Fedora 15 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Wed Mar 21 02:42:16 UTC 2012
The following Fedora 15 Security updates need testing:
https://admin.fedoraproject.org/updates/FEDORA-2012-3414/python-sqlalchemy0.5-0.5.8-9.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-3483/kdelibs-4.6.5-11.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-4308/libtasn1-2.12-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-3715/kernel-2.6.42.12-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-0752/jetty-6.1.26-7.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-4259/asterisk-1.8.10.1-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-4268/taglib-1.7.1-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-3705/libpng-1.2.48-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-1838/thunderbird-10.0.1-2.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-3068/iproute-2.6.38.1-6.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-4006/nginx-1.0.14-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-4024/systemd-26-18.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-2413/python-paste-script-1.7.5-4.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-4070/gnash-0.8.10-2.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-4077/php-pear-CAS-1.3.0-2.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-17233/tor-0.2.1.32-1500.fc15
The following Fedora 15 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/FEDORA-2012-4308/libtasn1-2.12-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-4075/gdb-7.3.1-48.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-4024/systemd-26-18.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-4052/phonon-4.5.1-3.fc15
https://admin.fedoraproject.org/updates/lm_sensors-3.3.2-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-4026/thunderbird-11.0-5.fc15,thunderbird-lightning-1.3-3.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-4286/selinux-policy-3.9.16-52.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-3754/libssh2-1.2.7-3.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-3705/libpng-1.2.48-1.fc15
https://admin.fedoraproject.org/updates/llvm-2.8-15.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-3543/elfutils-0.153-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-3483/kdelibs-4.6.5-11.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-3487/krb5-1.9.3-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-3300/gcc-4.6.3-2.fc15,libtool-2.4-9.fc15
https://admin.fedoraproject.org/updates/FEDORA-2012-3308/lorax-0.4.7-1.fc15
https://admin.fedoraproject.org/updates/FEDORA-2011-13190/phonon-backend-gstreamer-4.5.90-2.fc15,phonon-4.5.57-1.20110914.fc15
The following builds have been pushed to Fedora 15 updates-testing
Field3D-1.3.2-1.fc15
OpenImageIO-0.10.3-4.1.fc15
adobe-source-libraries-1.0.43-7.fc15
asterisk-1.8.10.1-1.fc15
chirp-0.2.0-1.fc15
dbmail-3.0.2-1.fc15
foobillard-3.0a-18.fc15
freeDiameter-1.1.2-1.fc15
gajim-0.15-1.fc15
git-cola-1.7.6-1.fc15
im-chooser-1.5.2.1-1.fc15
imsettings-1.2.8.1-1.fc15
kernel-2.6.42.12-1.fc15
libtasn1-2.12-1.fc15
mc-4.8.2-1.fc15
mod_gnutls-0.5.10-4.fc15
perl-B-Utils-0.19-1.fc15
perl-CHI-0.52-1.fc15
perl-Crypt-Blowfish_PP-1.12-2.fc15
perl-Data-AMF-0.09-2.fc15
perl-File-Remove-1.52-1.fc15
perl-Geo-IPfree-1.1.2.0.4.6.0-1.fc15
perl-Imager-0.89-1.fc15
perl-Net-DNS-SEC-0.16-9.fc15
qbittorrent-2.9.7-1.fc15
rubygem-boxgrinder-build-0.10.1-1.fc15
rubygem-boxgrinder-core-0.3.11-1.fc15
seamonkey-2.8-1.fc15
selinux-policy-3.9.16-52.fc15
taglib-1.7.1-1.fc15
trac-advancedticketworkflow-plugin-0.11-1.20120227svn9962.fc15
wine-docs-1.4-1.fc15
Details about builds:
================================================================================
Field3D-1.3.2-1.fc15 (FEDORA-2012-4317)
Library for storing voxel data
--------------------------------------------------------------------------------
Update Information:
Update Field3D to latest upstream release. Rebuild OpenImageIO for dependency.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
OpenImageIO-0.10.3-4.1.fc15 (FEDORA-2012-4317)
Library for reading and writing images
--------------------------------------------------------------------------------
Update Information:
Update Field3D to latest upstream release. Rebuild OpenImageIO for dependency.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 12 2012 Richard Shaw <hobbes1069 at gmail.com> - 0.10.3-4.1
- Rebuild for updated Field3D.
