The following Fedora 19 Security updates need testing:
Age URL
112
https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glanc...
57
https://admin.fedoraproject.org/updates/FEDORA-2013-23592/rubygem-actionp...
49
https://admin.fedoraproject.org/updates/FEDORA-2013-24023/varnish-3.0.5-1...
31
https://admin.fedoraproject.org/updates/FEDORA-2014-0797/libinfinity-0.5....
17
https://admin.fedoraproject.org/updates/FEDORA-2014-1734/quassel-0.9.2-1....
12
https://admin.fedoraproject.org/updates/FEDORA-2014-1916/chrony-1.29.1-1....
12
https://admin.fedoraproject.org/updates/FEDORA-2014-1910/ibus-chewing-1.4...
9
https://admin.fedoraproject.org/updates/FEDORA-2014-2083/thunderbird-24.3...
8
https://admin.fedoraproject.org/updates/FEDORA-2014-2140/python-gnupg-0.3...
7
https://admin.fedoraproject.org/updates/FEDORA-2014-2183/apache-commons-f...
7
https://admin.fedoraproject.org/updates/FEDORA-2014-2188/xen-4.2.3-15.fc19
3
https://admin.fedoraproject.org/updates/FEDORA-2014-2239/python-tahrir-0....
3
https://admin.fedoraproject.org/updates/FEDORA-2014-2253/python-tahrir-0....
3
https://admin.fedoraproject.org/updates/FEDORA-2014-2261/perl-Capture-Tin...
3
https://admin.fedoraproject.org/updates/FEDORA-2014-2324/seamonkey-2.24-1...
3
https://admin.fedoraproject.org/updates/FEDORA-2014-2260/NetworkManager-s...
2
https://admin.fedoraproject.org/updates/FEDORA-2014-2387/numpy-1.7.2-8.fc19
2
https://admin.fedoraproject.org/updates/FEDORA-2014-2340/xstream-1.3.1-5....
2
https://admin.fedoraproject.org/updates/FEDORA-2014-2341/libgadu-1.12.0-0...
0
https://admin.fedoraproject.org/updates/FEDORA-2014-2445/augeas-1.2.0-1.fc19
0
https://admin.fedoraproject.org/updates/FEDORA-2014-2506/lighttpd-1.4.34-...
0
https://admin.fedoraproject.org/updates/FEDORA-2014-2534/oath-toolkit-2.4...
0
https://admin.fedoraproject.org/updates/FEDORA-2014-2439/maradns-2.0.09-1...
0
https://admin.fedoraproject.org/updates/FEDORA-2014-2484/drupal6-ctools-1...
0
https://admin.fedoraproject.org/updates/FEDORA-2014-2468/imapsync-1.584-1...
0
https://admin.fedoraproject.org/updates/FEDORA-2014-2588/gnutls-3.1.20-3....
0
https://admin.fedoraproject.org/updates/FEDORA-2014-2578/drupal7-ctools-1...
0
https://admin.fedoraproject.org/updates/FEDORA-2014-2556/kernel-3.12.11-2...
0
https://admin.fedoraproject.org/updates/FEDORA-2014-2565/mingw-gnutls-3.1...
The following Fedora 19 Critical Path updates have yet to be approved:
Age URL
60
https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmark...
23
https://admin.fedoraproject.org/updates/FEDORA-2014-1324/firefox-26.0-6.fc19
12
https://admin.fedoraproject.org/updates/FEDORA-2014-1958/livecd-tools-19....
12
https://admin.fedoraproject.org/updates/FEDORA-2014-1916/chrony-1.29.1-1....
10
https://admin.fedoraproject.org/updates/FEDORA-2014-2022/gupnp-tools-0.8....
8
https://admin.fedoraproject.org/updates/FEDORA-2014-0752/firewalld-0.3.9....
7
https://admin.fedoraproject.org/updates/FEDORA-2014-2053/kde-workspace-4....
