The following Fedora 19 Security updates need testing:
Age URL
109
https://admin.fedoraproject.org/updates/FEDORA-2013-5801/mantis-1.2.15-1.fc19
64
https://admin.fedoraproject.org/updates/FEDORA-2013-9715/heat-jeos-9-1.fc19
12
https://admin.fedoraproject.org/updates/FEDORA-2013-13332/ghc-xmonad-contrib-0.11.2-1.fc19,ghc-X11-1.6.1.1-1.fc19,xmonad-0.11-4.fc19,ghc-X11-xft-0.3.1-10.fc19,bluetile-0.6-18.fc19,xmobar-0.18-1.fc19
4
https://admin.fedoraproject.org/updates/FEDORA-2013-13850/ReviewBoard-1.7.12-1.fc19,python-djblets-0.7.16-1.fc19
4
https://admin.fedoraproject.org/updates/FEDORA-2013-13919/python-keystoneclient-0.2.3-6.fc19
1
https://admin.fedoraproject.org/updates/FEDORA-2013-13994/httpd-2.4.6-2.fc19
1
https://admin.fedoraproject.org/updates/FEDORA-2013-14083/389-ds-base-1.3.1.5-1.fc19
1
https://admin.fedoraproject.org/updates/FEDORA-2013-14106/cxf-2.6.9-1.fc19,jacorb-2.3.1-8.fc19,wss4j-1.6.10-1.fc19
1
https://admin.fedoraproject.org/updates/FEDORA-2013-13975/gnupg-1.4.14-1.fc19
1
https://admin.fedoraproject.org/updates/FEDORA-2013-14029/zabbix-2.0.6-3.fc19
0
https://admin.fedoraproject.org/updates/FEDORA-2013-14176/v8-3.14.5.10-2.fc19
The following builds have been pushed to Fedora 19 updates-testing
apper-0.8.1-1.fc19
eigen3-3.1.4-1.fc19
glite-lbjp-common-trio-2.3.10-2.fc19
grubby-8.28-1.fc19
gstreamer1-1.0.9-1.fc19
gstreamer1-plugins-bad-free-1.0.9-1.fc19
gstreamer1-plugins-base-1.0.9-1.fc19
gstreamer1-plugins-good-1.0.9-1.fc19
hercules-3.09-1.fc19
libusbx-1.0.16-3.fc19
mate-screensaver-1.6.1-2.fc19
mingw-qt5-qtlocation-5.0.0-0.6.git20130510.f2840834.fc19
nss-3.15.1-3.fc19
opencv-2.4.6.1-1.fc19
openlmi-networking-0.0.9-4.fc19
perl-MooseX-ClassAttribute-0.27-1.fc19
python-django-south-0.8.1-1.fc19
security-menus-1.2.0-1.fc19
supermin-4.1.2-1.fc19
sympy-0.7.3-1.fc19
tito-0.4.17-1.fc19
tycho-0.18.1-4.fc19
tycho-extras-0.18.1-1.fc19
v4l-utils-1.0.0-1.fc19
v8-3.14.5.10-2.fc19
youtube-dl-2013.08.02-1.fc19
Details about builds:
================================================================================
apper-0.8.1-1.fc19 (FEDORA-2013-14208)
KDE interface for PackageKit
--------------------------------------------------------------------------------
Update Information:
New upstream bugfix release, primarily improving function and reliability of
QML-based updater applet. See also:
http://dantti.wordpress.com/2013/07/30/apper-0-8-1-released/
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 30 2013 Rex Dieter <[email protected]> 0.8.1-1
- 0.8.1 (final)
* Mon Jun 24 2013 Rex Dieter <[email protected]> 0.8.1-0.4.20130624
- 0.8.1 20130624 snapshot
--------------------------------------------------------------------------------
================================================================================
eigen3-3.1.4-1.fc19 (FEDORA-2013-14175)
A lightweight C++ template library for vector and matrix math
--------------------------------------------------------------------------------
Update Information:
Update to release 3.1.4, see
http://eigen.tuxfamily.org/index.php?title=ChangeLog#Eigen_3.1.4 .