--------------------------------------------------------------------------------
================================================================================
adobe-source-libraries-1.0.43-7.fc15 (FEDORA-2012-4299)
General purpose C++ libraries
--------------------------------------------------------------------------------
Update Information:
New package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #790628 - Review Request: adobe-source-libraries - General Purpose Addon for Boost and STL
https://bugzilla.redhat.com/show_bug.cgi?id=790628
--------------------------------------------------------------------------------
================================================================================
asterisk-1.8.10.1-1.fc15 (FEDORA-2012-4259)
The Open Source PBX
--------------------------------------------------------------------------------
Update Information:
Update to 1.8.10.1, which fixes 2 security vulnerabilities.
The Asterisk Development Team has announced security releases for Asterisk 1.4,
1.6.2 and 1.8. The available security releases are released as versions 1.4.43,
1.6.2.21 and 1.8.7.2.
These releases are available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/releases
The release of Asterisk versions 1.4.43, 1.6.2.21, and 1.8.7.2 resolves an issue
with possible remote enumeration of SIP endpoints with differing NAT settings.
The release of Asterisk versions 1.6.2.21 and 1.8.7.2 resolves a remote crash
possibility with SIP when the "automon" feature is enabled.
The issues and resolutions are described in the AST-2011-013 and AST-2011-014
security advisories.
For more information about the details of these vulnerabilities, please read the
security advisories AST-2011-013 and AST-2011-014, which were released at the
same time as this announcement.
For a full list of changes in the current releases, please see the ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.4.43
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.21
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.7.2
Security advisory AST-2011-013 is available at:
* http://downloads.asterisk.org/pub/security/AST-2011-013.pdf
Security advisory AST-2011-014 is available at:
* http://downloads.asterisk.org/pub/security/AST-2011-014.pdf
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 17 2012 Russell Bryant <russell at russellbryant.net> - 1.8.10.1-1
- Update to 1.8.10.1 from upstream.
- Fix remote stack overflow in app_milliwatt.
- Fix remote stack overflow, including possible code injection, in HTTP digest
authentication handling.
- Resolves: rhbz#804045, rhbz#804038, rhbz#804042
* Fri Dec 9 2011 Jeffrey C. Ollie <jeff at ocjtech.us> - 1.8.7.2-1
- The Asterisk Development Team has announced security releases for Asterisk 1.4,
- 1.6.2 and 1.8. The available security releases are released as versions 1.4.43,
- 1.6.2.21 and 1.8.7.2.
-
- These releases are available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The release of Asterisk versions 1.4.43, 1.6.2.21, and 1.8.7.2 resolves an issue
- with possible remote enumeration of SIP endpoints with differing NAT settings.
-
- The release of Asterisk versions 1.6.2.21 and 1.8.7.2 resolves a remote crash
- possibility with SIP when the "automon" feature is enabled.
-
- The issues and resolutions are described in the AST-2011-013 and AST-2011-014
- security advisories.
-
- For more information about the details of these vulnerabilities, please read the
- security advisories AST-2011-013 and AST-2011-014, which were released at the
- same time as this announcement.
-
- For a full list of changes in the current releases, please see the ChangeLogs:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.4.43
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.21
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.7.2
-
- Security advisory AST-2011-013 is available at:
-
- * http://downloads.asterisk.org/pub/security/AST-2011-013.pdf
-
- Security advisory AST-2011-014 is available at:
-
- * http://downloads.asterisk.org/pub/security/AST-2011-014.pdf
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #804038 - CVE-2012-1183 asterisk: Stack-based buffer overwrite by processing large audio packet in Miliwatt application (AST-2012-002)
https://bugzilla.redhat.com/show_bug.cgi?id=804038
[ 2 ] Bug #804042 - CVE-2012-1184 asterisk: Stack-based buffer overflow by processing certain HTTP Digest Authentication headers (AST-2012-003)
https://bugzilla.redhat.com/show_bug.cgi?id=804042
[ 3 ] Bug #765773 - CVE-2011-4597 asterisk: Possible to enumerate SIP usernames when general and user/peer NAT settings differed (AST-2011-013)
https://bugzilla.redhat.com/show_bug.cgi?id=765773
[ 4 ] Bug #765776 - CVE-2011-4598 asterisk: NULL pointer dereference (crash) when processing INFO automon message with no channel (AST-2011-014)
https://bugzilla.redhat.com/show_bug.cgi?id=765776
--------------------------------------------------------------------------------
================================================================================
chirp-0.2.0-1.fc15 (FEDORA-2012-4295)
A tool for programming two-way radio equipment
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release, 0.2.0.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 18 2012 Richard Shaw <hobbes1069 at gmail.com> - 0.2.0-1
- Update to latest upstream release.
