Fedora 17 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Sun Apr 21 03:26:46 UTC 2013
The following Fedora 17 Security updates need testing:
Age URL
289 https://admin.fedoraproject.org/updates/FEDORA-2012-10269/revelation-0.4.14-1.fc17
101 https://admin.fedoraproject.org/updates/FEDORA-2013-0455/fedora-business-cards-1-0.1.beta1.fc17
71 https://admin.fedoraproject.org/updates/FEDORA-2013-2143/rubygem-rdoc-3.12-5.fc17
67 https://admin.fedoraproject.org/updates/FEDORA-2013-2315/rubygem-rack-1.4.0-4.fc17
30 https://admin.fedoraproject.org/updates/FEDORA-2013-4174/glibc-2.15-59.fc17
29 https://admin.fedoraproject.org/updates/FEDORA-2013-4234/stunnel-4.55-1.fc17
28 https://admin.fedoraproject.org/updates/FEDORA-2013-4296/tomcat6-6.0.36-1.fc17
24 https://admin.fedoraproject.org/updates/FEDORA-2013-4501/libxslt-1.1.28-1.fc17
21 https://admin.fedoraproject.org/updates/FEDORA-2013-4581/libuser-0.57.6-2.fc17
16 https://admin.fedoraproject.org/updates/FEDORA-2013-4827/haproxy-1.4.23-1.fc17
9 https://admin.fedoraproject.org/updates/FEDORA-2013-5440/php-geshi-1.0.8.11-3.fc17
9 https://admin.fedoraproject.org/updates/FEDORA-2013-5349/389-ds-base-1.2.11.21-1.fc17
8 https://admin.fedoraproject.org/updates/FEDORA-2013-5546/plexus-archiver-2.3-1.fc17
7 https://admin.fedoraproject.org/updates/FEDORA-2013-5610/curl-7.24.0-7.fc17
7 https://admin.fedoraproject.org/updates/FEDORA-2013-5623/phpMyAdmin-3.5.8-1.fc17
5 https://admin.fedoraproject.org/updates/FEDORA-2013-5756/pdns-recursor-3.5-1.fc17
4 https://admin.fedoraproject.org/updates/FEDORA-2013-5833/mantis-1.2.15-1.fc17
3 https://admin.fedoraproject.org/updates/FEDORA-2013-5967/xorg-x11-server-1.12.4-7.fc17
1 https://admin.fedoraproject.org/updates/FEDORA-2013-6107/php-twig-Twig-1.12.3-1.fc17
0 https://admin.fedoraproject.org/updates/FEDORA-2013-6170/mediawiki-1.19.5-1.fc17
The following Fedora 17 Critical Path updates have yet to be approved:
Age URL
241 https://admin.fedoraproject.org/updates/FEDORA-2012-12509/PackageKit-0.7.6-1.fc17
70 https://admin.fedoraproject.org/updates/FEDORA-2013-2163/policycoreutils-2.1.13-27.3.fc17
49 https://admin.fedoraproject.org/updates/FEDORA-2013-3304/libvpx-1.2.0-1.fc17
30 https://admin.fedoraproject.org/updates/FEDORA-2013-4140/audit-2.2.3-2.fc17
11 https://admin.fedoraproject.org/updates/FEDORA-2013-5287/libogg-1.3.0-5.fc17
11 https://admin.fedoraproject.org/updates/FEDORA-2013-5288/python-pycurl-7.19.0-11.1.fc17
9 https://admin.fedoraproject.org/updates/FEDORA-2013-5476/perl-5.14.4-225.fc17
9 https://admin.fedoraproject.org/updates/FEDORA-2013-5353/abrt-2.1.3-2.fc17,libreport-2.1.3-1.fc17
7 https://admin.fedoraproject.org/updates/FEDORA-2013-5610/curl-7.24.0-7.fc17
5 https://admin.fedoraproject.org/updates/FEDORA-2013-5724/ncurses-5.9-10.20130413.fc17
1 https://admin.fedoraproject.org/updates/FEDORA-2013-6034/kernel-3.8.8-100.fc17
The following builds have been pushed to Fedora 17 updates-testing
mediawiki-1.19.5-1.fc17
perl-Devel-PatchPerl-0.84-1.fc17
salt-0.14.1-1.fc17
ultimaker-marlin-firmware-12.12-0.5.RC1.fc17
xscreensaver-5.21-3.fc17
Details about builds:
================================================================================
mediawiki-1.19.5-1.fc17 (FEDORA-2013-6170)
A wiki engine
--------------------------------------------------------------------------------
Update Information:
*An internal review discovered that specially crafted Lua function names could lead to XSS. https://bugzilla.wikimedia.org/show_bug.cgi?id=46084
*Daniel Franke reported that during SVG parsing, MediaWiki failed to prevent XML external entity (XXE) processing. This could lead to local file disclosure, or potentially remote command execution in environments that have enabled expect:// handling. https://bugzilla.wikimedia.org/show_bug.cgi?id=46859
