The following Fedora 18 Security updates need testing:
Age URL
213
https://admin.fedoraproject.org/updates/FEDORA-2013-0416/fedora-business-...
127
https://admin.fedoraproject.org/updates/FEDORA-2013-4823/microcode_ctl-2....
112
https://admin.fedoraproject.org/updates/FEDORA-2013-6117/eucalyptus-3.2.2...
24
https://admin.fedoraproject.org/updates/FEDORA-2013-13131/livecd-tools-18...
14
https://admin.fedoraproject.org/updates/FEDORA-2013-13672/subversion-1.7....
10
https://admin.fedoraproject.org/updates/FEDORA-2013-13900/python-keystone...
8
https://admin.fedoraproject.org/updates/FEDORA-2013-13922/httpd-2.4.6-2.fc18
8
https://admin.fedoraproject.org/updates/FEDORA-2013-13940/gnupg-1.4.14-1....
8
https://admin.fedoraproject.org/updates/FEDORA-2013-14005/zabbix-2.0.6-3....
6
https://admin.fedoraproject.org/updates/FEDORA-2013-14205/v8-3.14.5.10-2....
4
https://admin.fedoraproject.org/updates/FEDORA-2013-14261/smokeping-2.6.9...
3
https://admin.fedoraproject.org/updates/FEDORA-2013-14355/samba-4.0.8-1.fc18
3
https://admin.fedoraproject.org/updates/FEDORA-2013-14362/spice-0.12.4-1....
2
https://admin.fedoraproject.org/updates/FEDORA-2013-14423/hylafax+-5.5.4-...
2
https://admin.fedoraproject.org/updates/FEDORA-2013-14419/firefox-23.0-1....
0
https://admin.fedoraproject.org/updates/FEDORA-2013-14281/putty-0.62-7.fc18
0
https://admin.fedoraproject.org/updates/FEDORA-2013-14454/cacti-0.8.8b-1....
0
https://admin.fedoraproject.org/updates/FEDORA-2013-14510/strongswan-5.1....
0
https://admin.fedoraproject.org/updates/FEDORA-2013-14539/chrony-1.29-1.fc18
0
https://admin.fedoraproject.org/updates/FEDORA-2013-14488/libtommath-0.42...
0
https://admin.fedoraproject.org/updates/FEDORA-2013-14568/seamonkey-2.20-...
The following Fedora 18 Critical Path updates have yet to be approved:
Age URL
182
https://admin.fedoraproject.org/updates/FEDORA-2013-2192/nautilus-3.6.3-5...
13
https://admin.fedoraproject.org/updates/FEDORA-2013-13756/make-3.82-15.fc18
8
https://admin.fedoraproject.org/updates/FEDORA-2013-13939/koji-1.8.0-2.fc18
8
https://admin.fedoraproject.org/updates/FEDORA-2013-13970/audit-2.3.2-1.fc18
7
https://admin.fedoraproject.org/updates/FEDORA-2013-14164/device-mapper-p...
4
https://admin.fedoraproject.org/updates/FEDORA-2013-14248/spherical-cow-k...
4
https://admin.fedoraproject.org/updates/FEDORA-2013-14262/cryptsetup-1.6....
0
https://admin.fedoraproject.org/updates/FEDORA-2013-14539/chrony-1.29-1.fc18
The following builds have been pushed to Fedora 18 updates-testing
akonadi-1.10.2-1.fc18
canl-c-2.1.2-1.fc18
chrony-1.29-1.fc18
dblatex-0.3.4-8.fc18
gmpy-1.17-1.fc18
licq-1.7.1-4.fc18
mate-utils-1.6.0-7.fc18
open-vm-tools-9.2.3-6.fc18
oz-0.11.0-2.fc18
python-ctrldaemon-0.2-1.fc18
python-django-memcached-pool-0.4.1-3.fc18
python-pefile-1.2.10_123-1.fc18
python-tahrir-0.3.0-1.fc18
python-waitress-0.8.5-2.fc18
salt-0.16.2-1.fc18
seamonkey-2.20-1.fc18
Details about builds:
================================================================================
akonadi-1.10.2-1.fc18 (FEDORA-2013-14548)
PIM Storage Service
--------------------------------------------------------------------------------
Update Information:
Akonadi 1.10.2
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jul 28 2013 dvratil(a)redhat.com - 1.10.2-1
- 1.10.2
* Sat Jul 27 2013 pmachata(a)redhat.com - 1.10.1-2
- Rebuild for boost 1.54.0
* Thu Jul 25 2013 Rex Dieter <rdieter(a)fedoraproject.org> 1.10.1-1
- akonadi-1.10.1
- mysql_conf_timestamp 20130607
* Sat Jul 13 2013 Rex Dieter <rdieter(a)fedoraproject.org> 1.10.0-1
- 1.10.0
* Thu Jun 27 2013 Rex Dieter <rdieter(a)fedoraproject.org> 1.9.80-1
- 1.9.80
--------------------------------------------------------------------------------
================================================================================
canl-c-2.1.2-1.fc18 (FEDORA-2013-14531)
EMI Common Authentication library - bindings for C
--------------------------------------------------------------------------------
Update Information:
This is a hotfix for a bug whereby the type of proxy to sign whas erroneously hard-coded
to a single value for different types of proxies, most importantly affecting RFC proxies.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 8 2013 František Dvořák <valtri(a)civ.zcu.cz> - 2.1.2-1
- New upstream version
- Proper perl usage
- Added README file
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.1.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
chrony-1.29-1.fc18 (FEDORA-2013-14539)
An NTP client/server
--------------------------------------------------------------------------------
Update Information:
This update fixes two security vulnerabilities: a crash when processing crafted commands
(CVE-2012-4502) and uninitialized data sent in command replies (CVE-2012-4503).
