Fedora 16 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Sun Nov 13 05:38:08 UTC 2011 

The following Fedora 16 Security updates need testing:

    https://admin.fedoraproject.org/updates/moodle-2.0.5-1.fc16
    https://admin.fedoraproject.org/updates/hardlink-1.0-12.fc16
    https://admin.fedoraproject.org/updates/openswan-2.6.37-1.fc16
    https://admin.fedoraproject.org/updates/phpldapadmin-1.2.1.1-2.20111006=
git.fc16
    https://admin.fedoraproject.org/updates/kdeutils-4.7.2-2.fc16
    https://admin.fedoraproject.org/updates/yubikey-val-2.10-1.fc16,pam_yub=
ico-2.8-1.fc16,ykclient-2.6-1.fc16
    https://admin.fedoraproject.org/updates/wireshark-1.6.3-1.fc16
    https://admin.fedoraproject.org/updates/net6-1.3.14-1.fc16
    https://admin.fedoraproject.org/updates/cherokee-1.2.101-1.fc16
    https://admin.fedoraproject.org/updates/puppet-2.6.12-1.fc16
    https://admin.fedoraproject.org/updates/arora-0.11.0-3.fc16
    https://admin.fedoraproject.org/updates/drupal6-views-2.13-1.fc16
    https://admin.fedoraproject.org/updates/tomcat6-6.0.32-19.fc16
    https://admin.fedoraproject.org/updates/proftpd-1.3.4-1.fc16
    https://admin.fedoraproject.org/updates/rest-0.7.12-1.fc16,libsocialweb=
-0.25.20-1.fc16
    https://admin.fedoraproject.org/updates/phpMyAdmin-3.4.7.1-1.fc16


The following Fedora 16 Critical Path updates have yet to be approved:

    https://admin.fedoraproject.org/updates/rest-0.7.12-1.fc16,libsocialweb=
-0.25.20-1.fc16
    https://admin.fedoraproject.org/updates/kernel-3.1.1-1.fc16
    https://admin.fedoraproject.org/updates/libass-0.10.0-1.fc16
    https://admin.fedoraproject.org/updates/libdrm-2.4.27-2.fc16
    https://admin.fedoraproject.org/updates/folks-0.6.5-1.fc16
    https://admin.fedoraproject.org/updates/control-center-3.2.2-1.fc16,gno=
me-settings-daemon-3.2.2-1.fc16
    https://admin.fedoraproject.org/updates/newt-0.52.14-1.fc16
    https://admin.fedoraproject.org/updates/glibc-2.14.90-15.2
    https://admin.fedoraproject.org/updates/libfprint-0.4.0-1.fc16,fprintd-=
0.4.1-1.fc16
    https://admin.fedoraproject.org/updates/mdadm-3.2.2-14.fc16
    https://admin.fedoraproject.org/updates/gdb-7.3.50.20110722-10.fc16
    https://admin.fedoraproject.org/updates/evolution-data-server-3.2.1-2.f=
c16
    https://admin.fedoraproject.org/updates/authconfig-6.1.16-2.fc16
    https://admin.fedoraproject.org/updates/PackageKit-0.6.20-1.fc16
    https://admin.fedoraproject.org/updates/libreport-2.0.7-1.fc16
    https://admin.fedoraproject.org/updates/soprano-2.7.3-1.fc16
    https://admin.fedoraproject.org/updates/virtuoso-opensource-6.1.4-2.fc16
    https://admin.fedoraproject.org/updates/libffado-2.1.0-0.4.20111030.svn=
2000.fc16
    https://admin.fedoraproject.org/updates/colord-0.1.14-1.fc16
    https://admin.fedoraproject.org/updates/cups-pk-helper-0.1.3-3.fc16
    https://admin.fedoraproject.org/updates/fcoe-utils-1.0.20-5.fc16
    https://admin.fedoraproject.org/updates/dosfstools-3.0.12-1.fc16
    https://admin.fedoraproject.org/updates/rest-0.7.11-1.fc16
    https://admin.fedoraproject.org/updates/dnsmasq-2.59-2.fc16
    https://admin.fedoraproject.org/updates/xorg-x11-drv-savage-2.3.3-1.fc16
    https://admin.fedoraproject.org/updates/phonon-backend-gstreamer-4.5.90=
-3.fc16,phonon-4.5.57-3.20111031.fc16,libqzeitgeist-0.8.0-3.fc16
    https://admin.fedoraproject.org/updates/xorg-x11-drv-geode-2.11.12-2.fc=
16
    https://admin.fedoraproject.org/updates/perl-threads-1.83-4.fc16


