Fedora 15 updates-testing report

Sat Mar 19 05:38:12 UTC 2011

The following Fedora 15 Security updates need testing:

    https://admin.fedoraproject.org/updates/mhonarc-2.6.18-3.fc15
    https://admin.fedoraproject.org/updates/wordpress-3.1-1.fc15
    https://admin.fedoraproject.org/updates/mailman-2.1.14-5.fc15
    https://admin.fedoraproject.org/updates/krb5-1.9-6.fc15
    https://admin.fedoraproject.org/updates/php-pear-1.9.2-1.fc15
    https://admin.fedoraproject.org/updates/pidgin-2.7.11-1.fc15
    https://admin.fedoraproject.org/updates/libcgroup-0.37.1-1.fc15
    https://admin.fedoraproject.org/updates/openldap-2.4.24-2.fc15
    https://admin.fedoraproject.org/updates/php-5.3.6-1.fc15,php-eaccelerator-0.9.6.1-6.fc15,maniadrive-1.2-29.fc15

The following Fedora 15 Critical Path updates have yet to be approved:

    https://admin.fedoraproject.org/updates/openldap-2.4.24-2.fc15
    https://admin.fedoraproject.org/updates/gcc-4.6.0-0.14.fc15
    https://admin.fedoraproject.org/updates/rsyslog-5.7.9-1.fc15
    https://admin.fedoraproject.org/updates/libX11-1.4.2-1.fc15
    https://admin.fedoraproject.org/updates/libexif-0.6.20-1.fc15
    https://admin.fedoraproject.org/updates/gpgme-1.3.0-4.fc15,kdepim-4.4.10-2.fc15
    https://admin.fedoraproject.org/updates/pm-utils-1.4.1-6.fc15
    https://admin.fedoraproject.org/updates/libXfixes-5.0-1.fc15
    https://admin.fedoraproject.org/updates/perl-PathTools-3.33-1.fc15,perl-5.12.3-155.fc15
    https://admin.fedoraproject.org/updates/xorg-x11-drv-wacom-0.10.99-1.20110315.fc15
    https://admin.fedoraproject.org/updates/bash-4.2.7-2.fc15
    https://admin.fedoraproject.org/updates/xorg-x11-drv-nouveau-0.0.16-22.20110303git92db2bc.fc15

The following builds have been pushed to Fedora 15 updates-testing

    R-mAr-1.1.2-1.fc15
    R-waveslim-1.6.4-1.fc15
    R-wavethresh-4.5-1.fc15
    bti-030-2.fc15
    dogtag-pki-theme-9.0.2-1.fc15
    firefox-4.0-0.21.rc2.fc15
    fontforge-20100501-8.fc15
    gappa-0.14.0-1.fc15
    gcc-4.6.0-0.14.fc15
    gjs-0.7.13-2.fc15
    glibmm24-2.27.97-1.fc15
    gnash-0.8.9-1.fc15
    gnucash-2.4.4-2.fc15
    gpgme-1.3.0-4.fc15
    gprbuild-2010-7.fc15
    gtkmm30-2.99.6-1.fc15
    iproute-2.6.38.1-1.fc15
    kdepim-4.4.10-2.fc15
    libX11-1.4.2-1.fc15
    libexif-0.6.20-1.fc15
    libgadu-1.10.1-1.fc15
    maniadrive-1.2-29.fc15
    openldap-2.4.24-2.fc15
    pam_afs_session-2.2-4.fc15
    perl-App-Cmd-0.311-1.fc15
    perl-Catalyst-Controller-FormBuilder-0.06-1.fc15
    perl-HTTP-Parser-XS-0.13-1.fc15
    perl-Mojolicious-1.14-1.fc15
    perl-Net-GitHub-0.28-1.fc15
    perl-Net-SSH2-0.33-1.fc15
    perl-Test-CPAN-Meta-YAML-0.17-2.fc15
    perl-VOMS-Lite-0.12-1.fc15
    php-5.3.6-1.fc15
    php-eaccelerator-0.9.6.1-6.fc15
    pki-console-9.0.1-1.fc15
    pki-core-9.0.4-1.fc15
    pki-kra-9.0.1-1.fc15
    pki-tps-9.0.1-1.fc15
    pulseaudio-equalizer-2.7-8.fc15
    puppet-2.6.6-1.fc15
    qemu-0.14.0-4.fc15
    rsyslog-5.7.9-1.fc15
    rubygem-launchy-0.4.0-1.fc15
    rubygem-stomp-1.1.8-1.fc15
    system-config-printer-1.3.2-1.fc15
    tuned-0.2.20-1.fc15
    xulrunner-2.0-0.28.rc2.fc15

Details about builds:

================================================================================
 R-mAr-1.1.2-1.fc15 (FEDORA-2011-3615)
 R module to evaluate functions for multivariate AutoRegressive analysis
--------------------------------------------------------------------------------
Update Information:

Update to latest stable version.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 17 2011 José Matos <jamatos at fedoraproject.org> - 1.1.2-1
- Update to latest release.
--------------------------------------------------------------------------------

================================================================================
 R-waveslim-1.6.4-1.fc15 (FEDORA-2011-3599)
 R module, Basic wavelet routines for 1,2 and 3-dimensional signal processing
--------------------------------------------------------------------------------
Update Information:

Update to latest stable version.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 17 2011 José Matos <jamatos at fedoraproject.org> - 1.6.4-1
- Update to latest stable release.
--------------------------------------------------------------------------------

================================================================================
 R-wavethresh-4.5-1.fc15 (FEDORA-2011-3604)
 R module, Software to perform wavelet statistics and transforms
--------------------------------------------------------------------------------
Update Information:

Update to latest stable version.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 17 2011 José Matos <jamatos at fedoraproject.org> - 4.5-1
- Update to latest stable release
- Update url
--------------------------------------------------------------------------------

================================================================================
 bti-030-2.fc15 (FEDORA-2011-3584)
 Bash Twitter/Identi.ca Idiocy
--------------------------------------------------------------------------------
Update Information:

Upstream bugfix release, and also correctly parse passwords containing the '#' character
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Michel Salim <salimma at fedoraproject.org> - 030-2
- Improve detection of comment marker in configuration file
* Fri Mar 18 2011 Michel Salim <salimma at fedoraproject.org> - 030-1
- Update to 0.30
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #688872 - bti-030 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=688872
--------------------------------------------------------------------------------

================================================================================
 dogtag-pki-theme-9.0.2-1.fc15 (FEDORA-2011-3588)
 Certificate System - Dogtag PKI Theme Components
--------------------------------------------------------------------------------
Update Information:

rebase
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 17 2011 Matthew Harmsen <mharmsen at redhat.com> 9.0.2-1
- Bugzilla Bug #688763 - Rebase updated Dogtag Packages for Fedora 15 (alpha)
- Bugzilla Bug #676421 - CC: Remove unused TPS interface calls and add
  audit logging
- Bugzilla Bug #606944 - Convert TPS to use ldap utilities and API from
  OpenLDAP instead of the Mozldap
- Bugzilla Bug #678142 - Flakey JAR packaging encountered on Fedora 15
  when using Mock
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #688763 - Rebase updated Dogtag Packages for Fedora 15 (alpha)
        https://bugzilla.redhat.com/show_bug.cgi?id=688763
  [ 2 ] Bug #676421 - CC: Remove unused TPS interface calls and add audit logging
        https://bugzilla.redhat.com/show_bug.cgi?id=676421
--------------------------------------------------------------------------------

================================================================================
 firefox-4.0-0.21.rc2.fc15 (FEDORA-2011-3616)
 Mozilla Firefox Web browser
--------------------------------------------------------------------------------
Update Information:

Update to Firefox 4.0 RC 2
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Christopher Aillon <caillon at redhat.com> - 4.0-0.21
- Firefox 4.0 RC 2
* Thu Mar 17 2011 Jan Horak <jhorak at redhat.com> - 4.0-0.20
- Rebuild against xulrunner with disabled gnomevfs and enabled gio
--------------------------------------------------------------------------------

================================================================================
 fontforge-20100501-8.fc15 (FEDORA-2011-3608)
 Outline and bitmap font editor
--------------------------------------------------------------------------------
Update Information:

Fix a crash when multiple points of the glyph are selected.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar  1 2011 Paul Williams <paul at frixxon.co.uk> - 20100501-8
- Add patch for charview crash. Fixes bug #660376
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #660376 - [abrt] fontforge-20100501-4.fc14: CVLayer: Process /usr/bin/fontforge was killed by signal 11 (SIGSEGV)
        https://bugzilla.redhat.com/show_bug.cgi?id=660376
--------------------------------------------------------------------------------

================================================================================
 gappa-0.14.0-1.fc15 (FEDORA-2011-3597)
 Prove programs with floating-point or fixed-point arithmetic
--------------------------------------------------------------------------------
Update Information:

The Coq backend now supports a Coq support library (not yet packaged for Fedora).  See https://gforge.inria.fr/frs/shownotes.php?release_id=5526

--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 15 2011 Jerry James <loganjerry at gmail.com> - 0.14.0-1
- New upstream version
- Remove BuildRoot tag
- Use flex and bison to regenerate the lexer and parser
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.13.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------

================================================================================
 gcc-4.6.0-0.14.fc15 (FEDORA-2011-3607)
 Various compilers (C, C++, Objective-C, Java, ...)
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Jakub Jelinek <jakub at redhat.com> 4.6.0-0.14
- update from the 4.6 branch
  - PRs bootstrap/48161, c++/48113, c++/48115, c++/48132, debug/47510,
	debug/48176, libstdc++/48123, middle-end/47405, middle-end/48165,
	target/46778, target/46788, target/48171
- update libstdc++ pretty printers from trunk
--------------------------------------------------------------------------------

================================================================================
 gjs-0.7.13-2.fc15 (FEDORA-2011-3616)
 Javascript Bindings for GNOME
--------------------------------------------------------------------------------
Update Information:

Update to Firefox 4.0 RC 2
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Christopher Aillon <caillon at redhat.com> - 0.7.13-2
- Rebuild against newer gecko
* Thu Mar 10 2011 Colin Walters <walters at verbum.org> - 0.7.13-1
- Update to 0.7.13
--------------------------------------------------------------------------------

================================================================================
 glibmm24-2.27.97-1.fc15 (FEDORA-2011-3609)
 C++ interface for the GLib library
--------------------------------------------------------------------------------
Update Information:

New gtkmm30 and glibmm24 pre-releases with various bugfixes.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Kalev Lember <kalev at smartlink.ee> - 2.27.97-1
- Update to 2.27.97
- BuildRequire mm-common as the doctools are no longer bundled
  with glibmm tarball.
--------------------------------------------------------------------------------

================================================================================
 gnash-0.8.9-1.fc15 (FEDORA-2011-3621)
 GNU flash movie player
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Hicham HAOUARI <hicham.haouari at gmail.com> - 1:0.8.9-1
- Update to 0.8.9 final
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #684693 - [abrt] gnash-1:0.8.8-4.fc14: Process /usr/bin/gtk-gnash was killed by signal 6 (SIGABRT)
        https://bugzilla.redhat.com/show_bug.cgi?id=684693
  [ 2 ] Bug #684888 - [abrt] gnash-1:0.8.8-4.fc14: operator new: Process /usr/bin/gtk-gnash was killed by signal 6 (SIGABRT)
        https://bugzilla.redhat.com/show_bug.cgi?id=684888
  [ 3 ] Bug #685051 - [abrt] gnash-1:0.8.8-4.fc13: unlock: Process /usr/bin/gtk-gnash was killed by signal 6 (SIGABRT)
        https://bugzilla.redhat.com/show_bug.cgi?id=685051
--------------------------------------------------------------------------------

================================================================================
 gnucash-2.4.4-2.fc15 (FEDORA-2011-3602)
 Finance management application
--------------------------------------------------------------------------------
Update Information:

This updates GnuCash to the latest update release, which fixes assorted bugs and updates translations.

