Fedora 19 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Sun Dec 7 04:43:52 UTC 2014
The following Fedora 19 Security updates need testing:
Age URL
407 https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glance-2013.1.4-1.fc19
65 https://admin.fedoraproject.org/updates/FEDORA-2014-12057/krb5-1.11.3-29.fc19
50 https://admin.fedoraproject.org/updates/FEDORA-2014-13018/deluge-1.3.10-1.fc19
41 https://admin.fedoraproject.org/updates/FEDORA-2014-13551/wpa_supplicant-2.0-12.fc19
32 https://admin.fedoraproject.org/updates/FEDORA-2014-14237/claws-mail-plugins-3.11.1-1.fc19,claws-mail-3.11.1-2.fc19,libetpan-1.6-1.fc19
25 https://admin.fedoraproject.org/updates/FEDORA-2014-14738/gnutls-3.1.20-6.fc19
22 https://admin.fedoraproject.org/updates/FEDORA-2014-12407/sddm-0.10.0-2.fc19
21 https://admin.fedoraproject.org/updates/FEDORA-2014-15079/mantis-1.2.17-4.fc19
18 https://admin.fedoraproject.org/updates/FEDORA-2014-15248/kde-runtime-4.11.5-3.fc19
17 https://admin.fedoraproject.org/updates/FEDORA-2014-15378/rubygem-actionpack-3.2.13-7.fc19
17 https://admin.fedoraproject.org/updates/FEDORA-2014-15390/nodejs-0.10.33-1.fc19,libuv-0.10.29-1.fc19
16 https://admin.fedoraproject.org/updates/FEDORA-2014-15466/rubygem-sprockets-2.8.2-4.fc19
11 https://admin.fedoraproject.org/updates/FEDORA-2014-15717/kernel-3.14.25-100.fc19
11 https://admin.fedoraproject.org/updates/FEDORA-2014-15740/facter-1.6.18-8.fc19
11 https://admin.fedoraproject.org/updates/FEDORA-2014-15730/asterisk-11.14.1-1.fc19
11 https://admin.fedoraproject.org/updates/FEDORA-2014-15743/curl-7.29.0-26.fc19
9 https://admin.fedoraproject.org/updates/FEDORA-2014-15848/docker-io-1.3.2-2.fc19
5 https://admin.fedoraproject.org/updates/FEDORA-2014-16017/xen-4.2.5-6.fc19
5 https://admin.fedoraproject.org/updates/FEDORA-2014-15990/mariadb-5.5.40-1.fc19
5 https://admin.fedoraproject.org/updates/FEDORA-2014-15999/libreoffice-4.1.6.2-10.fc19
5 https://admin.fedoraproject.org/updates/FEDORA-2014-16020/mediawiki-1.23.7-1.fc19
5 https://admin.fedoraproject.org/updates/FEDORA-2014-16045/util-linux-2.23.2-6.fc19
4 https://admin.fedoraproject.org/updates/FEDORA-2014-16130/libyaml-0.1.6-2.fc19
2 https://admin.fedoraproject.org/updates/FEDORA-2014-16272/flac-1.3.1-1.fc19
2 https://admin.fedoraproject.org/updates/FEDORA-2014-16251/mingw-flac-1.3.1-1.fc19
2 https://admin.fedoraproject.org/updates/FEDORA-2014-16227/dbus-1.6.28-1.fc19
2 https://admin.fedoraproject.org/updates/FEDORA-2014-16224/pcre-8.32-12.fc19
2 https://admin.fedoraproject.org/updates/FEDORA-2014-16257/antiword-0.37-17.fc19
2 https://admin.fedoraproject.org/updates/FEDORA-2014-16234/pkcs11-helper-1.11-3.fc19,openvpn-2.3.6-1.fc19
2 https://admin.fedoraproject.org/updates/FEDORA-2014-16203/kde-plasma-networkmanagement-0.9.0.11-2.fc19
2 https://admin.fedoraproject.org/updates/FEDORA-2014-16210/perl-YAML-LibYAML-0.54-1.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-16473/pwgen-2.07-1.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-16474/phpMyAdmin-4.2.13.1-1.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-16452/grub2-2.00-27.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-16477/python-tornado-2.2.1-7.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-16485/pam-1.1.6-13.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-16479/python3-3.3.2-11.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-16465/jasper-1.900.1-25.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-16466/pyxdg-0.25-5.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-16483/icecast-2.4.1-1.fc19
The following Fedora 19 Critical Path updates have yet to be approved:
Age URL
355 https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmarks-15-5.fc19
281 https://admin.fedoraproject.org/updates/FEDORA-2014-3245/testdisk-6.14-2.fc19.1,ntfs-3g-2014.2.15-1.fc19
11 https://admin.fedoraproject.org/updates/FEDORA-2014-15743/curl-7.29.0-26.fc19
11 https://admin.fedoraproject.org/updates/FEDORA-2014-15717/kernel-3.14.25-100.fc19
11 https://admin.fedoraproject.org/updates/FEDORA-2014-15732/cups-1.6.4-12.fc19