6
https://admin.fedoraproject.org/updates/FEDORA-2014-2208/krb5-1.11.3-20.fc19
3
https://admin.fedoraproject.org/updates/FEDORA-2014-1255/tigervnc-1.3.0-9...
2
https://admin.fedoraproject.org/updates/FEDORA-2014-2346/sqlite-3.8.3-1.fc19
2
https://admin.fedoraproject.org/updates/FEDORA-2014-2337/libreport-2.1.12...
0
https://admin.fedoraproject.org/updates/FEDORA-2014-2556/kernel-3.12.11-2...
0
https://admin.fedoraproject.org/updates/FEDORA-2014-2588/gnutls-3.1.20-3....
0
https://admin.fedoraproject.org/updates/FEDORA-2014-2544/libusb-0.1.5-3.fc19
0
https://admin.fedoraproject.org/updates/FEDORA-2014-2446/libvpx-1.3.0-3.fc19
0
https://admin.fedoraproject.org/updates/FEDORA-2014-2541/yum-3.4.3-135.fc19
0
https://admin.fedoraproject.org/updates/FEDORA-2014-2498/rpm-4.11.2-1.fc19
The following builds have been pushed to Fedora 19 updates-testing
debootstrap-1.0.59-1.fc19
docker-io-0.8.0-3.fc19
drupal7-ctools-1.4-1.fc19
drupal7-date_ical-3.1-1.fc19
emacs-auctex-11.87-7.fc19
gitflow-0.4.2.20120723git53e9c76-4.fc19
gnutls-3.1.20-3.fc19
kernel-3.12.11-200.fc19
libusb-0.1.5-3.fc19
mingw-gnutls-3.1.21-1.fc19
ocaml-xmlm-1.2.0-3.fc19
orthanc-0.7.3-1.fc19
perl-Class-MethodMaker-2.20-1.fc19
php-twig-ctwig-1.15.1-1.fc19
python-fedmsg-meta-fedora-infrastructure-0.2.7-1.fc19
ripright-0.9-1.fc19
rubygem-domain_name-0.5.16-1.fc19
rubygem-gettext-3.1.0-1.fc19
tcpcopy-0.9.7-2.fc19
tomoe-0.6.0-28.fc19
Details about builds:
================================================================================
debootstrap-1.0.59-1.fc19 (FEDORA-2014-2573)
Debian GNU/Linux bootstrapper
--------------------------------------------------------------------------------
Update Information:
new upstream release
new upstream release
new upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 14 2014 Jan Vcelak <jvcelak(a)fedoraproject.org> 1.0.59-1
- new upstream release:
+ install ca-certificates as well as apt-transport-https for https installations
* Wed Feb 12 2014 Jan Vcelak <jvcelak(a)fedoraproject.org> 1.0.58-1
- new upstream release:
+ install apt-transport-https when installing over HTTPS
* Sun Feb 9 2014 Jan Vcelak <jvcelak(a)fedoraproject.org> 1.0.57-1
- new upstream release:
+ Ubuntu trusty as a symlink to gutsy
+ when debian-archive-keyring is not available, use the main mirror with https
+ separate installation of base-passwd and base-files
+ pkgdetails_perl: fix percentage sign interpretation
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1065278 - debootstrap-1.0.59 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1065278
[ 2 ] Bug #1064180 - debootstrap-1.0.58 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1064180
[ 3 ] Bug #1022656 - debootstrap-1.0.57 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1022656
--------------------------------------------------------------------------------
================================================================================
docker-io-0.8.0-3.fc19 (FEDORA-2014-2582)
Automates deployment of containerized applications
--------------------------------------------------------------------------------
Update Information:
Remove unneeded sysctl settings in initscript
ignore btrfs for rhel7 and clones for now
upstream version bump, fix bad filenames in scriptlets
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 13 2014 Adam Miller <maxamillion(a)fedoraproject.org> - 0.8.0-3
- Remove unneeded sysctl settings in initscript
https://github.com/dotcloud/docker/pull/4125
* Sat Feb 8 2014 Lokesh Mandvekar <lsm5(a)redhat.com> - 0.8.0-2
- ignore btrfs for rhel7 and clones for now
- include vim syntax highlighting from contrib/syntax/vim
* Wed Feb 5 2014 Lokesh Mandvekar <lsm5(a)redhat.com> - 0.8.0-1
- upstream version bump
