Fedora 19 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Tue Nov 18 12:42:13 UTC 2014 

The following Fedora 19 Security updates need testing:
 Age  URL
 388  https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glance-2013.1.4-1.fc19
 200  https://admin.fedoraproject.org/updates/FEDORA-2014-5896/nrpe-2.15-2.fc19
 151  https://admin.fedoraproject.org/updates/FEDORA-2014-7496/readline-6.2-8.fc19
  69  https://admin.fedoraproject.org/updates/FEDORA-2014-10366/icecream-1.0.1-8.20140822git.fc19
  68  https://admin.fedoraproject.org/updates/FEDORA-2014-10640/libreoffice-4.1.6.2-8.fc19
  53  https://admin.fedoraproject.org/updates/FEDORA-2014-11544/drupal6-6.33-1.fc19
  46  https://admin.fedoraproject.org/updates/FEDORA-2014-12057/krb5-1.11.3-29.fc19
  32  https://admin.fedoraproject.org/updates/FEDORA-2014-13047/libxml2-2.9.1-2.fc19
  32  https://admin.fedoraproject.org/updates/FEDORA-2014-13018/deluge-1.3.10-1.fc19
  22  https://admin.fedoraproject.org/updates/FEDORA-2014-13551/wpa_supplicant-2.0-12.fc19
  17  https://admin.fedoraproject.org/updates/FEDORA-2014-14066/php-sabredav-Sabre_VObject-2.1.4-1.fc19,php-sabredav-Sabre_HTTP-1.7.11-1.fc19,php-sabredav-Sabre_CalDAV-1.7.9-1.fc19,php-sabredav-Sabre_DAVACL-1.7.9-1.fc19,php-sabredav-Sabre_CardDAV-1.7.9-2.fc19,php-sabredav-Sabre_DAV-1.7.13-1.fc19,owncloud-5.0.17-2.fc19
  13  https://admin.fedoraproject.org/updates/FEDORA-2014-14266/python-2.7.5-15.fc19
  13  https://admin.fedoraproject.org/updates/FEDORA-2014-14237/claws-mail-plugins-3.11.1-1.fc19,claws-mail-3.11.1-2.fc19,libetpan-1.6-1.fc19
  11  https://admin.fedoraproject.org/updates/FEDORA-2014-14359/curl-7.29.0-25.fc19
   6  https://admin.fedoraproject.org/updates/FEDORA-2014-14738/gnutls-3.1.20-6.fc19
   4  https://admin.fedoraproject.org/updates/FEDORA-2014-12407/sddm-0.10.0-2.fc19
   4  https://admin.fedoraproject.org/updates/FEDORA-2014-14912/polarssl-1.2.12-1.fc19
   4  https://admin.fedoraproject.org/updates/FEDORA-2014-14980/python-pillow-2.0.0-16.gitd1c6db8.fc19
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-15079/mantis-1.2.17-4.fc19
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-14874/arm-none-eabi-binutils-cs-2014.05.28-3.fc19
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-14838/avr-binutils-2.24-3.fc19
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-15124/kwebkitpart-1.3.4-5.fc19
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-15202/kernel-3.14.24-100.fc19
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-15248/kde-runtime-4.11.5-3.fc19
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-15307/python-django14-1.4.16-1.fc19


The following Fedora 19 Critical Path updates have yet to be approved:
 Age URL
 336  https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmarks-15-5.fc19
 262  https://admin.fedoraproject.org/updates/FEDORA-2014-3245/testdisk-6.14-2.fc19.1,ntfs-3g-2014.2.15-1.fc19
  13  https://admin.fedoraproject.org/updates/FEDORA-2014-14266/python-2.7.5-15.fc19
  11  https://admin.fedoraproject.org/updates/FEDORA-2014-14359/curl-7.29.0-25.fc19
   8  https://admin.fedoraproject.org/updates/FEDORA-2014-14516/pcre-8.32-11.fc19
   8  https://admin.fedoraproject.org/updates/FEDORA-2014-14505/unzip-6.0-12.fc19
   6  https://admin.fedoraproject.org/updates/FEDORA-2014-14738/gnutls-3.1.20-6.fc19
   4  https://admin.fedoraproject.org/updates/FEDORA-2014-15022/firefox-33.1-2.fc19
   4  https://admin.fedoraproject.org/updates/FEDORA-2014-15032/man-db-2.6.3-9.fc19
   4  https://admin.fedoraproject.org/updates/FEDORA-2014-15027/evolution-data-server-3.8.5-7.fc19
   4  https://admin.fedoraproject.org/updates/FEDORA-2014-14807/device-mapper-persistent-data-0.4.1-2.fc19
   4  https://admin.fedoraproject.org/updates/FEDORA-2014-14846/pciutils-3.3.0-1.fc19
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-15202/kernel-3.14.24-100.fc19


The following builds have been pushed to Fedora 19 updates-testing

    gfal2-2.7.8-1.fc19
    kde-runtime-4.11.5-3.fc19
    labiryntowy-fonts-1.53-2.fc19
    perl-Crypt-Rijndael-1.12-1.fc19
    perl-Finance-Quote-1.35-1.fc19
    php-pecl-xdebug-2.2.6-1.fc19
    python-django14-1.4.16-1.fc19

Details about builds:


================================================================================
 gfal2-2.7.8-1.fc19 (FEDORA-2014-14534)
 Grid file access library 2.0
--------------------------------------------------------------------------------
Update Information:

Update for gfal2 2.7.8 release
--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 17 2014 Alejandro Alvarez Ayllon <aalvarez at cern.ch> - 2.7.8-1
- Upstream backported fix for protocol honoring on SRM GET and PUT
* Mon Nov 10 2014 Alejandro Alvarez Ayllon <aalvarez at cern.ch> - 2.7.7-1
- Upgraded to upstream release 2.7.7
* Fri Nov  7 2014 Alejandro Alvarez Ayllon <aalvarez at cern.ch> - 2.7.6-1
- New upstream release
* Mon Sep  8 2014 Alejandro Alvarez Ayllon <aalvarez at cern.ch> - 2.6.8-6
- Patch to use lseek64 instead of lseek in the http plugin
* Thu Sep  4 2014 Orion Poplawski <orion at cora.nwra.com> - 2.6.8-5
- Rebuild for pugixml 1.4
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.6.8-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 kde-runtime-4.11.5-3.fc19 (FEDORA-2014-15248)
 KDE Runtime
--------------------------------------------------------------------------------
Update Information:

New security fix release, insufficient Input Validation By IO Slaves, see also https://www.kde.org/info/security/advisory-20141113-1.txt
--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 17 2014 Than Ngo <than at redhat.com> - 4.11.5-3
- fix bz#1164609, CVE-2014-8600 Insufficient Input Validation By IO Slaves
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1164293 - CVE-2014-8600 kwebkitpart, kde-runtime: Insufficient Input Validation By IO Slaves and Webkit Part
        https://bugzilla.redhat.com/show_bug.cgi?id=1164293
--------------------------------------------------------------------------------


================================================================================
 labiryntowy-fonts-1.53-2.fc19 (FEDORA-2014-15250)
 Artificial font consisting of vertical and horizontal bars
--------------------------------------------------------------------------------
Update Information:

Add font licence file, delete info.
Initial packaging.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1162148 - Review Request: labiryntowy-fonts - Conscript (artifical font) letters consist of vertical and horizontal bars. No matter their thickness.
        https://bugzilla.redhat.com/show_bug.cgi?id=1162148
--------------------------------------------------------------------------------


================================================================================
 perl-Crypt-Rijndael-1.12-1.fc19 (FEDORA-2014-15311)
 Crypt::CBC compliant Rijndael encryption module
--------------------------------------------------------------------------------
Update Information:

Updated to 1.12
--------------------------------------------------------------------------------
ChangeLog:

* Sun Nov 16 2014 Matias Kreder <mkreder at gmail.com> - 1.12-1
- Updated to 1.12
* Thu Aug 28 2014 Jitka Plesnikova <jplesnik at redhat.com> - 1.11-7
- Perl 5.20 rebuild
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.11-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.11-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sat Aug  3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.11-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Sun Jul 21 2013 Petr Pisar <ppisar at redhat.com> - 1.11-3
- Perl 5.18 rebuild
--------------------------------------------------------------------------------


================================================================================
 perl-Finance-Quote-1.35-1.fc19 (FEDORA-2014-15298)
 A Perl module that retrieves stock and mutual fund quotes
--------------------------------------------------------------------------------
Update Information:

This update, to the current upstream release, includes some fixes for existing data sources and a number of new data sources.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Nov 14 2014 Paul Howarth <paul at city-fan.org> - 1.35-1
- Update to 1.35
- Clean up and modernize spec somewhat (can't build for EL < 7 as the module
  requires Mozilla::CA)
* Fri Aug 29 2014 Jitka Plesnikova <jplesnik at redhat.com> - 1.20-4
- Perl 5.20 rebuild
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.20-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 php-pecl-xdebug-2.2.6-1.fc19 (FEDORA-2014-15275)
 PECL package for debugging PHP scripts
--------------------------------------------------------------------------------
Update Information:

Fri, Nov 14, 2014 - xdebug 2.2.6

Fixed bugs:
* Fixed bug #1048: Can not get $GLOBAL variable by property_value on function context.
* Fixed bug #1073 and #1075: Segmentation fault with internal functions calling internal functions.
* Fixed bug #1085: Fixed the tracefile analyser as the format version had been bumbed.
* Fixed memory leaks

--------------------------------------------------------------------------------
ChangeLog:

* Sun Nov 16 2014 Remi Collet <remi at fedoraproject.org> - 2.2.6-1
- Update to 2.2.6 (stable)
--------------------------------------------------------------------------------


================================================================================
 python-django14-1.4.16-1.fc19 (FEDORA-2014-15307)
 A high-level Python Web framework
--------------------------------------------------------------------------------
Update Information:

Update to latest stable release
--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 17 2014 Matthias Runge <mrunge at redhat.com> - 1.4.16-1
- update to 1.4.16
* Mon Aug 25 2014 Matthias Runge <mrunge at redhat.com> - 1.4.14-1
- update to 1.4.14 fixing CVE-2014-0480 CVE-2014-0481 CVE-2014-0482,
  CVE-2014-0483
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1129950 - CVE-2014-0480 Django: reverse() can generate URLs pointing to other hosts, leading to phishing attacks
        https://bugzilla.redhat.com/show_bug.cgi?id=1129950
  [ 2 ] Bug #1129952 - CVE-2014-0481 Django: file upload denial of service
        https://bugzilla.redhat.com/show_bug.cgi?id=1129952
  [ 3 ] Bug #1129954 - CVE-2014-0482 Django: RemoteUserMiddleware session hijacking
        https://bugzilla.redhat.com/show_bug.cgi?id=1129954
  [ 4 ] Bug #1129959 - CVE-2014-0483 Django: data leakage via querystring manipulation in admin
        https://bugzilla.redhat.com/show_bug.cgi?id=1129959
--------------------------------------------------------------------------------

More information about the test mailing list