The following Fedora 19 Security updates need testing:
Age URL
186
https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glanc...
123
https://admin.fedoraproject.org/updates/FEDORA-2013-24023/varnish-3.0.5-1...
27
https://admin.fedoraproject.org/updates/FEDORA-2014-4676/a2ps-4.14-23.fc19
15
https://admin.fedoraproject.org/updates/FEDORA-2014-5024/smb4k-1.1.1-2.fc19
11
https://admin.fedoraproject.org/updates/FEDORA-2014-5308/srm-1.2.13-1.fc19
6
https://admin.fedoraproject.org/updates/FEDORA-2014-5511/ndjbdns-1.06-1.fc19
6
https://admin.fedoraproject.org/updates/FEDORA-2014-5487/python-pillow-2....
5
https://admin.fedoraproject.org/updates/FEDORA-2014-5551/zabbix-2.0.11-3....
4
https://admin.fedoraproject.org/updates/FEDORA-2014-5562/python-django-1....
4
https://admin.fedoraproject.org/updates/FEDORA-2014-5586/prosody-0.8.2-11...
3
https://admin.fedoraproject.org/updates/FEDORA-2014-5609/kernel-3.13.11-1...
2
https://admin.fedoraproject.org/updates/FEDORA-2014-5715/qt-4.8.6-2.fc19
2
https://admin.fedoraproject.org/updates/FEDORA-2014-5691/mediawiki-1.21.9...
2
https://admin.fedoraproject.org/updates/FEDORA-2014-5680/qt5-qtbase-5.2.1...
0
https://admin.fedoraproject.org/updates/FEDORA-2014-5751/mumble-1.2.5-1.fc19
0
https://admin.fedoraproject.org/updates/FEDORA-2014-5759/cups-filters-1.0...
0
https://admin.fedoraproject.org/updates/FEDORA-2014-5783/fish-2.1.0-9.fc19
0
https://admin.fedoraproject.org/updates/FEDORA-2014-5795/dmlite-0.6.2-2.fc19
The following Fedora 19 Critical Path updates have yet to be approved:
Age URL
134
https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmark...
60
https://admin.fedoraproject.org/updates/FEDORA-2014-3245/testdisk-6.14-2....
13
https://admin.fedoraproject.org/updates/FEDORA-2014-5223/bash-4.2.47-1.fc19
13
https://admin.fedoraproject.org/updates/FEDORA-2014-5213/xdg-utils-1.1.0-...
11
https://admin.fedoraproject.org/updates/FEDORA-2014-5341/libjpeg-turbo-1....
8
https://admin.fedoraproject.org/updates/FEDORA-2014-5448/ibus-1.5.6-3.fc19
4
https://admin.fedoraproject.org/updates/FEDORA-2014-5590/libcap-ng-0.7.4-...
3
https://admin.fedoraproject.org/updates/FEDORA-2014-5620/abrt-2.2.1-1.fc1...
3
https://admin.fedoraproject.org/updates/FEDORA-2014-5609/kernel-3.13.11-1...
2
https://admin.fedoraproject.org/updates/FEDORA-2014-5665/curl-7.29.0-18.fc19
2
https://admin.fedoraproject.org/updates/FEDORA-2014-5715/qt-4.8.6-2.fc19
0
https://admin.fedoraproject.org/updates/FEDORA-2014-5809/xorg-x11-drv-syn...
0
https://admin.fedoraproject.org/updates/FEDORA-2014-5788/xorg-x11-drv-evd...