--------------------------------------------------------------------------------
================================================================================
dbmail-3.0.2-1.fc15 (FEDORA-2012-4287)
A database backed mail storage system
--------------------------------------------------------------------------------
Update Information:
- Add precedence: bulk headers to auto-reply messages #959
- POP3: reset timeout after authentication #951
- IMAP: internal_date and memleaks cleanups
- IMAP: improve sorting by date
- IMAP: sanitize searchable storage of addresses
- IMAP: revert another misguided LIST/LSUB change 2/2
- IMAP: revert another misguided LIST/LSUB change
- IMAP: rework \recent flag handling
- IMAP: improve mailboxstate tracking
- IMAP: improve reliabity of SEARCH SENTON
- IMAP: improve searchable cache value of address headers
- Merge branch 'master' of git.dbmail.eu:/var/git/paul/dbmail
- IMAP: partial revert
- IMAP: fix FETCH regression
- IMAP: update test-runners
- IMAP: small leak in SEARCH unkeyword
- IMAP: fix validation of sequences
- IMAP: prevent premature flushing of recent flag
- IMAP: implement "SEARCH keyword"
- IMAP: update tests
- IMAP: test and fix sequence-set builder
- IMAP: test and fix date converter
- IMAP: re-organize tests
- IMAP: fix small leak
- update THANKS
- SIEVE: fix broken vacation reply
- DELIVERY: fix check_destination during autoreply
- IMAP: revert misguided LIST/LSUB change
- IMAP: small ENVELOPE fix
- IMAP: fix minor compiler warnings
- HTTP: update test-script
- LMTP: fix segfault
- IMAP: improve LIST/LSUB response
- IMAP: improve mailbox atomicity
- LMTP: PEP8 integration tests
- add test for #960
- POP3: another RETR fix
- POP3: fix TOP command
- bump version to 3.0.1
- tweak debian build flags
- plug a couple of memory leaks
- PEP8 and test fixing
- POP3 fix RETR regression
- move referencefield caching back to header cache
- speedup maintenance run
- no default for auto_increment
- fix regression in migration
- debian: i18n update
- lower loglevel for low-level SSL errors (#893)
- [PATCH] Changed INDEX dropping for sievescripts on mysql upgrade
- debian: fix typo
- lmtp: unescape dot-stuffed data
- no autoreply is not an error
- list internal forwards as aliases
- no quotes around NOW()
- [PATCH] Better mysql upgrade and create table scripts
- prevent stack-overflow in debug call
- mysql: use NOW() rather than CURRENT_TIMESTAMP
- postgresql: use NOW() rather than CURRENT_TIMESTAMP
- cache referencefield and envelope separately
- lower loglevel for default hash type
- PEP8 cleanup
- plug memory leak from search optimization
- another missing whitespace fix
- missing whitespace in query
- improve search optimization
- add search optimization
- regenerate autoconf files
- update autotools chain
- update LDFLAGS and CFLAGS for gmodule-2.0
- update dbmail-util man-page for migration option
- fix subaddress regression (#954)
- fix compilation with clang
- silence compiler warning
- silence autoconf warnings
- add warning to UPGRADING regarding bytea_output for pg9 users
- add note regarding bytea_output for pg9 users
- drop old index during migration in postgresql
- send crlf encoded data for pop3 (#945)
- Revert "parse From_ time as localtime"
- fix typo in debian script (#946)
- fix regression in IMAP FETCH
- [PATCH 3/3] fix indentation
- [PATCH 2/3] drop unnecessary lock
- [PATCH 1/3] lock only if necessary
- fix SSL regression
- add mutex around iconv_t access (#940)
- expose possible gmime bug
- more packaging fixes
- add test for utf7 decoding #930
- change debug tracing of blobs
- fix packaging bug
- make SSL_accept non-blocking (#941)
- add test for possible gmime bug
- parse From_ time as localtime
- re-indent php code
- gmime-2.6 compatibility (#935)
- call database schema version check on all connections
- reset timeout after idle is done (#932)
- gracefully degrade after decoding error (#930)
- handle hangups better during read (#932)
- fix IDLE regression (#927)
- fix dbmail.h generation (#916)
- fix broken SEARCH TEXT (#912)
--------------------------------------------------------------------------------
ChangeLog:
* Sun Mar 18 2012 Bernard Johnson <bjohnson at symetrix.com> - 3.0.2-1
- 3.0.2
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.0.0-0.7.rc3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #797118 - dbmail 3.0.2 is released
https://bugzilla.redhat.com/show_bug.cgi?id=797118
--------------------------------------------------------------------------------
================================================================================
foobillard-3.0a-18.fc15 (FEDORA-2012-4305)
OpenGL billard game
--------------------------------------------------------------------------------
Update Information:
Restore sound.
