Fedora 19 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Tue Nov 18 12:42:13 UTC 2014
The following Fedora 19 Security updates need testing:
Age URL
388 https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glance-2013.1.4-1.fc19
200 https://admin.fedoraproject.org/updates/FEDORA-2014-5896/nrpe-2.15-2.fc19
151 https://admin.fedoraproject.org/updates/FEDORA-2014-7496/readline-6.2-8.fc19
69 https://admin.fedoraproject.org/updates/FEDORA-2014-10366/icecream-1.0.1-8.20140822git.fc19
68 https://admin.fedoraproject.org/updates/FEDORA-2014-10640/libreoffice-4.1.6.2-8.fc19
53 https://admin.fedoraproject.org/updates/FEDORA-2014-11544/drupal6-6.33-1.fc19
46 https://admin.fedoraproject.org/updates/FEDORA-2014-12057/krb5-1.11.3-29.fc19
32 https://admin.fedoraproject.org/updates/FEDORA-2014-13047/libxml2-2.9.1-2.fc19
32 https://admin.fedoraproject.org/updates/FEDORA-2014-13018/deluge-1.3.10-1.fc19
22 https://admin.fedoraproject.org/updates/FEDORA-2014-13551/wpa_supplicant-2.0-12.fc19
17 https://admin.fedoraproject.org/updates/FEDORA-2014-14066/php-sabredav-Sabre_VObject-2.1.4-1.fc19,php-sabredav-Sabre_HTTP-1.7.11-1.fc19,php-sabredav-Sabre_CalDAV-1.7.9-1.fc19,php-sabredav-Sabre_DAVACL-1.7.9-1.fc19,php-sabredav-Sabre_CardDAV-1.7.9-2.fc19,php-sabredav-Sabre_DAV-1.7.13-1.fc19,owncloud-5.0.17-2.fc19
13 https://admin.fedoraproject.org/updates/FEDORA-2014-14266/python-2.7.5-15.fc19
13 https://admin.fedoraproject.org/updates/FEDORA-2014-14237/claws-mail-plugins-3.11.1-1.fc19,claws-mail-3.11.1-2.fc19,libetpan-1.6-1.fc19
11 https://admin.fedoraproject.org/updates/FEDORA-2014-14359/curl-7.29.0-25.fc19
6 https://admin.fedoraproject.org/updates/FEDORA-2014-14738/gnutls-3.1.20-6.fc19
4 https://admin.fedoraproject.org/updates/FEDORA-2014-12407/sddm-0.10.0-2.fc19
4 https://admin.fedoraproject.org/updates/FEDORA-2014-14912/polarssl-1.2.12-1.fc19
4 https://admin.fedoraproject.org/updates/FEDORA-2014-14980/python-pillow-2.0.0-16.gitd1c6db8.fc19
3 https://admin.fedoraproject.org/updates/FEDORA-2014-15079/mantis-1.2.17-4.fc19
3 https://admin.fedoraproject.org/updates/FEDORA-2014-14874/arm-none-eabi-binutils-cs-2014.05.28-3.fc19
3 https://admin.fedoraproject.org/updates/FEDORA-2014-14838/avr-binutils-2.24-3.fc19
3 https://admin.fedoraproject.org/updates/FEDORA-2014-15124/kwebkitpart-1.3.4-5.fc19
1 https://admin.fedoraproject.org/updates/FEDORA-2014-15202/kernel-3.14.24-100.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-15248/kde-runtime-4.11.5-3.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-15307/python-django14-1.4.16-1.fc19
The following Fedora 19 Critical Path updates have yet to be approved:
Age URL
336 https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmarks-15-5.fc19
262 https://admin.fedoraproject.org/updates/FEDORA-2014-3245/testdisk-6.14-2.fc19.1,ntfs-3g-2014.2.15-1.fc19
13 https://admin.fedoraproject.org/updates/FEDORA-2014-14266/python-2.7.5-15.fc19
11 https://admin.fedoraproject.org/updates/FEDORA-2014-14359/curl-7.29.0-25.fc19
8 https://admin.fedoraproject.org/updates/FEDORA-2014-14516/pcre-8.32-11.fc19
8 https://admin.fedoraproject.org/updates/FEDORA-2014-14505/unzip-6.0-12.fc19
6 https://admin.fedoraproject.org/updates/FEDORA-2014-14738/gnutls-3.1.20-6.fc19
4 https://admin.fedoraproject.org/updates/FEDORA-2014-15022/firefox-33.1-2.fc19
4 https://admin.fedoraproject.org/updates/FEDORA-2014-15032/man-db-2.6.3-9.fc19
4 https://admin.fedoraproject.org/updates/FEDORA-2014-15027/evolution-data-server-3.8.5-7.fc19
4 https://admin.fedoraproject.org/updates/FEDORA-2014-14807/device-mapper-persistent-data-0.4.1-2.fc19
4 https://admin.fedoraproject.org/updates/FEDORA-2014-14846/pciutils-3.3.0-1.fc19
1 https://admin.fedoraproject.org/updates/FEDORA-2014-15202/kernel-3.14.24-100.fc19
The following builds have been pushed to Fedora 19 updates-testing
gfal2-2.7.8-1.fc19
kde-runtime-4.11.5-3.fc19
labiryntowy-fonts-1.53-2.fc19
perl-Crypt-Rijndael-1.12-1.fc19
perl-Finance-Quote-1.35-1.fc19
php-pecl-xdebug-2.2.6-1.fc19
python-django14-1.4.16-1.fc19
Details about builds:
================================================================================
gfal2-2.7.8-1.fc19 (FEDORA-2014-14534)
Grid file access library 2.0
--------------------------------------------------------------------------------
Update Information:
Update for gfal2 2.7.8 release
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 17 2014 Alejandro Alvarez Ayllon <aalvarez at cern.ch> - 2.7.8-1
- Upstream backported fix for protocol honoring on SRM GET and PUT
* Mon Nov 10 2014 Alejandro Alvarez Ayllon <aalvarez at cern.ch> - 2.7.7-1
- Upgraded to upstream release 2.7.7
* Fri Nov 7 2014 Alejandro Alvarez Ayllon <aalvarez at cern.ch> - 2.7.6-1
- New upstream release
* Mon Sep 8 2014 Alejandro Alvarez Ayllon <aalvarez at cern.ch> - 2.6.8-6
- Patch to use lseek64 instead of lseek in the http plugin
* Thu Sep 4 2014 Orion Poplawski <orion at cora.nwra.com> - 2.6.8-5
- Rebuild for pugixml 1.4
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.6.8-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
kde-runtime-4.11.5-3.fc19 (FEDORA-2014-15248)
KDE Runtime
--------------------------------------------------------------------------------
