Fedora 13 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Wed May 4 01:03:10 UTC 2011
The following Fedora 13 Security updates need testing:
https://admin.fedoraproject.org/updates/tor-0.2.1.29-1300.fc13
https://admin.fedoraproject.org/updates/seamonkey-2.0.14-1.fc13
https://admin.fedoraproject.org/updates/libmodplug-0.8.7-3.fc13
https://admin.fedoraproject.org/updates/firefox-3.6.17-1.fc13,mozvoikko-1.0-21.fc13,gnome-web-photo-0.9-19.fc13,perl-Gtk2-MozEmbed-0.08-6.fc13.24,gnome-python2-extras-2.25.3-29.fc13,galeon-2.0.7-40.fc13,thunderbird-3.1.10-1.fc13,xulrunner-1.9.2.17-2.fc13
https://admin.fedoraproject.org/updates/feh-1.10.1-1.fc13
https://admin.fedoraproject.org/updates/openldap-2.4.21-12.fc13
https://admin.fedoraproject.org/updates/libcgroup-0.35.1-5.fc13
https://admin.fedoraproject.org/updates/libtiff-3.9.5-1.fc13
https://admin.fedoraproject.org/updates/polkit-0.96-2.fc13
https://admin.fedoraproject.org/updates/widelands-0-0.24.build16.fc13
https://admin.fedoraproject.org/updates/xorg-x11-server-utils-7.4-17.fc13
https://admin.fedoraproject.org/updates/kernel-2.6.34.9-69.fc13
https://admin.fedoraproject.org/updates/perl-Mojolicious-0.999925-4.fc13
https://admin.fedoraproject.org/updates/wordpress-3.1.2-1.fc13
https://admin.fedoraproject.org/updates/asterisk-1.6.2.18-1.fc13
The following Fedora 13 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/kernel-2.6.34.9-69.fc13
https://admin.fedoraproject.org/updates/polkit-0.96-2.fc13
https://admin.fedoraproject.org/updates/xorg-x11-drv-penmount-1.4.1-2.fc13
https://admin.fedoraproject.org/updates/python-ethtool-0.7-2.fc13
https://admin.fedoraproject.org/updates/libtiff-3.9.5-1.fc13
https://admin.fedoraproject.org/updates/pygtk2-2.17.0-9.fc13
https://admin.fedoraproject.org/updates/dosfstools-3.0.9-5.fc13
https://admin.fedoraproject.org/updates/libimobiledevice-1.0.6-1.fc13
https://admin.fedoraproject.org/updates/usbmuxd-1.0.7-1.fc13
https://admin.fedoraproject.org/updates/fuse-2.8.5-5.fc13
https://admin.fedoraproject.org/updates/libcgroup-0.35.1-5.fc13
https://admin.fedoraproject.org/updates/openldap-2.4.21-12.fc13
https://admin.fedoraproject.org/updates/livecd-tools-13.2-1.fc13
https://admin.fedoraproject.org/updates/lua-5.1.4-7.fc13
https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-7.fc13
https://admin.fedoraproject.org/updates/lldpad-0.9.26-2.fc13
The following builds have been pushed to Fedora 13 updates-testing
gnome-commander-1.2.8.11-1.fc13
gramps-3.2.6-1.fc13
kernel-2.6.34.9-69.fc13
mupdf-0.8.165-2.fc13
perl-Devel-Declare-0.006004-1.fc13
perl-Mojolicious-0.999925-4.fc13
supybot-fedora-0.2.8-2.fc13
supybot-koji-0.1-6.fc13
zeroinstall-injector-1.0-0.rc1.1.fc13
Details about builds:
================================================================================
gnome-commander-1.2.8.11-1.fc13 (FEDORA-2011-6468)
A nice and fast file manager for the GNOME desktop
--------------------------------------------------------------------------------
Update Information:
New version 1.2.8.11 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 3 2011 Mamoru Tasaka <mtasaka at fedoraproject.org> - 2:1.2.8.11-1
- Update to 1.2.8.11
--------------------------------------------------------------------------------
================================================================================
gramps-3.2.6-1.fc13 (FEDORA-2011-6459)
Genealogical Research and Analysis Management Programming System
--------------------------------------------------------------------------------
Update Information:
Version 3.2.6 -- the "So far, so good." bug fix release.
* fix memory leaks
* fix corrupted reports
* fix crash in cramplets
* fix gedcom import and export
* import speed improvements
* NarrativeWeb fixes
* prevent corrupting databases
* many translation updates
* other changes; see the changelog and the 3.2.6 roadmap: http://www.gramps-project.org/bugs/roadmap_page.php?version_id=23
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 2 2011 Jeffrey C. Ollie <jeff at ocjtech.us> - 3.2.6-1
- Version 3.2.6 -- the "So far, so good." bug fix release.