- don't use btrfs for rhel6 and clones (yet)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1062177 - docker-io-0.8.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1062177
[ 2 ] Bug #1059743 - bad filenames in rpm scriptlets
https://bugzilla.redhat.com/show_bug.cgi?id=1059743
--------------------------------------------------------------------------------
================================================================================
drupal7-ctools-1.4-1.fc19 (FEDORA-2014-2578)
This suite is primarily a set of APIs and tools for other Drupal modules
--------------------------------------------------------------------------------
Update Information:
- Update to upstream 1.4 release for bug and security fixes
- Upstream changelog for this release is available at
https://drupal.org/node/2194551
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 14 2014 Peter Borsa <peter.borsa(a)gmail.com> - 1.4-1
- Update to upstream 1.4 release for bug and security fixes
- Upstream changelog for this release is available at
https://drupal.org/node/2194551
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.3-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1064864 - drupal6-ctools: access bypass issues
https://bugzilla.redhat.com/show_bug.cgi?id=1064864
--------------------------------------------------------------------------------
================================================================================
drupal7-date_ical-3.1-1.fc19 (FEDORA-2014-2547)
Allows creation of an iCal feed in Views
--------------------------------------------------------------------------------
Update Information:
- Update to upstream 3.1 release for bug fixes
- Upstream changelog for this release is available at
https://drupal.org/node/2188221
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 14 2014 Peter Borsa <peter.borsa(a)gmail.com> - 3.1-1
- Update to upstream 3.1 release for bug fixes
- Upstream changelog for this release is available at
https://drupal.org/node/2188221
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1061061 - drupal7-date_ical-3.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1061061
--------------------------------------------------------------------------------
================================================================================
emacs-auctex-11.87-7.fc19 (FEDORA-2014-2555)
Enhanced TeX modes for Emacs
--------------------------------------------------------------------------------
Update Information:
This update installs the preview style files in the correct place.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 12 2014 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 11.87-7
- Really Fix up installation location of doc files
* Thu Feb 6 2014 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 11.87-6
- Fix up installation location of doc files
* Thu Feb 6 2014 Jonathan G. Underwood <jonathan.underwood(a)gmail.com> - 11.87-5
- Move preview files to be installed under %{_datadir}/texlive/texmf-dist (BZ 995544)
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
11.87-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #995544 - tex-preview not installed in texmf-dist tree
https://bugzilla.redhat.com/show_bug.cgi?id=995544
--------------------------------------------------------------------------------
================================================================================
gitflow-0.4.2.20120723git53e9c76-4.fc19 (FEDORA-2014-2548)
Extensions providing operations for V. Driessen's branching model
--------------------------------------------------------------------------------
Update Information:
Add bash completion for git flow subcommands.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 13 2014 Ralph Bean <rbean(a)redhat.com> - 0.4.2.20120723git53e9c76-4
- Include bash completion.