Fix table cloth texture.
Fix table cloth texture.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 12 2012 Jon Ciesla <limburgher at gmail.com> - 3.0a-18
- Build with SDL to fix sound, BZ 801588.
* Wed Mar 7 2012 Jon Ciesla <limburgher at gmail.com> - 3.0a-17
- Patch to fix cloth texture, BZ 709202.
- Build with glut.
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.0a-16
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Mon Nov 7 2011 Miloslav Trmač <mitr at redhat.com> - 3.0a-15
- Add dist tag
- Rebuild with newer libpng
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #801588 - No sound
https://bugzilla.redhat.com/show_bug.cgi?id=801588
[ 2 ] Bug #709202 - Table has noticeable shading/colouring bug
https://bugzilla.redhat.com/show_bug.cgi?id=709202
--------------------------------------------------------------------------------
================================================================================
freeDiameter-1.1.2-1.fc15 (FEDORA-2012-4261)
A Diameter protocol open implementation
--------------------------------------------------------------------------------
Update Information:
Updated to upstream 1.1.2
--------------------------------------------------------------------------------
ChangeLog:
* Fri Mar 16 2012 Shakthi Kannan <shakthimaan [AT] fedoraproject DOT org> - 1.1.2-1
- Updated to 1.1.2.
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.1.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
gajim-0.15-1.fc15 (FEDORA-2012-4296)
Jabber client written in PyGTK
--------------------------------------------------------------------------------
Update Information:
Version 0.15 of Gajim has been released. New features:
* Plugin system
* Whiteboard (via a plugin)
* Message archiving
* Stream management
* IBB
* Nested roster group
* Roster filtering
* UPower support
List of fixed bugs:
https://trac.gajim.org/query?status=closed&milestone=0.15
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 19 2012 Michal Schmidt <mschmidt at redhat.com> 0.15-1
- Upstream release 0.15.
* Thu Jan 26 2012 Michal Schmidt <mschmidt at redhat.com> 0.15-0.4.beta4
- Upstream release 0.15 beta4.
* Tue Dec 20 2011 Michal Schmidt <mschmidt at redhat.com> 0.15-0.2.beta3
- Upstream release 0.15 beta3.
- Drop gajim-0.13.90-pygtk-crash-python2.7-workaround.patch
Cannot reproduce the crash anymore.
* Tue Oct 11 2011 Michal Schmidt <mschmidt at redhat.com> 0.15-0.1.beta2
- Upstream release 0.15 beta2.
--------------------------------------------------------------------------------
================================================================================
git-cola-1.7.6-1.fc15 (FEDORA-2012-4282)
A highly caffeinated git gui
--------------------------------------------------------------------------------
Update Information:
An update of git-cola to the latest upstream release, with the following improvements:
* `git dag` learned to color-code branchy edges. The edge colors change when a new branch is detected, which makes the history much easier to follow. A huge thanks to Uri Okrent for making it happen.
* New GUI for editing remote repositories.
* New `git cola archive` and `git cola remote` sub-commands.
* `git cola browser` learned an 'Untrack' command.
* The diff editor learned to staged/unstaged while amending.
* The status tool can now scroll horizontally.
* New git repositories can be created by clicking 'New' on the `git cola --prompt` startup screen.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 19 2012 Kevin Kofler <Kevin at tigcc.ticalc.org> - 1.7.6-1
- Update to 1.7.6 (#804407)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #804407 - git-cola-1.7.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=804407
--------------------------------------------------------------------------------
================================================================================
im-chooser-1.5.2.1-1.fc15 (FEDORA-2012-4281)
Desktop Input Method configuration tool
--------------------------------------------------------------------------------
Update Information:
translations updates
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 19 2012 Akira TAGOH <tagoh at redhat.com> - 1.5.2.1-1
- New upstream release.
* Fri Mar 2 2012 Akira TAGOH <tagoh at redhat.com> - 1.5.2-3
- Update po files.
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.5.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
imsettings-1.2.8.1-1.fc15 (FEDORA-2012-4270)
Delivery framework for general Input Method configuration
--------------------------------------------------------------------------------
Update Information:
translations updates.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 19 2012 Akira TAGOH <tagoh at redhat.com> - 1.2.8.1-1
- New upstream release.
