Fedora 16 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Sat Oct 22 00:13:02 UTC 2011 

The following Fedora 16 Security updates need testing:

    https://admin.fedoraproject.org/updates/FEDORA-2011-14715
    https://admin.fedoraproject.org/updates/FEDORA-2011-14440
    https://admin.fedoraproject.org/updates/FEDORA-2011-14727
    https://admin.fedoraproject.org/updates/FEDORA-2011-13893
    https://admin.fedoraproject.org/updates/FEDORA-2011-13989
    https://admin.fedoraproject.org/updates/FEDORA-2011-14288
    https://admin.fedoraproject.org/updates/FEDORA-2011-14335
    https://admin.fedoraproject.org/updates/FEDORA-2011-14480
    https://admin.fedoraproject.org/updates/FEDORA-2011-14622
    https://admin.fedoraproject.org/updates/FEDORA-2011-14719
    https://admin.fedoraproject.org/updates/FEDORA-2011-14691
    https://admin.fedoraproject.org/updates/FEDORA-2011-14694


The following Fedora 16 Critical Path updates have yet to be approved:

    https://admin.fedoraproject.org/updates/FEDORA-2011-14723
    https://admin.fedoraproject.org/updates/FEDORA-2011-14704
    https://admin.fedoraproject.org/updates/FEDORA-2011-14722
    https://admin.fedoraproject.org/updates/FEDORA-2011-14694
    https://admin.fedoraproject.org/updates/FEDORA-2011-14682
    https://admin.fedoraproject.org/updates/FEDORA-2011-14614
    https://admin.fedoraproject.org/updates/FEDORA-2011-14625
    https://admin.fedoraproject.org/updates/FEDORA-2011-14607
    https://admin.fedoraproject.org/updates/FEDORA-2011-14581
    https://admin.fedoraproject.org/updates/FEDORA-2011-14585
    https://admin.fedoraproject.org/updates/FEDORA-2011-14572
    https://admin.fedoraproject.org/updates/FEDORA-2011-14469
    https://admin.fedoraproject.org/updates/FEDORA-2011-14421
    https://admin.fedoraproject.org/updates/FEDORA-2011-14359
    https://admin.fedoraproject.org/updates/FEDORA-2011-14328
    https://admin.fedoraproject.org/updates/FEDORA-2011-14244
    https://admin.fedoraproject.org/updates/FEDORA-2011-14264
    https://admin.fedoraproject.org/updates/FEDORA-2011-14071
    https://admin.fedoraproject.org/updates/FEDORA-2011-13971
    https://admin.fedoraproject.org/updates/FEDORA-2011-13954
    https://admin.fedoraproject.org/updates/FEDORA-2011-13774
    https://admin.fedoraproject.org/updates/FEDORA-2011-12648
    https://admin.fedoraproject.org/updates/FEDORA-2011-12550
    https://admin.fedoraproject.org/updates/FEDORA-2011-11709
    https://admin.fedoraproject.org/updates/FEDORA-2011-11424
    https://admin.fedoraproject.org/updates/FEDORA-2011-10886


The following builds have been pushed to Fedora 16 updates-testing

    389-ds-base-1.2.10-0.4.a4.fc16
    NetworkManager-0.9.1.90-4.git20110927.fc16
    apiextractor-0.10.8-1.fc16
    arora-0.11.0-3.fc16
    audacious-3.0.4-1.fc16
    audacious-plugins-3.0.4-1.fc16
    bibletime-2.8.2-1.fc16
    cln-1.3.2-2.fc16
    deltacloud-core-0.4.1-3.fc16
    dracut-013-16.fc16
    flashrom-0.9.4-2.svn1455.fc16
    freeipa-2.1.3-4.fc16
    generatorrunner-0.6.14-1.fc16
    ghc-7.0.4-31.1.fc16
    gparted-0.9.1-1.fc16
    gsoap-2.8.3-2.fc16
    hardlink-1.0-12.fc16
    hekafs-0.7-16.fc16
    ibus-1.4.0-5.fc16
    iwhd-0.991-1.fc16
    jss-4.2.6-21.fc16
    konversation-1.3.1-5.fc16
    libdrm-2.4.26-2.fc16
    libpinyin-0.2.99.2-1.fc16
    matahari-0.5.0-1.fc16
    mingw32-matahari-0.5.0-1.fc16
    moodle-2.0.5-1.fc16
    mozilla-https-everywhere-1.1-1.fc16
    perl-Tk-804.029-4.fc16
    pygobject3-3.0.2-1.fc16
    python-pyside-1.0.8-1.fc16
    python-requests-0.6.6-1.fc16
    qemu-0.15.1-1.fc16
    selinux-policy-3.10.0-45.1.fc16
    selinux-policy-3.10.0-46.fc16
    shiboken-1.0.9-1.fc16
    sigar-1.6.5-0.5.git58097d9.fc16
    smartmontools-5.42-1.fc16
    soprano-2.7.2-1.fc16
    spin-kickstarts-0.16.3-1.fc16
    sssd-1.6.2-3.fc16
    telepathy-salut-0.6.0-1.fc16
    zeitgeist-0.8.2-1.fc16

Details about builds:


================================================================================
 389-ds-base-1.2.10-0.4.a4.fc16 (FEDORA-2011-14614)
 389 Directory Server (base)
--------------------------------------------------------------------------------
Update Information:

2011-10-21: Added selinux-policy and updated SSSD with explicit Requires


FreeIPA:

== What happened to 2.1.2!? ==

Right after tagging 2.1.2 we found an upgrade issue that would have 
affected any users using the selfsign CA (installed with --selfsign). We 
decided to hold back the release, fix a few more bugs, and just push out 
2.1.3 instead about a week later. So here we are.

== Highlights in 2.1.3 ==

* Enforce that system hostname matches hostname of IPA server.
* Require that /etc/hosts is sane even when configuring DNS.
* Increase default server-side LDAP search limits.
* Client enrollment improvements including longer wait for sssd to 
start, recovery if discovered IPA server is not responsive and when 
anonymous bind is disabled in 389-ds.

== Highlights in 2.1.2 ==

* Upgrade older dogtag installs to use new PKI proxy configuration
* hbactest improvements
* Added platform-independent code to make ipa-client-install more portable
* Make client uninstaller more robust, should restore state more completely.
* UI usability improvements
* Tool for Enabling/Disabling Managed Entry Plugins
* Managed Entries configuration is now replicated
* IPv6 client enrollment improvements
* Man page improvements
* Performance improvements when calculating indirect membership
* Improved handling of disabled anonymous binds in 389-ds
* user is now prompted to enter current password when changing to a new
password
* ipa server now support multiple namingContexts. ipa-client-install and
password migration were fixed

== Upgrading ==

=== Server ===

To upgrade a 2.0.0, 2.0.1 or 2.1.0 server do the following:
  # yum update freeipa-server --enablerepo=updates-testing

This will pull in updated freeIPA, 389-ds, dogtag, libcurl and xmlrpc-c 
packages (and perhaps some others). A script will be executed in the rpm 
postinstall phase to update the IPA LDAP server with any required changes.

