The following Fedora 18 Security updates need testing:
Age URL
3
https://admin.fedoraproject.org/updates/FEDORA-2012-18494/weechat-0.3.8-4...
1
https://admin.fedoraproject.org/updates/FEDORA-2012-18740/kernel-3.6.7-5....
44
https://admin.fedoraproject.org/updates/FEDORA-2012-15716/libxslt-1.1.27-...
0
https://admin.fedoraproject.org/updates/FEDORA-2012-18802/android-tools-2...
0
https://admin.fedoraproject.org/updates/FEDORA-2012-18869/squashfs-tools-...
14
https://admin.fedoraproject.org/updates/FEDORA-2012-17513/system-config-u...
0
https://admin.fedoraproject.org/updates/FEDORA-2012-18593/claws-mail-plug...
3
https://admin.fedoraproject.org/updates/FEDORA-2012-18579/gnome-system-lo...
2
https://admin.fedoraproject.org/updates/FEDORA-2012-18610/libssh-0.5.3-1....
3
https://admin.fedoraproject.org/updates/FEDORA-2012-18598/moodle-2.3.3-1....
13
https://admin.fedoraproject.org/updates/FEDORA-2012-17907/cups-pk-helper-...
41
https://admin.fedoraproject.org/updates/FEDORA-2012-15996/cobbler-2.4.0-b...
41
https://admin.fedoraproject.org/updates/FEDORA-2012-15987/thunderbird-16....
8
https://admin.fedoraproject.org/updates/FEDORA-2012-18264/bugzilla-4.2.4-...
9
https://admin.fedoraproject.org/updates/FEDORA-2012-17798/kde-settings-4....
14
https://admin.fedoraproject.org/updates/FEDORA-2012-17797/system-config-d...
14
https://admin.fedoraproject.org/updates/FEDORA-2012-17834/cumin-0.1.5522-...
6
https://admin.fedoraproject.org/updates/FEDORA-2012-18379/ipmitool-1.8.12...
The following Fedora 18 Critical Path updates have yet to be approved:
Age URL
0
https://admin.fedoraproject.org/updates/FEDORA-2012-18868/gnupg2-2.0.19-6...
0
https://admin.fedoraproject.org/updates/FEDORA-2012-18869/squashfs-tools-...
0
https://admin.fedoraproject.org/updates/FEDORA-2012-18876/librelp-1.0.1-1...
0
https://admin.fedoraproject.org/updates/FEDORA-2012-18795/lvm2-2.02.98-3....
0
https://admin.fedoraproject.org/updates/FEDORA-2012-18808/cronie-1.4.9-1....
0
https://admin.fedoraproject.org/updates/FEDORA-2012-18794/evolution-data-...
1
https://admin.fedoraproject.org/updates/FEDORA-2012-18744/bluez-4.101-5.fc18
1
https://admin.fedoraproject.org/updates/FEDORA-2012-18699/gstreamer1-plug...
1
https://admin.fedoraproject.org/updates/FEDORA-2012-18715/bluez-4.101-4.fc18
1
https://admin.fedoraproject.org/updates/FEDORA-2012-18729/harfbuzz-0.9.7-...
1
https://admin.fedoraproject.org/updates/FEDORA-2012-18703/caribou-0.4.4.2...
3
https://admin.fedoraproject.org/updates/FEDORA-2012-18594/ibus-1.4.99.201...
3
https://admin.fedoraproject.org/updates/FEDORA-2012-18495/iputils-2012111...
3
https://admin.fedoraproject.org/updates/FEDORA-2012-18499/emacs-24.2-5.fc18
3
https://admin.fedoraproject.org/updates/FEDORA-2012-18497/sgpio-1.2.0.10-...
4
https://admin.fedoraproject.org/updates/FEDORA-2012-18429/gdisk-0.8.5-1.fc18
6
https://admin.fedoraproject.org/updates/FEDORA-2012-18341/xorg-x11-drv-at...
6
https://admin.fedoraproject.org/updates/FEDORA-2012-18374/media-player-in...
6
https://admin.fedoraproject.org/updates/FEDORA-2012-18365/kde-workspace-4...
8
https://admin.fedoraproject.org/updates/FEDORA-2012-18263/xkeyboard-confi...
9
https://admin.fedoraproject.org/updates/FEDORA-2012-18148/openbox-3.5.0-9...
9
https://admin.fedoraproject.org/updates/FEDORA-2012-18095/poppler-0.20.2-...
9
https://admin.fedoraproject.org/updates/FEDORA-2012-18101/texinfo-4.13a-1...
9
https://admin.fedoraproject.org/updates/FEDORA-2012-18112/ppp-2.4.5-25.fc18
12
https://admin.fedoraproject.org/updates/FEDORA-2012-17954/libtasn1-2.14-1...