The following builds have been pushed to Fedora 19 updates-testing
VirtualGL-2.3.3-3.fc19
dmlite-0.6.2-2.fc19
elinks-0.12-0.36.pre6.fc19
fish-2.1.0-9.fc19
glog-0.3.3-3.fc19
golang-github-kdar-factorlog-0-0.1.git814d8f7.fc19
htop-1.0.3-1.fc19
libsvm-3.18-3.fc19
perl-Config-Generator-0.7-1.fc19
perl-Term-ProgressBar-2.15-1.fc19
perl-WWW-OrangeHRM-Client-0.7.2-1.fc19
python-lxml-3.3.5-1.fc19
python-rosdep-0.10.27-1.fc19
python-rosdistro-0.3.5-1.fc19
python-tw2-forms-2.1.4.1-7.fc19
quodlibet-3.1.1-1.fc19
xorg-x11-drv-evdev-2.8.3-1.fc19
xorg-x11-drv-synaptics-1.7.4-9.fc19
Details about builds:
================================================================================
VirtualGL-2.3.3-3.fc19 (FEDORA-2014-5780)
A toolkit for displaying OpenGL applications to thin clients
--------------------------------------------------------------------------------
Update Information:
Fix (#1088475) don't install hidden files into /usr/bin
--------------------------------------------------------------------------------
ChangeLog:
* Sun Apr 27 2014 Gary Gatling <gsgatlin(a)eos.ncsu.edu> - 2.3.3-3
- Fix (#1088475) don't install hidden files into /usr/bin
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1088475 - Don't install hidden files into /usr/bin
https://bugzilla.redhat.com/show_bug.cgi?id=1088475
--------------------------------------------------------------------------------
================================================================================
dmlite-0.6.2-2.fc19 (FEDORA-2014-5795)
Common libraries for grid data management and storage
--------------------------------------------------------------------------------
Update Information:
Patched mistyped parenthesis in Security.cpp
dmlite release 0.6.2
dmlite release 0.6.2
dmlite release 0.6.2
dmlite release 0.6.2
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 25 2014 Alejandro Alvarez <aalvarez(a)cern.ch> - 0.6.2-2
- Patched mistyped parenthesis in Security.cpp
--------------------------------------------------------------------------------
================================================================================
elinks-0.12-0.36.pre6.fc19 (FEDORA-2014-5774)
A text-mode Web browser
--------------------------------------------------------------------------------
Update Information:
- let list_is_singleton() return false for an empty list (#1075415)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 29 2014 Kamil Dudka <kdudka(a)redhat.com> - 0.12-0.36.pre6
- let list_is_singleton() return false for an empty list (#1075415)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1075415 - [abrt] elinks: get_opt_rec(): elinks killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1075415
--------------------------------------------------------------------------------
================================================================================
fish-2.1.0-9.fc19 (FEDORA-2014-5783)
A friendly interactive shell
--------------------------------------------------------------------------------
Update Information:
CVE-2014-2905 is severe. Apparently requesting stable instead of testing doesn't
work.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 28 2014 Andy Lutomirski <luto(a)mit.edu> - 2.1.0-9
- Fix CVE-2014-2914
* Mon Apr 28 2014 Andy Lutomirski <luto(a)mit.edu> - 2.1.0-8
- Fix build failure
* Mon Apr 28 2014 Andy Lutomirski <luto(a)mit.edu> - 2.1.0-7
- Fix CVE-2014-2905
- Fix CVE-2014-2906
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1092091 - CVE-2014-2905 CVE-2014-2906 CVE-2014-2914 fish: multiple flaws
fixed in upstream 2.1.1
https://bugzilla.redhat.com/show_bug.cgi?id=1092091
--------------------------------------------------------------------------------
================================================================================
glog-0.3.3-3.fc19 (FEDORA-2014-5791)
A C++ application logging library
--------------------------------------------------------------------------------
Update Information:
Update to 0.3.3.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 5 2013 John Khvatov <ivaxer(a)fedoraproject.org> - 0.3.3-3
- Removed installed but untracked docs.
