Fedora 16 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Wed Jan 23 02:13:01 UTC 2013
The following Fedora 16 Security updates need testing:
Age URL
10 https://admin.fedoraproject.org/updates/FEDORA-2013-0723/thunderbird-17.0.2-1.fc16
42 https://admin.fedoraproject.org/updates/FEDORA-2012-20157/libproxy-0.4.11-1.fc16
123 https://admin.fedoraproject.org/updates/FEDORA-2012-14452/bacula-5.0.3-33.fc16
4 https://admin.fedoraproject.org/updates/FEDORA-2013-0915/moodle-2.1.10-1.fc16
6 https://admin.fedoraproject.org/updates/FEDORA-2013-0896/rubygem-rack-1.3.0-3.fc16
2 https://admin.fedoraproject.org/updates/FEDORA-2013-1130/php-symfony2-Yaml-2.0.22-1.fc16
0 https://admin.fedoraproject.org/updates/FEDORA-2013-1233/rhncfg-5.10.36-1.fc16
41 https://admin.fedoraproject.org/updates/FEDORA-2012-20236/rssh-2.3.4-1.fc16
0 https://admin.fedoraproject.org/updates/FEDORA-2013-1257/libexif-0.6.21-2.fc16
0 https://admin.fedoraproject.org/updates/FEDORA-2013-1274/xen-4.1.4-3.fc16
0 https://admin.fedoraproject.org/updates/FEDORA-2013-1289/jakarta-commons-httpclient-3.1-12.fc16
4 https://admin.fedoraproject.org/updates/FEDORA-2013-0934/qemu-0.15.1-9.fc16
201 https://admin.fedoraproject.org/updates/FEDORA-2012-10314/revelation-0.4.14-1.fc16
121 https://admin.fedoraproject.org/updates/FEDORA-2012-14654/tor-0.2.2.39-1600.fc16
10 https://admin.fedoraproject.org/updates/FEDORA-2013-0633/perl-5.14.3-205.fc16
6 https://admin.fedoraproject.org/updates/FEDORA-2013-0835/seamonkey-2.15-1.fc16
13 https://admin.fedoraproject.org/updates/FEDORA-2012-19347/cups-1.5.4-12.fc16
0 https://admin.fedoraproject.org/updates/FEDORA-2013-1301/ndjbdns-1.05.6-1.fc16
13 https://admin.fedoraproject.org/updates/FEDORA-2013-0270/qt-4.8.4-6.fc16
6 https://admin.fedoraproject.org/updates/FEDORA-2013-0894/ettercap-0.7.5-3.fc16.1.20120906gitc796e5
4 https://admin.fedoraproject.org/updates/FEDORA-2013-0935/samba4-4.0.0-39.alpha16.fc16
2 https://admin.fedoraproject.org/updates/FEDORA-2013-0468/proftpd-1.3.4b-5.fc16
2 https://admin.fedoraproject.org/updates/FEDORA-2013-0992/asterisk-1.8.20.0-1.fc16
2 https://admin.fedoraproject.org/updates/FEDORA-2013-1122/drupal6-6.28-1.fc16
2 https://admin.fedoraproject.org/updates/FEDORA-2013-1092/drupal7-7.19-1.fc16
The following Fedora 16 Critical Path updates have yet to be approved:
Age URL
0 https://admin.fedoraproject.org/updates/FEDORA-2013-1257/libexif-0.6.21-2.fc16
10 https://admin.fedoraproject.org/updates/FEDORA-2013-0723/thunderbird-17.0.2-1.fc16
10 https://admin.fedoraproject.org/updates/FEDORA-2013-0632/perl-5.14.3-204.fc16
13 https://admin.fedoraproject.org/updates/FEDORA-2013-0270/qt-4.8.4-6.fc16
267 https://admin.fedoraproject.org/updates/FEDORA-2012-6994/upower-0.9.16-1.fc16
The following builds have been pushed to Fedora 16 updates-testing
jakarta-commons-httpclient-3.1-12.fc16
kwebkitpart-1.3.1-1.fc16
libexif-0.6.21-2.fc16
libmateweather-1.5.1-1.fc16
mate-notification-daemon-1.5.1-1.fc16
mate-panel-1.5.4-1.fc16
mate-terminal-1.5.0-1.fc16
mozilla-https-everywhere-3.1.3-1.fc16
ndjbdns-1.05.6-1.fc16
nec2c-0.9-1.fc16
rhncfg-5.10.36-1.fc16
safekeep-1.4.1-1.fc16
wine-1.5.22-1.fc16
xen-4.1.4-3.fc16
xnec2c-2.1-1.beta.fc16
Details about builds:
================================================================================
jakarta-commons-httpclient-3.1-12.fc16 (FEDORA-2013-1289)
Jakarta Commons HTTPClient implements the client side of HTTP standards
--------------------------------------------------------------------------------
Update Information:
This update fixes a security vulnerability that caused jakarta-commons-httpclient not to verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allowed man-in-the-middle attackers to spoof SSL servers via andaarbitrary valid certificate (CVE-2012-5783).
