https://admin.fedoraproject.org/updates/weechat-0.3.5-1.fc14
    https://admin.fedoraproject.org/updates/gimp-2.6.11-14.fc14
    https://admin.fedoraproject.org/updates/libxml-1.8.17-26.fc14

The following Fedora 14 Critical Path updates have yet to be approved:

    https://admin.fedoraproject.org/updates/file-5.04-17.fc14
    https://admin.fedoraproject.org/updates/yum-3.2.28-7.fc14
    https://admin.fedoraproject.org/updates/module-init-tools-3.11.1-6.fc14
    https://admin.fedoraproject.org/updates/metacity-2.30.3-2.fc14
    https://admin.fedoraproject.org/updates/selinux-policy-3.9.7-42.fc14
    https://admin.fedoraproject.org/updates/libcdio-0.82-4.fc14
    https://admin.fedoraproject.org/updates/libcgroup-0.36.2-7.fc14
    https://admin.fedoraproject.org/updates/dash-0.5.6-4.fc14
    https://admin.fedoraproject.org/updates/PackageKit-0.6.12-3.fc14
    https://admin.fedoraproject.org/updates/pcre-8.10-2.fc14
    https://admin.fedoraproject.org/updates/libedit-3.0-3.20090923cvs.fc14
    https://admin.fedoraproject.org/updates/libpcap-1.1.1-3.fc14
    https://admin.fedoraproject.org/updates/xorg-x11-drv-qxl-0.0.21-3.fc14
    https://admin.fedoraproject.org/updates/evolution-exchange-2.32.3-1.fc14,evolution-data-server-2.32.3-1.fc14,evolution-2.32.3-1.fc14
    https://admin.fedoraproject.org/updates/xorg-x11-drv-nouveau-0.0.16-14.20101010git8c8f15c.fc14
    https://admin.fedoraproject.org/updates/dosfstools-3.0.9-6.fc14
    https://admin.fedoraproject.org/updates/libimobiledevice-1.0.6-1.fc14
    https://admin.fedoraproject.org/updates/libconcord-0.23-5.fc14,udev-161-9.fc14,concordance-0.23-2.fc14
    https://admin.fedoraproject.org/updates/usbmuxd-1.0.7-1.fc14
    https://admin.fedoraproject.org/updates/openldap-2.4.23-10.fc14
    https://admin.fedoraproject.org/updates/avahi-0.6.27-6.fc14
    https://admin.fedoraproject.org/updates/xorg-x11-drv-geode-2.11.11-4.fc14

The following builds have been pushed to Fedora 14 updates-testing

    bcfg2-1.1.2-1.fc14
    collectl-3.5.1-1.fc14
    deltacloud-core-0.3.0-9.fc14
    dracut-modules-olpc-0.5.11-1.fc14
    etckeeper-0.54-1.fc14
    file-5.04-17.fc14
    iproute-2.6.35-9.fc14
    jabberd-2.2.14-1.fc14
    lapack-3.2.2-4.fc14
    libxml-1.8.17-26.fc14
    lyx-2.0.0-4.fc14
    memtest86+-4.20-1.fc14
    mercurial-1.8.4-2.fc14
    perl-IO-Socket-INET6-2.66-1.fc14
    qbittorrent-2.8.0-1.fc14
    roundup-1.4.18-1.fc14
    rpld-1.8-0.8.beta1.fc14
    rwho-0.17-35.fc14
    tgif-4.2.3-1.fc14
    vnstat-1.11-1.fc14
    weechat-0.3.5-1.fc14
    wireshark-1.4.7-1.fc14
    wordpress-3.1.3-3.fc14
    x509watch-0.4.0-1.fc14
    xarchiver-0.5.2-8.fc14
    zabbix-1.8.5-2.fc14

Details about builds:

================================================================================
 bcfg2-1.1.2-1.fc14 (FEDORA-2011-7850)
 Configuration management system
--------------------------------------------------------------------------------
Update Information:

* Thu Jun 02 2011 Fabian Affolter <fabian at bernewireless.net> - 1.1.2-1
- Updated to new upstream version 1.1.2
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun  2 2011 Fabian Affolter <fabian at bernewireless.net> - 1.1.2-1
- Updated to new upstream version 1.1.2
--------------------------------------------------------------------------------