Fix for
https://fedoraproject.org/wiki/Changes/UnversionedDocdirs
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.3.3-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Wed Jul 31 2013 John Khvatov <ivaxer(a)fedoraproject.org> - 0.3.3-1
- update to 0.3.3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1011570 - glog: Old version 3.3.0 shipped
https://bugzilla.redhat.com/show_bug.cgi?id=1011570
--------------------------------------------------------------------------------
================================================================================
golang-github-kdar-factorlog-0-0.1.git814d8f7.fc19 (FEDORA-2014-5786)
Fast logging infrastructure for Go
--------------------------------------------------------------------------------
Update Information:
Bug 1092057 - Initial fedora package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1092057 - Review Request: golang-github-kdar-factorlog - Fast logging
infrastructure for Go
https://bugzilla.redhat.com/show_bug.cgi?id=1092057
--------------------------------------------------------------------------------
================================================================================
htop-1.0.3-1.fc19 (FEDORA-2014-5810)
Interactive process viewer
--------------------------------------------------------------------------------
Update Information:
- Update to 1.0.3
New features, bugfixes, and performance improvements. New features include
tag-all-children ('c' key), fixes in accounting of guest time when using
virtualization, performance improvements due to conditional parsing of I/O data depending
on selected fields, better consistency in coloring, new pagefault stats, and OOM-killer
score.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 28 2014 Morten Stevens <mstevens(a)imt-systems.com> - 1.0.3-1
- Update to 1.0.3
- Should resolve BZ#925557, BZ#987805, BZ#1091943
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.0.2-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #925557 - htop: Does not support aarch64 in f19 and rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=925557
[ 2 ] Bug #987805 - htop core dump when change 'detailed cpu time'
https://bugzilla.redhat.com/show_bug.cgi?id=987805
[ 3 ] Bug #1091943 - htop 1.0.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1091943
--------------------------------------------------------------------------------
================================================================================
libsvm-3.18-3.fc19 (FEDORA-2014-5799)
A Library for Support Vector Machines
--------------------------------------------------------------------------------
Update Information:
Upstream update
Upstream update to 3.18
Upstream update to 3.18
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 28 2014 Ding-Yi Chen <dchen(a)redhat.com> - 3.18-3
- EPEL5 desktop files need vendor.
* Mon Apr 28 2014 Ding-Yi Chen <dchen(a)redhat.com> - 3.18-2
- Fixed Bug 1090844 - libsvm-java has unresolved dependencies on epel6 testing
* Tue Apr 22 2014 Ding-Yi Chen <dchen(a)redhat.com> - 3.18-1
- Upstream update to 3.18
- svm.cpp and svm-scale.c: check return values of fscanf
- matlab interface: Makefile no longer handles octave
because make.m should be used
* Fri Mar 28 2014 Michael Simacek <msimacek(a)redhat.com> - 3.17-4
- Use Requires: java-headless rebuild (#1067528)
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
3.17-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
perl-Config-Generator-0.7-1.fc19 (FEDORA-2014-5777)
Shared variables for the Config::Generator modules
--------------------------------------------------------------------------------
Update Information:
Added an example of a wrapper script in the "eg" directory.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1092372 - Upgrade to new upstream version
https://bugzilla.redhat.com/show_bug.cgi?id=1092372
--------------------------------------------------------------------------------
================================================================================
perl-Term-ProgressBar-2.15-1.fc19 (FEDORA-2014-5771)
Provide a progress meter on a standard terminal
--------------------------------------------------------------------------------
Update Information:
Provides a new module, Term::Progressbar::IO.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 17 2014 Petr Šabata <contyk(a)redhat.com> - 2.15-1
- 2.15 bump
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.14-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Wed Jul 31 2013 Petr Šabata <contyk(a)redhat.com> - 2.14-1
- 2.14 bump
- Documentation fixes
* Tue Jul 23 2013 Petr Pisar <ppisar(a)redhat.com> - 2.13-5
- Perl 5.18 rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1087336 - perl-Term-ProgressBar-2.15 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1087336
--------------------------------------------------------------------------------
================================================================================
perl-WWW-OrangeHRM-Client-0.7.2-1.fc19 (FEDORA-2014-5770)
Client for OrangeHRM
--------------------------------------------------------------------------------
Update Information:
This release accomodates to changes on server side effective since 2014-04-29.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 29 2014 Petr Pisar <ppisar(a)redhat.com> - 0.7.2-1
- 0.7.2 bump
--------------------------------------------------------------------------------
================================================================================
python-lxml-3.3.5-1.fc19 (FEDORA-2014-5801)
ElementTree-like Python bindings for libxml2 and libxslt
--------------------------------------------------------------------------------
Update Information:
3.3.5 (2014-04-18)
==================
Bugs fixed
----------
* HTML cleaning could fail to strip javascript links that mix control
characters into the link scheme.
