Fedora 15 updates-testing report

Thu Sep 29 23:33:15 UTC 2011

The following Fedora 15 Security updates need testing:

    https://admin.fedoraproject.org/updates/quagga-0.99.19-1.fc15
    https://admin.fedoraproject.org/updates/puppet-2.6.6-2.fc15
    https://admin.fedoraproject.org/updates/perl-FCGI-0.74-1.fc15
    https://admin.fedoraproject.org/updates/tomcat6-6.0.32-8.fc15
    https://admin.fedoraproject.org/updates/drupal6-views_bulk_operations-1.11-1.fc15
    https://admin.fedoraproject.org/updates/bcfg2-1.1.3-1.fc15
    https://admin.fedoraproject.org/updates/cyrus-imapd-2.4.11-1.fc15
    https://admin.fedoraproject.org/updates/php-5.3.8-3.fc15
    https://admin.fedoraproject.org/updates/openttd-1.1.3-1.fc15
    https://admin.fedoraproject.org/updates/thunderbird-7.0-1.fc15

The following Fedora 15 Critical Path updates have yet to be approved:

    https://admin.fedoraproject.org/updates/livecd-tools-15.10-1.fc15
    https://admin.fedoraproject.org/updates/system-setup-keyboard-0.8.7-2.fc15
    https://admin.fedoraproject.org/updates/gdb-7.3-44.fc15
    https://admin.fedoraproject.org/updates/evolution-data-server-3.0.3.1-1.fc15
    https://admin.fedoraproject.org/updates/tzdata-2011k-0.1.20110921.fc15
    https://admin.fedoraproject.org/updates/m4-1.4.16-2.fc15
    https://admin.fedoraproject.org/updates/xfwm4-4.8.1-3.fc15
    https://admin.fedoraproject.org/updates/redhat-rpm-config-9.1.0-13.fc15
    https://admin.fedoraproject.org/updates/sendmail-8.14.5-2.fc15.1
    https://admin.fedoraproject.org/updates/xorg-x11-drv-qxl-0.0.21-5.fc15
    https://admin.fedoraproject.org/updates/openldap-2.4.24-5.fc15
    https://admin.fedoraproject.org/updates/lldpad-0.9.41-4.fc15
    https://admin.fedoraproject.org/updates/selinux-policy-3.9.16-39.fc15
    https://admin.fedoraproject.org/updates/evolution-mapi-3.0.3-2.fc15,evolution-exchange-3.0.3-1.fc15,evolution-3.0.3-1.fc15,evolution-data-server-3.0.3-1.fc15,gtkhtml3-4.0.2-1.fc15
    https://admin.fedoraproject.org/updates/nspr-4.8.8-4.fc15
    https://admin.fedoraproject.org/updates/nss-softokn-3.12.10-4.fc15
    https://admin.fedoraproject.org/updates/mash-0.5.22-1.fc15
    https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-14.fc15.1
    https://admin.fedoraproject.org/updates/libfprint-0.4.0-1.fc15,fprintd-0.4.1-1.fc15

The following builds have been pushed to Fedora 15 updates-testing

    askbot-0.7.23-1.fc15
    cheese-3.0.2-2.fc15
    django-authenticator-0.1.4-2.fc15
    fftw-3.3-2.fc15
    firebird-2.5.1.26349.O-1.fc15
    gettext-0.18.1.1-8.fc15
    ghc-attoparsec-enumerator-0.2.0.4-2.fc15
    ibus-m17n-1.3.3-5.fc15
    livecd-tools-15.10-1.fc15
    mc-4.7.5.5-1.fc15
    proftpd-1.3.4-0.14.rc3.fc15
    puppet-2.6.6-2.fc15
    pypy-1.6-4.fc15
    python-easygui-0.96-1.fc15
    quagga-0.99.19-1.fc15
    scala-2.8.2-1.fc15
    shorewall-4.4.23.3-1.fc15
    tracker-0.10.29-1.fc15
    xscreensaver-5.15-1.fc15

Details about builds:

================================================================================
 askbot-0.7.23-1.fc15 (FEDORA-2011-13500)
 Question and Answer forum
--------------------------------------------------------------------------------
Update Information:

fix group and description

update httpd configuration for upfiles

update to 0.7.33

* greeting for anonymous users can be changed from live settings (Hrishi)