9 https://admin.fedoraproject.org/updates/FEDORA-2014-15832/lvm2-2.02.98-16.fc19
5 https://admin.fedoraproject.org/updates/FEDORA-2014-16021/tracker-0.16.5-1.fc19
5 https://admin.fedoraproject.org/updates/FEDORA-2014-16009/unzip-6.0-13.fc19
5 https://admin.fedoraproject.org/updates/FEDORA-2014-16045/util-linux-2.23.2-6.fc19
2 https://admin.fedoraproject.org/updates/FEDORA-2014-16276/selinux-policy-3.12.1-74.30.fc19
2 https://admin.fedoraproject.org/updates/FEDORA-2014-16213/crda-1.1.3_2014.11.18-1.fc19
2 https://admin.fedoraproject.org/updates/FEDORA-2014-16224/pcre-8.32-12.fc19
2 https://admin.fedoraproject.org/updates/FEDORA-2014-16227/dbus-1.6.28-1.fc19
2 https://admin.fedoraproject.org/updates/FEDORA-2014-16272/flac-1.3.1-1.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-16485/pam-1.1.6-13.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-16466/pyxdg-0.25-5.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-16465/jasper-1.900.1-25.fc19
The following builds have been pushed to Fedora 19 updates-testing
2048-cli-0.8-2.fc19
ansible-lint-2.0.1-1.fc19
batctl-2014.3.0-1.fc19
gauche-0.9.4-1.fc19
gauche-gl-0.6-1.fc19
gauche-gtk-0.6-0.12.20121223gitceb4579.fc19
glances-2.1.2-2.fc19
gphotoframe-2.0.1-2.hg0eed26d75481.fc19
grub2-2.00-27.fc19
icecast-2.4.1-1.fc19
iotop-0.6-2.fc19
jasper-1.900.1-25.fc19
libstoragemgmt-1.1.0-1.fc19
lnst-6-1.fc19
nodejs-csscomb-core-2.0.4-1.fc19
pam-1.1.6-13.fc19
perl-Directory-Scratch-0.15-1.fc19
perl-autobox-2.82-1.fc19
phpMyAdmin-4.2.13.1-1.fc19
pngquant-2.3.1-1.fc19
pwgen-2.07-1.fc19
python-application-1.4.1-1.fc19
python-modestmaps-1.4.6-2.fc19
python-pyroute2-0.3.3-1.fc19
python-pysb-0.1.11-2.fc19
python-rfc6266-0.0.4-4.fc19
python-sievelib-0.8-2.fc19
python-tornado-2.2.1-7.fc19
python3-3.3.2-11.fc19
pyxdg-0.25-5.fc19
qt5-qttools-5.3.2-4.fc19
ugene-1.15.0-1.fc19
winpdb-1.4.8-8.fc19
x2goclient-4.0.3.1-1.fc19
xbacklight-1.2.1-1.fc19
Details about builds:
================================================================================
2048-cli-0.8-2.fc19 (FEDORA-2014-16455)
The game 2048 for your Linux terminal
--------------------------------------------------------------------------------
Update Information:
initial rpm-release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1170231 - Review Request: 2048-cli - The game 2048 for your Linux terminal
https://bugzilla.redhat.com/show_bug.cgi?id=1170231
--------------------------------------------------------------------------------
================================================================================
ansible-lint-2.0.1-1.fc19 (FEDORA-2014-16464)
Best practices checker for Ansible
--------------------------------------------------------------------------------
Update Information:
Update to 2.0.1
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 5 2014 Parag Nemade <pnemade AT redhat DOT com> - 2.0.1-1
- Update to 2.0.1
--------------------------------------------------------------------------------
================================================================================
batctl-2014.3.0-1.fc19 (FEDORA-2014-16480)
B.A.T.M.A.N. advanced control and management tool
--------------------------------------------------------------------------------
Update Information:
Update to 2014.3.0
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 6 2014 Felix Kaechele <heffer at fedoraproject.org> - 2014.3.0-1
- update to 2014.3.0
- added libnl3 BuildRequires
- clean spec
* Fri Aug 15 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2012.2.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2012.2.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2012.2.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
gauche-0.9.4-1.fc19 (FEDORA-2014-16468)
Scheme script interpreter with multibyte character handling
--------------------------------------------------------------------------------
Update Information:
Major feature upgrades:
- R7RS support
- Improved REPL
- New and enhanced modules
see http://practical-scheme.net/gauche/gmemo/?Release%200.9.4 for details
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 3 2014 Michel Alexandre Salim <salimma at fedoraproject.org> - 0.9.4-1
