The following Fedora 14 Security updates need testing:
https://admin.fedoraproject.org/updates/couchdb-1.0.2-1.fc14
https://admin.fedoraproject.org/updates/mediawiki-1.16.2-56.fc14
https://admin.fedoraproject.org/updates/xorg-x11-server-utils-7.5-5.fc14
https://admin.fedoraproject.org/updates/tor-0.2.1.29-1400.fc14
https://admin.fedoraproject.org/updates/openldap-2.4.23-10.fc14
https://admin.fedoraproject.org/updates/feh-1.10.1-1.fc14
https://admin.fedoraproject.org/updates/avahi-0.6.27-6.fc14
https://admin.fedoraproject.org/updates/libmodplug-0.8.8.2-1.fc14
https://admin.fedoraproject.org/updates/seamonkey-2.0.13-1.fc14
https://admin.fedoraproject.org/updates/proftpd-1.3.3e-1.fc14
https://admin.fedoraproject.org/updates/libtiff-3.9.5-1.fc14
https://admin.fedoraproject.org/updates/darktable-0.8-7.fc14.1,exiv2-0.21.1-1.fc14,geeqie-1.0-9.fc14.1,gipfel-0.3.2-7.fc14,gnome-commander-1.2.8.10-1.fc14.1,gpscorrelate-1.6.1-3.fc14,gthumb-2.12.2-1.fc14.2,hugin-2010.2.0-2.fc14,immix-1.3.2-10.fc14,kde-l10n-4.6.2-1.fc14.1,kdeaccessibility-4.6.2-1.fc14,kdeadmin-4.6.2-2.fc14,kdeartwork-4.6.2-1.fc14,kdebase-4.6.2-1.fc14,kdebase-runtime-4.6.2-1.fc14,kdebase-workspace-4.6.2-2.fc14,kdebindings-4.6.2-1.fc14,kdeedu-4.6.2-1.fc14,kdegames-4.6.2-1.fc14,kdegraphics-4.6.2-1.fc14,kdelibs-4.6.2-1.fc14,kdemultimedia-4.6.2-1.fc14,kdenetwork-4.6.2-1.fc14,kdepimlibs-4.6.2-1.fc14,kdeplasma-addons-4.6.2-1.fc14,kdesdk-4.6.2-1.fc14,kdetoys-4.6.2-1.fc14,kdeutils-4.6.2-1.fc14,koffice-2.3.3-1.fc14.1,kphotoalbum-4.1.1-8.fc14,krename-4.0.7-2.fc14,libextractor-0.6.2-1402.fc14,libgexiv2-0.2.2-2.fc14,merkaartor-0.17.2-2.fc14,oxygen-icon-theme-4.6.2-1.fc14,pyexiv2-0.3.0-1.fc14,qtpfsgui-1.9.3-6.fc14,rawstudio-2.0-0.1.fc14.beta1.1,shotwell-0.8.1-3.fc14,strigi-0.7.2-5.fc14.1,ufraw-0.18-2.fc14.1
https://admin.fedoraproject.org/updates/python-feedparser-5.0.1-1.fc14
https://admin.fedoraproject.org/updates/ikiwiki-3.20110328-1.fc14
https://admin.fedoraproject.org/updates/tmux-1.4-3.fc14
https://admin.fedoraproject.org/updates/fail2ban-0.8.4-27.fc14
The following Fedora 14 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/less-436-11.fc14
https://admin.fedoraproject.org/updates/python-ethtool-0.7-2.fc14
https://admin.fedoraproject.org/updates/libtiff-3.9.5-1.fc14
https://admin.fedoraproject.org/updates/nss-3.12.9-10.fc14
https://admin.fedoraproject.org/updates/pygtk2-2.17.0-8.fc14
https://admin.fedoraproject.org/updates/xorg-x11-drv-nouveau-0.0.16-14.20101010git8c8f15c.fc14
https://admin.fedoraproject.org/updates/dosfstools-3.0.9-6.fc14
https://admin.fedoraproject.org/updates/libimobiledevice-1.0.6-1.fc14
https://admin.fedoraproject.org/updates/libconcord-0.23-5.fc14,udev-161-9.fc14,concordance-0.23-2.fc14
https://admin.fedoraproject.org/updates/usbmuxd-1.0.7-1.fc14
https://admin.fedoraproject.org/updates/openldap-2.4.23-10.fc14
https://admin.fedoraproject.org/updates/avahi-0.6.27-6.fc14
https://admin.fedoraproject.org/updates/mobile-broadband-provider-info-1.20110218-1.fc14
https://admin.fedoraproject.org/updates/xorg-x11-drv-geode-2.11.11-4.fc14
The following builds have been pushed to Fedora 14 updates-testing
dexter-0.18-3.fc14
garmin-sync-0.3-4.fc14
hivex-1.2.5-1.fc14
klatexformula-3.2.3-2.fc14
less-436-11.fc14
libtiff-3.9.5-1.fc14
nss-3.12.9-10.fc14
oxygen-gtk-1.0.4-1.fc14
phonon-4.5.0-2.fc14
phonon-backend-gstreamer-4.5.0-1.fc14
pygtk2-2.17.0-8.fc14
python-ethtool-0.7-2.fc14
qt-4.7.2-8.fc14
rcrpanel-3.5-4.fc14
sssd-1.5.5-1.fc14
tigervnc-1.0.90-0.25.20100813svn4123.fc14
xtide-2.12-0.3.dev20101029.fc14
Details about builds:
================================================================================
