The following Fedora 13 Security updates need testing:
https://admin.fedoraproject.org/updates/dbus-1.2.24-2.fc13 https://admin.fedoraproject.org/updates/subversion-1.6.15-1.fc13 https://admin.fedoraproject.org/updates/php-5.3.5-1.fc13,maniadrive-1.2-26.f... https://admin.fedoraproject.org/updates/perl-Convert-UUlib-1.34-1.fc13 https://admin.fedoraproject.org/updates/libuser-0.56.16-1.fc13.2 https://admin.fedoraproject.org/updates/wordpress-2.8.6-4.fc13 https://admin.fedoraproject.org/updates/wordpress-mu-2.9.2-3.fc13 https://admin.fedoraproject.org/updates/dpkg-1.15.5.6-6.fc13 https://admin.fedoraproject.org/updates/sssd-1.3.0-40.fc13 https://admin.fedoraproject.org/updates/feh-1.10.1-1.fc13 https://admin.fedoraproject.org/updates/mod_auth_mysql-3.0.0-12.fc13 https://admin.fedoraproject.org/updates/chm2pdf-0.9.1-8.fc13 https://admin.fedoraproject.org/updates/wireshark-1.2.14-1.fc13 https://admin.fedoraproject.org/updates/sudo-1.7.4p5-1.fc13 https://admin.fedoraproject.org/updates/hplip-3.10.9-14.fc13 https://admin.fedoraproject.org/updates/java-1.6.0-openjdk-1.6.0.0-48.1.8.4.... https://admin.fedoraproject.org/updates/myproxy-5.3-1.fc13 https://admin.fedoraproject.org/updates/perl-CGI-Simple-1.112-2.fc13
The following Fedora 13 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/procps-3.2.8-8.fc13 https://admin.fedoraproject.org/updates/sudo-1.7.4p5-1.fc13 https://admin.fedoraproject.org/updates/elfutils-0.151-1.fc13 https://admin.fedoraproject.org/updates/util-linux-ng-2.17.2-10.fc13 https://admin.fedoraproject.org/updates/libuser-0.56.16-1.fc13.2 https://admin.fedoraproject.org/updates/dosfstools-3.0.9-3.fc13 https://admin.fedoraproject.org/updates/attr-2.4.44-4.fc13 https://admin.fedoraproject.org/updates/livecd-tools-13.1-1.fc13 https://admin.fedoraproject.org/updates/selinux-policy-3.7.19-80.fc13 https://admin.fedoraproject.org/updates/libical-0.46-2.fc13 https://admin.fedoraproject.org/updates/pm-utils-1.2.6.1-4.fc13 https://admin.fedoraproject.org/updates/mash-0.5.20-1.fc13 https://admin.fedoraproject.org/updates/openldap-2.4.21-11.fc13 https://admin.fedoraproject.org/updates/nss-3.12.7-4.fc13,nss-util-3.12.7-2.... https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-7.fc...
The following builds have been pushed to Fedora 13 updates-testing
automaton-1.11r5-1.fc13 dokuwiki-0-0.6.20101107.a.fc13 filezilla-3.3.5.1-2.fc13 fpm2-0.79-1.fc13 google-lato-fonts-1.011-1.fc13 hplip-3.10.9-14.fc13 ibus-table-chinese-1.3.0.20110114-1.fc13 java-1.6.0-openjdk-1.6.0.0-48.1.8.4.fc13 jd-2.8.0-0.3.beta110118.fc13 mpop-1.0.22-1.fc13 myproxy-5.3-1.fc13 netpbm-10.47.25-1.fc13 netxen-firmware-4.0.534-3.fc13 printoxx-2.8.1-1.fc13 procps-3.2.8-8.fc13 system-config-printer-1.2.6-2.fc13 topgit-0.9-0.3.gitd279e292.fc13
Details about builds:
================================================================================ automaton-1.11r5-1.fc13 (FEDORA-2011-0539) A Java finite state automata/regular expression library -------------------------------------------------------------------------------- Update Information:
This update fixes a bug in Gibson's AutomatonMatcher. -------------------------------------------------------------------------------- ChangeLog:
* Mon Jan 17 2011 Jerry James loganjerry@gmail.com - 1.11r5-1 - Upgrade to 1.11-5 - BR openjdk to get better javadoc generation --------------------------------------------------------------------------------
================================================================================ dokuwiki-0-0.6.20101107.a.fc13 (FEDORA-2011-0517) Standards compliant simple to use wiki -------------------------------------------------------------------------------- Update Information:
Upgraded to latest upstream 2010-11-07a -------------------------------------------------------------------------------- ChangeLog:
* Mon Jan 17 2011 Andrew Colin Kissa andrew@topdog.za.net - 0-0.6.20101107.a - Fix selinux sub package * Mon Jan 17 2011 Andrew Colin Kissa andrew@topdog.za.net - 0-0.5.20101107.a - Upgrade to latest upstream - Split package to create selinux package - Fix Bugzilla bug #668386 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #668386 - SELinux prevents Dokuwiki from writing its own config files https://bugzilla.redhat.com/show_bug.cgi?id=668386 --------------------------------------------------------------------------------
================================================================================ filezilla-3.3.5.1-2.fc13 (FEDORA-2011-0497) FTP, FTPS and SFTP client -------------------------------------------------------------------------------- Update Information:
Permanently trusting certificates had no effect until FileZilla was restarted Fix downloading of symbolic links to files Updated language files -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 29 2010 Nicolas Chauvet kwizart@gmail.com - 3.3.5.1-2 - Keep docs in the appropriate place - Improve summary * Sun Nov 28 2010 Nicolas Chauvet kwizart@gmail.com - 3.3.5.1-1 - Update to 3.3.5.1 * Thu Nov 18 2010 Nicolas Chauvet kwizart@gmail.com - 3.3.5-0.1 - Update to 3.3.5 - Add RPM registration for system wide settings * Sun Aug 22 2010 Nicolas Chauvet kwizart@gmail.com - 3.3.4.1-1 - Update to 3.3.4.1 * Fri Aug 13 2010 Nicolas Chauvet kwizart@gmail.com - 3.3.4-1 - Update to 3.3.4 * Wed Jul 14 2010 Dan Horák dan@danny.cz - 3.3.3-1.1 - rebuilt against wxGTK-2.8.11-2 --------------------------------------------------------------------------------
================================================================================ fpm2-0.79-1.fc13 (FEDORA-2011-0520) Password manager with GTK2 GUI -------------------------------------------------------------------------------- Update Information:
Update to new upstream version. -------------------------------------------------------------------------------- ChangeLog:
* Mon Jan 17 2011 Aleš Koval als@regnet.cz - 0.79-1 - Update to 0.79 - Fixed crash due to incorrectly call xmlCleanupParser() (#669102) --------------------------------------------------------------------------------
================================================================================ google-lato-fonts-1.011-1.fc13 (FEDORA-2011-0526) A sanserif typeface family -------------------------------------------------------------------------------- References:
[ 1 ] Bug #668639 - Review Request: google-lato-fonts - A sanserif typeface family https://bugzilla.redhat.com/show_bug.cgi?id=668639 --------------------------------------------------------------------------------
================================================================================ hplip-3.10.9-14.fc13 (FEDORA-2011-0525) HP Linux Imaging and Printing Project -------------------------------------------------------------------------------- Update Information:
Applied patch to fix CVE-2010-4267, remote stack overflow vulnerability (bug #670252). -------------------------------------------------------------------------------- ChangeLog:
* Mon Jan 17 2011 Tim Waugh twaugh@redhat.com - 3.10.9-14 - Applied patch to fix CVE-2010-4267, remote stack overflow vulnerability (bug #670252). * Wed Jan 12 2011 Tim Waugh twaugh@redhat.com - 3.10.9-13 - Removed unused hpcac filter to avoid unnecessary perl dependency. * Wed Jan 12 2011 Tim Waugh twaugh@redhat.com - 3.10.9-12 - Removed duplicate pstotiff files. * Wed Jan 12 2011 Tim Waugh twaugh@redhat.com - 3.10.9-11 - Fixed "CUPS Web Interface" button (bug #633899). - Set mimedir explicitly via configure. * Wed Jan 5 2011 Jiri Popelka jpopelka@redhat.com 3.10.9-10 - Catch GError exception when notification showing failed (bug #665577). -------------------------------------------------------------------------------- References:
[ 1 ] Bug #662740 - CVE-2010-4267 hplip: remote stack overflow vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=662740 --------------------------------------------------------------------------------
================================================================================ ibus-table-chinese-1.3.0.20110114-1.fc13 (FEDORA-2011-0510) Chinese input tables for IBus -------------------------------------------------------------------------------- Update Information:
- Fix Bug 667877: ibus-table-yinma and ibus-table-xingma have been obsoleted. - Now depends on cmake-fedora
- Support out-of-source build - Remove ibus-table-chinese-all - Support out-of-source build - Remove ibus-table-chinese-all -------------------------------------------------------------------------------- ChangeLog:
* Fri Jan 14 2011 Ding-Yi Chen dchen@redhat.com - 1.3.0.20110114-1 - Fix Bug 667877: ibus-table-yinma and ibus-table-xingma have been obsoleted. - Now depends on cmake-fedora -------------------------------------------------------------------------------- References:
[ 1 ] Bug #667877 - Few ibus-table-* packages conflicts with few other ibus-table-* packages. https://bugzilla.redhat.com/show_bug.cgi?id=667877 --------------------------------------------------------------------------------
================================================================================ java-1.6.0-openjdk-1.6.0.0-48.1.8.4.fc13 (FEDORA-2011-0500) OpenJDK Runtime Environment -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 5 2011 Jiri Vanek jvanek@redhat.com -1:1.6.0-47.1.8.4.48 - updated to icedtea 1.8.4 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #569121 - Java applications are unable to use tray icon when using compiz https://bugzilla.redhat.com/show_bug.cgi?id=569121 [ 2 ] Bug #525870 - The Java plugin does not report available fonts accurately https://bugzilla.redhat.com/show_bug.cgi?id=525870 [ 3 ] Bug #597227 - Dashed Lines Off Clip Can Black Out Graphics https://bugzilla.redhat.com/show_bug.cgi?id=597227 [ 4 ] Bug #530642 - Bug in java.awt.geom.IllegalPathStateException https://bugzilla.redhat.com/show_bug.cgi?id=530642 [ 5 ] Bug #647674 - JTextPane produces incorrect content after parsing the html text https://bugzilla.redhat.com/show_bug.cgi?id=647674 --------------------------------------------------------------------------------