- Update to 0.9.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1124051 - gauche-0.9.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1124051
--------------------------------------------------------------------------------
================================================================================
gauche-gl-0.6-1.fc19 (FEDORA-2014-16468)
OpenGL binding for Gauche
--------------------------------------------------------------------------------
Update Information:
Major feature upgrades:
- R7RS support
- Improved REPL
- New and enhanced modules
see http://practical-scheme.net/gauche/gmemo/?Release%200.9.4 for details
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 4 2014 Michel Alexandre Salim <salimma at fedoraproject.org> - 0.6-1
- Update to 0.6
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1124051 - gauche-0.9.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1124051
--------------------------------------------------------------------------------
================================================================================
gauche-gtk-0.6-0.12.20121223gitceb4579.fc19 (FEDORA-2014-16468)
Gauche extension module to use GTK
--------------------------------------------------------------------------------
Update Information:
Major feature upgrades:
- R7RS support
- Improved REPL
- New and enhanced modules
see http://practical-scheme.net/gauche/gmemo/?Release%200.9.4 for details
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 4 2014 Michel Alexandre Salim <salimma at fedoraproject.org> - 1:0.6-0.12.20121223gitceb4579
- Rebuild for Gauche 0.9.4 and Gauche-gl 0.6
- Update to latest snapshot
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1124051 - gauche-0.9.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1124051
--------------------------------------------------------------------------------
================================================================================
glances-2.1.2-2.fc19 (FEDORA-2014-16453)
CLI curses based monitoring tool
--------------------------------------------------------------------------------
Update Information:
upgrade to 2.1.2
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 20 2014 Edouard Bourguignon <madko at linuxed.net> - 2.1.2-2
- Remove old python-setuptools-devel, now using python-setuptools instead
* Mon Oct 20 2014 Edouard Bourguignon <madko at linuxed.net> - 2.1.2-1
- Updat to 2.1.2
* Thu Aug 7 2014 Edouard Bourguignon <madko at linuxed.net> - 2.0-1
- Update to 2.0.0
* Thu Jun 12 2014 Edouard Bourguignon <madko at linuxed.net> - 1.7.7-1
- Update to 1.7.7
--------------------------------------------------------------------------------
================================================================================
gphotoframe-2.0.1-2.hg0eed26d75481.fc19 (FEDORA-2014-16488)
Photo Frame Gadget for the GNOME Desktop
--------------------------------------------------------------------------------
Update Information:
New version 2.0.1 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 5 2014 Mamoru TASAKA <mtasaka at fedoraproject.org> - 2.0.1-2.hg0eed26d75481
- Add appdata
* Tue Dec 2 2014 Mamoru TASAKA <mtasaka at fedoraproject.org> - 2.0.1-1.hg82fdb3350fbd
- 2.0.1
* Wed Nov 26 2014 Mamoru TASAKA <mtasaka at fedoraproject.org> - 2.0.1-0.1.b1.hga78a9b1d0cee
- 2.0.1-b1
--------------------------------------------------------------------------------
================================================================================
grub2-2.00-27.fc19 (FEDORA-2014-16452)
Bootloader with support for Linux, Multiboot and more
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2014-4607
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 5 2014 Peter Jones <pjones at redhat.com> - 2.00-27
- Update minilzo to 2.08 for CVE-2014-4607
Resolves: rhbz#1131793
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1112418 - CVE-2014-4607 lzo: lzo1x_decompress_safe() integer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=1112418
--------------------------------------------------------------------------------
