Fedora 16 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Sat Apr 14 23:24:09 UTC 2012


The following Fedora 16 Security updates need testing:

    https://admin.fedoraproject.org/updates/FEDORA-2012-5624/phpMyAdmin-3.5.0-1.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-4946/freetype-2.4.6-5.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-5058/expat-2.1.0-1.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-5155/perl-Pod-Plainer-1.03-1.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-5833/python3-3.2.3-1.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-5832/gallery3-3.0.3-1.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-5806/gallery2-2.3.2-1.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-5919/kde-partitionmanager-1.0.3-7.20120205svn.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-5411/quagga-0.99.20.1-1.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-5924/python-2.7.3-1.fc16,python-docs-2.7.3-1.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-5909/wicd-1.7.0-13.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-5243/wireshark-1.6.6-1.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-5434/tremulous-1.2.0-0.5.beta1.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-5410/libtiff-3.9.5-3.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-5421/rpm-4.9.1.3-1.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2011-14691/tomcat6-6.0.32-19.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-5518/libpng-1.2.49-1.fc16


The following Fedora 16 Critical Path updates have yet to be approved:

    https://admin.fedoraproject.org/updates/FEDORA-2012-5924/python-2.7.3-1.fc16,python-docs-2.7.3-1.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-5906/rsyslog-5.8.10-1.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-5750/PackageKit-0.6.22-1.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-5669/v4l-utils-0.8.7-1.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-5518/libpng-1.2.49-1.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-5410/libtiff-3.9.5-3.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-5396/gdb-7.3.50.20110722-14.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-5421/rpm-4.9.1.3-1.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-5400/NetworkManager-0.9.4-2.git20120403.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-5274/gnome-settings-daemon-3.2.3-1.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-5236/virtuoso-opensource-6.1.5-2.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-5227/akonadi-1.7.2-1.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-5148/flac-1.2.1-8.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-5086/nss-util-3.13.4-2.fc16,nss-3.13.4-2.fc16,nss-softokn-3.13.4-1.fc16,nspr-4.9-2.fc16
    https://admin.fedoraproject.org/updates/FEDORA-2012-5022/xorg-x11-server-1.11.4-3.fc16


The following builds have been pushed to Fedora 16 updates-testing

    drupal6-views-2.16-2.fc16
    kde-partitionmanager-1.0.3-7.20120205svn.fc16
    oxygen-gtk2-1.2.3-1.fc16
    oxygen-gtk3-1.0.3-1.fc16
    perl-HTTP-Exception-0.04001-1.fc16
    perl-Net-GitHub-0.44-1.fc16
    python-2.7.3-1.fc16
    python-docs-2.7.3-1.fc16
    rsyslog-5.8.10-1.fc16
    rubygem-dynect_rest-0.4.3-1.fc16
    sugar-maze-17-1.fc16
    sugar-turtleart-138-1.fc16
    wicd-1.7.0-13.fc16

Details about builds:


================================================================================
 drupal6-views-2.16-2.fc16 (FEDORA-2012-5911)
 Provides a method for site designers to control content presentation
--------------------------------------------------------------------------------
Update Information:

Latest upstream.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.16-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Nov 15 2011 Jon Ciesla <limb at jcomserv.net> - 2.16-1
- Update to 2.16, BZ 754076.
* Fri Nov  4 2011 Jon Ciesla <limb at jcomserv.net> - 2.14-1
- Update to 2.14, BZ 751044.
--------------------------------------------------------------------------------


================================================================================
 kde-partitionmanager-1.0.3-7.20120205svn.fc16 (FEDORA-2012-5919)
 KDE Partition Manager
--------------------------------------------------------------------------------
Update Information:

Enabled PIE as requested by change in Packaging Guidelines.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 13 2012 Mattia Verga <mattia.verga at tiscali.it> - 1.0.3-7.20120205svn
- Enable PIE following change in Pakaging Guidelines
* Wed Mar 14 2012 Mattia Verga <mattia.verga at tiscali.it> - 1.0.3-6.20120205svn
- Rebuilt for parted-3.1
--------------------------------------------------------------------------------