* Fri Mar 2 2012 Akira TAGOH <tagoh at redhat.com> - 1.2.8-2
- Update po files.
--------------------------------------------------------------------------------
================================================================================
kernel-2.6.42.12-1.fc15 (FEDORA-2012-3715)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
Update to the 3.2.10 stable release, which contains a number of fixes across the kernel.
Fixes CVE-2012-1146
Fixes CVE-2012-1179
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 20 2012 Justin M. Forbes <jforbes at redhat.com> 2.6.42.12-1
- Linux 3.2.10
- CVE-2012-1568 SHLIB_BASE randomization (rhbz 804947)
* Tue Mar 20 2012 Steve Dickson <steved at redhat.com>
- NFSv4: Save the owner/group name string when doing open (bz 794780)
* Tue Mar 20 2012 Josh Boyer <jwboyer at redhat.com>
- mac80211: fix possible tid_rx->reorder_timer use after free
from Stanislaw Gruska (rhbz 804007)
* Fri Mar 16 2012 Justin M. Forbes <jforbes at redhat.com>
- re-enable threading on hibernate compression/decompression
* Fri Mar 16 2012 Josh Boyer <jwboyer at redhat.com>
- Fix irqpoll patch to really only apply for ASM108x machines (rhbz 800520)
* Thu Mar 15 2012 Justin M. Forbes <jforbes at redhat.com> - 2.6.42.10-3
- CVE-2012-1179 fix pmd_bad() triggering in code paths holding mmap_sem read mode (rhbz 803809)
* Wed Mar 14 2012 Josh Boyer <jwboyer at redhat.com>
- Fixup irqpoll patch to only activate on machines with ASM108x PCI bridge
* Wed Mar 14 2012 Steve Dickson <steved at redhat.com>
- Reduce the foot print of the NFSv4 idmapping coda (bz 593035)
* Mon Mar 12 2012 Justin M. Forbes <jforbes at redhat.com> - 2.6.42.10-1
- Linux 3.2.10
* Mon Mar 12 2012 Josh Boyer <jwboyer at redhat.com>
- Add patch to ignore bogus io-apic entries (rhbz 801501)
* Wed Mar 7 2012 Dave Jones <davej at redhat.com>
- Add debug patch for bugs 787171/766277
* Wed Mar 7 2012 Josh Boyer <jwboyer at redhat.com>
- CVE-2012-1146: memcg: unregister events attached to the same eventfd can
oops (rhbz 800817)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #800813 - CVE-2012-1146 kernel: mm: memcg: unregistring of events attached to the same eventfd can lead to oops
https://bugzilla.redhat.com/show_bug.cgi?id=800813
[ 2 ] Bug #803793 - CVE-2012-1179 kernel: thp:__split_huge_page() mapcount != page_mapcount BUG_ON()
https://bugzilla.redhat.com/show_bug.cgi?id=803793
[ 3 ] Bug #804947 - CVE-2012-1568 kernel: execshield: predictable ascii armour base address
https://bugzilla.redhat.com/show_bug.cgi?id=804947
--------------------------------------------------------------------------------
================================================================================
libtasn1-2.12-1.fc15 (FEDORA-2012-4308)
The ASN.1 library used in GNUTLS
--------------------------------------------------------------------------------
Update Information:
New upstream package with minor improvements and security fix.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 20 2012 Tomas Mraz <tmraz at redhat.com> - 2.12-1
- new upstream release
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.7-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #804920 - CVE-2012-1569 libtasn1: DER decoding buffer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=804920
--------------------------------------------------------------------------------
================================================================================
mc-4.8.2-1.fc15 (FEDORA-2012-4284)
User-friendly text console file manager and visual shell
--------------------------------------------------------------------------------
Update Information:
mc-4.8.2 is available
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 20 2012 Slava Zanko <slavazanko at gmail.com> 1:4.8.2-1
- update to 4.8.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #804982 - mc-4.8.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=804982
--------------------------------------------------------------------------------
================================================================================
mod_gnutls-0.5.10-4.fc15 (FEDORA-2012-4306)
GnuTLS module for the Apache HTTP server
--------------------------------------------------------------------------------
Update Information:
removed require for httpd, added require for httpd-mmn to ensure module is loaded with compatible version of httpd.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 19 2012 Jiri Kastner <jkastner at redhat.com> - 0.5.10-4
- removed httpd require
* Wed Mar 14 2012 Jiri Kastner <jkastner at redhat.com> - 0.5.10-3
- added dependency for httpd-mmn
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.5.10-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #803070 - Missing Requires: httpd-mmn
https://bugzilla.redhat.com/show_bug.cgi?id=803070
--------------------------------------------------------------------------------
================================================================================
perl-B-Utils-0.19-1.fc15 (FEDORA-2012-4290)
Helper functions for op tree manipulation
--------------------------------------------------------------------------------
Update Information:
This update fixes a crash when using the walkallops_filtered method.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 12 2012 Iain Arnell <iarnell at gmail.com> 0.19-1
- update to latest upstream version
* Thu Jan 5 2012 Iain Arnell <iarnell at gmail.com> 0.17-1
- update to latest upstream version
* Mon Jun 20 2011 Marcela Mašláňová <mmaslano at redhat.com> - 0.15-2
- Perl mass rebuild
* Wed Apr 20 2011 Iain Arnell <iarnell at gmail.com> 0.15-1
- update to latest upstream version
* Sun Mar 20 2011 Iain Arnell <iarnell at gmail.com> 0.14-1
- update to latest upstream version
--------------------------------------------------------------------------------
================================================================================
perl-CHI-0.52-1.fc15 (FEDORA-2012-4309)
Unified cache handling interface
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 19 2012 Ralf Corsépius <corsepiu at fedoraproject.org> - 0.52-1
- Upstream update.
--------------------------------------------------------------------------------
================================================================================
perl-Crypt-Blowfish_PP-1.12-2.fc15 (FEDORA-2012-4301)
Blowfish encryption algorithm implemented purely in Perl
--------------------------------------------------------------------------------
Update Information:
New package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #794988 - Review Request: perl-Crypt-Blowfish_PP - Blowfish encryption algorithm implemented purely in Perl
https://bugzilla.redhat.com/show_bug.cgi?id=794988
--------------------------------------------------------------------------------
================================================================================
perl-Data-AMF-0.09-2.fc15 (FEDORA-2012-4338)
Serialize/deserialize Adobe's AMF (ActionMessageFormat) data
--------------------------------------------------------------------------------
Update Information:
New package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #794985 - Review Request: perl-Data-AMF - Serialize/deserialize Adobe's AMF (ActionMessageFormat) data
https://bugzilla.redhat.com/show_bug.cgi?id=794985
--------------------------------------------------------------------------------
================================================================================
perl-File-Remove-1.52-1.fc15 (FEDORA-2012-4292)
Convenience module for removing files and directories
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 20 2012 Ralf Corsépius <corsepiu at fedoraproject.org> - 1.52-1
- Upstream update.
- Remove File-Remove-1.51.diff.
- BR: perl(File::Spec) >= 3.29.
--------------------------------------------------------------------------------
================================================================================
perl-Geo-IPfree-1.1.2.0.4.6.0-1.fc15 (FEDORA-2012-4275)
Look up the country of an IPv4 Address
--------------------------------------------------------------------------------
Update Information:
IP database updated.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 20 2012 Petr Pisar <ppisar at redhat.com> - 1.1.2.0.4.6.0-1
- 1.1.2.0.4.6.0 bump
--------------------------------------------------------------------------------
================================================================================
perl-Imager-0.89-1.fc15 (FEDORA-2012-4313)
Perl extension for Generating 24 bit Images
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 19 2012 Ralf Corsépius <corsepiu at fedoraproject.org> 0.89-1
- Upstream update.
- Split out perl(Imager::Test) (Avoid *-devel deps).
