Fedora 18 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Tue Jun 25 03:31:58 UTC 2013
The following Fedora 18 Security updates need testing:
Age URL
167 https://admin.fedoraproject.org/updates/FEDORA-2013-0416/fedora-business-cards-1-0.1.beta1.fc18
101 https://admin.fedoraproject.org/updates/FEDORA-2013-3935/puppet-3.1.1-1.fc18
94 https://admin.fedoraproject.org/updates/FEDORA-2013-4243/stunnel-4.55-1.fc18
81 https://admin.fedoraproject.org/updates/FEDORA-2013-4823/microcode_ctl-2.0-3.fc18
66 https://admin.fedoraproject.org/updates/FEDORA-2013-6117/eucalyptus-3.2.2-1.fc18
39 https://admin.fedoraproject.org/updates/FEDORA-2013-8381/varnish-3.0.3-5.fc18
24 https://admin.fedoraproject.org/updates/FEDORA-2013-9707/livecd-tools-18.16-2.fc18
20 https://admin.fedoraproject.org/updates/FEDORA-2013-9962/subversion-1.7.10-1.fc18
11 https://admin.fedoraproject.org/updates/FEDORA-2013-10806/fail2ban-0.8.10-1.fc18
5 https://admin.fedoraproject.org/updates/FEDORA-2013-11212/haproxy-1.4.24-1.fc18
5 https://admin.fedoraproject.org/updates/FEDORA-2013-11198/dbus-1.6.12-1.fc18
4 https://admin.fedoraproject.org/updates/FEDORA-2013-11396/glpi-0.83.9-1.fc18
4 https://admin.fedoraproject.org/updates/FEDORA-2013-11407/qemu-1.2.2-13.fc18
4 https://admin.fedoraproject.org/updates/FEDORA-2013-11419/python-bugzilla-0.9.0-1.fc18
1 https://admin.fedoraproject.org/updates/FEDORA-2013-11574/curl-7.27.0-11.fc18
1 https://admin.fedoraproject.org/updates/FEDORA-2013-10713/openstack-keystone-2012.2.4-5.fc18
0 https://admin.fedoraproject.org/updates/FEDORA-2013-11630/wordpress-3.5.2-1.fc18
0 https://admin.fedoraproject.org/updates/FEDORA-2013-11646/ReviewBoard-1.7.10-1.fc18
The following Fedora 18 Critical Path updates have yet to be approved:
Age URL
135 https://admin.fedoraproject.org/updates/FEDORA-2013-2192/nautilus-3.6.3-5.fc18
16 https://admin.fedoraproject.org/updates/FEDORA-2013-10428/NetworkManager-0.9.8.2-1.fc18,network-manager-applet-0.9.8.2-1.fc18
13 https://admin.fedoraproject.org/updates/FEDORA-2013-10635/emacs-24.2-19.fc18
13 https://admin.fedoraproject.org/updates/FEDORA-2013-10643/dnsmasq-2.65-6.fc18
8 https://admin.fedoraproject.org/updates/FEDORA-2013-10939/dosfstools-3.0.20-2.fc18
5 https://admin.fedoraproject.org/updates/FEDORA-2013-11278/make-3.82-14.fc18
4 https://admin.fedoraproject.org/updates/FEDORA-2013-11402/deltarpm-3.6-0.12.20110223git.fc18
4 https://admin.fedoraproject.org/updates/FEDORA-2013-11375/gtk3-3.6.4-2.fc18
4 https://admin.fedoraproject.org/updates/FEDORA-2013-11419/python-bugzilla-0.9.0-1.fc18
1 https://admin.fedoraproject.org/updates/FEDORA-2013-11574/curl-7.27.0-11.fc18
1 https://admin.fedoraproject.org/updates/FEDORA-2013-11498/binutils-2.23.51.0.1-10.fc18
0 https://admin.fedoraproject.org/updates/FEDORA-2013-11629/unzip-6.0-10.fc18
The following builds have been pushed to Fedora 18 updates-testing
Mars-4.3-1.fc18
ReviewBoard-1.7.10-1.fc18
choqok-1.3.1-0.2.20130624.fc18
dvd+rw-tools-7.1-13.fc18
ehcache-core-2.6.0-3.fc18
ghc-SafeSemaphore-0.9.0-1.fc18
ghc-shakespeare-text-1.0.0.5-1.fc18
gimp-2.8.6-1.fc18
gnuradio-3.6.5-3.fc18
gsi-openssh-6.1p1-7.fc18
hplip-3.13.6-2.fc18
ibus-typing-booster-1.1.0-1.fc18
mate-applet-softupd-0.2.8-1.fc18
nbdkit-1.0.0-4.fc18
postfix-2.9.7-1.fc18
python-rhsm-1.8.13-1.fc18
python-tahrir-api-0.2.2-1.fc18
subscription-manager-1.8.11-1.fc18
sx-2.15-1.fc18
tcpcopy-0.8.0-3.fc18
unzip-6.0-10.fc18
wordpress-3.5.2-1.fc18
Details about builds:
================================================================================
Mars-4.3-1.fc18 (FEDORA-2013-11621)
An interactive development environment for programming in MIPS assembly language
--------------------------------------------------------------------------------
Update Information:
Fix ClassNotFoundExceptions on start and also update to the latest upstream version.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 24 2013 Mat Booth <fedora at matbooth.co.uk> - 4.3-1
- Fix class not found exceptions at startup, rhbz#828973