For more information, see the upstream changelog at:
  http://gnucash.org/#110314-2.4.4.news

--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Bill Nottingham <notting at redhat.com> - 2.4.4-2
- fix configure.ac to correctly use WEBKIT_LIBS from pkg-config (#670001, <q3aiml at gmail.com>)
* Wed Mar 16 2011 Bill Nottingham <notting at redhat.com> - 2.4.4-1
- update to 2.4.4
* Thu Mar  3 2011 Bill Nottingham <notting at redhat.com> - 2.4.3-1
- update to 2.4.3
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #670001 - Images from stylesheet missing in reports
        https://bugzilla.redhat.com/show_bug.cgi?id=670001
--------------------------------------------------------------------------------

================================================================================
 gpgme-1.3.0-4.fc15 (FEDORA-2011-3611)
 GnuPG Made Easy - high level crypto API
--------------------------------------------------------------------------------
Update Information:

fix kdepim ftbfs against newer gpgme
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 17 2011 Rex Dieter <rdieter at fedoraproject.org> - 1.3.0-4
- gpgme-config: remove libassuan-related flags as threatened (#676954) 
\
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #676954 - gpgme-config outputs -lassuan
        https://bugzilla.redhat.com/show_bug.cgi?id=676954
--------------------------------------------------------------------------------

================================================================================
 gprbuild-2010-7.fc15 (FEDORA-2011-3591)
 Ada project builder
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #675478 - Review Request: gprbuild - Ada project builder
        https://bugzilla.redhat.com/show_bug.cgi?id=675478
--------------------------------------------------------------------------------

================================================================================
 gtkmm30-2.99.6-1.fc15 (FEDORA-2011-3609)
 C++ interface for the GTK+ library
--------------------------------------------------------------------------------
Update Information:

New gtkmm30 and glibmm24 pre-releases with various bugfixes.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Kalev Lember <kalev at smartlink.ee> - 2.99.6-1
- Update to 2.99.6
- BuildRequire mm-common for doctools which are no longer in glibmm24-devel.
--------------------------------------------------------------------------------

================================================================================
 iproute-2.6.38.1-1.fc15 (FEDORA-2011-3619)
 Advanced IP routing and network device configuration tools
--------------------------------------------------------------------------------
Update Information:

iproute 2.6.38.1 bump
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Petr Sabata <psabata at redhat.com> - 2.6.38.1-1
- 2.6.38.1 bump
* Wed Mar 16 2011 Petr Sabata <psabata at redhat.com> - 2.6.38-1
- 2.6.38 bump
--------------------------------------------------------------------------------

================================================================================
 kdepim-4.4.10-2.fc15 (FEDORA-2011-3611)
 KDE PIM (Personal Information Manager) applications
--------------------------------------------------------------------------------
Update Information:

fix kdepim ftbfs against newer gpgme
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 17 2011 Rex Dieter <rdieter at fedoraproject.org> 7:4.4.10-2
- rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #676954 - gpgme-config outputs -lassuan
        https://bugzilla.redhat.com/show_bug.cgi?id=676954
--------------------------------------------------------------------------------

================================================================================
 libX11-1.4.2-1.fc15 (FEDORA-2011-3592)
 Core X11 protocol client library
--------------------------------------------------------------------------------
Update Information:

Bugfix release from upstream.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Adam Jackson <ajax at redhat.com> 1.4.2-1
- libX11 1.4.2
--------------------------------------------------------------------------------

================================================================================
 libexif-0.6.20-1.fc15 (FEDORA-2011-3610)
 Library for extracting extra information from image files
--------------------------------------------------------------------------------
Update Information:

libexif 0.6.20 bump
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Petr Sabata <psabata at redhat.com> - 0.6.20-1
- 0.6.20 bump
- Repackaging prehistoric libexif-docs, introducing version string in filename
- Buildroot cleanup
--------------------------------------------------------------------------------

================================================================================
 libgadu-1.10.1-1.fc15 (FEDORA-2011-3586)
 A Gadu-gadu protocol compatible communications library
--------------------------------------------------------------------------------
Update Information:

Latest stable release. Highlights:
 * SSL support
 * typing notification
 * extra contact information
 * multi-logging and preliminary support for file transfers via server.
 * fixed direct connections
 * fixed connections via proxy server

--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 14 2011 Dominik Mierzejewski <rpm at greysector.net> 1.10.1-1
- updated to 1.10.1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #684733 - libgadu-1.10.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=684733
  [ 2 ] Bug #677256 - libgadu-1.10.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=677256
--------------------------------------------------------------------------------

================================================================================
 maniadrive-1.2-29.fc15 (FEDORA-2011-3614)
 3D stunt driving game
--------------------------------------------------------------------------------
Update Information:

Security Enhancements and Fixes in PHP 5.3.6:
* Enforce security in the fastcgi protocol parsing with fpm SAPI.
* Fixed bug #54247 (format-string vulnerability on Phar). (CVE-2011-1153)
* Fixed bug #54193 (Integer overflow in shmop_read()). (CVE-2011-1092)
* Fixed bug #54055 (buffer overrun with high values for precision ini setting).
* Fixed bug #54002 (crash on crafted tag in exif). (CVE-2011-0708)
* Fixed bug #53885 (ZipArchive segfault with FL_UNCHANGED on empty archive). (CVE-2011-0421)

Full upstream changelog :
http://php.net/ChangeLog-5.php#5.3.6
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 17 2011 Remi Collet <Fedora at famillecollet.com> 1.2-29
- Rebuild for new php 5.3.6
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #688378 - CVE-2011-1153 php: several format string vulnerabilities in PHP's Phar extension
        https://bugzilla.redhat.com/show_bug.cgi?id=688378
  [ 2 ] Bug #680972 - CVE-2011-0708 php: buffer over-read in Exif extension
        https://bugzilla.redhat.com/show_bug.cgi?id=680972
  [ 3 ] Bug #688735 - CVE-2011-0421 php/libzip: segfault with FL_UNCHANGED on empty archive in zip_name_locate()
        https://bugzilla.redhat.com/show_bug.cgi?id=688735
--------------------------------------------------------------------------------

================================================================================
 openldap-2.4.24-2.fc15 (FEDORA-2011-3612)
 LDAP support libraries
--------------------------------------------------------------------------------
Update Information:

Three security issues were fixed during the rebase!

Changes not covered by bugs:

- new: system resource limiting for slapd using ulimit
- fix: possible null pointer dereference in NSS implementation
OpenLDAP package was rebased to 2.4.24.

Extension of API:

* libldap adds: ldap_destroy ldap_dup ldap_sasl_interactive_bind
* libldif adds: ldif_put_wrap ldif_sput_wrap
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Jan Vcelak <jvcelak at redhat.com> 2.4.24-2
- new: system resource limiting for slapd using ulimit
- fix update: openldap can't use TLS after a fork() (#636956)
- fix: possible null pointer dereference in NSS implementation
- fix: openldap-servers upgrade hangs or do not upgrade the database (#664433)
* Mon Feb 14 2011 Jan Vcelak <jvcelak at redhat.com> 2.4.24-1
- rebase to 2.4.24
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #680466 - CVE-2011-1024 openldap: forwarded bind failure messages cause success
        https://bugzilla.redhat.com/show_bug.cgi?id=680466
  [ 2 ] Bug #680472 - CVE-2011-1025 openldap: rootpw not verified via slapd.conf when using the NDB backend
        https://bugzilla.redhat.com/show_bug.cgi?id=680472
  [ 3 ] Bug #680975 - CVE-2011-1081 openldap: DoS when submitting special MODRDN request
        https://bugzilla.redhat.com/show_bug.cgi?id=680975
--------------------------------------------------------------------------------

================================================================================
 pam_afs_session-2.2-4.fc15 (FEDORA-2011-3598)
 AFS PAG and AFS tokens on login
--------------------------------------------------------------------------------
Update Information:

New Release. pam-afs-session is a PAM module intended for use with a Kerberos v5 PAM module to obtain an AFS PAG (Process Authentication Group) and AFS tokens on login. It puts every new session in a PAG regardless of whether it was authenticated with Kerberos and runs a configurable external program to obtain tokens.
--------------------------------------------------------------------------------

================================================================================
 perl-App-Cmd-0.311-1.fc15 (FEDORA-2011-3583)
 Write command line apps with less suffering
--------------------------------------------------------------------------------
Update Information:

Classes are now loaded with Class::Load, which should avoid bugs where classes are not succesfully loaded and program execution continues anyway. More checking is now done to ensure that plugins are members of the correct base class.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Iain Arnell <iarnell at gmail.com> 0.311-1
- update to latest upstream version
--------------------------------------------------------------------------------

================================================================================
 perl-Catalyst-Controller-FormBuilder-0.06-1.fc15 (FEDORA-2011-3590)
 Catalyst FormBuilder Base Controller
--------------------------------------------------------------------------------
Update Information:

This update to the latest upstream version removes the last reference to NEXT:: from the code. The package also updates dependency filtering for rpm 4.9.

--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Iain Arnell <iarnell at gmail.com> 0.06-1
- update to latest upstream version
* Thu Mar 17 2011 Iain Arnell <iarnell at gmail.com> 0.05-9
- don't filter perl(Catalyst::View::HTML::Template) from requires
- drop obsolete no_scalar_util_0_19.patch
- clean up spec for modern rpmbuild
* Wed Feb 16 2011 Marcela Mašláňová <mmaslano at redhat.com> - 0.05-8
- fix filter for RPM4.9
--------------------------------------------------------------------------------

================================================================================
 perl-HTTP-Parser-XS-0.13-1.fc15 (FEDORA-2011-3585)
 A fast, primitive HTTP request parser
--------------------------------------------------------------------------------
Update Information:

This update adds support for HTTP response parsing and fixes parsing of protocol version in the pure perl implementation to exactly match that of XS.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Iain Arnell <iarnell at gmail.com> 0.13-1
- update to latest upstream version
- clean up spec for modern rpmbuild
--------------------------------------------------------------------------------

================================================================================
 perl-Mojolicious-1.14-1.fc15 (FEDORA-2011-3593)
 A next generation web framework for Perl
--------------------------------------------------------------------------------
Update Information:

New bugfix release from upstream 1.14.
Update to latest upstream.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Yanko Kaneti <yaneti at declera.com> 1.14-1
- New bugfix release from upstream 1.14.
* Mon Mar 14 2011 Yanko Kaneti <yaneti at declera.com> 1.13-1
- Update to latest upstream 1.13.
--------------------------------------------------------------------------------