* greeting for anonymous users is shown only once (Rag Sagar)

* added support for akismet spam detection service (Adolfo Fitoria)

* added noscript message (Arun SAG)

* support for url shortening with tinyurl on link sharing (Rtnpro)

* allowed logging in with password and email in the place of login name (Evgeny)

* added config settings allowing adjusting of license information (Evgeny)

--------------------------------------------------------------------------------

================================================================================
 cheese-3.0.2-2.fc15 (FEDORA-2011-13517)
 Application for taking pictures and movies from a webcam
--------------------------------------------------------------------------------
Update Information:

- New upstream bug fix release 3.0.2
- This fixes cheese sometimes crashing when selecting an effect
- Add Requires: gstreamer-plugins-bad-free for the camerabin element

--------------------------------------------------------------------------------
ChangeLog:

* Thu Sep 29 2011 Hans de Goede <hdegoede at redhat.com> - 1:3.0.2-2
- Add Requires: gstreamer-plugins-bad-free for the camerabin element (#717872)
* Tue Sep 27 2011 Hans de Goede <hdegoede at redhat.com> - 1:3.0.2-1
- Update to 3.0.2
- This fixes the crash on changing effect (rhbz#701039)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #717872 - cheese-window.vala:1258: Error: One or more needed GStreamer elements are missing: camerabin.
        https://bugzilla.redhat.com/show_bug.cgi?id=717872
  [ 2 ] Bug #701039 - Can not change effect
        https://bugzilla.redhat.com/show_bug.cgi?id=701039
--------------------------------------------------------------------------------

================================================================================
 django-authenticator-0.1.4-2.fc15 (FEDORA-2011-13466)
 Authentication client for django
--------------------------------------------------------------------------------
Update Information:

new package
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #739832 - Review Request: django-authenticator - authentication client for django
        https://bugzilla.redhat.com/show_bug.cgi?id=739832
--------------------------------------------------------------------------------

================================================================================
 fftw-3.3-2.fc15 (FEDORA-2011-13510)
 A Fast Fourier Transform library
--------------------------------------------------------------------------------
Update Information:

Update to 3.3 series, bringing performance boosts and quadruple precision support.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jul 30 2011 Jussi Lehtola <jussilehtola at fedoraproject.org> - 3.3-2
- Conditionalize OpenMP and quadruple precision support based on capabilities
  of system compiler.
* Thu Jul 28 2011 Jussi Lehtola <jussilehtola at fedoraproject.org> - 3.3-1
- Update to 3.3.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #716945 - Update fftw to 3.3 series
        https://bugzilla.redhat.com/show_bug.cgi?id=716945
--------------------------------------------------------------------------------

================================================================================
 firebird-2.5.1.26349.O-1.fc15 (FEDORA-2011-13509)
 SQL relational database management system
--------------------------------------------------------------------------------
Update Information:

this is Firebird 2.5.1 update release
--------------------------------------------------------------------------------
ChangeLog:

* Thu Sep 29 2011 Philippe Makowski <makowski at fedoraproject.org>  2.5.1.26349.0-1
- new upstream (bug fix release)
- added patch from upstream to fix Firebird CORE-3610
--------------------------------------------------------------------------------

================================================================================
 gettext-0.18.1.1-8.fc15 (FEDORA-2011-13508)
 GNU libraries and utilities for producing multi-lingual messages
--------------------------------------------------------------------------------
Update Information:

Upstream patch to gnulib tests to accept EINVAL from readlink and readlinkat on empty files.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Sep 28 2011 Jens Petersen <petersen at redhat.com> - 0.18.1.1-8
- add gettext-readlink-einval.patch to fix build on kernel >= 2.6.39 (#739188)
- add optional buildrequires suggested in the DEPENDENCIES file
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #739188 - FTBFS: gettext 0.18.1.1 on kernel >= 2.6.39
        https://bugzilla.redhat.com/show_bug.cgi?id=739188
--------------------------------------------------------------------------------