- Also update to latest upstream
- Write a real build script to create the jar
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 4.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #828973 - Mars MIPS simulator crashes immediately
https://bugzilla.redhat.com/show_bug.cgi?id=828973
--------------------------------------------------------------------------------
================================================================================
ReviewBoard-1.7.10-1.fc18 (FEDORA-2013-11646)
Web-based code review tool
--------------------------------------------------------------------------------
Update Information:
New upstream release 1.7.10
- http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.10/
- Security Updates:
* Fixed an XSS vulnerability where users could trigger script errors under
certain conditions in auto-complete widgets
- Web API Changes:
* Added n ?order-by=<fieldname> query parameter for comment resources,
allowing ordering by fields such as line numbers (for diff comments)
* Added a filename field to screenshot resources, which provides the base
filename (without path) of the screenshot
* Added a review_url field to screenshot resources, which provides the URL
to the screenshot review page
* Added a thumbnail_url field to screenshot comment resources, which
provides the URL to the snippet of the screenshot being commented on
* Added a link_text field to file attachment comment resources, which shows
the text for any link pointing to the file. This may differ depending on
the comment
* Added a review_url field to file attachment comment resources, which
provides the URL to the review page for the file
* Added a thumbnail_html field to file attachment comment resources, which
provides HTML for rendering the thumbnail of the portion of the file
being rendered, if any
- UI Changes:
* Improved the look and feel of the issue summary table. It’s cleaner and
no longer looks odd with long comment text
- Bug Fixes:
* Fixed periodic but harmless JavaScript errors when removing elements with
relative timestamps
* Editing or reordering dashboard columns no longer breaks after the
dashboard reloads
* Relative timestamps in the dashboard no longer break after the dashboard
reloads
* The maximum size of the timezone has increased, allowing for longer
timezone strings
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 24 2013 Stephen Gallagher <sgallagh at redhat.com> - 1.7.10-1
- New upstream release 1.7.10
- http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.10/
- Security Updates:
* Fixed an XSS vulnerability where users could trigger script errors under
certain conditions in auto-complete widgets
- Web API Changes:
* Added n ?order-by=<fieldname> query parameter for comment resources,
allowing ordering by fields such as line numbers (for diff comments)
* Added a filename field to screenshot resources, which provides the base
filename (without path) of the screenshot
* Added a review_url field to screenshot resources, which provides the URL
to the screenshot review page
* Added a thumbnail_url field to screenshot comment resources, which
provides the URL to the snippet of the screenshot being commented on
* Added a link_text field to file attachment comment resources, which shows
the text for any link pointing to the file. This may differ depending on
the comment
* Added a review_url field to file attachment comment resources, which
provides the URL to the review page for the file
* Added a thumbnail_html field to file attachment comment resources, which
provides HTML for rendering the thumbnail of the portion of the file
being rendered, if any
- UI Changes:
* Improved the look and feel of the issue summary table. It’s cleaner and
no longer looks odd with long comment text
- Bug Fixes:
* Fixed periodic but harmless JavaScript errors when removing elements with
relative timestamps
* Editing or reordering dashboard columns no longer breaks after the
dashboard reloads