================================================================================
 perl-Net-GitHub-0.28-1.fc15 (FEDORA-2011-3595)
 Perl interface for github.com
--------------------------------------------------------------------------------
Update Information:

This update to the latest upstream version includes:
* use official GitHub API request instead of screen-scraping for 'comments' issues
* partial implementation of Pull Request API
* implementation of organizations API
* update Auth to 'Basic Auth'
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Iain Arnell <iarnell at gmail.com> 0.28-1
- update to latest upstream version
- add examples as doc
--------------------------------------------------------------------------------

================================================================================
 perl-Net-SSH2-0.33-1.fc15 (FEDORA-2011-3617)
 Support for the SSH 2 protocol via libSSH2
--------------------------------------------------------------------------------
Update Information:

This update to the latest upstream version includes:
* add -> trace method, and trace option to ->new (RT#59292)
* remove eval $VERSION, was confusing some testers
* rename symbol libssh2_error to xs_libssh2_error to avoid symbol clashes
* fix splice warning when connecting with a socket handle (RT#56592)
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Iain Arnell <iarnell at gmail.com> 0.33-1
- update to latest upstream version
- clean up spec for modern rpmbuild
--------------------------------------------------------------------------------

================================================================================
 perl-Test-CPAN-Meta-YAML-0.17-2.fc15 (FEDORA-2011-3606)
 Validate a META.yml file within a CPAN distribution
--------------------------------------------------------------------------------
Update Information:

This is the first Fedora/EPEL release of perl-Test-CPAN-Meta-YAML.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #688264 - Review Request: perl-Test-CPAN-Meta-YAML - Validate a META.yml file within a CPAN distribution
        https://bugzilla.redhat.com/show_bug.cgi?id=688264
--------------------------------------------------------------------------------

================================================================================
 perl-VOMS-Lite-0.12-1.fc15 (FEDORA-2011-3587)
 Perl extension for VOMS Attribute certificate creation
--------------------------------------------------------------------------------
Update Information:

VOMS (virtual organisation membership service) is a system for managing grid level authorization data within multi-institutional collaborations via membership and roles within that membership.

VOMS::Lite provides a perl library and client tools for interacting with an existing voms service including the well known C impementation of voms.
VOMS (virtual organisation membership service) is a system for managing grid level authorization data within multi-institutional collaborations via membership and roles within that membership.

VOMS::Lite provides a perl library and client tools for interacting with an existing voms service including the well known C impementation of voms.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #565949 - Review Request: perl-VOMS-Lite - Perl extension for VOMS Attribute certificate creation
        https://bugzilla.redhat.com/show_bug.cgi?id=565949
--------------------------------------------------------------------------------

================================================================================
 php-5.3.6-1.fc15 (FEDORA-2011-3614)
 PHP scripting language for creating dynamic web sites
--------------------------------------------------------------------------------
Update Information:

Security Enhancements and Fixes in PHP 5.3.6:
* Enforce security in the fastcgi protocol parsing with fpm SAPI.
* Fixed bug #54247 (format-string vulnerability on Phar). (CVE-2011-1153)
* Fixed bug #54193 (Integer overflow in shmop_read()). (CVE-2011-1092)
* Fixed bug #54055 (buffer overrun with high values for precision ini setting).
* Fixed bug #54002 (crash on crafted tag in exif). (CVE-2011-0708)
* Fixed bug #53885 (ZipArchive segfault with FL_UNCHANGED on empty archive). (CVE-2011-0421)

Full upstream changelog :
http://php.net/ChangeLog-5.php#5.3.6
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 17 2011 Remi Collet <Fedora at famillecollet.com> 5.3.6-1
- update to 5.3.6
  http://www.php.net/ChangeLog-5.php#5.3.6
- fix php-pdo arch specific requires
* Mon Mar  7 2011 Caolán McNamara <caolanm at redhat.com> 5.3.5-5
- rebuild for icu 4.6
* Mon Feb 28 2011 Remi Collet <Fedora at famillecollet.com> 5.3.5-4
- fix systemd-units requires
* Thu Feb 24 2011 Remi Collet <Fedora at famillecollet.com> 5.3.5-3
- add tmpfiles.d configuration for php-fpm
- add Arch specific requires/provides
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #688378 - CVE-2011-1153 php: several format string vulnerabilities in PHP's Phar extension
        https://bugzilla.redhat.com/show_bug.cgi?id=688378
  [ 2 ] Bug #680972 - CVE-2011-0708 php: buffer over-read in Exif extension
        https://bugzilla.redhat.com/show_bug.cgi?id=680972
  [ 3 ] Bug #688735 - CVE-2011-0421 php/libzip: segfault with FL_UNCHANGED on empty archive in zip_name_locate()
        https://bugzilla.redhat.com/show_bug.cgi?id=688735
--------------------------------------------------------------------------------

================================================================================
 php-eaccelerator-0.9.6.1-6.fc15 (FEDORA-2011-3614)
 PHP accelerator, optimizer, encoder and dynamic content cacher
--------------------------------------------------------------------------------
Update Information:

Security Enhancements and Fixes in PHP 5.3.6:
* Enforce security in the fastcgi protocol parsing with fpm SAPI.
* Fixed bug #54247 (format-string vulnerability on Phar). (CVE-2011-1153)
* Fixed bug #54193 (Integer overflow in shmop_read()). (CVE-2011-1092)
* Fixed bug #54055 (buffer overrun with high values for precision ini setting).
* Fixed bug #54002 (crash on crafted tag in exif). (CVE-2011-0708)
* Fixed bug #53885 (ZipArchive segfault with FL_UNCHANGED on empty archive). (CVE-2011-0421)

