The following Fedora 14 Security updates need testing:
https://admin.fedoraproject.org/updates/wireshark-1.4.2-2.fc14 https://admin.fedoraproject.org/updates/ccid-1.4.0-2.fc14 https://admin.fedoraproject.org/updates/pcsc-lite-1.6.4-3.fc14 https://admin.fedoraproject.org/updates/wordpress-2.8.6-3.fc14 https://admin.fedoraproject.org/updates/collectd-4.9.4-1.fc14 https://admin.fedoraproject.org/updates/perl-Convert-UUlib-1.34-1.fc14 https://admin.fedoraproject.org/updates/wordpress-mu-2.9.2-2.fc14 https://admin.fedoraproject.org/updates/pyfribidi-0.10.0-1.fc14 https://admin.fedoraproject.org/updates/Django-1.2.4-1.fc14 https://admin.fedoraproject.org/updates/feh-1.10.1-1.fc14 https://admin.fedoraproject.org/updates/socat-1.7.1.3-1.fc14 https://admin.fedoraproject.org/updates/mod_auth_mysql-3.0.0-12.fc14 https://admin.fedoraproject.org/updates/perl-CGI-Simple-1.112-2.fc14 https://admin.fedoraproject.org/updates/exim-4.72-2.fc14
The following Fedora 14 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/libxfcegui4-4.6.4-4.fc14,libxfce4ui-... https://admin.fedoraproject.org/updates/selinux-policy-3.9.7-20.fc14 https://admin.fedoraproject.org/updates/cairo-1.10.2-1.fc14 https://admin.fedoraproject.org/updates/xorg-x11-drv-geode-2.11.10-1.fc14
The following builds have been pushed to Fedora 14 updates-testing
BEDTools-2.10.1-1.fc14 anjuta-2.32.1.1-1.fc14 bibletime-2.8.0-1.fc14 bwa-0.5.8c-1.fc14 ccid-1.4.0-2.fc14 flashrom-0.9.3-1.svn1250.fc14 ghc-zip-archive-0.1.1.6-4.fc14 git-cola-1.4.3-1.fc14 glade3-3.6.7-2.fc14 gnome-media-2.32.0-2.fc14 gtkdatabox-0.9.1.1-4.fc14.2 kpackagekit-0.6.3.3-1.fc14 kpassgen-1.3-1.fc14 libmowgli-0.7.1-2.fc14 libxfce4ui-4.7.2-3.fc14 libxfcegui4-4.6.4-4.fc14 mfiler3-4.1.3-1.fc14 pam_ssh-1.97-4.fc14 pcsc-lite-1.6.4-3.fc14 pulseaudio-equalizer-2.7-5.fc14 purple-facebookchat-1.69-1.fc14 python-kitchen-0.2.2-1.fc14 python-paramiko-1.7.6-3.fc14 python-pyasn1-0.0.12a-1.fc14 saphire-1.1.7-1.fc14 selinux-policy-3.9.7-20.fc14 sems-1.3.1-4.fc14 slv2-0.6.6-6.fc14 visualvm-1.3-10.fc14 wireshark-1.4.2-2.fc14 xorg-x11-drv-ivtv-1.1.2-1.fc14 xscreensaver-5.12-9.fc14 zabbix-1.8.4-1.fc14
Details about builds:
================================================================================ BEDTools-2.10.1-1.fc14 (FEDORA-2011-0155) A flexible suite of utilities for comparing genomic features -------------------------------------------------------------------------------- Update Information:
New upstream release with bugfixes and new features -------------------------------------------------------------------------------- ChangeLog:
* Wed Nov 17 2010 Adam Huffman bloch@verdurin.com - 2.10.1-1 - new annotateBed tool - updated manual --------------------------------------------------------------------------------
================================================================================ anjuta-2.32.1.1-1.fc14 (FEDORA-2011-0152) A GNOME development IDE for C/C++ -------------------------------------------------------------------------------- Update Information:
This update includes:
* Reverting back glade3 release on fedora 14 stable. This update fixes many bugs introduced because of current odd version release.
* This update also includes anjuta 2.32.1.1 which fixes important common bugs in old release.
It also obsoletes anjuta-2.32.1.0-1.fc14 which was also a bug fix.