dexter-0.18-3.fc14 (FEDORA-2011-5293)
Address Book that goes hand in hand with Postler
--------------------------------------------------------------------------------
Update Information:
Dexter is a very simple, easy to use address book, designed with the home user
in mind. This personal contact manager integrates with Postler, and can import
and export contacts in vCard format.
Dexter is a very simple, easy to use address book, designed with the home user
in mind. This personal contact manager integrates with Postler, and can import
and export contacts in vCard format.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #690953 - Review Request: dexter - A sexy, simple address book with
end users in mind
https://bugzilla.redhat.com/show_bug.cgi?id=690953
--------------------------------------------------------------------------------
================================================================================
garmin-sync-0.3-4.fc14 (FEDORA-2011-5306)
Download data from Garmin fitness computers
--------------------------------------------------------------------------------
Update Information:
Re-activate garmin-sync
garmin-sync was orphaned for F12, bring it back.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 12 2011 Tony Breeds <[email protected]> - 0.3-4
- Reactivate package for F13+
- Add patch from Launchpad to store cadence data
- Also address review feedback
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #541463 - Review Request: garmin-sync - Download data from Garmin
fitness computers
https://bugzilla.redhat.com/show_bug.cgi?id=541463
--------------------------------------------------------------------------------
================================================================================
hivex-1.2.5-1.fc14 (FEDORA-2011-5303)
Read and write Windows Registry binary hive files
--------------------------------------------------------------------------------
Update Information:
- New upstream version 1.2.5.
- This version fixes a number of important memory issues found by valgrind and
upgrading to this version is recommended for all users.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 13 2011 Richard W.M. Jones <[email protected]> - 1.2.5-1
- New upstream version 1.2.5.
- This version fixes a number of important memory issues found by
valgrind and upgrading to this version is recommended for all users.
- Remove patch now upstream.
* Tue Sep 7 2010 Dan Horák <dan[at]danny.cz> - 1.2.2-3
- conditionalize ocaml support
--------------------------------------------------------------------------------
================================================================================
klatexformula-3.2.3-2.fc14 (FEDORA-2011-5305)
Application for easy image creating from a LaTeX equation
--------------------------------------------------------------------------------
Update Information:
KLatexFormula 3.2.3
- corrected some typos
- minor bugfixes and enhancements
See changelog: http://klatexformula.sourceforge.net/klfwiki/index.php/Changelog
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 13 2011 Alexey Kurov <[email protected]> - 3.2.3-2
- require qt4 version used at build time
* Wed Apr 13 2011 Alexey Kurov <[email protected]> - 3.2.3-1
- update to 3.2.3
* Mon Feb 7 2011 Fedora Release Engineering <[email protected]>
- 3.2.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
less-436-11.fc14 (FEDORA-2011-5296)
A text file browser similar to more, but better
--------------------------------------------------------------------------------
Update Information:
[one-liner patch]
Fix regression described in Bug 638312 Comment 12.