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 8 2013 Miroslav Lichvar <mlichvar(a)redhat.com> 1.29-1
- update to 1.29 (CVE-2012-4502, CVE-2012-4503)
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.28-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #846392 - CVE-2012-4502 CVE-2012-4503 chrony: Two security flaws fixed in
chrony-1.29 release
https://bugzilla.redhat.com/show_bug.cgi?id=846392
--------------------------------------------------------------------------------
================================================================================
dblatex-0.3.4-8.fc18 (FEDORA-2013-14538)
DocBook to LaTeX/ConTeXt Publishing
--------------------------------------------------------------------------------
Update Information:
correct licene tag
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 8 2013 Michael J Gruber <mjg(a)fedoraproject.org> - 0.3.4-8
- Merge in licensing changes from Stanislav Ochotnicky <sochotnicky(a)redhat.com>:
-* Mon Jul 29 2013 Stanislav Ochotnicky <sochotnicky(a)redhat.com> - 0.3.4-8
-- Add Public Domain license and licensing comment
-* Mon Jul 29 2013 Stanislav Ochotnicky <sochotnicky(a)redhat.com> - 0.3.4-7
-- Add DMIT, GPLv2 and LPPL licenses
-- Fix space and tab mixing
-- Cleanup old spec file parts
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.3.4-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #988820 - dblatex: incorrect license tag
https://bugzilla.redhat.com/show_bug.cgi?id=988820
--------------------------------------------------------------------------------
================================================================================
gmpy-1.17-1.fc18 (FEDORA-2013-14573)
A Python interface to the GNU Multiple Precision Arithmetic Library
--------------------------------------------------------------------------------
Update Information:
fix extension api compatibility for python 3.3
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 9 2013 Michael J Gruber <mjg(a)fedoraproject.org> - 1.17-1
- sync with upstream bugfix release 1.17
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.16-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #989936 - gmpy-1.17 is available
https://bugzilla.redhat.com/show_bug.cgi?id=989936
--------------------------------------------------------------------------------
================================================================================
licq-1.7.1-4.fc18 (FEDORA-2013-14547)
A graphical ICQ Client for Linux
--------------------------------------------------------------------------------
Update Information:
Add support for jabber.
New upstream release.
Fix deadlock.
new upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 5 2013 Christopher Meng <rpm(a)cicku.me> - 1.7.1-4
- Add devel package.
- Add missing BRs for jabber support(BZ#977150).
* Sat Jul 27 2013 pmachata(a)redhat.com - 1.7.1-3
- Rebuild for boost 1.54.0
* Wed Jul 17 2013 Petr Pisar <ppisar(a)redhat.com> - 1.7.1-2
- Perl 5.18 rebuild
* Sun Jun 2 2013 François Cami <fcami(a)fedoraproject.org> - 1.7.1-1
- New upstream release.
* Thu Apr 25 2013 Jon Ciesla <limburgher(a)gmail.com> - 1.7.0-7
- Drop desktop vendor tag.
* Sun Feb 10 2013 Denis Arnaud <denis.arnaud_fedora(a)m4x.org> - 1.7.0-6
- Rebuild for Boost-1.53.0
* Sat Feb 9 2013 Denis Arnaud <denis.arnaud_fedora(a)m4x.org> - 1.7.0-5
- Rebuild for Boost-1.53.0
* Sat Jan 12 2013 François Cami <fcami(a)fedoraproject.org> - 1.7.0-4
- add sox as requirement.
