Fedora 14 updates-testing report

Sat Mar 19 10:34:43 UTC 2011

The following Fedora 14 Security updates need testing:

    https://admin.fedoraproject.org/updates/libcgroup-0.36.2-6.fc14
    https://admin.fedoraproject.org/updates/libvirt-0.8.3-6.fc14
    https://admin.fedoraproject.org/updates/krb5-1.8.2-9.fc14
    https://admin.fedoraproject.org/updates/couchdb-1.0.2-1.fc14
    https://admin.fedoraproject.org/updates/mailman-2.1.13-7.fc14
    https://admin.fedoraproject.org/updates/php-pear-1.9.2-1.fc14
    https://admin.fedoraproject.org/updates/mono-addins-0.5-2.fc14,mono-2.6.7-4.fc14
    https://admin.fedoraproject.org/updates/389-admin-1.1.15-1.fc14
    https://admin.fedoraproject.org/updates/tor-0.2.1.29-1400.fc14
    https://admin.fedoraproject.org/updates/gnash-0.8.9-1.fc14
    https://admin.fedoraproject.org/updates/openldap-2.4.23-10.fc14
    https://admin.fedoraproject.org/updates/php-5.3.6-1.fc14,php-eaccelerator-0.9.6.1-6.fc14,maniadrive-1.2-27.fc14
    https://admin.fedoraproject.org/updates/exim-4.72-2.fc14
    https://admin.fedoraproject.org/updates/feh-1.10.1-1.fc14
    https://admin.fedoraproject.org/updates/postfix-2.7.3-1.fc14
    https://admin.fedoraproject.org/updates/avahi-0.6.27-6.fc14
    https://admin.fedoraproject.org/updates/pure-ftpd-1.0.30-1.fc14
    https://admin.fedoraproject.org/updates/mhonarc-2.6.18-3.fc14

The following Fedora 14 Critical Path updates have yet to be approved:

    https://admin.fedoraproject.org/updates/openldap-2.4.23-10.fc14
    https://admin.fedoraproject.org/updates/NetworkManager-0.8.3.998-1.fc14
    https://admin.fedoraproject.org/updates/gdb-7.2-48.fc14
    https://admin.fedoraproject.org/updates/selinux-policy-3.9.7-35.fc14
    https://admin.fedoraproject.org/updates/cronie-1.4.7-1.fc14
    https://admin.fedoraproject.org/updates/tzdata-2011d-1.fc14
    https://admin.fedoraproject.org/updates/tzdata-2011b-3.fc14
    https://admin.fedoraproject.org/updates/perl-ExtUtils-XSpp-0.15-2.fc14,perl-5.12.3-142.fc14,perl-Wx-0.98-5.fc14
    https://admin.fedoraproject.org/updates/avahi-0.6.27-6.fc14
    https://admin.fedoraproject.org/updates/libconfig-1.4.6-1.fc14
    https://admin.fedoraproject.org/updates/lua-5.1.4-7.fc14
    https://admin.fedoraproject.org/updates/mobile-broadband-provider-info-1.20110218-1.fc14
    https://admin.fedoraproject.org/updates/xorg-x11-drv-geode-2.11.11-4.fc14

The following builds have been pushed to Fedora 14 updates-testing

    NetworkManager-0.8.3.998-1.fc14
    R-mAr-1.1.2-1.fc14
    R-waveslim-1.6.4-1.fc14
    R-wavethresh-4.5-1.fc14
    emacs-common-riece-7.0.3-1.fc14
    fontforge-20100501-8.fc14
    gappa-0.14.0-1.fc14
    gdb-7.2-48.fc14
    gnash-0.8.9-1.fc14
    gnucash-2.4.4-2.fc14
    libgadu-1.10.1-1.fc14
    llvm-2.8-10.fc14
    maniadrive-1.2-27.fc14
    olpc-utils-1.2.9-1.fc14
    openldap-2.4.23-10.fc14
    pam_afs_session-2.2-4.fc14
    perl-Net-GitHub-0.28-1.fc14
    perl-Net-SSH2-0.33-1.fc14
    perl-Test-CPAN-Meta-YAML-0.17-2.fc14
    perl-VOMS-Lite-0.12-1.fc14
    php-5.3.6-1.fc14
    php-eaccelerator-0.9.6.1-6.fc14
    pulseaudio-equalizer-2.7-8.fc14
    puppet-2.6.6-1.fc14
    rubygem-launchy-0.4.0-1.fc14
    rubygem-stomp-1.1.8-1.fc14
    rxtx-2.2-0.4.20100211.fc14
    safekeep-1.3.2-1.fc14
    selinux-policy-3.9.7-35.fc14
    shotwell-0.8.1-2.fc14
    sssd-1.5.3-3.fc14
    taglib-1.7-1.fc14
    unbound-1.4.8-1.fc14
    xorg-x11-server-1.9.5-1.fc14

Details about builds:

================================================================================
 NetworkManager-0.8.3.998-1.fc14 (FEDORA-2011-3660)
 Network connection manager and user applications
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Dan Williams <dcbw at redhat.com> - 0.8.3.998-1
- Update to 0.8.3.998 (0.8.4-rc1)
- applet: don't overwrite already migrated certificate paths (rh #682288)
- core: fix some mistakenly invisible libnm-glib symbols
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #682288 - Connection editor repeatedly migrates "nma-path-ca-cert", overwriting user-set "ca-cert"
        https://bugzilla.redhat.com/show_bug.cgi?id=682288
--------------------------------------------------------------------------------

================================================================================
 R-mAr-1.1.2-1.fc14 (FEDORA-2011-3651)
 R module to evaluate functions for multivariate AutoRegressive analysis
--------------------------------------------------------------------------------
Update Information:

Update to latest stable version.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 17 2011 José Matos <jamatos at fedoraproject.org> - 1.1.2-1
- Update to latest release.
* Mon Feb  7 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.1.1-17
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------

================================================================================
 R-waveslim-1.6.4-1.fc14 (FEDORA-2011-3652)
 R module, Basic wavelet routines for 1,2 and 3-dimensional signal processing
--------------------------------------------------------------------------------
Update Information:

Update to latest stable version.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 17 2011 José Matos <jamatos at fedoraproject.org> - 1.6.4-1
- Update to latest stable release.
* Mon Feb  7 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.6.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------

================================================================================
 R-wavethresh-4.5-1.fc14 (FEDORA-2011-3622)
 R module, Software to perform wavelet statistics and transforms
--------------------------------------------------------------------------------
Update Information:

Update to latest stable version.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 17 2011 José Matos <jamatos at fedoraproject.org> - 4.5-1
- Update to latest stable release
- Update url
* Mon Feb  7 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.2.11-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------

================================================================================
 emacs-common-riece-7.0.3-1.fc14 (FEDORA-2011-3650)
 Yet Another IRC Client for Emacs and XEmacs
--------------------------------------------------------------------------------
Update Information:

Riece is an IRC client for Emacs.

Riece provides the following features:

- Several IRC servers may be used at the same time.
- Essential features can be built upon the extension framework (called
  "add-on") capable of dependency tracking.
- Installation is easy.  Riece doesn't depend on other packages.
- Setup is easy.  Automatically save/restore the configuration.
- Riece uses separate windows to display users, channels, and
  dialogues.  The user can select the window layout.
- Step-by-step instructions (in info format) are included.
- Mostly compliant with RFC 2812.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #579449 - Review Request: emacs-common-riece - Yet Another IRC Client for Emacs and XEmacs
        https://bugzilla.redhat.com/show_bug.cgi?id=579449
--------------------------------------------------------------------------------

================================================================================
 fontforge-20100501-8.fc14 (FEDORA-2011-3641)
 Outline and bitmap font editor
--------------------------------------------------------------------------------
Update Information:

Fix a crash when multiple points of a glyph were selected.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar  1 2011 Paul Williams <paul at frixxon.co.uk> - 20100501-8
- Add patch for charview crash. Fixes bug #660376
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #660376 - [abrt] fontforge-20100501-4.fc14: CVLayer: Process /usr/bin/fontforge was killed by signal 11 (SIGSEGV)
        https://bugzilla.redhat.com/show_bug.cgi?id=660376
--------------------------------------------------------------------------------

================================================================================
 gappa-0.14.0-1.fc14 (FEDORA-2011-3647)
 Prove programs with floating-point or fixed-point arithmetic
--------------------------------------------------------------------------------
Update Information:

The Coq backend now supports a Coq support library (not yet packaged for Fedora).  See https://gforge.inria.fr/frs/shownotes.php?release_id=5526

--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 15 2011 Jerry James <loganjerry at gmail.com> - 0.14.0-1
- New upstream version
- Remove BuildRoot tag
- Use flex and bison to regenerate the lexer and parser
--------------------------------------------------------------------------------

================================================================================
 gdb-7.2-48.fc14 (FEDORA-2011-3635)
 A GNU source-level debugger for C, C++, Java and other languages
--------------------------------------------------------------------------------
Update Information:

Fix i386 rwatch+awatch before run (BZ 688788, on top of BZ 541866).

--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Jan Kratochvil <jan.kratochvil at redhat.com> - 7.2-48.fc14
- Fix i386 rwatch+awatch before run (BZ 688788, on top of BZ 541866).
* Tue Mar  8 2011 Jan Kratochvil <jan.kratochvil at redhat.com> - 7.2-47.fc14
- [vla] New testcase for the unfinished types garbage collector (for BZ 682286).
--------------------------------------------------------------------------------

================================================================================
 gnash-0.8.9-1.fc14 (FEDORA-2011-3658)
 GNU flash movie player
--------------------------------------------------------------------------------
Update Information:

--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Hicham HAOUARI <hicham.haouari at gmail.com> - 1:0.8.9-1
- Update to 0.8.9 final
* Sat Mar 12 2011 Hicham HAOUARI <hicham.haouari at gmail.com> - 1:0.8.9-0.1.20110312git
- Switch to 0.8.9 branch
- Spec cleanup
- Add extensions
- Enable testsuite
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1:0.8.8-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #669851 - CVE-2010-4337 gnash: symlink attack via configure script
        https://bugzilla.redhat.com/show_bug.cgi?id=669851
--------------------------------------------------------------------------------

================================================================================
 gnucash-2.4.4-2.fc14 (FEDORA-2011-3648)
 Finance management application
--------------------------------------------------------------------------------
Update Information:

This updates GnuCash to the latest update release, which fixes assorted bugs and updates translations.