The following builds have been pushed to Fedora 16 updates-testing

    R2spec-4.0.0-1.fc16
    clthreads-2.4.0-7.fc16
    clxclient-3.6.1-5.fc16
    condor-7.7.3-0.2.fc16
    cvs2cl-2.73-1.fc16
    dvb-apps-1.1.2-0.d4e8bf5658ce.fc16
    guitarix-0.20.2-3.fc16
    jconvolver-0.9.2-1.fc16
    kernel-3.1.1-1.fc16
    libass-0.10.0-1.fc16
    libsocialweb-0.25.20-1.fc16
    libverto-0.2.2-1.fc16
    php-bartlett-PHP-Reflect-1.1.0-1.fc16
    phpMyAdmin-3.4.7.1-1.fc16
    rest-0.7.12-1.fc16
    rpmdevtools-8.2-1.fc16
    sound-theme-acoustic-1.0-1.fc16
    timidity++-2.13.2-25.fc16.1
    zita-convolver-3.0.3-2.fc16
    zita-rev1-0.2.1-4.fc16

Details about builds:


=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
 R2spec-4.0.0-1.fc16 (FEDORA-2011-15838)
 Python script to generate R spec file
---------------------------------------------------------------------------=
-----
Update Information:

Rewrite R2spec in version 4.0.0 \=C3=B3/
---------------------------------------------------------------------------=
-----
ChangeLog:

* Sat Nov 12 2011 Pierre-Yves Chibon <pingou at pingoured.fr> - 4.0.0-1
- Update to 4.0.0 which is an almost complete rewrite
---------------------------------------------------------------------------=
-----


=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
 clthreads-2.4.0-7.fc16 (FEDORA-2011-15848)
 POSIX threads C++ access library
---------------------------------------------------------------------------=
-----
Update Information:

Correct undefined-non-weak-symbol warning.
---------------------------------------------------------------------------=
-----
ChangeLog:

* Tue Oct 11 2011 Brendan Jones <brendan.jones.it at gmail.com> - 2.4.0-7
- correct URL and download link
* Tue Oct  4 2011 Brendan Jones <brendan.jones.it at gmail.com> - 2.4.0-6
- Corrected rpmlint 'undefined-non-weak-symbol /usr/lib64/libclthreads.so.2=
.4.0
clock_gettime' and unused-direct-shlib-dependency for libm - BZ#751466
---------------------------------------------------------------------------=
-----
References:

  [ 1 ] Bug #751466 - clthreads: undefined non-weak symbol "clock_gettime"
        https://bugzilla.redhat.com/show_bug.cgi?id=3D751466
---------------------------------------------------------------------------=
-----


=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
 clxclient-3.6.1-5.fc16 (FEDORA-2011-15857)
 C++ X Windows Library
---------------------------------------------------------------------------=
-----
Update Information:

clxclient is a C++ X windows library used in some audio applications. Porte=
d from the CCRMA repostory.

zita-rev1 is a reworked version of the reverb originally developed for Aeol=
us. Its character is more 'hall' than 'plate', but it can be used on a wide=
 variety of instruments or voices. It is not a spatialiser - the early refl=
ections are different for the L and R inputs, but do not correspond to any =
real room. They have been tuned to match left and right sources to some ext=
ent.

In Stereo mode a dry/wet mix control is provided, so it can be used either =
as an insert or in send/return mode. For mono just connect one of the two c=
hannels.