-------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 5 2011 Rakesh Pandit rakesh@fedoraproject.org - 1:2.32.1.1-1 - Updated to 2.32.1.1 * bgo#636665 – [PATCH] .vapi file not distributed * lp#448126 – The “Report bugs” menu entry does not work * bgo#636312 – Double click fails to select entire word if it contains _ or digits * bgo#633018 crash in Anjuta IDE: misuse of xmlCleanupParser * Mon Dec 27 2010 Rakesh Pandit rakesh@fedoraproject.org - 1:2.32.1.0-2 - Rebuild for glade3 * Fri Nov 26 2010 Johannes Schmid jhs@jsschmid.de - 1:2.32.1.0-1 - Version bump to 2.32.1.0
* language-support-cpp-java: bgo#621916 - check for brace * libanjuta: bgo#633042 New: Sensitivity off 'ok' button on the project import dialog * language-support-cpp: Don't show duplicated results in autocompletion * build: bgo#633661 - vala support is automagic * language-support-cpp-java: bgo#633112 - Smart Brace Completion Quotation Mark Crash * python-support: Fix bgo#631223 autointention causes anjuta to hang
* bgo#630460 PackageKit integration is not working on all distros * project-wizard: Update default ui file to use gtk+-2.16 * Wed Sep 29 2010 jkeating - 1:2.31.90.0-1.1 - Rebuilt for gcc bug 634757 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #646111 - glade-3 dies if not clicking first on "window" in the toplevels area https://bugzilla.redhat.com/show_bug.cgi?id=646111 [ 2 ] Bug #657560 - anjuta - Update to 2.32.1.1 https://bugzilla.redhat.com/show_bug.cgi?id=657560 --------------------------------------------------------------------------------
================================================================================ bibletime-2.8.0-1.fc14 (FEDORA-2011-0127) An easy to use Bible study tool -------------------------------------------------------------------------------- Update Information:
Update to latest stable release to fix reported bugs. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 4 2011 Deji Akingunola dakingun@gmail.com - 2.8.0-1 - Update to 2.8.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #665711 - [abrt] bibletime-2.7.3-2.fc14: assureSize: Process /usr/bin/bibletime was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=665711 [ 2 ] Bug #665712 - [abrt] bibletime-2.7.3-2.fc14: set: Process /usr/bin/bibletime was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=665712 --------------------------------------------------------------------------------
================================================================================ bwa-0.5.8c-1.fc14 (FEDORA-2011-0138) Burrows-Wheeler Alignment tool -------------------------------------------------------------------------------- Update Information:
Upstream bugfix release -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 5 2011 Adam Huffman bloch@verdurin.com - 0.5.8c-1 - upstream bugfix release --------------------------------------------------------------------------------
================================================================================ ccid-1.4.0-2.fc14 (FEDORA-2011-0162) Generic USB CCID smart card reader driver -------------------------------------------------------------------------------- Update Information:
This update fixes the following security issue:
An integer overflow, leading to array index error was found in the way USB CCID (Chip/Smart Card Interface Devices) driver processed certain values of card serial number. A local attacker could use this flaw to execute arbitrary code, with the privileges of the user running the pcscd daemon, via a malicious smart card with specially-crafted value of its serial number, inserted to the system USB port. -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 5 2011 Kalev Lember kalev@smartlink.ee - 1.4.0-2 - Fixed an integer overflow in card serial number processing code (CVE-2010-4530) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #664986 - CVE-2010-4530 CCID: Integer overflow, leading to array index error when processing crafted serial number of certain cards https://bugzilla.redhat.com/show_bug.cgi?id=664986 --------------------------------------------------------------------------------
================================================================================ flashrom-0.9.3-1.svn1250.fc14 (FEDORA-2011-0144) Simple program for reading/writing BIOS chips content -------------------------------------------------------------------------------- Update Information:
- Updated to latest svn ver. 1250 (post-release snapshot for 0.9.3) - Initial rtl8169 support (UNTESTED) - Fix decoding of SB600 LPC ROM protection registers - Erasing/writing of Winbond W39V040FB chips - Support for the Open Graphics Project development card - Support for SST SST25VF010 chip - Board-enable for the MSI MS-6391 (845 Pro4) - Support for Spansion S25FL004A, S25FL032A, and S25FL064A chips - Add chunked write ability to the Dediprog SF100 driver - Support bulk read on Dediprog SF100 - Support for the OpenMoko Neo1973/Neo FreeRunner debug board (ver, 2 or 3) - Real partial writes were implemented - Add SPI flash emulation capability to the dummy programmer - Board enable for the EPoX EP-8NPA7I board - Fixed build on EL-5 -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 4 2011 Peter Lemenkov lemenkov@gmail.com 0.9.3-1.svn1250 - Updated to latest svn ver. 1250 (post-release snapshot for 0.9.3) - Initial rtl8169 support (UNTESTED) - Fix decoding of SB600 LPC ROM protection registers - Erasing/writing of Winbond W39V040FB chips - Support for the Open Graphics Project development card - Support for SST SST25VF010 chip - Board-enable for the MSI MS-6391 (845 Pro4) - Support for Spansion S25FL004A, S25FL032A, and S25FL064A chips - Add chunked write ability to the Dediprog SF100 driver - Support bulk read on Dediprog SF100 - Support for the OpenMoko Neo1973/Neo FreeRunner debug board (ver, 2 or 3) - Real partial writes were implemented - Add SPI flash emulation capability to the dummy programmer - Board enable for the EPoX EP-8NPA7I board - Fixed build on EL-5 --------------------------------------------------------------------------------