There is a bug reported against 389-ds, 
https://bugzilla.redhat.com/show_bug.cgi?id=730387, related to 
read-write locks. The NSPR RW lock implementation does not safely allow 
re-entrant use of reader
locks. This is a timing issue so it is difficult to predict. During 
testing one user experienced this and the upgrade hung. To break the 
hang kill the ns-slapd process for your realm, wait for the yum 
transaction to complete, then restart 389-ds and manually run the update 
process:

  # service dirsrv start
  # ipa-ldap-updater --update

=== Client ===

The ipa-client-install tool in the ipa-client package is just a 
configuration tool. There should be no need to re-run this on every 
client already enrolled.




SSSD:
== Highlights ==
 * Improved handling of users and groups with multi-valued name
attributes (aliases)
 * Performance enhancements
  * Initgroups on RFC2307bis/FreeIPA
  * HBAC rule processing
 * Improved process-hang detection and restarting
 * Enabled the midpoint cache refresh by default (fewer cache misses on
commonly-used entries)
 * Cleaned up the example configuration




389-ds-base:
 * fix config del/add mods
 * memberof is transaction aware resource
 * limits for simple paged results
 * Native systemd support
 * Fix for managed entry
 * Fixed source tarball
 * fix transaction support in ldbm_delete

--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct  7 2011 Rich Megginson <rmeggins at redhat.com> - 1.2.10-0.4.a4
- Bug 741744 - part3 - MOD operations with chained delete/add get back error 53
- 1d2f5a0 make memberof transaction aware and able to be a betxnpostoperation plug in
- b6d3ba7 pass the plugin config entry to the plugin init function
- 28f7bfb set the ENTRY_POST_OP for modrdn betxnpostoperation plugins
- Bug 743966 - Compiler warnings in account usability plugin
* Wed Oct  5 2011 Rich Megginson <rmeggins at redhat.com> - 1.2.10.a3-0.3
- 498c42b fix transaction support in ldbm_delete
* Wed Oct  5 2011 Rich Megginson <rmeggins at redhat.com> - 1.2.10.a2-0.2
- Bug 740942 - allow resource limits to be set for paged searches independently of limits for other searches/operations
- Bug 741744 - MOD operations with chained delete/add get back error 53 on backend config
- Bug 742324 - allow nsslapd-idlistscanlimit to be set dynamically and per-user
* Wed Sep 21 2011 Rich Megginson <rmeggins at redhat.com> - 1.2.10.a1-0.1
- Bug 695736 - Providing native systemd file
* Wed Sep  7 2011 Rich Megginson <rmeggins at redhat.com> - 1.2.9.10-2
- corrected source
* Wed Sep  7 2011 Rich Megginson <rmeggins at redhat.com> - 1.2.9.10-1
- Bug 735114 - renaming a managed entry does not update mepmanagedby
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #699785 - Providing Native systemd service file for IPA
        https://bugzilla.redhat.com/show_bug.cgi?id=699785
  [ 2 ] Bug #741744 - MOD operations with chained delete/add get back error 53 on backend config
        https://bugzilla.redhat.com/show_bug.cgi?id=741744
  [ 3 ] Bug #743966 - Compiler warnings in account usability plugin
        https://bugzilla.redhat.com/show_bug.cgi?id=743966
  [ 4 ] Bug #740942 - allow resource limits to be set for paged searches independently of limits for other searches/operations
        https://bugzilla.redhat.com/show_bug.cgi?id=740942
  [ 5 ] Bug #742324 - allow nsslapd-idlistscanlimit to be set dynamically and per-user
        https://bugzilla.redhat.com/show_bug.cgi?id=742324
  [ 6 ] Bug #695736 - Providing native systemd file
        https://bugzilla.redhat.com/show_bug.cgi?id=695736
  [ 7 ] Bug #735114 - renaming a managed entry does not update mepmanagedby
        https://bugzilla.redhat.com/show_bug.cgi?id=735114
--------------------------------------------------------------------------------


================================================================================
 NetworkManager-0.9.1.90-4.git20110927.fc16 (FEDORA-2011-14722)
 Network connection manager and user applications
--------------------------------------------------------------------------------
Update Information:

This update fixes setting host-name obtained from DHCP server.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 21 2011 Jiří Klimeš <jklimes at redhat.com> - 0.9.1.90-4.git20110927
- core: fix setting hostname from DHCP options (rh #719100)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #719100 - NetworkManager doesn't set hostname to value return from dhclient
        https://bugzilla.redhat.com/show_bug.cgi?id=719100
--------------------------------------------------------------------------------


================================================================================
 apiextractor-0.10.8-1.fc16 (FEDORA-2011-14707)
 Library headers parser to extract API information
--------------------------------------------------------------------------------
Update Information:

PySide 1.0.8 bug fix release with initial Qt 4.8 support.

Detailed changelog is available from upstream announcements:

 - http://lists.pyside.org/pipermail/pyside/2011-September/002935.html
 - http://lists.pyside.org/pipermail/pyside/2011-October/003016.html
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 21 2011 Kalev Lember <kalevlember at gmail.com> - 0.10.8-1
- Update to 0.10.8
--------------------------------------------------------------------------------


================================================================================
 arora-0.11.0-3.fc16 (FEDORA-2011-14719)
 A cross platform web browser
--------------------------------------------------------------------------------
Update Information:

Fixes CVE-2011-3367, an input validation flaw.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 20 2011 Jaroslav Reznik <jreznik at redhat.com> - 0.11.0-3
- CVE-2011-3367 - input validation flaw (rhbz#746875)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #746875 - CVE-2011-3367 arora: input validation flaw
        https://bugzilla.redhat.com/show_bug.cgi?id=746875
--------------------------------------------------------------------------------


================================================================================
 audacious-3.0.4-1.fc16 (FEDORA-2011-14699)
 Advanced audio player
--------------------------------------------------------------------------------
Update Information:

Update from 3.0.2 to 3.0.4 for a few more fixes and translation updates.

--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 21 2011 Michael Schwendt <mschwendt at fedoraproject.org> - 3.0.4-1
- Update to 3.0.4 (a few fixes, 5k diff).
* Mon Sep 19 2011 Michael Schwendt <mschwendt at fedoraproject.org> - 3.0.3-1
- Update to 3.0.3 (just a few spelling fixes and translation updates).
* Sat Sep 17 2011 Michael Schwendt <mschwendt at fedoraproject.org> - 3.0.2-3
- Add audacious(plugin-api)%{?_isa} Provides which plugin packages
  may use for an arch-specific dependency (albeit not before builds of
  this base package become available for the target dist).
* Fri Sep 16 2011 Michael Schwendt <mschwendt at fedoraproject.org> - 3.0.2-2
- Use %_isa in more dependencies.
- Drop unneeded BuildRoot stuff.
- Drop %defattr lines.
- Drop explicit pkgconfig dependency.
--------------------------------------------------------------------------------


================================================================================
 audacious-plugins-3.0.4-1.fc16 (FEDORA-2011-14699)
 Plugins for the Audacious audio player
--------------------------------------------------------------------------------
Update Information:

Update from 3.0.2 to 3.0.4 for a few more fixes and translation updates.