* Sat Jan 12 2013 François Cami <fcami(a)fedoraproject.org> - 1.7.0-3
- Fix deadlock, RHBZ #894247. Thanks to flynd.
* Sat Jan 12 2013 François Cami <fcami(a)fedoraproject.org> - 1.7.0-2
- Not public - test deadlock fix.
* Wed Jan 9 2013 François Cami <fcami(a)fedoraproject.org> - 1.7.0-1
- New upstream release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #977150 - Licq not works in F18
https://bugzilla.redhat.com/show_bug.cgi?id=977150
[ 2 ] Bug #894247 - Lockup on connect with 1.7.0
https://bugzilla.redhat.com/show_bug.cgi?id=894247
--------------------------------------------------------------------------------
================================================================================
mate-utils-1.6.0-7.fc18 (FEDORA-2013-14561)
MATE utility programs
--------------------------------------------------------------------------------
Update Information:
- runtime require mate-desktop-libs for mate-search-tool
- and main package, fix rhbz #988278
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 8 2013 Wolfgang Ulbrich <chat-to-me(a)raveit.de> - 1.6.0-7
- runtime require mate-desktop-libs for mate-search-tool
- and main package, fix rhbz #988278
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.6.0-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #988278 - [abrt] mate-search-tool-1.6.0-5.fc18: g_settings_set_property:
Process /usr/bin/mate-search-tool was killed by signal 5 (SIGTRAP)
https://bugzilla.redhat.com/show_bug.cgi?id=988278
--------------------------------------------------------------------------------
================================================================================
open-vm-tools-9.2.3-6.fc18 (FEDORA-2013-14577)
Open VMware Tools for virtual machines hosted on VMware
--------------------------------------------------------------------------------
Update Information:
Fixes for removing unused stuff and adding relro support, remove Fedora 17 support (EOL).
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 9 2013 Simone Caronni <negativo17(a)gmail.com> - 9.2.3-7
- Added options for hardening build (bug 990549).
- Excluded unwanted file mount.vmhgfs from packaging (bug 990547).
- Removed deprecated key "Encoding" from "Desktop Entry" (bug
990552).
- Removed Fedora 17 support (EOL).
* Tue Jun 4 2013 Richard W.M. Jones <rjones(a)redhat.com> - 9.2.3-6
- Add BR gcc-c++.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #990547 - mount.vmhgfs should not be packaged
https://bugzilla.redhat.com/show_bug.cgi?id=990547
[ 2 ] Bug #990549 - vmtoolsd is built with only partial RELRO
https://bugzilla.redhat.com/show_bug.cgi?id=990549
[ 3 ] Bug #990552 - warning: key "Encoding" in group "Desktop Entry"
is deprecated
https://bugzilla.redhat.com/show_bug.cgi?id=990552
--------------------------------------------------------------------------------
================================================================================
oz-0.11.0-2.fc18 (FEDORA-2013-14555)
Library and utilities for automated guest OS installs
--------------------------------------------------------------------------------
Update Information:
Fix ICICLE generation with extra elements (see
https://github.com/clalancette/oz/pull/105).
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 8 2013 Chris Lalancette <clalancette(a)gmail.com> - 0.11.0-2
- Add in the upstream patch that fixes ICICLE generation with extra elements
--------------------------------------------------------------------------------
================================================================================
python-ctrldaemon-0.2-1.fc18 (FEDORA-2013-14570)
Service command wrapper for Python
--------------------------------------------------------------------------------
Update Information:
Service command wrapper for Python.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #991836 - python-ctrldaemon - Service command wrapper for Python
https://bugzilla.redhat.com/show_bug.cgi?id=991836
--------------------------------------------------------------------------------
================================================================================
python-django-memcached-pool-0.4.1-3.fc18 (FEDORA-2013-14545)
A Memcached Pool for Django
--------------------------------------------------------------------------------
Update Information:
A Memcached Pool for Django.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #985190 - Review Request: python-django-memcached-pool - A Memcached Pool for
Django
https://bugzilla.redhat.com/show_bug.cgi?id=985190
--------------------------------------------------------------------------------
================================================================================
python-pefile-1.2.10_123-1.fc18 (FEDORA-2013-14574)
Python module for working with Portable Executable files
--------------------------------------------------------------------------------
Update Information:
New version.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 8 2013 Christopher Meng <rpm(a)cicku.me> - 1.2.10_123-1
- Update to new version.
--------------------------------------------------------------------------------
================================================================================
python-tahrir-0.3.0-1.fc18 (FEDORA-2013-14542)
A pyramid app for issuing your own Open Badges
--------------------------------------------------------------------------------
Update Information:
JSON API.