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 2 2013 Sandro Mani <[email protected]> - 3.1.4-1
- Update to release 3.1.4
- spec cleanup
--------------------------------------------------------------------------------
================================================================================
glite-lbjp-common-trio-2.3.10-2.fc19 (FEDORA-2013-14182)
Standalone extended implementation of printf and scanf
--------------------------------------------------------------------------------
Update Information:
Standalone extended implementation of printf and scanf. Provides specialized
formatting options used by Logging and Bookkeeping and Job Provenance.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #877810 - Review Request: glite-lbjp-common-trio - Extended
implementation of printf and scanf for gLite
https://bugzilla.redhat.com/show_bug.cgi?id=877810
--------------------------------------------------------------------------------
================================================================================
grubby-8.28-1.fc19 (FEDORA-2013-14206)
Command line tool for updating bootloader configs
--------------------------------------------------------------------------------
Update Information:
This adds the ability for grubby to deal with grub2's "saved_entry" variables.
Test procedure:
1) update grubby to this version
2) create a new grub.cfg as root:
grub2-mkconfig -o /path/to/grub/config
3) install a new kernel
4) verify that the grub config still has 'set default=${saved_entry}"
5) verify /boot/grub2/grubenv has saved_entry set to the new kernel
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 2 2013 Peter Jones <[email protected]> - 8.28-1
- More work on grub's "saved_entry" system.
Resolves: rhbz#768106
Resolves: rhbz#736188
* Tue Jul 30 2013 Peter Jones <[email protected]> - 8.27-1
- Make grubby understand grub's "saved_entry" system
Resolves: rhbz#768106
Resolves: rhbz#736188
- BuildRequire grub2 on appropriate platforms, for the test suite.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #768106 - grubby does not support grub2 set
default="${saved_entry}" and replaces with "0"
https://bugzilla.redhat.com/show_bug.cgi?id=768106
[ 2 ] Bug #736188 - grubby --default-kernel returns empty
https://bugzilla.redhat.com/show_bug.cgi?id=736188
--------------------------------------------------------------------------------
================================================================================
gstreamer1-1.0.9-1.fc19 (FEDORA-2013-14194)
GStreamer streaming media framework runtime
--------------------------------------------------------------------------------
Update Information:
Latest bugfix release. Please refer to following for the list of fixes:
http://lists.freedesktop.org/archives/gstreamer-announce/2013-August/000287.html
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 2 2013 Brian Pepple <[email protected]> - 1.0.9-1
- Update to 1.0.9.
--------------------------------------------------------------------------------
================================================================================
gstreamer1-plugins-bad-free-1.0.9-1.fc19 (FEDORA-2013-14194)
GStreamer streaming media framework "bad" plugins
--------------------------------------------------------------------------------
Update Information:
Latest bugfix release. Please refer to following for the list of fixes:
http://lists.freedesktop.org/archives/gstreamer-announce/2013-August/000287.html
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 2 2013 Brian Pepple <[email protected]> - 1.0.9-1
- Update to 1.0.9.
- Add libgstmidi to filelist.
--------------------------------------------------------------------------------
================================================================================
gstreamer1-plugins-base-1.0.9-1.fc19 (FEDORA-2013-14194)
GStreamer streaming media framework base plugins
--------------------------------------------------------------------------------
Update Information:
Latest bugfix release. Please refer to following for the list of fixes:
http://lists.freedesktop.org/archives/gstreamer-announce/2013-August/000287.html
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 2 2013 Brian Pepple <[email protected]> - 1.0.9-1
- Update to 1.0.9.
--------------------------------------------------------------------------------
================================================================================
gstreamer1-plugins-good-1.0.9-1.fc19 (FEDORA-2013-14194)
GStreamer plugins with good code and licensing
--------------------------------------------------------------------------------
Update Information:
Latest bugfix release. Please refer to following for the list of fixes:
http://lists.freedesktop.org/archives/gstreamer-announce/2013-August/000287.html
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 2 2013 Brian Pepple <[email protected]> - 1.0.9-1
- Update to 1.0.9.