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.4.2.20120723git53e9c76-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1056059 - package gitflow bash completion as well
https://bugzilla.redhat.com/show_bug.cgi?id=1056059
--------------------------------------------------------------------------------
================================================================================
gnutls-3.1.20-3.fc19 (FEDORA-2014-2588)
A TLS protocol implementation
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2014-1959
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 14 2014 Nikos Mavrogiannopoulos <nmav(a)redhat.com> 3.1.20-3
- Fix CVE-2014-1959 (#1065094)
* Mon Feb 3 2014 Nikos Mavrogiannopoulos <nmav(a)redhat.com> 3.1.20-1
- new upstream release
- Fixed issue with gnutls.info not being available
- Compile with trousers
- Pulled fix from upstream for illegal supported-ecc extension (#1060411)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1065092 - CVE-2014-1959 gnutls: certificate verification flaw
(GNUTLS-SA-2014-1)
https://bugzilla.redhat.com/show_bug.cgi?id=1065092
--------------------------------------------------------------------------------
================================================================================
kernel-3.12.11-200.fc19 (FEDORA-2014-2556)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 3.12.11 stable update contains a number of important fixes across the tree.
The 3.12.10 stable update contains a number of important fixes across the tree.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 13 2014 Justin M. Forbes <jforbes(a)fedoraproject.org> - 3.12.11-200
- Linux v3.12.11
* Wed Feb 12 2014 Josh Boyer <jwboyer(a)fedoraproject.org>
- Add patch to fix list corruption from pinctrl (rhbz 1051918)
- Fix cgroup destroy oops (rhbz 1045755)
- Fix backtrace in amd_e400_idle (rhbz 1031296)
- CVE-2014-1874 SELinux: local denial of service (rhbz 1062356 1062507)
* Thu Feb 6 2014 Justin M. Forbes <jforbes(a)fedoraproject.org> - 3.12.10-200
- Linux v3.12.10
* Wed Feb 5 2014 Justin M. Forbes <jforbes(a)fedoraproject.org>
- fix resume issues on Renesas chips in Samsung laptops (rhbz 950630)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1062356 - CVE-2014-1874 Kernel: SELinux: local denial-of-service
https://bugzilla.redhat.com/show_bug.cgi?id=1062356
--------------------------------------------------------------------------------
================================================================================
libusb-0.1.5-3.fc19 (FEDORA-2014-2544)
A library which allows userspace access to USB devices
--------------------------------------------------------------------------------
Update Information:
- Revert atexit call of libusb_exit, this breaks the use of libusb-compat in dl-opened
plugins
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 13 2014 Hans de Goede <hdegoede(a)redhat.com> - 0.1.5-3
- Revert atexit patch (rhbz#1003193)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1038566 - Remove atexit call of libusb_exit, this breaks the use of
libusb-compat in plugins
https://bugzilla.redhat.com/show_bug.cgi?id=1038566
--------------------------------------------------------------------------------
================================================================================
mingw-gnutls-3.1.21-1.fc19 (FEDORA-2014-2565)
MinGW GnuTLS TLS/SSL encryption library
--------------------------------------------------------------------------------
Update Information:
Version 3.1.21 (released 2014-02-13)
* libgnutls: Tolerate servers that sent the SUPPORTED ECC extension.
* libgnutls: Reduced the TLS and DTLS version requirements for all ciphersuites that are
not GCM.
* libgnutls: When two initial keywords are specified then treat the second as having the
'+' modifier.
* libgnutls: Fixed bug that prevented the rejection of v1 intermediate CA certificates.
Reported and investigated by Suman Jana.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 13 2014 Michael Cronenworth <mike(a)cchtml.com> - 3.1.21-1
- Update to 3.1.21
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1065092 - CVE-2014-1959 gnutls: certificate verification flaw
(GNUTLS-SA-2014-1)
https://bugzilla.redhat.com/show_bug.cgi?id=1065092
--------------------------------------------------------------------------------
================================================================================
ocaml-xmlm-1.2.0-3.fc19 (FEDORA-2014-2403)
A streaming XML codec
--------------------------------------------------------------------------------
Update Information:
Initial Fedora release of ocaml-xmlm, a streaming XML codec
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1055395 - Review Request: ocaml-xmlm - A streaming XML codec
https://bugzilla.redhat.com/show_bug.cgi?id=1055395
--------------------------------------------------------------------------------
================================================================================
orthanc-0.7.3-1.fc19 (FEDORA-2014-2577)
RESTful DICOM server for healthcare and medical research
--------------------------------------------------------------------------------
Update Information:
New upstream version of Orthanc
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 14 2014 Sebastien Jodogne <s.jodogne(a)gmail.com> 0.7.3-1
- New upstream version
--------------------------------------------------------------------------------
================================================================================
perl-Class-MethodMaker-2.20-1.fc19 (FEDORA-2014-2596)
Perl module for creating generic object-oriented methods
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 13 2014 Ralf Corsépius <corsepiu(a)fedoraproject.org> - 2.20-1
- Upstream update.