--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 21 2011 Michael Schwendt <mschwendt at fedoraproject.org> - 3.0.4-1
- Update to 3.0.4 (maintenance release in stable branch, 15k diff).
* Mon Sep 19 2011 Michael Schwendt <mschwendt at fedoraproject.org> - 3.0.3-1
- Update to 3.0.3 (some more translation updates).
- Let the plugin pkgs depend on audacious(plugin-api)%{?_isa}.
* Fri Sep 16 2011 Michael Schwendt <mschwendt at fedoraproject.org> - 3.0.2-3
- Use %_isa in more dependencies.
- Drop unneeded BuildRoot stuff.
- Drop %defattr lines.
- Drop old -wavpack and -vortex Obsoletes/Provides.
--------------------------------------------------------------------------------


================================================================================
 bibletime-2.8.2-1.fc16 (FEDORA-2011-14702)
 An easy to use Bible study tool
--------------------------------------------------------------------------------
Update Information:

Fix build for clucene2 and update to 2.8.2
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 20 2011 Deji Akingunola <dakingun at gmail.com> - 2.8.2-1
- Update to 2.8.2
- Add patch by Jonathan Dieter (jdieter at lesbg.com) so it builds
  against CLucene-2.3.3
--------------------------------------------------------------------------------


================================================================================
 cln-1.3.2-2.fc16 (FEDORA-2011-14714)
 Class Library for Numbers
--------------------------------------------------------------------------------
Update Information:

Update to latest stable release and fix arm build.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct 19 2011 Deji Akingunola <dakingun at gmail.com> - 1.3.2-2
- Also add -DNO_ASM to CFLAGS for arm archs.
* Sun Oct  9 2011 Deji Akingunola <dakingun at gmail.com> - 1.3.2-1
- New upstream version
- Add -DNO_ASM flag for arm archs.
--------------------------------------------------------------------------------


================================================================================
 deltacloud-core-0.4.1-3.fc16 (FEDORA-2011-14708)
 Deltacloud REST API
--------------------------------------------------------------------------------
Update Information:

Bugfix for VSphere driver
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 21 2011 Michal Fojtik <mfojtik at redhat.com> - 0.4.1-3
- Backported fix for VSphere driver
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #747634 - deltacloud error: NoMethodError: undefined method `validate_instance_profile!' for #<Deltacloud::Drivers::VSphere::VSphereDriver:0x7f90fdb8f818>
        https://bugzilla.redhat.com/show_bug.cgi?id=747634
--------------------------------------------------------------------------------


================================================================================
 dracut-013-16.fc16 (FEDORA-2011-14704)
 Initramfs generator using udev
--------------------------------------------------------------------------------
Update Information:

- fixed livenet module wget bug
Resolves: rhbz#747632
- fixed relative symlink bugs
- speedup image creation
- protect against files in current directory
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 21 2011 Harald Hoyer <harald at redhat.com> 013-16
- fixed livenet module wget bug
Resolves: rhbz#747632
- fixed relative symlink bugs
- speedup image creation
- protect against files in current directory
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #747632 - using iSCSI target as root filesystem results in kernel panic at boot
        https://bugzilla.redhat.com/show_bug.cgi?id=747632
--------------------------------------------------------------------------------


================================================================================
 flashrom-0.9.4-2.svn1455.fc16 (FEDORA-2011-14729)
 Simple program for reading/writing BIOS chips content
--------------------------------------------------------------------------------
Update Information:

- Updated to latest svn ver. 1455 (post-release snapshot for 0.9.4)
- Added lots of new boards and several chipsets and flashchips
- Lots of other cleanups and enhancements
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 21 2011 Peter Lemenkov <lemenkov at gmail.com> - 0.9.4-2.svn1455
- Updated to latest svn ver. 1455 (post-release snapshot for 0.9.4)
- Added lots of new boards and several chipsets and flashchips
- Lots of other cleanups and enhancements
--------------------------------------------------------------------------------


================================================================================
 freeipa-2.1.3-4.fc16 (FEDORA-2011-14614)
 The Identity, Policy and Audit system
--------------------------------------------------------------------------------
Update Information:

2011-10-21: Added selinux-policy and updated SSSD with explicit Requires


FreeIPA:

== What happened to 2.1.2!? ==

Right after tagging 2.1.2 we found an upgrade issue that would have 
affected any users using the selfsign CA (installed with --selfsign). We 
decided to hold back the release, fix a few more bugs, and just push out 
2.1.3 instead about a week later. So here we are.

== Highlights in 2.1.3 ==

* Enforce that system hostname matches hostname of IPA server.
* Require that /etc/hosts is sane even when configuring DNS.
* Increase default server-side LDAP search limits.
* Client enrollment improvements including longer wait for sssd to 
start, recovery if discovered IPA server is not responsive and when 
anonymous bind is disabled in 389-ds.

== Highlights in 2.1.2 ==

* Upgrade older dogtag installs to use new PKI proxy configuration
* hbactest improvements
* Added platform-independent code to make ipa-client-install more portable
* Make client uninstaller more robust, should restore state more completely.
* UI usability improvements
* Tool for Enabling/Disabling Managed Entry Plugins
* Managed Entries configuration is now replicated
* IPv6 client enrollment improvements
* Man page improvements
* Performance improvements when calculating indirect membership
* Improved handling of disabled anonymous binds in 389-ds
* user is now prompted to enter current password when changing to a new
password
* ipa server now support multiple namingContexts. ipa-client-install and
password migration were fixed

== Upgrading ==

=== Server ===

To upgrade a 2.0.0, 2.0.1 or 2.1.0 server do the following:
  # yum update freeipa-server --enablerepo=updates-testing

This will pull in updated freeIPA, 389-ds, dogtag, libcurl and xmlrpc-c 
packages (and perhaps some others). A script will be executed in the rpm 
postinstall phase to update the IPA LDAP server with any required changes.

There is a bug reported against 389-ds, 
https://bugzilla.redhat.com/show_bug.cgi?id=730387, related to 
read-write locks. The NSPR RW lock implementation does not safely allow 
re-entrant use of reader
locks. This is a timing issue so it is difficult to predict. During 
testing one user experienced this and the upgrade hung. To break the 
hang kill the ns-slapd process for your realm, wait for the yum 
transaction to complete, then restart 389-ds and manually run the update 
process:

  # service dirsrv start
  # ipa-ldap-updater --update

=== Client ===

The ipa-client-install tool in the ipa-client package is just a 
configuration tool. There should be no need to re-run this on every 
client already enrolled.