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 21 2013 Mikolaj Izdebski <mizdebsk at redhat.com> - 1:3.1-12
- Add missing connection hostname check against X.509 certificate name
- Resolves: CVE-2012-5783
* Thu Nov 1 2012 Mikolaj Izdebski <mizdebsk at redhat.com> - 1:3.1-11
- Add maven POM
* Thu Sep 20 2012 Mikolaj Izdebski <mizdebsk at redhat.com> - 1:3.1-10
- Fix license tag
* Thu Sep 20 2012 Mikolaj Izdebski <mizdebsk at redhat.com> - 1:3.1-9
- Install LICENSE and NOTICE files
- Add missing R: java, jpackage-utils
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1:3.1-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Sun Jan 22 2012 Andy Grimm <agrimm at gmail.com> - 1:3.1-7
- Fix character encoding
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1:3.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #873317 - CVE-2012-5783 jakarta-commons-httpclient: missing connection hostname check against X.509 certificate name
https://bugzilla.redhat.com/show_bug.cgi?id=873317
--------------------------------------------------------------------------------
================================================================================
kwebkitpart-1.3.1-1.fc16 (FEDORA-2013-1211)
A KPart based on QtWebKit
--------------------------------------------------------------------------------
Update Information:
New stable/bugfix release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 3 2013 Rex Dieter <rdieter at fedoraproject.org> 1.3.1-1
- 1.3.1
--------------------------------------------------------------------------------
================================================================================
libexif-0.6.21-2.fc16 (FEDORA-2013-1257)
Library for extracting extra information from image files
--------------------------------------------------------------------------------
Update Information:
A security bugfix release.
A security bugfix release.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 21 2013 Petr Šabata <contyk at redhat.com> - 0.6.21-2
- Old build GC'd before pushed into testing
* Fri Jul 13 2012 Petr Šabata <contyk at redhat.com> - 0.6.21-1
- 0.6.21 bump
- A security bugfixing release (CVE-2012-2812, CVE-2012-2813, CVE-2012-2814,
CVE-2012-2836, CVE-2012-2837, CVE-2012-2840, CVE-2012-2841 & CVE-2012-2845)
- Drop the pre-generated docs and introduce a doc subpackage
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #839182 - CVE-2012-2813 libexif: "exif_convert_utf16_to_utf8()" heap-based out-of-bounds array read
https://bugzilla.redhat.com/show_bug.cgi?id=839182
[ 2 ] Bug #839183 - CVE-2012-2814 libexif: "exif_entry_format_value()" buffer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=839183
[ 3 ] Bug #839184 - CVE-2012-2836 libexif: "exif_data_load_data()" heap-based out-of-bounds array read
https://bugzilla.redhat.com/show_bug.cgi?id=839184
[ 4 ] Bug #839185 - CVE-2012-2837 libexif: "mnote_olympus_entry_get_value()" division by zero
https://bugzilla.redhat.com/show_bug.cgi?id=839185
[ 5 ] Bug #839188 - CVE-2012-2840 libexif: "exif_convert_utf16_to_utf8()" off-by-one
https://bugzilla.redhat.com/show_bug.cgi?id=839188
[ 6 ] Bug #839189 - CVE-2012-2841 libexif: "exif_entry_get_value()" integer underflow
https://bugzilla.redhat.com/show_bug.cgi?id=839189
[ 7 ] Bug #839203 - CVE-2012-2812 libexif: "exif_entry_get_value()" heap-based out-of-bounds array read
https://bugzilla.redhat.com/show_bug.cgi?id=839203
--------------------------------------------------------------------------------
================================================================================
libmateweather-1.5.1-1.fc16 (FEDORA-2013-1182)
Libraries to allow MATE Desktop to display weather information
--------------------------------------------------------------------------------
Update Information:
update to latest upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 20 2013 Dan Mashal <dan.mashal at fedoraproject.org> 1.5.1-1
- Update to latest release
- Update configure flags
--------------------------------------------------------------------------------