10
https://admin.fedoraproject.org/updates/FEDORA-2012-17931/python-slip-0.2...
13
https://admin.fedoraproject.org/updates/FEDORA-2012-17907/cups-pk-helper-...
13
https://admin.fedoraproject.org/updates/FEDORA-2012-17892/iso-codes-3.40-...
13
https://admin.fedoraproject.org/updates/FEDORA-2012-17903/xorg-x11-drv-no...
9
https://admin.fedoraproject.org/updates/FEDORA-2012-17798/kde-settings-4....
10
https://admin.fedoraproject.org/updates/FEDORA-2012-17832/empathy-3.6.1-4...
The following builds have been pushed to Fedora 18 updates-testing
ant-1.8.4-4.fc18
bsf-2.4.0-15.fc18
dragonegg-3.1-10.fc18
gnupg2-2.0.19-6.fc18
kdevelop-4.4.1-2.fc18
kdevelop-php-1.4.1-1.fc18
kdevplatform-1.4.1-1.fc18
librelp-1.0.1-1.fc18
libteam-0.1-22.20121122git18b6701.fc18
maven-common-artifact-filters-1.4-3.fc18
mtn-browse-1.00-3.fc18
nkf-2.1.2-6.fc18
pynac-0.2.5-1.fc18
rsyslog-7.2.2-1.fc18
rubygem-openstack-quantum-client-0.1.5-3.fc18
squashfs-tools-4.2-4.fc18
texstudio-2.5.1-1.fc18
Details about builds:
================================================================================
ant-1.8.4-4.fc18 (FEDORA-2012-18870)
Build tool for java
--------------------------------------------------------------------------------
Update Information:
Including LICENSE and NOTICE in the javadoc subpackage
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 22 2012 Jaromir Capik <jcapik(a)redhat.com> 0:1.8.4-4
- Including LICENSE and NOTICE in the javadoc subpackage
* Thu Nov 22 2012 Jaromir Capik <jcapik(a)redhat.com> 0:1.8.4-3
- Fixing the license tag
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #878382 - ant: javadoc subpackage doesn't include license files
https://bugzilla.redhat.com/show_bug.cgi?id=878382
--------------------------------------------------------------------------------
================================================================================
bsf-2.4.0-15.fc18 (FEDORA-2012-18875)
Bean Scripting Framework
--------------------------------------------------------------------------------
Update Information:
Fixed Source0 URL
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 22 2012 Tomas Radej <tradej(a)redhat.com> - 0:2.4.0-15
- Fixed URL of Source0
* Tue Nov 20 2012 Mikolaj Izdebski <mizdebsk(a)redhat.com> - 0:2.4.0-14
- Remove unneeded BR: jython
--------------------------------------------------------------------------------
================================================================================
dragonegg-3.1-10.fc18 (FEDORA-2012-18877)
GCC plugin to use LLVM optimizers and code generators
--------------------------------------------------------------------------------
Update Information:
Fixed GCC dependency.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 22 2012 Eric Smith <eric(a)brouhaha.com> - 3.1-10
- Fixed GCC dependency.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #878824 - dragonegg does not install on F18 branched
https://bugzilla.redhat.com/show_bug.cgi?id=878824
--------------------------------------------------------------------------------
================================================================================
gnupg2-2.0.19-6.fc18 (FEDORA-2012-18868)
Utility for secure communication and data storage
--------------------------------------------------------------------------------
Update Information:
Fixes choice of default symmetric encryption algorithm in the FIPS mode.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 22 2012 Tomas Mraz <tmraz(a)redhat.com> - 2.0.19-6
- use AES as default crypto algorithm in FIPS mode (#879047)
* Fri Nov 16 2012 Jamie Nguyen <jamielinux(a)fedoraproject.org> - 2.0.19-5
- rebuild for <f18 (#877106)
--------------------------------------------------------------------------------
================================================================================
kdevelop-4.4.1-2.fc18 (FEDORA-2012-17633)
Integrated Development Environment for C++/C
--------------------------------------------------------------------------------
Update Information:
KDevelop 4.4.1 release.
See
http://milianw.de/blog/kdevelop-441-released
KDevelop 4.4.0 release.