SSSD:
== Highlights ==
 * Improved handling of users and groups with multi-valued name
attributes (aliases)
 * Performance enhancements
  * Initgroups on RFC2307bis/FreeIPA
  * HBAC rule processing
 * Improved process-hang detection and restarting
 * Enabled the midpoint cache refresh by default (fewer cache misses on
commonly-used entries)
 * Cleaned up the example configuration




389-ds-base:
 * fix config del/add mods
 * memberof is transaction aware resource
 * limits for simple paged results
 * Native systemd support
 * Fix for managed entry
 * Fixed source tarball
 * fix transaction support in ldbm_delete

--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct 19 2011 Alexander Bokovoy <abokovoy at redhat.com> - 2.1.3-4
- clean up spec 
- Depend on sssd >= 1.6.2 for better user experience
* Tue Oct 18 2011 Alexander Bokovoy <abokovoy at redhat.com> - 2.1.3-3
- Fix Fedora package changelog after merging systemd changes
* Tue Oct 18 2011 Alexander Bokovoy <abokovoy at redhat.com> - 2.1.3-2
- Fix postin scriplet for F-15/F-16
* Tue Oct 18 2011 Alexander Bokovoy <abokovoy at redhat.com> - 2.1.3-1
- 2.1.3
* Mon Oct 17 2011 Alexander Bokovoy <abokovoy at redhat.com> - 2.1.2-1
- Default to systemd for Fedora 16 and onwards
* Tue Aug 16 2011 Rob Crittenden <rcritten at redhat.com> - 2.1.0-1
- Update to upstream 2.1.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #699785 - Providing Native systemd service file for IPA
        https://bugzilla.redhat.com/show_bug.cgi?id=699785
  [ 2 ] Bug #741744 - MOD operations with chained delete/add get back error 53 on backend config
        https://bugzilla.redhat.com/show_bug.cgi?id=741744
  [ 3 ] Bug #743966 - Compiler warnings in account usability plugin
        https://bugzilla.redhat.com/show_bug.cgi?id=743966
  [ 4 ] Bug #740942 - allow resource limits to be set for paged searches independently of limits for other searches/operations
        https://bugzilla.redhat.com/show_bug.cgi?id=740942
  [ 5 ] Bug #742324 - allow nsslapd-idlistscanlimit to be set dynamically and per-user
        https://bugzilla.redhat.com/show_bug.cgi?id=742324
  [ 6 ] Bug #695736 - Providing native systemd file
        https://bugzilla.redhat.com/show_bug.cgi?id=695736
  [ 7 ] Bug #735114 - renaming a managed entry does not update mepmanagedby
        https://bugzilla.redhat.com/show_bug.cgi?id=735114
--------------------------------------------------------------------------------


================================================================================
 generatorrunner-0.6.14-1.fc16 (FEDORA-2011-14707)
 Plugin-based application to run apiextractor-based generators
--------------------------------------------------------------------------------
Update Information:

PySide 1.0.8 bug fix release with initial Qt 4.8 support.

Detailed changelog is available from upstream announcements:

 - http://lists.pyside.org/pipermail/pyside/2011-September/002935.html
 - http://lists.pyside.org/pipermail/pyside/2011-October/003016.html
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 21 2011 Kalev Lember <kalevlember at gmail.com> - 0.6.14-1
- Update to 0.6.14
--------------------------------------------------------------------------------


================================================================================
 ghc-7.0.4-31.1.fc16 (FEDORA-2011-14724)
 Glasgow Haskell Compiler
--------------------------------------------------------------------------------
Update Information:

- Include the ghc (ghci) library in ghc-devel (Narasim)
- Support armv5tel arch (Henrik Nordström)
- Dependency autogeneration for bootstrap builds
- Use system libffi also on secondary archs (except ppc for now)
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 20 2011 Jens Petersen <petersen at redhat.com> - 7.0.4-31.1
- setup ghc-deps.sh after ghc_version_override for bootstrapping
- add armv5tel (ported by Henrik Nordström)
- also use ghc-deps.sh when bootstrapping (ghc-rpm-macros-0.13.13)
- replace libffi_archs with libffi_copy_archs for ppc just for now
- include the ghc (ghci) library in ghc-devel
--------------------------------------------------------------------------------


================================================================================
 gparted-0.9.1-1.fc16 (FEDORA-2011-14725)
 Gnome Partition Editor
--------------------------------------------------------------------------------
Update Information:

Update to 0.9.1. Fix a couple of NTFS bugs.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct 19 2011 Deji Akingunola <dakingun at gmail.com> - 0.9.1-1
- Update to version 0.9.1
--------------------------------------------------------------------------------


================================================================================
 gsoap-2.8.3-2.fc16 (FEDORA-2011-14721)
 Generator Tools for Coding SOAP/XML Web Services in C and C++
--------------------------------------------------------------------------------
Update Information:

This update fixes a problem with IPv4 only sockets.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 21 2011 Mattias Ellert <mattias.ellert at fysast.uu.se> - 2.8.3-2
- Fix an issue with IPv4 only sockets when IPv6 support is enabled
--------------------------------------------------------------------------------


================================================================================
 hardlink-1.0-12.fc16 (FEDORA-2011-14727)
 Create a tree of hardlinks
--------------------------------------------------------------------------------
Update Information:

fix possible buffer overflows, integer overflows (CVE-2011-3630 CVE-2011-3631 CVE-2011-3632)
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 21 2011 Jindrich Novy <jnovy at redhat.com> - 1:1.0-12
- fix possible buffer overflows, integer overflows (CVE-2011-3630 CVE-2011-3631 CVE-2011-3632)
- update man page
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #746709 - CVE-2011-3630 hardlink: Multiple stack-based buffer overflows when run on a tree with deeply nested directories
        https://bugzilla.redhat.com/show_bug.cgi?id=746709
  [ 2 ] Bug #746710 - CVE-2011-3631 hardlink: Multiple integer overflows, when adding string lengths
        https://bugzilla.redhat.com/show_bug.cgi?id=746710
  [ 3 ] Bug #746713 - CVE-2011-3632 hardlink: Prone to symlink attacks
        https://bugzilla.redhat.com/show_bug.cgi?id=746713
--------------------------------------------------------------------------------


================================================================================
 hekafs-0.7-16.fc16 (FEDORA-2011-14711)
 Heka File System
--------------------------------------------------------------------------------
Update Information:

fixes tenant root dir not writable
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 21 2011 Kaleb S. KEITHLEY <kkeithle at redhat.com> - 0.7-16
- fix for BZ 747112
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #747112 - tenant's root dir is not writeable by default
        https://bugzilla.redhat.com/show_bug.cgi?id=747112
--------------------------------------------------------------------------------


================================================================================
 ibus-1.4.0-5.fc16 (FEDORA-2011-14726)
 Intelligent Input Bus for Linux OS
--------------------------------------------------------------------------------
Update Information:

ibus panel status icon cannot open menu item on gnome-shell without this update. Updated ibus-gnome3.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 21 2011 Takao Fujiwara <tfujiwar at redhat.com> - 1.4.0-5
- Fixed Bug 747845 - ibus icon cannot open menu item on gnome-shell
* Thu Oct 20 2011 Takao Fujiwara <tfujiwar at redhat.com> - 1.4.0-4
- Fixed Bug 746869 - no keymaps if the XKB has no group and no variant
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #747845 - ibus panel status icon cannot open menu item on gnome-shell
        https://bugzilla.redhat.com/show_bug.cgi?id=747845
--------------------------------------------------------------------------------