--------------------------------------------------------------------------------
================================================================================
hercules-3.09-1.fc19 (FEDORA-2013-14178)
Hercules S/370, ESA/390, and z/Architecture emulator
--------------------------------------------------------------------------------
Update Information:
update to version 3.09
* Allow regex replacement variables in HAO commands (Roger Bowler)
* Prevent duplicate EQID (Gordon Bonorchis)
* Permit concurrent read access to printer and punch files (Roger Bowler)
* DFP zoned-conversion facility (Roger Bowler)
* Execution-hint facility (Roger Bowler)
* Miscellaneous-instruction-extensions facility (Roger Bowler)
* Load-and-trap facility (Roger Bowler)
* Fix for VSAM Extended Format (David "Fish" Trout)
* APL\360 2741 patch (Max H. Parke)
* Fix interval timer repeating interrupt (Ivan Warren, Kevin Leonard)
* Corrections to build procedures (Mike Frysinger, Dan Horak)
* Miscellaneous bug fixes (Roger Bowler)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 30 2013 Dan Horák <dan[at]danny.cz> - 3.09-1
- updated to 3.09 (#989939)
* Sat Jun 1 2013 Dan Horák <dan[at]danny.cz> - 3.08.2-2
- fix build on EL-6
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #989939 - hercules-3.09 is available
https://bugzilla.redhat.com/show_bug.cgi?id=989939
--------------------------------------------------------------------------------
================================================================================
libusbx-1.0.16-3.fc19 (FEDORA-2013-14192)
Library for accessing USB devices
--------------------------------------------------------------------------------
Update Information:
- New upstream 1.0.16 release
- Fix libusb_exit sometimes (race) deadlocking on exit (rhbz#985484)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 30 2013 Hans de Goede <[email protected]> - 1.0.16-3
- Fix another libusb_exit deadlock (rhbz#985484)
* Fri Jul 19 2013 Hans de Goede <[email protected]> - 1.0.16-2
- Fix libusb_exit sometimes (race) deadlocking on exit (rhbz#985484)
* Thu Jul 11 2013 Hans de Goede <[email protected]> - 1.0.16-1
- New upstream 1.0.16 final release
* Sat Jul 6 2013 Hans de Goede <[email protected]> - 1.0.16-0.2.rc3
- New upstream 1.0.16-rc3 release
* Mon Jul 1 2013 Hans de Goede <[email protected]> - 1.0.16-0.1.rc2
- New upstream 1.0.16-rc2 release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #985484 - Deadlock in linux_udev_event_thread_main at
os/linux_udev.c:153
https://bugzilla.redhat.com/show_bug.cgi?id=985484
--------------------------------------------------------------------------------
================================================================================
mate-screensaver-1.6.1-2.fc19 (FEDORA-2013-14201)
MATE Screensaver
--------------------------------------------------------------------------------
Update Information:
- Update to 1.6.1
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 2 2013 Wolfgang Ulbrich <[email protected]> - 1.6.1-2
- bump version to 1.6.1-2
* Fri Aug 2 2013 Wolfgang Ulbrich <[email protected]> - 1.6.1-1
- Update to 1.6.1
- Drop patches
- move doc dir for > f19
--------------------------------------------------------------------------------
================================================================================
mingw-qt5-qtlocation-5.0.0-0.6.git20130510.f2840834.fc19 (FEDORA-2013-14196)
Qt5 for Windows - QtLocation component
--------------------------------------------------------------------------------
Update Information:
New package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #858069 - Review Request: mingw-qt5-qtlocation - Qt5 for Windows -
QtLocation component
https://bugzilla.redhat.com/show_bug.cgi?id=858069
--------------------------------------------------------------------------------
================================================================================
nss-3.15.1-3.fc19 (FEDORA-2013-14189)
Network Security Services
--------------------------------------------------------------------------------
Update Information:
Add configuration files man pages.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 2 2013 Elio Maldonado <[email protected]> - 3.15.1-3
- Add man page for pkcs11.txt configuration file and cert and key databases
- Resolves: rhbz#985114 - Provide man pages for the nss configuration files
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #985114 - Provide man pages for the nss configuration files
https://bugzilla.redhat.com/show_bug.cgi?id=985114
--------------------------------------------------------------------------------
================================================================================
opencv-2.4.6.1-1.fc19 (FEDORA-2013-14204)
Collection of algorithms for computer vision
--------------------------------------------------------------------------------
Update Information:
Update to 2.4.6.1
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 24 2013 Nicolas Chauvet <[email protected]> - 2.4.6.1-1
- Update to 2.4.6.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #991552 - Please update to OpenCV 2.4.6
https://bugzilla.redhat.com/show_bug.cgi?id=991552
--------------------------------------------------------------------------------
================================================================================
openlmi-networking-0.0.9-4.fc19 (FEDORA-2013-14197)
CIM providers for network management
--------------------------------------------------------------------------------