================================================================================ jd-2.8.0-0.3.beta110118.fc13 (FEDORA-2011-0536) A 2ch browser -------------------------------------------------------------------------------- Update Information:
2.8.0 beta 111018 is released. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 18 2011 Mamoru Tasaka mtasaka@ioa.s.u-tokyo.ac.jp - 2.8.0-0.3.beta110118 - 2.8.0 beta 110118 --------------------------------------------------------------------------------
================================================================================ mpop-1.0.22-1.fc13 (FEDORA-2011-0519) POP3 client for recieving mail from POP3 mailboxes -------------------------------------------------------------------------------- Update Information:
* Mon Jan 17 2011 Fabian Affolter fabian@bernewireless.net - 1.0.22-1 - Updated to new upstream version 1.0.22 -------------------------------------------------------------------------------- ChangeLog:
* Mon Jan 17 2011 Fabian Affolter fabian@bernewireless.net - 1.0.22-1 - Updated to new upstream version 1.0.22 --------------------------------------------------------------------------------
================================================================================ myproxy-5.3-1.fc13 (FEDORA-2011-0512) Manage X.509 Public Key Infrastructure (PKI) security credentials -------------------------------------------------------------------------------- Update Information:
Release 5.3 fixes a myproxy-logon security bug in MyProxy versions 5.0-5.2 that disabled server identity verification:
The myproxy-logon program in MyProxy versions 5.0 through 5.2 does not enforce the check that the myproxy-server's certificate contains the expected hostname or identity. The impacted MyProxy versions are included in Globus Toolkit releases 5.0.0-5.0.2. This issue is addressed in MyProxy 5.3.
Full details are available: http://grid.ncsa.illinois.edu/myproxy/security/myproxy-adv-2011-01.txt
Other changes in this release: * if myproxy-logon GSI mutual authentication with the myproxy-server fails, try again with client-side anonymous authentication, in case the client-side GSI credentials are unacceptable to the myproxy-server (for example, signed by an untrusted CA), but the myproxy-server would accept an anonymous client (http://bugzilla.globus.org/bugzilla/show_bug.cgi?id=7103) * fix configure checks for globus_usage_stats_send, globus_usage_stats_send_array, and globus_gsi_proxy_handle_set_extensions when installing without existing Globus libraries in LD_LIBRARY_PATH (http://bugzilla.globus.org/bugzilla/show_bug.cgi?id=7098) * in myproxy-server-setup, look in /sbin and /usr/sbin for chkconfig or update-rc.d in case they're not in PATH * add certificate_issuer_subca_certfile option in myproxy-server.config (http://bugzilla.globus.org/bugzilla/show_bug.cgi?id=7119) * make all Globus Usage library errors non-fatal (http://bugzilla.globus.org/bugzilla/show_bug.cgi?id=7111) -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 18 2011 Steve Traylen steve.traylen@cern.ch - 5.3-1 - New upstream 5.3. --------------------------------------------------------------------------------
================================================================================ netpbm-10.47.25-1.fc13 (FEDORA-2011-0523) A library for handling different graphics file formats -------------------------------------------------------------------------------- Update Information:
Updates to netpbm-10.47.25. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 18 2011 Jindrich Novy jnovy@redhat.com 10.47.25-1 - update to 10.47.25 - fix asciitopgm (#670082), thanks to Jonathan Kamens -------------------------------------------------------------------------------- References:
[ 1 ] Bug #670082 - asciitopgm memory corruption on too-long lines; doesn't handle blank lines https://bugzilla.redhat.com/show_bug.cgi?id=670082 --------------------------------------------------------------------------------
================================================================================ netxen-firmware-4.0.534-3.fc13 (FEDORA-2011-0535) QLogic Linux Intelligent Ethernet (3000 and 3100 Series) Adapter Firmware -------------------------------------------------------------------------------- Update Information:
New package - netxen-firmware - QLogic Linux Intelligent Ethernet (3000 and 3100 Series) Adapter Firmware -------------------------------------------------------------------------------- References:
[ 1 ] Bug #660393 - Review Request: netxen-firmware - QLogic Linux Intelligent Ethernet (3000 and 3100 Series) Adapter Firmware https://bugzilla.redhat.com/show_bug.cgi?id=660393 --------------------------------------------------------------------------------
================================================================================ printoxx-2.8.1-1.fc13 (FEDORA-2011-0537) Print image files -------------------------------------------------------------------------------- ChangeLog:
* Mon Jan 17 2011 Pavel Alexeev Pahan@Hubbitus.info - 2.8.1-1 - New version 2.8.1 as requested in BZ#668577 - Delete old patch. - Replace $RPM_BUILD_ROOT to %{buildroot} - Added man. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #668577 - Please update Printoxx https://bugzilla.redhat.com/show_bug.cgi?id=668577 --------------------------------------------------------------------------------
================================================================================ procps-3.2.8-8.fc13 (FEDORA-2011-0502) System and process monitoring utilities -------------------------------------------------------------------------------- Update Information:
This is an update that fixes crashing in top utility. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 11 2011 Jan Görig jgorig@redhat.com 3.2.8-8 - fixed procps-3.2.8-threads.patch (SIGABRT) (#670289) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #670289 - top command crashes with -H and invalid pid https://bugzilla.redhat.com/show_bug.cgi?id=670289 --------------------------------------------------------------------------------
================================================================================ system-config-printer-1.2.6-2.fc13 (FEDORA-2010-19111) A printer administration tool -------------------------------------------------------------------------------- Update Information:
New upstream release that fixes several bugs. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 18 2011 Jiri Popelka jpopelka@redhat.com 1.2.6-2 - Allow %, ( and ) characters in dnssd URI (bug #669820). * Mon Jan 17 2011 Jiri Popelka jpopelka@redhat.com 1.2.6-1 - 1.2.6: - Remove reference to current printer on exit (bug #556548). - Handle cups.Connection() failure in PrinterURIIndexr (bug #648014). - Block unwanted characters when editing queue name (bug #658550). - Initialise D-Bus threading in timedops module (bug #662047). - many other fixes * Mon Dec 20 2010 Jiri Popelka jpopelka@redhat.com 1.2.5-8 - Updated pycups to 1.9.53 (bug #662805). * Thu Dec 2 2010 Tim Waugh twaugh@redhat.com - 1.2.5-7 - Grab focus on the IconView after setting it editable (bug #650995). -------------------------------------------------------------------------------- References:
[ 1 ] Bug #650995 - [Compiz] Unable to rename printer https://bugzilla.redhat.com/show_bug.cgi?id=650995 [ 2 ] Bug #662805 - [abrt] system-config-printer-1.2.5-6.fc14: PyObject_Call: Process /usr/bin/python was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=662805 [ 3 ] Bug #648014 - [abrt] system-config-printer-1.2.4-1.fc13: jobviewer.py:125:_map_printer:RuntimeError: failed to connect to server https://bugzilla.redhat.com/show_bug.cgi?id=648014 [ 4 ] Bug #658550 - Spaces in printer name get removed https://bugzilla.redhat.com/show_bug.cgi?id=658550 [ 5 ] Bug #662047 - troubleshooter uses D-Bus from two threads https://bugzilla.redhat.com/show_bug.cgi?id=662047 [ 6 ] Bug #668127 - [abrt] system-config-printer-1.2.5-8.fc14: system-config-printer.py:5634:entry_changed:UnicodeDecodeError: 'utf8' codec can't decode byte 0xaa in position 52: invalid start byte https://bugzilla.redhat.com/show_bug.cgi?id=668127 [ 7 ] Bug #669820 - dnssd unable to resolve URI for HP network printer https://bugzilla.redhat.com/show_bug.cgi?id=669820 --------------------------------------------------------------------------------
================================================================================ topgit-0.9-0.3.gitd279e292.fc13 (FEDORA-2011-0499) A different patch queue manager -------------------------------------------------------------------------------- Update Information:
Update to the latest head version. This is a release candidate for the upcoming topgit 0.9 version.
It adds tg-prev and tg-next commands. The tg-mail and tg-summary commands accept -i/-w switches now (base the operation on the index/working dir instead of branch). -------------------------------------------------------------------------------- ChangeLog:
* Sun Dec 26 2010 Thomas Moschny thomas.moschny@gmx.de - 0.9-0.3.gitd279e292 - Update to revision d279e292. --------------------------------------------------------------------------------