See
http://kdevelop.org/44/kdevelop-440-welcomes-you
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 22 2012 Jan Grulich <jgrulich(a)redhat.com> 9:4.4.1-2
- Don't execute cmake every time when you use ninja
* Mon Nov 5 2012 Jan Grulich <jgrulich(a)redhat.com> 9:4.4.1-1
- Update to 4.4.1
- Remove unnecessary fix for splash
* Wed Oct 24 2012 Jan Grulich <jgrulich(a)redhat.com> 9:4.4.0-2
- Fixed version in splash
* Tue Oct 23 2012 Jan Grulich <jgrulich(a)redhat.com> 9:4.4.0-1
- Update to 4.4.0
- Rebase no-rpath patch
* Fri Sep 7 2012 Radek Novacek <rnovacek(a)redhat.com> 9:4.3.90-1
- Update to 4.3.90 (RC 1)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #872987 - kdevelop-4.4.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=872987
[ 2 ] Bug #866870 - kdevelop-4.4.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=866870
[ 3 ] Bug #878563 - (Regression) kdevelop runs cmake before every build
https://bugzilla.redhat.com/show_bug.cgi?id=878563
--------------------------------------------------------------------------------
================================================================================
kdevelop-php-1.4.1-1.fc18 (FEDORA-2012-17633)
Php language and documentation plugins for KDevelop
--------------------------------------------------------------------------------
Update Information:
KDevelop 4.4.1 release.
See
http://milianw.de/blog/kdevelop-441-released
KDevelop 4.4.0 release.
See
http://kdevelop.org/44/kdevelop-440-welcomes-you
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 5 2012 Jan Grulich <jgrulich(a)redhat.com> 1.4.1-1
- Update to 1.4.1
* Wed Oct 24 2012 Radek Novacek <rnovacek(a)redhat.com> 1.4.0-1
- Update to 1.4.0
* Fri Sep 7 2012 Radek Novacek <rnovacek(a)redhat.com> 1.3.90-1
- Update to 1.3.90 (RC 1)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #872987 - kdevelop-4.4.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=872987
[ 2 ] Bug #866870 - kdevelop-4.4.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=866870
[ 3 ] Bug #878563 - (Regression) kdevelop runs cmake before every build
https://bugzilla.redhat.com/show_bug.cgi?id=878563
--------------------------------------------------------------------------------
================================================================================
kdevplatform-1.4.1-1.fc18 (FEDORA-2012-17633)
Libraries for use by KDE development tools
--------------------------------------------------------------------------------
Update Information:
KDevelop 4.4.1 release.
See
http://milianw.de/blog/kdevelop-441-released
KDevelop 4.4.0 release.
See
http://kdevelop.org/44/kdevelop-440-welcomes-you
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 5 2012 Jan Grulich <jgrulich(a)redhat.com> 1.4.1-1
- Update to 1.4.1
* Tue Oct 23 2012 Jan Grulich <jgrulich(a)redhat.com> 1.4.0-1
- Update to 1.4.0
* Fri Sep 7 2012 Radek Novacek <rnovacek(a)redhat.com> 1.3.90-1
- Update to 1.3.90 (RC1)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #872987 - kdevelop-4.4.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=872987
[ 2 ] Bug #866870 - kdevelop-4.4.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=866870
[ 3 ] Bug #878563 - (Regression) kdevelop runs cmake before every build
https://bugzilla.redhat.com/show_bug.cgi?id=878563
--------------------------------------------------------------------------------
================================================================================
librelp-1.0.1-1.fc18 (FEDORA-2012-18876)
The Reliable Event Logging Protocol library
--------------------------------------------------------------------------------
Update Information:
Upgrade to rsyslog v7. There are many new features but also some differences that users
should be aware of if using custom configuration.
http://www.rsyslog.com/doc/v7compatibility.html
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 21 2012 Tomas Heinrich <theinric(a)redhat.com> - 1.0.1-1
- upgrade to upstream version 1.0.1
--------------------------------------------------------------------------------
================================================================================
libteam-0.1-22.20121122git18b6701.fc18 (FEDORA-2012-18867)
Library for controlling team network device
--------------------------------------------------------------------------------
Update Information:
rebase to 18b6701
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 22 2012 Jiri Pirko <jpirko(a)redhat.com> - 0.1-22.20121122git18b6701
- Rebase to git commit 18b6701
--------------------------------------------------------------------------------
================================================================================
maven-common-artifact-filters-1.4-3.fc18 (FEDORA-2012-18874)
Maven Common Artifact Filters
--------------------------------------------------------------------------------
Update Information:
resolves rhbz#879363 (NOTICE file is not installed with javadoc package).
