The following Fedora 13 Security updates need testing:
https://admin.fedoraproject.org/updates/pam_ssh-1.97-7.fc13
https://admin.fedoraproject.org/updates/libmodplug-0.8.7-3.fc13
https://admin.fedoraproject.org/updates/openldap-2.4.21-12.fc13
https://admin.fedoraproject.org/updates/java-1.6.0-openjdk-1.6.0.0-51.1.8...
https://admin.fedoraproject.org/updates/polkit-0.96-2.fc13
https://admin.fedoraproject.org/updates/xorg-x11-server-utils-7.4-17.fc13
https://admin.fedoraproject.org/updates/kernel-2.6.34.9-69.fc13
https://admin.fedoraproject.org/updates/cyrus-imapd-2.3.16-5.fc13
https://admin.fedoraproject.org/updates/fetchmail-6.3.20-1.fc13
https://admin.fedoraproject.org/updates/jabberd-2.2.11-4.fc13
https://admin.fedoraproject.org/updates/libtiff-3.9.5-1.fc13
https://admin.fedoraproject.org/updates/bind-9.7.3-2.P1.fc13
https://admin.fedoraproject.org/updates/dovecot-1.2.17-1.fc13
https://admin.fedoraproject.org/updates/mutt-1.5.21-5.fc13
https://admin.fedoraproject.org/updates/weechat-0.3.5-1.fc13
https://admin.fedoraproject.org/updates/libxml-1.8.17-26.fc13
https://admin.fedoraproject.org/updates/sudo-1.7.4p5-2.fc13
https://admin.fedoraproject.org/updates/wireshark-1.2.17-1.fc13
The following Fedora 13 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/ppp-2.4.5-11.fc13
https://admin.fedoraproject.org/updates/sudo-1.7.4p5-2.fc13
https://admin.fedoraproject.org/updates/module-init-tools-3.11.1-4.fc13
https://admin.fedoraproject.org/updates/libcdio-0.82-4.fc13
https://admin.fedoraproject.org/updates/kernel-2.6.34.9-69.fc13
https://admin.fedoraproject.org/updates/polkit-0.96-2.fc13
https://admin.fedoraproject.org/updates/python-ethtool-0.7-2.fc13
https://admin.fedoraproject.org/updates/libtiff-3.9.5-1.fc13
https://admin.fedoraproject.org/updates/pygtk2-2.17.0-9.fc13
https://admin.fedoraproject.org/updates/dosfstools-3.0.9-5.fc13
https://admin.fedoraproject.org/updates/libimobiledevice-1.0.6-1.fc13
https://admin.fedoraproject.org/updates/usbmuxd-1.0.7-1.fc13
https://admin.fedoraproject.org/updates/fuse-2.8.5-5.fc13
https://admin.fedoraproject.org/updates/openldap-2.4.21-12.fc13
https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-7...
https://admin.fedoraproject.org/updates/lldpad-0.9.26-2.fc13
The following builds have been pushed to Fedora 13 updates-testing
cmake-fedora-0.5.99-1.fc13
fetchmail-6.3.20-1.fc13
gutenprint-5.2.7-2.fc13
java-1.6.0-openjdk-1.6.0.0-51.1.8.8.fc13
libass-0.9.12-1.fc13
pam_ssh-1.97-7.fc13
qbittorrent-2.8.1-1.fc13
rawtherapee-3.0-0.29.a1.fc13
spamassassin-3.3.2-1.fc13
Details about builds:
================================================================================
cmake-fedora-0.5.99-1.fc13 (FEDORA-2011-8002)
CMake helper modules for fedora developers
--------------------------------------------------------------------------------
Update Information:
- Experimental New Macro: USE_ZANATA() - Zanata support.
- New Macro: USE_GETTEXT() - Gettext support.
This macro merges GETTEXT_CREATE_POT and GETTEXT_CREATE_TRANSLATIONS,
to simplified the usage and make the macro names more consistent.
- Clean up Modules: No unrelated files under Modules/
- Removed debug message of _cmake_uninstall_in, CMAKE_MAJOR_VERSION,
CMAKE_MINOR_VERSION. CMAKE_PATCH_VERSION
- Fixed Bug 684107 - [cmake-fedora] TAGS in USE_FEDPKG is ineffective.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 7 2011 Ding-Yi Chen <dchen at redhat.com> - 0.5.99-1
- Experimental New Macro: USE_ZANATA() - Zanata support.
- New Macro: USE_GETTEXT() - Gettext support.
This macro merges GETTEXT_CREATE_POT and GETTEXT_CREATE_TRANSLATIONS,
to simplified the usage and make the macro names more consistent.
- Clean up Modules: No unrelated files under Modules/
- Removed debug message of _cmake_uninstall_in, CMAKE_MAJOR_VERSION,
CMAKE_MINOR_VERSION. CMAKE_PATCH_VERSION
- Fixed Bug 684107 - [cmake-fedora] TAGS in USE_FEDPKG is ineffective.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #684107 - [cmake-fedora] TAGS in USE_FEDPKG is ineffective.
https://bugzilla.redhat.com/show_bug.cgi?id=684107
--------------------------------------------------------------------------------
================================================================================
fetchmail-6.3.20-1.fc13 (FEDORA-2011-8059)
A remote mail retrieval and forwarding utility
--------------------------------------------------------------------------------
Update Information:
This update fixes CVE-2011-1947.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 7 2011 Vitezslav Crhonek <vcrhonek(a)redhat.com> - 6.3.20-1
- Update to fetchmail-6.3.20
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #709284 - CVE-2011-1947 fetchmail: Application hang due unguarded blocking I/O
in IMAP/POP3 STARTTLS initialization (fetchmail-SA-2011-01)
https://bugzilla.redhat.com/show_bug.cgi?id=709284
--------------------------------------------------------------------------------
================================================================================
gutenprint-5.2.7-2.fc13 (FEDORA-2011-8027)
Printer Drivers Package
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 7 2011 Tim Waugh <twaugh(a)redhat.com> 5.2.7-2
- Fix build against newer versions of gcc.
