The following Fedora 15 Security updates need testing:
https://admin.fedoraproject.org/updates/FEDORA-2012-2589/postgresql-9.0.7-1.... https://admin.fedoraproject.org/updates/FEDORA-2012-2144/glibc-2.14.1-6 https://admin.fedoraproject.org/updates/FEDORA-2012-0752/jetty-6.1.26-7.fc15 https://admin.fedoraproject.org/updates/FEDORA-2012-1656/apr-1.4.6-1.fc15 https://admin.fedoraproject.org/updates/FEDORA-2012-1642/httpd-2.2.22-1.fc15 https://admin.fedoraproject.org/updates/FEDORA-2012-1845/xulrunner-10.0.1-3.... https://admin.fedoraproject.org/updates/FEDORA-2012-1838/thunderbird-10.0.1-... https://admin.fedoraproject.org/updates/FEDORA-2012-2405/tremulous-1.2.0-0.4... https://admin.fedoraproject.org/updates/FEDORA-2012-2403/seamonkey-2.7.1-2.f... https://admin.fedoraproject.org/updates/FEDORA-2012-2367/puppet-2.6.14-1.fc1... https://admin.fedoraproject.org/updates/FEDORA-2012-2364/uzbl-0-0.26.2011040... https://admin.fedoraproject.org/updates/FEDORA-2011-17233/tor-0.2.1.32-1500.... https://admin.fedoraproject.org/updates/FEDORA-2011-16980/asterisk-1.8.7.2-1...
The following Fedora 15 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/FEDORA-2012-2577/systemd-26-17.fc15 https://admin.fedoraproject.org/updates/FEDORA-2012-2374/exempi-2.2.0-1.fc15... https://admin.fedoraproject.org/updates/FEDORA-2012-2396/system-config-print... https://admin.fedoraproject.org/updates/FEDORA-2012-2376/mdadm-3.2.3-6.fc15 https://admin.fedoraproject.org/updates/FEDORA-2012-2144/glibc-2.14.1-6 https://admin.fedoraproject.org/updates/FEDORA-2012-2025/pycairo-1.8.10-4.fc... https://admin.fedoraproject.org/updates/FEDORA-2012-1937/createrepo-0.9.9-5.... https://admin.fedoraproject.org/updates/FEDORA-2012-1835/cups-1.4.8-9.fc15 https://admin.fedoraproject.org/updates/FEDORA-2012-1838/thunderbird-10.0.1-... https://admin.fedoraproject.org/updates/FEDORA-2012-1845/xulrunner-10.0.1-3.... https://admin.fedoraproject.org/updates/FEDORA-2012-1697/python-kitchen-1.1.... https://admin.fedoraproject.org/updates/FEDORA-2012-1656/apr-1.4.6-1.fc15 https://admin.fedoraproject.org/updates/FEDORA-2011-13190/phonon-backend-gst...
The following builds have been pushed to Fedora 15 updates-testing
LogService-2.8.0-1.fc15 NearTree-3.1.1-3.fc15 drupal7-date-2.2-1.fc15 freetds-0.91-2.fc15 gpodder-2.20.1-1.fc15 guake-0.4.2-7.fc15 httpry-0.1.5-4.fc15 imapfilter-2.5-1.fc15 kde-plasma-networkmanagement-0.9.0-1.fc15 moin-1.9.4-1.fc15 mozc-1.3.975.102-2.fc15 php-pear-1.9.4-5.fc15 postgresql-9.0.7-1.fc15 s3cmd-1.0.1-1.fc15 spring-86.0-1.fc15 sx-2.09-1.fc15 systemd-26-17.fc15 vnstat-1.11-6.fc15
Details about builds:
================================================================================ LogService-2.8.0-1.fc15 (FEDORA-2012-2571) DIET middleware logging service -------------------------------------------------------------------------------- Update Information:
initial import -------------------------------------------------------------------------------- References:
[ 1 ] Bug #783066 - Review Request: LogService - DIET middleware logging service https://bugzilla.redhat.com/show_bug.cgi?id=783066 --------------------------------------------------------------------------------
================================================================================ NearTree-3.1.1-3.fc15 (FEDORA-2012-2584) An API for finding nearest neighbors -------------------------------------------------------------------------------- Update Information:
Add missing CVector-devel to Require in devel subpackage. -------------------------------------------------------------------------------- ChangeLog:
* Mon Feb 27 2012 Takanori MATSUURA t.matsuu@gmail.com - 3.1.1-2 - add missing CVector-devel to Require in devel subpackage * Thu Jan 12 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 3.1.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ drupal7-date-2.2-1.fc15 (FEDORA-2012-2569) This package contains both the Date module and a Date API module -------------------------------------------------------------------------------- Update Information:
Update to upstream date-2.2 release Update to upstream 2.1 release Update to upstream rc2 release -------------------------------------------------------------------------------- ChangeLog:
* Mon Feb 27 2012 Jared Smith jsmith@fedoraproject.org - 2.2-1 - Update to upstream release 2.2 * Thu Feb 23 2012 Jared Smith jsmith@fedoraproject.org - 2.1-3 - Accidentally removed the .fc15 from the release number * Thu Feb 23 2012 Jared Smith jsmith@fedoraproject.org - 2.1-2 - Bump release number to fix a small typo * Wed Feb 22 2012 Jared Smith jsmith@fedoraproject.org - 2.1-1 - Update to upstream 2.1 release * Sat Feb 4 2012 Jared Smith jsmith@fedoraproject.org - 2.0-0.1.rc2 - Update to rc2 * Fri Jan 13 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.0-0.2.rc1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Wed Dec 21 2011 Jared Smith jsmith@fedoraproject.org - 2.0-0.1.rc1 - Update to rc1 - Convert CHANGELOG.txt to UTF-8 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #797841 - drupal7-date-2.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=797841 [ 2 ] Bug #795368 - drupal7-date-2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=795368 --------------------------------------------------------------------------------
