The following Fedora 15 Security updates need testing:
https://admin.fedoraproject.org/updates/FEDORA-2011-15560/nss-3.12.10-7.fc15 https://admin.fedoraproject.org/updates/FEDORA-2011-16284/krb5-1.9.2-4.fc15 https://admin.fedoraproject.org/updates/FEDORA-2012-0372/torque-3.0.3-1.fc15 https://admin.fedoraproject.org/updates/FEDORA-2012-0250/openssl-1.0.0f-1.fc... https://admin.fedoraproject.org/updates/FEDORA-2012-0144/plib-1.8.5-5.fc15 https://admin.fedoraproject.org/updates/FEDORA-2012-0233/rubygem-rack-1.1.0-... https://admin.fedoraproject.org/updates/FEDORA-2012-0247/wordpress-3.3.1-1.f... https://admin.fedoraproject.org/updates/FEDORA-2012-0318/kernel-2.6.41.8-1.f... https://admin.fedoraproject.org/updates/FEDORA-2012-0328/bugzilla-3.6.7-1.fc... https://admin.fedoraproject.org/updates/FEDORA-2011-17233/tor-0.2.1.32-1500.... https://admin.fedoraproject.org/updates/FEDORA-2011-17399/nspr-4.8.9-2.fc15,... https://admin.fedoraproject.org/updates/FEDORA-2012-0353/pdns-2.9.22.5-1.fc1... https://admin.fedoraproject.org/updates/FEDORA-2012-0266/t1lib-5.1.2-9.fc15 https://admin.fedoraproject.org/updates/FEDORA-2012-0018/glibc-2.14.1-5 https://admin.fedoraproject.org/updates/FEDORA-2011-16980/asterisk-1.8.7.2-1...
The following Fedora 15 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/FEDORA-2012-0327/orc-0.4.16-5.fc15 https://admin.fedoraproject.org/updates/FEDORA-2012-0318/kernel-2.6.41.8-1.f... https://admin.fedoraproject.org/updates/FEDORA-2012-0250/openssl-1.0.0f-1.fc... https://admin.fedoraproject.org/updates/FEDORA-2012-0167/mysql-5.5.19-1.fc15 https://admin.fedoraproject.org/updates/FEDORA-2012-0105/xine-lib-1.1.20.1-1... https://admin.fedoraproject.org/updates/FEDORA-2012-0095/pyOpenSSL-0.12-1.fc... https://admin.fedoraproject.org/updates/FEDORA-2012-0073/kdebase-workspace-4... https://admin.fedoraproject.org/updates/FEDORA-2012-0088/setup-2.8.33-2.fc15 https://admin.fedoraproject.org/updates/FEDORA-2012-0018/glibc-2.14.1-5 https://admin.fedoraproject.org/updates/FEDORA-2012-0027/pcre-8.12-6.fc15 https://admin.fedoraproject.org/updates/FEDORA-2011-17565/qt-4.7.4-8.fc15 https://admin.fedoraproject.org/updates/FEDORA-2011-17399/nspr-4.8.9-2.fc15,... https://admin.fedoraproject.org/updates/FEDORA-2011-13190/phonon-backend-gst... https://admin.fedoraproject.org/updates/FEDORA-2011-11955/evolution-mapi-3.0...
