The following Fedora 17 Security updates need testing: Age URL 1 https://admin.fedoraproject.org/updates/FEDORA-2012-19442/php-symfony2-HttpF... 10 https://admin.fedoraproject.org/updates/FEDORA-2012-18748/android-tools-2012... 4 https://admin.fedoraproject.org/updates/FEDORA-2012-19233/plexus-cipher-1.5-... 0 https://admin.fedoraproject.org/updates/FEDORA-2012-19533/weechat-0.3.9.2-2.... 1 https://admin.fedoraproject.org/updates/FEDORA-2012-19341/openstack-keystone... 8 https://admin.fedoraproject.org/updates/FEDORA-2012-18952/seamonkey-2.14-1.f... 70 https://admin.fedoraproject.org/updates/FEDORA-2012-14650/tor-0.2.2.39-1700.... 8 https://admin.fedoraproject.org/updates/FEDORA-2012-18950/cups-pk-helper-0.2... 51 https://admin.fedoraproject.org/updates/FEDORA-2012-16048/cobbler-2.4.0-beta... 3 https://admin.fedoraproject.org/updates/FEDORA-2012-19356/cups-1.5.4-13.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2012-19349/mc-4.8.6-2.fc17 7 https://admin.fedoraproject.org/updates/FEDORA-2012-19042/mate-settings-daem... 11 https://admin.fedoraproject.org/updates/FEDORA-2012-18659/gnome-system-log-3... 4 https://admin.fedoraproject.org/updates/FEDORA-2012-19203/squashfs-tools-4.2... 150 https://admin.fedoraproject.org/updates/FEDORA-2012-10269/revelation-0.4.14-... 1 https://admin.fedoraproject.org/updates/FEDORA-2012-19464/drupal6-ctools-1.1... 4 https://admin.fedoraproject.org/updates/FEDORA-2012-19282/perl-CGI-3.52-218.... 4 https://admin.fedoraproject.org/updates/FEDORA-2012-19235/php-symfony-symfon...
The following Fedora 17 Critical Path updates have yet to be approved: Age URL 1 https://admin.fedoraproject.org/updates/FEDORA-2012-19451/xulrunner-17.0.1-1... 1 https://admin.fedoraproject.org/updates/FEDORA-2012-19496/control-center-3.4... 1 https://admin.fedoraproject.org/updates/FEDORA-2012-19478/mutter-3.4.1-4.fc1... 1 https://admin.fedoraproject.org/updates/FEDORA-2012-19446/phonon-backend-gst... 3 https://admin.fedoraproject.org/updates/FEDORA-2012-19344/xorg-x11-drv-intel... 3 https://admin.fedoraproject.org/updates/FEDORA-2012-19350/ModemManager-0.6.0... 3 https://admin.fedoraproject.org/updates/FEDORA-2012-19354/xfwm4-4.8.3-3.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2012-19262/bash-4.2.39-2.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2012-19252/openssh-5.9p1-28.f... 4 https://admin.fedoraproject.org/updates/FEDORA-2012-19282/perl-CGI-3.52-218.... 4 https://admin.fedoraproject.org/updates/FEDORA-2012-19208/lxpanel-0.5.10-3.f... 4 https://admin.fedoraproject.org/updates/FEDORA-2012-19203/squashfs-tools-4.2... 7 https://admin.fedoraproject.org/updates/FEDORA-2012-19048/json-c-0.10-2.fc17 7 https://admin.fedoraproject.org/updates/FEDORA-2012-19014/json-c-0.10-1.fc17 7 https://admin.fedoraproject.org/updates/FEDORA-2012-19006/nss-util-3.14-1.fc... 8 https://admin.fedoraproject.org/updates/FEDORA-2012-18950/cups-pk-helper-0.2... 8 https://admin.fedoraproject.org/updates/FEDORA-2012-18937/kdelibs-4.9.3-4.fc... 4 https://admin.fedoraproject.org/updates/FEDORA-2012-18850/cronie-1.4.10-1.fc... 10 https://admin.fedoraproject.org/updates/FEDORA-2012-18759/python-urlgrabber-... 11 https://admin.fedoraproject.org/updates/FEDORA-2012-18651/jack-audio-connect... 12 https://admin.fedoraproject.org/updates/FEDORA-2012-18542/dnsmasq-2.63-2.fc1... 4 https://admin.fedoraproject.org/updates/FEDORA-2012-18329/abrt-2.0.19-2.fc17... The following builds have been pushed to Fedora 17 updates-testing
NetworkManager-l2tp-0.9.6-2.fc17 OpenLP-2.0-1.fc17 mate-netspeed-1.5.0-1.fc17 paris-traceroute-0.92-2.fc17 perl-Config-Validator-0.6-1.fc17 perl-Directory-Queue-1.7-1.fc17 perl-Messaging-Message-1.4-1.fc17 php-Pimple-1.0.0-2.fc17 putty-0.62-3.fc17 python-fdb-0.9.9-1.fc17 python-zope-interface-4.0.2-3.fc17 syncevolution-1.3.2-1.fc17 ugene-1.11.3-2.fc17 unison240-2.40.102-1.fc17 vfrnav-20121111-1.fc17 vile-9.8i-1.fc17 weechat-0.3.9.2-2.fc17
Details about builds:
================================================================================ NetworkManager-l2tp-0.9.6-2.fc17 (FEDORA-2012-19546) NetworkManager VPN plugin for l2tp -------------------------------------------------------------------------------- Update Information:
A new package. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #878653 - Review Request: NetworkManager-l2tp - NetworkManager VPN plugin for l2tp https://bugzilla.redhat.com/show_bug.cgi?id=878653 --------------------------------------------------------------------------------
================================================================================ OpenLP-2.0-1.fc17 (FEDORA-2012-19550) Open source Church presentation and lyrics projection application -------------------------------------------------------------------------------- Update Information:
Release 2.0 of OpenLP -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 30 2012 Tim Bentley timbentley@openlp.org - 2.0-1 - Release 2.0 --------------------------------------------------------------------------------
================================================================================ mate-netspeed-1.5.0-1.fc17 (FEDORA-2012-19539) MATE netspeed -------------------------------------------------------------------------------- Update Information:
MATE Netspeed applet -------------------------------------------------------------------------------- References:
[ 1 ] Bug #882539 - Review Request: mate-netspeed - MATE Desktop netspeed app https://bugzilla.redhat.com/show_bug.cgi?id=882539 --------------------------------------------------------------------------------
================================================================================ paris-traceroute-0.92-2.fc17 (FEDORA-2012-19542) A network diagnosis and measurement tool -------------------------------------------------------------------------------- Update Information:
* Sun Oct 21 2012 Fabian Affolter mail@fabian-affolter.ch - 0.92-2 - Minor changes
* Fri Mar 30 2012 Fabian Affolter mail@fabian-affolter.ch - 0.92-1 - Initial package for Fedora -------------------------------------------------------------------------------- References:
[ 1 ] Bug #868666 - Review Request: paris-traceroute - A network diagnosis and measurement tool https://bugzilla.redhat.com/show_bug.cgi?id=868666 --------------------------------------------------------------------------------
================================================================================ perl-Config-Validator-0.6-1.fc17 (FEDORA-2012-19548) Schema based configuration validation -------------------------------------------------------------------------------- Update Information:
updating to latest upstream version 0.6 -------------------------------------------------------------------------------- ChangeLog:
* Tue Nov 20 2012 Massimo Paladin massimo.paladin@gmail.com 0.6-1 - Update to 0.6. * Fri Jul 20 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.4-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Tue Jun 12 2012 Petr Pisar ppisar@redhat.com - 0.4-2 - Perl 5.16 rebuild --------------------------------------------------------------------------------
================================================================================ perl-Directory-Queue-1.7-1.fc17 (FEDORA-2012-19544) Object oriented interface to a directory based queue -------------------------------------------------------------------------------- Update Information:
updating to latest upstream version 1.7 -------------------------------------------------------------------------------- ChangeLog:
* Tue Nov 20 2012 Massimo Paladin massimo.paladin@gmail.com - 1.7-1 - Update to 1.7 rhbz#877951. * Fri Jul 20 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.6-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Tue Jun 12 2012 Petr Pisar ppisar@redhat.com - 1.6-2 - Perl 5.16 rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #877951 - Upgrade to new upstream version https://bugzilla.redhat.com/show_bug.cgi?id=877951 --------------------------------------------------------------------------------
================================================================================ perl-Messaging-Message-1.4-1.fc17 (FEDORA-2012-19553) Abstraction of a message -------------------------------------------------------------------------------- Update Information:
updating to latest upstream version 1.4 -------------------------------------------------------------------------------- ChangeLog:
* Tue Nov 20 2012 Massimo Paladin massimo.paladin@gmail.com 1.4-1 - Upgrade to 1.4 upstream version. * Fri Jul 20 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.3-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sat Jun 16 2012 Petr Pisar ppisar@redhat.com - 1.3-2 - Perl 5.16 rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #877952 - Upgrade to new upstream version https://bugzilla.redhat.com/show_bug.cgi?id=877952 --------------------------------------------------------------------------------
================================================================================ php-Pimple-1.0.0-2.fc17 (FEDORA-2012-19541) A simple Dependency Injection Container for PHP -------------------------------------------------------------------------------- Update Information:
Pimple is a small Dependency Injection Container for PHP that consists of just one file and one class. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #882418 - Review Request: php-Pimple - A simple Dependency Injection Container for PHP 5.3 https://bugzilla.redhat.com/show_bug.cgi?id=882418 --------------------------------------------------------------------------------