================================================================================
icecast-2.4.1-1.fc19 (FEDORA-2014-16483)
ShoutCast compatible streaming media server
--------------------------------------------------------------------------------
Update Information:
**fix CVE-2014-9091 (#1168146, #1168147, #1168148, #1168149)**
**fix CVE-2014-9018 (#1165880, #1165882, #1165883, #1165885)**
**enabled fully hardened build (#954320)**
* update new to release v2.4.1 (#1101950)
* added doc-subpkg
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 4 2014 Björn Esser <bjoern.esser at gmail.com> - 2.4.1-1
- update new to release v2.4.1 (#1101950)
- fix CVE-2014-9091 (#1168146, #1168147, #1168148, #1168149)
- fix CVE-2014-9018 (#1165880, #1165882, #1165883, #1165885)
- unified spec-file for el5+ and Fedora
- some improvements to readability
- added doc-subpkg
* Thu Dec 4 2014 Björn Esser <bjoern.esser at gmail.com> - 2.3.3-6
- enabled fully hardened build (#954320)
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.3.3-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.3.3-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.3.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1168146 - CVE-2014-9091 icecast: supplementary groups are not overriden
https://bugzilla.redhat.com/show_bug.cgi?id=1168146
[ 2 ] Bug #1165880 - CVE-2014-9018 icecast: possible leak of on-connect scripts
https://bugzilla.redhat.com/show_bug.cgi?id=1165880
--------------------------------------------------------------------------------
================================================================================
iotop-0.6-2.fc19 (FEDORA-2014-16471)
Top like utility for I/O
--------------------------------------------------------------------------------
Update Information:
- ignore curses failures during termination
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 4 2014 Michal Hlavinka <mhlavink at redhat.com> - 0.6-2
- ignore curses failures during termination (#1035503)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1035503 - [abrt] iotop-0.6-1.fc19: wrapper.py:49:wrapper:error: nocbreak() returned ERR
https://bugzilla.redhat.com/show_bug.cgi?id=1035503
--------------------------------------------------------------------------------
================================================================================
jasper-1.900.1-25.fc19 (FEDORA-2014-16465)
Implementation of the JPEG-2000 standard, Part 1
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2014-9029 vulnerability.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 4 2014 Jiri Popelka <jpopelka at redhat.com> - 1.900.1-25
- CVE-2014-9029 - incorrect component number check in COC, RGN and QCC
marker segment decoders (#1170650)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1167537 - CVE-2014-9029 jasper: incorrect component number check in COC, RGN and QCC marker segment decoders (oCERT-2014-009)
https://bugzilla.redhat.com/show_bug.cgi?id=1167537
--------------------------------------------------------------------------------
================================================================================
libstoragemgmt-1.1.0-1.fc19 (FEDORA-2014-16462)
Storage array management library
--------------------------------------------------------------------------------
Update Information:
New upstream release.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 4 2014 Tony Asleson <tasleson at redhat.com> 1.1.0-1
- New upstream release
- Fix udev files directory
- Move command line files to python package
* Wed Oct 8 2014 Tony Asleson <tasleson at redhat.com> - 1.0.0-3
- Specify udev files to /usr/lib dir instead of /lib
- Move command line python files to python package
--------------------------------------------------------------------------------
================================================================================
lnst-6-1.fc19 (FEDORA-2014-16456)
Common code for lnst-ctl and lnst-slave
--------------------------------------------------------------------------------
Update Information:
update to version 6
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 5 2014 Jiri Pirko <jpirko at redhat.com> - 6-1