- * fix memory leaks
- * fix corrupted reports
- * fix crash in cramplets
- * fix gedcom import and export
- * import speed improvements
- * NarrativeWeb fixes
- * prevent corrupting databases
- * many translation updates
- * other changes; see the changelog and the 3.2.6 roadmap: http://www.gramps-project.org/bugs/roadmap_page.php?version_id=23
* Wed Feb 9 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.2.5-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Mon Jan 24 2011 Jeffrey C. Ollie <jeff at ocjtech.us> - 3.2.5-2
- Removed dependencies on ImageMagik and python-reportlab
- Added dependency on python-enchant
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #682102 - Crash When I Click on "Geography" Button
https://bugzilla.redhat.com/show_bug.cgi?id=682102
[ 2 ] Bug #666621 - [abrt] gramps-3.2.5-1.fc14: gtk_notebook_real_switch_page: Process /usr/bin/python was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=666621
[ 3 ] Bug #667343 - [abrt] gramps-3.2.5-1.fc14: EmbedPrivate::Realize: Process /usr/bin/python was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=667343
[ 4 ] Bug #669501 - [abrt] gramps-3.2.5-1.fc14: EmbedPrivate::Realize: Process /usr/bin/python was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=669501
--------------------------------------------------------------------------------
================================================================================
kernel-2.6.34.9-69.fc13 (FEDORA-2011-6447)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
Update to kernel 2.6.34.9:
http://ftp.kernel.org/pub/linux/kernel/v2.6/longterm/v2.6.34/ChangeLog-2.6.34.9
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 2 2011 Chuck Ebbert <cebbert at redhat.com> 2.6.34.9-69
- [SCSI] mpt2sas: prevent heap overflows and unchecked reads
(CVE-2011-1494, CVE-2011-1495)
- dccp: fix oops on Reset after close (CVE-2011-1093)
* Fri Apr 29 2011 Chuck Ebbert <cebbert at redhat.com>
- Bluetooth: bnep: fix buffer overflow (CVE-2011-1079)
- agp: fix arbitrary kernel memory writes (CVE-2011-1745)
- agp: fix OOM and buffer overflow (CVE-2011-1746)
* Sun Apr 17 2011 Chuck Ebbert <cebbert at redhat.com>
- Linux 2.6.34.9
- Fix up drm-next.patch to apply on top of cda4b7d3a, e06b14ee9
- Un-revert 6a1a82df9 from upstream
- Drop:
linux-2.6-v4l-dvb-av7110-check-for-negative-array-offset.patch
ipc-zero-struct-memory-for-compat-fns.patch
ipc-shm-fix-information-leak-to-user.patch
posix-cpu-timers-workaround-to-suppress-problems-with-mt-exec.patch
ioat2-catch-and-recover-from-broken-vtd-configurations.patch
sctp-fix-out-of-bounds-reading-in-sctp_asoc_get_hmac.patch
do_exit-make-sure-that-we-run-with-get_fs-user_ds.patch
perf_events-fix-perf_counter_mmap-hook-in-mprotect.patch
bio-take-care-not-overflow-page-count-when-mapping-copying-user-data.patch
af_unix-limit-unix_tot_inflight.patch
filter-make-sure-filters-dont-read-uninitialized-memory.patch
can-bcm-fix-minor-heap-overflow.patch
block-check-for-proper-length-of-iov-entries-in-blk_rq_map_user_iov.patch
block-check-for-proper-length-of-iov-entries-earlier-in-blk_rq_map_user_iov.patch
install-special-mapping-skips-security-file-mmap-check.patch
ib-uverbs-handle-large-number-of-poll-entries-in-poll-cq.patch
ima-fix-add-lsm-rule-bug.patch
orinoco-fix-tkip-countermeasure-behaviour.patch
fuse-verify-ioctl-retries.patch
tcp-avoid-a-possible-divide-by-zero.patch
tcp-bug-fix-in-initialization-of-receive-window.patch
tcp-don-t-change-unlocked-socket-state-in-tcp_v4_err.patch
tcp-increase-tcp_maxseg-socket-option-minimum.patch
tcp-make-tcp_maxseg-minimum-more-correct.patch
* Wed Mar 23 2011 Kyle McMartin <kmcmartin at redhat.com>
- Backport 3e9d08e: "virtio_net: Add schedule check to napi_enable call"
* Fri Mar 11 2011 Chuck Ebbert <cebbert at redhat.com>
- Drop linux-2.6-defaults-aspm.patch; fixing ASPM properly will
be too difficult in this old kernel.