================================================================================ putty-0.62-3.fc17 (FEDORA-2012-19532) SSH, Telnet and Rlogin client -------------------------------------------------------------------------------- Update Information:
This is new version of package that fixes several bugs. -------------------------------------------------------------------------------- ChangeLog:
* Wed Sep 26 2012 Jaroslav Škarvada jskarvad@redhat.com - 0.62-3 - Added missing ImageMagick BuildRequires * Wed Sep 19 2012 Jaroslav Škarvada jskarvad@redhat.com - 0.62-2 - Generated icon from sources * Tue Aug 7 2012 Jaroslav Škarvada jskarvad@redhat.com - 0.62-1 - New version * Sat Jan 14 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.60-9.20100910svn - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Tue Dec 6 2011 Adam Jackson ajax@redhat.com - 0.60-8.20100910svn - Rebuild for new libpng -------------------------------------------------------------------------------- References:
[ 1 ] Bug #846348 - Review Request: putty - SSH, Telnet and Rlogin client https://bugzilla.redhat.com/show_bug.cgi?id=846348 --------------------------------------------------------------------------------
================================================================================ python-fdb-0.9.9-1.fc17 (FEDORA-2012-19545) Firebird RDBMS bindings for Python -------------------------------------------------------------------------------- Update Information:
New upstream bugfix. Firebird RDBMS bindings for Python. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #875506 - Review Request: python-fdb - Firebird RDBMS bindings for Python https://bugzilla.redhat.com/show_bug.cgi?id=875506 --------------------------------------------------------------------------------
================================================================================ python-zope-interface-4.0.2-3.fc17 (FEDORA-2012-19549) Zope 3 Interface Infrastructure -------------------------------------------------------------------------------- Update Information:
Fix typo to python-zope-event requirement. Upstream release and a python3 subpackage. -------------------------------------------------------------------------------- ChangeLog:
* Thu Nov 29 2012 Ralph Bean rbean@redhat.com - 4.0.2-3 - Typofix to python-zope-event requirement. * Thu Nov 29 2012 Ralph Bean rbean@redhat.com - 4.0.2-2 - Added dependency on python-zope-event. * Wed Nov 28 2012 Ralph Bean rbean@redhat.com - 4.0.2-1 - Latest upstream release. - Python3 subpackage. - Rearrange the way we package docs. * Sat Jul 21 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 3.7.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #882494 - python-zope-interface (python2) depends on python3-zope-event https://bugzilla.redhat.com/show_bug.cgi?id=882494 --------------------------------------------------------------------------------
================================================================================ syncevolution-1.3.2-1.fc17 (FEDORA-2012-19554) SyncML client for evolution -------------------------------------------------------------------------------- Update Information:
New upstream 1.3.2 stable release: - Fix auto sync - Force build against gtk3 - drop old build dependencies - Fix desktop icon - gtk-ui runs properly
This should fix the issue with the desktop file. It also enables webdav support New upstream stable bugfix release. -------------------------------------------------------------------------------- ChangeLog:
* Sat Dec 1 2012 Peter Robinson pbrobinson@fedoraproject.org 1:1.3.2-1 - 1.3.2 stable release - Drop old dependencies and force build against gtk3 - Update icon cache for desktop icon * Tue Nov 20 2012 Milan Crha mcrha@redhat.com - 1:1.3.1-4 - Rebuild against newer evolution-data-server * Thu Oct 25 2012 Milan Crha mcrha@redhat.com - 1:1.3.1-3 - Rebuild against newer evolution-data-server * Sat Oct 20 2012 Peter Robinson pbrobinson@fedoraproject.org 1:1.3.1-2 - Fix desktop file, enable DAV * Mon Oct 8 2012 Peter Robinson pbrobinson@fedoraproject.org 1:1.3.1-1 - 1.3.1 stable release * Tue Sep 18 2012 Peter Robinson pbrobinson@fedoraproject.org - 1:1.3-2 - Add patch to fix build detecting gio -------------------------------------------------------------------------------- References:
[ 1 ] Bug #877309 - [abrt] syncevolution-gtk-1.3.1-2.fc18: do_pre_parse_initialization: Process /usr/bin/sync-ui was killed by signal 5 (SIGTRAP) https://bugzilla.redhat.com/show_bug.cgi?id=877309 [ 2 ] Bug #866464 - The sync-ui-gtk executable is missing in syncevolution-gtk-1.3-1 https://bugzilla.redhat.com/show_bug.cgi?id=866464 [ 3 ] Bug #790496 - Can't use WebDAV with SyncEvolution because it's not compiled https://bugzilla.redhat.com/show_bug.cgi?id=790496 [ 4 ] Bug #861720 - [abrt] syncevolution-gtk-1.3-1.fc17: do_pre_parse_initialization: Process /usr/bin/sync-ui was killed by signal 5 (SIGTRAP) https://bugzilla.redhat.com/show_bug.cgi?id=861720 [ 5 ] Bug #862028 - [abrt] syncevolution-gtk-1.3-1.fc17: g_logv: Process /usr/bin/sync-ui was killed by signal 5 (SIGTRAP) https://bugzilla.redhat.com/show_bug.cgi?id=862028 [ 6 ] Bug #863094 - [abrt] syncevolution-1.3-1.fc17: __cxxabiv1::__unexpected: Process /usr/libexec/syncevo-dbus-server was killed by signal 6 (SIGABRT) https://bugzilla.redhat.com/show_bug.cgi?id=863094 --------------------------------------------------------------------------------
================================================================================ ugene-1.11.3-2.fc17 (FEDORA-2012-19551) Integrated bioinformatics toolkit -------------------------------------------------------------------------------- Update Information:
- fix/update qt-related dependencies * let's return ugene back! -------------------------------------------------------------------------------- ChangeLog:
* Tue Nov 27 2012 Rex Dieter rdieter@fedoraproject.org 1.11.3-2 - fix/update qt-related dependencies * Fri Nov 2 2012 Yulia Algaer yalgaer@unipro.ru - 1.11.3-1 - Upstream version change * Wed Oct 3 2012 Yulia Algaer yalgaer@unipro.ru - 1.11.2-1 - Upstream version change -------------------------------------------------------------------------------- References:
[ 1 ] Bug #866325 - Review Request: ugene - genome analysis suite https://bugzilla.redhat.com/show_bug.cgi?id=866325 --------------------------------------------------------------------------------
================================================================================ unison240-2.40.102-1.fc17 (FEDORA-2012-19535) Multi-master File synchronization tool -------------------------------------------------------------------------------- Update Information:
fixes incompatibility between unison ocaml3 and ocaml4 builds -------------------------------------------------------------------------------- ChangeLog:
* Thu Nov 15 2012 Gregor Tätzner brummbq@fedoraproject.org - 2.40.102-1 - 2.40.102 - fixes incompatibility between unison ocaml3 and ocaml4 builds * Sun Jul 22 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.40.63-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ vfrnav-20121111-1.fc17 (FEDORA-2012-19552) VFR/IFR Navigation -------------------------------------------------------------------------------- Update Information:
update to 20121111 -------------------------------------------------------------------------------- ChangeLog:
* Sat Dec 1 2012 Thomas Sailer t.sailer@alumni.ethz.ch - 20121111-1 - update to 20121111 --------------------------------------------------------------------------------
================================================================================ vile-9.8i-1.fc17 (FEDORA-2012-19540) VI Like Emacs -------------------------------------------------------------------------------- Update Information:
upgrade to 9.8i -------------------------------------------------------------------------------- ChangeLog:
* Sun Dec 2 2012 Mark McKinstry mmckinst@nexcess.net - 9.8i-1 - upgrade to 9.8i - use better icons --------------------------------------------------------------------------------
================================================================================ weechat-0.3.9.2-2.fc17 (FEDORA-2012-19533) Portable, fast, light and extensible IRC client -------------------------------------------------------------------------------- Update Information:
New upstream version Fix arbitrary code execution due to call of shell when executing command within hook_process Fix the security bug in the linked Bugzilla. -------------------------------------------------------------------------------- ChangeLog:
* Sun Dec 2 2012 Paul Komkoff i@stingr.net - 0.3.9.2-2 - add zlib-devel dependency for epel6/ppc build * Sat Dec 1 2012 Paul P. Komkoff Jr i@stingr.net - 0.3.9.2-1 - new upstream, long overdue -------------------------------------------------------------------------------- References:
[ 1 ] Bug #878025 - CVE-2012-5534 weechat (scripts / plug-ins): Arbitrary code execution due to call of shell when executing command within hook_process https://bugzilla.redhat.com/show_bug.cgi?id=878025 [ 2 ] Bug #875181 - CVE-2012-5854 weechat: Heap-based buffer overflow when decoding IRC colors https://bugzilla.redhat.com/show_bug.cgi?id=875181 --------------------------------------------------------------------------------
-
updates@fedoraproject.org