================================================================================
 oxygen-gtk2-1.2.3-1.fc16 (FEDORA-2012-5910)
 Oxygen GTK+2 theme
--------------------------------------------------------------------------------
Update Information:

oxygen-gtk2-1.2.3

oxygen-gtk3-1.0.3

See https://projects.kde.org/news/134
--------------------------------------------------------------------------------
ChangeLog:

* Sat Apr 14 2012 Alexey Kurov <nucleo at fedoraproject.org> - 1.2.3-1
- oxygen-gtk2-1.2.3
--------------------------------------------------------------------------------


================================================================================
 oxygen-gtk3-1.0.3-1.fc16 (FEDORA-2012-5910)
 Oxygen GTK+3 theme
--------------------------------------------------------------------------------
Update Information:

oxygen-gtk2-1.2.3

oxygen-gtk3-1.0.3

See https://projects.kde.org/news/134
--------------------------------------------------------------------------------
ChangeLog:

* Sat Apr 14 2012 Alexey Kurov <nucleo at fedoraproject.org> - 1:1.0.3-1
- oxygen-gtk3-1.0.3
--------------------------------------------------------------------------------


================================================================================
 perl-HTTP-Exception-0.04001-1.fc16 (FEDORA-2012-5912)
 Throw HTTP-Errors as (Exception::Class-) Exceptions
--------------------------------------------------------------------------------
Update Information:

This package updates HTTP::Exception to 0.04001, more compatible with HTTP::Message 6.03 than previous versions.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Feb 25 2012 Emmanuel Seyman <emmanuel.seyman at club-internet.fr> - 0.04001-1
- Update to 0.04001
* Tue Feb 21 2012 Emmanuel Seyman <emmanuel.seyman at club-internet.fr> - 0.04000-1
- Update to 0.04 (using the version 0.04000 for rpm's sake)
- Move from the Build.PL method to the Makefile.PL one
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.03001-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #812293 - use HTTP::Exception prints warning Having no space between pattern and following word is deprecated
        https://bugzilla.redhat.com/show_bug.cgi?id=812293
--------------------------------------------------------------------------------


================================================================================
 perl-Net-GitHub-0.44-1.fc16 (FEDORA-2012-5921)
 Perl interface for github.com
--------------------------------------------------------------------------------
Update Information:

Github is phasing out old v1 and v2 APIs by May 2012.  Switch to v3 by default.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 13 2012 Petr Šabata <contyk at redhat.com> - 0.44-1
- 0.44 bump
- Github is removing support of v1 and v2 API on May 1, 2012
  This version makes v3 the default
* Fri Mar 23 2012 Petr Šabata <contyk at redhat.com> - 0.42-1
- 0.42 bump
- Remove trailing newlines
* Thu Mar 22 2012 Petr Šabata <contyk at redhat.com> - 0.41-1
- 0.41 bump, switching to v3 API
- Remove command macros
- Upstream no longer ships examples
* Tue Jan 17 2012 Petr Šabata <contyk at redhat.com> - 0.30-1
- 0.30 bump
- Spec cleanup
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.28-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #812304 - perl-Net-GitHub-0.44 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=812304
--------------------------------------------------------------------------------


================================================================================
 python-2.7.3-1.fc16 (FEDORA-2012-5924)
 An interpreted, interactive, object-oriented programming language
--------------------------------------------------------------------------------
Update Information:

Rebase of Python 2 ("python" and "python-docs") from 2.7.2 to 2.7.3 bringing in security fixes, along with other bugfixes.

See http://python.org/download/releases/2.7.3/
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 13 2012 David Malcolm <dmalcolm at redhat.com> - 2.7.3-1
- 2.7.3; refresh patches 102 (lib64) and 112 (debug build); revise patch 127
(test_structmember); drop upstream patches 11 (tolower) and 115 (pydoc
robustness); add python2.pc to python-devel; regenerate the autotool
intermediates patch (patch 300)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #750555 - CVE-2012-1150 python: hash table collisions CPU usage DoS (oCERT-2011-003)
        https://bugzilla.redhat.com/show_bug.cgi?id=750555
  [ 2 ] Bug #789790 - CVE-2012-0845 python: SimpleXMLRPCServer CPU usage DoS via malformed XML-RPC request
        https://bugzilla.redhat.com/show_bug.cgi?id=789790
  [ 3 ] Bug #812068 - python: SSL CBC IV vulnerability (CVE-2011-3389, BEAST)
        https://bugzilla.redhat.com/show_bug.cgi?id=812068
--------------------------------------------------------------------------------


================================================================================
 python-docs-2.7.3-1.fc16 (FEDORA-2012-5924)
 Documentation for the Python programming language
--------------------------------------------------------------------------------
Update Information:

Rebase of Python 2 ("python" and "python-docs") from 2.7.2 to 2.7.3 bringing in security fixes, along with other bugfixes.