================================================================================
 ghc-attoparsec-enumerator-0.2.0.4-2.fc15 (FEDORA-2011-13522)
 Haskell attoparsec to iteree library
--------------------------------------------------------------------------------
Update Information:

Haskell attoparsec to iteree library
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #740283 - Review Request: ghc-attoparsec-enumerator - Haskell attoparsec to enumerator library
        https://bugzilla.redhat.com/show_bug.cgi?id=740283
--------------------------------------------------------------------------------

================================================================================
 ibus-m17n-1.3.3-5.fc15 (FEDORA-2011-13514)
 The M17N engine for IBus platform
--------------------------------------------------------------------------------
Update Information:

* hide status prop if the status string is equal to the IM title
--------------------------------------------------------------------------------
ChangeLog:

* Thu Sep 29 2011 Daiki Ueno <dueno at redhat.com> - 1.3.3-5
- Add ibus-m17n-hide-title-status.patch.
- Fix bug 741157 - ibus-m17n: m17n "title" variable appears as a
  dormant button on the language panel
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #741157 - ibus-m17n: m17n "title" variable appears as a dormant button on the language panel
        https://bugzilla.redhat.com/show_bug.cgi?id=741157
--------------------------------------------------------------------------------

================================================================================
 livecd-tools-15.10-1.fc15 (FEDORA-2011-13512)
 Tools for building live CDs
--------------------------------------------------------------------------------
Update Information:

Add the rest of the patches needed to get EFI USB stick creation working.
Make sure F15 can create EFI USB sticks from the F16 DVD iso.
- Ensure previous filesystems are wiped when formatting (#712553) (bcl)
- Use copyFile on the iso (bcl)
- Use rsync to copy if available (bcl)
- Turn on the legacy_boot flag for EFI (#680563) (bcl)
- Add initial support for ARM architectures (martin.langhoff)

--------------------------------------------------------------------------------
ChangeLog:

* Thu Sep 29 2011 Brian C. Lane <bcl at redhat.com> - 15.10-1
- Version 15.10 (bcl)
- Images go into $SYSLINUXPATH (bcl)
- Add extracting BOOTX64.efi from iso (#688258) (bcl)
- Add repo to DVD EFI install config file (#688258) (bcl)
- Add EFI support to netboot (#688258) (bcl)
* Tue Sep 27 2011 Brian C. Lane <bcl at redhat.com> - 15.9-1
- Version 15.9 (bcl)
- Support /EFI/BOOT or /EFI/boot (#688258) (bcl)
* Tue Aug 30 2011 Brian C. Lane <bcl at redhat.com> - 15.8-1
- Version 15.8 (bcl)
- Ensure previous filesystems are wiped when formatting (#712553) (bcl)
- Use copyFile on the iso (bcl)
- Use rsync to copy if available (bcl)
- Turn on the legacy_boot flag for EFI (#680563) (bcl)
- Add initial support for ARM architectures (martin.langhoff)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #688258 - Looks for /EFI/boot instead of /EFI/BOOT
        https://bugzilla.redhat.com/show_bug.cgi?id=688258
--------------------------------------------------------------------------------

================================================================================
 mc-4.7.5.5-1.fc15 (FEDORA-2011-13498)
 User-friendly text console file manager and visual shell
--------------------------------------------------------------------------------
Update Information:

update to 4.7.5.5
--------------------------------------------------------------------------------
ChangeLog:

* Thu Sep 29 2011 Jindrich Novy <jnovy at redhat.com> 4.7.5.5-1
- update to 4.7.5.5
* Thu Sep 15 2011 Jindrich Novy <jnovy at redhat.com> 4.7.5.4-1
- update to 4.7.5.4
--------------------------------------------------------------------------------

================================================================================
 proftpd-1.3.4-0.14.rc3.fc15 (FEDORA-2011-13506)
 Flexible, stable and highly-configurable FTP server
--------------------------------------------------------------------------------
Update Information:

This is the latest release candidate for proftpd 1.3.4 from upstream, which rolls up many bug fixes.

