Fedora 16 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Wed Sep 19 03:14:37 UTC 2012
The following Fedora 16 Security updates need testing:
Age URL
0 https://admin.fedoraproject.org/updates/FEDORA-2012-14363/phpldapadmin-1.2.2-3.gitbbedf1.fc16
0 https://admin.fedoraproject.org/updates/FEDORA-2012-14295/moodle-2.1.8-1.fc16
10 https://admin.fedoraproject.org/updates/FEDORA-2012-13649/munin-2.0.6-2.fc16
0 https://admin.fedoraproject.org/updates/FEDORA-2012-14322/pcp-3.6.8-1.fc16
0 https://admin.fedoraproject.org/updates/FEDORA-2012-14340/icedtea-web-1.3-1.fc16
72 https://admin.fedoraproject.org/updates/FEDORA-2012-10402/bcfg2-1.2.3-1.fc16
27 https://admin.fedoraproject.org/updates/FEDORA-2012-12514/tor-0.2.2.38-1600.fc16
44 https://admin.fedoraproject.org/updates/FEDORA-2012-11526/dokuwiki-0-0.11.20120125.b.fc16
7 https://admin.fedoraproject.org/updates/FEDORA-2012-13839/ghostscript-9.05-2.fc16
7 https://admin.fedoraproject.org/updates/FEDORA-2012-13824/libxml2-2.7.8-8.fc16
1 https://admin.fedoraproject.org/updates/FEDORA-2012-14048/libxslt-1.1.26-9.fc16
1 https://admin.fedoraproject.org/updates/FEDORA-2012-14102/seamonkey-2.12.1-1.fc16
1 https://admin.fedoraproject.org/updates/FEDORA-2012-14076/dhcp-4.2.3-12.P2.fc16
1 https://admin.fedoraproject.org/updates/FEDORA-2012-14030/bind-9.8.3-4.P3.fc16
1 https://admin.fedoraproject.org/updates/FEDORA-2012-14046/spice-gtk-0.11-5.fc16
1 https://admin.fedoraproject.org/updates/FEDORA-2012-14189/cloud-init-0.6.3-0.5.bzr532.fc16
75 https://admin.fedoraproject.org/updates/FEDORA-2012-10314/revelation-0.4.14-1.fc16
1 https://admin.fedoraproject.org/updates/FEDORA-2012-14097/libguac-0.6.3-1.fc16,libguac-client-vnc-0.6.0-8.fc16,guacd-0.6.1-3.fc16,guacamole-common-0.6.1-2.fc16,guacamole-ext-0.6.1-2.fc16,guacamole-common-js-0.6.1-2.fc16
1 https://admin.fedoraproject.org/updates/FEDORA-2012-14126/dbus-1.4.10-4.fc16
The following Fedora 16 Critical Path updates have yet to be approved:
Age URL
0 https://admin.fedoraproject.org/updates/FEDORA-2012-14329/kernel-3.4.11-1.fc16
1 https://admin.fedoraproject.org/updates/FEDORA-2012-14170/perl-5.14.2-201.fc16
1 https://admin.fedoraproject.org/updates/FEDORA-2012-14126/dbus-1.4.10-4.fc16
1 https://admin.fedoraproject.org/updates/FEDORA-2012-14186/nspr-4.9.2-1.fc16
1 https://admin.fedoraproject.org/updates/FEDORA-2012-14048/libxslt-1.1.26-9.fc16
1 https://admin.fedoraproject.org/updates/FEDORA-2012-14086/firefox-15.0.1-1.fc16,xulrunner-15.0.1-1.fc16,thunderbird-15.0.1-1.fc16
7 https://admin.fedoraproject.org/updates/FEDORA-2012-13824/libxml2-2.7.8-8.fc16
8 https://admin.fedoraproject.org/updates/FEDORA-2012-13755/sane-backends-1.0.23-4.fc16
10 https://admin.fedoraproject.org/updates/FEDORA-2012-13681/python-alsa-1.0.26-1.fc16,alsa-plugins-1.0.26-1.fc16,alsa-tools-1.0.26.1-1.fc16,alsa-utils-1.0.26-1.fc16,alsa-lib-1.0.26-1.fc16
10 https://admin.fedoraproject.org/updates/FEDORA-2012-13616/fontconfig-2.8.0-8.fc16
11 https://admin.fedoraproject.org/updates/FEDORA-2012-13481/livecd-tools-16.16-1.fc16
11 https://admin.fedoraproject.org/updates/FEDORA-2012-13477/plymouth-0.8.4-0.20110822.6.fc16
The following builds have been pushed to Fedora 16 updates-testing
amanda-3.3.0-4.fc16
automake-1.11.6-1.fc16
dojo-1.8.0-1.fc16
ergo-3.2-2.fc16
ghc-executable-path-0.0.3-1.fc16
ghc-ghc-mtl-1.0.1.1-1.fc16
gpsbabel-1.4.4-1.fc16
icedtea-web-1.3-1.fc16
kernel-3.4.11-1.fc16
lis-1.2.115-1.fc16
moodle-2.1.8-1.fc16
nspluginwrapper-1.4.4-12.fc16
openocd-0.6.0-2.fc16
pcp-3.6.8-1.fc16
perl-Starlet-0.16-1.fc16
phpldapadmin-1.2.2-3.gitbbedf1.fc16
plowshare-0.9.4-0.36.20120916git.fc16
pynag-0.4.6-1.fc16
python-bucky-0.2.2-1.fc16
python-whisper-0.9.10-2.fc16
qbittorrent-3.0.4-1.fc16
tzdata-2012f-1.fc16
Details about builds:
================================================================================
amanda-3.3.0-4.fc16 (FEDORA-2012-14292)
A network-capable tape backup solution
--------------------------------------------------------------------------------
Update Information:
Do not provide perl(Math::BigInt).
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 18 2012 Petr Pisar <ppisar at redhat.com> - 3.3.0-4
