Fedora 19 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Sun Dec 21 06:48:50 UTC 2014 

The following Fedora 19 Security updates need testing:
 Age  URL
 421  https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glance-2013.1.4-1.fc19
  79  https://admin.fedoraproject.org/updates/FEDORA-2014-12057/krb5-1.11.3-29.fc19
  55  https://admin.fedoraproject.org/updates/FEDORA-2014-13551/wpa_supplicant-2.0-12.fc19
  46  https://admin.fedoraproject.org/updates/FEDORA-2014-14237/claws-mail-plugins-3.11.1-1.fc19,claws-mail-3.11.1-2.fc19,libetpan-1.6-1.fc19
  39  https://admin.fedoraproject.org/updates/FEDORA-2014-14738/gnutls-3.1.20-6.fc19
  36  https://admin.fedoraproject.org/updates/FEDORA-2014-12407/sddm-0.10.0-2.fc19
  32  https://admin.fedoraproject.org/updates/FEDORA-2014-15248/kde-runtime-4.11.5-3.fc19
  31  https://admin.fedoraproject.org/updates/FEDORA-2014-15378/rubygem-actionpack-3.2.13-7.fc19
  30  https://admin.fedoraproject.org/updates/FEDORA-2014-15466/rubygem-sprockets-2.8.2-4.fc19
  25  https://admin.fedoraproject.org/updates/FEDORA-2014-15740/facter-1.6.18-8.fc19
  19  https://admin.fedoraproject.org/updates/FEDORA-2014-15999/libreoffice-4.1.6.2-10.fc19
  19  https://admin.fedoraproject.org/updates/FEDORA-2014-16045/util-linux-2.23.2-6.fc19
  14  https://admin.fedoraproject.org/updates/FEDORA-2014-16485/pam-1.1.6-13.fc19
  14  https://admin.fedoraproject.org/updates/FEDORA-2014-16479/python3-3.3.2-11.fc19
  14  https://admin.fedoraproject.org/updates/FEDORA-2014-16466/pyxdg-0.25-5.fc19
   9  https://admin.fedoraproject.org/updates/FEDORA-2014-16576/bind-9.9.3-16.P2.fc19
   9  https://admin.fedoraproject.org/updates/FEDORA-2014-16690/curl-7.29.0-27.fc19
   7  https://admin.fedoraproject.org/updates/FEDORA-2014-16896/tcpdump-4.4.0-5.fc19
   7  https://admin.fedoraproject.org/updates/FEDORA-2014-16874/asterisk-11.14.2-1.fc19
   7  https://admin.fedoraproject.org/updates/FEDORA-2014-16728/xorg-x11-server-1.14.4-5.fc19
   7  https://admin.fedoraproject.org/updates/FEDORA-2014-16865/docker-io-1.4.0-1.fc19
   4  https://admin.fedoraproject.org/updates/FEDORA-2014-17053/openjpeg-1.5.1-13.fc19
   4  https://admin.fedoraproject.org/updates/FEDORA-2014-17081/denyhosts-2.6-28.fc19.1
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-16826/nss-3.17.3-2.fc19,nss-util-3.17.3-1.fc19,nss-softokn-3.17.3-1.fc19
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-17110/mariadb-5.5.40-2.fc19
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-17210/ettercap-0.8.1-2.fc19
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-17217/seamonkey-2.31-1.fc19
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-17277/mailx-12.5-9.fc19
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-16465/jasper-1.900.1-26.fc19
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-17244/kernel-3.14.27-100.fc19
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-17264/mediawiki-1.23.8-1.fc19
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-17270/mingw-jasper-1.900.1-25.fc19
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-17276/php-5.5.20-2.fc19
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-17284/ca-certificates-2014.2.2-1.0.fc19
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-17354/libssh-0.6.4-1.fc19
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-17395/ntp-4.2.6p5-13.fc19