Update Information:
Fix broken dependency on the newer konkretcmpi.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 2 2013 Tomas Smetana <[email protected]> 0.0.9-4
- add patch for the conflicting data types in the autogenerated headers
* Fri Aug 2 2013 Tomas Smetana <[email protected]> 0.0.9-3
- rebuild for the new konkretcmpi
--------------------------------------------------------------------------------
================================================================================
perl-MooseX-ClassAttribute-0.27-1.fc19 (FEDORA-2013-14207)
Declare class attributes Moose-style
--------------------------------------------------------------------------------
Update Information:
This update fixes compatibility with Moose 2.08
--------------------------------------------------------------------------------
ChangeLog:
* Sat Aug 3 2013 Iain Arnell <[email protected]> 0.27-1
- udpate to latest upstream version
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #986016 - perl-MooseX-ClassAttribute-0.26 broken w/shipped
perl-Moose-2.0802
https://bugzilla.redhat.com/show_bug.cgi?id=986016
--------------------------------------------------------------------------------
================================================================================
python-django-south-0.8.1-1.fc19 (FEDORA-2013-14203)
Intelligent schema migrations for Django apps
--------------------------------------------------------------------------------
Update Information:
Intelligent schema migrations for Django apps
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 2 2013 Luis Bazan <[email protected]> - 0.8.1-1
- New Upstream Version
- changes dependency to python-django
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #979894 - python-django-south has even more invalid dependencies
https://bugzilla.redhat.com/show_bug.cgi?id=979894
--------------------------------------------------------------------------------
================================================================================
security-menus-1.2.0-1.fc19 (FEDORA-2013-14198)
Menu Structure for the Fedora Security Lab
--------------------------------------------------------------------------------
Update Information:
* Wed Jul 31 2013 Fabian Affolter <[email protected]> - 1.2.0-1
- Updated to new upstream release 1.2.0 (fixes #981826)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 31 2013 Fabian Affolter <[email protected]> - 1.2.0-1
- Updated to new upstream release 1.2.0 (fixes #981826)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #981826 - XFCE + Security Lab Application Menu Problem
https://bugzilla.redhat.com/show_bug.cgi?id=981826
--------------------------------------------------------------------------------
================================================================================
supermin-4.1.2-1.fc19 (FEDORA-2013-14179)
Tool for creating supermin appliances
--------------------------------------------------------------------------------
Update Information:
New upstream version with fixes for ARM.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Aug 3 2013 Richard W.M. Jones <[email protected]> - 4.1.2-1
- New upstream version 4.1.2.
- Remove patch which is now upstream.
--------------------------------------------------------------------------------
================================================================================
sympy-0.7.3-1.fc19 (FEDORA-2013-14190)
A Python library for symbolic mathematics
--------------------------------------------------------------------------------
Update Information:
See https://github.com/sympy/sympy/wiki/Release-Notes-for-0.7.3 for upstream
release notes.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 2 2013 Jerry James <[email protected]> - 0.7.3-1
- Update to 0.7.3
- Upstream dropped all tutorial translations
- Add graphviz BR for documentation
- Sources now distributed from github instead of googlecode
--------------------------------------------------------------------------------
================================================================================
tito-0.4.17-1.fc19 (FEDORA-2013-14183)
A tool for managing rpm based git projects
--------------------------------------------------------------------------------
Update Information:
Fix permissions sources fedpkg modifies.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 2 2013 Devan Goodwin <[email protected]> 0.4.17-1
- Fix permissions after a Fedora/Brew build. ([email protected])
- Comment out old nightly releaser. ([email protected])
- add newline to sys.stderr.write ([email protected])
--------------------------------------------------------------------------------
================================================================================
tycho-0.18.1-4.fc19 (FEDORA-2013-14180)
Plugins and extensions for building Eclipse plugins and OSGI bundles with Maven
--------------------------------------------------------------------------------
Update Information:
Update to Tycho / Tycho Extras 0.18.1.
- Use MavenSession and Plexus to determine state (don't depend on env variables
set by mvn-rpmbuild/mvn-local)
- skipTychoVersionCheck not needed (done by default)
- Properly handle cases where Tycho must resolve Maven artifacts (delegate to
XMvn)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 30 2013 Roland Grunberg <[email protected]> - 0.18.1-4
- Improve artifact resolution using XMvn Resolver. (Bug 986900)
* Mon Jul 29 2013 Roland Grunberg <[email protected]> - 0.18.1-3
- Fix Tycho file locking to work in Fedora.