The following builds have been pushed to Fedora 15 updates-testing
ack-1.96-1.fc15 condor-ec2-enhanced-1.2-2.fc15 condor-ec2-enhanced-hooks-1.2-3.fc15 condor-job-hooks-1.5-4.fc15 condor-low-latency-1.2-2.fc15 condor-wallaby-4.1.2-2.fc15 freeipa-2.1.4-3.fc15 gofer-0.64-1.fc15 grinder-0.0.136-1.fc15 icc-profiles-openicc-1.3.0-1.fc15 kde-plasma-networkmanagement-0.9-0.69.20120108git.nm09.fc15 perl-smartmatch-engine-core-0.02-1.fc15 powertop-1.98-3.fc15 rubygem-declarative_authorization-0.5.5-1.fc15 torque-3.0.3-1.fc15 transifex-1.2.1-1.fc15
Details about builds:
================================================================================ ack-1.96-1.fc15 (FEDORA-2012-0378) Grep-like text finder -------------------------------------------------------------------------------- Update Information:
New upstream release -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 11 2012 Robin Lee cheeselee@fedoraproject.org - 1.96-1 - Update to 1.96 - License changed to 'Artistic 2.0' since 1.90 * Mon Jun 20 2011 Marcela Mašláňová mmaslano@redhat.com - 1.94-2 - Perl mass rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #740386 - ReE: New release 1.96 of ack is available from upstream https://bugzilla.redhat.com/show_bug.cgi?id=740386 --------------------------------------------------------------------------------
================================================================================ condor-ec2-enhanced-1.2-2.fc15 (FEDORA-2012-0389) EC2 Enhanced -------------------------------------------------------------------------------- Update Information:
Update to latest upstream -------------------------------------------------------------------------------- ChangeLog:
* Mon Aug 29 2011 rrati@redhat - 1.2-2 - Fixed configfile warning - Updated dep on python-condorutils - Added missing config params to config file * Wed Jun 29 2011 rrati@redhat - 1.2-1 - Install config file into /etc/condor/config.d - Changed daemon name in config to CARONIAD, old name still supported - Updated docs --------------------------------------------------------------------------------
================================================================================ condor-ec2-enhanced-hooks-1.2-3.fc15 (FEDORA-2012-0393) Condor EC2 Enhanced hooks -------------------------------------------------------------------------------- Update Information:
Update to latest upstream -------------------------------------------------------------------------------- ChangeLog:
* Tue Aug 30 2011 rrati@redhat - 1.2-3 - Raise exception if the translate hook is unable to read important files * Tue Jul 5 2011 rrati@redhat - 1.2-2 - Updated docs - Changed example config file to be easily dropped into /etc/condor/config.d - Set WantAWS = False in classad sent to the EC2 AMI - Fixed issues using 64-bit AMIs * Wed Apr 27 2011 rrati@redhat - 1.2-1 - Fixed compatibility with ec2_gahp - Enhanced check for the ec2_gahp binary - Fixed issue with HookKeyword getting updated in original job and preventing cleanup hook from running - Updated dep on python-condorec2e to match hooks package version * Thu Mar 17 2011 rrati@redhat - 1.1-3 - Removed the setting of the GridResource in the example routes - Updated the job finalize hook to work with newer versions of python - Added dep on python-condorutils >= 1.5 --------------------------------------------------------------------------------
================================================================================ condor-job-hooks-1.5-4.fc15 (FEDORA-2012-0374) Condor Job Hooks -------------------------------------------------------------------------------- Update Information:
Update to latest from upstream -------------------------------------------------------------------------------- ChangeLog:
* Fri Jul 22 2011 rrati@redhat - 1.5-4 - Added optional arg to read_condor_config to control lookup of param without subsystem - Fixed error message raised from read_condor_config if a param with a subsystem is not found * Wed Apr 27 2011 rrati@redhat - 1.5-3 - Fixed param lookup issues in read_condor_config * Mon Mar 14 2011 rrati@redhat - 1.5-2 - Fixed issue with run_cmd parsing args on windows --------------------------------------------------------------------------------
================================================================================ condor-low-latency-1.2-2.fc15 (FEDORA-2012-0408) Low Latency Scheduling -------------------------------------------------------------------------------- Update Information:
Update to latest from upstream -------------------------------------------------------------------------------- ChangeLog:
* Fri Jul 22 2011 rrati@redhat - 1.2-2 - Updated python-condorutils dep * Fri Jul 1 2011 rrati@redhat - 1.2-1 - Change config param names: LL_DAEMON -> CAROD LL_BROKER -> CAROD_BROKER - Fixed issues with message expiration - Updated docs - Provided example configuration file --------------------------------------------------------------------------------
================================================================================ condor-wallaby-4.1.2-2.fc15 (FEDORA-2012-0406) Condor configuration using wallaby -------------------------------------------------------------------------------- Update Information:
condor specific tools for interacting with wallaby -------------------------------------------------------------------------------- References:
[ 1 ] Bug #755104 - Review Request: condor-wallaby - condor related tools for interacting with wallaby https://bugzilla.redhat.com/show_bug.cgi?id=755104 --------------------------------------------------------------------------------
================================================================================ freeipa-2.1.4-3.fc15 (FEDORA-2012-0387) The Identity, Policy and Audit system -------------------------------------------------------------------------------- Update Information:
This update fixes problems with FreeIPA server and replica installation scripts.