--------------------------------------------------------------------------------
================================================================================
perl-Net-DNS-SEC-0.16-9.fc15 (FEDORA-2012-4258)
DNSSEC modules for Perl
--------------------------------------------------------------------------------
Update Information:
Added a patch to fix NSEC record parsing
Upstream pause #75892
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 19 2012 Wes Hardaker <wjhns174 at hardakers.net> - 0.16-9
- Added a patch to fix the NSEC shouldn't be downcased issue
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.16-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Jul 19 2011 Petr Sabata <contyk at redhat.com> - 0.16-7
- Perl mass rebuild
--------------------------------------------------------------------------------
================================================================================
qbittorrent-2.9.7-1.fc15 (FEDORA-2012-4257)
A Bittorrent Client
--------------------------------------------------------------------------------
Update Information:
* Sun Mar 18 2012 - Christophe Dumez <chris at qbittorrent.org> - v2.9.7
- BUGFIX: Fix important HTTP request parsing bug (Web UI)
* Sat Mar 17 2012 - Christophe Dumez <chris at qbittorrent.org> - v2.9.6
- BUGFIX: Fix download first/last pieces state reporting
- BUGFIX: Fix name of progress column in torrent content panel
- BUGFIX: Disable system tray icon on Mac OS X
- BUGFIX: RSS downloader should not ignore "Do not start automatically" rule (closes #946910)
- BUGFIX: Fix DHT port setting in Web UI (Closes #952182)
- BUGFIX: Fix possible Web UI authentication problem when using SSL (closes #941343)
- BUGFIX: Fix possible issues with folder removal when removing a torrent
- I18N: Add Basque translation
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 19 2012 leigh scott <leigh123linux at googlemail.com> - 1:2.9.7-1
- update to 2.9.7
--------------------------------------------------------------------------------
================================================================================
rubygem-boxgrinder-build-0.10.1-1.fc15 (FEDORA-2012-4331)
A tool for creating appliances from simple plain text files
--------------------------------------------------------------------------------
Update Information:
- Upstream release: 0.10.1
- [BGBUILD-332] Add support for bash completion
- [BGBUILD-338] Weed out non-deterministic tests
- [BGBUILD-337] In SL if default repos are disabled, /etc/yum.repos.d folder is not created
- [BGBUILD-344] New filesystem monitoring improvements (Fixes: Shifting failed. Permission denied issues)
- [BGBUILD-345] Change sudo/chown magic so it only occurs when running without explicit sudo/su (or --change-to-user)
- [BGBUILD-346] Confirm Ruby 1.9.3 support
- [BGBUILD-348] Simplecov coverage testing for Ruby >=1.9
- [BGBUILD-349] Use RbConfig instead of obsolete and deprecated Config deprecation warning with Ruby 1.9.3
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 19 2012 Marek Goldmann <mgoldman at redhat.com> - 0.10.1-1
- Upstream release 0.10.1
- Make sure the spec can be used also for Fedora < 17
- Rebuilt for Ruby 1.9.3, thanks to Bohuslav Kabrda
- Small cleanup of the spec
- [BGBUILD-332] Add support for bash completion
- [BGBUILD-338] Weed out non-deterministic tests
- [BGBUILD-337] In SL if default repos are disabled, /etc/yum.repos.d folder is not created
- [BGBUILD-344] New filesystem monitoring improvements (Fixes: Shifting failed. Permission denied issues)
- [BGBUILD-345] Change sudo/chown magic so it only occurs when running without explicit sudo/su (or --change-to-user)
- [BGBUILD-346] Confirm Ruby 1.9.3 support
- [BGBUILD-348] Simplecov coverage testing for Ruby >=1.9
- [BGBUILD-349] Use RbConfig instead of obsolete and deprecated Config deprecation warning with Ruby 1.9.3
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.10.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rubygem-boxgrinder-core-0.3.11-1.fc15 (FEDORA-2012-4331)
Core library for BoxGrinder
--------------------------------------------------------------------------------
Update Information:
- Upstream release: 0.10.1
- [BGBUILD-332] Add support for bash completion
- [BGBUILD-338] Weed out non-deterministic tests
- [BGBUILD-337] In SL if default repos are disabled, /etc/yum.repos.d folder is not created
- [BGBUILD-344] New filesystem monitoring improvements (Fixes: Shifting failed. Permission denied issues)
- [BGBUILD-345] Change sudo/chown magic so it only occurs when running without explicit sudo/su (or --change-to-user)
- [BGBUILD-346] Confirm Ruby 1.9.3 support
- [BGBUILD-348] Simplecov coverage testing for Ruby >=1.9
- [BGBUILD-349] Use RbConfig instead of obsolete and deprecated Config deprecation warning with Ruby 1.9.3
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 19 2012 Marek Goldmann <mgoldman at redhat.com> - 0.3.11-1
- Upstream release 0.3.11
- Make sure the spec can be used also for Fedora < 17
* Thu Feb 2 2012 Vít Ondruch <vondruch at redhat.com> - 0.3.10-3
- Rebuilt for Ruby 1.9.3.
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.3.10-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
seamonkey-2.8-1.fc15 (FEDORA-2012-4254)
Web browser, e-mail, news, IRC client, HTML editor
--------------------------------------------------------------------------------
Update Information:
Udpate to 2.8 upstream version.
Fixed libpng crashs.