Full upstream changelog :
http://php.net/ChangeLog-5.php#5.3.6
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 17 2011 Remi Collet <Fedora at FamilleCollet.com> - 1:0.9.6.1-6
- rebuild against PHP 5.3.6
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #688378 - CVE-2011-1153 php: several format string vulnerabilities in PHP's Phar extension
        https://bugzilla.redhat.com/show_bug.cgi?id=688378
  [ 2 ] Bug #680972 - CVE-2011-0708 php: buffer over-read in Exif extension
        https://bugzilla.redhat.com/show_bug.cgi?id=680972
  [ 3 ] Bug #688735 - CVE-2011-0421 php/libzip: segfault with FL_UNCHANGED on empty archive in zip_name_locate()
        https://bugzilla.redhat.com/show_bug.cgi?id=688735
--------------------------------------------------------------------------------

================================================================================
 pki-console-9.0.1-1.fc15 (FEDORA-2011-3620)
 Certificate System - PKI Console
--------------------------------------------------------------------------------
Update Information:

rebase
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 17 2011 Matthew Harmsen <mharmsen at redhat.com> 9.0.1-1
- Bugzilla Bug #688763 - Rebase updated Dogtag Packages for Fedora 15 (alpha)
- Bugzilla Bug #676682 - REGRESSION: Restore missing 'gif' files
  to console . . .
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #688763 - Rebase updated Dogtag Packages for Fedora 15 (alpha)
        https://bugzilla.redhat.com/show_bug.cgi?id=688763
  [ 2 ] Bug #676682 - REGRESSION:  Restore missing 'gif' files to console . . .
        https://bugzilla.redhat.com/show_bug.cgi?id=676682
--------------------------------------------------------------------------------

================================================================================
 pki-core-9.0.4-1.fc15 (FEDORA-2011-3603)
 Certificate System - PKI Core Components
--------------------------------------------------------------------------------
Update Information:

rebase
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 17 2011 Matthew Harmsen <mharmsen at redhat.com> 9.0.4-1
- Bugzilla Bug #688763 - Rebase updated Dogtag Packages for Fedora 15 (alpha)
- Bugzilla Bug #676182 - IPA installation failing - Fails to create CA
  instance
- Bugzilla Bug #675742 - Profile caIPAserviceCert Not Found
- 'pki-setup'
-     Bugzilla Bug #678157 - uninitialized variable warnings from Perl
-     Bugzilla Bug #679574 - Velocity fails to load all dependent classes
-     Bugzilla Bug #680420 - xml-commons-apis.jar dependency
-     Bugzilla Bug #682013 - pkisilent needs xml-commons-apis.jar in it's
      classpath
-     Bugzilla Bug #673508 - CS8 64 bit pkicreate script uses wrong library
      name for SafeNet LunaSA
- 'pki-common'
-     Bugzilla Bug #673638 - Installation within IPA hangs
-     Bugzilla Bug #678715 - netstat loop fixes needed
-     Bugzilla Bug #673609 - CC: authorize() call needs to be added to
      getStats servlet
- 'pki-selinux'
-     Bugzilla Bug #674195: SELinux error message thrown during token
      enrollment
- 'pki-ca'
-     Bugzilla Bug #673638 - Installation within IPA hangs
-     Bugzilla Bug #673609 - CC: authorize() call needs to be added to
      getStats servlet
-     Bugzilla Bug #676330 - init script cannot start service
- 'pki-silent'
-     Bugzilla Bug #682013 - pkisilent needs xml-commons-apis.jar in it's
      classpath
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #688763 - Rebase updated Dogtag Packages for Fedora 15 (alpha)
        https://bugzilla.redhat.com/show_bug.cgi?id=688763
  [ 2 ] Bug #673638 - Installation within IPA hangs
        https://bugzilla.redhat.com/show_bug.cgi?id=673638
  [ 3 ] Bug #675742 - Profile caIPAserviceCert Not Found
        https://bugzilla.redhat.com/show_bug.cgi?id=675742
  [ 4 ] Bug #678157 - uninitialized variable warnings from Perl
        https://bugzilla.redhat.com/show_bug.cgi?id=678157
  [ 5 ] Bug #679574 - Velocity fails to load all dependent classes
        https://bugzilla.redhat.com/show_bug.cgi?id=679574
  [ 6 ] Bug #680420 - xml-commons-apis.jar dependency
        https://bugzilla.redhat.com/show_bug.cgi?id=680420
  [ 7 ] Bug #682013 - pkisilent needs xml-commons-apis.jar in it's classpath
        https://bugzilla.redhat.com/show_bug.cgi?id=682013
--------------------------------------------------------------------------------

================================================================================
 pki-kra-9.0.1-1.fc15 (FEDORA-2011-3582)
 Certificate System - Data Recovery Manager
--------------------------------------------------------------------------------
Update Information:

rebase
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 17 2011 Matthew Harmsen <mharmsen at redhat.com> 9.0.1-1
- Bugzilla Bug #688763 - Rebase updated Dogtag Packages for Fedora 15 (alpha)
- Bugzilla Bug #673638 - Installation within IPA hangs
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #688763 - Rebase updated Dogtag Packages for Fedora 15 (alpha)
        https://bugzilla.redhat.com/show_bug.cgi?id=688763
  [ 2 ] Bug #673638 - Installation within IPA hangs
        https://bugzilla.redhat.com/show_bug.cgi?id=673638
--------------------------------------------------------------------------------