- Do not provide perl(Math::BigInt) (bug #648321)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #648321 - amanda rpm should not provide the perl(Math::BigInt) capability
https://bugzilla.redhat.com/show_bug.cgi?id=648321
--------------------------------------------------------------------------------
================================================================================
automake-1.11.6-1.fc16 (FEDORA-2012-14297)
A GNU tool for automatically creating Makefiles
--------------------------------------------------------------------------------
Update Information:
- automake-1.11.6, fixes CVE-2012-3386
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 3 2012 Karsten Hopp <karsten at redhat.com> 1.11.6-1
- automake-1.11.6, fixes CVE-2012-3386
* Mon Apr 16 2012 Karsten Hopp <karsten at redhat.com> 1.11.5-1
- automake-1.11.5
* Tue Apr 3 2012 Karsten Hopp <karsten at redhat.com> 1.11.4-1
- automake-1.11.4
* Thu Feb 2 2012 Karsten Hopp <karsten at redhat.com> 1.11.3-1
- automake 1.11.3
* Mon Jan 30 2012 Karsten Hopp <karsten at redhat.com> 1.11.2-1
- automake 1.11.2, enable all checks again
* Wed Dec 7 2011 Karsten Hopp <karsten at redhat.com> 1.11.1-7
- disable some erroneous checks (660739, 756957)
* Mon Feb 7 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.11.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #838660 - CVE-2012-3386 automake: locally exploitable "make distcheck" bug [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=838660
--------------------------------------------------------------------------------
================================================================================
dojo-1.8.0-1.fc16 (FEDORA-2012-14365)
Modular JavaScript toolkit
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 18 2012 Felix Kaechele <felix at fetzig.org> - 1.8.0-1
- update to latest upstream
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.6.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.6.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
ergo-3.2-2.fc16 (FEDORA-2012-14350)
A program for large-scale self-consistent field calculations
--------------------------------------------------------------------------------
Update Information:
First build in Fedora.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #837816 - Review Request: ergo - A program for large-scale self-consistent field calculations
https://bugzilla.redhat.com/show_bug.cgi?id=837816
--------------------------------------------------------------------------------
================================================================================
ghc-executable-path-0.0.3-1.fc16 (FEDORA-2012-14300)
Haskell library to find full path of an executable
--------------------------------------------------------------------------------
Update Information:
ghc-executable-path is a Haskell library to find full path of an executable
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #703502 - Review Request: ghc-executable-path - Haskell library to find full path of an executable
https://bugzilla.redhat.com/show_bug.cgi?id=703502
--------------------------------------------------------------------------------
================================================================================
ghc-ghc-mtl-1.0.1.1-1.fc16 (FEDORA-2012-14334)
A mtl compatible with GHC-API monads and monad-transformers
--------------------------------------------------------------------------------
Update Information:
ghc-ghc-mtl provides a monad transformer library compatible with GHC-API monads and monad-transformers
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #712280 - Review Request: ghc-ghc-mtl - A mtl compatible with GHC-API monads and monad-transformers
https://bugzilla.redhat.com/show_bug.cgi?id=712280
--------------------------------------------------------------------------------
================================================================================
gpsbabel-1.4.4-1.fc16 (FEDORA-2012-14298)
A tool to convert between various formats used by GPS devices
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 17 2012 Ralf Corsépius <corsepiu at fedoraproject.org> - 1.4.4-1
- Upstream update.