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 22 2012 gil <puntogil(a)libero.it> 1.4-3
- resolves rhbz#879363 (NOTICE file is not installed with javadoc package)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #879363 - maven-common-artifact-filters: NOTICE file is not installed with
javadoc package
https://bugzilla.redhat.com/show_bug.cgi?id=879363
--------------------------------------------------------------------------------
================================================================================
mtn-browse-1.00-3.fc18 (FEDORA-2012-18881)
Application for browsing Monotone VCS databases
--------------------------------------------------------------------------------
Update Information:
Monotone browser (mtn-browse) is an application for browsing Monotone VCS databases
without the need for a workspace. The interface allows one to:
* Easily select a revision from within a branch
* Find a revision using complex queries
* Navigate the contents of a revision using a built in file manager
* Display file contents, either using the internal viewer or an external helper
application
* Compare the changes between different revisions or versions of a file either using the
internal difference viewer or an external application
* Find files within a revision based on detailed search criteria
* Display file annotations and easily refer back to the corresponding change
documentation
* Save files to disk
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #684433 - Review Request: mtn-browse - Application for browsing Monotone VCS
databases
https://bugzilla.redhat.com/show_bug.cgi?id=684433
--------------------------------------------------------------------------------
================================================================================
nkf-2.1.2-6.fc18 (FEDORA-2012-18865)
A Kanji code conversion filter
--------------------------------------------------------------------------------
Update Information:
trivial spec file clean up
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 23 2012 Akira TAGOH <tagoh(a)redhat.com> - 1:2.1.2-6
- Add %check.
* Thu Nov 22 2012 Akira TAGOH <tagoh(a)redhat.com> - 1:2.1.2-5
- the spec file cleanup.
--------------------------------------------------------------------------------
================================================================================
pynac-0.2.5-1.fc18 (FEDORA-2012-18871)
Manipulation of symbolic expressions
--------------------------------------------------------------------------------
Update Information:
pynac is not required by any package but update is required by sagemath 5.4
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 12 2012 pcpa <paulo.cesar.pereira.de.andrade(a)gmail.com> - 0.2.5-1
- Update to latest upstream release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #875797 - pynac-0.2.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=875797
--------------------------------------------------------------------------------
================================================================================
rsyslog-7.2.2-1.fc18 (FEDORA-2012-18876)
Enhanced system logging and kernel message trapping daemon
--------------------------------------------------------------------------------
Update Information:
Upgrade to rsyslog v7. There are many new features but also some differences that users
should be aware of if using custom configuration.
http://www.rsyslog.com/doc/v7compatibility.html
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 20 2012 Tomas Heinrich <theinric(a)redhat.com> 7.2.2-1
- upgrade to upstream version 7.2.2
update BuildRequires
- remove patches merged upstream
rsyslog-5.8.7-sysklogd-compat-1-template.patch
rsyslog-5.8.7-sysklogd-compat-2-option.patch
rsyslog-5.8.11-close-fd1-when-forking.patch
- add patch from Milan Bartos <mbartos(a)redhat.com>
rsyslog-7.2.1-msg_c_nonoverwrite_merge.patch
- remove the rsyslog-sysvinit package
- clean up BuildRequires, Requires
- remove the 'BuildRoot' tag
- split off a doc package
- compile additional modules (some of them in separate packages):
elasticsearch
hiredis
mmjsonparse
mmnormalize
mmaudit
mmsnmptrapd
mongodb
- correct impossible timestamps in older changelog entries
- correct typos, trailing spaces, etc
- s/RPM_BUILD_ROOT/{buildroot}/
- remove the 'clean' section
- replace post* scriptlets with systemd macros
--------------------------------------------------------------------------------
================================================================================
rubygem-openstack-quantum-client-0.1.5-3.fc18 (FEDORA-2012-18872)
The main objective of this gem is to deal easily with openstack quantum
--------------------------------------------------------------------------------
Update Information:
Rubygem for Openstack Quantum Interface
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #854386 - Review Request: rubygem-openstack-quantum-client - Ruby openstack
quantum Client
https://bugzilla.redhat.com/show_bug.cgi?id=854386
--------------------------------------------------------------------------------
================================================================================
squashfs-tools-4.2-4.fc18 (FEDORA-2012-18869)
Utility for the creation of squashfs filesystems
--------------------------------------------------------------------------------
Update Information:
Backported fix for bz 842458 (CVE-2012-4024)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 22 2012 Bruno Wolff III <bruno(a)wolff.to> - 4.2-4
- Backported fix for bz 842458 (CVE-2012-4024)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #842458 - CVE-2012-4024 squashfs-tools: remote arbitrary code execution via
crafted list file
https://bugzilla.redhat.com/show_bug.cgi?id=842458
--------------------------------------------------------------------------------
================================================================================
texstudio-2.5.1-1.fc18 (FEDORA-2012-18880)
A feature-rich editor for LaTeX documents
--------------------------------------------------------------------------------
Update Information:
- update to latest upstream
- bugfix release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 22 2012 Johannes Lips <hannes(a)fedoraproject.org> 2.5.1-1
- update to recent upstream version
--------------------------------------------------------------------------------