================================================================================ ghc-zip-archive-0.1.1.6-4.fc14 (FEDORA-2011-0136) Haskell zip-archive library -------------------------------------------------------------------------------- References:
[ 1 ] Bug #652573 - Review Request: ghc-zip-archive - Haskell zip-archive library https://bugzilla.redhat.com/show_bug.cgi?id=652573 --------------------------------------------------------------------------------
================================================================================ git-cola-1.4.3-1.fc14 (FEDORA-2011-0137) A highly caffeinated git gui -------------------------------------------------------------------------------- Update Information:
An update of git-cola to the latest upstream release: http://cola.tuxfamily.org/share/doc/git-cola/html/relnotes.html
In particular, this fixes the blank Actions widget on Fedora 14. -------------------------------------------------------------------------------- ChangeLog:
* Mon Jan 3 2011 Kevin Kofler Kevin@tigcc.ticalc.org - 1.4.3-1 - Update to 1.4.3, fixes broken Actions widget - Drop docpath patch, fixed upstream - Drop obsolete conditional for Fedora <= 11 - Fix installation of translations --------------------------------------------------------------------------------
================================================================================ glade3-3.6.7-2.fc14 (FEDORA-2011-0152) User Interface Designer for GTK+ and GNOME -------------------------------------------------------------------------------- Update Information:
This update includes:
* Reverting back glade3 release on fedora 14 stable. This update fixes many bugs introduced because of current odd version release.
* This update also includes anjuta 2.32.1.1 which fixes important common bugs in old release.
It also obsoletes anjuta-2.32.1.0-1.fc14 which was also a bug fix.
-------------------------------------------------------------------------------- References:
[ 1 ] Bug #646111 - glade-3 dies if not clicking first on "window" in the toplevels area https://bugzilla.redhat.com/show_bug.cgi?id=646111 [ 2 ] Bug #657560 - anjuta - Update to 2.32.1.1 https://bugzilla.redhat.com/show_bug.cgi?id=657560 --------------------------------------------------------------------------------
================================================================================ gnome-media-2.32.0-2.fc14 (FEDORA-2011-0152) GNOME media programs -------------------------------------------------------------------------------- Update Information:
This update includes:
* Reverting back glade3 release on fedora 14 stable. This update fixes many bugs introduced because of current odd version release.
* This update also includes anjuta 2.32.1.1 which fixes important common bugs in old release.
It also obsoletes anjuta-2.32.1.0-1.fc14 which was also a bug fix.
-------------------------------------------------------------------------------- ChangeLog:
* Mon Dec 27 2010 Rakesh Pandit rakesh@fedoraproject.org 2.32.0-2 - Rebuild for glade3 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #646111 - glade-3 dies if not clicking first on "window" in the toplevels area https://bugzilla.redhat.com/show_bug.cgi?id=646111 [ 2 ] Bug #657560 - anjuta - Update to 2.32.1.1 https://bugzilla.redhat.com/show_bug.cgi?id=657560 --------------------------------------------------------------------------------
================================================================================ gtkdatabox-0.9.1.1-4.fc14.2 (FEDORA-2011-0152) GTK+ widget for fast data display -------------------------------------------------------------------------------- Update Information:
This update includes:
* Reverting back glade3 release on fedora 14 stable. This update fixes many bugs introduced because of current odd version release.
* This update also includes anjuta 2.32.1.1 which fixes important common bugs in old release.
It also obsoletes anjuta-2.32.1.0-1.fc14 which was also a bug fix.
-------------------------------------------------------------------------------- ChangeLog:
* Mon Dec 27 2010 Rakesh Pandit rakesh@fedoraproject.org - 0.9.1.1-4.2 - Rebuild for glade3 * Thu Oct 14 2010 Jesse Keating jkeating@redhat.com - 0.9.1.1-4.1 - Rebuild for gcc bug 634757 * Fri Sep 3 2010 Dan Horák <dan[at]danny.cz> 0.9.1.1-4 - fix deprecated GTK 2.22 features -------------------------------------------------------------------------------- References:
[ 1 ] Bug #646111 - glade-3 dies if not clicking first on "window" in the toplevels area https://bugzilla.redhat.com/show_bug.cgi?id=646111 [ 2 ] Bug #657560 - anjuta - Update to 2.32.1.1 https://bugzilla.redhat.com/show_bug.cgi?id=657560 --------------------------------------------------------------------------------
================================================================================ kpackagekit-0.6.3.3-1.fc14 (FEDORA-2011-0131) KDE interface for PackageKit -------------------------------------------------------------------------------- Update Information:
New upstream bugfix release, fixes some bug that might cause crashes and unsorted lists. -------------------------------------------------------------------------------- ChangeLog:
* Mon Jan 3 2011 Rex Dieter rdieter@fedoraproject.org 0.6.3.3-1 - 0.6.3.3 release --------------------------------------------------------------------------------
================================================================================ kpassgen-1.3-1.fc14 (FEDORA-2011-0148) Random password creator -------------------------------------------------------------------------------- Update Information:
Here is where you give an explanation of your update. --------------------------------------------------------------------------------
================================================================================ libmowgli-0.7.1-2.fc14 (FEDORA-2011-0140) Library of many utility functions and classes -------------------------------------------------------------------------------- Update Information:
This update fixes an off-by-one error in the mowgli_list implementation that affects node insertion and retrieval.