- Rebase patches.
- Use upstream gpsbabel.desktop.
- Address RHBZ 668865.
- Fix gzFile pointer abuse.
- Install gmapbase.html to /usr/share/gpsbabel.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #785688 - gpsbabel-1.4.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=785688
[ 2 ] Bug #668865 - gpsbabel GUI phones home by default
https://bugzilla.redhat.com/show_bug.cgi?id=668865
--------------------------------------------------------------------------------
================================================================================
icedtea-web-1.3-1.fc16 (FEDORA-2012-14340)
Java browser plug-in and Web Start implementation
--------------------------------------------------------------------------------
Update Information:
This update brings IcedTea-Web 1.3 to Fedora. From Red Hat Bugzilla, it fixes rhbz#720836. Additionally, it provides numerous other bug fixes and enhancements, many of which are listed here:
https://dbhole.wordpress.com/2012/09/05/icedtea-web-1-3-released/
- Updated to 1.2.1
- Resolves: RH840592/CVE-2012-3422
- Resolves: RH841345/CVE-2012-3423
- Updated to 1.2.1
- Resolves: RH840592/CVE-2012-3422
- Resolves: RH841345/CVE-2012-3423
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 17 2012 Deepak Bhole <dbhole at redhat.com> 1.3-1
- Updated to 1.3
- Resolves: rhbz#720836: Epiphany fails to execute Java applets
* Tue Jul 31 2012 Deepak Bhole <dbhole at redhat.com> 1.2.1-1
- Updated to 1.2.1
- Resolves: RH840592/CVE-2012-3422
- Resolves: RH841345/CVE-2012-3423
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.2-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Thu May 3 2012 Deepak Bhole <dbhole at redhat.com> 1.2-4
- Resolves rhbz#814585
- Fixed java-plugin provides and added one for javaws
* Tue Apr 17 2012 Deepak Bhole <dbhole at redhat.com> 1.2-3
- Updated summary
- Fixed virtual provide
* Tue Mar 13 2012 Peter Robinson <pbrobinson at fedoraproject.org> - 1.2-2
- Enable building on ARM platforms
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #840592 - CVE-2012-3422 icedtea-web: getvalueforurl uninitialized instance pointer
https://bugzilla.redhat.com/show_bug.cgi?id=840592
[ 2 ] Bug #841345 - CVE-2012-3423 icedtea-web: incorrect handling of not 0-terminated strings
https://bugzilla.redhat.com/show_bug.cgi?id=841345
--------------------------------------------------------------------------------
================================================================================
kernel-3.4.11-1.fc16 (FEDORA-2012-14329)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
Update to latest stable upstream release. Numerous assorted fixes as usual.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Sep 16 2012 Josh Boyer <jwboyer at redhat.com> 3.4.11-1
- Linux v3.4.11
* Tue Sep 11 2012 Josh Boyer <jwboyer at redhat.com> 3.4.10-2
- Drop old Xen EC2 patch. It is no longer needed per Matt Wilson
* Wed Sep 5 2012 Josh Boyer <jwboyer at redhat.com> 3.4.10-1
- Linux v3.4.10
--------------------------------------------------------------------------------
================================================================================
lis-1.2.115-1.fc16 (FEDORA-2012-14337)
A library for solving linear equations and eigenvalue problems
--------------------------------------------------------------------------------
Update Information:
Update to newest release by request of upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 17 2012 Jussi Lehtola <jussilehtola at fedoraproject.org> - 1.2.115-1
- Update to 1.2.115.