================================================================================ freetds-0.91-2.fc15 (FEDORA-2012-2574) Implementation of the TDS (Tabular DataStream) protocol -------------------------------------------------------------------------------- Update Information:
add Kerberos support -------------------------------------------------------------------------------- ChangeLog:
* Mon Feb 27 2012 Dmitry Butskoy Dmitry@Butskoy.name - 0.91-2 - Enable Kerberos support (#797276) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #797276 - Enable Kerberos support in FreeTDS https://bugzilla.redhat.com/show_bug.cgi?id=797276 --------------------------------------------------------------------------------
================================================================================ gpodder-2.20.1-1.fc15 (FEDORA-2012-2553) Podcast receiver/catcher written in Python -------------------------------------------------------------------------------- Update Information:
This is a minor bug fix release. For more information, refer to http://blog.gpodder.org/2012/02/gpodder-2201-rosey-robot-released.html -------------------------------------------------------------------------------- ChangeLog:
* Sun Feb 26 2012 Ville-Pekka Vainio <vpvainio AT iki.fi> - 2.20.1-1 - New upstream release - Update project and source URLs * Fri Jan 13 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.20-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ guake-0.4.2-7.fc15 (FEDORA-2012-2590) Drop-down terminal for GNOME -------------------------------------------------------------------------------- Update Information:
Add patch fixing notification issue for non-GNOME desktop. -------------------------------------------------------------------------------- ChangeLog:
* Mon Feb 27 2012 Pierre-Yves Chibon pingou@pingoured.fr - 0.4.2-7 - Fix notifications for non-GNOME DE not having the right library RHBZ#710586 * Sat Jan 14 2012 Pierre-Yves Chibon pingou@pingoured.fr - 0.4.2-6 - Fix FTBFS by remove some includes in the file keybinder.c * Fri Jan 13 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.4.2-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Tue Dec 6 2011 Adam Jackson ajax@redhat.com - 0.4.2-4 - Rebuild for new libpng -------------------------------------------------------------------------------- References:
[ 1 ] Bug #710586 - [abrt] guake-0.4.2-3.fc15: guake.py:649:__init__:GError: GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.freedesktop.Notifications was not provided by any .service files https://bugzilla.redhat.com/show_bug.cgi?id=710586 --------------------------------------------------------------------------------
================================================================================ httpry-0.1.5-4.fc15 (FEDORA-2012-2582) A specialized packet sniffer designed for displaying and logging HTTP traffic -------------------------------------------------------------------------------- Update Information:
Adjusted compiler flags. New package release. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #796445 - httpry 0.1.5-3 not built with $RPM_{OPT,LD}_FLAGS https://bugzilla.redhat.com/show_bug.cgi?id=796445 [ 2 ] Bug #716580 - Review Request: httpry - A specialized packet sniffer designed for displaying and logging HTTP traffic https://bugzilla.redhat.com/show_bug.cgi?id=716580 --------------------------------------------------------------------------------
================================================================================ imapfilter-2.5-1.fc15 (FEDORA-2012-2576) A flexible client side mail filtering utility for IMAP servers -------------------------------------------------------------------------------- Update Information:
Updated against latest upstream version (last update for F15) -------------------------------------------------------------------------------- ChangeLog:
* Mon Feb 27 2012 David Sommerseth davids@redhat.com - 2.5-1 - Updated to latest upstream version - Replaced the configure patch with a makefile patch, as upstream has changed their building methods * Fri Feb 10 2012 Petr Pisar ppisar@redhat.com - 2.2.2-4 - Rebuild against PCRE 8.30 * Fri Jan 13 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.2.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #797420 - RFE: Update to latest version https://bugzilla.redhat.com/show_bug.cgi?id=797420 --------------------------------------------------------------------------------
================================================================================ kde-plasma-networkmanagement-0.9.0-1.fc15 (FEDORA-2012-2578) NetworkManager KDE 4 integration -------------------------------------------------------------------------------- Update Information:
An update of the Network Management Plasma widget to the latest upstream release, fixing several bugs.