libmowgli is used by Audacious, for example.
-------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 5 2011 Michael Schwendt mschwendt@fedoraproject.org - 0.7.1-2 - Apply mowgli_list off-by-one patch for mowgli_node_nth. --------------------------------------------------------------------------------
================================================================================ libxfce4ui-4.7.2-3.fc14 (FEDORA-2011-0152) Commonly used Xfce widgets -------------------------------------------------------------------------------- Update Information:
This update includes:
* Reverting back glade3 release on fedora 14 stable. This update fixes many bugs introduced because of current odd version release.
* This update also includes anjuta 2.32.1.1 which fixes important common bugs in old release.
It also obsoletes anjuta-2.32.1.0-1.fc14 which was also a bug fix.
-------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 5 2011 Rakesh Pandit rakesh@fedoraproject.org - 4.7.2-3 - Rebuild for glade3 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #646111 - glade-3 dies if not clicking first on "window" in the toplevels area https://bugzilla.redhat.com/show_bug.cgi?id=646111 [ 2 ] Bug #657560 - anjuta - Update to 2.32.1.1 https://bugzilla.redhat.com/show_bug.cgi?id=657560 --------------------------------------------------------------------------------
================================================================================ libxfcegui4-4.6.4-4.fc14 (FEDORA-2011-0152) GTK widgets for Xfce -------------------------------------------------------------------------------- Update Information:
This update includes:
* Reverting back glade3 release on fedora 14 stable. This update fixes many bugs introduced because of current odd version release.
* This update also includes anjuta 2.32.1.1 which fixes important common bugs in old release.
It also obsoletes anjuta-2.32.1.0-1.fc14 which was also a bug fix.
-------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 5 2011 Rakesh Pandit rakesh@fedoraproject.org - 4.6.4-4 - Rebuild for glade3 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #646111 - glade-3 dies if not clicking first on "window" in the toplevels area https://bugzilla.redhat.com/show_bug.cgi?id=646111 [ 2 ] Bug #657560 - anjuta - Update to 2.32.1.1 https://bugzilla.redhat.com/show_bug.cgi?id=657560 --------------------------------------------------------------------------------
================================================================================ mfiler3-4.1.3-1.fc14 (FEDORA-2011-0132) Two pane file manager under UNIX console -------------------------------------------------------------------------------- Update Information:
saphire 1.1.7 / mfiler3 4.1.3 are released. -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 5 2011 Mamoru Tasaka mtasaka@ioa.s.u-tokyo.ac.jp - 4.1.3-1 - 4.1.3 * Wed Dec 29 2010 Mamoru Tasaka mtasaka@ioa.s.u-tokyo.ac.jp - 4.1.1-1 - 4.1.1 --------------------------------------------------------------------------------
================================================================================ pam_ssh-1.97-4.fc14 (FEDORA-2011-0141) PAM module for use with SSH keys and ssh-agent -------------------------------------------------------------------------------- Update Information:
Avoid crashes when run with openssh -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 5 2011 Dmitry Butskoy Dmitry@Butskoy.name - 1.97-4 - export only pam_sm_* symbols from the module (else it could cause cross linking when used under sshd daemon) --------------------------------------------------------------------------------
================================================================================ pcsc-lite-1.6.4-3.fc14 (FEDORA-2011-0164) PC/SC Lite smart card framework and applications -------------------------------------------------------------------------------- Update Information:
This update fixes the following security issue:
A stack-based buffer overflow flaw was found in the way PC/SC Lite smart card framework decoded certain attribute values of the Answer-to-Reset (ATR) message, received back from the card after connecting. A local attacker could use this flaw to execute arbitrary code with the privileges of the user running the pcscd daemon, via a malicious smart card inserted to the system USB port. -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 5 2011 Kalev Lember kalev@smartlink.ee - 1.6.4-3 - Fixed a buffer overflow in ATR decoder (CVE-2010-4531) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #664999 - CVE-2010-4531 pcsc-lite: Stack-based buffer overflow in Answer-to-Reset (ATR) decoder https://bugzilla.redhat.com/show_bug.cgi?id=664999 --------------------------------------------------------------------------------
================================================================================ pulseaudio-equalizer-2.7-5.fc14 (FEDORA-2011-0157) A 15 Bands Equalizer for PulseAudio -------------------------------------------------------------------------------- Update Information:
-------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 5 2011 Hicham HAOUARI hicham.haouari@gmail.com - 2.7-5 - Rework preamp patch * Mon Jan 3 2011 Hicham HAOUARI hicham.haouari@gmail.com - 2.7-4 - Remove preamp per discussion with upstream, fixes rhbz #639604 - Add man pages -------------------------------------------------------------------------------- References:
[ 1 ] Bug #639604 - equalizer resets volume to maximum on every change https://bugzilla.redhat.com/show_bug.cgi?id=639604 --------------------------------------------------------------------------------
================================================================================ purple-facebookchat-1.69-1.fc14 (FEDORA-2011-0142) Libpurple plug-in supporting facebook IM -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 4 2011 Ismael Olea ismael@olea.org 1.69-1 - updating to 1.69 - added zlib-devel dependency -------------------------------------------------------------------------------- References:
[ 1 ] Bug #666234 - facebookchat protocol unavailable at v1.69 https://bugzilla.redhat.com/show_bug.cgi?id=666234 --------------------------------------------------------------------------------
================================================================================ python-kitchen-0.2.2-1.fc14 (FEDORA-2011-0129) Small, useful pieces of code to make python coding easier -------------------------------------------------------------------------------- Update Information:
New upstream release with two new functions. -------------------------------------------------------------------------------- ChangeLog:
* Mon Jan 3 2011 Toshio Kuratomi toshio@fedoraproject.org - 0.2.2-1 - Upstream update 0.2.2 - Adds exception to message functions - Build html docs --------------------------------------------------------------------------------
================================================================================ python-paramiko-1.7.6-3.fc14 (FEDORA-2011-0122) SSH2 protocol library for python -------------------------------------------------------------------------------- Update Information:
* Patch to address scarey deprecation warning from pycrypto * Enable test suite -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 4 2011 Toshio Kuratomi toshio@fedoraproject.org - 1.7.6-3 - Patch to address deprecation warning from pycrypto - Simplify build as shown in new python guidelines - Enable test suite -------------------------------------------------------------------------------- References:
[ 1 ] Bug #611405 - RandomPool_DeprecationWarning in fc13 https://bugzilla.redhat.com/show_bug.cgi?id=611405 --------------------------------------------------------------------------------
================================================================================ python-pyasn1-0.0.12a-1.fc14 (FEDORA-2011-0161) ASN.1 tools for Python -------------------------------------------------------------------------------- Update Information:
Update to pyasn1-0.0.12a and refreshed the Any patch. -------------------------------------------------------------------------------- ChangeLog:
* Wed Dec 22 2010 Rob Crittenden rcritten@redhat.com - 0.0.12a-1 - Update to upstream version 0.0.12a -------------------------------------------------------------------------------- References:
[ 1 ] Bug #663004 - Bump python-pyasn1 to at least 0.0.10, bug in previous versions https://bugzilla.redhat.com/show_bug.cgi?id=663004 --------------------------------------------------------------------------------
================================================================================ saphire-1.1.7-1.fc14 (FEDORA-2011-0132) Yet another shell -------------------------------------------------------------------------------- Update Information:
saphire 1.1.7 / mfiler3 4.1.3 are released. -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 5 2011 Mamoru Tasaka mtasaka@ioa.s.u-tokyo.ac.jp - 1.1.7-1 - 1.1.7 * Sun Jan 2 2011 Mamoru Tasaka mtasaka@ioa.s.u-tokyo.ac.jp - 1.1.4-1 - 1.1.4 * Sat Jan 1 2011 Mamoru Tasaka mtasaka@ioa.s.u-tokyo.ac.jp - 1.1.2-1 - 1.1.2 * Wed Dec 29 2010 Mamoru Tasaka mtasaka@ioa.s.u-tokyo.ac.jp - 1.1.0-2.respin1 - 1.1.0 respun * Wed Dec 29 2010 Mamoru Tasaka mtasaka@ioa.s.u-tokyo.ac.jp - 1.1.0-1 - 1.1.0 --------------------------------------------------------------------------------
================================================================================ selinux-policy-3.9.7-20.fc14 (FEDORA-2011-0149) SELinux policy configuration -------------------------------------------------------------------------------- Update Information:
- Fixes for iscsi policy - Allow dmesg to read system state - squid apache script connects to the squid port - /var/stockmaniac/templates_cache contains log files - Allow radius to communicate with postgresql - Add transition from unconfined_java_t to wine_t -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 4 2011 Miroslav Grepl mgrepl@redhat.com 3.9.7-20 - Fixes for iscsi policy - Allow dmesg to read system state - squid apache script connects to the squid port - /var/stockmaniac/templates_cache contains log files - Allow radius to communicate with postgresql - Add transition from unconfined_java_t to wine_t -------------------------------------------------------------------------------- References:
[ 1 ] Bug #665203 - SELinux is preventing /sbin/iscsid from using the 'sys_ptrace' capabilities. https://bugzilla.redhat.com/show_bug.cgi?id=665203 [ 2 ] Bug #665220 - SELinux is preventing /bin/dmesg from 'read' accesses on the file /proc/version. https://bugzilla.redhat.com/show_bug.cgi?id=665220 [ 3 ] Bug #665428 - SELinux is preventing /usr/bin/mpd from 'read' accesses on the lnk_file swen. https://bugzilla.redhat.com/show_bug.cgi?id=665428 [ 4 ] Bug #665717 - SELinux is preventing /usr/lib/squid/cachemgr.cgi from 'name_connect' accesses on the tcp_socket port 3128. https://bugzilla.redhat.com/show_bug.cgi?id=665717 [ 5 ] Bug #665851 - SELinux is preventing /usr/sbin/sendmail.sendmail from 'read' accesses on the file /tmp/.NSPR-AFM-1910-7ff497ea2290.0 (deleted). https://bugzilla.redhat.com/show_bug.cgi?id=665851 [ 6 ] Bug #666018 - SELinux is preventing /usr/sbin/logrotate "read" access on /var/stockmaniac/templates_cache. https://bugzilla.redhat.com/show_bug.cgi?id=666018 [ 7 ] Bug #665563 - SELinux policy prevents FreeRADIUS connecting to database https://bugzilla.redhat.com/show_bug.cgi?id=665563 [ 8 ] Bug #665682 - SELinux is preventing /usr/bin/webalizer from 'remove_name' accesses on the directory webalizer.hist.new. https://bugzilla.redhat.com/show_bug.cgi?id=665682 [ 9 ] Bug #666494 - SELinux is preventing /usr/bin/kleopatra from 'connectto' accesses on the unix_stream_socket /tmp/gpg-5VtZxQ/S.gpg-agent. https://bugzilla.redhat.com/show_bug.cgi?id=666494 [ 10 ] Bug #666766 - SELinux is preventing /usr/sbin/sendmail.sendmail from using the 'setsched' accesses on a process. https://bugzilla.redhat.com/show_bug.cgi?id=666766 [ 11 ] Bug #666722 - SELinux is preventing /usr/sbin/sshd from 'search' accesses on the directory /var/lib/amanda. https://bugzilla.redhat.com/show_bug.cgi?id=666722 --------------------------------------------------------------------------------
================================================================================ sems-1.3.1-4.fc14 (FEDORA-2011-0150) SIP Express Media Server, an extensible SIP media server -------------------------------------------------------------------------------- Update Information:
- Disallow usage of Glibc private functions - Fixed linking issues - Fixed segfault in gateway module - Properly install email template for voicemail module - Don't start py_sems by default (causes issues with python2.7) - Ver. 1.3.1 (Fully API/ABI compatible with previous version) Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version. Fixed severe issue, which caused segfaults Several minor bugfixes and one big fix for regression in modules conference and early_media. - Ver. 1.3.1 (Fully API/ABI compatible with previous version) Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version. Fixed severe issue, which caused segfaults Several minor bugfixes and one big fix for regression in modules conference and early_media. - Ver. 1.3.1 (Fully API/ABI compatible with previous version) Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version. Fixed severe issue, which caused segfaults Several minor bugfixes and one big fix for regression in modules conference and early_media. - Fixed segfault in gateway module - Properly install email template for voicemail module - Don't start py_sems by default (causes issues with python2.7) - Ver. 1.3.1 (Fully API/ABI compatible with previous version) Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version. Fixed severe issue, which caused segfaults Several minor bugfixes and one big fix for regression in modules conference and early_media. - Ver. 1.3.1 (Fully API/ABI compatible with previous version) Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version. Fixed severe issue, which caused segfaults Several minor bugfixes and one big fix for regression in modules conference and early_media. - Ver. 1.3.1 (Fully API/ABI compatible with previous version) Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version. Fixed severe issue, which caused segfaults Several minor bugfixes and one big fix for regression in modules conference and early_media. - Fixed segfault in gateway module - Properly install email template for voicemail module - Don't start py_sems by default (causes issues with python2.7) - Ver. 1.3.1 (Fully API/ABI compatible with previous version) Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version. Fixed severe issue, which caused segfaults Several minor bugfixes and one big fix for regression in modules conference and early_media. - Ver. 1.3.1 (Fully API/ABI compatible with previous version) Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version. Fixed severe issue, which caused segfaults Several minor bugfixes and one big fix for regression in modules conference and early_media. - Ver. 1.3.1 (Fully API/ABI compatible with previous version) Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version. Fixed severe issue, which caused segfaults Several minor bugfixes and one big fix for regression in modules conference and early_media. - Fixed linking issues - Fixed segfault in gateway module - Properly install email template for voicemail module - Don't start py_sems by default (causes issues with python2.7) - Ver. 1.3.1 (Fully API/ABI compatible with previous version) Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version. Fixed severe issue, which caused segfaults Several minor bugfixes and one big fix for regression in modules conference and early_media. - Ver. 1.3.1 (Fully API/ABI compatible with previous version) Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version. Fixed severe issue, which caused segfaults Several minor bugfixes and one big fix for regression in modules conference and early_media. - Ver. 1.3.1 (Fully API/ABI compatible with previous version) Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version. Fixed severe issue, which caused segfaults Several minor bugfixes and one big fix for regression in modules conference and early_media. - Fixed segfault in gateway module - Properly install email template for voicemail module - Don't start py_sems by default (causes issues with python2.7) - Ver. 1.3.1 (Fully API/ABI compatible with previous version) Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version. Fixed severe issue, which caused segfaults Several minor bugfixes and one big fix for regression in modules conference and early_media. - Ver. 1.3.1 (Fully API/ABI compatible with previous version) Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version. Fixed severe issue, which caused segfaults Several minor bugfixes and one big fix for regression in modules conference and early_media. - Ver. 1.3.1 (Fully API/ABI compatible with previous version) Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version. Fixed severe issue, which caused segfaults Several minor bugfixes and one big fix for regression in modules conference and early_media. - Fixed segfault in gateway module - Properly install email template for voicemail module - Don't start py_sems by default (causes issues with python2.7) - Ver. 1.3.1 (Fully API/ABI compatible with previous version) Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version. Fixed severe issue, which caused segfaults Several minor bugfixes and one big fix for regression in modules conference and early_media. - Ver. 1.3.1 (Fully API/ABI compatible with previous version) Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version. Fixed severe issue, which caused segfaults Several minor bugfixes and one big fix for regression in modules conference and early_media. - Ver. 1.3.1 (Fully API/ABI compatible with previous version) Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version. Fixed severe issue, which caused segfaults Several minor bugfixes and one big fix for regression in modules conference and early_media. - Fixed linking issues - Fixed segfault in gateway module - Properly install email template for voicemail module - Don't start py_sems by default (causes issues with python2.7) - Ver. 1.3.1 (Fully API/ABI compatible with previous version) Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version. Fixed severe issue, which caused segfaults Several minor bugfixes and one big fix for regression in modules conference and early_media. - Ver. 1.3.1 (Fully API/ABI compatible with previous version) Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version. Fixed severe issue, which caused segfaults Several minor bugfixes and one big fix for regression in modules conference and early_media. - Ver. 1.3.1 (Fully API/ABI compatible with previous version) Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version. Fixed severe issue, which caused segfaults Several minor bugfixes and one big fix for regression in modules conference and early_media. - Fixed segfault in gateway module - Properly install email template for voicemail module - Don't start py_sems by default (causes issues with python2.7) - Ver. 1.3.1 (Fully API/ABI compatible with previous version) Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version. Fixed severe issue, which caused segfaults Several minor bugfixes and one big fix for regression in modules conference and early_media. - Ver. 1.3.1 (Fully API/ABI compatible with previous version) Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version. Fixed severe issue, which caused segfaults Several minor bugfixes and one big fix for regression in modules conference and early_media. - Ver. 1.3.1 (Fully API/ABI compatible with previous version) Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version. Fixed severe issue, which caused segfaults Several minor bugfixes and one big fix for regression in modules conference and early_media. - Fixed segfault in gateway module - Properly install email template for voicemail module - Don't start py_sems by default (causes issues with python2.7) - Ver. 1.3.1 (Fully API/ABI compatible with previous version) Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version. Fixed severe issue, which caused segfaults Several minor bugfixes and one big fix for regression in modules conference and early_media. - Ver. 1.3.1 (Fully API/ABI compatible with previous version) Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version. Fixed severe issue, which caused segfaults Several minor bugfixes and one big fix for regression in modules conference and early_media. - Ver. 1.3.1 (Fully API/ABI compatible with previous version) Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version. Fixed severe issue, which caused segfaults Several minor bugfixes and one big fix for regression in modules conference and early_media. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 4 2011 Peter Lemenkov lemenkov@gmail.com 1.3.1-4 - Disallow usage of Glibc private functions * Mon Jan 3 2011 Peter Lemenkov lemenkov@gmail.com 1.3.1-3 - Fixed linking issues * Wed Dec 29 2010 Peter Lemenkov lemenkov@gmail.com 1.3.1-2 - Fixed segfault in gateway module - Properly install email template for voicemail module - Don't start py_sems by default (causes issues with python2.7) * Mon Dec 27 2010 Peter Lemenkov lemenkov@gmail.com 1.3.1-1 - Ver. 1.3.1 (Bugfix release) * Wed Sep 29 2010 Peter Lemenkov lemenkov@gmail.com 1.3.0-2 - Workaround for missing atomic built-ins in EPEL5 old gcc --------------------------------------------------------------------------------
