The following Fedora 19 Security updates need testing:
Age URL
187
https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glanc...
124
https://admin.fedoraproject.org/updates/FEDORA-2013-24023/varnish-3.0.5-1...
29
https://admin.fedoraproject.org/updates/FEDORA-2014-4676/a2ps-4.14-23.fc19
16
https://admin.fedoraproject.org/updates/FEDORA-2014-5024/smb4k-1.1.1-2.fc19
13
https://admin.fedoraproject.org/updates/FEDORA-2014-5308/srm-1.2.13-1.fc19
6
https://admin.fedoraproject.org/updates/FEDORA-2014-5562/python-django-1....
6
https://admin.fedoraproject.org/updates/FEDORA-2014-5586/prosody-0.8.2-11...
5
https://admin.fedoraproject.org/updates/FEDORA-2014-5609/kernel-3.13.11-1...
4
https://admin.fedoraproject.org/updates/FEDORA-2014-5715/qt-4.8.6-2.fc19
4
https://admin.fedoraproject.org/updates/FEDORA-2014-5691/mediawiki-1.21.9...
4
https://admin.fedoraproject.org/updates/FEDORA-2014-5680/qt5-qtbase-5.2.1...
2
https://admin.fedoraproject.org/updates/FEDORA-2014-5751/mumble-1.2.5-1.fc19
2
https://admin.fedoraproject.org/updates/FEDORA-2014-5759/cups-filters-1.0...
1
https://admin.fedoraproject.org/updates/FEDORA-2014-5783/fish-2.1.0-9.fc19
1
https://admin.fedoraproject.org/updates/FEDORA-2014-5795/dmlite-0.6.2-2.fc19
1
https://admin.fedoraproject.org/updates/FEDORA-2014-5801/python-lxml-3.3....
0
https://admin.fedoraproject.org/updates/FEDORA-2014-5896/nrpe-2.15-2.fc19
0
https://admin.fedoraproject.org/updates/FEDORA-2014-5903/miniupnpc-1.9-1....
The following Fedora 19 Critical Path updates have yet to be approved:
Age URL
135
https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmark...
62
https://admin.fedoraproject.org/updates/FEDORA-2014-3245/testdisk-6.14-2....
13
https://admin.fedoraproject.org/updates/FEDORA-2014-5341/libjpeg-turbo-1....
5
https://admin.fedoraproject.org/updates/FEDORA-2014-5620/abrt-2.2.1-1.fc1...
5
https://admin.fedoraproject.org/updates/FEDORA-2014-5609/kernel-3.13.11-1...
4
https://admin.fedoraproject.org/updates/FEDORA-2014-5665/curl-7.29.0-18.fc19
4
https://admin.fedoraproject.org/updates/FEDORA-2014-5715/qt-4.8.6-2.fc19
1
https://admin.fedoraproject.org/updates/FEDORA-2014-5809/xorg-x11-drv-syn...
1
https://admin.fedoraproject.org/updates/FEDORA-2014-5788/xorg-x11-drv-evd...
0
https://admin.fedoraproject.org/updates/FEDORA-2014-5818/libssh2-1.4.3-7....
0
https://admin.fedoraproject.org/updates/FEDORA-2014-5867/kde-workspace-4....