================================================================================
 iwhd-0.991-1.fc16 (FEDORA-2011-14728)
 Image WareHouse Daemon
--------------------------------------------------------------------------------
Update Information:

better oauth support
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 20 2011 Jim Meyering <meyering at redhat.com> - 0.991-1
- new release
--------------------------------------------------------------------------------


================================================================================
 jss-4.2.6-21.fc16 (FEDORA-2011-14717)
 Java Security Services (JSS)
--------------------------------------------------------------------------------
Update Information:

Bugzilla Bug #737122 - DRM: during archiving and recovering, wrapping
unwrapping keys should be done in the token
support for PKCS5v2; support for secure PKCS12
Bugzilla Bug #744797 - KRA key recovery (retrieve pkcs#12) fails after the
in-place upgrade( CS 8.0->8.1)
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct 19 2011 Christina Fu <cfu at redhat.com> - 4.2.6-21
- Bugzilla Bug #737122 - DRM: during archiving and recovering, wrapping
  unwrapping keys should be done in the token
- support for PKCS5v2; support for secure PKCS12
- Bugzilla Bug #744797 - KRA key recovery (retrieve pkcs#12) fails after the
  in-place upgrade( CS 8.0->8.1)
--------------------------------------------------------------------------------


================================================================================
 konversation-1.3.1-5.fc16 (FEDORA-2011-14703)
 A user friendly IRC client
--------------------------------------------------------------------------------
Update Information:

Upstream patch to workaround crashes introduced with the option
"Mark the last position in a chat window when it is hidden" used
with newer qt releases.  See also http://bugs.kde.org/210106
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 21 2011 Rex Dieter <rdieter at fedoraproject.org> 1.3.1-5
- Crash in marker cleanup code (kde#210106)
--------------------------------------------------------------------------------


================================================================================
 libdrm-2.4.26-2.fc16 (FEDORA-2011-14723)
 Direct Rendering Manager runtime library
--------------------------------------------------------------------------------
Update Information:

fix permissions on control device file
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 21 2011 Dave Airlie <airlied at redhat.com> 2.4.26-2
- fix perms on control node in udev rule
--------------------------------------------------------------------------------


================================================================================
 libpinyin-0.2.99.2-1.fc16 (FEDORA-2011-14697)
 Library to deal with pinyin
--------------------------------------------------------------------------------
Update Information:

libpinyin - Library to deal with pinyin
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #741824 - Review Request: libpinyin - Library to deal with pinyin
        https://bugzilla.redhat.com/show_bug.cgi?id=741824
--------------------------------------------------------------------------------


================================================================================
 matahari-0.5.0-1.fc16 (FEDORA-2011-14712)
 Matahari QMF Agents for Linux guests
--------------------------------------------------------------------------------
Update Information:

New upstream release
Only require dmidecode on archs where it exists.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 21 2011 Adam Stokes <astokes at fedoraproject.org> 0.5.0
- New upstream release
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #745386 - matahari-host requires dmidecode
        https://bugzilla.redhat.com/show_bug.cgi?id=745386
--------------------------------------------------------------------------------


================================================================================
 mingw32-matahari-0.5.0-1.fc16 (FEDORA-2011-14720)
 Matahari QMF Agents for Windows guests
--------------------------------------------------------------------------------
Update Information:

New upstream release
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 21 2011 Adam Stokes <astokes at fedoraproject.org> matahari-0.5.0
- New 0.5.0 release
* Wed Sep 14 2011 Adam Stokes <astokes at fedoraproject.org> matahari-0.4.5-0.1.9bb41cb.git
- New upstream Release.
* Mon Aug 29 2011 Adam Stokes <astokes at fedoraproject.org> matahari-0.4.2-0.1.67227ab.git
- New upstream release.
* Fri Jul 29 2011 Adam Stokes <astokes at fedoraproject.org> matahari-0.4.2-0.1.cb3faf4.git
- New upstream release.
--------------------------------------------------------------------------------


================================================================================
 moodle-2.0.5-1.fc16 (FEDORA-2011-14715)
 A Course Management System
--------------------------------------------------------------------------------
Update Information:

Multiple security fixes.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 21 2011 Jon Ciesla <limb at jcomserv.net> - 2.0.5-1
- New upstream, BZ 747445.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #747445 - moodle: Multiple security fixes in 2.1.2, 2.0.5, and 1.9.14 [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=747445
  [ 2 ] Bug #747446 - moodle: Multiple security fixes in 2.1.2, 2.0.5, and 1.9.14 [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=747446
--------------------------------------------------------------------------------


================================================================================
 mozilla-https-everywhere-1.1-1.fc16 (FEDORA-2011-14716)
 HTTPS/HSTS enforcement extension for Mozilla Firefox and SeaMonkey
--------------------------------------------------------------------------------
Update Information:

Here is where you
give an explanation of
your update.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 20 2011 Russell Golden <niveusluna at niveusluna.org> - 1.1-1
- Further tweaks to internals, will hopefully fix a number of weird issues:
--      https://trac.torproject.org/projects/tor/ticket/4194
--      https://trac.torproject.org/projects/tor/ticket/4149
--      https://mail1.eff.org/pipermail/https-everywhere/2011-October/001208.html
- YouTube is enabled by default!
- Fixes: Yandex, Statcounter, Polldaddy, SBB.ch
- Improvements: Facebook+
- Disable broken: Bloglines, EPEAT
--------------------------------------------------------------------------------


================================================================================
 perl-Tk-804.029-4.fc16 (FEDORA-2011-14700)
 Perl Graphical User Interface ToolKit
--------------------------------------------------------------------------------
Update Information:

 
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 21 2011 Ralf Corsépius <corsepiu at fedoraproject.org> 804.029-4
- Split out Tk/MMutil.pm, Tk/install.pm, Tk/MakeDepend.pm into perl-Tk-devel.
  (Avoid dependency on perl-devel - BZ 741777).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #741777 - Bogus requires on perl-devel from perl-tk
        https://bugzilla.redhat.com/show_bug.cgi?id=741777
--------------------------------------------------------------------------------


================================================================================
 pygobject3-3.0.2-1.fc16 (FEDORA-2011-14718)
 Python 2 bindings for GObject Introspection
--------------------------------------------------------------------------------
Update Information:

This release makes the snippets plugin of gedit to work again.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Oct 22 2011 Ignacio Casal Quinteiro <icq at gnome.org> - 3.0.2-1
- udpate to 3.0.2
--------------------------------------------------------------------------------


================================================================================
 python-pyside-1.0.8-1.fc16 (FEDORA-2011-14707)
 Python bindings for Qt4
--------------------------------------------------------------------------------
Update Information:

PySide 1.0.8 bug fix release with initial Qt 4.8 support.

