The following Fedora 19 Security updates need testing: Age URL 22 https://admin.fedoraproject.org/updates/FEDORA-2013-14029/zabbix-2.0.6-3.fc19 9 https://admin.fedoraproject.org/updates/FEDORA-2013-14814/python-glanceclient-0.9.0-3.fc19 8 https://admin.fedoraproject.org/updates/FEDORA-2013-14852/python-django14-1.4.6-1.fc19 7 https://admin.fedoraproject.org/updates/FEDORA-2013-14891/python-virtualenv-1.10.1-1.fc19 7 https://admin.fedoraproject.org/updates/FEDORA-2013-14910/drupal7-entity-1.2-1.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2013-15049/ssmtp-2.64-9.fc19 1 https://admin.fedoraproject.org/updates/FEDORA-2013-15147/drupal7-theme-zen-5.4-1.fc19 1 https://admin.fedoraproject.org/updates/FEDORA-2013-15169/ansible-1.2.3-2.fc19 1 https://admin.fedoraproject.org/updates/FEDORA-2013-15196/perl-Module-Metadata-1.000015-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2013-15221/roundcubemail-0.9.3-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2013-15254/python3-3.3.2-6.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2013-15258/php-pear-Auth-OpenID-2.2.2-7.fc19
The following Fedora 19 Critical Path updates have yet to be approved: Age URL 14 https://admin.fedoraproject.org/updates/FEDORA-2013-14572/rygel-0.18.4-1.fc19 9 https://admin.fedoraproject.org/updates/FEDORA-2013-14756/lorax-19.6-1.fc19 9 https://admin.fedoraproject.org/updates/FEDORA-2013-14737/libtiff-4.0.3-7.fc19 8 https://admin.fedoraproject.org/updates/FEDORA-2013-14859/realmd-0.14.5-1.fc19 8 https://admin.fedoraproject.org/updates/FEDORA-2013-14863/pcmanfm-1.1.2-1.fc19 5 https://admin.fedoraproject.org/updates/FEDORA-2013-15025/langtable-0.0.11-1.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2013-15041/openldap-2.4.36-1.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2013-15132/gupnp-0.20.5-1.fc19 1 https://admin.fedoraproject.org/updates/FEDORA-2013-15185/pygpgme-0.3-8.fc19 1 https://admin.fedoraproject.org/updates/FEDORA-2013-15182/perl-Encode-2.52-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2013-15266/json-c-0.11-3.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2013-15248/libfm-1.1.2.2-1.fc19 The following builds have been pushed to Fedora 19 updates-testing SDL2-2.0.0-3.fc19 evas_generic_loaders-1.7.8-1.fc19 fedmsg-notify-0.5.3-1.fc19 glances-1.7.1-1.fc19 gnome-shell-extension-fedmsg-0.1.5-1.fc19 json-c-0.11-3.fc19 ladspa-caps-plugins-0.9.10-1.fc19 makeself-2.2.0-2.fc19 php-htmLawed-1.1.15-2.fc19 php-pear-Auth-OpenID-2.2.2-7.fc19 python-rhsm-1.10.1-1.fc19 python-rosdep-0.10.21-1.fc19 python3-3.3.2-6.fc19 rabbitmq-server-3.1.5-1.fc19 snifflib-1.8.12-1.fc19 subscription-manager-1.10.1-1.fc19 tinymce-3.5.8-1.fc19 wordpress-3.6-1.fc19 Details about builds: ================================================================================ SDL2-2.0.0-3.fc19 (FEDORA-2013-15274) A cross-platform multimedia library -------------------------------------------------------------------------------- Update Information: Fixed multilib issue. Since this update you can install SDL2-devel x86_64 *and* i686 in one time. -------------------------------------------------------------------------------- ChangeLog: * Sat Aug 24 2013 Igor Gnatenko <[email protected]> - 2.0.0-3 - Fix multilib issues -------------------------------------------------------------------------------- ================================================================================ evas_generic_loaders-1.7.8-1.fc19 (FEDORA-2013-15269) Extra loaders for GPL loaders and unstable libraries -------------------------------------------------------------------------------- Update Information: For Enlightenment 1.7.8 -------------------------------------------------------------------------------- References: [ 1 ] Bug #998774 - Review Request: evas_generic_loaders - Extra loaders for GPL loaders and unstable libraries https://bugzilla.redhat.com/show_bug.cgi?id=998774 -------------------------------------------------------------------------------- ================================================================================ fedmsg-notify-0.5.3-1.fc19 (FEDORA-2013-15261) Fedmsg Desktop Notifications -------------------------------------------------------------------------------- Update Information: * Fixed bug with the gnome shell extension not properly starting/stopping the daemon * Distro-specific stuff made more modular (thanks to @olasd) * Debian-related filters added (thanks to @olasd) * Added support for notification expiration (issue #5) * Close notifications upon exit * Improved icon handling for the gnome-shell -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 23 2013 Luke Macken <[email protected]> - 0.5.3-1 - Update to 0.5.3 to fix a regression * Wed Aug 21 2013 Luke Macken <[email protected]> - 0.5.2-1 - Update to 0.5.2 bugfix release - Require python-psutil - Update the URLs * Sat Aug 3 2013 Fedora Release Engineering <[email protected]> - 0.5.