- Skip validateConsistentTychoVersion by default. (Bug 987271)
* Wed Jul 24 2013 Roland Grunberg <[email protected]> - 0.18.1-2
- Non-bootstrap build.
* Wed Jul 24 2013 Roland Grunberg <[email protected]> - 0.18.1-1.1
- Use MavenSession and Plexus to determine state.
- Fix bootstrap build.
* Thu Jul 18 2013 Roland Grunberg <[email protected]> 0.18.1-1
- Make changes to ensure intermediary build succeeds.
- Remove %Patch6 in favour of call to sed.
* Thu Jul 18 2013 Krzysztof Daniel <[email protected]> 0.18.1-1
- Update to 0.18.1.
* Tue Jul 16 2013 Roland Grunberg <[email protected]> - 0.18.0-4
- Look for maven artifacts using XMvn Resolver.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #986900 - tycho: Incorrect usage of XMvn
https://bugzilla.redhat.com/show_bug.cgi?id=986900
[ 2 ] Bug #987271 - [RFE] tycho: skip version check by default when building
packages
https://bugzilla.redhat.com/show_bug.cgi?id=987271
--------------------------------------------------------------------------------
================================================================================
tycho-extras-0.18.1-1.fc19 (FEDORA-2013-14180)
Additional plugins for Tycho
--------------------------------------------------------------------------------
Update Information:
Update to Tycho / Tycho Extras 0.18.1.
- Use MavenSession and Plexus to determine state (don't depend on env variables
set by mvn-rpmbuild/mvn-local)
- skipTychoVersionCheck not needed (done by default)
- Properly handle cases where Tycho must resolve Maven artifacts (delegate to
XMvn)
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jul 28 2013 Roland Grunberg <[email protected]> 0.18.1-1
- Update to 0.18.1 Release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #986900 - tycho: Incorrect usage of XMvn
https://bugzilla.redhat.com/show_bug.cgi?id=986900
[ 2 ] Bug #987271 - [RFE] tycho: skip version check by default when building
packages
https://bugzilla.redhat.com/show_bug.cgi?id=987271
--------------------------------------------------------------------------------
================================================================================
v4l-utils-1.0.0-1.fc19 (FEDORA-2013-14174)
Utilities for video4linux and DVB devices
--------------------------------------------------------------------------------
Update Information:
- New upstream release 1.0.0 final
- Drop libdvb5 (made private upstream for now)
--------------------------------------------------------------------------------
ChangeLog:
* Sat Aug 3 2013 Hans de Goede <[email protected]> - 1.0.0-1
- New upstream release 1.0.0 final
- Drop libdvb5 (made private upstream for now)
--------------------------------------------------------------------------------
================================================================================
v8-3.14.5.10-2.fc19 (FEDORA-2013-14176)
JavaScript Engine
--------------------------------------------------------------------------------
Update Information:
This update fixes an issue with Google V8, as used in Google Chrome before
28.0.1500.95, which allows remote
attackers to cause a denial of service or possibly have unspecified
other impact via vectors that leverage "type confusion."
Please note that this issue's impact on Node.js is somewhat lessened since it
does not typically execute JavaScript from foreign sources.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 2 2013 T.C. Hollingsworth <[email protected]> - 1:3.14.5.10-2
- backport fix for remote DoS or unspecified other impact via type confusion
(RHBZ#991116; CVE-2013-2882)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #991116 - CVE-2013-2882 v8: remote DoS or unspecified other impact
via type confusion
https://bugzilla.redhat.com/show_bug.cgi?id=991116
--------------------------------------------------------------------------------
================================================================================
youtube-dl-2013.08.02-1.fc19 (FEDORA-2013-14186)
A small command-line program to download online videos
--------------------------------------------------------------------------------
Update Information:
New version.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Aug 3 2013 Christopher Meng <[email protected]> - 2013.08.02-1
- Update to new release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #990505 - youtube-dl-2013.07.31 is available
https://bugzilla.redhat.com/show_bug.cgi?id=990505
--------------------------------------------------------------------------------
--
test mailing list
[email protected]
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
