The following Fedora 18 Security updates need testing:
Age URL
178
https://admin.fedoraproject.org/updates/FEDORA-2013-0416/fedora-business-...
111
https://admin.fedoraproject.org/updates/FEDORA-2013-3935/puppet-3.1.1-1.fc18
105
https://admin.fedoraproject.org/updates/FEDORA-2013-4243/stunnel-4.55-1.fc18
92
https://admin.fedoraproject.org/updates/FEDORA-2013-4823/microcode_ctl-2....
76
https://admin.fedoraproject.org/updates/FEDORA-2013-6117/eucalyptus-3.2.2...
35
https://admin.fedoraproject.org/updates/FEDORA-2013-9707/livecd-tools-18....
31
https://admin.fedoraproject.org/updates/FEDORA-2013-9962/subversion-1.7.1...
14
https://admin.fedoraproject.org/updates/FEDORA-2013-11419/python-bugzilla...
12
https://admin.fedoraproject.org/updates/FEDORA-2013-10713/openstack-keyst...
11
https://admin.fedoraproject.org/updates/FEDORA-2013-11574/curl-7.27.0-11....
7
https://admin.fedoraproject.org/updates/FEDORA-2013-11874/xen-4.2.2-10.fc18
4
https://admin.fedoraproject.org/updates/FEDORA-2013-12123/ruby-1.9.3.448-...
4
https://admin.fedoraproject.org/updates/FEDORA-2013-12108/gegl-0.2.0-11.fc18
4
https://admin.fedoraproject.org/updates/FEDORA-2013-11998/php-pecl-radius...
4
https://admin.fedoraproject.org/updates/FEDORA-2013-12032/autotrace-0.31....
2
https://admin.fedoraproject.org/updates/FEDORA-2013-12156/dbus-glib-0.100...
2
https://admin.fedoraproject.org/updates/FEDORA-2013-12193/lldpad-0.9.45-4...
0
https://admin.fedoraproject.org/updates/FEDORA-2013-12396/zeroinstall-inj...
0
https://admin.fedoraproject.org/updates/FEDORA-2013-12394/ansible-1.2.1-2...
0
https://admin.fedoraproject.org/updates/FEDORA-2013-12424/gallery3-3.0.9-...
The following Fedora 18 Critical Path updates have yet to be approved:
Age URL
146
https://admin.fedoraproject.org/updates/FEDORA-2013-2192/nautilus-3.6.3-5...
26
https://admin.fedoraproject.org/updates/FEDORA-2013-10428/NetworkManager-...
12
https://admin.fedoraproject.org/updates/FEDORA-2013-11498/binutils-2.23.5...
11
https://admin.fedoraproject.org/updates/FEDORA-2013-11574/curl-7.27.0-11....
10
https://admin.fedoraproject.org/updates/FEDORA-2013-11629/unzip-6.0-10.fc18
8
https://admin.fedoraproject.org/updates/FEDORA-2013-11749/gnome-shell-3.6...
8
https://admin.fedoraproject.org/updates/FEDORA-2013-11757/xorg-x11-drv-sy...
7
https://admin.fedoraproject.org/updates/FEDORA-2013-11864/gnome-packageki...
4
https://admin.fedoraproject.org/updates/FEDORA-2013-12117/lcms2-2.5-1.fc18
4
https://admin.fedoraproject.org/updates/FEDORA-2013-11959/procps-ng-3.3.3...
2
https://admin.fedoraproject.org/updates/FEDORA-2013-12263/samba-4.0.7-1.f...
2
https://admin.fedoraproject.org/updates/FEDORA-2013-12193/lldpad-0.9.45-4...
2
https://admin.fedoraproject.org/updates/FEDORA-2013-12151/dhcp-4.2.5-15.fc18
2
https://admin.fedoraproject.org/updates/FEDORA-2013-12195/xulrunner-22.0-...
2
https://admin.fedoraproject.org/updates/FEDORA-2013-12156/dbus-glib-0.100...
0
https://admin.fedoraproject.org/updates/FEDORA-2013-12374/ppp-2.4.5-30.fc18
0
https://admin.fedoraproject.org/updates/FEDORA-2013-12367/nspr-4.10.0-3.fc18
0
https://admin.fedoraproject.org/updates/FEDORA-2013-12352/lxpanel-0.5.12-...