Fixed bugs in *ipa-server-install*: * Installation crashed when sslget failed to read a certificate due to sslget bug (#771357) * ipaserver-install.log may not be produced under some circumstances
Fixed bugs in *ipa-replica-install*: * Script may crash due to invalid Python calls * Final service restart may fail if krb5kdc server is started before dirsrv server is up
A Cross-Site Request Forgery (CSRF) flaw was found in FreeIPA due to a lack of checking the Referer Header in the server (it is not set in the CLI utilities). If a remote attacker could trick a user, who was logged into the FreeIPA management interface, into visiting a specially-crafted URL, the attacker could perform FreeIPA oonfiguration changes with the privileges of the logged in user.
CVE-2011-3636 Fixes SELinux issue in ipa_kpasswd preventing users from changing passwords. Introduced upgrade script to recover existing configuration after systemd migration as user has no means to recover FreeIPA from systemd migration - Upgrade script: - recovers symlinks in Dogtag instance install - recovers systemd configuration for FreeIPA's directory server instances - recovers freeipa.service - migrates directory server and KDC configs to use proper keytabs for systemd services -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 11 2012 Martin Kosek mkosek@redhat.com - 2.1.4-3 - Fix ipa-replica-install crashes - Fix ipa-server-install and ipa-dns-install logging - Set minimum version of pki-ca to 9.0.17 to fix sslget problem caused by FEDORA-2011-17400 update (#771357) * Wed Dec 21 2011 Alexander Bokovoy abokovoy@redhat.com - 2.1.4-2 - Rebuild slapi plugins against re-enterant version of libldap * Tue Dec 6 2011 Rob Crittenden rcritten@redhat.com - 2.1.4-1 - Update to upstream 2.1.4 (CVE-2011-3636) * Fri Oct 21 2011 Rob Crittenden rcritten@redhat.com - 2.1.3-3 - Set minimum nvr of selinux-policy to 3.9.16-38 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #759679 - ipa_kpasswd does not work with selinux in enforcing mode https://bugzilla.redhat.com/show_bug.cgi?id=759679 --------------------------------------------------------------------------------
================================================================================ gofer-0.64-1.fc15 (FEDORA-2012-0371) A lightweight, extensible python agent -------------------------------------------------------------------------------- Update Information:
Update to 0.64. -------------------------------------------------------------------------------- ChangeLog:
* Mon Jan 9 2012 Jeff Ortel jortel@redhat.com 0.64-1 - Enhanced package (plugin) API. (jortel@redhat.com) * Wed Nov 30 2011 Jeff Ortel jortel@redhat.com 0.63-1 - Mitigate systemd issues on F15. (jortel@redhat.com) * Wed Nov 30 2011 Jeff Ortel jortel@redhat.com 0.62-1 - plugin: package; extra monkey business with yum optparser to support INTERACTIVE yum plugins. (jortel@redhat.com) * Wed Nov 23 2011 Jeff Ortel jortel@redhat.com 0.61-1 - mocks: add support for mock constructors. (jortel@redhat.com) - plugin: package; Fix problem of yum interactive plugins accessing contributed options. (jortel@redhat.com) --------------------------------------------------------------------------------
================================================================================ grinder-0.0.136-1.fc15 (FEDORA-2012-0398) A tool for synchronizing content from yum repositories -------------------------------------------------------------------------------- Update Information:
Initial import --------------------------------------------------------------------------------
================================================================================ icc-profiles-openicc-1.3.0-1.fc15 (FEDORA-2012-0369) The OpenICC profiles -------------------------------------------------------------------------------- Update Information:
The OpenICC profiles are provided to serve color managed applications and services. --------------------------------------------------------------------------------
================================================================================ kde-plasma-networkmanagement-0.9-0.69.20120108git.nm09.fc15 (FEDORA-2012-0392) NetworkManager KDE 4 integration -------------------------------------------------------------------------------- Update Information:
New plasma-nm snapshot, includes many bugfixes, namely shared connection improvements -------------------------------------------------------------------------------- ChangeLog:
* Sun Jan 8 2012 Rex Dieter rdieter@fedoraproject.org 1:0.9-0.69.20120108git.nm09 - 20120108 snapshot * Tue Dec 27 2011 Rex Dieter rdieter@fedoraproject.org 1:0.9-0.68.20111227git.nm09 - 20111227 snapshot * Sun Dec 4 2011 Rex Dieter rdieter@fedoraproject.org 1:0.9-0.67.20111203git.nm09 - 20111203 snapshot -------------------------------------------------------------------------------- References:
[ 1 ] Bug #772252 - Shared connection network security always fallback to None https://bugzilla.redhat.com/show_bug.cgi?id=772252 --------------------------------------------------------------------------------
================================================================================ perl-smartmatch-engine-core-0.02-1.fc15 (FEDORA-2012-0386) Default smartmatch implementation from 5.10---5.14 -------------------------------------------------------------------------------- Update Information:
Default smartmatch implementation. --------------------------------------------------------------------------------
================================================================================ powertop-1.98-3.fc15 (FEDORA-2012-0382) Power consumption monitor -------------------------------------------------------------------------------- Update Information:
This is an update that fixes bug in acpi_power_meter parser that can lead to crash under several circumstances. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 10 2012 Jaroslav Škarvada jskarvad@redhat.com - 1.98-3 - Fixed 'unknown' readings from ACPI meters Resolves: rhbz#770289 - Fixed compilation on f17 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #770289 - [abrt] powertop-1.98-2.fc16: strcpy: Process /usr/bin/powertop was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=770289 --------------------------------------------------------------------------------
================================================================================ rubygem-declarative_authorization-0.5.5-1.fc15 (FEDORA-2012-0405) Provides readable authorization rules for Rails -------------------------------------------------------------------------------- Update Information:
Release 0.5.5 of declarative_authorization. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 10 2012 Darryl L. Pierce dpierce@redhat.com - 0.5.5-1 - Release 0.5.5 of declarative_authorization. - Adjusted the description and summary to remove warnings. --------------------------------------------------------------------------------
================================================================================ torque-3.0.3-1.fc15 (FEDORA-2012-0372) Tera-scale Open-source Resource and QUEue manager -------------------------------------------------------------------------------- Update Information:
Fixes the ability for one user to impersonate another within a batch system. -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 11 2012 Steve Traylen steve.traylen@cern.ch - 3.0.3-1 - New upstream. * Sun Oct 9 2011 Steve Traylen steve.traylen@cern.ch - 3.0.2-4 - Add patch torque-initd-hangs-rhbz-744138.patch * Mon Sep 19 2011 Steve Traylen steve.traylen@cern.ch - 3.0.2-3 - Add --with-tcp-retry-limit=2 to build, rhbz#738576. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #752079 - Torque and Munge impersonation vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=752079 --------------------------------------------------------------------------------
================================================================================ transifex-1.2.1-1.fc15 (FEDORA-2012-0367) A system for distributed translation submissions -------------------------------------------------------------------------------- Update Information:
Update to new upstream version. Update to new upstream version. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 10 2012 Domingo Becker domingobecker@gmail.com - 1.2.1-1 - Update to new upstream version. --------------------------------------------------------------------------------