In Ambisonic mode (selected by the -B command line option) the only option =
is the send/return mode.
---------------------------------------------------------------------------=
-----
References:

  [ 1 ] Bug #749753 - Review Request: clxclient - a C++ X windows library
        https://bugzilla.redhat.com/show_bug.cgi?id=3D749753
  [ 2 ] Bug #749757 - Review Request: zita-rev1 - Proaudio reverb for JACK
        https://bugzilla.redhat.com/show_bug.cgi?id=3D749757
---------------------------------------------------------------------------=
-----


=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
 condor-7.7.3-0.2.fc16 (FEDORA-2011-15849)
 Condor: High Throughput Computing
---------------------------------------------------------------------------=
-----
Update Information:

Update to create tmpfiles.d on install
---------------------------------------------------------------------------=
-----
ChangeLog:

* Fri Nov 11 2011 <tstclair at redhat.com> - 7.7.3-0.2
- Update install process for tmpfiles.d
* Tue Oct 25 2011 <tstclair at redhat.com> - 7.7.3-0.1
- Fast forward to 7.7.3 pre release
* Fri Sep 16 2011 <tstclair at redhat.com> - 7.7.1-0.1
- Fast forward to 7.7.1 official release tag V7_7_1
- ghost var/lock and var/run in spec (BZ656562)
* Wed Aug 10 2011 <tstclair at redhat.com> - 7.7.0-0.6
- Rebuild deltacloud dep
---------------------------------------------------------------------------=
-----


=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
 cvs2cl-2.73-1.fc16 (FEDORA-2011-15830)
 Generate ChangeLogs from CVS working copies
---------------------------------------------------------------------------=
-----
Update Information:

An update of cvs2cl to the latest upstream release, adding the '--xml-style=
sheet' option.
---------------------------------------------------------------------------=
-----
ChangeLog:

* Sat Nov 12 2011 Kevin Kofler <Kevin at tigcc.ticalc.org> - 2.73-1
- Update to 2.73 (#753407)
---------------------------------------------------------------------------=
-----
References:

  [ 1 ] Bug #753407 - cvs2cl-2.73 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=3D753407
---------------------------------------------------------------------------=
-----


=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
 dvb-apps-1.1.2-0.d4e8bf5658ce.fc16 (FEDORA-2011-15852)
 Utility, demo and test applications using the Linux DVB API
---------------------------------------------------------------------------=
-----
Update Information:

Update to the latest repository snapshot to include all the latest tuning d=
ata
---------------------------------------------------------------------------=
-----
ChangeLog:

* Sat Nov 12 2011 Peter Robinson <pbrobinson at fedoraproject.org> - 1.1.2-0.d=
4e8bf5658ce
- Move to hg snapshot d4e8bf5658ce
---------------------------------------------------------------------------=
-----
References:

  [ 1 ] Bug #617153 - scandvb doesn't output all channels
        https://bugzilla.redhat.com/show_bug.cgi?id=3D617153
  [ 2 ] Bug #733952 - UK switchover: DVB-T mux details have changed signifi=
cantly
        https://bugzilla.redhat.com/show_bug.cgi?id=3D733952
---------------------------------------------------------------------------=
-----


=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
 guitarix-0.20.2-3.fc16 (FEDORA-2011-15847)
 Mono amplifier to JACK
---------------------------------------------------------------------------=
-----
Update Information:

Update and rebuild for new upstream zita-convolver-3.0.2, jconvolver and gu=
itarix
---------------------------------------------------------------------------=
-----
ChangeLog:

* Sat Nov 12 2011 Brendan Jones <brendan.jones.it at gmail.com> - 0.20.2-3
- Add boost-devel build requires
* Sat Nov 12 2011 Brendan Jones <brendan.jones.it at gmail.com> - 0.20.2-2
- Removed libboost library detection fix
* Sat Nov 12 2011 Brendan Jones <brendan.jones.it at gmail.com> - 0.20.2-1
- Update to upstream release 0.20.2
* Tue Nov  8 2011 Brendan Jones <brendan.jones.it at gmail.com> - 0.20.0-2
- Update to upstream release 0.20.0
* Sun Oct 30 2011 Brendan Jones <brendan.jones.it at gmail.com> - 0.20.0-1.0.s=
vn1278
- Grab source from latest svn, and removed FSF patch
- Rebuild for libpng 1.5
- Removed obsolete tags and clean section from spec
* Sun Oct 30 2011 Brendan Jones <brendan.jones.it at gmail.com> - 0.19.0-1.0.s=
vn1245
- Grab source from svn to rebuild against zita-convolver-3
---------------------------------------------------------------------------=
-----
References:

  [ 1 ] Bug #749944 - zita-convolver: request for upgrade to 3.0.3
        https://bugzilla.redhat.com/show_bug.cgi?id=3D749944
---------------------------------------------------------------------------=
-----


=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
 jconvolver-0.9.2-1.fc16 (FEDORA-2011-15847)
 Real-time Convolution Engine
---------------------------------------------------------------------------=
-----
Update Information:

Update and rebuild for new upstream zita-convolver-3.0.2, jconvolver and gu=
itarix
---------------------------------------------------------------------------=
-----
ChangeLog:

* Wed Oct 19 2011 Brendan Jones <brendan.jones.it at gmail.com> - 0.9.1-1
- Updated to version 0.9.2
* Wed Oct 19 2011 Brendan Jones <brendan.jones.it at gmail.com> - 0.9.1-1
- Updated to version 0.9.1
---------------------------------------------------------------------------=
-----
References:

  [ 1 ] Bug #749944 - zita-convolver: request for upgrade to 3.0.3
        https://bugzilla.redhat.com/show_bug.cgi?id=3D749944
---------------------------------------------------------------------------=
-----


=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
 kernel-3.1.1-1.fc16 (FEDORA-2011-15834)
 The Linux kernel
---------------------------------------------------------------------------=
-----
Update Information:

Update to upstream 3.1.1
---------------------------------------------------------------------------=
-----
ChangeLog:

* Fri Nov 11 2011 Josh Boyer <jwboyer at redhat.com> 3.1.1-1
- Linux 3.1.1
* Fri Nov 11 2011 John W. Linville <linville at redhat.com>
- Remove overlap between bcma/b43 and brcmsmac and reenable bcm4331
* Thu Nov 10 2011 Chuck Ebbert <cebbert at redhat.com>
- Sync samsung-laptop driver with what's in 3.2 (rhbz 747560)
* Wed Nov  9 2011 Chuck Ebbert <cebbert at redhat.com> 3.1.1-1.rc1
- Linux 3.1.1-rc1
- Comment out merged patches, will drop when release is final:
   ums-realtek-driver-uses-stack-memory-for-DMA.patch
   epoll-fix-spurious-lockdep-warnings.patch
   crypto-register-cryptd-first.patch
   add-macbookair41-keyboard.patch
   powerpc-Fix-deadlock-in-icswx-code.patch
   iwlagn-fix-ht_params-NULL-pointer-dereference.patch
   mmc-Always-check-for-lower-base-frequency-quirk-for-.patch
   media-DiBcom-protect-the-I2C-bufer-access.patch
   media-dib0700-protect-the-dib0700-buffer-access.patch
   WMI-properly-cleanup-devices-to-avoid-crashes.patch
   mac80211-fix-remain_off_channel-regression.patch
   mac80211-config-hw-when-going-back-on-channel.patch
* Wed Nov  9 2011 John W. Linville <linville at redhat.com>
- Backport brcm80211 from 3.2-rc1
* Tue Nov  8 2011 Neil Horman <nhorman at redhat.com>
- Add msi irq ennumeration per device in sysfs (rhbz 752176)
* Mon Nov  7 2011 Josh Boyer <jwboyer at redhat.com>
- Add two patches to fix mac80211 issues (rhbz 731365)
* Thu Nov  3 2011 Josh Boyer <jwboyer at redhat.com>
- Add commits queued for 3.2 for elantech driver (rhbz 728607)
- Fix crash when setting brightness via Fn keys on ideapads (rhbz 748210)
* Wed Nov  2 2011 Josh Boyer <jwboyer at redhat.com>
- Add patch to fix oops when removing wmi module (rhbz 706574)
---------------------------------------------------------------------------=
-----