Detailed changelog is available from upstream announcements:

 - http://lists.pyside.org/pipermail/pyside/2011-September/002935.html
 - http://lists.pyside.org/pipermail/pyside/2011-October/003016.html
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 21 2011 Kalev Lember <kalevlember at gmail.com> - 1.0.8-1
- Update to 1.0.8
- Dropped the Qt 4.8 patch that was merged upstream
--------------------------------------------------------------------------------


================================================================================
 python-requests-0.6.6-1.fc16 (FEDORA-2011-14709)
 HTTP library, written in Python, for human beings
--------------------------------------------------------------------------------
Update Information:

Latest bug fix
release from upstream
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 20 2011 Arun SAG <sagarun at gmail.com> - 0.6.6-1
- Updated to version 0.6.6
--------------------------------------------------------------------------------


================================================================================
 qemu-0.15.1-1.fc16 (FEDORA-2011-14698)
 QEMU is a FAST! processor emulator
--------------------------------------------------------------------------------
Update Information:

Update qemu to 0.15.1 stable for multiple bug fixes.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 21 2011 Justin M. Forbes <jforbes at redhat.com> - 2:0.15.1-1
- Require seabios-bin >= 0.6.0-2 (#741992)
- Replace init scripts with systemd units (#741920)
- Update to 0.15.1 stable upstream
* Fri Oct 21 2011 Paul Moore <pmoore at redhat.com>
- Enable full relro and PIE (rhbz #738812)
* Wed Oct 12 2011 Daniel P. Berrange <berrange at redhat.com> - 2:0.15.0-6
- Add BR on ceph-devel to enable RBD block device
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #741992 - qemu-kvm should require seabios-bin >= 0.6.2
        https://bugzilla.redhat.com/show_bug.cgi?id=741992
  [ 2 ] Bug #741920 - switch ksm and binfmt to use systemd
        https://bugzilla.redhat.com/show_bug.cgi?id=741920
  [ 3 ] Bug #738812 - qemu-kvm should be built with full relro and PIE support
        https://bugzilla.redhat.com/show_bug.cgi?id=738812
  [ 4 ] Bug #719655 - Provide native systemd unit file
        https://bugzilla.redhat.com/show_bug.cgi?id=719655
--------------------------------------------------------------------------------


================================================================================
 selinux-policy-3.10.0-45.1.fc16 (FEDORA-2011-14618)
 SELinux policy configuration
--------------------------------------------------------------------------------
Update Information:

- Allow svirt_lxc_domain to chr_file and blk_file devices if they are in the domain
- Allow init process to setrlimit on itself
- Take away transition rules for users executing ssh-keygen
- Allow setroubleshoot_fixit_t to read /dev/urand
- Allow sshd to relbale tunnel sockets
- Allow fail2ban domtrans to shorewall in the same way as with iptables
- Add support for lnk files in the /var/lib/sssd directory
- Allow system mail to connect to courier-authdaemon over an unix stream socket
- Add policies for nova openstack
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 20 2011 Dan Walsh <dwalsh at redhat.com> 3.10.0-45.1
- Allow systemd_passwd to talk to sock_files in systemd_passwd_var_run_t directories
* Thu Oct 20 2011 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-45
- Remove tzdata policy
* Thu Oct 20 2011 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-44
- Add labeling for udev
- Add cloudform policy
- Fixes for bootloader policy
* Wed Oct 19 2011 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-43
- Add policies for nova openstack
* Tue Oct 18 2011 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-42
- Add fixes for nova-stack policy
* Tue Oct 18 2011 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-41
- Allow svirt_lxc_domain to chr_file and blk_file devices if they are in the domain
- Allow init process to setrlimit on itself
- Take away transition rules for users executing ssh-keygen
- Allow setroubleshoot_fixit_t to read /dev/urand
- Allow sshd to relbale tunnel sockets
- Allow fail2ban domtrans to shorewall in the same way as with iptables
- Add support for lnk files in the /var/lib/sssd directory
- Allow system mail to connect to courier-authdaemon over an unix stream socket
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #747012 - SELinux is preventing /bin/systemd-tty-ask-password-agent from read access on the fifo_file 136:2.
        https://bugzilla.redhat.com/show_bug.cgi?id=747012
  [ 2 ] Bug #747653 - SELinux is preventing systemd-tty-ask from 'read' accesses on the file ask.lIE7zh.
        https://bugzilla.redhat.com/show_bug.cgi?id=747653
  [ 3 ] Bug #745272 - Surprising statuses when verifying selinux-policy-targeted
        https://bugzilla.redhat.com/show_bug.cgi?id=745272
  [ 4 ] Bug #734346 - SELinux policy for nova
        https://bugzilla.redhat.com/show_bug.cgi?id=734346
  [ 5 ] Bug #746358 - SELinux is preventing /usr/sbin/gpsd from read, write access on the chr_file ttyUSB2.
        https://bugzilla.redhat.com/show_bug.cgi?id=746358
  [ 6 ] Bug #746559 - SELinux is preventing /usr/bin/python from 'getattr' accesses on the chr_file /dev/urandom.
        https://bugzilla.redhat.com/show_bug.cgi?id=746559
  [ 7 ] Bug #746561 - SELinux is preventing /usr/bin/python from 'read' accesses on the file online.
        https://bugzilla.redhat.com/show_bug.cgi?id=746561
  [ 8 ] Bug #747006 - SELinux is preventing abrt-dump-oops from 'open' accesses on the file /etc/abrt/abrt.conf.
        https://bugzilla.redhat.com/show_bug.cgi?id=747006
--------------------------------------------------------------------------------


================================================================================
 selinux-policy-3.10.0-46.fc16 (FEDORA-2011-14614)
 SELinux policy configuration
--------------------------------------------------------------------------------
Update Information:

2011-10-21: Added selinux-policy and updated SSSD with explicit Requires


FreeIPA:

== What happened to 2.1.2!? ==

Right after tagging 2.1.2 we found an upgrade issue that would have 
affected any users using the selfsign CA (installed with --selfsign). We 
decided to hold back the release, fix a few more bugs, and just push out 
2.1.3 instead about a week later. So here we are.

== Highlights in 2.1.3 ==

* Enforce that system hostname matches hostname of IPA server.
* Require that /etc/hosts is sane even when configuring DNS.
* Increase default server-side LDAP search limits.
* Client enrollment improvements including longer wait for sssd to 
start, recovery if discovered IPA server is not responsive and when 
anonymous bind is disabled in 389-ds.

== Highlights in 2.1.2 ==

* Upgrade older dogtag installs to use new PKI proxy configuration
* hbactest improvements
* Added platform-independent code to make ipa-client-install more portable
* Make client uninstaller more robust, should restore state more completely.
* UI usability improvements
* Tool for Enabling/Disabling Managed Entry Plugins
* Managed Entries configuration is now replicated
* IPv6 client enrollment improvements
* Man page improvements
* Performance improvements when calculating indirect membership
* Improved handling of disabled anonymous binds in 389-ds
* user is now prompted to enter current password when changing to a new
password
* ipa server now support multiple namingContexts. ipa-client-install and
password migration were fixed

== Upgrading ==

=== Server ===

To upgrade a 2.0.0, 2.0.1 or 2.1.0 server do the following:
  # yum update freeipa-server --enablerepo=updates-testing

This will pull in updated freeIPA, 389-ds, dogtag, libcurl and xmlrpc-c 
packages (and perhaps some others). A script will be executed in the rpm 
postinstall phase to update the IPA LDAP server with any required changes.