================================================================================
 pki-tps-9.0.1-1.fc15 (FEDORA-2011-3605)
 Certificate System - Token Processing System
--------------------------------------------------------------------------------
Update Information:

rebase
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 17 2011 Matthew Harmsen <mharmsen at redhat.com> 9.0.1-1
- Bugzilla Bug #688763 - Rebase updated Dogtag Packages for Fedora 15 (alpha)
- Bugzilla Bug #676421 - CC: Remove unused TPS interface calls and add
  audit logging
- Bugzilla Bug #676678 - Missing audit log messages for Secure Channel
  Generation.
- Bugzilla Bug #606944 - Convert TPS to use ldap utilities and API from
  OpenLDAP instead of the Mozldap
- Bugzilla Bug #676152 - Token enrollment with symmetric key change over
  fails.
- Bugzilla Bug #674396 - TPS: some audit signatures failed to verify
- Bugzilla Bug #680567 - CC doc: remove update.applet.directory audit
  message from TPS doc.
- Bugzilla Bug #681066 - TPS authentication crash when exercising audit
  log message.
- Bugzilla Bug #684259 - incorrect group used for tps operators
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #688763 - Rebase updated Dogtag Packages for Fedora 15 (alpha)
        https://bugzilla.redhat.com/show_bug.cgi?id=688763
  [ 2 ] Bug #676421 - CC: Remove unused TPS interface calls and add audit logging
        https://bugzilla.redhat.com/show_bug.cgi?id=676421
--------------------------------------------------------------------------------

================================================================================
 pulseaudio-equalizer-2.7-8.fc15 (FEDORA-2011-3613)
 A 15 Bands Equalizer for PulseAudio
--------------------------------------------------------------------------------
Update Information:

--------------------------------------------------------------------------------
ChangeLog:

* Sat Mar 19 2011 Hicham HAOUARI <hicham.haouari at gmail.com> - 2.7-8
- Change gnome-volume-control to multimedia-volume-control in desktop file
* Thu Mar 17 2011 Hicham HAOUARI <hicham.haouari at gmail.com> - 2.7-7
- Better fix for rhbz #632940
- Do not crash on missing preset, fixes rhbz #679005
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #679005 - [abrt] pulseaudio-equalizer-2.7-5.fc14: pulseaudio-equalizer.py:184:on_presetsbox:IOError: [Errno 2] No such file or directory: '/usr/share/pulseaudio-equalizer/presets/m.preset'
        https://bugzilla.redhat.com/show_bug.cgi?id=679005
--------------------------------------------------------------------------------

================================================================================
 puppet-2.6.6-1.fc15 (FEDORA-2011-3581)
 A network tool for managing many disparate systems
--------------------------------------------------------------------------------
Update Information:

The update to puppet-2.6.6 brings a large number of bug fixes and several new language features.  As is typical with puppet version bumps, it is recommended to update the puppetmaster before updating the clients.

For details on what's changed, refer to the upstream release notes:

http://projects.puppetlabs.com/projects/puppet/wiki/Release_Notes

(This update includes several of the fixes for regressions which are included in puppet-2.6.7rc1.)
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 16 2011 Todd Zullinger <tmz at pobox.com> - 2.6.6-1
- Update to 2.6.6
- Ensure %pre exits cleanly
- Fix License tag, puppet is now GPLv2 only
- Create and own /usr/share/puppet/modules (#615432)
- Properly restart puppet agent/master daemons on upgrades from 0.25.x
- Require libselinux-utils when selinux support is enabled
- Support tmpfiles.d for Fedora >= 15 (#656677)
- Apply a few upstream fixes for 0.25.5 regressions
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #615432 - The puppet package should own /usr/share/puppet/modules
        https://bugzilla.redhat.com/show_bug.cgi?id=615432
  [ 2 ] Bug #656677 - Please Update Spec File to use %ghost on files in /var/run and /var/lock
        https://bugzilla.redhat.com/show_bug.cgi?id=656677
  [ 3 ] Bug #666094 - RFE: Update to 2.6 release series
        https://bugzilla.redhat.com/show_bug.cgi?id=666094
  [ 4 ] Bug #615175 - warning: Puppet::Type.create is deprecated; use Puppet::Type.new
        https://bugzilla.redhat.com/show_bug.cgi?id=615175
  [ 5 ] Bug #616519 - puppet warnings about metaclass deprecation
        https://bugzilla.redhat.com/show_bug.cgi?id=616519
--------------------------------------------------------------------------------

================================================================================
 qemu-0.14.0-4.fc15 (FEDORA-2011-3594)
 QEMU is a FAST! processor emulator
--------------------------------------------------------------------------------
Update Information:

This update fixes the crash with spice guests, and a migration issue with vhost.
This update fixes the crash with spice guests, and a migration issue with vhost.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Justin M. Forbes <jforbes at redhat.com> - 2:0.14.0-4
- Fix thinko on adding the most recent patches.
* Wed Mar 16 2011 Justin M. Forbes <jforbes at redhat.com> - 2:0.14.0-3
- Fix migration issue with vhost
- Fix qxl locking issues for spice
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #681220 - Starting of a virtual machine ends with qemu-kvm: /builddir/build/BUILD/qemu-kvm-0.14.0/qemu-kvm.c:1724: kvm_mutex_unlock: Assertion `!cpu_single_env' failed.
        https://bugzilla.redhat.com/show_bug.cgi?id=681220
--------------------------------------------------------------------------------

================================================================================
 rsyslog-5.7.9-1.fc15 (FEDORA-2011-3600)
 Enhanced system logging and kernel message trapping daemon
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Tomas Heinrich <theinric at redhat.com> 5.7.9-1
- upgrade to new upstream version 5.7.9
- enable compilation of several new modules,
  create new subpackages for some of them
- integrate changes from Lennart Poettering
  to add support for systemd
  - add rsyslog-5.7.9-systemd.patch to tweak the upstream
    service file to honour configuration from /etc/sysconfig/rsyslog
* Fri Mar 18 2011 Dennis Gilmore <dennis at ausil.us> - 5.6.2-3
- sparc64 needs big PIE
--------------------------------------------------------------------------------

