The following Fedora 17 Security updates need testing:
Age URL
13
https://admin.fedoraproject.org/updates/FEDORA-2012-14344/phpldapadmin-1.2.2-3.gitbbedf1.fc17
13 https://admin.fedoraproject.org/updates/FEDORA-2012-14347/pcp-3.6.8-1.fc17
4
https://admin.fedoraproject.org/updates/FEDORA-2012-14953/dracut-018-105.git20120927.fc17
85
https://admin.fedoraproject.org/updates/FEDORA-2012-10391/bcfg2-1.2.3-1.fc17
57
https://admin.fedoraproject.org/updates/FEDORA-2012-11485/dokuwiki-0-0.12.20120125.b.fc17
88
https://admin.fedoraproject.org/updates/FEDORA-2012-10269/revelation-0.4.14-1.fc17
14
https://admin.fedoraproject.org/updates/FEDORA-2012-13075/openstack-keystone-2012.1.2-4.fc17
0 https://admin.fedoraproject.org/updates/FEDORA-2012-15194/qt-4.8.2-7.fc17
27
https://admin.fedoraproject.org/updates/FEDORA-2012-13322/python-django-horizon-2012.1.1-2.fc17
8
https://admin.fedoraproject.org/updates/FEDORA-2012-14650/tor-0.2.2.39-1700.fc17
7
https://admin.fedoraproject.org/updates/FEDORA-2012-14717/openjpeg-1.4-14.fc17
6
https://admin.fedoraproject.org/updates/FEDORA-2012-14770/automake17-1.7.9-16.fc17
The following Fedora 17 Critical Path updates have yet to be approved:
Age URL
The following builds have been pushed to Fedora 17 updates-testing
cabal-rpm-0.6.4-1.fc17
eclipse-vrapper-0.22.0-1.fc17
febootstrap-3.20-1.fc17
fontforge-20120731b-1.fc17
libguestfs-1.18.9-1.fc17
libyubikey-1.9-1.fc17
maniadrive-1.2-45.fc17.1
mate-notification-daemon-1.4.0-9.fc17
mod_security_crs-2.2.6-2.fc17
pencil-2.0.1-1.fc17
perl-LWP-Authen-Negotiate-0.08-1.fc17
perl-Test-Dist-VersionSync-1.1.0-1.fc17
perl-Test-Type-1.1.0-1.fc17
php-5.4.7-10.fc17
privoxy-3.0.16-6.2.fc17
python-django-helpdesk-0.1.7b-3.fc17
qbittorrent-3.0.5-1.fc17
qt-4.8.2-7.fc17
rubygem-puppet-lint-0.2.1-3.fc17
uim-1.8.3-1.fc17
vlgothic-fonts-20120928-1.fc17
ykpers-1.8.0-1.fc17
Details about builds:
================================================================================
cabal-rpm-0.6.4-1.fc17 (FEDORA-2012-15182)
RPM package creator for Haskell Cabal-based packages
--------------------------------------------------------------------------------
Update Information:
Support tarballs, add manpage and cabal-rpm-diff script
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 25 2012 Jens Petersen <[email protected]> - 0.6.4-1
- add cabal-rpm-diff wrapper script
- fix generated manpage
* Mon Sep 24 2012 Jens Petersen <[email protected]> - 0.6.3-1
- can now handle tarball
- new manpage
- obsoletes cabal2spec
--------------------------------------------------------------------------------
================================================================================
eclipse-vrapper-0.22.0-1.fc17 (FEDORA-2012-15180)
Vim-like editing in Eclipse
--------------------------------------------------------------------------------
Update Information:
A new upstream release with lots of bugfixes and some features added in.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 28 2012 Jesse Keating <[email protected]> - 0.22.0-1
- Update for 0.22.0
- An actual release this time
- Lots of new features, see
http://sourceforge.net/news/?group_id=249013&id=308547
* Wed Jul 18 2012 Fedora Release Engineering <[email protected]>
- 0.18.0-0.2.git1961d1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
febootstrap-3.20-1.fc17 (FEDORA-2012-15190)
Bootstrapping tool for creating supermin appliances
--------------------------------------------------------------------------------
Update Information:
Adds '--copy-kernel' option so you can compile latest libguestfs.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 1 2012 Richard W.M. Jones <[email protected]> - 1:3.20-1
- New upstream version 3.20.
- Synchronize with Rawhide (now well tested).
- Remove upstream patch.
- Fix source URL.
- Add bundled(gnulib).
- Remove defattr lines, not needed by newer RPM.