Don't convert files with UTF-16/UTF-32 string in filename.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 13 2011 Vojtech Vitek (V-Teq) <[email protected]> - 436-11
- Don't convert files with UTF-16/UTF-32 string in filename
Resolve: #638312
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #638312 - RFE: [patch] allow less to display utf-16 text files
https://bugzilla.redhat.com/show_bug.cgi?id=638312
--------------------------------------------------------------------------------
================================================================================
libtiff-3.9.5-1.fc14 (FEDORA-2011-5304)
Library of functions for manipulating TIFF format image files
--------------------------------------------------------------------------------
Update Information:
Update to libtiff 3.9.5, incorporating all our previous patches plus other
fixes, notably the fix for CVE-2009-5022
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 12 2011 Tom Lane <[email protected]> 3.9.5-1
- Update to libtiff 3.9.5, incorporating all our previous patches plus other
fixes, notably the fix for CVE-2009-5022
Related: #695885
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #695885 - CVE-2009-5022 libtiff ojpeg buffer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=695885
[ 2 ] Bug #695887 - CVE-2010-4665 libtiff tiffdump integer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=695887
--------------------------------------------------------------------------------
================================================================================
nss-3.12.9-10.fc14 (FEDORA-2011-5287)
Network Security Services
--------------------------------------------------------------------------------
Update Information:
The PEM module implements its debug logging in top of NSPR calls. That fixes
crashes on debug builds that occurred when the PEM module invoked as a regular
user tried to update a log file that had been created by root. rhbz #695011
Update an expired test certificate with a longer lived one.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 11 2011 Elio Maldonado <[email protected]> - 3.12.9-10
- Implement PEM logging using NSPR's own (#695011)
- Update the expired PayPalEE test certificate to one good until April 1, 2013
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #695011 - PEM module's segfaults on debug builds when logging file
was created by root
https://bugzilla.redhat.com/show_bug.cgi?id=695011
--------------------------------------------------------------------------------
================================================================================
oxygen-gtk-1.0.4-1.fc14 (FEDORA-2011-5291)
Oxygen GTK theme
--------------------------------------------------------------------------------
Update Information:
new upstream bugfix release
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 12 2011 Rex Dieter <[email protected]> 1.0.4-1
- 1.0.4
* Mon Mar 14 2011 Rex Dieter <[email protected]> 1.0.3-1
- 1.0.3
--------------------------------------------------------------------------------
================================================================================
phonon-4.5.0-2.fc14 (FEDORA-2011-5285)
Multimedia framework api
--------------------------------------------------------------------------------
Update Information:
New upstream qt, phonon releases.
See also:
http://labs.qt.nokia.com/2011/03/01/qt-4-7-2-has-been-released/
http://qt.nokia.com/developer/changes/changes-4.7.2/
http://apachelog.wordpress.com/2011/03/25/introducing-phonon-4-5-0/
http://wm161.net/2011/04/10/phonon-gstreamer-4-5-0/
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 8 2011 Rex Dieter <[email protected]> 4.5.0-2
- avoid Conflicts with judicious (Build)Requires: qt4(-devel) instead
* Fri Mar 25 2011 Rex Dieter <[email protected]> 4.5.0-1
- phonon-4.5.0
- qt-designer-plugin-phonon moved here (from qt)
* Wed Feb 9 2011 Fedora Release Engineering <[email protected]>
- 4.4.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #667175 - libQtWebKit.so has no debug info
https://bugzilla.redhat.com/show_bug.cgi?id=667175
[ 2 ] Bug #696011 - Update Error
https://bugzilla.redhat.com/show_bug.cgi?id=696011
--------------------------------------------------------------------------------
================================================================================
phonon-backend-gstreamer-4.5.0-1.fc14 (FEDORA-2011-5285)
Gstreamer phonon backend
--------------------------------------------------------------------------------
Update Information:
New upstream qt, phonon releases.