================================================================================
mate-notification-daemon-1.5.1-1.fc16 (FEDORA-2013-1275)
Notification daemon for MATE Desktop
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jan 20 2013 Dan Mashal <dan.mashal at fedoraproject.org> - 1.5.1-1
- Update to 1.5.1 release
- Update configure flags
- Update icon scriptlets
- Switch back to old BR style
- Sort BR's in alphabetical order
- Remove explicit variable for libtool in make
--------------------------------------------------------------------------------
================================================================================
mate-panel-1.5.4-1.fc16 (FEDORA-2013-1246)
MATE Desktop panel applets
--------------------------------------------------------------------------------
Update Information:
Latest upstream release.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jan 20 2013 Dan Mashal <dan.mashal at fedoraproject.org> - 1.5.4-1
- Update to latest upstream release
- Convert back to old BR style and sort BRs
--------------------------------------------------------------------------------
================================================================================
mate-terminal-1.5.0-1.fc16 (FEDORA-2013-1225)
Terminal emulator for MATE
--------------------------------------------------------------------------------
Update Information:
update to latest upstream release
--------------------------------------------------------------------------------
================================================================================
mozilla-https-everywhere-3.1.3-1.fc16 (FEDORA-2013-1205)
HTTPS/HSTS enforcement extension for Mozilla Firefox and SeaMonkey
--------------------------------------------------------------------------------
Update Information:
* Fixes: CloudFront/Spotify, AmazonAWS (Amazon MP3s
and product images), Libav, Google Maps, UserEcho
https://trac.torproject.org/projects/tor/ticket/7931
https://trac.torproject.org/projects/tor/ticket/7888
https://trac.torproject.org/projects/tor/ticket/7594
https://trac.torproject.org/projects/tor/ticket/7539
https://trac.torproject.org/projects/tor/ticket/7698
* Disable broken: Coursera, EBay, Etsy, OpenOffice,
Ping.fm, Pinterest :(
https://trac.torproject.org/projects/tor/ticket/7336
https://trac.torproject.org/projects/tor/ticket/7825
https://trac.torproject.org/projects/tor/ticket/7774
https://trac.torproject.org/projects/tor/ticket/7695
https://trac.torproject.org/projects/tor/ticket/7777
https://trac.torproject.org/projects/tor/ticket/7865
* Update cert whitelist
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 21 2013 Russell Golden <niveusluna at niveusluna.org> - 3.1.3-1
- Internet Freedom Day stable bugfix release
- Fixes: CloudFront/Spotify, AmazonAWS (Amazon MP3s and product images), Libav,
Google Maps, UserEcho
https://trac.torproject.org/projects/tor/ticket/7931
https://trac.torproject.org/projects/tor/ticket/7888
https://trac.torproject.org/projects/tor/ticket/7594
https://trac.torproject.org/projects/tor/ticket/7539
https://trac.torproject.org/projects/tor/ticket/7698
- Disable broken: Coursera, EBay, Etsy, OpenOffice, Ping.fm, Pinterest :(
https://trac.torproject.org/projects/tor/ticket/7336
https://trac.torproject.org/projects/tor/ticket/7825
https://trac.torproject.org/projects/tor/ticket/7774
https://trac.torproject.org/projects/tor/ticket/7695
https://trac.torproject.org/projects/tor/ticket/7777
https://trac.torproject.org/projects/tor/ticket/7865
- Update cert whitelist
--------------------------------------------------------------------------------
================================================================================
ndjbdns-1.05.6-1.fc16 (FEDORA-2013-1301)
New djbdns: usable djbdns
--------------------------------------------------------------------------------
Update Information:
This update fixes a security issue - https://bugzilla.redhat.com/show_bug.cgi?id=838761.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 14 2013 pjp <pj.pandit at yahoo.co.in> - 1.05.6-1
- Updated SysV scripts according to the packaging guidelines.