0
https://admin.fedoraproject.org/updates/FEDORA-2014-5448/ibus-1.5.7-1.fc19
The following builds have been pushed to Fedora 19 updates-testing
0ad-0.0.15-4.fc19
canl-c++-1.1.0-1.fc19
ghc-rfc5051-0.1.0.3-1.fc19
gimagereader-2.93-1.fc19
glusterfs-3.5.0-3.fc19
gpaw-setups-0.9.11271-2.fc19
jortho-1.0-1.fc19
libnfsidmap-0.25-8.fc19
megaglest-3.9.1-2.fc19
microcode_ctl-2.0-7.fc19
miniupnpc-1.9-1.fc19
netactview-0.6.2-1.fc19
nordugrid-arc-4.1.0-1.fc19
nordugrid-arc-doc-1.4.0-1.fc19
nrpe-2.15-2.fc19
rubygem-qpid_proton-0.7-2.fc19
the_silver_searcher-0.21.0-1.fc19
zarafa-7.1.9-1.fc19
Details about builds:
================================================================================
0ad-0.0.15-4.fc19 (FEDORA-2014-5903)
Cross-Platform RTS Game of Ancient Warfare
--------------------------------------------------------------------------------
Update Information:
Update to miniupnpc 1.9 and correct possible DoS crash vector.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 18 2014 pcpa <paulo.cesar.pereira.de.andrade(a)gmail.com> - 0.0.15-4
- Add workaround for %check failure with gcc 4.9 on i686
* Fri Apr 18 2014 pcpa <paulo.cesar.pereira.de.andrade(a)gmail.com> - 0.0.15-3
- Rebuild with minupnpc 1.9
* Tue Jan 21 2014 pcpa <paulo.cesar.pereira.de.andrade(a)gmail.com> - 0.0.15-2
- Rebuild for latest gloox
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1062206 - miniupnpc-1.9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1062206
[ 2 ] Bug #996357 - New version request
https://bugzilla.redhat.com/show_bug.cgi?id=996357
[ 3 ] Bug #1085618 - miniupnpc buffer overrun - network facing DoS crash
https://bugzilla.redhat.com/show_bug.cgi?id=1085618
--------------------------------------------------------------------------------
================================================================================
canl-c++-1.1.0-1.fc19 (FEDORA-2014-5894)
EMI Common Authentication library - bindings for C++
--------------------------------------------------------------------------------
Update Information:
NorduGrid ARC release 14.04:
* NorduGrid ARC version 4.1.0
* NorduGrid ARC Documents version 1.4.0
* Common authentication library caNl++ version 1.1.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 1 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1.1.0-1
- Update to version 1.1.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1068453 - nordugrid-arc: Switch to java-headless (build)requires
https://bugzilla.redhat.com/show_bug.cgi?id=1068453
--------------------------------------------------------------------------------
================================================================================
ghc-rfc5051-0.1.0.3-1.fc19 (FEDORA-2014-5879)
Simple unicode collation as per RFC5051
--------------------------------------------------------------------------------
Update Information:
Simple Unicode collation as per RFC5051
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1058198 - Review Request: ghc-rfc5051 - Simple unicode collation as per
RFC5051
https://bugzilla.redhat.com/show_bug.cgi?id=1058198
--------------------------------------------------------------------------------
================================================================================
gimagereader-2.93-1.fc19 (FEDORA-2014-5907)
OCR application
--------------------------------------------------------------------------------
Update Information:
Update to version 2.93, see
https://raw.githubusercontent.com/manisandro/gImageReader/master/NEWS for details.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 30 2014 Sandro Mani <manisandro(a)gmail.com> - 2.93-1
- Update to 2.93
--------------------------------------------------------------------------------
================================================================================
glusterfs-3.5.0-3.fc19 (FEDORA-2014-5886)
Cluster File System
--------------------------------------------------------------------------------
Update Information:
syslog deprecated in Fedora20 BZ #1093318
GlusterFS 3.5.0 GA, glusterfs-3.5.0-2, glusterfs.spec nits
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 1 2014 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - 3.5.0-3
- syslog deprecated in Fedora20 BZ #1093318
* Fri Apr 25 2014 Kaleb S. KEITHLEY <kkeithle[at]redhat.com>
- sync with upstream glusterfs.spec.in BZ #1091392
- sync with upstream glusterfs.spec.in BZ #1091392
* Wed Apr 23 2014 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - 3.5.0-2
- GlusterFS 3.5.0 GA, glusterfs-3.5.0-2, glusterfs.spec nits
* Thu Apr 17 2014 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - 3.5.0-1
- GlusterFS 3.5.0 GA
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1093318 - glusterfs-libs-3.5.0-0.1.qa3.fc21.x86_64.rpm requires
rsyslog-mmjsonparse; this brings in rsyslog, ...