*Internal review also discovered that Special:Import, and Extension:RSS failed to prevent XML external entity (XXE) processing. https://bugzilla.wikimedia.org/show_bug.cgi?id=47251
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 17 2013 Michael Cronenworth <mike at cchtml.com> - 1.19.5-1
- New upstream release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #953666 - CVE-2013-1951 mediawiki: security releases 1.20.4 and 1.19.5
https://bugzilla.redhat.com/show_bug.cgi?id=953666
--------------------------------------------------------------------------------
================================================================================
perl-Devel-PatchPerl-0.84-1.fc17 (FEDORA-2013-6165)
Patch perl source à la Devel::PPPort's buildperl.pl
--------------------------------------------------------------------------------
Update Information:
This update includes an updated linux hints file.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 19 2013 Iain Arnell <iarnell at gmail.com> 0.84-1
- update to latest upstream version
- drop IPC::Cmd dependency
* Tue Feb 19 2013 Iain Arnell <iarnell at gmail.com> 0.78-1
- update to latest upstream version
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.76-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
salt-0.14.1-1.fc17 (FEDORA-2013-6156)
A parallel remote execution system
--------------------------------------------------------------------------------
Update Information:
upstream patch release 0.14.1 and unit test fixes
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 19 2013 Clint Savage <herlo1 at gmail.com> - 0.14.1-1
- Update to upstream patch release 0.14.1
--------------------------------------------------------------------------------
================================================================================
ultimaker-marlin-firmware-12.12-0.5.RC1.fc17 (FEDORA-2013-6176)
Ultimaker firmware for the 3D printer
--------------------------------------------------------------------------------
Update Information:
package now includes both boudrates
Ultimaker firmware for the 3D printer
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #905681 - Review Request: ultimaker-marlin-firmware - Ultimaker firmware for the 3D printer
https://bugzilla.redhat.com/show_bug.cgi?id=905681
--------------------------------------------------------------------------------
================================================================================
xscreensaver-5.21-3.fc17 (FEDORA-2013-6160)
X screen saver and locker
--------------------------------------------------------------------------------
Update Information:
Some issues are found on several hacks shipped in xscreensaver. Also an issue was reported that when installing gss rpms xscreensaver hacks appears in desktop entry.
This new rpm will fix these issues.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Apr 21 2013 Mamoru TASAKA <mtasaka at fedoraproject.org> - 1:5.21-3
- Fix the iteration number for pentomino mode in polyominoes
(bug 954077)
- Convert maxlife option from 5.20- for fireworkx (bug 953916)
- Fix broken Name entry for desktop file of GL hacks (bug 953558)
- Add OnlyShownIn entry for desktop files (bug 953558)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #954077 - [abrt] xscreensaver-extras-5.21-2.fc19: make_one_sided_pentomino: Process /usr/libexec/xscreensaver/polyominoes was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=954077
[ 2 ] Bug #953916 - [abrt] xscreensaver-extras-5.21-2.fc18: rnd: Process /usr/libexec/xscreensaver/fireworkx was killed by signal 8 (SIGFPE)
https://bugzilla.redhat.com/show_bug.cgi?id=953916
[ 3 ] Bug #953558 - Xfce-Panel adds Xscreensaver-Plugins into Panelsection 'Other' (German: Sonstiges)
https://bugzilla.redhat.com/show_bug.cgi?id=953558
--------------------------------------------------------------------------------
More information about the test
mailing list