* Tue Aug 7 2012 Jussi Lehtola <jussilehtola at fedoraproject.org> - 1.2.92-1
- Update to 1.2.92. Enabled SAMG.
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.2.68-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
moodle-2.1.8-1.fc16 (FEDORA-2012-14295)
A Course Management System
--------------------------------------------------------------------------------
Update Information:
Multiple vulnerabilities.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 17 2012 Jon Ciesla <limburgher at gmail.com> - 2.1.8-1
- Security update.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #857983 - CVE-2012-4400 CVE-2012-4408 CVE-2012-4402 CVE-2012-4403 moodle various flaws [fedora-16]
https://bugzilla.redhat.com/show_bug.cgi?id=857983
--------------------------------------------------------------------------------
================================================================================
nspluginwrapper-1.4.4-12.fc16 (FEDORA-2012-14356)
A compatibility layer for Netscape 4 plugins
--------------------------------------------------------------------------------
Update Information:
Import fixes from upstream.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
openocd-0.6.0-2.fc16 (FEDORA-2012-14343)
Debugging, in-system programming and boundary-scan testing for embedded devices
--------------------------------------------------------------------------------
Update Information:
New release of OpenOCD. See the website for more details.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 17 2012 Dean Glazeski <dnglaze at gmail.com> - 0.6.0-2
- Enabling the stlink option
* Tue Sep 11 2012 Dean Glazeski <dnglaze at gmail.com> - 0.6.0-1
- RPM build for new release.
* Fri Jul 20 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.5.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Thu May 31 2012 Dennis Gilmore <dennis at ausil.us> - 0.5.0-3
- patch in flyswatter2 support
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.5.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #856078 - Please update openocd to release 0.6.0
https://bugzilla.redhat.com/show_bug.cgi?id=856078
--------------------------------------------------------------------------------
================================================================================
pcp-3.6.8-1.fc16 (FEDORA-2012-14322)
System-level performance monitoring and performance management
--------------------------------------------------------------------------------
Update Information:
new upstream release
- Added the python PMAPI bindings and an initial python client
in pmcollectl. Separate, new package exists for python libs
for those platforms that split out packages (rpm, deb).
- Added a pcp-testsuite package for those platforms that might
want this (rpm, deb again, mainly)
- Re-introduced the pcp/qa subdirectory in pcp and deprecated
the external pcpqa git tree.
- Fix potential buffer overflow in pmlogger host name handling.
- Reworked the configure --prefix handling to be more like the
rest of the open source world.
- Ensure the __pmDecodeText ident parameter is always set
Resolves Red Hat bugzilla bug #841306.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 14 2012 Nathan Scott <nathans at redhat.com> - 3.6.8-1
- Update to latest PCP sources.
* Wed Sep 5 2012 Nathan Scott <nathans at redhat.com> - 3.6.6-1.1
- Move configure step from prep to build section of spec (BZ 854128)
* Tue Aug 28 2012 Mark Goodwin <mgoodwin at redhat.com> - 3.6.6-1
- Update to latest PCP sources, see installed CHANGELOG for details.
- Introduces new python-pcp and pcp-testsuite sub-packages.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #841306 - libpcp additional decoder hardening
https://bugzilla.redhat.com/show_bug.cgi?id=841306
--------------------------------------------------------------------------------
================================================================================
perl-Starlet-0.16-1.fc16 (FEDORA-2012-14312)
Simple, high-performance PSGI/Plack HTTP server
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 17 2012 Ralf Corsépius <corsepiu at fedoraproject.org> - 0.16-1
- Upstream update.
* Tue Aug 14 2012 Ralf Corsépius <corsepiu at fedoraproject.org> - 0.15-1
- Upstream update.