- cups-genppdupdate: fixed multicat support (bug #711021). It was
writing an extra newline character after the URI, which caused the
gutenprint.5.2 multicat process to exit. This prevented some
PPDs from being updated.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #711021 - Gutenprint PPDs not updated in some circumstances
https://bugzilla.redhat.com/show_bug.cgi?id=711021
--------------------------------------------------------------------------------
================================================================================
java-1.6.0-openjdk-1.6.0.0-51.1.8.8.fc13 (FEDORA-2011-8020)
OpenJDK Runtime Environment
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 7 2011 Jiri Vanek <jvanek(a)redhat.com> - 1:1.6.0.0-51.1.8.8
- Resolves: rhbz#709375
- Bumped to IcedTea6 1.8.8
- RH706250, S6213702, CVE-2011-0872: (so) non-blocking sockets with TCP urgent
disabled get still selected for read ops (win)
- RH706106, S6618658, CVE-2011-0865: Vulnerability in deserialization
- RH706111, S7012520, CVE-2011-0815: Heap overflow vulnerability in
FileDialog.show() (win)
- RH706139, S7013519, CVE-2011-0822, CVE-2011-0862: Integer overflows in 2D
code
- RH706153, S7013969, CVE-2011-0867: NetworkInterface.toString can reveal
bindings
- RH706234, S7013971, CVE-2011-0869: Vulnerability in SAAJ
- RH706239, S7016340, CVE-2011-0870: Vulnerability in SAAJ
- RH706241, S7016495, CVE-2011-0868: Crash in Java 2D transforming an image
with scale close to zero
- RH706248, S7020198, CVE-2011-0871: ImageIcon creates Component with null acc
- RH706245, S7020373, CVE-2011-0864: JSR rewriting can overflow memory address
size variables
--------------------------------------------------------------------------------
================================================================================
libass-0.9.12-1.fc13 (FEDORA-2011-8035)
Portable library for SSA/ASS subtitles rendering
--------------------------------------------------------------------------------
Update Information:
- New upstream release
- Licence changed to ISC
- Fixed word-wrapping
- Improved charmap fallback matching
- Various other improvements and fixes
--------------------------------------------------------------------------------
ChangeLog:
* Tue May 31 2011 Martin Sourada <mso(a)fedoraproject.org> - 0.9.12-1
- New upstrea release
- Licence changed to ISC
- Fixed word-wrapping
- Improved charmap fallback matching
- Various other improvements and fixes
* Wed Sep 29 2010 jkeating - 0.9.11-1.1
- Rebuilt for gcc bug 634757
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #709298 - libass-0.9.12 is available
https://bugzilla.redhat.com/show_bug.cgi?id=709298
--------------------------------------------------------------------------------
================================================================================
pam_ssh-1.97-7.fc13 (FEDORA-2011-8036)
PAM module for use with SSH keys and ssh-agent
--------------------------------------------------------------------------------
Update Information:
Drop root group privileges before executing ssh-agent (#711170)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 7 2011 Dmitry Butskoy <Dmitry(a)Butskoy.name> - 1.97-7
- Drop root group privileges properly before executing ssh-agent (#711170)
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.97-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #711170 - pam_ssh: privileges not dropped properly before executing ssh-agent
https://bugzilla.redhat.com/show_bug.cgi?id=711170
--------------------------------------------------------------------------------
================================================================================
qbittorrent-2.8.1-1.fc13 (FEDORA-2011-8052)
A Bittorrent Client
--------------------------------------------------------------------------------
Update Information:
* Sun Jun 05 2011 - Christophe Dumez <chris(a)qbittorrent.org> - v2.8.1
- BUGFIX: Fix Web UI username/password change (Web UI)
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jun 5 2011 Leigh Scott <leigh123linux(a)googlemail.com> - 1:2.8.1-1
- update to 2.8.1
--------------------------------------------------------------------------------
================================================================================
rawtherapee-3.0-0.29.a1.fc13 (FEDORA-2011-7999)
Raw image processing software
--------------------------------------------------------------------------------
Update Information:
Sync with upstream
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 6 2011 Thibault North <tnorth(a)fedoraproject.org> - 3.0-0.29.a1
- Sync with upstream
- Versioning now needs to be included in version.h
--------------------------------------------------------------------------------
================================================================================
spamassassin-3.3.2-1.fc13 (FEDORA-2011-8012)
Spam filter for email which can be invoked from mail delivery agents
--------------------------------------------------------------------------------
Update Information:
Update to 3.3.2
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 6 2011 Warren Togami <warren(a)togami.com> - 3.3.2-1
- 3.3.2
* Mon May 30 2011 Warren Togami <warren(a)togami.com> - 3.3.2-0.8.rc2
- 3.3.2-rc2
* Mon May 16 2011 Warren Togami <warren(a)togami.com> - 3.3.2-0.7.rc1
- 3.3.2-rc1
* Sun Feb 27 2011 Ville Skyttä <ville.skytta(a)iki.fi> - 3.3.2-0.6.svn1071394
- Own /etc/mail dir (#645035).
--------------------------------------------------------------------------------