https://bugzilla.redhat.com/show_bug.cgi?id=1093318
--------------------------------------------------------------------------------
================================================================================
gpaw-setups-0.9.11271-2.fc19 (FEDORA-2014-5875)
Atomic GPAW setups
--------------------------------------------------------------------------------
Update Information:
Atomic GPAW setups.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1090070 - Review Request: gpaw-setups - GPAW setups
https://bugzilla.redhat.com/show_bug.cgi?id=1090070
--------------------------------------------------------------------------------
================================================================================
jortho-1.0-1.fc19 (FEDORA-2014-5891)
A spell checker for Java
--------------------------------------------------------------------------------
Update Information:
Initial version
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1092096 - Review Request: jortho - A spell checker for Java
https://bugzilla.redhat.com/show_bug.cgi?id=1092096
--------------------------------------------------------------------------------
================================================================================
libnfsidmap-0.25-8.fc19 (FEDORA-2014-5884)
NFSv4 User and Group ID Mapping Library
--------------------------------------------------------------------------------
Update Information:
commit 3226c06989186d9cd60ba146df4e2898fee5047b
Author: Steve Dickson <steved(a)redhat.com>
Date: Wed Apr 30 11:14:22 2014 -0400
libnfsidmap: id_as_chars() fails zero value ids.
Root has a zero value id which is valid and
should not be mapped to nfsnobody
Signed-off-by: Steve Dickson <steved(a)redhat.com>
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 30 2014 Steve Dickson <steved(a)redhat.com> 0.20-8
- Updated to latest rc release: libnfsidmap-0-26-rc3 (bz 1093148)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1093148 - chown does not respect NFSv4 no_root_squash
https://bugzilla.redhat.com/show_bug.cgi?id=1093148
--------------------------------------------------------------------------------
================================================================================
megaglest-3.9.1-2.fc19 (FEDORA-2014-5903)
Open Source 3d real time strategy game
--------------------------------------------------------------------------------
Update Information:
Update to miniupnpc 1.9 and correct possible DoS crash vector.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 18 2014 pcpa <paulo.cesar.pereira.de.andrade(a)gmail.com> - 3.9.1-2
- Rebuild with minupnpc 1.9.
* Thu Jan 23 2014 pcpa <paulo.cesar.pereira.de.andrade(a)gmail.com> - 3.9.1-1
- Update to latest upstream release.
* Tue Nov 19 2013 pcpa <paulo.cesar.pereira.de.andrade(a)gmail.com> - 3.9.0-1
- Update to latest upstream release.
* Mon Nov 18 2013 Dave Airlie <airlied(a)redhat.com> - 3.7.1-10
- rebuilt for GLEW 1.10
* Fri Aug 16 2013 pcpa <paulo.cesar.pereira.de.andrade(a)gmail.com> - 3.7.1-9
- Rebuild with minupnpc 1.8.
* Wed Aug 14 2013 pcpa <paulo.cesar.pereira.de.andrade(a)gmail.com> - 3.7.1-8
- Add support for minupnpc >= 1.7 (#996357)
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
3.7.1-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1062206 - miniupnpc-1.9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1062206
[ 2 ] Bug #996357 - New version request
https://bugzilla.redhat.com/show_bug.cgi?id=996357
[ 3 ] Bug #1085618 - miniupnpc buffer overrun - network facing DoS crash
https://bugzilla.redhat.com/show_bug.cgi?id=1085618
--------------------------------------------------------------------------------
================================================================================
microcode_ctl-2.0-7.fc19 (FEDORA-2014-5904)
Tool to transform and deploy CPU microcode update for x86.