- Updating to stable release 6
--------------------------------------------------------------------------------
================================================================================
nodejs-csscomb-core-2.0.4-1.fc19 (FEDORA-2014-16458)
Framework for writing postprocessors
--------------------------------------------------------------------------------
Update Information:
Initial packaging
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1131978 - Review Request: nodejs-csscomb-core - Framework for writing postprocessors
https://bugzilla.redhat.com/show_bug.cgi?id=1131978
--------------------------------------------------------------------------------
================================================================================
pam-1.1.6-13.fc19 (FEDORA-2014-16485)
An extensible library which provides authentication for applications
--------------------------------------------------------------------------------
Update Information:
Update fixing minor security issues and bugs.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 4 2014 Tomáš Mráz <tmraz at redhat.com> 1.1.6-13
- fix CVE-2014-2583: potential path traversal issue in pam_timestamp
- fix CVE-2013-7041: use case sensitive comparison in pam_userdb
- be tolerant to corrupted opasswd file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1080243 - CVE-2014-2583 pam: path traversal issue in pam_timestamp's format_timestamp_name()
https://bugzilla.redhat.com/show_bug.cgi?id=1080243
[ 2 ] Bug #1038555 - CVE-2013-7041 pam: pam_userdb case insensitive password hash comparison
https://bugzilla.redhat.com/show_bug.cgi?id=1038555
--------------------------------------------------------------------------------
================================================================================
perl-Directory-Scratch-0.15-1.fc19 (FEDORA-2014-16484)
Self-cleaning scratch space for tests
--------------------------------------------------------------------------------
Update Information:
This release fixes internal tests and corrects documentation.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 5 2014 Petr Pisar <ppisar at redhat.com> - 0.15-1
- 0.15 bump
--------------------------------------------------------------------------------
================================================================================
perl-autobox-2.82-1.fc19 (FEDORA-2014-16467)
Call methods on native types
--------------------------------------------------------------------------------
Update Information:
This release fixes various crashes. This release exports autobox::universal at RPM level again. This release adds support for importing via hash reference.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 5 2014 Petr Pisar <ppisar at redhat.com> - 2.82-1
- 2.82 bump
--------------------------------------------------------------------------------
================================================================================
phpMyAdmin-4.2.13.1-1.fc19 (FEDORA-2014-16474)
Handle the administration of MySQL over the World Wide Web
--------------------------------------------------------------------------------
Update Information:
phpMyAdmin 4.2.13.1 (2014-12-03)
================================
- [security] XSS vulnerability in redirection mechanism
- [security] DOS attack with long passwords
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 4 2014 Robert Scheck <robert at fedoraproject.org> 4.2.13.1-1
- Upgrade to 4.2.13.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1170597 - CVE-2014-9218 phpMyAdmin: Denial of Service with long passwords
https://bugzilla.redhat.com/show_bug.cgi?id=1170597
[ 2 ] Bug #1170604 - CVE-2014-9219 phpMyAdmin: XSS vulnerability in redirection mechanism
https://bugzilla.redhat.com/show_bug.cgi?id=1170604
--------------------------------------------------------------------------------
================================================================================
pngquant-2.3.1-1.fc19 (FEDORA-2014-16489)
PNG quantization tool for reducing image file size
--------------------------------------------------------------------------------