- Disabled system services by default, registerd all.
patch from: Simone Caronni <negativo17 at gmail.com>
- Built rbldns & rbldns-data tools.
- Added systemd unit and Sys-v init files for rbldns server.
- Few minor changes to fix regressions, define uint32 type etc.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #838761 - ndjbdns vulnerable to cve-2012-1191 (ghost domain attack)
https://bugzilla.redhat.com/show_bug.cgi?id=838761
--------------------------------------------------------------------------------
================================================================================
nec2c-0.9-1.fc16 (FEDORA-2013-1192)
Translation of NEC2 antenna modeling tool from FORTRAN to C
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jan 19 2013 Richard Shaw <hobbes1069 at gmail.com> - 0.9-1
- Update to latest upstream release.
- Add man page for nec2c.
* Fri Jul 20 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.8-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.8-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rhncfg-5.10.36-1.fc16 (FEDORA-2013-1233)
Red Hat Network Configuration Client Libraries
--------------------------------------------------------------------------------
Update Information:
Closing CVE-2012-2679
--------------------------------------------------------------------------------
ChangeLog:
* Tue Oct 30 2012 Jan Pazdziora 5.10.36-1
- Update the copyright year.
- fix for bz#869626 use st_mode, st_uid of dst Signed-off-by: Paresh Mutha
<pmutha at redhat.com>
* Mon Oct 22 2012 Jan Pazdziora 5.10.35-1
- Revert "Revert "Revert "get_server_capability() is defined twice in osad and
rhncfg, merge and move to rhnlib and make it member of rpclib.Server"""
* Tue Aug 7 2012 Tomas Kasparek <tkasparek at redhat.com> 5.10.34-1
- 840250 - If there's symlink in file deployment path it will be created
* Mon Jul 9 2012 Michael Mraka <michael.mraka at redhat.com> 5.10.33-1
- check symlink not target file existence
* Thu Jun 28 2012 Michael Mraka <michael.mraka at redhat.com> 5.10.32-1
- 765816 - value of selinux context is important
* Mon Jun 4 2012 Stephen Herr <sherr at redhat.com> 5.10.31-1
- 824707 - make /var/log/rhncfg-actions have 600 permissions
* Fri Jun 1 2012 Stephen Herr <sherr at redhat.com> 5.10.30-1
- 824707 - rhncfg-actions should not log the diff of files that are not
readable by all
- %defattr is not needed since rpm 4.4
* Mon May 14 2012 Michael Mraka <michael.mraka at redhat.com> 5.10.29-1
- 820517 - fixed command synopsis
- 805449 - honor rhncfg-specific settings
* Thu Mar 8 2012 Miroslav Suchý 5.10.28-1
- accept server name without protocol
* Fri Mar 2 2012 Jan Pazdziora 5.10.27-1
- Update the copyright year info.
* Thu Feb 23 2012 Michael Mraka <michael.mraka at redhat.com> 5.10.26-1
- we are now just GPL
* Sun Jan 15 2012 Aron Parsons <aronparsons at gmail.com> 5.10.25-1
- add a --disable-selinux option to 'rhncfg-manager upload-channel'
(aronparsons at gmail.com)
* Wed Dec 21 2011 Milan Zazrivec <mzazrivec at redhat.com> 5.10.24-1
- update copyright info
* Wed Dec 14 2011 Jan Pazdziora 5.10.23-1
- Fixing SyntaxError: ('invalid syntax', ...