See also:
http://labs.qt.nokia.com/2011/03/01/qt-4-7-2-has-been-released/
http://qt.nokia.com/developer/changes/changes-4.7.2/
http://apachelog.wordpress.com/2011/03/25/introducing-phonon-4-5-0/
http://wm161.net/2011/04/10/phonon-gstreamer-4-5-0/
--------------------------------------------------------------------------------
ChangeLog:
* Sun Apr 10 2011 Rex Dieter <[email protected]> 2:4.5.0-1
- 4.5.0
* Tue Feb 15 2011 Rex Dieter <[email protected]> 2:4.4.4-3
- upstream patch for better(working) dvd playback
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #667175 - libQtWebKit.so has no debug info
https://bugzilla.redhat.com/show_bug.cgi?id=667175
[ 2 ] Bug #696011 - Update Error
https://bugzilla.redhat.com/show_bug.cgi?id=696011
--------------------------------------------------------------------------------
================================================================================
pygtk2-2.17.0-8.fc14 (FEDORA-2011-5290)
Python bindings for GTK+
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 12 2011 Christopher Aillon <[email protected]> - 2.17.0-8
- Reduce wakeups
- Fix a 100% CPU issue
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #660137 - 100% CPU usage with Python + twisted framework using
glib2 or gtk2 reactors
https://bugzilla.redhat.com/show_bug.cgi?id=660137
--------------------------------------------------------------------------------
================================================================================
python-ethtool-0.7-2.fc14 (FEDORA-2011-5307)
Ethernet settings python bindings
--------------------------------------------------------------------------------
Update Information:
Fixed several memory leak issues and NETLINK socket issues which could
cause SELinux to report AVC if python-ethtool is used with scripts
which forks out sub-processes. Also added man pages for
pethtool and pifconfig. (This is a re-push, with man pages included for real).
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 13 2011 David Sommerseth <[email protected]> - 0.7-2
- Fixed missing man page packaging
* Mon Apr 11 2011 David Sommerseth <[email protected]> - 0.7-1
- Fixed several memory leaks (commit aa2c20e697af, abc7f912f66d)
- Improved error checking towards NULL values(commit 4e928d62a8e3)
- Fixed typo in pethtool --help (commit 710766dc722)
- Only open a NETLINK connection when needed (commit 508ffffbb3c)
- Added man page for pifconfig and pethtool (commit 9f0d17aa532, rhbz#638475)
- Force NETLINK socket to close on fork() using FD_CLOEXEC (commit 1680cbeb40e)
* Tue Feb 8 2011 Fedora Release Engineering <[email protected]>
- 0.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #638475 - python-ethtool is missing man pages
https://bugzilla.redhat.com/show_bug.cgi?id=638475
[ 2 ] Bug #689843 - Python ethtool opens NETLINK_ROUTE when loaded which
causes leaked descriptor
https://bugzilla.redhat.com/show_bug.cgi?id=689843
--------------------------------------------------------------------------------
================================================================================
qt-4.7.2-8.fc14 (FEDORA-2011-5285)
Qt toolkit
--------------------------------------------------------------------------------
Update Information:
New upstream qt, phonon releases.