* Relative timestamps in the dashboard no longer break after the dashboard
reloads
* The maximum size of the timezone has increased, allowing for longer
timezone strings
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #977423 - CVE-2013-2209 ReviewBoard: Stored XSS due improper sanitization of user's full name in the reviews dropdown
https://bugzilla.redhat.com/show_bug.cgi?id=977423
--------------------------------------------------------------------------------
================================================================================
choqok-1.3.1-0.2.20130624.fc18 (FEDORA-2013-11619)
KDE Micro-Blogging Client
--------------------------------------------------------------------------------
Update Information:
New snapshot release adds support for new twitter 1.1 api
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 24 2013 Rex Dieter <rdieter at fedoraproject.org> 1.3.1-0.2.20130624
- 1.3.1 20130624git snapshot
- fix/prune %changelog
- .spec cosmetics
* Fri Jun 21 2013 Rex Dieter <rdieter at fedoraproject.org> 1.3.1-0.1.20130621
- 1.3.1 20130621git snapshot (uses new twitter 1.1 api)
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.3-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Tue Nov 27 2012 Rex Dieter <rdieter at fedoraproject.org> 1.3-5
- rebuild (qjson)
* Fri Nov 23 2012 Rex Dieter <rdieter at fedoraproject.org> 1.3-4
- rebuild (qjson)
--------------------------------------------------------------------------------
================================================================================
dvd+rw-tools-7.1-13.fc18 (FEDORA-2013-11635)
Toolchain to master DVD+RW/+R media
--------------------------------------------------------------------------------
Update Information:
Here is where you give an explanation of your update.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 24 2013 Frantisek Kluknavsky <fkluknav at redhat.com> - 7.1-13
- when formating blu-ray as srm+pow, handle it later correctly as srm+pow, not srm
(credits Thomas Schmitt)
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 7.1-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Mon Aug 27 2012 Honza Horak <hhorak at redhat.com> - 7.1-11
- Spec file cleanup
- Print error in case we want to write already written DVD-RW in Sequential
Recording mode (bug #810838)
- Add man page for dvd+rw-format
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #868527 - i/o error on K3b
https://bugzilla.redhat.com/show_bug.cgi?id=868527
[ 2 ] Bug #858029 - growisofs fails to close the FIRST session with SK=5h/INVALID FIELD IN CDB when burning blu-ray BD-R SL
https://bugzilla.redhat.com/show_bug.cgi?id=858029
--------------------------------------------------------------------------------
================================================================================
ehcache-core-2.6.0-3.fc18 (FEDORA-2013-11639)
Easy Hibernate Cache
--------------------------------------------------------------------------------
Update Information:
disable embedded ehcache-sizeof-agent.jar copy, switch to pom macros.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 24 2013 gil cattaneo <puntogil at libero.it> - 2.6.0-3
- disable embedded ehcache-sizeof-agent.jar copy
- switch to pom macros
--------------------------------------------------------------------------------
================================================================================
ghc-SafeSemaphore-0.9.0-1.fc18 (FEDORA-2013-11623)
Much safer replacement for QSemN, QSem, and SampleVar
--------------------------------------------------------------------------------
Update Information:
Thread- and exception-safe semaphore library.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #974720 - Review Request: ghc-SafeSemaphore - Much safer replacement for QSemN, QSem, and SampleVar
https://bugzilla.redhat.com/show_bug.cgi?id=974720
--------------------------------------------------------------------------------
================================================================================