- Minor spec cleanup.
--------------------------------------------------------------------------------
================================================================================
php-twig-ctwig-1.15.1-1.fc19 (FEDORA-2014-2551)
Extension to improve performance of Twig
--------------------------------------------------------------------------------
Update Information:
* fixed a C extension crash when accessing defined but uninitialized property.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 14 2014 Remi Collet <remi(a)fedoraproject.org> - 1.15.1-1
- Update to 1.15.1
--------------------------------------------------------------------------------
================================================================================
python-fedmsg-meta-fedora-infrastructure-0.2.7-1.fc19 (FEDORA-2014-2593)
Metadata providers for Fedora Infrastructure's fedmsg deployment
--------------------------------------------------------------------------------
Update Information:
Handle secondary koji instances.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 13 2014 Ralph Bean <rbean(a)redhat.com> - 0.2.7-1
- Bugfix to that last release.
* Thu Feb 13 2014 Ralph Bean <rbean(a)redhat.com> - 0.2.6-1
- Latest upstream.
- Handle secondary koji instances.
- Other bugfixes
--------------------------------------------------------------------------------
================================================================================
ripright-0.9-1.fc19 (FEDORA-2014-2574)
A minimal CD ripper
--------------------------------------------------------------------------------
Update Information:
A minimal CD ripper.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1057418 - Review Request: ripright - A minimal CD ripper
https://bugzilla.redhat.com/show_bug.cgi?id=1057418
--------------------------------------------------------------------------------
================================================================================
rubygem-domain_name-0.5.16-1.fc19 (FEDORA-2014-2595)
Domain Name manipulation library for Ruby
--------------------------------------------------------------------------------
Update Information:
New version 0.5.16 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 15 2014 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 0.5.16-1
- 0.5.16
--------------------------------------------------------------------------------
================================================================================
rubygem-gettext-3.1.0-1.fc19 (FEDORA-2014-2552)
RubyGem of Localization Library and Tools for Ruby
--------------------------------------------------------------------------------
Update Information:
New version 3.1.0 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 10 2014 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 3.1.0-1
- 3.1.0
--------------------------------------------------------------------------------
================================================================================
tcpcopy-0.9.7-2.fc19 (FEDORA-2014-2564)
An online request replication tool
--------------------------------------------------------------------------------
Update Information:
Update to 0.9.7
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 14 2014 Christopher Meng <rpm(a)cicku.me> - 0.9.7-2
- Rebuild with more features(pcap)
* Fri Feb 14 2014 Christopher Meng <rpm(a)cicku.me> - 0.9.7-1
- Update to 0.9.7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1064806 - tcpcopy-0.9.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1064806
--------------------------------------------------------------------------------
================================================================================
tomoe-0.6.0-28.fc19 (FEDORA-2014-2567)
Handwritten input system for Japanese and Chinese
--------------------------------------------------------------------------------
Update Information:
Fixes skip code license issue
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 14 2014 Peng Wu <pwu(a)redhat.com> - 0.6.0-28
- Add comments
* Wed Feb 12 2014 Peng Wu <pwu(a)redhat.com> - 0.6.0-27
- Fixes skip code license issue (rhbz#969415)
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.6.0-26
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #969415 - tomoe includes non-free contents
https://bugzilla.redhat.com/show_bug.cgi?id=969415
--------------------------------------------------------------------------------