* Tue Dec 13 2011 Miroslav Suchý 5.10.22-1
- 765816 - Added the option --selinux-context to rhncfg-manager which allows to
overwrite the SELinux context from a file (mmello at redhat.com)
* Wed Nov 30 2011 Miroslav Suchý 5.10.21-1
- handle fs objects without selinux context correctly
* Mon Nov 21 2011 Michael Mraka <michael.mraka at redhat.com> 5.10.20-1
- 627490 - fixed cross device symlink backup
* Mon Oct 24 2011 Jan Pazdziora 5.10.19-1
- 743121 - don't report differences containing invalid UTF-8
(mzazrivec at redhat.com)
* Wed Oct 19 2011 Milan Zazrivec <mzazrivec at redhat.com> 5.10.18-1
- 743424 - rhncfg-client diff: do not fail when not a valid symlink
* Mon Oct 10 2011 Jan Pazdziora 5.10.17-1
- 743424 - rhncfg-client diff: don't traceback on missing symlink
(mzazrivec at redhat.com)
* Thu Sep 29 2011 Miroslav Suchý 5.10.16-1
- add save_traceback even into this branch
* Fri Sep 23 2011 Martin Minar <mminar at redhat.com> 5.10.15-1
- Fix `rhncfg-client verify' traceback for missing symlinks
(Joshua.Roys at gtri.gatech.edu)
* Thu Aug 18 2011 Michael Mraka <michael.mraka at redhat.com> 5.10.14-1
- 731284 - is_selinux_enabled is not defined on RHEL4
* Fri Aug 12 2011 Miroslav Suchý 5.10.13-1
- add proto, server_name and server_list to local_config overrides
- None has not iteritems() method
* Thu Aug 11 2011 Miroslav Suchý 5.10.12-1
- True and False constants are defined since python 2.4
- do not mask original error by raise in execption
* Thu Aug 4 2011 Jan Pazdziora 5.10.11-1
- 508936 - rhn-actions-control honor the allowed-actions/scripts/run for remote
commands (mmello at redhat.com)
* Mon Aug 1 2011 Miroslav Suchý 5.10.10-1
- get server_name from config only if it was not set on command line
- remove rhn_rpc.py
* Fri Jul 15 2011 Miroslav Suchý 5.10.9-1
- optparse is here since python 2.3 - remove optik (msuchy at redhat.com)
* Thu Jun 16 2011 Jan Pazdziora 5.10.8-1
- Creating the /var/spool/rhn in %build
LANG=C
export LANG
unset DISPLAY
.
* Thu Jun 16 2011 Jan Pazdziora 5.10.7-1
- temp script file customizable dedicated directory (matteo.sessa at dbmsrl.com)
* Tue May 31 2011 Jan Pazdziora 5.10.6-1
- Fix python import (matteo.sessa at dbmsrl.com)
* Tue May 10 2011 Jan Pazdziora 5.10.5-1
- remove unused import, fix indentation and a minor typo (iartarisi at suse.cz)
- fix usage documentation messages for topdir and dest-file (iartarisi at suse.cz)
* Fri May 6 2011 Jan Pazdziora 5.10.4-1
- 702524 - Fixed python traceback when deploying a file with permission set to
000 (mmello at redhat.com)
* Fri Apr 29 2011 Jan Pazdziora 5.10.3-1
- 699966 - added --ignore-missing option in rhncfg-manager to ignore missing
local files when adding or uploading files (mmello at redhat.com)
* Fri Apr 15 2011 Jan Pazdziora 5.10.2-1
- add missing directories to filelist (mc at suse.de)
- build rhncfg build on SUSE (mc at suse.de)
- 683200 - ca is now unicode, check for basestring, which is parent for both
str and unicode type (msuchy at redhat.com)
- 683200 - set the protocol correctly (msuchy at redhat.com)
- 683200 - server_name and server_list should contain just hostname, not url
(msuchy at redhat.com)
- 683200 - if value is int ConfigParser fails with interpolation
(msuchy at redhat.com)
- 683200 - variable %proto is not used in up2date_cfg (msuchy at redhat.com)
- removing .rhncfgrc - it is not packed, probably forgotten for long time
(msuchy at redhat.com)
- add () if you want to get result of function (msuchy at redhat.com)
* Wed Apr 13 2011 Miroslav Suchý 5.10.1-1
- bump up version (msuchy at redhat.com)
* Wed Apr 13 2011 Miroslav Suchý 5.9.55-1
- code cleanup
* Wed Apr 13 2011 Miroslav Suchý 5.9.54-1
- dead code - module up2date_config_parser is not used any more
- dead code - get_up2date_config() is not used any more
- 695723, 683200 - use up2date_client.config instead of own parser
(utils.get_up2date_config)
* Mon Apr 11 2011 Michael Mraka <michael.mraka at redhat.com> 5.9.53-1
- fixed moved imports
- don't make link target absolute
- 683264 - fixed extraneous directory creation via rhncfg-manager