ghc-shakespeare-text-1.0.0.5-1.fc18 (FEDORA-2013-11641)
Interpolation with quasi-quotation
--------------------------------------------------------------------------------
Update Information:
Interpolation with quasi-quotation
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #838780 - Review Request: ghc-shakespeare-text - Interpolation with quasi-quotation
https://bugzilla.redhat.com/show_bug.cgi?id=838780
--------------------------------------------------------------------------------
================================================================================
gimp-2.8.6-1.fc18 (FEDORA-2013-11638)
GNU Image Manipulation Program
--------------------------------------------------------------------------------
Update Information:
Overview of Changes from GIMP 2.8.4 to GIMP 2.8.6
=================================================
Core:
* Fix saving to URIs, it was broken to only allow exporting, and fix
save/export of compressed files
* Fix brush spacing for drawing in any direction
* Increase the maximum size of clipboard brushes and patterns to 1024x1024
* Make sure data objects are saved when only their name was changed
GUI:
* Don't allow single-window docks to shrink smaller than their requisition
* Make sure a single-window's right docks keep their size across sessions
* Allow to change the spacing of non-generated brushes again
* In single-window mode, make Escape move the focus to the canvas,
and beep if the focus is already there
* Be smarter about unavailable fonts, and don't crash
* Make clicking the single-window's close button quit GIMP
* Make view-close (Ctrl+W) only close image windows and tabs, not docks
Libgimp:
* Add SIGNED_ROUND() which also rounds negative values correctly
Plug-ins:
* Make GIMP_PLUGIN_DEBUG work again after GLib changed logging
* Fix zealous crop for transparent borders
Installer:
* Add Hungarian translation
Data:
* Add a default "Color from Gradient" dynamics and tool preset
General:
* Lots of bug fixes
* Lots of translation updates
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jun 23 2013 Nils Philippsen <nils at redhat.com> - 2:2.8.6-1
- version 2.8.6
--------------------------------------------------------------------------------
================================================================================
gnuradio-3.6.5-3.fc18 (FEDORA-2013-11626)
Software defined radio framework
--------------------------------------------------------------------------------
Update Information:
This is an update that fixes segfault in gnuradio-companion.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 24 2013 Jaroslav Škarvada <jskarvad at redhat.com> - 3.6.5-3
- Rebuilt for new uhd
Resolves: rhbz#977172
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #977172 - gnuradio-companion segfault on startup Fedora 18
https://bugzilla.redhat.com/show_bug.cgi?id=977172
--------------------------------------------------------------------------------
================================================================================
gsi-openssh-6.1p1-7.fc18 (FEDORA-2013-11640)
An implementation of the SSH protocol with GSI authentication
--------------------------------------------------------------------------------
Update Information:
Synch with latest openssh package.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 24 2013 Mattias Ellert <mattias.ellert at fysast.uu.se> - 6.1p1-7
- Based on openssh-6.1p1-9.fc18
--------------------------------------------------------------------------------
================================================================================
hplip-3.13.6-2.fc18 (FEDORA-2013-11645)
HP Linux Imaging and Printing Project
--------------------------------------------------------------------------------
Update Information:
New upstream bug-fix release.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 24 2013 Jiri Popelka <jpopelka at redhat.com> - 3.13.6-2
- add one more arch-specific dependency.