Limit relative leaderboard. Emit fedmsg messages.
Misc bugfixes.
Users can opt out.
Websockets on the frontpage.
More facelifting.
More cosmetic surgery.
Facelift marathon.
Reorganize avatars around openid.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 9 2013 Ralph Bean <rbean(a)redhat.com> - 0.3.0-1
- Add JSON API from Ricky Elrod.
- Some CSS fixups.
* Mon Aug 5 2013 Ralph Bean <rbean(a)redhat.com> - 0.2.9-1
- Limit the relative leaderboard to only 5 people instead of 10.
- Emit fedmsg messages when invitations are claimed.
* Thu Aug 1 2013 Ralph Bean <rbean(a)redhat.com> - 0.2.8-1
- Fix a login user-creation bug.
- Fix trailing comma on tags.
- Fix trailing slash on emails.
* Thu Aug 1 2013 Ralph Bean <rbean(a)redhat.com> - 0.2.7-1
- Reorganize avatars around openid identifiers for ease-of-use.
* Tue Jul 30 2013 Ralph Bean <rbean(a)redhat.com> - 0.2.6-1
- More facelifting.
- Ability for users to opt-out.
* Thu Jul 18 2013 Ralph Bean <rbean(a)redhat.com> - 0.2.5-3
- Remove version constraint on python-moksha-wsgi. It is behaving oddly.
* Thu Jul 18 2013 Ralph Bean <rbean(a)redhat.com> - 0.2.5-2
- python-dateutil is singular, not plural.
* Thu Jul 18 2013 Ralph Bean <rbean(a)redhat.com> - 0.2.5-1
- More facelifting.
- Websocket updates for the frontpage.
* Tue Jul 16 2013 Ralph Bean <rbean(a)redhat.com> - 0.2.3-2
- Added requirement on python-docutils.
* Tue Jul 16 2013 Ralph Bean <rbean(a)redhat.com> - 0.2.3-1
- Latest upstream with more botox.
* Thu Jul 11 2013 Ralph Bean <rbean(a)redhat.com> - 0.2.2-2
- Added requirement for python-dogpile-cache
* Wed Jul 10 2013 Ralph Bean <rbean(a)redhat.com> - 0.2.2-1
- Latest upstream with more cosmetic surgery.
* Wed Jul 3 2013 Ralph Bean <rbean(a)redhat.com> - 0.2.1-1
- Remove old patch (shipped with upstream now).
- More facelift stuff in progress.
* Mon Jul 1 2013 Ralph Bean <rbean(a)redhat.com> - 0.2.0-2
- Add requirement on python-qrcode.
* Wed Jun 26 2013 Ralph Bean <rbean(a)redhat.com> - 0.2.0-1
- Massive facelift.
* Thu Jun 13 2013 Ralph Bean <rbean(a)redhat.com> - 0.1.9-3
- Conditionalize sqlalchemy forward compat package for epel6.
--------------------------------------------------------------------------------
================================================================================
python-waitress-0.8.5-2.fc18 (FEDORA-2013-14540)
Waitress WSGI server
--------------------------------------------------------------------------------
Update Information:
Install docs in unversioned dir.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 7 2013 Lorenzo Gil Sanchez <lorenzo.gil.sanchez(a)gmail.com> - 0.8.5-2
- Update description to use the new Fedora 20 _pkgdocdir macro, which
is also defined for backwards cmompatibility
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #994065 - python-waitress possibly affected by F-20 unversioned docdir change
https://bugzilla.redhat.com/show_bug.cgi?id=994065
--------------------------------------------------------------------------------
================================================================================
salt-0.16.2-1.fc18 (FEDORA-2013-14546)
A parallel remote execution system
--------------------------------------------------------------------------------
Update Information:
moving to 0.16.2
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 8 2013 Clint Savage <herlo1(a)gmail.com> - 0.16.2-1
- Update to patch release 0.16.2
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.16.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
seamonkey-2.20-1.fc18 (FEDORA-2013-14568)
Web browser, e-mail, news, IRC client, HTML editor
--------------------------------------------------------------------------------
Update Information:
Update to 2.20
Fix various security issues, see
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
for more info
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 8 2013 Dmitry Butskoy <Dmitry(a)Butskoy.name> 2.20-1
- update to 2.20
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.19-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Mon Jul 15 2013 Dmitry Butskoy <Dmitry(a)Butskoy.name> 2.19-2
- implement separate switches for system/native nspr, nss and libvpx
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #994971 - seamonkey-2.20 is available
https://bugzilla.redhat.com/show_bug.cgi?id=994971
--------------------------------------------------------------------------------