3.3.4 (2014-04-03)
==================
Features added
--------------
* Source line numbers above 65535 are available on Elements when
using libxml2 2.9 or later.
Bugs fixed
----------
* lxml.html.fragment_fromstring() failed for bytes input in Py3.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 28 2014 Jeffrey Ollie <jeff(a)ocjtech.us> - 3.3.5-1
- 3.3.5 (2014-04-18)
- ==================
-
- Bugs fixed
- ----------
-
- * HTML cleaning could fail to strip javascript links that mix control
- characters into the link scheme.
* Mon Apr 28 2014 Jeffrey Ollie <jeff(a)ocjtech.us> - 3.3.4-1
- 3.3.4 (2014-04-03)
- ==================
-
- Features added
- --------------
-
- * Source line numbers above 65535 are available on Elements when
- using libxml2 2.9 or later.
-
- Bugs fixed
- ----------
-
- * lxml.html.fragment_fromstring() failed for bytes input in Py3.
* Wed Mar 26 2014 Jeffrey Ollie <jeff(a)ocjtech.us> - 3.3.3-4
- Fix macro definition
* Wed Mar 26 2014 Jeffrey Ollie <jeff(a)ocjtech.us> - 3.3.3-3
- Add python3-cssselect to correct package
* Mon Mar 24 2014 Jeffrey Ollie <jeff(a)ocjtech.us> - 3.3.3-3
- python3-cssselect is not available on F19
* Mon Mar 24 2014 Jeffrey Ollie <jeff(a)ocjtech.us> - 3.3.3-2
- BZ#1075070 add requires and buildrequires for cssselect
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1084392 - python-lxml-3.3.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1084392
--------------------------------------------------------------------------------
================================================================================
python-rosdep-0.10.27-1.fc19 (FEDORA-2014-5806)
ROS System Dependency Installer
--------------------------------------------------------------------------------
Update Information:
Update to release 0.10.27
--------------------------------------------------------------------------------
ChangeLog:
* Sat Apr 12 2014 Rich Mattes <richmattes(a)gmail.com> - 0.10.27-1
- Update to release 0.10.27
- Build html documentation
--------------------------------------------------------------------------------
================================================================================
python-rosdistro-0.3.5-1.fc19 (FEDORA-2014-5781)
File format for managing ROS Distributions
--------------------------------------------------------------------------------
Update Information:
- Update to release 0.3.5
- Remove argparse from python dependency list
--------------------------------------------------------------------------------
ChangeLog:
* Sun Apr 27 2014 Scott K Logan <logans(a)cottsay.net> - 0.3.5-1
- Update to release 0.3.5
- Remove argparse from python dependency list
- Added missing install requirements
- Remove patch for setuptools (merged upstream)
--------------------------------------------------------------------------------
================================================================================
python-tw2-forms-2.1.4.1-7.fc19 (FEDORA-2014-5792)
Forms for ToscaWidgets2
--------------------------------------------------------------------------------
Update Information:
Fix buttons.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 28 2014 Ralph Bean <rbean(a)redhat.com> - 2.1.4.1-7
- Try to fix deps busted by releng.
* Mon Apr 28 2014 Ralph Bean <rbean(a)redhat.com> - 2.1.4.1-6
- Backported patch to fix buttons.
* Tue Aug 6 2013 Ralph Bean <rbean(a)redhat.com> - 2.1.4.1-5
- Temporarily disable test suite until the 2.2 release.