Update Information:
New bug fixing release
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 17 2014 Sérgio Basto <sergio at serjux.com> - 2.3.1-1
- New bug fixing release
* Sat Sep 27 2014 Sérgio Basto <sergio at serjux.com> - 2.3.0-2
- Disable SSE on i386, to workaround building on i386 ,
https://github.com/pornel/pngquant/issues/122
* Sat Sep 27 2014 Sérgio Basto <sergio at serjux.com> - 2.3.0-1
- New upstream version 2.3.0
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.0.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.0.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1022907 - pngquant-2.3.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1022907
[ 2 ] Bug #1153989 - pngquant-2.3.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1153989
--------------------------------------------------------------------------------
================================================================================
pwgen-2.07-1.fc19 (FEDORA-2014-16473)
Automatic password generation
--------------------------------------------------------------------------------
Update Information:
Update to 2.07 (bug 1159526) fixes:
- CVE-2013-4440 (bug 1020222, 1020223)
- CVE-2013-4442 (bug 1020259, 1020261)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 5 2014 Orion Poplawski <orion at cora.nwra.com> - 2.07-1
- Update to 2.07 (bug 1159526) fixes:
CVE-2013-4440 (bug 1020222, 1020223)
CVE-2013-4442 (bug 1020259, 1020261)
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.06-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.06-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.06-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1020220 - CVE-2013-4440 pwgen: non-tty passwords are trivially weak by default
https://bugzilla.redhat.com/show_bug.cgi?id=1020220
[ 2 ] Bug #1020258 - CVE-2013-4442 pwgen: silent fallback to insecure entropy
https://bugzilla.redhat.com/show_bug.cgi?id=1020258
--------------------------------------------------------------------------------
================================================================================
python-application-1.4.1-1.fc19 (FEDORA-2014-16469)
Basic building blocks for python applications
--------------------------------------------------------------------------------
Update Information:
Fixed cleaning up weak references in weakobjectmap during shutdown
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 3 2014 Michel Alexandre Salim <salimma at fedoraproject.org> - 1.4.1-1
- Update to 1.4.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1120161 - python-application-1.4.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1120161
--------------------------------------------------------------------------------
================================================================================
python-modestmaps-1.4.6-2.fc19 (FEDORA-2014-16490)
Modest Maps python port
--------------------------------------------------------------------------------
Update Information:
Initial package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1147351 - Review Request: python-modestmaps - Modest Maps python port
https://bugzilla.redhat.com/show_bug.cgi?id=1147351
--------------------------------------------------------------------------------
================================================================================
python-pyroute2-0.3.3-1.fc19 (FEDORA-2014-16486)
Pure Python netlink library
--------------------------------------------------------------------------------
Update Information:
Fix-ups, 0.3.3
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 5 2014 Peter V. Saveliev <peter at svinota.eu> 0.3.3-1
- Fix-ups, 0.3.3
- Bugfixes for Python 2.6
--------------------------------------------------------------------------------
================================================================================
python-pysb-0.1.11-2.fc19 (FEDORA-2014-16460)
Rule-based modeling of biochemical systems as Python programs
--------------------------------------------------------------------------------
Update Information:
New package.