See http://python.org/download/releases/2.7.3/
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 13 2012 David Malcolm <dmalcolm at redhat.com> - 2.7.3-1
- 2.7.3
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #750555 - CVE-2012-1150 python: hash table collisions CPU usage DoS (oCERT-2011-003)
        https://bugzilla.redhat.com/show_bug.cgi?id=750555
  [ 2 ] Bug #789790 - CVE-2012-0845 python: SimpleXMLRPCServer CPU usage DoS via malformed XML-RPC request
        https://bugzilla.redhat.com/show_bug.cgi?id=789790
  [ 3 ] Bug #812068 - python: SSL CBC IV vulnerability (CVE-2011-3389, BEAST)
        https://bugzilla.redhat.com/show_bug.cgi?id=812068
--------------------------------------------------------------------------------


================================================================================
 rsyslog-5.8.10-1.fc16 (FEDORA-2012-5906)
 Enhanced system logging and kernel message trapping daemon
--------------------------------------------------------------------------------
Update Information:

- upgrade to new upstream stable version 5.8.10
- add impstats and imptcp modules
- include new license text files
- consider lock file in 'status' action

--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 13 2012 Tomas Heinrich <theinric at redhat.com> 5.8.10-1
- upgrade to new upstream stable version 5.8.10
- add impstats and imptcp modules
- include new license text files
- consider lock file in 'status' action
--------------------------------------------------------------------------------


================================================================================
 rubygem-dynect_rest-0.4.3-1.fc16 (FEDORA-2012-5914)
 Dynect REST API library
--------------------------------------------------------------------------------
Update Information:

Update to 0.4.3
Upstream update to 0.4.1
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 13 2012 Russell Harrison <rharriso at redhat.com> 0.4.3-1
- Update to 0.4.3
* Thu Mar 29 2012 Russell Harrison <rharriso at redhat.com> 0.4.1-1
- Update to 0.4.1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #811530 - rubygem-dynect_rest-0.4.3 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=811530
  [ 2 ] Bug #808020 - rubygem-dynect_rest-0.4.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=808020
--------------------------------------------------------------------------------


================================================================================
 sugar-maze-17-1.fc16 (FEDORA-2012-5918)
 Maze for Sugar
--------------------------------------------------------------------------------
Update Information:

New Release V 17
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 13 2012 Kalpa Welivitigoda <callkalpa at gmail.com> - 17-1
- Release 17
--------------------------------------------------------------------------------


================================================================================
 sugar-turtleart-138-1.fc16 (FEDORA-2012-5907)
 Turtle Art activity for sugar
--------------------------------------------------------------------------------
Update Information:

New v138 release
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 13 2012 Peter Robinson <pbrobinson at fedoraproject.org> - 138-1
- New 138 release
* Tue Apr  3 2012 Peter Robinson <pbrobinson at fedoraproject.org> - 137-1
- New 137 release
--------------------------------------------------------------------------------


================================================================================
 wicd-1.7.0-13.fc16 (FEDORA-2012-5909)
 Wireless and wired network connection manager
--------------------------------------------------------------------------------
Update Information:

This update fixes CVE-2012-2095.  The wicd daemon suffered from a local privilege escalation flaw due to incomplete input sanitization.  A local attacker sould use this to inject arbitrary code through the D-Bus interface.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 13 2012 David Cantrell <dcantrell at redhat.com> - 1.7.0-13
- Fix CVE-2012-2095 (#811763)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #811762 - CVE-2012-2095 wicd: broken filtering leads to arbitrary code execution
        https://bugzilla.redhat.com/show_bug.cgi?id=811762
--------------------------------------------------------------------------------



More information about the test mailing list