--------------------------------------------------------------------------------
================================================================================
fontforge-20120731b-1.fc17 (FEDORA-2012-15195)
Outline and bitmap font editor
--------------------------------------------------------------------------------
Update Information:
* Fixes for multiple crashes involving buffer overruns and window resizing.
* Updated Polish, Russian and Simplified Chinese translations.
* New Catalan and Ukrainian translations.
* Improved UFO compatibility with other font editors.
* Many fixes for feature file handling.
* More X resources added to help theme support.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 2 2012 Paul Flo Williams <[email protected]> - 20120731b-1
- Update to 20120731b (problem with 64-bit builds in first release)
* Thu Aug 2 2012 Paul Flo Williams <[email protected]> - 20120731-1
- Update to 20120731
* Thu Jul 19 2012 Fedora Release Engineering <[email protected]>
- 20110222-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Sun May 6 2012 Kevin Fenzi <[email protected]> - 20110222-8
- Rebuild for new libtiff.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #860550 - do not recognize GASP table version 1
https://bugzilla.redhat.com/show_bug.cgi?id=860550
--------------------------------------------------------------------------------
================================================================================
libguestfs-1.18.9-1.fc17 (FEDORA-2012-15184)
Access and modify virtual machine disk images
--------------------------------------------------------------------------------
Update Information:
New upstream stable version 1.18.9.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 1 2012 Richard W.M. Jones <[email protected]> - 1:1.18.9-1
- New upstream stable version 1.18.9.
--------------------------------------------------------------------------------
================================================================================
libyubikey-1.9-1.fc17 (FEDORA-2012-15181)
C library for decrypting and parsing Yubikey One-time passwords
--------------------------------------------------------------------------------
Update Information:
New upstream release 1.9 with memory leak and rpath fixes, gnulib update
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 1 2012 - Maxim Burgerhout <[email protected]> - 1.9-1
- New upstream release 1.9 with memory leak and rpath fixes, gnulib update
* Thu Jul 19 2012 Fedora Release Engineering <[email protected]>
- 1.7-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
maniadrive-1.2-45.fc17.1 (FEDORA-2012-14095)
3D stunt driving game
--------------------------------------------------------------------------------
Update Information:
The PHP development team would like to announce the immediate availability of
PHP 5.4.7. Over 20 bugs were fixed. All users of PHP are encouraged to upgrade
to this release.
The list of changes is recorded in the ChangeLog:
http://www.php.net/ChangeLog-5.php#5.4.7
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 14 2012 Remi Collet <[email protected]> - 1.2-45.1
- rebuild against PHP 5.4.7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #846858 - php-fpm (PHP 5.4.5) segfaults after trying to start
https://bugzilla.redhat.com/show_bug.cgi?id=846858
--------------------------------------------------------------------------------
================================================================================
mate-notification-daemon-1.4.0-9.fc17 (FEDORA-2012-15193)
Notification daemon for MATE Desktop
--------------------------------------------------------------------------------
Update Information:
fix scriplets for mate-conf
fix mateconf scriptlets
update scriptlets and various other bugfixes
mate notification daemon
yay mate notification daemon
update scriptlets and various other bugfixes
mate notification daemon
yay mate notification daemon
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 26 2012 Dan Mashal <[email protected]> 1.4.0-9
- Fix mate-conf scriptlets (again)
* Wed Sep 26 2012 Dan Mashal <[email protected]> 1.4.0-8
- Fix mate-conf scriptlets and bump release version
* Sat Sep 15 2012 Dan Mashal <[email protected]> 1.4.0-7
- Fix post and postun scriptlets
* Sat Sep 15 2012 Dan Mashal <[email protected]> 1.4.0-6
- Add desktop-file-validate and remove only showin for < f18 since
desktop-file-utils was updated to the latest version.
* Sat Sep 15 2012 Dan Mashal <[email protected]> 1.4.0-5
- Remove unneeded pre scriptlet and move post postun scriptlets before install
scriptlet
* Mon Aug 27 2012 Rex Dieter <[email protected]> 1.4.0-4
- fix schema scriptlets
- drop uneeded update-desktop-database scriptlets
- License: GPLv2+
- %doc AUTHORS COPYING README
* Sun Aug 26 2012 Dan Mashal <[email protected]> 1.4.0-3
- Switch from gconf scriptlets to mate conf scriptlets
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #861090 - failed to load external entity error when installing
mate-notification-daemon
https://bugzilla.redhat.com/show_bug.cgi?id=861090
[ 2 ] Bug #847684 - Review Request: mate-notification-daemon - Notification
daemon for MATE Desktop
https://bugzilla.redhat.com/show_bug.cgi?id=847684
--------------------------------------------------------------------------------
================================================================================
mod_security_crs-2.2.6-2.fc17 (FEDORA-2012-15178)
ModSecurity Rules
--------------------------------------------------------------------------------
Update Information:
Add a patch to fix incompatible rules. Update to new git release
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 1 2012 Athmane Madjoudj <[email protected]> 2.2.6-2
- Add a patch to fix incompatible rules.