================================================================================ slv2-0.6.6-6.fc14 (FEDORA-2011-0154) LV2 host library -------------------------------------------------------------------------------- Update Information:
- Fix CFLAGS issue in slv2->redland->rasqal dependency chain -------------------------------------------------------------------------------- ChangeLog:
* Wed Dec 1 2010 Dan Horák <dan[at]danny.cz> - 0.6.6-6 - Fix CFLAGS issue in slv2->redland->rasqal dependency chain -------------------------------------------------------------------------------- References:
[ 1 ] Bug #667244 - slv2-devel pkg-config is missing a requirement on redland/rasqal https://bugzilla.redhat.com/show_bug.cgi?id=667244 --------------------------------------------------------------------------------
================================================================================ visualvm-1.3-10.fc14 (FEDORA-2011-0163) Lightweight profiler that integrates many command-line JDK tools -------------------------------------------------------------------------------- Update Information:
fixed bugs pushing last version to unstable (https://bugzilla.redhat.com/show_bug.cgi?id=667314) --------------------------------------------------------------------------------
================================================================================ wireshark-1.4.2-2.fc14 (FEDORA-2011-0128) Network traffic analyzer -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 5 2011 Jan Safranek jsafrane@redhat.com - 1.4.2-2 - fixed buffer overflow in ENTTEC dissector (#666897) * Mon Nov 22 2010 Jan Safranek jsafrane@redhat.com - 1.4.2-1 - upgrade to 1.4.2 - see http://www.wireshark.org/docs/relnotes/wireshark-1.4.2.html -------------------------------------------------------------------------------- References:
[ 1 ] Bug #666894 - CVE-2010-4538 Wireshark: Stack-based array index error in ENTTEC dissector (upstream bug #5539) https://bugzilla.redhat.com/show_bug.cgi?id=666894 --------------------------------------------------------------------------------
================================================================================ xorg-x11-drv-ivtv-1.1.2-1.fc14 (FEDORA-2011-0134) Xorg X11 ivtv video driver -------------------------------------------------------------------------------- Update Information:
This is a bugfix release of the 1.1.X branch
-------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 5 2011 Nicolas Chauvet kwizart@gmail.com - 1.1.2-1 - Update to 1.1.2 * Thu Dec 2 2010 Adam Jackson ajax@redhat.com 1.1.1-4 - Really rebuild for new Xorg --------------------------------------------------------------------------------
================================================================================ xscreensaver-5.12-9.fc14 (FEDORA-2011-0139) X screen saver and locker -------------------------------------------------------------------------------- Update Information:
A bug was reported that apple2 crashed with segv. This new rpm may fix the issue. A bug was reported that wormhole crashed on a certain size of window. This new rpm fix this issue. -------------------------------------------------------------------------------- ChangeLog:
* Sun Jan 2 2011 Mamoru Tasaka mtasaka@ioa.s.u-tokyo.ac.jp - 1:5.12-9 - Fix one-byte ahead access on apple2.c (may fix 666643) * Mon Dec 27 2010 Mamoru Tasaka mtasaka@ioa.s.u-tokyo.ac.jp - 1:5.12-8 - Fix SIGFPE on wormhole with some window size (bug 665752) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #666643 - [abrt] xscreensaver-extras-1:5.12-7.fc14: apple2_one_frame: Process /usr/libexec/xscreensaver/apple2 was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=666643 [ 2 ] Bug #665752 - [abrt] xscreensaver-extras-1:5.12-7.fc14: rnd: Process /usr/libexec/xscreensaver/wormhole was killed by signal 8 (SIGFPE) https://bugzilla.redhat.com/show_bug.cgi?id=665752 --------------------------------------------------------------------------------
================================================================================ zabbix-1.8.4-1.fc14 (FEDORA-2011-0135) Open-source monitoring solution for your IT infrastructure -------------------------------------------------------------------------------- Update Information:
- update to 1.8.4 - upstream changelog at http://www.zabbix.com/rn1.8.4.php
-------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 4 2011 Dan Horák <dan[at]danny.cz> - 1.8.4-1 - updated to 1.8.4 - fixes zabbix_agent fail to start on IPv4-only host (#664639) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #664639 - zabbix_agent fails to start on IPv4-only host https://bugzilla.redhat.com/show_bug.cgi?id=664639 --------------------------------------------------------------------------------