    For more information, see the upstream changelog at: http://gnucash.org/#110314-2.4.4.news
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Bill Nottingham <notting at redhat.com> - 2.4.4-2
- fix configure.ac to correctly use WEBKIT_LIBS from pkg-config (#670001, <q3aiml at gmail.com>)
* Wed Mar 16 2011 Bill Nottingham <notting at redhat.com> - 2.4.4-1
- update to 2.4.4
* Thu Mar  3 2011 Bill Nottingham <notting at redhat.com> - 2.4.3-1
- update to 2.4.3
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #670001 - Images from stylesheet missing in reports
        https://bugzilla.redhat.com/show_bug.cgi?id=670001
--------------------------------------------------------------------------------

================================================================================
 libgadu-1.10.1-1.fc14 (FEDORA-2011-3633)
 A Gadu-gadu protocol compatible communications library
--------------------------------------------------------------------------------
Update Information:

Latest stable release. Highlights:
 * SSL support
 * typing notification
 * extra contact information
 * multi-logging and preliminary support for file transfers via server.
 * fixed direct connections
 * fixed connections via proxy server

--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 14 2011 Dominik Mierzejewski <rpm at greysector.net> 1.10.1-1
- updated to 1.10.1
* Sun Feb 27 2011 Dominik Mierzejewski <rpm at greysector.net> 1.10.0-1
- updated to 1.10.0 final
- enabled SSL support via gnutls
- added API docs to -doc
- updated summaries and descriptions for -devel
* Mon Feb  7 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.9.1-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Mon Nov 15 2010 Dominik Mierzejewski <rpm at greysector.net> 1.9.1-1
- updated to 1.9.1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #684733 - libgadu-1.10.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=684733
  [ 2 ] Bug #677256 - libgadu-1.10.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=677256
--------------------------------------------------------------------------------

================================================================================
 llvm-2.8-10.fc14 (FEDORA-2011-3640)
 The Low Level Virtual Machine
--------------------------------------------------------------------------------
Update Information:

- Now includes arch-specific C++ header files in clang++'s search path
- Shared libraries separated out to accommodate programs dynamically linked against LLVM
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 17 2011 Michel Salim <salimma at fedoraproject.org> - 2.8-10
- Don't include test logs; breaks multilib (# 666195)
- Split shared libraries into separate subpackage
* Thu Mar 17 2011 Michel Salim <salimma at fedoraproject.org> - 2.8-9
- clang++: fix platform-specific include dirs (# 680644)
* Thu Mar 17 2011 Michel Salim <salimma at fedoraproject.org> - 2.8-8
- clang++: also search for platform-specific include files (# 680644)
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.8-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Mon Jan 10 2011 Richard W.M. Jones <rjones at redhat.com> - 2.8-6
- Rebuild for OCaml 3.12 (http://fedoraproject.org/wiki/Features/OCaml3.12).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #680644 - Clang compiler:  Can't find bits/c++config.h
        https://bugzilla.redhat.com/show_bug.cgi?id=680644
  [ 2 ] Bug #666195 - Impossible to install 32bit and 64bit llvm at the same time
        https://bugzilla.redhat.com/show_bug.cgi?id=666195
--------------------------------------------------------------------------------

================================================================================
 maniadrive-1.2-27.fc14 (FEDORA-2011-3636)
 3D stunt driving game
--------------------------------------------------------------------------------
Update Information:

Security Enhancements and Fixes in PHP 5.3.6:
* Fixed bug #54247 (format-string vulnerability on Phar). (CVE-2011-1153)
* Fixed bug #54193 (Integer overflow in shmop_read()). (CVE-2011-1092)
* Fixed bug #54055 (buffer overrun with high values for precision ini setting).
* Fixed bug #54002 (crash on crafted tag in exif). (CVE-2011-0708)
* Fixed bug #53885 (ZipArchive segfault with FL_UNCHANGED on empty archive). (CVE-2011-0421)

Full upstream changelog :
http://php.net/ChangeLog-5.php#5.3.6
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 17 2011 Remi Collet <Fedora at famillecollet.com> 1.2-27
- Rebuild for new php 5.3.6
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #688378 - CVE-2011-1153 php: several format string vulnerabilities in PHP's Phar extension
        https://bugzilla.redhat.com/show_bug.cgi?id=688378
  [ 2 ] Bug #680972 - CVE-2011-0708 php: buffer over-read in Exif extension
        https://bugzilla.redhat.com/show_bug.cgi?id=680972
  [ 3 ] Bug #688735 - CVE-2011-0421 php/libzip: segfault with FL_UNCHANGED on empty archive in zip_name_locate()
        https://bugzilla.redhat.com/show_bug.cgi?id=688735
--------------------------------------------------------------------------------

================================================================================
 olpc-utils-1.2.9-1.fc14 (FEDORA-2011-3655)
 OLPC utilities
--------------------------------------------------------------------------------
Update Information:

Disable DPMS on XO-1.5, disable X TCP access, and fix another keyboard detection issue.
Keyboard detection bugfixes and some X config tweaks.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 17 2011 Daniel Drake <dsd at laptop.org> - 1.2.9-1
- force-disable DPMS to workaround bug in chrome driver
- olpc-dm: disable X TCP port
- another keyboard detection fix
* Tue Mar  8 2011 Daniel Drake <dsd at laptop.org> - 1.2.8-1
- update keyboard detection code
- use symlink for X config
- force-enable XO-1.5 audio capture mixer
- drop MigrationHeuristic workaround for XO-1.5 video
--------------------------------------------------------------------------------

================================================================================
 openldap-2.4.23-10.fc14 (FEDORA-2011-3627)
 LDAP support libraries
--------------------------------------------------------------------------------
Update Information:

Changes not covered by bugs:

- removed slurpd options from sysconfig/ldap
- fix: possible null pointer dereference in NSS implementation
--------------------------------------------------------------------------------
ChangeLog:

* Sat Mar 19 2011 Jan Vcelak <jvcelak at redhat.com> 2.4.23-10
- fix update: openldap can't use TLS after a fork() (#636956)
- fix: possible null pointer dereference in NSS implementation
- fix: openldap-servers upgrade hangs or do not upgrade the database (#664433)
* Tue Mar  1 2011 Jan Vcelak <jvcelak at redhat.com> 2.4.23-9
- fix: CVE-2011-1024 ppolicy forwarded bind failure messages cause success (#680466)
- fix: CVE-2011-1025 rootpw is not verified for ndb backend (#680472)
- fix: security - DoS when submitting special MODRDN request (#680975)
* Wed Feb  2 2011 Jan Vcelak <jvcelak at redhat.com> 2.4.23-8
- fix update: openldap can't use TLS after a fork() (#636956)
* Tue Jan 25 2011 Jan Vcelak <jvcelak at redhat.com> 2.4.23-7
- fix: openldap can't use TLS after a fork() (#636956)
- fix: openldap-server upgrade gets stuck when the database is damaged (#664433)
* Thu Jan 20 2011 Jan Vcelak <jvcelak at redhat.com> 2.4.23-6
- fix: some server certificates refused with inadequate type error (#668899)
- fix: default encryption strength dropped in switch to using NSS (#669446)
* Thu Jan  6 2011 Jan Vcelak <jvcelak at redhat.com> 2.4.23-5
- initscript: slaptest with '-u' to skip database opening (#667768)
- removed slurpd options from sysconfig/ldap
- fix: verification of self issued certificates (#657984)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #680466 - CVE-2011-1024 openldap: forwarded bind failure messages cause success
        https://bugzilla.redhat.com/show_bug.cgi?id=680466
  [ 2 ] Bug #680472 - CVE-2011-1025 openldap: rootpw not verified via slapd.conf when using the NDB backend
        https://bugzilla.redhat.com/show_bug.cgi?id=680472
  [ 3 ] Bug #680975 - CVE-2011-1081 openldap: DoS when submitting special MODRDN request
        https://bugzilla.redhat.com/show_bug.cgi?id=680975
--------------------------------------------------------------------------------

================================================================================
 pam_afs_session-2.2-4.fc14 (FEDORA-2011-3663)
 AFS PAG and AFS tokens on login
--------------------------------------------------------------------------------
Update Information:

New Release.
pam-afs-session is a PAM module intended for use with a Kerberos v5 PAM module to obtain an AFS PAG (Process Authentication Group) and AFS tokens on login. It puts every new session in a PAG regardless of whether it was authenticated with Kerberos and runs a configurable external program to obtain tokens.
--------------------------------------------------------------------------------

================================================================================
 perl-Net-GitHub-0.28-1.fc14 (FEDORA-2011-3644)
 Perl interface for github.com
--------------------------------------------------------------------------------
Update Information:

This update to the latest upstream version includes:
* use official GitHub API request instead of screen-scraping for 'comments' issues
* partial implementation of Pull Request API
* implementation of organizations API
* update Auth to 'Basic Auth'
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Iain Arnell <iarnell at gmail.com> 0.28-1
- update to latest upstream version
- add examples as doc
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.23-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Tue Dec 21 2010 Marcela Maslanova <mmaslano at redhat.com> - 0.23-2
- 661697 rebuild for fixing problems with vendorach/lib
* Sat Dec 18 2010 Iain Arnell <iarnell at gmail.com> 0.23-1
- update to latest upstream version
- clean up spec for modern rpmbuild
--------------------------------------------------------------------------------

================================================================================
 perl-Net-SSH2-0.33-1.fc14 (FEDORA-2011-3659)
 Support for the SSH 2 protocol via libSSH2
--------------------------------------------------------------------------------
Update Information:

This update to the latest upstream version includes:
* add -> trace method, and trace option to ->new (RT#59292)
* remove eval $VERSION, was confusing some testers
* rename symbol libssh2_error to xs_libssh2_error to avoid symbol clashes
* fix splice warning when connecting with a socket handle (RT#56592)
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Iain Arnell <iarnell at gmail.com> 0.33-1
- update to latest upstream version
- clean up spec for modern rpmbuild
* Tue Feb  8 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.28-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Tue Dec 21 2010 Marcela Maslanova <mmaslano at redhat.com> - 0.28-4
- 661697 rebuild for fixing problems with vendorach/lib
--------------------------------------------------------------------------------

================================================================================
 perl-Test-CPAN-Meta-YAML-0.17-2.fc14 (FEDORA-2011-3656)
 Validate a META.yml file within a CPAN distribution
--------------------------------------------------------------------------------
Update Information:

This is the first Fedora/EPEL release of perl-Test-CPAN-Meta-YAML.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #688264 - Review Request: perl-Test-CPAN-Meta-YAML - Validate a META.yml file within a CPAN distribution
        https://bugzilla.redhat.com/show_bug.cgi?id=688264
--------------------------------------------------------------------------------

================================================================================
 perl-VOMS-Lite-0.12-1.fc14 (FEDORA-2011-3645)
 Perl extension for VOMS Attribute certificate creation
--------------------------------------------------------------------------------
Update Information:

VOMS (virtual organisation membership service) is a system for managing grid level authorization data within multi-institutional collaborations via membership and roles within that membership.

VOMS::Lite provides a perl library and client tools for interacting with an existing voms service including the well known C impementation of voms.
VOMS (virtual organisation membership service) is a system for managing grid level authorization data within multi-institutional collaborations via membership and roles within that membership.

VOMS::Lite provides a perl library and client tools for interacting with an existing voms service including the well known C impementation of voms.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #565949 - Review Request: perl-VOMS-Lite - Perl extension for VOMS Attribute certificate creation
        https://bugzilla.redhat.com/show_bug.cgi?id=565949
--------------------------------------------------------------------------------

================================================================================
 php-5.3.6-1.fc14 (FEDORA-2011-3636)
 PHP scripting language for creating dynamic web sites
--------------------------------------------------------------------------------
Update Information:

Security Enhancements and Fixes in PHP 5.3.6:
* Fixed bug #54247 (format-string vulnerability on Phar). (CVE-2011-1153)
* Fixed bug #54193 (Integer overflow in shmop_read()). (CVE-2011-1092)
* Fixed bug #54055 (buffer overrun with high values for precision ini setting).
* Fixed bug #54002 (crash on crafted tag in exif). (CVE-2011-0708)
* Fixed bug #53885 (ZipArchive segfault with FL_UNCHANGED on empty archive). (CVE-2011-0421)

Full upstream changelog :
http://php.net/ChangeLog-5.php#5.3.6
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 16 2011 Remi Collet <Fedora at famillecollet.com> 5.3.6-1
- update to 5.3.6
  http://www.php.net/ChangeLog-5.php#5.3.6
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #688378 - CVE-2011-1153 php: several format string vulnerabilities in PHP's Phar extension
        https://bugzilla.redhat.com/show_bug.cgi?id=688378
  [ 2 ] Bug #680972 - CVE-2011-0708 php: buffer over-read in Exif extension
        https://bugzilla.redhat.com/show_bug.cgi?id=680972
  [ 3 ] Bug #688735 - CVE-2011-0421 php/libzip: segfault with FL_UNCHANGED on empty archive in zip_name_locate()
        https://bugzilla.redhat.com/show_bug.cgi?id=688735
--------------------------------------------------------------------------------

================================================================================
 php-eaccelerator-0.9.6.1-6.fc14 (FEDORA-2011-3636)
 PHP accelerator, optimizer, encoder and dynamic content cacher
--------------------------------------------------------------------------------
Update Information:

Security Enhancements and Fixes in PHP 5.3.6:
* Fixed bug #54247 (format-string vulnerability on Phar). (CVE-2011-1153)
* Fixed bug #54193 (Integer overflow in shmop_read()). (CVE-2011-1092)
* Fixed bug #54055 (buffer overrun with high values for precision ini setting).
* Fixed bug #54002 (crash on crafted tag in exif). (CVE-2011-0708)
* Fixed bug #53885 (ZipArchive segfault with FL_UNCHANGED on empty archive). (CVE-2011-0421)

Full upstream changelog :
http://php.net/ChangeLog-5.php#5.3.6
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 17 2011 Remi Collet <Fedora at FamilleCollet.com> - 1:0.9.6.1-6
- rebuild against PHP 5.3.6
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #688378 - CVE-2011-1153 php: several format string vulnerabilities in PHP's Phar extension
        https://bugzilla.redhat.com/show_bug.cgi?id=688378
  [ 2 ] Bug #680972 - CVE-2011-0708 php: buffer over-read in Exif extension
        https://bugzilla.redhat.com/show_bug.cgi?id=680972
  [ 3 ] Bug #688735 - CVE-2011-0421 php/libzip: segfault with FL_UNCHANGED on empty archive in zip_name_locate()
        https://bugzilla.redhat.com/show_bug.cgi?id=688735
--------------------------------------------------------------------------------

================================================================================
 pulseaudio-equalizer-2.7-8.fc14 (FEDORA-2011-3630)
 A 15 Bands Equalizer for PulseAudio
--------------------------------------------------------------------------------
Update Information:

--------------------------------------------------------------------------------
ChangeLog:

* Sat Mar 19 2011 Hicham HAOUARI <hicham.haouari at gmail.com> - 2.7-8
- Change gnome-volume-control to multimedia-volume-control in desktop file
* Thu Mar 17 2011 Hicham HAOUARI <hicham.haouari at gmail.com> - 2.7-7
- Better fix for rhbz #632940
- Do not crash on missing preset, fixes rhbz #679005
* Wed Feb  9 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.7-6 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #679005 - [abrt] pulseaudio-equalizer-2.7-5.fc14: pulseaudio-equalizer.py:184:on_presetsbox:IOError: [Errno 2] No such file or directory: '/usr/share/pulseaudio-equalizer/presets/m.preset'
        https://bugzilla.redhat.com/show_bug.cgi?id=679005
--------------------------------------------------------------------------------

================================================================================
 puppet-2.6.6-1.fc14 (FEDORA-2011-3639)
 A network tool for managing many disparate systems
--------------------------------------------------------------------------------
Update Information:

The update to puppet-2.6.6 brings a large number of bug fixes and several new language features.  As is typical with puppet version bumps, it is recommended to update the puppetmaster before updating the clients.

For details on what's changed, refer to the upstream release notes:

http://projects.puppetlabs.com/projects/puppet/wiki/Release_Notes

(This update includes several of the fixes for regressions which are included in puppet-2.6.7rc1.)
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 16 2011 Todd Zullinger <tmz at pobox.com> - 2.6.6-1
- Update to 2.6.6
- Ensure %pre exits cleanly
- Fix License tag, puppet is now GPLv2 only
- Create and own /usr/share/puppet/modules (#615432)
- Properly restart puppet agent/master daemons on upgrades from 0.25.x
- Require libselinux-utils when selinux support is enabled
- Support tmpfiles.d for Fedora >= 15 (#656677)
- Apply a few upstream fixes for 0.25.5 regressions
* Wed Feb  9 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.25.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #615432 - The puppet package should own /usr/share/puppet/modules
        https://bugzilla.redhat.com/show_bug.cgi?id=615432
  [ 2 ] Bug #656677 - Please Update Spec File to use %ghost on files in /var/run and /var/lock
        https://bugzilla.redhat.com/show_bug.cgi?id=656677
  [ 3 ] Bug #666094 - RFE: Update to 2.6 release series
        https://bugzilla.redhat.com/show_bug.cgi?id=666094
  [ 4 ] Bug #615175 - warning: Puppet::Type.create is deprecated; use Puppet::Type.new
        https://bugzilla.redhat.com/show_bug.cgi?id=615175
  [ 5 ] Bug #616519 - puppet warnings about metaclass deprecation
        https://bugzilla.redhat.com/show_bug.cgi?id=616519
--------------------------------------------------------------------------------

================================================================================
 rubygem-launchy-0.4.0-1.fc14 (FEDORA-2011-3664)
 Helper class for cross-platform launching of applications
--------------------------------------------------------------------------------
Update Information:

New version
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 <stahnma at fedoraproject.org> - 0.4.0-1
- New version upstream
* Wed Feb  9 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.3.7-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Fri Sep  3 2010 Michael Stahnke <stahnma at fedoraproject.org> - 0.3.7-1
- New Upstream
--------------------------------------------------------------------------------

================================================================================
 rubygem-stomp-1.1.8-1.fc14 (FEDORA-2011-3629)
 Ruby client for the Stomp messaging protocol
--------------------------------------------------------------------------------
Update Information:

new version
--------------------------------------------------------------------------------
ChangeLog:

--------------------------------------------------------------------------------

================================================================================
 rxtx-2.2-0.4.20100211.fc14 (FEDORA-2011-3667)
 Parallel communication for the Java Development Toolkit
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 17 2011 Levente Farkas <lfarkas at lfarkas.org> - 2.2-0.4.20100211
- fix fhs_lock  #666761
* Wed Feb  9 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.2-0.3.20100211.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #666761 - buffer overflow in fhs_lock
        https://bugzilla.redhat.com/show_bug.cgi?id=666761
--------------------------------------------------------------------------------

================================================================================
 safekeep-1.3.2-1.fc14 (FEDORA-2011-3638)
 The SafeKeep backup system
--------------------------------------------------------------------------------
Update Information:

Upgraded to latest upstream release.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Mar 12 2011 Frank Crawford <frank at crawford.emu.id.au> 1.3.2-1
- Latest upstream release
* Wed Feb  9 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.2.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------

================================================================================
 selinux-policy-3.9.7-35.fc14 (FEDORA-2011-3625)
 SELinux policy configuration
--------------------------------------------------------------------------------
Update Information:

- Add matahari policy 
- Allow shutdown setsched and sys_nice 
- Add port definition for dogtag, matahari, movaz ports 
- Add label for /etc/securetty 
- Fixes for pirahna-pulse policy 
- Fixes for mock policy 
- Add support for KDE ksysguardprocesslist_helper 
- Add support for a new cluster service - foghorn 
- Add support for xfce4-notifyd 
- Add support for kcmdatetimehelper 
- Fixes for spice-vdagent policy 
- Fixes for ssh-keygen policy
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Miroslav Grepl <mgrepl at redhat.com> 3.9.7-35
- Additional fixes for gnomeclock policy
* Fri Mar 18 2011 Miroslav Grepl <mgrepl at redhat.com> 3.9.7-34
- Add matahari policy
- Allow shutdown setsched and sys_nice
- Add port definition for dogtag, matahari, movaz ports
- Add label for /etc/securetty
- Fixes for pirahna-pulse policy
- Fixes for mock policy
- Add support for KDE ksysguardprocesslist_helper
- Add support for a new cluster service - foghorn
- Add support for xfce4-notifyd
- Add support for kcmdatetimehelper
- Fixes for spice-vdagent policy
- Fixes for ssh-keygen policy
* Fri Mar  4 2011 Miroslav Grepl <mgrepl at redhat.com> 3.9.7-33
- Backport sandbox and seunshare policy from F15
- Allow svirt to manage sock_file in ~/.libvirt directory
- Allow sysamd to run udev in udev_t domain
- Remove capability from svirt
- Add lvm_exec_t label for kpartx
- Add virt_home_ type files located in ~/.libvirt directory
- virt creates monitor sockets in the users home dir
- Allow lvm setfscreate
- mta search /var/lib/logcheck
- sssd needs to bind to random UDP ports
- certmonger wants to read keytab files
* Fri Feb 25 2011 Miroslav Grepl <mgrepl at redhat.com> 3.9.7-32
- Allow amavis sigkill
- Allow winbind to read network state information
- Add ajaxterm ssh client session
- mta search /var/lib/logcheck
- sssd needs to bind to random UDP ports
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #665838 - Logging in on ajaxterm throws some AVCs
        https://bugzilla.redhat.com/show_bug.cgi?id=665838
  [ 2 ] Bug #672104 - sshd_t domain lacking permission to enter fuse mounted home directories
        https://bugzilla.redhat.com/show_bug.cgi?id=672104
  [ 3 ] Bug #675065 - SELinux is preventing /usr/sbin/smartd from 'create' accesses on the chr_file twe0.
        https://bugzilla.redhat.com/show_bug.cgi?id=675065
  [ 4 ] Bug #678745 - SELinux is preventing /usr/libexec/postfix/local from 'search' accesses on the directory /var/lib/logcheck.
        https://bugzilla.redhat.com/show_bug.cgi?id=678745
  [ 5 ] Bug #679555 - SELinux is preventing /usr/sbin/winbindd from 'read' accesses on the file unix.
        https://bugzilla.redhat.com/show_bug.cgi?id=679555
  [ 6 ] Bug #679886 - SELinux is preventing /usr/bin/perl from using the 'sigkill' accesses on a process.
        https://bugzilla.redhat.com/show_bug.cgi?id=679886
  [ 7 ] Bug #680295 - SELinux is preventing /lib/upstart/shutdown from 'read' accesses on the file shutdown.pid.
        https://bugzilla.redhat.com/show_bug.cgi?id=680295
  [ 8 ] Bug #680510 - Certmonger: SELinux AVCs reading krb5 keytab file
        https://bugzilla.redhat.com/show_bug.cgi?id=680510
  [ 9 ] Bug #680512 - Request to add MySQL database administrator policy
        https://bugzilla.redhat.com/show_bug.cgi?id=680512
  [ 10 ] Bug #681471 - NetworkManager update generates SElinux alert
        https://bugzilla.redhat.com/show_bug.cgi?id=681471
  [ 11 ] Bug #681706 - SELinux is preventing /usr/sbin/NetworkManager from using the 'signull' accesses on a process.
        https://bugzilla.redhat.com/show_bug.cgi?id=681706
  [ 12 ] Bug #682460 - SELinux is preventing /usr/sbin/dnsmasq from 'read' accesses on the file nm-dns-dnsmasq.conf.
        https://bugzilla.redhat.com/show_bug.cgi?id=682460
  [ 13 ] Bug #683875 - SELinux is preventing /usr/kerberos/sbin/login.krb5 from 'setattr' accesses on the chr_file 1.
        https://bugzilla.redhat.com/show_bug.cgi?id=683875
  [ 14 ] Bug #684451 - SELinux is preventing /usr/kerberos/sbin/login.krb5 from read, write access on the file krb5cc_p32165.
        https://bugzilla.redhat.com/show_bug.cgi?id=684451
  [ 15 ] Bug #684606 - SELinux is preventing xfce4-notifyd from 'open' accesses on the file /var/cache/fontconfig/3830d5c3ddfd5cd38a049b759396e72e-le64.cache-3.
        https://bugzilla.redhat.com/show_bug.cgi?id=684606
  [ 16 ] Bug #685429 - milter module does not define any policy for TCP connections
        https://bugzilla.redhat.com/show_bug.cgi?id=685429
--------------------------------------------------------------------------------

================================================================================
 shotwell-0.8.1-2.fc14 (FEDORA-2011-3643)
 A photo organizer for the GNOME desktop
--------------------------------------------------------------------------------
Update Information:

This updates shotwell to the 0.8.x series, with features such as:
- Video support for Ogg, AVI, MP4, Quicktime, and WMV files
- Upload videos to major Web services, including YouTube, Facebook, Flickr, and PicasaWeb
- Runtime monitoring of library directory
- Background writing of metadata to master files
- Flagging of photos for batch operations
- Set multiple photos to desktop background slideshow
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Michel Salim <salimma at fedoraproject.org> - 0.8.1-2
- Get gettext to actually generate translated strings (# 642092)
* Sun Jan 16 2011 Christopher Aillon <caillon at redhat.com> - 0.8.1-1
- Update to 0.8.1
* Sat Jan  8 2011 Christopher Aillon <caillon at redhat.com> - 0.8.0-1
- Update to 0.8.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #642092 - Shotwell .desktop files are not translated in FC14 beta
        https://bugzilla.redhat.com/show_bug.cgi?id=642092
--------------------------------------------------------------------------------

================================================================================
 sssd-1.5.3-3.fc14 (FEDORA-2011-3631)
 System Security Services Daemon
--------------------------------------------------------------------------------
Update Information:

Modify SSSD's LDAP search filters to exclude groups and users that do not have all required information (useful for ActiveDirectory setups where some groups are POSIX-enabled and others are not)

sssd-1.5.3-3.fc14 - correct the libldb version requirement (bad merge from rawhide)
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Stephen Gallagher <sgallagh at redhat.com> - 1.5.3-3
- Fix version requirement on libldb
* Thu Mar 17 2011 Stephen Gallagher <sgallagh at redhat.com> - 1.5.3-2
- Resolves: rhbz#683267 - sssd 1.5.1-9 breaks AD authentication
* Fri Mar 11 2011 Stephen Gallagher <sgallagh at redhat.com> - 1.5.3-1
- New upstream release 1.5.3
- Support for libldb >= 1.0.0
* Thu Mar 10 2011 Stephen Gallagher <sgallagh at redhat.com> - 1.5.2-1
- New upstream release 1.5.2
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.2
- Fixes for support of FreeIPA v2
- Fixes for failover if DNS entries change
- Improved sss_obfuscate tool with better interactive mode
- Fix several crash bugs
- Don't attempt to use START_TLS over SSL. Some LDAP servers can't handle this
- Delete users from the local cache if initgroups calls return 'no such user'
- (previously only worked for getpwnam/getpwuid)
- Use new Transifex.net translations
- Better support for automatic TGT renewal (now survives restart)
- Netgroup fixes
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #683267 - sssd 1.5.1-9 breaks AD authentication
        https://bugzilla.redhat.com/show_bug.cgi?id=683267
--------------------------------------------------------------------------------

================================================================================
 taglib-1.7-1.fc14 (FEDORA-2011-3661)
 Audio Meta-Data Library
--------------------------------------------------------------------------------
Update Information:

TagLib 1.7 has been released. This release adds support for Monkey’s Audio files and cover art reading/writing for WMA and FLAC files. There is also a number of bug fixes, more details in the changelog, http://oxygene.sk/lukas/2011/03/taglib-1-7-released/
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 14 2011 Rex Dieter <rdieter at fedoraproject.org> 1.7-1
- taglib-1.7 (final)
* Sat Feb 19 2011 Rex Dieter <rdieter at fedoraproject.org> - 1.7-0.1.rc1
- taglib-1.7rc1
* Wed Feb  9 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.6.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------

================================================================================
 unbound-1.4.8-1.fc14 (FEDORA-2011-3653)
 Validating, recursive, and caching DNS(SEC) resolver
--------------------------------------------------------------------------------
Update Information:

updated to 1.4.8. also enable root key for DNSSEC, fix for unbound-munin
path.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Mar 19 2011 Paul Wouters <paul at xelerance.com> - 1.4.8-1
- Updated to 1.4.8
- Enable root key for DNSSEC
- Fix unbound-munin to use proper file (could cause excessive logging)
- Build unbound-python per default
- Disable gost as Fedora/EPEL does not allow ECC and has mangled openssl
- ghost /var/run/unbound
- fix missing file-attr in unbound-python sub package
* Mon Feb 14 2011 Paul Wouters <paul at xelerance.com> - 1.4.5-3
- rebuilt
--------------------------------------------------------------------------------

================================================================================
 xorg-x11-server-1.9.5-1.fc14 (FEDORA-2011-3634)
 X.Org X11 X server
--------------------------------------------------------------------------------
Update Information:

Update to upstream stable release 1.9.5
Add quirk for the Xen Virtual Pointer
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 18 2011 Peter Hutterer <peter.hutterer at redhat.com> 1.9.5-1
- xserver 1.9.5
- xserver-1.6.99-default-modes.patch: drop, 11bf10e22cefe
* Fri Mar 11 2011 Peter Hutterer <peter.hutterer at redhat.com> 1.9.4-2
- Add Xen virtual pointer quirk to 10-quirks.conf (#523914, #679699)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #679699 - Mouse does not move in PV Xen guest under CentOS-5.5
        https://bugzilla.redhat.com/show_bug.cgi?id=679699
--------------------------------------------------------------------------------