================================================================================
 collectl-3.5.1-1.fc14 (FEDORA-2011-7827)
 A utility to collect various Linux performance data
--------------------------------------------------------------------------------
Update Information:

update to upstream version 3.5.1
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun  2 2011 Dan Horák <dan[at]danny.cz> 3.5.1-1
- upgrade to upstream version 3.5.1
--------------------------------------------------------------------------------

================================================================================
 deltacloud-core-0.3.0-9.fc14 (FEDORA-2011-7851)
 Deltacloud REST API
--------------------------------------------------------------------------------
Update Information:

Added config file for Fedora and provides.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun  2 2011 Michal Fojtik <mfojtik at redhat.com> - 0.3.0-9
- Replaced Obsoletes with Provides
--------------------------------------------------------------------------------

================================================================================
 dracut-modules-olpc-0.5.11-1.fc14 (FEDORA-2011-7817)
 OLPC modules for dracut initramfs
--------------------------------------------------------------------------------
Update Information:

Fix creation of /versions/running symlink.
Fix purging of unpartitioned boot configs
Start boot animation during version purging
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun  1 2011 Daniel Drake <dsd at laptop.org> - 0.5.11-1
- Fix creation of /versions/running link
* Mon May 30 2011 Daniel Drake <dsd at laptop.org> - 0.5.10-1
- Fix purging of unpartitioned boot configs
* Tue May 17 2011 Daniel Drake <dsd at laptop.org> - 0.5.9-1
- Start boot animation while purging old versions
--------------------------------------------------------------------------------

================================================================================
 etckeeper-0.54-1.fc14 (FEDORA-2011-7853)
 Store /etc in a SCM system (git, mercurial, bzr or darcs)
--------------------------------------------------------------------------------
Update Information:

Update to 0.54, a bugfix version. From the upstream changelog:

 * Ignore inssev's FHS violating /etc/init.d/.depend.* files.
 * Use hg pre-commit hook, rather than its precommit hook, as the latter is run after the files staged for commit are determined and so .etckeeper cannot be staged as part of the current commit. 

Furthermore, we include a patch to fix error propagation to yum, which makes AVOID_COMMIT_BEFORE_INSTALL work (bz 709487).
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun  1 2011 Thomas Moschny <thomas.moschny at gmx.de> - 0.54-1
- Update to 0.54.
- Add patch for bz 709487.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #709487 - yum fails to honor AVOID_COMMIT_BEFORE_INSTALL
        https://bugzilla.redhat.com/show_bug.cgi?id=709487
--------------------------------------------------------------------------------

================================================================================
 file-5.04-17.fc14 (FEDORA-2011-7815)
 A utility for determining file types
--------------------------------------------------------------------------------
Update Information:

Adds "magic" definition for Canon CR2 RAW format.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun  1 2011 Jan Kaluza <jkaluza at redhat.com> - 5.04-17
- fix #709520 - backported CR2 format detection
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #709520 - Add "magic" definition for Canon CR2 RAW format
        https://bugzilla.redhat.com/show_bug.cgi?id=709520
--------------------------------------------------------------------------------

================================================================================
 iproute-2.6.35-9.fc14 (FEDORA-2011-7781)
 Advanced IP routing and network device configuration tools
--------------------------------------------------------------------------------
Update Information:

Fix GRED options clearing
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun  1 2011 Petr Sabata <contyk at redhat.com> - 2.6.35-9
- Include cb4bd0ec8 (#707984)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #707984 - TC: GRED in grio mode VQs prio parameter does not work (value doesn't change)
        https://bugzilla.redhat.com/show_bug.cgi?id=707984
--------------------------------------------------------------------------------

================================================================================
 jabberd-2.2.14-1.fc14 (FEDORA-2011-7805)
 OpenSource server implementation of the Jabber protocols
--------------------------------------------------------------------------------
Update Information:

This update fixes an important security issue (CVE-2011-1755), for more information, please see https://bugzilla.redhat.com/show_bug.cgi?id=700390.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun  1 2011 Dominic Hopf <dmaphy at fedoraproject.org> - 2.2.14-1
- update to 2.2.14 (#700390, CVE-2011-1755)
- remove unneeded upstart configuration files
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #700390 - CVE-2011-1755 jabberd: DoS via the XML "billion laughs attack"
        https://bugzilla.redhat.com/show_bug.cgi?id=700390
--------------------------------------------------------------------------------