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ glances-1.7.1-1.fc19 (FEDORA-2013-15259) CLI curses based monitoring tool -------------------------------------------------------------------------------- Update Information: Update to 1.7.1 update to 1.7 update to 1.7 update to 1.7 -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 23 2013 Edouard Bourguignon <[email protected]> - 1.7.1-1 - Update to 1.7.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #999006 - glances-1.7.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=999006 [ 2 ] Bug #995805 - glances-1.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=995805 -------------------------------------------------------------------------------- ================================================================================ gnome-shell-extension-fedmsg-0.1.5-1.fc19 (FEDORA-2013-15261) A gnome-shell extension for enabling fedmsg desktop notifications -------------------------------------------------------------------------------- Update Information: * Fixed bug with the gnome shell extension not properly starting/stopping the daemon * Distro-specific stuff made more modular (thanks to @olasd) * Debian-related filters added (thanks to @olasd) * Added support for notification expiration (issue #5) * Close notifications upon exit * Improved icon handling for the gnome-shell -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 23 2013 Luke Macken <[email protected]> - 0.1.5-1 - Update to 0.1.5 bugfix release * Sat Aug 3 2013 Fedora Release Engineering <[email protected]> - 0.1.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ json-c-0.11-3.fc19 (FEDORA-2013-15266) A JSON implementation in C -------------------------------------------------------------------------------- Update Information: Increase parser strictness to solve PHP compatibility with original (non-free) parser: * number must not start with 0 * no single-quote string * no comment in data * trailing char not allowed This changes are only enabled in strict mode, so shouldn't affect any application in standard mode. -------------------------------------------------------------------------------- ChangeLog: * Sat Aug 24 2013 Remi Collet <[email protected]> - 0.11-3 - increase parser strictness for php * Sat Aug 3 2013 Fedora Release Engineering <[email protected]> - 0.11-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ ladspa-caps-plugins-0.9.10-1.fc19 (FEDORA-2013-15270) The C* Audio Plugin Suite -------------------------------------------------------------------------------- Update Information: - Update to latest release 0.9.10 -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 22 2013 Brendan Jones <[email protected]> 0.9.10-1 - Update to latest release 0.9.10 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1000157 - New ladspa-caps-plugins release 0.9.10 https://bugzilla.redhat.com/show_bug.cgi?id=1000157 -------------------------------------------------------------------------------- ================================================================================ makeself-2.2.0-2.fc19 (FEDORA-2013-15255) Make self-extractable archives on Unix -------------------------------------------------------------------------------- Update Information: Make self-extractable archives on Unix -------------------------------------------------------------------------------- References: [ 1 ] Bug #989015 - Review Request: makeself - Make self-extractable archives on Unix https://bugzilla.redhat.com/show_bug.cgi?id=989015 -------------------------------------------------------------------------------- ================================================================================ php-htmLawed-1.1.15-2.fc19 (FEDORA-2013-15265) PHP code to purify and filter HTML -------------------------------------------------------------------------------- Update Information: Version 1.1.15 - 11 August 2013 * Improved tidying/prettifying functionality -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 23 2013 Remi Collet <[email protected]> - 1.1.15-2 - update to 1.1.15 -------------------------------------------------------------------------------- ================================================================================ php-pear-Auth-OpenID-2.2.2-7.fc19 (FEDORA-2013-15258) PHP OpenID -------------------------------------------------------------------------------- Update Information: Fix for CVE-2013-4701 -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 23 2013 Kevin Fenzi <[email protected]> 2.2.2-7 - Patch for CVE-2013-4701 * Sun Aug 4 2013 Fedora Release Engineering <[email protected]> - 2.2.2-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #999687 - CVE-2013-4701 php-pear-Auth-OpenID: XML External Entity issue allows for reading arbitrary files or excessive resource consumption https://bugzilla.redhat.com/show_bug.cgi?id=999687 -------------------------------------------------------------------------------- ================================================================================ python-rhsm-1.10.1-1.fc19 (FEDORA-2013-15263) A Python library to communicate with a Red Hat Unified Entitlement Platform -------------------------------------------------------------------------------- Update Information: This update includes numerous bug fixes. -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 22 2013 Alex Wood <[email protected]> 1.10.1-1 - 997194: fix interpolation of default values ([email protected]) - bump version to 1.10.x ([email protected]) - remove 6.5 releaser ([email protected]) * Wed Aug 14 2013 jesus m. rodriguez <[email protected]> 1.9.2-1 - remove rhel 5.9, 5.10, 6.3, 6.4 ([email protected]) - Fedora 17 is at end of life. ([email protected]) -------------------------------------------------------------------------------- ================================================================================ python-rosdep-0.10.21-1.fc19 (FEDORA-2013-15264) ROS System Dependency Installer -------------------------------------------------------------------------------- Update Information: Add a requirement on python-catkin_pkg to satisfy rhbz#975896 -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 19 2013 Rich Mattes <[email protected]> - 0.10.21-1 - Update to release 0.10.21 - Depend on python-catkin_pkg (rhbz#975896) * Sat Jun 1 2013 Rich Mattes <[email protected]> - 0.10.18-1.20130601git91fb6852 - Update to release 0.10.18 - Update github source url -------------------------------------------------------------------------------- References: [ 1 ] Bug #975896 - rosdep init fails https://bugzilla.redhat.com/show_bug.cgi?id=975896 -------------------------------------------------------------------------------- ================================================================================ python3-3.3.2-6.fc19 (FEDORA-2013-15254) Version 3 of the Python programming language aka Python 3000 -------------------------------------------------------------------------------- Update Information: Fix for CVE-2013-4238 -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 23 2013 Matej Stuchlik <[email protected]> - 3.3.2-6 - Added fix for CVE-2013-4238 (rhbz#996399) -------------------------------------------------------------------------------- References: [ 1 ] Bug #996381 - CVE-2013-4238 python: hostname check bypassing vulnerability in SSL module https://bugzilla.redhat.com/show_bug.cgi?id=996381 -------------------------------------------------------------------------------- ================================================================================ rabbitmq-server-3.1.5-1.fc19 (FEDORA-2013-15267) The RabbitMQ server -------------------------------------------------------------------------------- Update Information: * New Upstream Release - 3.1.5 (bugfix release) -------------------------------------------------------------------------------- ChangeLog: * Sat Aug 24 2013 Peter Lemenkov <[email protected]> - 3.1.5-1 - New Upstream Release - 3.1.5 (bugfix release) * Wed Aug 7 2013 Peter Lemenkov <[email protected]> - 3.1.4-1 - New Upstream Release - 3.1.4 (bugfix release) * Sun Aug 4 2013 Fedora Release Engineering <[email protected]> - 3.1.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #850289 - Introduce new systemd-rpm macros in rabbitmq-server spec file https://bugzilla.redhat.com/show_bug.cgi?id=850289 [ 2 ] Bug #948651 - contents of rabbitmq-server package different if built from source vs yum -y install rabbitmq-server https://bugzilla.redhat.com/show_bug.cgi?id=948651 [ 3 ] Bug #951518 - rabbitmq-server and ulimit nofile limit. https://bugzilla.redhat.com/show_bug.cgi?id=951518 [ 4 ] Bug #880703 - upgrade rabbitmq-server to include important updates https://bugzilla.redhat.com/show_bug.cgi?id=880703 -------------------------------------------------------------------------------- ================================================================================ snifflib-1.8.12-1.fc19 (FEDORA-2013-15273) Numerical library for Java -------------------------------------------------------------------------------- Update Information: This update adds Snifflib - a numerical library which provides honest-to-goodness N-dimensional array construction and manipulation along with standard linear algebra functionality as well as statistics and computational routines in the Java language. -------------------------------------------------------------------------------- ================================================================================ subscription-manager-1.10.1-1.fc19 (FEDORA-2013-15263) Tools and libraries for subscription and repository management -------------------------------------------------------------------------------- Update Information: This update includes numerous bug fixes. -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 22 2013 Alex Wood <[email protected]> 1.10.1-1 - Adding Fedora 20 branch to releaser. ([email protected]) - Subscribe/unsubscribe mirror attach/remove tests ([email protected]) - Revert "990195: remove subscribe options" ([email protected]) - 994620: reword tooltip message ([email protected]) - 997935: stop making requests after unregister ([email protected]) - 997740: allow autoheal call