* Mon Jun 24 2013 Jiri Popelka <jpopelka at redhat.com> - 3.13.6-1
- 3.13.6
- hplip-ipp-accessors.patch merged upstream
- /etc/cron.daily/hplip_cron -> /usr/share/hplip/hplip_clean.sh
* Wed May 29 2013 Tim Waugh <twaugh at redhat.com> - 3.13.5-2
- Avoid several bugs in createTempFile (bug #925032).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #977248 - hplip-3.13.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=977248
--------------------------------------------------------------------------------
================================================================================
ibus-typing-booster-1.1.0-1.fc18 (FEDORA-2013-11648)
A typing booster engine for the IBus platform
--------------------------------------------------------------------------------
Update Information:
Add feature to read a text file for training the user database
Don’t output page_size in “/usr/libexec/ibus-engine-typing-booster --xml”; Use ~/.local/share/ibus-typing-booster/ to store user data and log files
Fix problem when IBUS_TYPING_BOOSTER_DEBUG_LEVEL is not set
Much more intelligent now because it uses the context
Push context *after* writing the trigram to the database
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 24 2013 Mike FABIAN <mfabian at redhat.com> - 1.1.0-1
- Update to 1.1.0 upstream version
- Add a commit=True parameter to check_phrase_and_update_frequency()
- Fix that the page_size is shown as 0 in the setup tool if it has not been set before
- Do not use AUTOINCREMENT
- Make it possible to exit the setup tool by typing Control-C in the terminal
- Add feature to read a text file for training the user database
- Update German translations and .pot file
- Fix error when the hunspell dictionary for an engine is missing
* Tue Jun 18 2013 Mike FABIAN <mfabian at redhat.com> - 1.0.3-1
- Update to 1.0.3 upstream version
- Don’t output page_size in “/usr/libexec/ibus-engine-typing-booster --xml” (Resolves: rhbz#975449 - ibus-daemon prints warnings because “/usr/libexec/ibus-engine-typing-booster --xml” prints the invalid element “page_size”)
- Use ~/.local/share/ibus-typing-booster/ to store user data and log files (Resolves: rhbz#949035 - don't use a hidden directory under .local/share)
* Fri Jun 14 2013 Mike FABIAN <mfabian at redhat.com> - 1.0.2-1
- Update to 1.0.2 upstream version
- Push context *after* writing the trigram to the database
* Fri Jun 14 2013 Mike FABIAN <mfabian at redhat.com> - 1.0.1-1
- Update to 1.0.1 upstream version
- Fix problem when IBUS_TYPING_BOOSTER_DEBUG_LEVEL is not set
* Thu Jun 13 2013 Mike FABIAN <mfabian at redhat.com> - 1.0.0-1
- Update to 1.0.0 upstream version
- Remove mudb and use “Write-Ahead Logging”
- Introduce an environment variable IBUS_TYPING_BOOSTER_DEBUG_LEVEL for debugging
- Speed up converting an old database to the current format
- Make prediction more intelligent by using context of up to 2 previous words
- Automatically remove whitespace between the last word and a punctuation character ending a sentence
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #975449 - ibus-daemon prints warnings because “/usr/libexec/ibus-engine-typing-booster --xml” prints the invalid element “page_size”
https://bugzilla.redhat.com/show_bug.cgi?id=975449
[ 2 ] Bug #949035 - don't use a hidden directory under .local/share
https://bugzilla.redhat.com/show_bug.cgi?id=949035
--------------------------------------------------------------------------------
================================================================================
mate-applet-softupd-0.2.8-1.fc18 (FEDORA-2013-11647)
MATE Software Update Applet
--------------------------------------------------------------------------------
Update Information:
* Mon Jun 24 2013 Patrick Monnerat <pm at datasphere.ch> 0.2.8-1
- New upstream release.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 24 2013 Patrick Monnerat <pm at datasphere.ch> 0.2.8-1
- New upstream release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #974176 - softupd creates zombie yumex processes
https://bugzilla.redhat.com/show_bug.cgi?id=974176
--------------------------------------------------------------------------------
================================================================================
nbdkit-1.0.0-4.fc18 (FEDORA-2013-11634)
NBD server
--------------------------------------------------------------------------------
Update Information:
nbdkit is an NBD server kit.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #977446 - Review Request: nbdkit - NBD server
https://bugzilla.redhat.com/show_bug.cgi?id=977446
--------------------------------------------------------------------------------
================================================================================
postfix-2.9.7-1.fc18 (FEDORA-2013-11633)
Postfix Mail Transport Agent
--------------------------------------------------------------------------------
Update Information:
This is new version that fixes several bugs, for details see upstream announcement: http://www.postfix.org/announcements/postfix-2.10.1.html
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 24 2013 Jaroslav Škarvada <jskarvad at redhat.com> - 2:2.9.7-1
- New version
Resolves: rhbz#977273
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #977273 - postfix-2.10.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=977273
--------------------------------------------------------------------------------
================================================================================
python-rhsm-1.8.13-1.fc18 (FEDORA-2013-11628)
A Python library to communicate with a Red Hat Unified Entitlement Platform
--------------------------------------------------------------------------------
Update Information:
Significant GUI performance improvements. Improved socket detection. Dozens of bugfixes.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jun 21 2013 Adrian Likins <alikins at redhat.com> 1.8.13-1
- Added autoheal option to updateConsumer (cschevia at redhat.com)
* Fri May 31 2013 jesus m. rodriguez <jesusr at redhat.com> 1.8.12-1
- Update the releasers with a 6.3 (bkearney at redhat.com)
- 967566: Enhance the ssl bindings to expose the issuer. (bkearney at redhat.com)
- Update the dist-git releasers (bkearney at redhat.com)
--------------------------------------------------------------------------------
================================================================================
python-tahrir-api-0.2.2-1.fc18 (FEDORA-2013-11624)
An API for interacting with the Tahrir database
--------------------------------------------------------------------------------
Update Information:
Add alembic scripts.