=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
 libass-0.10.0-1.fc16 (FEDORA-2011-15836)
 Portable library for SSA/ASS subtitles rendering
---------------------------------------------------------------------------=
-----
Update Information:

Update to 0.10.0. Fixes some crashes with newer freetype, adds bidirectiona=
l text support (via fribidi) and contains some other improvements and fixes.
---------------------------------------------------------------------------=
-----
ChangeLog:

* Fri Nov 11 2011 Martin Sourada <mso at fedoraproject.org> - 0.10.0-1
- New upstream release
  - various improvements and fixes
- BuildRequires: fribidi-devel (bidirectional text suport)
- Fixes some wierd memory allocation related crash with freetype 2.4.6
  - rhbz 753017, rhbz 753065
---------------------------------------------------------------------------=
-----
References:

  [ 1 ] Bug #727104 - libass-0.10.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=3D727104
  [ 2 ] Bug #753017 - libass 0.9.12 crashes with FreeType 2.4.6
        https://bugzilla.redhat.com/show_bug.cgi?id=3D753017
  [ 3 ] Bug #753062 - libass Missing Build Dependency fribidi-devel
        https://bugzilla.redhat.com/show_bug.cgi?id=3D753062
  [ 4 ] Bug #753065 - libass causes downstream packages to crash
        https://bugzilla.redhat.com/show_bug.cgi?id=3D753065
---------------------------------------------------------------------------=
-----


=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
 libsocialweb-0.25.20-1.fc16 (FEDORA-2011-15833)
 A social network data aggregator
---------------------------------------------------------------------------=
-----
Update Information:

CVE-2011-4129

A security flaw was found in the way the libsocialweb, a social network dat=
a aggregator, performed its initialization when this service start was init=
iated by the dbus daemon. Due to a deficiency in a way the libsocialweb ser=
vice was initialized, an untrusted (non-SSL) network connection has been op=
ened to remote Twitter service servers without explicit approval of the use=
r, running the libsocialweb service on the local host. A remote attacker co=
uld use this flaw to conduct various MITM attacks and potentially alter int=
egrity of the user account in question.

* libsocialweb: The views will try and fetch content from the web service e=
ven if they aren't configured.

* rest: enforce that the SSL certificate is valid
---------------------------------------------------------------------------=
-----
ChangeLog:

* Sat Nov 12 2011 Peter Robinson <pbrobinson at fedoraproject.org> 0.25.20-1
- update to 0.25.20. Fixes CVE-2011-4129, RHBZ 752022
---------------------------------------------------------------------------=
-----
References:

  [ 1 ] Bug #752022 - CVE-2011-4129 libsocialweb: Untrusted connection to T=
witter without user's approval upon service start via dbus
        https://bugzilla.redhat.com/show_bug.cgi?id=3D752022
---------------------------------------------------------------------------=
-----


=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
 libverto-0.2.2-1.fc16 (FEDORA-2011-15845)
 Main loop abstraction library
---------------------------------------------------------------------------=
-----
Update Information:

initial package
---------------------------------------------------------------------------=
-----


=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
 php-bartlett-PHP-Reflect-1.1.0-1.fc16 (FEDORA-2011-15854)
 Adds the ability to reverse-engineer PHP
---------------------------------------------------------------------------=
-----
Update Information:

Upstream Changelog:
* PHP_Reflect_Token_FUNCTION::getArguments() return values changed : see ex=
amples/scanFunctionArguments.php and User Guide Configure/Properties sectio=
n (example 2). Thanks to Stefan Neufeind for its patch/proposal.
* add test suite for issues reported
* upgrades build phing xml file : use latest asciidoc version (8.6.6)