--------------------------------------------------------------------------------
================================================================================
python-rfc6266-0.0.4-4.fc19 (FEDORA-2014-16491)
Parse and generate Content-Disposition headers
--------------------------------------------------------------------------------
Update Information:
Parse and generate Content-Disposition headers
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1170072 - Review Request: python-rfc6266 - Parse and generate Content-Disposition headers
https://bugzilla.redhat.com/show_bug.cgi?id=1170072
--------------------------------------------------------------------------------
================================================================================
python-sievelib-0.8-2.fc19 (FEDORA-2014-16472)
Client-side SIEVE library
--------------------------------------------------------------------------------
Update Information:
Client-side SIEVE library
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1169895 - Review Request: python-sievelib - Client-side SIEVE library
https://bugzilla.redhat.com/show_bug.cgi?id=1169895
--------------------------------------------------------------------------------
================================================================================
python-tornado-2.2.1-7.fc19 (FEDORA-2014-16477)
Scalable, non-blocking web server and tools
--------------------------------------------------------------------------------
Update Information:
- Add patch to fix CVE-2013-2098 CVE-2013-2099 (bug #96627)
- Drop requires python-simplejson, not needed for modern python
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 5 2014 Orion Poplawski <orion at cora.nwra.com> - 2.2.1-7
- Add patch to fix CVE-2013-2098 CVE-2013-2099 (bug #96627)
- Drop requires python-simplejson, not needed for modern python
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.2.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Fri Jun 14 2013 Thomas Spura <tomspur at fedoraproject.org> - 2.2.1-5
- remove rhel conditional for with_python3:
https://fedorahosted.org/fpc/ticket/200
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #963260 - CVE-2013-2099 python: ssl.match_hostname() DoS via certificates with specially crafted hostname wildcard patterns
https://bugzilla.redhat.com/show_bug.cgi?id=963260
--------------------------------------------------------------------------------
================================================================================
python3-3.3.2-11.fc19 (FEDORA-2014-16479)
Version 3 of the Python programming language aka Python 3000
--------------------------------------------------------------------------------
Update Information:
Fixes CVEs 2013-7338 and 2014-2667.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 4 2014 Slavek Kabrda <bkabrda at redhat.com> - 3.3.2-19
- Fix CVE-2013-7338 and CVE-2014-2667.
Resolves: rhbz#1078015
Resolves: rhbz#1083594
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1078014 - CVE-2013-7338 python: malformed ZIP files could cause 100% CPU usage
https://bugzilla.redhat.com/show_bug.cgi?id=1078014
[ 2 ] Bug #1082177 - CVE-2014-2667 python: os.makedirs(exist_ok=True) is not thread-safe in Python 3.x
https://bugzilla.redhat.com/show_bug.cgi?id=1082177
--------------------------------------------------------------------------------
================================================================================
pyxdg-0.25-5.fc19 (FEDORA-2014-16466)
Python library to access freedesktop.org standards
--------------------------------------------------------------------------------
Update Information:
Fix CVE-2014-1624 pyxdg: TOCTOU race condition in get_runtime_dir() when strict=False
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 4 2014 Tom Callaway <spot at fedoraproject.org> - 0.25-5
- fix CVE-2014-1624
* Sun Jun 8 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.25-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Tue May 27 2014 Kalev Lember <kalevlember at gmail.com> - 0.25-3
- Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.25-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1056338 - CVE-2014-1624 pyxdg: TOCTOU race condition in get_runtime_dir() when strict=False
https://bugzilla.redhat.com/show_bug.cgi?id=1056338
--------------------------------------------------------------------------------
================================================================================
qt5-qttools-5.3.2-4.fc19 (FEDORA-2014-16454)
Qt5 - QtTool components
--------------------------------------------------------------------------------
Update Information:
This update disables system clucene09 support, because the clucene09 in Fedora 19 is not built with reference counting support and we do not want to change the clucene09 ABI that late in the Fedora 19 release cycle. The Qt 5 Assistant does not work properly without a reference-counted clucene09. (Fulltext search does not work at all, and there can even be crashes.)
Therefore, this update makes the Qt 5 Assistant use the bundled clucene09 on Fedora 19, like the Qt 4 Assistant.