more often ([email protected]) - Prevent name collision over the parent variable in RHEL 5 Firstboot. ([email protected]) - 997189: error is now a sys.exc_info() tuple. ([email protected]) - self._parent is not defined here. ([email protected]) - bump version and remove rhel-6.5 releaser ([email protected]) - Convert contract selection window to use a MappedListStore. ([email protected]) - Stripe rows whenever the My Subs or All Available tabs are shown. ([email protected]) - 991165: Refresh row striping after the TreeView is resorted. ([email protected]) - Remove unused background attribute in Installed Products tab. ([email protected]) - Set background color on progress bar renderer. ([email protected]) - No need to set a hint to true in glade then false in code. ([email protected]) - Remove duplicate import. ([email protected]) - Add a very simple "smoke" test script ([email protected]) - 842402: Re-aligning Subscription Manager Gui ([email protected]) * Wed Aug 14 2013 jesus m. rodriguez <[email protected]> 1.9.2-1 - 851321: Refresh/redraw tables after removing subscriptions ([email protected]) - 974587: allow certs with no content ([email protected]) - 977920, 983660: manpage updates ([email protected]) - 987579: Re-arranged preferences dialog ([email protected]) - 990195: remove subscribe options ([email protected]) - 991214: refresh ent dir, catch exception gracefully ([email protected]) - 991548: Display correct error message for registration failures. ([email protected]) - 991580: add rhsmd debug to stdout ([email protected]) - 993202: fix default config, take advantage of rhsmconfig options ([email protected]) - 994266: list consumed shows expired bugs ([email protected]) - 994997: Fix Unknown is_guest during firstboot. ([email protected]) - Changed 'It is' to possessive 'Its' ([email protected]) - Remove unused WARNING_DAYS variable ([email protected]) - Bump python-rhsm requires to 1.9.1 for config changes. ([email protected]) - add ondate to status ([email protected]) - Fedora 17 is at end of life. ([email protected]) -------------------------------------------------------------------------------- ================================================================================ tinymce-3.5.8-1.fc19 (FEDORA-2013-15257) Web based Javascript HTML WYSIWYG editor control -------------------------------------------------------------------------------- Update Information: This update provides the latest upstream version of tinymce (all 3.x releases are compatible, newer builds provide only bugfixes and new functionality) and removes a pre-built Flash binary from the package, whose inclusion was contrary to Fedora policy: https://fedoraproject.org/wiki/Packaging:Guidelines#No_inclusion_of_pre-built_binaries_or_libraries . The effect of this removal is that the media embedding plugin will only embed an HTML5 video player; it will not try and use a Flash plugin to provide a player widget if HTML5 video is not possible for the given browser and media type. -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 23 2013 Adam Williamson <[email protected]> - 3.5.8-1 - bump to latest upstream release - drop pre-build Flash blobs, patch media plugin not to try and use moxieplayer * Sun Aug 4 2013 Fedora Release Engineering <[email protected]> - 3.4.3.2-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1000266 - tinymce contains bundled Flash and Shockwave files https://bugzilla.redhat.com/show_bug.cgi?id=1000266 -------------------------------------------------------------------------------- ================================================================================ wordpress-3.6-1.fc19 (FEDORA-2013-15271) Blog tool and publishing platform -------------------------------------------------------------------------------- Update Information: This update provides the latest upstream release of Wordpress, 3.6, with bug fixes and new features. Fedora does not try to stick with old branches of Wordpress as upstream does not support them, instead encouraging all deployments to update to the latest release. It also removes several Flash and Silverlight binaries which the package was previously shipping in pre-compiled form. This is not compatible with Fedora guidelines. It would not be straightforward to compile these during the package build process, so they have had to be removed. The impact of these changes has been documented in the README.fedora file. -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 22 2013 Adam Williamson <[email protected]> - 3.6.0-1 - update to 3.6.0 - drop pre-compiled Flash and Silverlight binaries - #1000267 * Sun Aug 4 2013 Fedora Release Engineering <[email protected]> - 3.5.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1000267 - wordpress contains bundled Flash and Silverlight files https://bugzilla.redhat.com/show_bug.cgi?id=1000267 -------------------------------------------------------------------------------- -- test mailing list [email protected] To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