See also:
http://labs.qt.nokia.com/2011/03/01/qt-4-7-2-has-been-released/
http://qt.nokia.com/developer/changes/changes-4.7.2/
http://apachelog.wordpress.com/2011/03/25/introducing-phonon-4-5-0/
http://wm161.net/2011/04/10/phonon-gstreamer-4-5-0/
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 1 2011 Rex Dieter <[email protected]> 1:4.7.2-8
- -devel-private: qt-creator/QmlDesigner requires qt private headers (#657498)
* Fri Mar 25 2011 Rex Dieter <[email protected]> 1:4.7.2-7
- followup patch for QTBUG-18338, blacklist fraudulent SSL certifcates
* Fri Mar 25 2011 Rex Dieter <[email protected]> 1:4.7.2-6
- drop qt-designer-plugin-phonon
* Fri Mar 25 2011 Than Ngo <[email protected]> - 1:4.7.2-5
- apply patch to fix QTBUG-18338, blacklist fraudulent SSL certifcates
* Tue Mar 22 2011 Jaroslav Reznik <[email protected]> 1:4.7.2-4
- rebuild (mysql)
* Fri Mar 11 2011 Dan Horák <dan[at]danny.cz> 1:4.7.2-3
- workaround memory exhaustion during linking of libQtWebKit on s390
* Mon Mar 7 2011 Jaroslav Reznik <[email protected]> 1:4.7.2-2
- Fix QNetworkConfigurationManager crash due to null private pointer (#682656)
* Tue Mar 1 2011 Jaroslav Reznik <[email protected]> 1:4.7.2-1
- 4.7.2
* Wed Feb 23 2011 Rex Dieter <[email protected]> 1:4.7.1-18
- libQtWebKit.so has no debug info (#667175)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #667175 - libQtWebKit.so has no debug info
https://bugzilla.redhat.com/show_bug.cgi?id=667175
[ 2 ] Bug #696011 - Update Error
https://bugzilla.redhat.com/show_bug.cgi?id=696011
--------------------------------------------------------------------------------
================================================================================
rcrpanel-3.5-4.fc14 (FEDORA-2011-5302)
Lay out front panel for electronics project
--------------------------------------------------------------------------------
Update Information:
Updates URLs in specfile.
The only ser-visible change is to yum info
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 13 2011 John McDonough <[email protected]> - 3.5-4
- Update web locations to new server
* Wed Feb 9 2011 Fedora Release Engineering <[email protected]>
- 3.5-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
sssd-1.5.5-1.fc14 (FEDORA-2011-5295)
System Security Services Daemon
--------------------------------------------------------------------------------
Update Information:
* Tue Apr 12 2011 Stephen Gallagher <[email protected]> - 1.5.5-1
- New upstream release 1.5.5
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.5
- Fixes for several crash bugs
- LDAP group lookups will no longer abort if there is a zero-length member
- attribute
- Add automatic fallback to 'cn' if the 'gecos' attribute does not exist
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 12 2011 Stephen Gallagher <[email protected]> - 1.5.5-1
- New upstream release 1.5.5
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.5
- Fixes for several crash bugs
- LDAP group lookups will no longer abort if there is a zero-length member
- attribute
- Add automatic fallback to 'cn' if the 'gecos' attribute does not exist
--------------------------------------------------------------------------------
================================================================================
tigervnc-1.0.90-0.25.20100813svn4123.fc14 (FEDORA-2011-5301)
A TigerVNC remote display system
--------------------------------------------------------------------------------
Update Information:
This update fixes following issues:
* there might have been screen artifacts after dragging windows to left.
(BZ#652590)
* /etc/sysconfig/vncservers referred to inaccessible content. (BZ#644975)
* vncviewer incorrectly calculated if scrollbars are needed. (BZ#670993)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 13 2011 Adam Tkac <atkac redhat com> 1.0.90-0.25.20100420svn4030
- fix wrong usage of memcpy which caused screen artifacts (#652590)
- don't point to inaccessible link in sysconfig/vncservers (#644975)
- improve code in vncviewer which decides if scrollbars are needed (#670993)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #652590 - Display artifacts when dragging windows left
https://bugzilla.redhat.com/show_bug.cgi?id=652590
[ 2 ] Bug #644975 - vncservers refers users to inaccessible content
https://bugzilla.redhat.com/show_bug.cgi?id=644975
[ 3 ] Bug #670993 - Tigervnc covers bottom of screen with scroll bar if only
one scroll bar turned on
https://bugzilla.redhat.com/show_bug.cgi?id=670993
--------------------------------------------------------------------------------
================================================================================
xtide-2.12-0.3.dev20101029.fc14 (FEDORA-2011-5297)
Calculate tide all over the world
--------------------------------------------------------------------------------
Update Information:
Harmonics data is upgraded to 20110410.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 12 2011 Mamoru Tasaka <[email protected]> -
2.12-0.3.dev20101029
- Update dwf data to 20110410
--------------------------------------------------------------------------------
--
test mailing list
[email protected]
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