---------------------------------------------------------------------------=
-----
ChangeLog:

* Fri Nov 11 2011 Remi Collet <Fedora at FamilleCollet.com> - 1.1.0-1
- Version 1.1.0 (stable) - API 1.1.0 (stable)
---------------------------------------------------------------------------=
-----


=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
 phpMyAdmin-3.4.7.1-1.fc16 (FEDORA-2011-15841)
 Handle the administration of MySQL over the World Wide Web
---------------------------------------------------------------------------=
-----
Update Information:

Changes for 3.4.7.1 (2011-11-10):

  - [security] Fixed possible local file inclusion in XML import
(CVE-2011-4107)
---------------------------------------------------------------------------=
-----
ChangeLog:

* Sat Nov 12 2011 Robert Scheck <robert at fedoraproject.org> 3.4.7.1-1
- Upgrade to 3.4.7.1 (#753119)
---------------------------------------------------------------------------=
-----
References:

  [ 1 ] Bug #753119 - phpMyAdmin-3.4.7.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=3D753119
---------------------------------------------------------------------------=
-----


=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
 rest-0.7.12-1.fc16 (FEDORA-2011-15833)
 A library for access to RESTful web services
---------------------------------------------------------------------------=
-----
Update Information:

CVE-2011-4129

A security flaw was found in the way the libsocialweb, a social network dat=
a aggregator, performed its initialization when this service start was init=
iated by the dbus daemon. Due to a deficiency in a way the libsocialweb ser=
vice was initialized, an untrusted (non-SSL) network connection has been op=
ened to remote Twitter service servers without explicit approval of the use=
r, running the libsocialweb service on the local host. A remote attacker co=
uld use this flaw to conduct various MITM attacks and potentially alter int=
egrity of the user account in question.

* libsocialweb: The views will try and fetch content from the web service e=
ven if they aren't configured.

* rest: enforce that the SSL certificate is valid
---------------------------------------------------------------------------=
-----
ChangeLog:

* Thu Nov 10 2011 Peter Robinson <pbrobinson at fedoraproject.org> 0.7.12-1
- Release 0.7.12. Fixes CVE-2011-4129 RHBZ 752022
* Fri Oct 28 2011 Peter Robinson <pbrobinson at fedoraproject.org> 0.7.11-1
- Release 0.7.11
---------------------------------------------------------------------------=
-----
References:

  [ 1 ] Bug #752022 - CVE-2011-4129 libsocialweb: Untrusted connection to T=
witter without user's approval upon service start via dbus
        https://bugzilla.redhat.com/show_bug.cgi?id=3D752022
---------------------------------------------------------------------------=
-----


=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
 rpmdevtools-8.2-1.fc16 (FEDORA-2011-15843)
 RPM Development Tools
---------------------------------------------------------------------------=
-----
Update Information:

Update to version 8.2.

http://git.fedorahosted.org/git/?p=3Drpmdevtools.git;a=3Dblob;f=3DNEWS;h=3D=
20fb707a6091092005f66ace444c7091a0efe601;hb=3DHEAD
---------------------------------------------------------------------------=
-----
ChangeLog:

* Sat Nov 12 2011 Ville Skytt=C3=A4 <ville.skytta at iki.fi> - 8.2-1
- Update to 8.2.
---------------------------------------------------------------------------=
-----
References:

  [ 1 ] Bug #730120 - rpmdev-extract fails for multiple relative-path rpms
        https://bugzilla.redhat.com/show_bug.cgi?id=3D730120
  [ 2 ] Bug #751582 - lib packages should have an arch specific require fro=
m devel to base
        https://bugzilla.redhat.com/show_bug.cgi?id=3D751582
---------------------------------------------------------------------------=
-----


=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
 sound-theme-acoustic-1.0-1.fc16 (FEDORA-2011-15842)
 Sound theme made on an acoustic guitar
---------------------------------------------------------------------------=
-----
Update Information:

Added a package for Fedora 16.
---------------------------------------------------------------------------=
-----


=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
 timidity++-2.13.2-25.fc16.1 (FEDORA-2011-15711)
 A software wavetable MIDI synthesizer
---------------------------------------------------------------------------=
-----
Update Information:

This update fixes the following issue:
* garbled sound when start playing
* loading of sf2 files with stereo instrument samples with missing link-ids=
 between the left and right samples
* segfault cause by uninitialized data
---------------------------------------------------------------------------=
-----
ChangeLog:

* Fri Nov 11 2011 Christian Krause <chkr at fedoraproject.org> - 2.13.2-25.1
- Add a patch which fixes the loading of sf2 files with stereo instrument
  samples with missing link-ids between the left and right samples (#710927)
* Mon Nov  7 2011 Christian Krause <chkr at fedoraproject.org> - 2.13.2-25
- add upstream patch to fix garbled sound when start playing (#710927)
* Wed Jul 27 2011 Jindrich Novy <jnovy at redhat.com> - 2.13.2-24
- fix segfault in detect() introduced by libao-first patch (#711224)
---------------------------------------------------------------------------=
-----
References:

  [ 1 ] Bug #711224 - [abrt] timidity++-2.13.2-21.fc14: strlen: Process /us=
r/bin/timidity was killed by signal 11 (SIGSEGV)
        https://bugzilla.redhat.com/show_bug.cgi?id=3D711224
  [ 2 ] Bug #710927 - Short garbled noise at the beginning when playing a m=
idi file
        https://bugzilla.redhat.com/show_bug.cgi?id=3D710927
---------------------------------------------------------------------------=
-----


=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
 zita-convolver-3.0.3-2.fc16 (FEDORA-2011-15847)
 Convolution engine library
---------------------------------------------------------------------------=
-----
Update Information:

Update and rebuild for new upstream zita-convolver-3.0.2, jconvolver and gu=
itarix
---------------------------------------------------------------------------=
-----
ChangeLog:

* Mon Oct 31 2011 Brendan Jones <brendan.jones.it at gmail.com> - 3.0.3-2
- Relicensed to GPLv3+
* Wed Oct 26 2011 Brendan Jones <brendan.jones.it at gmail.com> - 3.0.3-1
- updated to 3.0.3
* Wed Oct 19 2011 Brendan Jones <brendan.jones.it at gmail.com> - 3.0.2-1
- updated to 3.0.2
---------------------------------------------------------------------------=
-----
References:

  [ 1 ] Bug #749944 - zita-convolver: request for upgrade to 3.0.3
        https://bugzilla.redhat.com/show_bug.cgi?id=3D749944
---------------------------------------------------------------------------=
-----


=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
 zita-rev1-0.2.1-4.fc16 (FEDORA-2011-15857)
 Pro-audio reverb for JACK
---------------------------------------------------------------------------=
-----
Update Information:

clxclient is a C++ X windows library used in some audio applications. Porte=
d from the CCRMA repostory.

zita-rev1 is a reworked version of the reverb originally developed for Aeol=
us. Its character is more 'hall' than 'plate', but it can be used on a wide=
 variety of instruments or voices. It is not a spatialiser - the early refl=
ections are different for the L and R inputs, but do not correspond to any =
real room. They have been tuned to match left and right sources to some ext=
ent.

In Stereo mode a dry/wet mix control is provided, so it can be used either =
as an insert or in send/return mode. For mono just connect one of the two c=
hannels.

In Ambisonic mode (selected by the -B command line option) the only option =
is the send/return mode.
---------------------------------------------------------------------------=
-----
References:

  [ 1 ] Bug #749753 - Review Request: clxclient - a C++ X windows library
        https://bugzilla.redhat.com/show_bug.cgi?id=3D749753
  [ 2 ] Bug #749757 - Review Request: zita-rev1 - Proaudio reverb for JACK
        https://bugzilla.redhat.com/show_bug.cgi?id=3D749757
---------------------------------------------------------------------------=
-----

More information about the test mailing list