Update Information:
New security fix release, insufficient Input Validation By IO Slaves, see also https://www.kde.org/info/security/advisory-20141113-1.txt
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 17 2014 Than Ngo <than at redhat.com> - 4.11.5-3
- fix bz#1164609, CVE-2014-8600 Insufficient Input Validation By IO Slaves
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1164293 - CVE-2014-8600 kwebkitpart, kde-runtime: Insufficient Input Validation By IO Slaves and Webkit Part
https://bugzilla.redhat.com/show_bug.cgi?id=1164293
--------------------------------------------------------------------------------
================================================================================
labiryntowy-fonts-1.53-2.fc19 (FEDORA-2014-15250)
Artificial font consisting of vertical and horizontal bars
--------------------------------------------------------------------------------
Update Information:
Add font licence file, delete info.
Initial packaging.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1162148 - Review Request: labiryntowy-fonts - Conscript (artifical font) letters consist of vertical and horizontal bars. No matter their thickness.
https://bugzilla.redhat.com/show_bug.cgi?id=1162148
--------------------------------------------------------------------------------
================================================================================
perl-Crypt-Rijndael-1.12-1.fc19 (FEDORA-2014-15311)
Crypt::CBC compliant Rijndael encryption module
--------------------------------------------------------------------------------
Update Information:
Updated to 1.12
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 16 2014 Matias Kreder <mkreder at gmail.com> - 1.12-1
- Updated to 1.12
* Thu Aug 28 2014 Jitka Plesnikova <jplesnik at redhat.com> - 1.11-7
- Perl 5.20 rebuild
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.11-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.11-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.11-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Sun Jul 21 2013 Petr Pisar <ppisar at redhat.com> - 1.11-3
- Perl 5.18 rebuild
--------------------------------------------------------------------------------
================================================================================
perl-Finance-Quote-1.35-1.fc19 (FEDORA-2014-15298)
A Perl module that retrieves stock and mutual fund quotes
--------------------------------------------------------------------------------
Update Information:
This update, to the current upstream release, includes some fixes for existing data sources and a number of new data sources.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 14 2014 Paul Howarth <paul at city-fan.org> - 1.35-1
- Update to 1.35
- Clean up and modernize spec somewhat (can't build for EL < 7 as the module
requires Mozilla::CA)
* Fri Aug 29 2014 Jitka Plesnikova <jplesnik at redhat.com> - 1.20-4
- Perl 5.20 rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.20-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
php-pecl-xdebug-2.2.6-1.fc19 (FEDORA-2014-15275)
PECL package for debugging PHP scripts
--------------------------------------------------------------------------------
Update Information:
Fri, Nov 14, 2014 - xdebug 2.2.6
Fixed bugs:
* Fixed bug #1048: Can not get $GLOBAL variable by property_value on function context.
* Fixed bug #1073 and #1075: Segmentation fault with internal functions calling internal functions.
* Fixed bug #1085: Fixed the tracefile analyser as the format version had been bumbed.
* Fixed memory leaks
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 16 2014 Remi Collet <remi at fedoraproject.org> - 2.2.6-1
- Update to 2.2.6 (stable)
--------------------------------------------------------------------------------
================================================================================
python-django14-1.4.16-1.fc19 (FEDORA-2014-15307)
A high-level Python Web framework
--------------------------------------------------------------------------------
Update Information:
Update to latest stable release
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 17 2014 Matthias Runge <mrunge at redhat.com> - 1.4.16-1
- update to 1.4.16
* Mon Aug 25 2014 Matthias Runge <mrunge at redhat.com> - 1.4.14-1
- update to 1.4.14 fixing CVE-2014-0480 CVE-2014-0481 CVE-2014-0482,
CVE-2014-0483
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1129950 - CVE-2014-0480 Django: reverse() can generate URLs pointing to other hosts, leading to phishing attacks
https://bugzilla.redhat.com/show_bug.cgi?id=1129950
[ 2 ] Bug #1129952 - CVE-2014-0481 Django: file upload denial of service
https://bugzilla.redhat.com/show_bug.cgi?id=1129952
[ 3 ] Bug #1129954 - CVE-2014-0482 Django: RemoteUserMiddleware session hijacking
https://bugzilla.redhat.com/show_bug.cgi?id=1129954
[ 4 ] Bug #1129959 - CVE-2014-0483 Django: data leakage via querystring manipulation in admin
https://bugzilla.redhat.com/show_bug.cgi?id=1129959
--------------------------------------------------------------------------------
More information about the test
mailing list