Latest upstream with API enhancements.
New features, bugfixes, and relicense to GPLv3+.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jun 23 2013 Ralph Bean <rbean at redhat.com> - 0.2.2-1
- Add alembic upgrade scripts.
- Add check section with tests.
* Sun Jun 23 2013 Ralph Bean <rbean at redhat.com> - 0.2.1-1
- Bugfix - stop leaking sqlalchemy sessions.
- API enhancement - can query for user by username, id, or email now.
* Thu Jun 20 2013 Ralph Bean <rbean at redhat.com> - 0.2.0-1
- API enhancements.
* Thu Jun 13 2013 Ralph Bean <rbean at redhat.com> - 0.1.8-6
- Use paste-deploy1.5 forward compat package.
- Use zope-interface4 forward compat package.
* Thu Jun 13 2013 Ralph Bean <rbean at redhat.com> - 0.1.8-5
- Added dep on zope.interface.
* Thu Jun 13 2013 Ralph Bean <rbean at redhat.com> - 0.1.8-4
- Conditional mako0.4 requirement for epel6.
* Thu Jun 13 2013 Ralph Bean <rbean at redhat.com> - 0.1.8-3
- More epel6 fixes.
* Thu Jun 13 2013 Ralph Bean <rbean at redhat.com> - 0.1.8-2
- Conditionalize sqlalchemy forward compat package for epel6.
* Fri Jun 7 2013 Ralph Bean <rbean at redhat.com> - 0.1.8-1
- New Invitations API.
- Bugfixes to other API functions.
- Relicense to GPLv3+
--------------------------------------------------------------------------------
================================================================================
subscription-manager-1.8.11-1.fc18 (FEDORA-2013-11628)
Tools and libraries for subscription and repository management
--------------------------------------------------------------------------------
Update Information:
Significant GUI performance improvements. Improved socket detection. Dozens of bugfixes.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 20 2013 jesus m. rodriguez <jesusr at redhat.com> 1.8.11-1
- 844532: xen dom0 cpu topology lies, work around it (alikins at redhat.com)
- 854380: fix overlap filter (ckozak at redhat.com)
- 915847: Provide option to skip using proxy when connecting to RHSM.