- Update to new git release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #862050 - mod_security_crs-2.2.6-1 (and
mod_security_crs-extras-2.2.6-1) is incompatible with mod_security-2.6.7-1
https://bugzilla.redhat.com/show_bug.cgi?id=862050
--------------------------------------------------------------------------------
================================================================================
pencil-2.0.1-1.fc17 (FEDORA-2012-15191)
A sketching and GUI prototyping tool
--------------------------------------------------------------------------------
Update Information:
Initial update.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #832635 - Review Request: pencil - A sketching and GUI prototyping
tool
https://bugzilla.redhat.com/show_bug.cgi?id=832635
--------------------------------------------------------------------------------
================================================================================
perl-LWP-Authen-Negotiate-0.08-1.fc17 (FEDORA-2012-15185)
GSSAPI based Authentication Plugin for LWP
--------------------------------------------------------------------------------
Update Information:
First additions of perl-LWP-Authen-Negotiate to Fedora and EPEL.
--------------------------------------------------------------------------------
================================================================================
perl-Test-Dist-VersionSync-1.1.0-1.fc17 (FEDORA-2012-15192)
Verify that all the modules in a distribution have the same version number
--------------------------------------------------------------------------------
Update Information:
The Test-Dist-VersionSync gives perl developers an easy way to verify that all
the modules in a distribution have the same version number.
--------------------------------------------------------------------------------
================================================================================
perl-Test-Type-1.1.0-1.fc17 (FEDORA-2012-15188)
Functions to validate data types in test files
--------------------------------------------------------------------------------
Update Information:
The Test::Type module provides functions that allow you to validate data types
in test files.
--------------------------------------------------------------------------------
================================================================================
php-5.4.7-10.fc17 (FEDORA-2012-14095)
PHP scripting language for creating dynamic web sites
--------------------------------------------------------------------------------
Update Information:
The PHP development team would like to announce the immediate availability of
PHP 5.4.7. Over 20 bugs were fixed. All users of PHP are encouraged to upgrade
to this release.
The list of changes is recorded in the ChangeLog:
http://www.php.net/ChangeLog-5.php#5.4.7
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 1 2012 Remi Collet <[email protected]> 5.4.7-10
- fix typo in systemd macro
* Mon Oct 1 2012 Remi Collet <[email protected]> 5.4.7-9
- php-fpm: new systemd macros (#850268)
- php-fpm: add upstream patch for startup issue (#846858)
* Fri Sep 28 2012 Remi Collet <[email protected]> 5.4.7-8
- systemd integration, https://bugs.php.net/63085
- no odbc call during timeout, https://bugs.php.net/63171
- check sqlite3_column_table_name, https://bugs.php.net/63149
* Mon Sep 24 2012 Remi Collet <[email protected]> 5.4.7-7
- most failed tests explained (i386, x86_64)
* Wed Sep 19 2012 Remi Collet <[email protected]> 5.4.7-6
- fix for http://bugs.php.net/63126 (#783967)
* Wed Sep 19 2012 Remi Collet <[email protected]> 5.4.7-5
- patch to ensure we use latest libdb (not libdb4)
* Wed Sep 19 2012 Remi Collet <[email protected]> 5.4.7-4
- really fix rhel tests (use libzip and libdb)
* Tue Sep 18 2012 Remi Collet <[email protected]> 5.4.7-3
- fix test to enable zip extension on RHEL-7
* Fri Sep 14 2012 Remi Collet <[email protected]> 5.4.7-1
- update to 5.4.7
http://www.php.net/releases/5_4_7.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #846858 - php-fpm (PHP 5.4.5) segfaults after trying to start
https://bugzilla.redhat.com/show_bug.cgi?id=846858
--------------------------------------------------------------------------------
================================================================================
privoxy-3.0.16-6.2.fc17 (FEDORA-2012-15206)
Privacy enhancing proxy
--------------------------------------------------------------------------------
Update Information:
Allow all users to execute, latest upstream (f18+ only)
Correct file ownership.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 1 2012 Jon Ciesla <[email protected]> - 3.0.16-6.2
- Change ownership of binary and config to root.