--------------------------------------------------------------------------------
Update Information:
Update to upstream 2.0-7. Update Intel CPU microcode. 20140430
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 1 2014 Anton Arapov <anton(a)redhat.com> 2.0-7
- Update to upstream 2.0-7. Update Intel CPU microcode. 20140430
--------------------------------------------------------------------------------
================================================================================
miniupnpc-1.9-1.fc19 (FEDORA-2014-5903)
Library and tool to control NAT in UPnP-enabled routers
--------------------------------------------------------------------------------
Update Information:
Update to miniupnpc 1.9 and correct possible DoS crash vector.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 16 2014 pcpa <paulo.cesar.pereira.de.andrade(a)gmail.com> - 1.9-1
- Update to latest upstream release (#1062206)
- Correct possible DoS crash vector (patch already in tarball) (#1085618)
* Tue Aug 13 2013 pcpa <paulo.cesar.pereira.de.andrade(a)gmail.com> - 1.8-1
- Update to latest upstream release (#996357)
- Build extra python3 module
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.6-10
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1062206 - miniupnpc-1.9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1062206
[ 2 ] Bug #996357 - New version request
https://bugzilla.redhat.com/show_bug.cgi?id=996357
[ 3 ] Bug #1085618 - miniupnpc buffer overrun - network facing DoS crash
https://bugzilla.redhat.com/show_bug.cgi?id=1085618
--------------------------------------------------------------------------------
================================================================================
netactview-0.6.2-1.fc19 (FEDORA-2014-5885)
Graphical network connections viewer for Linux
--------------------------------------------------------------------------------
Update Information:
- update to 0.6.2
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 1 2014 Leigh Scott <leigh123linux(a)googlemail.com> - 0.6.2-1
- update to 0.6.2
* Thu May 1 2014 Kalev Lember <kalevlember(a)gmail.com> - 0.6.1-8
- Rebuilt for libgtop2 soname bump
--------------------------------------------------------------------------------
================================================================================
nordugrid-arc-4.1.0-1.fc19 (FEDORA-2014-5894)
Advanced Resource Connector Grid Middleware
--------------------------------------------------------------------------------
Update Information:
NorduGrid ARC release 14.04:
* NorduGrid ARC version 4.1.0
* NorduGrid ARC Documents version 1.4.0
* Common authentication library caNl++ version 1.1.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 1 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 4.1.0-1
- 4.1.0 Final Release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1068453 - nordugrid-arc: Switch to java-headless (build)requires
https://bugzilla.redhat.com/show_bug.cgi?id=1068453
--------------------------------------------------------------------------------
================================================================================
nordugrid-arc-doc-1.4.0-1.fc19 (FEDORA-2014-5894)
Advanced Resource Connector Documentation
--------------------------------------------------------------------------------
Update Information:
NorduGrid ARC release 14.04:
* NorduGrid ARC version 4.1.0
* NorduGrid ARC Documents version 1.4.0
* Common authentication library caNl++ version 1.1.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 1 2014 Mattias Ellert <mattias.ellert(a)fysast.uu.se> - 1.4.0-1
- 1.4.0 Final Release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1068453 - nordugrid-arc: Switch to java-headless (build)requires
https://bugzilla.redhat.com/show_bug.cgi?id=1068453
--------------------------------------------------------------------------------
================================================================================
nrpe-2.15-2.fc19 (FEDORA-2014-5896)
Host/service/network monitoring agent for Nagios
--------------------------------------------------------------------------------
Update Information:
Add patch to mitigate CVE-2014-2913
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 1 2014 Sam Kottler <skottler(a)fedoraproject.org> - 2.15.2
- Add patch to mitigate CVE-2014-2913
* Mon Jan 27 2014 Sam Kottler <skottler(a)fedoraproject.org> - 2.15.1
- Update to 2.15
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1089878 - CVE-2014-2913 nrpe: remote command execution when command arguments
are enabled
https://bugzilla.redhat.com/show_bug.cgi?id=1089878
--------------------------------------------------------------------------------
================================================================================
rubygem-qpid_proton-0.7-2.fc19 (FEDORA-2014-5893)
Ruby language bindings for the Qpid Proton messaging framework
--------------------------------------------------------------------------------
Update Information:
Made the -doc package arch-specific for EL6 due to rdoc issues.