Highlights include:

* The mod_ldap configuration directives have changed to a simplified version; please read the "Changes" section in README.LDAP for details
* Support for using RADIUS for authentication SSH2 logins, and for supporting the NAS-IPv6-Address RADIUS attribute
* <Limit WRITE> now prevents renaming/moving a file out of the limited directory
* ExtendedLog entries now written for data transfers that time out

It also includes a fix for mod_sql_mysql (Bug 718327), though that also requires a fix for mysql itself (Bug 742222).
--------------------------------------------------------------------------------
ChangeLog:

* Thu Sep 29 2011 Paul Howarth <paul at city-fan.org> 1.3.4-0.14.rc3
- Update to 1.3.4rc3 (see NEWS and RELEASE_NOTES for full details)
  - The mod_ldap configuration directives have changed to a simplified version;
    please read the "Changes" section in README.LDAP for details
  - Support for using RADIUS for authentication SSH2 logins, and for supporting
    the NAS-IPv6-Address RADIUS attribute
  - Automatically disable sendfile support on AIX systems
  - <Limit WRITE> now prevents renaming/moving a file out of the limited
    directory
  - ExtendedLog entries now written for data transfers that time out
- Drop upstreamed patches
- Use new --disable-strip option to retain debugging symbols
- Use upstream LDAP quota table schema rather than our own copy
- Add patch for broken MySQL auth (#718327, upstream bug 3669)
- Remove spurious exec permissions on systemd unit file
* Tue Sep 27 2011 Paul Howarth <paul at city-fan.org> 1.3.4-0.13.rc2
- Restore back-compatibility with older releases and EPEL, broken by -11 update
- Use /run rather than /var/run if using systemd init
- Avoid the use of triggers in SysV-to-systemd migration
* Sat Sep 17 2011 Remi Collet <remi at fedoraproject.org> 1.3.4-0.12.rc2
- Rebuild against libmemcached.so.8
* Mon Sep 12 2011 Tom Callaway <spot at fedoraproject.org> 1.3.4-0.11.rc2
- Convert to systemd
* Fri Jun  3 2011 Paul Howarth <paul at city-fan.org> 1.3.4-0.10.rc2
- Rebuild for new libmemcached in Rawhide
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #718327 - Mysql AUTH no work...
        https://bugzilla.redhat.com/show_bug.cgi?id=718327
--------------------------------------------------------------------------------

================================================================================
 puppet-2.6.6-2.fc15 (FEDORA-2011-13520)
 A network tool for managing many disparate systems
--------------------------------------------------------------------------------
Update Information:

A vulnerability was discovered in puppet that would allow an attacker to install a valid X509 Certificate Signing Request at any location on disk, with the privileges of the Puppet Master application.  For Fedora and EPEL, this is the puppet user.

Further details can be found in the upstream announcement:

http://groups.google.com/group/puppet-users/browse_thread/thread/e57ce2740feb9406

Unless you enable puppet's listen mode on clients, only the puppet master is vulnerable to this issue.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 27 2011 Todd Zullinger <tmz at pobox.com> - 2.6.6-2
- Apply upstream patch for CVE-2011-3848
--------------------------------------------------------------------------------

================================================================================
 pypy-1.6-4.fc15 (FEDORA-2011-13521)
 Python implementation with a Just-In-Time compiler
--------------------------------------------------------------------------------
Update Information:

Rebase to 1.6
--------------------------------------------------------------------------------
ChangeLog:

* Thu Aug 25 2011 David Malcolm <dmalcolm at redhat.com> - 1.6-4
- fix SkipTest function to avoid corrupting the name of "test_gdbm"
* Thu Aug 25 2011 David Malcolm <dmalcolm at redhat.com> - 1.6-3
- add rpm macros file to the devel subpackage (source 2)
- skip some tests that can't pass yet
* Sat Aug 20 2011 David Malcolm <dmalcolm at redhat.com> - 1.6-2
- work around test_subprocess failure seen in koji (patch 5)
* Thu Aug 18 2011 David Malcolm <dmalcolm at redhat.com> - 1.6-1
- 1.6
- rewrite the %check section, introducing per-test timeouts
* Tue Aug  2 2011 David Malcolm <dmalcolm at redhat.com> - 1.5-2
- add pypytrace-mode.el to the pypy-libs subpackage, for viewing JIT trace
logs in emacs
--------------------------------------------------------------------------------