See http://lamarque-lvs.blogspot.com/2012/02/plasma-nm-090.html for details. -------------------------------------------------------------------------------- ChangeLog:
* Mon Feb 27 2012 Kevin Kofler Kevin@tigcc.ticalc.org 1:0.9.0-1 - update to 0.9.0 --------------------------------------------------------------------------------
================================================================================ moin-1.9.4-1.fc15 (FEDORA-2012-2551) MoinMoin is a WikiEngine to collaborate on easily editable web pages -------------------------------------------------------------------------------- Update Information:
This release includes bug fixes and some small new features. For more information, please refer to the URLs below.
* http://moinmo.in/MoinMoinRelease1.9 * http://hg.moinmo.in/moin/1.9/file/56eaf32027f4/docs/CHANGES -------------------------------------------------------------------------------- ChangeLog:
* Sun Feb 26 2012 Ville-Pekka Vainio <vpvainio AT iki.fi> - 1.9.4-1 - New upstream release - Drop integrated security patch * Fri Jan 13 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.9.3-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Sun Sep 18 2011 Ville-Pekka Vainio <vpvainio AT iki.fi> - 1.9.3-5 - Remove check for packaging egg-info if Fedora >= 9, breaks EL builds (rhbz#739311) --------------------------------------------------------------------------------
================================================================================ mozc-1.3.975.102-2.fc15 (FEDORA-2012-2563) Open-sourced Google Japanese Input -------------------------------------------------------------------------------- Update Information:
* Fix a doc link in apps -------------------------------------------------------------------------------- ChangeLog:
* Mon Feb 27 2012 Akira TAGOH tagoh@redhat.com - 1.3.975.102-2 - Fix docdir. --------------------------------------------------------------------------------
================================================================================ php-pear-1.9.4-5.fc15 (FEDORA-2012-2560) PHP Extension and Application Repository framework -------------------------------------------------------------------------------- Update Information:
* Update to Archive_Tar 1.3.9 * update to XML_RPC-1.5.5 * Add patch (from RHEL) to ignore REST cache creation failures as non-root user
-------------------------------------------------------------------------------- ChangeLog:
* Mon Feb 27 2012 Remi Collet remi@fedoraproject.org 1:1.9.4-5 - Update Archive_Tar to 1.3.9 - add patch from RHEL (Joe Orton) - fix install-pear.php URL (with our patch for doc_dir applied) - allow to build with "tests" option - update to XML_RPC-1.5.5 --------------------------------------------------------------------------------
================================================================================ postgresql-9.0.7-1.fc15 (FEDORA-2012-2589) PostgreSQL client programs -------------------------------------------------------------------------------- Update Information:
Update to latest Postgres releases --- resolves some security and data loss bugs http://www.postgresql.org/docs/9.1/static/release-9-1-3.html http://www.postgresql.org/docs/9.0/static/release-9-0-7.html
-------------------------------------------------------------------------------- ChangeLog:
* Mon Feb 27 2012 Tom Lane tgl@redhat.com 9.0.7-1 - Update to PostgreSQL 9.0.7, for various fixes described at http://www.postgresql.org/docs/9.0/static/release-9-0-7.html including the fixes for CVE-2012-0866, CVE-2012-0867, CVE-2012-0868 Resolves: #797918 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #797222 - CVE-2012-0866 postgresql: Absent permission checks on trigger function to be called when creating a trigger https://bugzilla.redhat.com/show_bug.cgi?id=797222 [ 2 ] Bug #797915 - CVE-2012-0867 postgresql: MITM due improper x509_v3 CN validation during certificate verification https://bugzilla.redhat.com/show_bug.cgi?id=797915 [ 3 ] Bug #797917 - CVE-2012-0868 postgresql: SQL injection due unsanitized newline characters in object names https://bugzilla.redhat.com/show_bug.cgi?id=797917 --------------------------------------------------------------------------------