* Mon Oct 1 2012 Jon Ciesla <[email protected]> - 3.0.16-6.1
- Allow execution by all users, BZ 849932.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #849932 - privoxy is only executable for the user privoxy.
https://bugzilla.redhat.com/show_bug.cgi?id=849932
--------------------------------------------------------------------------------
================================================================================
python-django-helpdesk-0.1.7b-3.fc17 (FEDORA-2012-15202)
A Django powered ticket tracker for small enterprise
--------------------------------------------------------------------------------
Update Information:
A Django powered ticket tracker for small enterprise
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #858025 - Review Request: python-django-helpdesk - A Django powered
ticket tracker for small enterprise
https://bugzilla.redhat.com/show_bug.cgi?id=858025
--------------------------------------------------------------------------------
================================================================================
qbittorrent-3.0.5-1.fc17 (FEDORA-2012-15205)
A Bittorrent Client
--------------------------------------------------------------------------------
Update Information:
* Sun Sep 30 2012 - Christophe Dumez <[email protected]> - v3.0.5
- BUGFIX: Disabling systray icon no longer disables file association
settings (closes #114)
- BUGFIX: Import new trackers from magnet link in case of duplicate torrent
(closes #111)
- BUGFIX: Fix "Skip hash check" feature in torrent import dialog (closes
#128)
- BUGFIX: Several Web UI connection fixes
- BUGFIX: Add Basque locale to Web UI
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 1 2012 Leigh Scott <[email protected]> - 1:3.0.5-1
- update to 3.0.5 release
--------------------------------------------------------------------------------
================================================================================
qt-4.8.2-7.fc17 (FEDORA-2012-15194)
Qt toolkit
--------------------------------------------------------------------------------
Update Information:
Build patched to disable SSL/TLS compression by default avoiding CRIME attacks,
see also http://qt.digia.com/Release-Notes/security-issue-september-2012/
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 27 2012 Rex Dieter <[email protected]> 1:4.8.2-7
- upstream disable-SSL-compression patch
* Tue Sep 4 2012 Rex Dieter <[email protected]> 4.8.2-6
- revert "fix QtScript JIT crash" patch, causes frequent segmentation faults
(#853587)
* Mon Aug 13 2012 Rex Dieter <[email protected]> 4.8.2-5
- fix QtScript JIT crash (QTBUG-23871, kde#297661)
--------------------------------------------------------------------------------
================================================================================
rubygem-puppet-lint-0.2.1-3.fc17 (FEDORA-2012-15189)
Ensure your Puppet manifests conform with the Puppetlabs style guide
--------------------------------------------------------------------------------
Update Information:
New package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #786249 - Review Request: rubygem-puppet-lint - Tool to verify the
style of puppet manifests
https://bugzilla.redhat.com/show_bug.cgi?id=786249
--------------------------------------------------------------------------------
================================================================================
uim-1.8.3-1.fc17 (FEDORA-2012-15196)
A multilingual input method library
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 1 2012 Akira TAGOH <[email protected]> - 1.8.3-1
- New upstream release. (#861738)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #861738 - uim-1.8.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=861738
--------------------------------------------------------------------------------
================================================================================
vlgothic-fonts-20120928-1.fc17 (FEDORA-2012-15204)
Japanese TrueType font
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 1 2012 Akira TAGOH <[email protected]> - 20120928-1
- New upstream release. (#861431)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #861431 - vlgothic-fonts-20120928 is available
https://bugzilla.redhat.com/show_bug.cgi?id=861431
--------------------------------------------------------------------------------
================================================================================
ykpers-1.8.0-1.fc17 (FEDORA-2012-15179)
Yubikey personalization program
--------------------------------------------------------------------------------
Update Information:
Update to 1.8.0: Support for yk_challenge_response, Yubikey 2.3, bugfixes and
more. Drop bigendian patch, is now in upstream source. Drop 70-yubikey.rules on
f17, no longer works.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 1 2012 - Maxim Burgerhout <[email protected]> - 1.8.0-1
- Update to 1.8.0:
- Support for yk_challenge_response, Yubikey 2.3, bugfixes and more
- Drop bigendian patch, is now in upstream source
- Drop 70-yubikey.rules on f17, no longer works
* Sun Jul 22 2012 Fedora Release Engineering <[email protected]>
- 1.6.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
--
test mailing list
[email protected]
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