================================================================================
 python-easygui-0.96-1.fc15 (FEDORA-2011-13519)
 Very simple, very easy GUI programming in Python
--------------------------------------------------------------------------------
Update Information:

New package

--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #702018 - Review Request: python-easygui - Very simple, very easy GUI programming in Python
        https://bugzilla.redhat.com/show_bug.cgi?id=702018
--------------------------------------------------------------------------------

================================================================================
 quagga-0.99.19-1.fc15 (FEDORA-2011-13504)
 Routing daemon
--------------------------------------------------------------------------------
Update Information:

fixes CVE-2011-332{3..7}
update to latest upstream 0.99.19
--------------------------------------------------------------------------------
ChangeLog:

* Thu Sep 29 2011 Jiri Skala <jskala at redhat.com> - 0.99.19-1
- fixes #741343 - CVE-2011-3323 CVE-2011-3324 CVE-2011-3325 CVE-2011-3326 CVE-2011-3327
- fixes #741580 - updated to latest upstream version 0.99.19
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #738393 - CVE-2011-3323 Quagga (ospf6d): Stack-based buffer overflow while decoding Link State Update packet with malformed Inter Area Prefix LSA
        https://bugzilla.redhat.com/show_bug.cgi?id=738393
  [ 2 ] Bug #738394 - CVE-2011-3324 Quagga (ospf6d): Denial of service by decoding malformed Database Description packet headers
        https://bugzilla.redhat.com/show_bug.cgi?id=738394
  [ 3 ] Bug #738396 - CVE-2011-3325 Quagga (ospfd): Denial of service by decoding too short Hello packet or Hello packet with invalid OSPFv2 header type
        https://bugzilla.redhat.com/show_bug.cgi?id=738396
  [ 4 ] Bug #738398 - CVE-2011-3326 Quagga (ospfd): Denial of service by decoding Link State Update LSAs of unknown type
        https://bugzilla.redhat.com/show_bug.cgi?id=738398
  [ 5 ] Bug #738400 - CVE-2011-3327 Quagga (bgpd): Heap-based buffer overflow by decoding BGP UPDATE message with unknown AS_PATH attributes
        https://bugzilla.redhat.com/show_bug.cgi?id=738400
--------------------------------------------------------------------------------

================================================================================
 scala-2.8.2-1.fc15 (FEDORA-2011-13497)
 A hybrid functional/object-oriented language for the JVM
--------------------------------------------------------------------------------
Update Information:

Upstream Maintenence release.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Sep 28 2011 Jochen Schmitt <Jochen herr-schmitt de> - 2.8.2-1
- New upstream release
--------------------------------------------------------------------------------

================================================================================
 shorewall-4.4.23.3-1.fc15 (FEDORA-2011-13505)
 An iptables front end for firewall configuration
--------------------------------------------------------------------------------
Update Information:

Update to 4.4.23.3. Release notes: http://www1.shorewall.net/pub/shorewall/4.4/shorewall-4.4.23/releasenotes.txt
--------------------------------------------------------------------------------
ChangeLog:

--------------------------------------------------------------------------------

================================================================================
 tracker-0.10.29-1.fc15 (FEDORA-2011-13503)
 Desktop-neutral search tool and indexer
--------------------------------------------------------------------------------
Update Information:

Update to latest upstream bugfix release.
Changes indexing defaults.
Update to the latest upstream bug-fix release.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 27 2011 Deji Akingunola <dakingun at gmail.com> - 0.10.29-1
- Update to 0.10.29
* Fri Sep 23 2011 Deji Akingunola <dakingun at gmail.com> - 0.10.28-1
- Update to 0.10.28
* Fri Sep 16 2011 Deji Akingunola <dakingun at gmail.com> - 0.10.27-1
- Update to 0.10.27
--------------------------------------------------------------------------------

================================================================================
 xscreensaver-5.15-1.fc15 (FEDORA-2011-13511)
 X screen saver and locker
--------------------------------------------------------------------------------
Update Information:

New version 5.15 is released.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Sep 30 2011 Mamoru Tasaka <mtasaka at fedoraproject.org> - 1:5.15-1
- Update to 5.15
--------------------------------------------------------------------------------