Rebased on Proton 0.7.
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 1 2014 Darryl L. Pierce <dpierce(a)redhat.com> - 0.7-2
- Made the -doc package arch-specific for EL6 due to rdoc issues.
* Wed Apr 30 2014 Darryl L. Pierce <dpierce(a)redhat.com> - 0.7-1
- Rebased on Proton 0.7.
* Tue Apr 15 2014 Vít Ondruch <vondruch(a)redhat.com> - 0.6-3
- Rebuilt for
https://fedoraproject.org/wiki/Changes/Ruby_2.1
--------------------------------------------------------------------------------
================================================================================
the_silver_searcher-0.21.0-1.fc19 (FEDORA-2014-5889)
Super-fast text searching tool
--------------------------------------------------------------------------------
Update Information:
update to 0.21.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1057991 - Review Request: the_silver_searcher - Super-fast text searching
tool
https://bugzilla.redhat.com/show_bug.cgi?id=1057991
--------------------------------------------------------------------------------
================================================================================
zarafa-7.1.9-1.fc19 (FEDORA-2014-5883)
Open Source Edition of the Zarafa Collaboration Platform
--------------------------------------------------------------------------------
Update Information:
Zarafa Collaboration Platform 7.1.9 final [44333]
=================================================
General
-------
This release brings a few new features while maintaining stability.
Backend
-------
- ZCP-12163: Translations missing from zarafa-client package
- ZCP-11835: zarafa-set-oof does not accept argument "-n"
- ZCP-10943: opensource build issue with option --enable-debug
- ZCP-11131: Emails with added html disclaimer will have no body when moved to pst.
- ZCP-10132: ADS ldap cfg company view privileges default value incorrect
- ZCP-12152: ICS Changes in 7.1.8 cause a high load when z-push is used.
- ZCP-11885: zarafa-passwd disables features(IMAP,POP3)
- ZCP-12019: dagent creates much more fallback deliveries than in 7.1.7
- ZCP-11996: allow only the homeserver for zarafa-monitor
- ZCP-11950: Webaccess don't load if specific Mail is in Inbox
- ZCP-11693: Remove single quotes from spooler to loop with postfix in 5XX errors
- ZCP-11423: Provide example configs in /usr/share/doc
- ZCP-11914: Always show all users in the addressbook for Zarafa administrator accounts
regardless if they are hidden or not
- ZCP-12152: ICS Changes in 7.1.8 cause a high load when z-push is used.
- ZCP-12137: search does not index html attachments
- ZCP-11277: Public calendar is empty when opened via Lightning 1.9
- ZCP-12132: patch: POP3 STLS (STARTTLS) support in Zarafa-Gateway
- ZCP-12130: Include pictures assigned in LDAP backend when browsing the GAB
- ZCP-12098: auto-respond violates RFC 5322 section 3.6.1 causing date and spam issues
- ZCP-12093: Make the "advanced tab" resizeable/scrollable
- ZCP-11187: Pass the PR_TRANSPORT_HEADERS also to the zarafa-autorespond, so
administrators can do better filtering when sending out of office replies
- ZCP-7137: Several comments in default config files are incorrect
- ZCP-11974: ARM build compatibility with GCC > 4.4.4 patch
- ZCP-11973: Enhance logging of zarafa-dagent to display the same amount of information
as zarafa-spooler
- ZCP-11972: Enhance IMAP messages log level prios
- ZCP-11746: ICalToMAPI.cpp missing break in switch icalerrno
- ZCP-11504: python-mapi doc has outdated info on charsets
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 1 2014 Robert Scheck <robert(a)fedoraproject.org> 7.1.9-1
- Upgrade to 7.1.9
--------------------------------------------------------------------------------