The following Fedora 19 Critical Path updates have yet to be approved:
 Age URL
 369  https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmarks-15-5.fc19
 295  https://admin.fedoraproject.org/updates/FEDORA-2014-3245/testdisk-6.14-2.fc19.1,ntfs-3g-2014.2.15-1.fc19
   9  https://admin.fedoraproject.org/updates/FEDORA-2014-16576/bind-9.9.3-16.P2.fc19
   9  https://admin.fedoraproject.org/updates/FEDORA-2014-16770/hicolor-icon-theme-0.14-1.fc19
   9  https://admin.fedoraproject.org/updates/FEDORA-2014-16690/curl-7.29.0-27.fc19
   7  https://admin.fedoraproject.org/updates/FEDORA-2014-16892/poppler-0.22.1-7.fc19
   7  https://admin.fedoraproject.org/updates/FEDORA-2014-16866/perl-Filter-1.51-1.fc19
   7  https://admin.fedoraproject.org/updates/FEDORA-2014-16728/xorg-x11-server-1.14.4-5.fc19
   4  https://admin.fedoraproject.org/updates/FEDORA-2014-17053/openjpeg-1.5.1-13.fc19
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-16826/nss-3.17.3-2.fc19,nss-util-3.17.3-1.fc19,nss-softokn-3.17.3-1.fc19
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-17244/kernel-3.14.27-100.fc19
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-17284/ca-certificates-2014.2.2-1.0.fc19
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-16465/jasper-1.900.1-26.fc19
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-17395/ntp-4.2.6p5-13.fc19


The following builds have been pushed to Fedora 19 updates-testing

    iperf3-3.0.10-1.fc19
    ntp-4.2.6p5-13.fc19
    root-5.34.24-1.fc19
    zabbix-2.0.14-1.fc19

Details about builds:


================================================================================
 iperf3-3.0.10-1.fc19 (FEDORA-2014-17398)
 Measurement tool for TCP/UDP bandwidth performance
--------------------------------------------------------------------------------
Update Information:

update to 3.0.10
--------------------------------------------------------------------------------
ChangeLog:

* Sat Dec 20 2014 Susant Sahani <ssahani at redhat.com> 3.0.10-1
- Update to 3.0.10
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1176274 - iperf3-3.0.10 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1176274
--------------------------------------------------------------------------------


================================================================================
 ntp-4.2.6p5-13.fc19 (FEDORA-2014-17395)
 The NTP daemon and utilities
--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2014-9294, CVE-2014-9295, CVE-2014-9293, CVE-2014-9296
--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec 19 2014 Miroslav Lichvar <mlichvar at redhat.com> 4.2.6p5-13
- don't generate weak control key for resolver (CVE-2014-9293)
- don't generate weak MD5 keys in ntp-keygen (CVE-2014-9294)
- fix buffer overflows via specially-crafted packets (CVE-2014-9295)
- don't mobilize passive association when authentication fails (CVE-2014-9296)
- buildrequire systemd-units
* Thu May  2 2013 Miroslav Lichvar <mlichvar at redhat.com> 4.2.6p5-12
- workaround failing autogen
- move files from /lib
- don't own ntp-units.d directory
- drop old systemd scriptlets
- fix dates in changelog
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1176032 - CVE-2014-9293 ntp: automatic generation of weak default key in config_auth()
        https://bugzilla.redhat.com/show_bug.cgi?id=1176032
  [ 2 ] Bug #1176035 - CVE-2014-9294 ntp: ntp-keygen uses weak random number generator and seed when generating MD5 keys
        https://bugzilla.redhat.com/show_bug.cgi?id=1176035
  [ 3 ] Bug #1176037 - CVE-2014-9295 ntp: Multiple buffer overflows via specially-crafted packets
        https://bugzilla.redhat.com/show_bug.cgi?id=1176037
  [ 4 ] Bug #1176040 - CVE-2014-9296 ntp: receive() missing return on error
        https://bugzilla.redhat.com/show_bug.cgi?id=1176040
--------------------------------------------------------------------------------


================================================================================
 root-5.34.24-1.fc19 (FEDORA-2014-17412)
 Numerical data analysis framework
--------------------------------------------------------------------------------
Update Information:

http://root.cern.ch/drupal/content/root-version-v5-34-00-patch-release-notes\r\n
--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec 19 2014 Mattias Ellert <mattias.ellert at fysast.uu.se> - 5.34.24-1
- Update to 5.34.24
- Drop patch root-bsd-misc.patch
--------------------------------------------------------------------------------


================================================================================
 zabbix-2.0.14-1.fc19 (FEDORA-2014-17400)
 Open-source monitoring solution for your IT infrastructure
--------------------------------------------------------------------------------
Update Information:

http://www.zabbix.com/rn2.0.14.php
--------------------------------------------------------------------------------
ChangeLog:

* Wed Dec 17 2014 Volker Fröhlich <volker27 at gmx.at> - 2.0.14-1
- New upstream release
--------------------------------------------------------------------------------

More information about the test mailing list