(For Fedora 20 and higher, we are pushing an update that enables reference counting in the system clucene09 and makes both Qt 4 and Qt 5 use the system clucene09, but we decided that the risk was too high and the ABI change too invasive for Fedora 19.)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 4 2014 Kevin Kofler <Kevin at tigcc.ticalc.org> 5.3.2-4
- system-clucene patch fixes: some required QDir::mkpath in QtCLucene, cleanups
- F20+/EL7+: BR reference-counting-enabled clucene09 (#1128293)
- disable system-clucene where refcounted clucene09 not available (#1128293)
* Wed Dec 3 2014 Rex Dieter <rdieter at fedoraproject.org> 5.3.2-3
- rebuild (clucene09)
* Fri Oct 17 2014 Rex Dieter <rdieter at fedoraproject.org> 5.3.2-2
- -devel: Requires: qt5-designer-plugin-webkit
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1128293 - System clucene09 should be built with LUCENE_ENABLE_REFCOUNT (crash in clucene when QtCreator indexes the help)
https://bugzilla.redhat.com/show_bug.cgi?id=1128293
--------------------------------------------------------------------------------
================================================================================
ugene-1.15.0-1.fc19 (FEDORA-2014-16487)
Integrated bioinformatics toolkit
--------------------------------------------------------------------------------
Update Information:
Important changes in this major release 1.15.0 include:
1. Quick search in a sequence without creation of annotations
2. PCR in silico
3. NGS:
a) Spades de novo assembler
b) Export of a short reads assembly coverage
c) Raw NGS filtering workflow samples
4. Circular View and circular sequences:
a) Support of all algorithms for circular sequences: ORF, restriction sites, BLAST, etc.
b) Circular View visualisation settings
5. Shared database:
a) Support of shared databases in the UGENE Workflow Designer
6. Usability improvements:
a) Welcome page
b) Remembering of Options Panel setting within one
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 3 2014 Yulia Algaer <yalgaer at unipro.ru> 1.15.0-1
- Upstream version change
--------------------------------------------------------------------------------
================================================================================
winpdb-1.4.8-8.fc19 (FEDORA-2014-16475)
An advanced python debugger
--------------------------------------------------------------------------------
Update Information:
Fix winpdb debugger to run properly from gnome-terminal.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 4 2014 Tom Callaway <spot at fedoraproject.org> - 1.4.8-8
- fix issue where winpdb doesn't launch in gnome-terminal properly anymore (bz1149030)
* Sun Jun 8 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.4.8-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.4.8-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1149030 - any attempt to debug any program results in *** Failed to find script."
https://bugzilla.redhat.com/show_bug.cgi?id=1149030
--------------------------------------------------------------------------------
================================================================================
x2goclient-4.0.3.1-1.fc19 (FEDORA-2014-16482)
X2Go Client application (Qt4)
--------------------------------------------------------------------------------
Update Information:
Update to 4.0.3.1:
- Fix broken X2Go Desktop Sharing (cross-user)
- Split-up the session profile dialog's "Settings" tab into two tabs (fixes size issues with session profile dialog on small screens).
- Make sound options configurable though session broker.
- Danish translation update (THANKS to Mark from fleten.net).
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 1 2014 Orion Poplawski <orion at cora.nwra.com> - 4.0.3.1-1
- Update to 4.0.3.1
--------------------------------------------------------------------------------
================================================================================
xbacklight-1.2.1-1.fc19 (FEDORA-2014-16461)
Adjust backlight brightness using RandR
--------------------------------------------------------------------------------
Update Information:
- fix reading backlight level on 64-bit systems
- fix invalid read found using valgrind
- manpage fix - replace hyphens with minus signs
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 6 2014 Michel Alexandre Salim <salimma at fedoraproject.org> - 1.2.1-1
- Update to 1.2.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1016910 - xbacklight-1.2.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1016910
--------------------------------------------------------------------------------
More information about the test
mailing list