- 921222: Fixed tab completion (cschevia at redhat.com)
- 922871: Call pre_product_id_install hook on product install (mstead at redhat.com)
- 924766: Show machine type when attaching 'virt only' subscriptions (wpoteat at redhat.com)
- 927340: added empty warning, block auth unless proxy enabled (ckozak at redhat.com)
- 928401: Fixed translation issue in redeem dialog (cschevia at redhat.com)
- 947485: System 'disconnected' if no cache and disconnected (ckozak at redhat.com)
- 947788: facts plugin can handle no 'facter' (alikins at redhat.com)
- 966137: stat-cert handles ent cert with no content (alikins at redhat.com)
- 972883: Add entries to productid.js during migration. (awood at redhat.com)
- 973938: Flush std out and catch errors to work around the broken pipe from the more command (bkearney at redhat.com)
- 974123: default behavior is help, no longer status (ckozak at redhat.com)
- 974587: Allow list --consumed to handle certificates with empty order sections (bkearney at redhat.com) (awood at redhat.com)
- 975164: 975186: fix certlib exception handling (ckozak at redhat.com)
- Pull PluginManager from dependency injection framework (mstead at redhat.com)
- Performance enhancements (ckozak at redhat.com)
- added cp_provider doc strings, modified test fixture (ckozak at redhat.com)
- Fix expand options so there is no border txt view (alikins at redhat.com)
- Make PluginManager lazy loading (mstead at redhat.com)
* Tue Jun 4 2013 jesus m. rodriguez <jesusr at redhat.com> 1.8.10-1
- 922825: pre_subscribe conduit now contains more data (mstead at redhat.com)
- 921222: Fixed subman auto-complete scripts (cschevia at redhat.com)
- 922806: Fix RHEL 5 firstboot issue with backButton. (dgoodwin at redhat.com)
- 960465: Subman disconnected when consumer cert is invalid (ckozak at redhat.com)
- 966747: handle a custom facts file being empty (alikins at redhat.com)
- 969280: Fix traceback on disconnected sub detach (ckozak at redhat.com)
- handle s390x's without vm info in sysinfo (alikins at redhat.com)
* Fri May 31 2013 jesus m. rodriguez <jesusr at redhat.com> 1.8.9-1
- 905136: added accessibily name for owner_label (jmolet at redhat.com)
- 928175: fixed status command after user deletion (ckozak at redhat.com)
- 950672: Added data for yellow. Added list view. (ckozak at redhat.com)
- 963796: Unified descriptions (cschevia at redhat.com)
- 966745: Correct typo in name of configuration value. (awood at redhat.com)
- 967863: Suggest package to install when mapping file is missing. (awood at redhat.com)
- 968364: show the issuer for certs in rct. (bkearney at redhat.com)
- 966262 for rct.8; 959563 for subscription-manager.8 (dlackey at redhat.com.com)
- Extract latest strings from code. (dgoodwin at redhat.com)
- close file objects deliberately (alikins at redhat.com)
- Use fnmatch to add wildcard support (bkearney at redhat.com)
- One more miss from my issuer/errata debacle (bkearney at redhat.com)
- Extend use of compliance status from cp (ckozak at redhat.com)
- Add s390 lpar specific socket counting (alikins at redhat.com)
- be extra paranoid and strip nul from /sys reads (alikins at redhat.com)
- use new cpu info method by default (alikins at redhat.com)
- Add a new method for calculating cpu sockets (alikins at redhat.com)
- Added reasons to Subscription Details (ckozak at redhat.com)
- Support enable and disable of all repos. (bkearney at redhat.com)
* Tue May 21 2013 jesus m. rodriguez <jesusr at redhat.com> 1.8.8-1
- Fix echo'ing of exit status or exception on exit (alikins at redhat.com)
- 962905: Fixing errors with quantity spinner. (awood at redhat.com)
- 961124: Allow rct dump-manifest to be called more than once (bkearney at redhat.com)
- 921249: Fix Unknown virt status being reported to server. (dgoodwin at redhat.com)
- 905136: Make the accessability value unique (bkearney at redhat.com)
- 913635: typo (dlackey at redhat.com.com)
- 889582 (dlackey at redhat.com.com)
- 962520: require python-rhsm 1.8.11 for arches (alikins at redhat.com)
- 919706: Relax rhn-setup-gnome dependency. (dgoodwin at redhat.com)
- Add new expiring icon (bkearney at redhat.com)
- use os.linesep as imported (alikins at redhat.com)
- cleanup camelCase usage in various files (alikins at redhat.com)
- adding architecture data (ckozak at redhat.com)
- Default option is status (ckozak at redhat.com)
- changed list --status to status (ckozak at redhat.com)
- adding data to installed prods (ckozak at redhat.com)
- SORT ALL THE IMPORTS! (alikins at redhat.com)
- stylish cleanup (alikins at redhat.com)
- mock.patch ConsumerIdentity instead of monkey patch (alikins at redhat.com)
--------------------------------------------------------------------------------
================================================================================
sx-2.15-1.fc18 (FEDORA-2013-11631)
Tool to extract reports and run plug-ins against those extracted reports
--------------------------------------------------------------------------------
Update Information:
New upstream release to resolve bugs and add new features enhancements. No backward compatibility issues known.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 20 2013 Shane Bradley <sbradley at redhat.com>- 2.15-0.0
- bz955343: There was incorrect labeling on cluster.py when there was no rpms
found, instead of being split by HA and RS, they are split by packages and
module-packages.