--------------------------------------------------------------------------------
================================================================================
phpldapadmin-1.2.2-3.gitbbedf1.fc16 (FEDORA-2012-14363)
Web-based tool for managing LDAP servers
--------------------------------------------------------------------------------
Update Information:
fix CVE-2012-1114 and CVE-2012-1115
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 18 2012 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.2.2-3.gitbbedf1
- update to latest git source (CVE-2012-1114, CVE-2012-1115, #799873)
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.2.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #799873 - CVE-2012-1114 CVE-2012-1115 phpldapadmin: XSS flaws via 'export', 'add_value_form' and 'dn' variables
https://bugzilla.redhat.com/show_bug.cgi?id=799873
--------------------------------------------------------------------------------
================================================================================
plowshare-0.9.4-0.36.20120916git.fc16 (FEDORA-2012-14323)
Download and upload files from file-sharing websites
--------------------------------------------------------------------------------
Update Information:
New upstream snapshot.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 18 2012 Elder Marco <eldermarco at fedoraproject.org> - 0.9.4.0.36.20120916git
- New upstream snapshot
--------------------------------------------------------------------------------
================================================================================
pynag-0.4.6-1.fc16 (FEDORA-2012-14335)
Python modules and utilities for Nagios plugins and configuration
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 17 2012 Tomas Edwardsson <tommi at tommi.org> 0.4.6-1
- New upstream version
- Removed pynag-* scripts for a new binary, pynag
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.4.1-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-bucky-0.2.2-1.fc16 (FEDORA-2012-14314)
CollectD and StatsD adapter for Graphite
--------------------------------------------------------------------------------
Update Information:
Initial package.
--------------------------------------------------------------------------------
================================================================================
python-whisper-0.9.10-2.fc16 (FEDORA-2012-14320)
Simple database library for storing time-series data
--------------------------------------------------------------------------------
Update Information:
Initial package.
--------------------------------------------------------------------------------
================================================================================
qbittorrent-3.0.4-1.fc16 (FEDORA-2012-14345)
A Bittorrent Client
--------------------------------------------------------------------------------
Update Information:
* Tue Sep 18 2012 - Christophe Dumez <chris at qbittorrent.org> - v3.0.4
- BUGFIX: Fix issue with downloads starting from scratch on startup if temporary
directory setting is enabled.
* Sun Sep 16 2012 - Christophe Dumez <chris at qbittorrent.org> - v3.0.3
- BUGFIX: Fix issue with temporary directory not being taken into consideration (closes #94)
- BUGFIX: Address encoding issues when using search engine on Windows (closes #29)
- BUGFIX: Bypass cache when uploading a torrent file in Web UI (closes #68)
- BUGFIX: "Completed On" column is not updated until restart (closes #84)
- BUGFIX: Fix possible build error on some systems
- I18N: Add hebrew translation
* Sat Sep 1 2012 - Christophe Dumez <chris at qbittorrent.org> - v3.0.2
- FEATURE: Add "clear" functionality to search field (closes #59)
- BUGFIX: Attempt to use qBittorrent icon from theme if available (closes #49)
- BUGFIX: Fix crash when a fastresume file is empty (closes #52)
- BUGFIX: Fix encoding problem for detected XDG Download folder (closes #53)
- BUGFIX: Improve performance when showing torrent content panel (Improves #24)
- BUGFIX: Fix label-based filtering of torrents whose label contains special characters
- BUGFIX: Fix possible crash due to labels (closes #64)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 18 2012 Leigh Scott <leigh123linux at googlemail.com> - 1:3.0.4-1
- update to 3.0.4 release
--------------------------------------------------------------------------------
================================================================================
tzdata-2012f-1.fc16 (FEDORA-2012-14296)
Timezone data
--------------------------------------------------------------------------------
Update Information:
- Fiji will start daylight savings at 2 am on Sunday 21st October 2012 and end at 3 am on Sunday 20th January 2013. Guess it will be like that in following years as well.
- Tokelau is in time zone UTC+13, not UTC+14 (and always was).
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 17 2012 Petr Machata <pmachata at redhat.com> - 2012f-1
- Fiji will start daylight savings at 2 am on Sunday 21st October 2012
and end at 3 am on Sunday 20th January 2013. Guess it will be like
that in following years as well.
- Tokelau is in time zone UTC+13, not UTC+14 (and always was)
--------------------------------------------------------------------------------
More information about the test
mailing list