================================================================================
 lapack-3.2.2-4.fc14 (FEDORA-2011-7796)
 Numerical linear algebra package libraries
--------------------------------------------------------------------------------
Update Information:

Fix manl directory perms and ownership.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun  2 2011 Tom Callaway <spot at fedoraproject.org> - 3.2.2-4
- create /usr/share/man/manl/ as 0755 and own it in lapack and blas (bz634369)
* Mon Feb  7 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.2.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #634369 - lapack documentation quite inaccesible
        https://bugzilla.redhat.com/show_bug.cgi?id=634369
--------------------------------------------------------------------------------

================================================================================
 libxml-1.8.17-26.fc14 (FEDORA-2011-7856)
 Old XML library for Gnome-1 application compatibility
--------------------------------------------------------------------------------
Update Information:

This update addresses CVE-2011-1944 (heap-based buffer overflow by adding a new namespace node to an existing nodeset or merging nodesets). It is described in detail at http://scarybeastsecurity.blogspot.com/2011/05/libxml-vulnerability-and-interesting.html

--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun  2 2011 Paul Howarth <paul at city-fan.org> 1:1.8.17-26
- add patch for CVE-2011-1944 (#709751)
- add %check section and run regression tests (note that diffs appearing in
  the output do not cause the build to fail)
- nobody else likes macros for commands
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1:1.8.17-25
- rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #709747 - CVE-2011-1944 libxml, libxml2: Heap-based buffer overflow by adding new namespace node to an existing nodeset or merging nodesets
        https://bugzilla.redhat.com/show_bug.cgi?id=709747
--------------------------------------------------------------------------------

================================================================================
 lyx-2.0.0-4.fc14 (FEDORA-2011-7794)
 WYSIWYM (What You See Is What You Mean) document processor
--------------------------------------------------------------------------------
Update Information:

Add missing file (LaTeXConfig.lyx)
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun  1 2011 José Matos <jamatos at fedoraproject.org> - 2.0.0-4
- LaTeXConfig.lyx is no longer a ghost (#684428)
* Thu May 26 2011 Rex Dieter <rdieter at fedoraproject.org> 2.0.0-3
- fix hunspell support (use pkgconfig)
* Thu May 26 2011 Rex Dieter <rdieter at fedoraproject.org> 2.0.0-2
- rebuild (hunspell)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #684428 - file LaTeXConfig.lyx missing
        https://bugzilla.redhat.com/show_bug.cgi?id=684428
--------------------------------------------------------------------------------

================================================================================
 memtest86+-4.20-1.fc14 (FEDORA-2011-7852)
 Stand-alone memory tester for x86 and x86-64 computers
--------------------------------------------------------------------------------
Update Information:

This is new version that fixes various bugs and adds support for Intel
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun  2 2011 Jaroslav Škarvada <jskarvad at redhat.com> - 4.20-1
- Update to new version (#682425)
- Removed fix-asciimap patch (not needed now)
- Removed make-gcc4-builds-work patch (not used)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #709930 - Please update to v4.20 which is needed for sandy bridge
        https://bugzilla.redhat.com/show_bug.cgi?id=709930
--------------------------------------------------------------------------------

================================================================================
 mercurial-1.8.4-2.fc14 (FEDORA-2011-7786)
 Mercurial -- a distributed SCM
--------------------------------------------------------------------------------
Update Information:

see: http://http://mercurial.selenic.com/wiki/WhatsNew
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun  2 2011 Neal Becker <ndbecker2 at gmail.com> - 1.8.4-2
- Add docutils-0.8 patch
* Wed Jun  1 2011 Neal Becker <ndbecker2 at gmail.com> - 1.8.4-1
- Update to 1.8.4
--------------------------------------------------------------------------------

================================================================================
 perl-IO-Socket-INET6-2.66-1.fc14 (FEDORA-2011-7798)
 Perl Object interface for AF_INET|AF_INET6 domain sockets
--------------------------------------------------------------------------------
Update Information:

A new, bugfix version of IO::Socket::INET6 is available.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jan 13 2011 Paul Howarth <paul at city-fan.org> - 2.66-1
- Update to 2.66
  - Fix inet_pton/inet_ntop import warnings (CPAN RT#55901)
  - Fix listening on :: or 0.0.0.0 (CPAN RT#54656)
  - Add test listen_port_only.t
  - Solved problems with multihomed and family order (CPAN RT#57676)
  - Fix select timeout issue in t/io_multihomed6.t
  - Fix t/io_multihomed6.t on systems with broken getaddrinfo() (CPAN RT#58198)
  - Made the "use Socket" call import constants selectively, and not rely on
    @EXPORT's whims
* Thu Jan 13 2011 Paul Howarth <paul at city-fan.org> - 2.57-4
- s/PERL_INSTALL_ROOT/DESTDIR/
- re-enable the test suite
- BR: perl(Test::More), perl(Test::Pod), perl(Test::Pod::Coverage)
* Mon Dec 20 2010 Marcela Maslanova <mmaslano at redhat.com> - 2.57-3
- Rebuild to fix problems with vendorarch/lib (#661697)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #619785 - Please update to 2.65
        https://bugzilla.redhat.com/show_bug.cgi?id=619785
--------------------------------------------------------------------------------

================================================================================
 qbittorrent-2.8.0-1.fc14 (FEDORA-2011-7842)
 A Bittorrent Client
--------------------------------------------------------------------------------
Update Information:

* Thu Jun 02 2011 - Christophe Dumez <chris at qbittorrent.org> - v2.8.0
    - FEATURE: Added full libtorrent v0.16 support (uTP, ...)
    - FEATURE: Proxy can be disabled for peer connections
    - FEATURE: Added support for secure SMTP connection (SSL)
    - FEATURE: Added support for SMTP authentication
    - FEATURE: Added UPnP/NAT-PMP port forward for the Web UI port
    - FEATURE: qBittorrent can update dynamic DNS services (DynDNS, no-ip)
    - FEATURE: Display peer connection type in peer list (BT, uTP, Web)
    - FEATURE: Added full regex support to RSS downloader
    - FEATURE: Added regex help and validation in RSS downloader
    - FEATURE: Added HTTPS support to Web UI (Ishan Arora)
    - BUGFIX: Change systray icon on the fly (no restart needed)
    - BUGFIX: Remember peer-level rate limits (requires libtorrent v0.16)
    - BUGFIX: Stop annoncing to trackers an all tiers (more respectful)
    - BUGFIX: Stop sharing private trackers with other peers
    - BUGFIX: Tracker exchange extension can be disabled
    - BUGFIX: Cleaner program exit on system log out
    - BUGFIX: Fix possible magnet link parsing problems
    - BUGFIX: Fix possible RSS URL parsing problems
    - COSMETIC: Added monochrome icon for light themes 
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun  2 2011 Leigh Scott <leigh123linux at googlemail.com> - 1:2.8.0-1
- update to 2.8.0
--------------------------------------------------------------------------------

================================================================================
 roundup-1.4.18-1.fc14 (FEDORA-2011-7812)
 Simple and flexible issue-tracking system
--------------------------------------------------------------------------------
Update Information:

Update to 1.4.18.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun  1 2011 John Khvatov <ivaxer at fedoraproject.org> - 1.4.18-1
- updated to 1.4.18
- added roundup-doc subpackage for documentation
* Wed Feb  9 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.4.15-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #700053 - roundup-1.4.18 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=700053
--------------------------------------------------------------------------------

================================================================================
 rpld-1.8-0.8.beta1.fc14 (FEDORA-2011-7855)
 RPL/RIPL remote boot daemon
--------------------------------------------------------------------------------
Update Information:

Added standard initscript.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun  2 2011 Paul P. Komkoff Jr <i at stingr.net> - 1.8-0.8.beta1
- add initscript
* Wed Feb  9 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.8-0.7.beta1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #487226 - [RFE] No Startup Script for RPL boot daemon
        https://bugzilla.redhat.com/show_bug.cgi?id=487226
--------------------------------------------------------------------------------

================================================================================
 rwho-0.17-35.fc14 (FEDORA-2011-7854)
 Displays who is logged in to local network machines
--------------------------------------------------------------------------------
Update Information:

This is an update that fixes a ruptime info in case rwhod has been started without properly configured network.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun  2 2011 Honza Horak <hhorak at redhat.com> - 0.17-35
- applied patch from Ian Donaldson to transmit status reliably
  (bug #708385)
* Wed Feb  9 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.17-34
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #708385 - rwhod doesn't transmit reliably if using DHCP
        https://bugzilla.redhat.com/show_bug.cgi?id=708385
--------------------------------------------------------------------------------

================================================================================
 tgif-4.2.3-1.fc14 (FEDORA-2011-7783)
 2-D drawing tool
--------------------------------------------------------------------------------
Update Information:

New version 4.2.3 is released.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun  1 2011 Mamoru Tasaka <mtasaka at fedoraproject.org> - 4.2.3-1
- 4.2.3
* Wed Feb  9 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 4.2.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------

================================================================================
 vnstat-1.11-1.fc14 (FEDORA-2011-7778)
 Console-based network traffic monitor
--------------------------------------------------------------------------------
Update Information:

Upstream changes for 1.11 / 1-Jun-11:

 - Fix: Memory allocation was miscalculated when creating interface list from /sys/class/net when /proc/net/dev wasn't available which in turn could crash the daemon
 - Fix: Daemon database cache could remain empty after a -HUP signal
 - Fix: Don't make temp directory in vnstat.cgi writable for everyone
 - Import GNU/kFreeBSD support from Debian (#608963, patch by Mats Erik Andersson)
 - Remove usage of GNU only '-D' option for install for BSD in Makefile
 - The daemon now automatically creates databases for available interfaces if no databases are found during startup
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun  2 2011 Robert Scheck <robert at fedoraproject.org> - 1.11-1
- Upgrade to 1.11
* Mon Feb  7 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.10-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------

================================================================================
 weechat-0.3.5-1.fc14 (FEDORA-2011-7839)
 Portable, fast, light and extensible IRC client
--------------------------------------------------------------------------------
Update Information:

Update to most recent + spell->aspell rename.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun  2 2011 Paul P. Komkoff Jr <i at stingr.net> - 0.3.5-1
- new upstream version
* Mon Feb  7 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.3.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #688751 - CVE-2011-1428 weechat: improper verification of X.509 certificates can lead to MITM attacks
        https://bugzilla.redhat.com/show_bug.cgi?id=688751
--------------------------------------------------------------------------------

================================================================================
 wireshark-1.4.7-1.fc14 (FEDORA-2011-7846)
 Network traffic analyzer
--------------------------------------------------------------------------------
Update Information:

Upgrade to latest release, fixing few security bugs. See http://www.wireshark.org/docs/relnotes/wireshark-1.4.7.html.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun  2 2011 Jan Safranek <jsafrane at redhat.com> - 1.4.7-1
- upgrade to 1.4.7
- see http://www.wireshark.org/docs/relnotes/wireshark-1.4.7.html
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #710109 - CVE-2011-2175 wireshark: Heap-based buffer over-read in Visual Networks dissector
        https://bugzilla.redhat.com/show_bug.cgi?id=710109
  [ 2 ] Bug #710097 - CVE-2011-2174 wireshark: Double-free flaw by uncompressing of a zlib compressed packet
        https://bugzilla.redhat.com/show_bug.cgi?id=710097
  [ 3 ] Bug #710039 - CVE-2011-1959 wireshark: Stack-based buffer over-read from tvbuff buffer
        https://bugzilla.redhat.com/show_bug.cgi?id=710039
  [ 4 ] Bug #710021 - CVE-2011-1957 wireshark: Infinite loop in the DICOM dissector
        https://bugzilla.redhat.com/show_bug.cgi?id=710021
--------------------------------------------------------------------------------

================================================================================
 wordpress-3.1.3-3.fc14 (FEDORA-2011-7837)
 Blog tool and publishing platform
--------------------------------------------------------------------------------
Update Information:

Fix old FSF address and Summary to make rpmlint happy.
Make wp-content directory owned by apache:apache.
Correctly Provides/Obsoletes (with versions).
Upgrade to the latest upstream version (security fixes and enhancements, BZ 707772).
Move wp-content directory to /var/www/wordpress/ (BZ 522897).
Simplify overly detailed files list.
Actually, we just don't need gettext.php at all, it is provided by
php itself. Just remove the file, don't make a symlink.
Revert back to wp-content in /usr/share/wordpress, I am not able to make it
work. Not fixing BZ 522897.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun  2 2011 Matěj Cepl <mcepl at redhat.com> - 3.1.3-3
- Actually, we just don't need gettext.php at all, it is provided by
  php itself. Just remove the file, don't make a symlink.
- revert back to wp-content in /usr/share/wordpress, I am not able to make it
  work. Not fixing BZ 522897.
* Wed Jun  1 2011 Matěj Cepl <mcepl at redhat.com> - 3.1.3-2
- Fix old FSF address and Summary to make rpmlint happy.
- Make wp-content directory owned by apache:apache
- Correctly Provides/Obsoletes (with versions)
* Wed May 25 2011 Matěj Cepl <mcepl at redhat.com> - 3.1.3-1
- Upgrade to the latest upstream version (security fixes and enhancements, BZ 707772)
- Move wp-content directory to /var/www/wordpress/ (BZ 522897)
- Simplify overly detailed %files
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #707772 - New upstream version 3.1.3 has been released
        https://bugzilla.redhat.com/show_bug.cgi?id=707772
  [ 2 ] Bug #522897 - Unable To Upload Images To /usr/share/wordpress/wp-content/uploads/
        https://bugzilla.redhat.com/show_bug.cgi?id=522897
--------------------------------------------------------------------------------

================================================================================
 x509watch-0.4.0-1.fc14 (FEDORA-2011-7831)
 Simple tool to list expiring or expired X.509 certificates
--------------------------------------------------------------------------------
Update Information:

Upstream changes for 0.4.0:

 - Mail from cronjob with x509watch output has now logwatch style
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun  2 2011 Robert Scheck <robert at fedoraproject.org> 0.4.0-1
- Upgrade to 0.4.0
* Mon Feb  7 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.3.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------

================================================================================
 xarchiver-0.5.2-8.fc14 (FEDORA-2011-7807)
 Archive manager for Xfce
--------------------------------------------------------------------------------
Update Information:

This update add xz support and fixes support for 7z. Encrypted archives however are not supported.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun  2 2011 Christoph Wickert <cwickert at fedoraproject.org> - 0.5.2-8
- Fix 7zip. Encrypted archives are still not supported.
* Thu Jun  2 2011 Christoph Wickert <cwickert at fedoraproject.org> - 0.5.2-7
- Add xz support. Thanks to Robby Workman and Daniel Hokka Zakrisson (#577480)
- Remove mime-type multipart/x-zip (#666066)
- Fix crash in IA__gtk_tree_model_get_valist. Thanks to Bastiaan Jacques (#690012)
- Update icon-cache scriptlets
* Mon Feb  7 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.5.2-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #577480 - Won't handle xz compressed files; can't open rpm files
        https://bugzilla.redhat.com/show_bug.cgi?id=577480
  [ 2 ] Bug #666066 - Warning in fedora-xarchiver.desktop: MIME type "multipart/x-zipl" is discouraged
        https://bugzilla.redhat.com/show_bug.cgi?id=666066
  [ 3 ] Bug #690012 - [abrt] xarchiver-0.5.2-6.fc15: IA__gtk_tree_model_get_valist: Process /usr/bin/xarchiver was killed by signal 11 (SIGSEGV)
        https://bugzilla.redhat.com/show_bug.cgi?id=690012
--------------------------------------------------------------------------------

================================================================================
 zabbix-1.8.5-2.fc14 (FEDORA-2011-7804)
 Open-source monitoring solution for your IT infrastructure
--------------------------------------------------------------------------------
ChangeLog:

* Mon May 23 2011 Dan Horák <dan[at]danny.cz> - 1.8.5-2
- include /var/lib/zabbix and /etc/zabbix/externalscripts dirs in package (#704181)
- add snmp trap receiver script in package (#705331)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #704181 - AlertScriptPath points to a directory that doesn't exist
        https://bugzilla.redhat.com/show_bug.cgi?id=704181
  [ 2 ] Bug #705331 - SNMP trap shell script
        https://bugzilla.redhat.com/show_bug.cgi?id=705331
--------------------------------------------------------------------------------