- Changed the chkconfig cluster service summary output to display enabled and
disabled services.
- Modified bonding mode check for clusterevaluator since there is some new
supported modes.
- A devicemapper parser error when libudev entries were in the files for
dmsetup_info and lvs.
- Fix all the urls since kcs changed.
- Added a catch all exception that will write a debug file if uncaught
exception is raised.
- Added a check and summary output for transport mode which includes:
broadcast, multicast, and updu.
- Added code to check all valid values for attributes that can be enabled and
disabled for /etc/cluster/cluster.conf.
- Fixed parsing of sos_commands/startup/chkconfig_--list for spanish words.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #976404 - Update to sx-2.15
https://bugzilla.redhat.com/show_bug.cgi?id=976404
--------------------------------------------------------------------------------
================================================================================
tcpcopy-0.8.0-3.fc18 (FEDORA-2013-11627)
An online request replication tool
--------------------------------------------------------------------------------
Update Information:
New RPM.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #967482 - Review Request: tcpcopy - An online request replication tool
https://bugzilla.redhat.com/show_bug.cgi?id=967482
--------------------------------------------------------------------------------
================================================================================
unzip-6.0-10.fc18 (FEDORA-2013-11629)
A utility for unpacking zip files
--------------------------------------------------------------------------------
Update Information:
Unset WILD_STOP_AT_DIR, which was causing behavior change when doing unpacking using wildcards.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 24 2013 Tom Callaway <spot at fedoraproject.org> - 6.0-10
- unset WILD_STOP_AT_DIR
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #976808 - After a Fedora update, unzip is no more able to extract sub-directories from a zip archive
https://bugzilla.redhat.com/show_bug.cgi?id=976808
--------------------------------------------------------------------------------
================================================================================
wordpress-3.5.2-1.fc18 (FEDORA-2013-11630)
Blog tool and publishing platform
--------------------------------------------------------------------------------
Update Information:
WordPress 3.5.2 is now available. This is the second maintenance release of 3.5, fixing 12 bugs. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. The WordPress security team resolved seven security issues, and this release also contains some additional security hardening.
The security fixes included:
- Blocking server-side request forgery attacks, which could potentially enable an attacker to gain access to a site.
- Disallow contributors from improperly publishing posts, reported by Konstantin Kovshenin, or reassigning the post’s authorship, reported by Luke Bryan.
- An update to the SWFUpload external library to fix cross-site scripting vulnerabilities. Reported by mala and Szymon Gruszecki. (Developers: More on SWFUpload here.)
- Prevention of a denial of service attack, affecting sites using password-protected posts.
- An update to an external TinyMCE library to fix a cross-site scripting vulnerability. Reported by Wan Ikram.
- Multiple fixes for cross-site scripting. Reported by Andrea Santese and Rodrigo.
- Avoid disclosing a full file path when a upload fails. Reported by Jakub Galczyk.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jun 24 2013 Remi Collet <rcollet at redhat.com> - 3.5.2-1
- version 3.5.2, various bug and security fixes:
CVE-2013-2173 CVE-2013-2199 CVE-2013-2200 CVE-2013-2201
CVE-2013-2202 CVE-2013-2203 CVE-2013-2204
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #976784 - CVE-2013-2199 CVE-2013-2200 CVE-2013-2201 CVE-2013-2202 CVE-2013-2203 CVE-2013-2204 CVE-2013-2205 wordpress: Multiple security flaws to be corrected within upstream 3.5.2 version
https://bugzilla.redhat.com/show_bug.cgi?id=976784
[ 2 ] Bug #973254 - CVE-2013-2173 wordpress: DoS when computing user-input hash for certain password protected blogs
https://bugzilla.redhat.com/show_bug.cgi?id=973254
--------------------------------------------------------------------------------
More information about the test
mailing list