================================================================================
 rubygem-launchy-0.4.0-1.fc15 (FEDORA-2011-3601)
 Helper class for cross-platform launching of applications
--------------------------------------------------------------------------------
Update Information:

New version
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 <stahnma at fedoraproject.org> - 0.4.0-1
- New version upstream
--------------------------------------------------------------------------------

================================================================================
 rubygem-stomp-1.1.8-1.fc15 (FEDORA-2011-3618)
 Ruby client for the Stomp messaging protocol
--------------------------------------------------------------------------------
Update Information:

new version
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 <stahnma at fedoraproject.org> - 1.1.8-1
- New version from upstream
--------------------------------------------------------------------------------

================================================================================
 system-config-printer-1.3.2-1.fc15 (FEDORA-2011-3596)
 A printer administration tool
--------------------------------------------------------------------------------
Update Information:

This update fixes several bugs and re-enables translations that were accidentally disabled.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Tim Waugh <twaugh at redhat.com> 1.3.2-1
- 1.3.2:
  - Set connected state when connecting to server fails (bug #685098).
  - Handle the situation where cupsd has died/restarted more gracefully.
  - Renamed ui/*.ui -> ui/*.glade again, fixing translations.
  - Just hide Printer Properties dialog on delete-event (Ubuntu #729966).
  - Extra job options: print-quality, printer-resolution, output-bin.
  - Automatically show horizontal scrollbar in job options screen.
  - Ignore "output-mode-default" attribute as it is not settable.
  - Handle IPP_TAG_RESOLUTION types (requires pycups-1.9.55).
  - Don't traceback if option value cannot be handled.
  - Fixed traceback in options.py (bug #679103).
  - Handle URIs in Find Network Printer entry, and use 'Enter URI'
    instead of 'Other' (bug #685091).
  - Use "Do It Later" instead of "Cancel" for adjust firewall dialog
    (trac #213).
  - Fixed an instance where NewPrinterGUI might not have self.printers
    set (bug #680683).
  - IPPHostname can contain colon (to specify port).
  - Fixed automatic driver installation when changing the driver.
  - Removed stale code left over from conversion to gobjects.
  - Ensure all uses of ppdsloader supply the Device ID.
  - Fixed some small typos in newprinter --help output.
  - Prevent traceback after 2nd drivers search dialog is cancelled
    (bug #680288).
  - Activated and fixed testing mode for device ID/driver association
  - Match HP-Fax2/3/... PPDs, as well as Ubuntu/Debian hpijs-ppds
    packages.
  - preferreddrivers.xml: Identify hpcups and hpijs fax PPDs.
  - Match native hpijs driver (drv:///hp/hpijs.drv/...) as "hpijs".
  - Handle Ubuntu locations of hpcups.drv and hpijs.drv.
  - preferreddrivers.xml: match OpenPrinting gutenprint PPD names as
    gutenprint.
  - Removed DES field check altogether.
  - xmldriverprefs.test: show order more clearly.
  - Make xmldriverprefs.test() debugging optional.
  - More debugging during PPD selection.
  - Prefer foomatic PostScript drivers before PCL drivers (except
    foomatic-recommended ones).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #685098 - [abrt] system-config-printer-1.3.1-1.fc15: authconn.py:197:_connect:RuntimeError: failed to connect to server
        https://bugzilla.redhat.com/show_bug.cgi?id=685098
  [ 2 ] Bug #679103 - [abrt] system-config-printer-1.2.6-3.fc14: options.py:365:get_current_value:TypeError: int() argument must be a string or a number, not 'NoneType'
        https://bugzilla.redhat.com/show_bug.cgi?id=679103
  [ 3 ] Bug #685091 - Adding printer using URL is not intuitive
        https://bugzilla.redhat.com/show_bug.cgi?id=685091
  [ 4 ] Bug #680683 - [abrt] system-config-printer-1.3.1-1.fc15: newprinter.py:1276:setNPButtons:AttributeError: 'NewPrinterGUI' object has no attribute 'printers'
        https://bugzilla.redhat.com/show_bug.cgi?id=680683
  [ 5 ] Bug #680288 - [abrt] system-config-printer-1.3.1-1.fc16: newprinter.py:3214:on_NPDrivers_query_tooltip:AttributeError: 'NoneType' object has no attribute 'getInfoFromPPDName'
        https://bugzilla.redhat.com/show_bug.cgi?id=680288
  [ 6 ] Bug #652352 - Weird tooltip behaviour in job viewer
        https://bugzilla.redhat.com/show_bug.cgi?id=652352
--------------------------------------------------------------------------------

================================================================================
 tuned-0.2.20-1.fc15 (FEDORA-2011-3589)
 A dynamic adaptive system tuning daemon
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Jan Vcelak <jvcelak at redhat.com> 0.2.20-1
- new manual pages: diskdevstat, netdevstat, scomes, and varnetload
- updated obsolete parts in the other manual pages
- laptop-battery-powersave profile fixes
- support for new network device naming
- EEE PC dynamic FSB reclocking is done dynamicly in CPU plugin (Jaroslav Skarvada)
--------------------------------------------------------------------------------

================================================================================
 xulrunner-2.0-0.28.rc2.fc15 (FEDORA-2011-3616)
 XUL Runtime for Gecko Applications
--------------------------------------------------------------------------------
Update Information:

Update to Firefox 4.0 RC 2
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Christopher Aillon <caillon at redhat.com> - 2.0-0.28
- Update to 2.0 RC2
* Thu Mar 17 2011 Jan Horak <jhorak at redhat.com> - 2.0-0.27
- Disabled gnomevfs
- Enabled gio
- Build with system libvpx
--------------------------------------------------------------------------------