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #832037 - CVE-2012-2679 rhncfg: Insecure permissions used for /var/log/rhncfg-actions file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=832037
--------------------------------------------------------------------------------
================================================================================
safekeep-1.4.1-1.fc16 (FEDORA-2013-1279)
The SafeKeep backup system
--------------------------------------------------------------------------------
Update Information:
Upgrade to new upstream version.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jan 19 2013 Frank Crawford <frank at crawford.emu.id.au> 1.4.1-1
- Latest upstream release
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.4.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
wine-1.5.22-1.fc16 (FEDORA-2012-21114)
A compatibility layer for windows applications
--------------------------------------------------------------------------------
Update Information:
1.5.22
* New version of the Gecko engine.
* Fixes for RTL text in Uniscribe.
* Various bug fixes.
1.5.21
* Beginnings of a netstat built-in program.
* Support for selecting resolution in the PostScript driver.
* Various bug fixes.
1.5.20
* A bunch of dlls with ugly names for API sets support.
* More ATL functions implemented.
* Still more C++ runtime functions.
* Several text rendering fixes.
* PostScript driver improvements.
* Various bug fixes.
1.5.19
* Performance improvements in the DIB engine.
* More fleshed out XML-lite implementation.
* Some more C++ runtime functions.
* Various bug fixes.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jan 19 2013 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
- 1.5.22-1
- version upgrade
- upgraded winepulse
- wine gecko 1.9
* Sun Jan 6 2013 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
- 1.5.21-1
- version upgrade
* Fri Dec 28 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
- 1.5.20-1
- version upgrade
- upgraded winepulse
* Sun Dec 9 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
- 1.5.19-1
- version upgrade
- upgraded winepulse
--------------------------------------------------------------------------------
================================================================================
xen-4.1.4-3.fc16 (FEDORA-2013-1274)
Xen is a virtual machine monitor
--------------------------------------------------------------------------------
Update Information:
Buffer overflow when processing large packets in qemu e1000 device
driver [XSA-41, CVE-2012-6075], fix a bug introduced by fix for XSA-27
VT-d interrupt remapping source validation flaw [XSA-33,CVE-2012-5634]
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 17 2013 Michael Young <m.a.young at durham.ac.uk> - 4.1.4-3
- Buffer overflow when processing large packets in qemu e1000 device
driver [XSA-41, CVE-2012-6075]
- fix a bug introduced by fix for XSA-27
* Sat Jan 12 2013 Michael Young <m.a.young at durham.ac.uk> - 4.1.4-2
- VT-d interrupt remapping source validation flaw [XSA-33,
CVE-2012-5634] (#893568)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #886959 - CVE-2012-5634 kernel: xen: VT-d interrupt remapping source validation flaw
https://bugzilla.redhat.com/show_bug.cgi?id=886959
--------------------------------------------------------------------------------
================================================================================
xnec2c-2.1-1.beta.fc16 (FEDORA-2013-1192)
GTK based graphical wrapper for nec2c
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 3 2013 Richard Shaw <hobbes1069 at gmail.com> - 2.1-1.beta
- Update to latest upstream release.
* Sun Jul 22 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.5-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.5-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Wed Dec 7 2011 Randall J. Berry, N3LRX <dp67 at fedoraproject.org> - 1.5-3
- linker error in build added libm.so
* Tue Dec 6 2011 Adam Jackson <ajax at redhat.com> - 1.5-2
- Rebuild for new libpng
--------------------------------------------------------------------------------
More information about the test
mailing list