Update to 2.7.1 (mozilla security update).
Fixed libpng crashs.
Update to 2.7.1 (mozilla security update).
--------------------------------------------------------------------------------
ChangeLog:
* Thu Mar 15 2012 Martin Stransky <stransky at redhat.com> 2.8-1
- Update to 2.8
* Fri Feb 24 2012 Martin Stransky <stransky at redhat.com> 2.7.1-2
- Added fix for mozbz#727401 - libpng crash
* Tue Feb 14 2012 Martin Stransky <stransky at redhat.com> 2.7.1-1
- Update to 2.7.1
* Mon Feb 6 2012 Martin Stransky <stransky at redhat.com> 2.7-2
- gcc 4.7 build fixes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #794979 - seamonkey-2.7.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=794979
--------------------------------------------------------------------------------
================================================================================
selinux-policy-3.9.16-52.fc15 (FEDORA-2012-4286)
SELinux policy configuration
--------------------------------------------------------------------------------
Update Information:
* Tue Mar 13 2012 Miroslav Grepl <mgrepl at redhat.com> 3.9.16-52
- Fix livecd_run() interface
- Add labeling for /var/spool/postfix/dev/log
* support postfix chroot
- Allow sandbox_xserver_t to send signals
- These are needed with CRL fetching is enabled
- Razor labeling is not used no longer
- Add label for /sbin/xtables-multi
- Add support for winshadow port and allow iscsid to connect to this port
- Allow chrome_sandbox_t to send all signals to sandbox_nacl_t
- Allow sandbox_nacl to setsched on its process
- Dontaudit fail2ban looking at gnome content
- fix label for /usr/lib(64)/iscan/network
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 13 2012 Miroslav Grepl <mgrepl at redhat.com> 3.9.16-52
- Fix livecd_run() interface
- Add labeling for /var/spool/postfix/dev/log
* support postfix chroot
- Allow sandbox_xserver_t to send signals
- These are needed with CRL fetching is enabled
- Razor labeling is not used no longer
- Add label for /sbin/xtables-multi
- Add support for winshadow port and allow iscsid to connect to this port
- Allow chrome_sandbox_t to send all signals to sandbox_nacl_t
- Allow sandbox_nacl to setsched on its process
- Dontaudit fail2ban looking at gnome content
- fix label for /usr/lib(64)/iscan/network
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #729211 - SELinux is preventing /usr/bin/python from 'search' accesses on the directory /root/.local.
https://bugzilla.redhat.com/show_bug.cgi?id=729211
[ 2 ] Bug #735598 - avc: livecd-creator/python/ldconfig script/program/process transition
https://bugzilla.redhat.com/show_bug.cgi?id=735598
[ 3 ] Bug #795580 - various avcs in connection with Shorewall
https://bugzilla.redhat.com/show_bug.cgi?id=795580
--------------------------------------------------------------------------------
================================================================================
taglib-1.7.1-1.fc15 (FEDORA-2012-4268)
Audio Meta-Data Library
--------------------------------------------------------------------------------
Update Information:
New upstream release, largely to address security issues related to ogg xiphcomments and ape sampleRate=0.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 19 2012 Rex Dieter <rdieter at fedoraproject.org> 1.7.1-1
- taglib-1.7.1
* Tue Feb 28 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.7-4
- Rebuilt for c++ ABI breakage
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #800559 - CVE-2012-1108 taglib: ogg file with vendorLength field modification causes crash
https://bugzilla.redhat.com/show_bug.cgi?id=800559
[ 2 ] Bug #800553 - CVE-2012-1107 taglib: ape file with sampleRate 0 causes crash
https://bugzilla.redhat.com/show_bug.cgi?id=800553
--------------------------------------------------------------------------------
================================================================================
trac-advancedticketworkflow-plugin-0.11-1.20120227svn9962.fc15 (FEDORA-2012-4264)
Advanced workflow operations Trac plugin
--------------------------------------------------------------------------------
Update Information:
New package - Advanced workflow operations Trac plugin
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #798014 - Review Request: trac-advancedticketworkflow-plugin - Advanced workflow operations Trac plugin
https://bugzilla.redhat.com/show_bug.cgi?id=798014
--------------------------------------------------------------------------------
================================================================================
wine-docs-1.4-1.fc15 (FEDORA-2012-4279)
Documentation for wine
--------------------------------------------------------------------------------
Update Information:
* documentation for wine-1.4 series
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 19 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
- 1.4-1
- version upgrade
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
More information about the test
mailing list