There is a bug reported against 389-ds, 
https://bugzilla.redhat.com/show_bug.cgi?id=730387, related to 
read-write locks. The NSPR RW lock implementation does not safely allow 
re-entrant use of reader
locks. This is a timing issue so it is difficult to predict. During 
testing one user experienced this and the upgrade hung. To break the 
hang kill the ns-slapd process for your realm, wait for the yum 
transaction to complete, then restart 389-ds and manually run the update 
process:

  # service dirsrv start
  # ipa-ldap-updater --update

=== Client ===

The ipa-client-install tool in the ipa-client package is just a 
configuration tool. There should be no need to re-run this on every 
client already enrolled.




SSSD:
== Highlights ==
 * Improved handling of users and groups with multi-valued name
attributes (aliases)
 * Performance enhancements
  * Initgroups on RFC2307bis/FreeIPA
  * HBAC rule processing
 * Improved process-hang detection and restarting
 * Enabled the midpoint cache refresh by default (fewer cache misses on
commonly-used entries)
 * Cleaned up the example configuration




389-ds-base:
 * fix config del/add mods
 * memberof is transaction aware resource
 * limits for simple paged results
 * Native systemd support
 * Fix for managed entry
 * Fixed source tarball
 * fix transaction support in ldbm_delete

--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 20 2011 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-46
- Policy update should not modify local contexts
* Thu Oct 20 2011 Dan Walsh <dwalsh at redhat.com> 3.10.0-45.1
- Allow systemd_passwd to talk to sock_files in systemd_passwd_var_run_t directories
* Thu Oct 20 2011 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-45
- Remove tzdata policy
* Thu Oct 20 2011 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-44
- Add labeling for udev
- Add cloudform policy
- Fixes for bootloader policy
* Wed Oct 19 2011 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-43
- Add policies for nova openstack
* Tue Oct 18 2011 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-42
- Add fixes for nova-stack policy
* Tue Oct 18 2011 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-41
- Allow svirt_lxc_domain to chr_file and blk_file devices if they are in the domain
- Allow init process to setrlimit on itself
- Take away transition rules for users executing ssh-keygen
- Allow setroubleshoot_fixit_t to read /dev/urand
- Allow sshd to relbale tunnel sockets
- Allow fail2ban domtrans to shorewall in the same way as with iptables
- Add support for lnk files in the /var/lib/sssd directory
- Allow system mail to connect to courier-authdaemon over an unix stream socket
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #699785 - Providing Native systemd service file for IPA
        https://bugzilla.redhat.com/show_bug.cgi?id=699785
  [ 2 ] Bug #741744 - MOD operations with chained delete/add get back error 53 on backend config
        https://bugzilla.redhat.com/show_bug.cgi?id=741744
  [ 3 ] Bug #743966 - Compiler warnings in account usability plugin
        https://bugzilla.redhat.com/show_bug.cgi?id=743966
  [ 4 ] Bug #740942 - allow resource limits to be set for paged searches independently of limits for other searches/operations
        https://bugzilla.redhat.com/show_bug.cgi?id=740942
  [ 5 ] Bug #742324 - allow nsslapd-idlistscanlimit to be set dynamically and per-user
        https://bugzilla.redhat.com/show_bug.cgi?id=742324
  [ 6 ] Bug #695736 - Providing native systemd file
        https://bugzilla.redhat.com/show_bug.cgi?id=695736
  [ 7 ] Bug #735114 - renaming a managed entry does not update mepmanagedby
        https://bugzilla.redhat.com/show_bug.cgi?id=735114
--------------------------------------------------------------------------------


================================================================================
 shiboken-1.0.9-1.fc16 (FEDORA-2011-14707)
 CPython bindings generator for C++ libraries
--------------------------------------------------------------------------------
Update Information:

PySide 1.0.8 bug fix release with initial Qt 4.8 support.

Detailed changelog is available from upstream announcements:

 - http://lists.pyside.org/pipermail/pyside/2011-September/002935.html
 - http://lists.pyside.org/pipermail/pyside/2011-October/003016.html
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 21 2011 Kalev Lember <kalevlember at gmail.com> - 1.0.9-1
- Update to 1.0.9
--------------------------------------------------------------------------------


================================================================================
 sigar-1.6.5-0.5.git58097d9.fc16 (FEDORA-2011-14706)
 System Information Gatherer And Reporter
--------------------------------------------------------------------------------
Update Information:

Give more accurate CPU counts using /proc/cpuinfo
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 21 2011 Zane Bitter <zbitter at redhat.com> - 1.6.4-0.5.git833ca18
- Get correct CPU counts on non-x86 architectures
* Mon Aug 29 2011 Zane Bitter <zbitter at redhat.com> - 1.6.5-0.4.git833ca18
- Get CPU counts from /proc/cpuinfo
  Resolves: #714249
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #747977 - matahari host agent reports wrong cpu core count
        https://bugzilla.redhat.com/show_bug.cgi?id=747977
--------------------------------------------------------------------------------


================================================================================
 smartmontools-5.42-1.fc16 (FEDORA-2011-14713)
 Tools for monitoring SMART capable hard disks
--------------------------------------------------------------------------------
Update Information:

- new smartctl option '-l devstat' (Device Statistics).
- new smartctl option '-l ssd' (SSD endurance indicator).
- smartd logs identify information of each SCSI/SAS device.
- smartd resends warning emails if problem reappears.
- new smartd directives '-l offlinests' and '-l selfteststs'.
- Many HDD, SSD and USB additions to drive database.
- Platform-specific man pages.
- smartd.8 man page no longer includes smartd.conf.5.
- Linux: Support for Areca controllers enhanced.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 21 2011 Michal Hlavinka <mhlavink at redhat.com> - 1:5.42-1
- smartmontools updated to 5.42
--------------------------------------------------------------------------------


================================================================================
 soprano-2.7.2-1.fc16 (FEDORA-2011-14705)
 Qt wrapper API to different RDF storage solutions
--------------------------------------------------------------------------------
Update Information:

New upstream bugfix release, build includes measures to reduce/limit debug log output
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 21 2011 Rex Dieter <rdieter at fedoraproject.org> 2.7.2-1
- soprano-2.7.2 (#747906)
- disable DEBUG for pre-rawhide builds (#746499)
* Sun Sep 25 2011 Rex Dieter <rdieter at fedoraproject.org> 2.7.1-1
- soprano-2.7.1 is available (#741005)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #747906 - soprano-2.7.2 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=747906
  [ 2 ] Bug #746499 - soprano-virtuoso.log becoming *huge* > 10GB
        https://bugzilla.redhat.com/show_bug.cgi?id=746499
--------------------------------------------------------------------------------


================================================================================
 spin-kickstarts-0.16.3-1.fc16 (FEDORA-2011-14701)
 Kickstart files and templates for creating your own Fedora Spins
--------------------------------------------------------------------------------
Update Information:

The security spin had a late change that I'd let to get on to the f16 final media.
Mostly this is to catch up the spin-kickstarts package with the spin-kickstarts repo before final freeze. But a couple of fixes for bugs have been committed to the repo that should be closed now.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 20 2011 Bruno Wolff III <bruno at wolff.to> 0.16.3-1
- Try to get updated security spin ks into f16 final
* Sat Oct 15 2011 Bruno Wolff III <bruno at wolff.to> 0.16.2-1
- Get an up to date version now that we are near f16 final freeze
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #739334 - Adjust service disabling for systemd, and remove some dead wood
        https://bugzilla.redhat.com/show_bug.cgi?id=739334
  [ 2 ] Bug #743386 - Ensure grub2 and grub-efi are both on the install media without making them 'default' in comps
        https://bugzilla.redhat.com/show_bug.cgi?id=743386
--------------------------------------------------------------------------------


================================================================================
 sssd-1.6.2-3.fc16 (FEDORA-2011-14614)
 System Security Services Daemon
--------------------------------------------------------------------------------
Update Information:

2011-10-21: Added selinux-policy and updated SSSD with explicit Requires


FreeIPA:

== What happened to 2.1.2!? ==

Right after tagging 2.1.2 we found an upgrade issue that would have 
affected any users using the selfsign CA (installed with --selfsign). We 
decided to hold back the release, fix a few more bugs, and just push out 
2.1.3 instead about a week later. So here we are.

== Highlights in 2.1.3 ==

* Enforce that system hostname matches hostname of IPA server.
* Require that /etc/hosts is sane even when configuring DNS.
* Increase default server-side LDAP search limits.
* Client enrollment improvements including longer wait for sssd to 
start, recovery if discovered IPA server is not responsive and when 
anonymous bind is disabled in 389-ds.

== Highlights in 2.1.2 ==

* Upgrade older dogtag installs to use new PKI proxy configuration
* hbactest improvements
* Added platform-independent code to make ipa-client-install more portable
* Make client uninstaller more robust, should restore state more completely.
* UI usability improvements
* Tool for Enabling/Disabling Managed Entry Plugins
* Managed Entries configuration is now replicated
* IPv6 client enrollment improvements
* Man page improvements
* Performance improvements when calculating indirect membership
* Improved handling of disabled anonymous binds in 389-ds
* user is now prompted to enter current password when changing to a new
password
* ipa server now support multiple namingContexts. ipa-client-install and
password migration were fixed

== Upgrading ==

=== Server ===

To upgrade a 2.0.0, 2.0.1 or 2.1.0 server do the following:
  # yum update freeipa-server --enablerepo=updates-testing

This will pull in updated freeIPA, 389-ds, dogtag, libcurl and xmlrpc-c 
packages (and perhaps some others). A script will be executed in the rpm 
postinstall phase to update the IPA LDAP server with any required changes.

There is a bug reported against 389-ds, 
https://bugzilla.redhat.com/show_bug.cgi?id=730387, related to 
read-write locks. The NSPR RW lock implementation does not safely allow 
re-entrant use of reader
locks. This is a timing issue so it is difficult to predict. During 
testing one user experienced this and the upgrade hung. To break the 
hang kill the ns-slapd process for your realm, wait for the yum 
transaction to complete, then restart 389-ds and manually run the update 
process:

  # service dirsrv start
  # ipa-ldap-updater --update

=== Client ===

The ipa-client-install tool in the ipa-client package is just a 
configuration tool. There should be no need to re-run this on every 
client already enrolled.




SSSD:
== Highlights ==
 * Improved handling of users and groups with multi-valued name
attributes (aliases)
 * Performance enhancements
  * Initgroups on RFC2307bis/FreeIPA
  * HBAC rule processing
 * Improved process-hang detection and restarting
 * Enabled the midpoint cache refresh by default (fewer cache misses on
commonly-used entries)
 * Cleaned up the example configuration




389-ds-base:
 * fix config del/add mods
 * memberof is transaction aware resource
 * limits for simple paged results
 * Native systemd support
 * Fix for managed entry
 * Fixed source tarball
 * fix transaction support in ldbm_delete

--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 21 2011 Stephen Gallagher <sgallagh at redhat.com> - 1.6.2-3
- Add explicit requirement on selinux-policy version to address new SBUS
  symlinks.
* Wed Oct 19 2011 Stephen Gallagher <sgallagh at redhat.com> - 1.6.2-2
- Remove %files reference to sss_debuglevel copied from wrong upstreeam
  spec file.
* Tue Oct 18 2011 Stephen Gallagher <sgallagh at redhat.com> - 1.6.2-1
- Improved handling of users and groups with multi-valued name attributes
  (aliases)
- Performance enhancements
    Initgroups on RFC2307bis/FreeIPA
    HBAC rule processing
- Improved process-hang detection and restarting
- Enabled the midpoint cache refresh by default (fewer cache misses on
  commonly-used entries)
- Cleaned up the example configuration
- New tool to change debug level on the fly
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #699785 - Providing Native systemd service file for IPA
        https://bugzilla.redhat.com/show_bug.cgi?id=699785
  [ 2 ] Bug #741744 - MOD operations with chained delete/add get back error 53 on backend config
        https://bugzilla.redhat.com/show_bug.cgi?id=741744
  [ 3 ] Bug #743966 - Compiler warnings in account usability plugin
        https://bugzilla.redhat.com/show_bug.cgi?id=743966
  [ 4 ] Bug #740942 - allow resource limits to be set for paged searches independently of limits for other searches/operations
        https://bugzilla.redhat.com/show_bug.cgi?id=740942
  [ 5 ] Bug #742324 - allow nsslapd-idlistscanlimit to be set dynamically and per-user
        https://bugzilla.redhat.com/show_bug.cgi?id=742324
  [ 6 ] Bug #695736 - Providing native systemd file
        https://bugzilla.redhat.com/show_bug.cgi?id=695736
  [ 7 ] Bug #735114 - renaming a managed entry does not update mepmanagedby
        https://bugzilla.redhat.com/show_bug.cgi?id=735114
--------------------------------------------------------------------------------


================================================================================
 telepathy-salut-0.6.0-1.fc16 (FEDORA-2011-14710)
 Link-local XMPP telepathy connection manager
--------------------------------------------------------------------------------
Update Information:

Latest stable release.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Oct 18 2011 Brian Pepple <bpepple at fedoraproject.org> - 0.6.0-1
- Update to 0.6.0.
--------------------------------------------------------------------------------


================================================================================
 zeitgeist-0.8.2-1.fc16 (FEDORA-2011-14696)
 Framework providing Desktop activity awareness
--------------------------------------------------------------------------------
Update Information:

Update to 0.8.2 release.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Oct 18 2011 Deji Akingunola <dakingun at gmail.com> - 0.8.2-1
- Update to 0.8.2
- Restart the zeitgeist daemon on update (BZ #627982)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #746617 - Update to zeitgeist .0.82
        https://bugzilla.redhat.com/show_bug.cgi?id=746617
--------------------------------------------------------------------------------

More information about the test mailing list