* Thu Feb 24 2011 Chuck Ebbert <cebbert at redhat.com>
- Fix crash when dropping filesystem caches (#649871)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #690028 - CVE-2011-1182 kernel signal spoofing issue
https://bugzilla.redhat.com/show_bug.cgi?id=690028
[ 2 ] Bug #694021 - CVE-2011-1494 CVE-2011-1495 kernel: drivers/scsi/mpt2sas: prevent heap overflows
https://bugzilla.redhat.com/show_bug.cgi?id=694021
[ 3 ] Bug #681260 - CVE-2011-1079 kernel: bnep device field missing NULL terminator
https://bugzilla.redhat.com/show_bug.cgi?id=681260
[ 4 ] Bug #682954 - CVE-2011-1093 kernel: dccp: fix oops on Reset after close
https://bugzilla.redhat.com/show_bug.cgi?id=682954
[ 5 ] Bug #698996 - CVE-2011-1745 kernel: agp: insufficient pg_start parameter checking in AGPIOC_BIND and AGPIOC_UNBIND ioctls
https://bugzilla.redhat.com/show_bug.cgi?id=698996
[ 6 ] Bug #698998 - CVE-2011-1746 kernel: agp: insufficient page_count parameter checking in agp_allocate_memory()
https://bugzilla.redhat.com/show_bug.cgi?id=698998
[ 7 ] Bug #632069 - CVE-2010-3084 kernel: niu: buffer overflow for ETHTOOL_GRXCLSRLALL
https://bugzilla.redhat.com/show_bug.cgi?id=632069
[ 8 ] Bug #679925 - CVE-2011-1013 kernel: drm_modeset_ctl signedness issue
https://bugzilla.redhat.com/show_bug.cgi?id=679925
[ 9 ] Bug #667615 - CVE-2010-4527 kernel: buffer overflow in OSS load_mixer_volumes
https://bugzilla.redhat.com/show_bug.cgi?id=667615
[ 10 ] Bug #631623 - CVE-2010-3079 kernel: ftrace NULL ptr deref
https://bugzilla.redhat.com/show_bug.cgi?id=631623
--------------------------------------------------------------------------------
================================================================================
mupdf-0.8.165-2.fc13 (FEDORA-2011-6453)
A lightweight PDF viewer and toolkit
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 3 2011 Pavel Zhukov <landgraf at fedoraproject.org> - 0.8.165-2
- New upstream release
- Fix *.a and *.h permissions
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #700997 - mupdf-0.8.165 is available
https://bugzilla.redhat.com/show_bug.cgi?id=700997
--------------------------------------------------------------------------------
================================================================================
perl-Devel-Declare-0.006004-1.fc13 (FEDORA-2011-6470)
Adding keywords to perl, in perl
--------------------------------------------------------------------------------
Update Information:
This update ensures compatibility with Devel::CallParser.
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 3 2011 Iain Arnell <iarnell at gmail.com> 0.006004-1
- update to latest upstream version
* Wed Apr 20 2011 Iain Arnell <iarnell at gmail.com> 0.006003-1
- update to latest upstream version
* Sat Apr 9 2011 Iain Arnell <iarnell at gmail.com> 0.006002-1
- update to latest upstream version
* Sun Feb 27 2011 Iain Arnell <iarnell at gmail.com> 0.006001-1
- update to latest upstream version
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.006000-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Thu Dec 16 2010 Marcela Maslanova <mmaslano at redhat.com> - 0.006000-3
- 661697 rebuild for fixing problems with vendorach/lib
--------------------------------------------------------------------------------
================================================================================
perl-Mojolicious-0.999925-4.fc13 (FEDORA-2011-6462)
A next generation web framework for Perl
--------------------------------------------------------------------------------
Update Information:
Blind attempt at CVE-2010-4803(#701718) and CVE-2011-1841
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 3 2011 Yanko Kaneti <yaneti at declera.com> 0.999925-4
- Blind attempt at CVE-2010-4803(#701718) and CVE-2011-1841.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #701718 - CVE-2011-1841 CVE-2010-4803 perl-Mojolicious various flaws [fedora-13]
https://bugzilla.redhat.com/show_bug.cgi?id=701718
--------------------------------------------------------------------------------
================================================================================
supybot-fedora-0.2.8-2.fc13 (FEDORA-2011-6458)
Plugin for Supybot to interact with Fedora services
--------------------------------------------------------------------------------
Update Information:
fixed requires issue for supybot and supybot-gribble
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 3 2011 Dave Riches <david.r at ultracar.co.uk> - 0.2.8-2
- fixed requires issue for supybot
--------------------------------------------------------------------------------
================================================================================
supybot-koji-0.1-6.fc13 (FEDORA-2011-6469)
Plugin for Supybot to interact with Koji instances
--------------------------------------------------------------------------------
Update Information:
fixed requires for supybot and supybot-gribble
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 3 2011 Dave Riches <david.r at ultracar.co.uk> - 0.1-6
- fixed requires for supybot and supybot-gribble
--------------------------------------------------------------------------------
================================================================================
zeroinstall-injector-1.0-0.rc1.1.fc13 (FEDORA-2011-6452)
The Zero Install Injector (0launch)
--------------------------------------------------------------------------------
Update Information:
Release candidate for the upcoming 1.0
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 3 2011 Michel Salim <salimma at fedoraproject.org> - 1.0-0.rc1.1
- Update to 1.0rc1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #695308 - zeroinstall-injector-0.54 is available
https://bugzilla.redhat.com/show_bug.cgi?id=695308
--------------------------------------------------------------------------------
More information about the test
mailing list