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.1.4.1-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
- Disable tests for epel7.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1091632 - tw2: ParameterError: Attr param clashes with user-supplied attr
https://bugzilla.redhat.com/show_bug.cgi?id=1091632
--------------------------------------------------------------------------------
================================================================================
quodlibet-3.1.1-1.fc19 (FEDORA-2014-5787)
A music management program
--------------------------------------------------------------------------------
Update Information:
- Update to 3.1.1
- fixes some bugs
https://quodlibet.readthedocs.org/en/latest/changelog.html
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 28 2014 Johannes Lips <hannes(a)fedoraproject.org> - 3.1.1-1
- update to recent upstream release 3.1.1
--------------------------------------------------------------------------------
================================================================================
xorg-x11-drv-evdev-2.8.3-1.fc19 (FEDORA-2014-5788)
Xorg X11 evdev input driver
--------------------------------------------------------------------------------
Update Information:
evdev 2.8.3, fixes horizontal scrolling on Microsoft mice
Update to 2.8.1, includes a patch we already carried, fixes potential crashes on MT
devices without legacy axes and a potential misconfiguration on wheel emulation inertia
(must be > 0 now)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 29 2014 Peter Hutterer <peter.hutterer(a)redhat.com> 2.8.3-1
- evdev 2.8.3
* Mon Oct 7 2013 Peter Hutterer <peter.hutterer(a)redhat.com> 2.8.2-1
- evdev 2.8.2
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.8.1-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #869065 - Horizontal scrolling with microsoft mouse scrolls vertically
https://bugzilla.redhat.com/show_bug.cgi?id=869065
--------------------------------------------------------------------------------
================================================================================
xorg-x11-drv-synaptics-1.7.4-9.fc19 (FEDORA-2014-5809)
Xorg X11 Synaptics touchpad input driver
--------------------------------------------------------------------------------
Update Information:
Add support for top software buttons on the Lenovo laptops without physical buttons for
the pointing stick
Fix stuck touch points when receving SYN_DROPPED events (#877464). But also pull in the
other couple of fixes from F20.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 22 2014 Hans de Goede <hdegoede(a)redhat.com> - 1.7.4-9
- Add topbuttons quirk for Thinkpad Edge E341 (#1089689)
* Fri Apr 18 2014 Hans de Goede <hdegoede(a)redhat.com> - 1.7.4-8
- Add L540 to 70-touchpad-quirks.rules as touchpad_softbutton_top (#1088588)
* Mon Apr 14 2014 Hans de Goede <hdegoede(a)redhat.com> - 1.7.4-7
- Fix 3 finger clicking on clickpads (#1086218)
- Add T431 to 70-touchpad-quirks.rules as touchpad_softbutton_top (#1085582)
- Switch to using relative coordinates for the top softbutton area (#1085697)
* Wed Apr 9 2014 Peter Hutterer <peter.hutterer(a)redhat.com> 1.7.4-6
- Add L440 and X1 Carbon tags/config
* Wed Apr 2 2014 Peter Hutterer <peter.hutterer(a)redhat.com> 1.7.4-5
- Update the various top softbutton ranges and use a udev quirk to tag them
* Thu Mar 27 2014 Peter Hutterer <peter.hutterer(a)redhat.com> 1.7.4-4
- Add patches to support the T440 series laptops
* Mon Mar 24 2014 Peter Hutterer <peter.hutterer(a)redhat.com> 1.7.4-3
- Fix stuck touch points when receving SYN_DROPPED events (#877464)
* Fri Mar 21 2014 Peter Hutterer <peter.hutterer(a)redhat.com> 1.7.4-2
- Unset ClickPad for Cypress touchpads, they do everything in firmware, we
can't compete with that. (fdo bug 76341 and 70819)
* Wed Mar 12 2014 Peter Hutterer <peter.hutterer(a)redhat.com> 1.7.4-1
- synaptics 1.7.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1089689 - only a part of the touchpard area working
https://bugzilla.redhat.com/show_bug.cgi?id=1089689
[ 2 ] Bug #1088588 - Please add L540 to 70-touchpad-quirks.rules as
touchpad_softbutton_top
https://bugzilla.redhat.com/show_bug.cgi?id=1088588
[ 3 ] Bug #1086218 - 3 finger click on Thinkpad T440s clickpad is seen as right click
instead of middle click
https://bugzilla.redhat.com/show_bug.cgi?id=1086218
[ 4 ] Bug #877464 - BUG: triggered 'if (priv->num_active_touches >
priv->num_slots)'
https://bugzilla.redhat.com/show_bug.cgi?id=877464
--------------------------------------------------------------------------------