================================================================================ s3cmd-1.0.1-1.fc15 (FEDORA-2012-2544) Tool for accessing Amazon Simple Storage Service -------------------------------------------------------------------------------- Update Information:
update to upstream 1.0.1 release -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 23 2012 Dennis Gilmore dennis@ausil.us - 1.0.1-1 - update to 1.0.1 release * Sat Jan 14 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.0.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Thu May 5 2011 Lubomir Rintel (GoodData) lubo.rintel@gooddata.com - 1.0.0-3 - No hashlib hackery --------------------------------------------------------------------------------
================================================================================ spring-86.0-1.fc15 (FEDORA-2012-2566) Multiplayer, 3D realtime strategy combat game -------------------------------------------------------------------------------- Update Information:
- 86.0: Upstream feature / bugfix release.
-------------------------------------------------------------------------------- ChangeLog:
* Mon Feb 27 2012 Gilboa Davara <gilboad [AT] gmail [DOT] com> - 86.0-1 - 86.0: Upstream feature / bugfix release. * Sat Jan 14 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 84.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ sx-2.09-1.fc15 (FEDORA-2012-2554) Tool to extract reports and run plug-ins against those extracted reports -------------------------------------------------------------------------------- Update Information:
Update to the latest version of sx, 2.09. -------------------------------------------------------------------------------- ChangeLog:
* Mon Feb 27 2012 Niels de Vos devos@fedoraproject.org - 2.09-1 - Update to the latest version * Fri Jan 6 2012 Niels de Vos devos@fedoraproject.org - 2.07-1 - Update to the latest version - Drop CHANGELOG.Fedora as the tarball includes a CHANGELOG * Wed Dec 7 2011 Niels de Vos devos@fedoraproject.org - 2.06-14 - Bump the version so that upstream packages get replaced * Mon Dec 5 2011 Niels de Vos devos@fedoraproject.org - 2.06-1 - Update to current version - Add separate CHANGELOG --------------------------------------------------------------------------------
================================================================================ systemd-26-17.fc15 (FEDORA-2012-2577) A System and Service Manager -------------------------------------------------------------------------------- Update Information:
This systemd update backports the support for root storage daemons (http://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons), which is a necessary part to fix hangs during shutdown with IMSM RAID (bug 713224). Note that corresponding fixes in mdadm and dracut are required to fix the bug. -------------------------------------------------------------------------------- ChangeLog:
* Mon Feb 27 2012 Michal Schmidt mschmidt@redhat.com - 26-17 - Backport the detection of root storage daemons. http://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons --------------------------------------------------------------------------------
================================================================================ vnstat-1.11-6.fc15 (FEDORA-2011-16902) Console-based network traffic monitor -------------------------------------------------------------------------------- Update Information:
uid fix -------------------------------------------------------------------------------- ChangeLog:
* Thu Dec 22 2011 Adrian Reber adrian@lisas.de - 1.11-6 - fixed /run/%{name}/ permissions * Thu Dec 22 2011 Adrian Reber adrian@lisas.de - 1.11-5 - added /run/%{name}/ directory to file list * Thu Dec 22 2011 Adrian Reber adrian@lisas.de - 1.11-4 - added patch to check for pidfile in /run/vnstat * Tue Nov 29 2011 Adrian Reber adrian@lisas.de - 1.11-3 - create file in tmpfiles.d for pidfile (#750141) * Tue Jun 28 2011 Adrian Reber adrian@lisas.de - 1.11-2 - do not run vnstatd as the root user but as the vnstat user (#711995) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #559883 - vnstat runtime files mislabeled https://bugzilla.redhat.com/show_bug.cgi?id=559883 --------------------------------------------------------------------------------