The following builds have been pushed to Fedora 18 updates-testing
CuraEngine-13.06.3-2.fc18
ansible-1.2.1-2.fc18
gallery3-3.0.9-1.fc18
ghc-language-java-0.2.4-2.fc18
ghc-libffi-0.1-2.fc18
ghc-maccatcher-2.1.5-1.fc18
golang-1.1.1-4.fc18
ibus-kkc-1.5.15-1.fc18
libguestfs-1.20.9-2.fc18
libkkc-0.2.6-1.fc18
mingw-pcre-8.33-1.fc18
mingw-qt-4.8.5-2.fc18
perl-CPAN-FindDependencies-2.42-2.fc18
perl-Data-MessagePack-0.47-1.fc18
perl-File-Find-Object-0.2.7-2.fc18
perl-Net-Random-2.22-2.fc18
perl-Perl6-Slurp-0.051003-2.fc18
perl-Tie-Function-0.02-1.fc18
perl-XML-Tiny-2.06-1.fc18
php-pear-Mail-Mime-1.8.8-1.fc18
php-pear-Net-SMTP-1.6.2-1.fc18
ppp-2.4.5-30.fc18
tzdata-2013c-2.fc18
xsane-0.999-3.fc18
zeroinstall-injector-2.3-1.fc18
Details about builds:
================================================================================
CuraEngine-13.06.3-2.fc18 (FEDORA-2013-12427)
Engine for processing 3D models into G-code instructions for 3D printers
--------------------------------------------------------------------------------
Update Information:
Engine for processing 3D models into G-code instructions for 3D printers
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #977112 - Review Request: CuraEngine - Engine for processing 3D models into
G-code instructions for 3D printers
https://bugzilla.redhat.com/show_bug.cgi?id=977112
--------------------------------------------------------------------------------
================================================================================
ansible-1.2.1-2.fc18 (FEDORA-2013-12394)
SSH-based configuration management, deployment, and task execution system
--------------------------------------------------------------------------------
Update Information:
Upstream 1.2.1 version. See:
https://groups.google.com/forum/#!topic/ansible-project/Bj0TmfsExhk for more info.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 5 2013 Kevin Fenzi <kevin(a)scrye.com> 1.2.1-2
- Update to newer upstream re-release to fix a syntax error
* Thu Jul 4 2013 Kevin Fenzi <kevin(a)scrye.com> 1.2.1-1
- Update to 1.2.1
- Fixes CVE-2013-2233
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #980821 - CVE-2013-2233 ansible: Does not cache SSH host keys (preventing
possibility of server's host key to be checked against system host keys)
https://bugzilla.redhat.com/show_bug.cgi?id=980821
--------------------------------------------------------------------------------
================================================================================
gallery3-3.0.9-1.fc18 (FEDORA-2013-12424)
Customizable photo gallery web site
--------------------------------------------------------------------------------
Update Information:
Fixes for CVE-2013-2240, CVE-2013-2241.
A security flaw was found in the way flowplayer SWF file handling functionality of Gallery
version 3, an open source project with the goal to develop and support leading photo
sharing web application solutions, processed certain URL fragments passed to this file
(certain URL fragments were not stripped properly when these files were called via direct
URL request(s)). A remote attacker could use this flaw to conduct replay attacks.
Multiple information exposure flaws were found in the way data rest core module of Gallery
version 3, an open source project with the goal to develop and support leading photo
sharing web application solutions, used to previously restrict access to certain items of
the photo album. A remote attacker, valid Gallery 3 user, could use this flaw to possibly
obtain sensitive information (file, resize or thumb path of the item in question).
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 5 2013 Jon Ciesla <limburgher(a)gmail.com> - 3.0.9-1
- 3.0.9.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #981218 - CVE-2013-2138 gallery3 various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=981218
[ 2 ] Bug #981219 - CVE-2013-2138 gallery3 various flaws [epel-6]
https://bugzilla.redhat.com/show_bug.cgi?id=981219
--------------------------------------------------------------------------------
================================================================================
ghc-language-java-0.2.4-2.fc18 (FEDORA-2013-12416)
Java source manipulation
--------------------------------------------------------------------------------
Update Information:
Manipulates Java source: abstract syntax, lexer, parser, and pretty-printer.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #980133 - Review Request: ghc-language-java - Java source manipulation
https://bugzilla.redhat.com/show_bug.cgi?id=980133
--------------------------------------------------------------------------------
================================================================================
ghc-libffi-0.1-2.fc18 (FEDORA-2013-12402)
A binding to libffi
--------------------------------------------------------------------------------
Update Information:
A binding to libffi, allowing C functions of types only known at runtime to be called from
Haskell.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #980123 - Review Request: ghc-libffi - A binding to libffi
https://bugzilla.redhat.com/show_bug.cgi?id=980123
--------------------------------------------------------------------------------
================================================================================
ghc-maccatcher-2.1.5-1.fc18 (FEDORA-2013-12391)
Obtain the host MAC address on *NIX and Windows
--------------------------------------------------------------------------------
Update Information:
Obtain the host MAC address on *NIX and Windows.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #974721 - Review Request: ghc-maccatcher - Obtain the host MAC address on *NIX
and Windows
https://bugzilla.redhat.com/show_bug.cgi?id=974721
--------------------------------------------------------------------------------
================================================================================
golang-1.1.1-4.fc18 (FEDORA-2013-12431)
The Go Programming Language
--------------------------------------------------------------------------------
Update Information:
Try again at updating this package.
Use lua in pretrans
* Fix update problems (at least for pre-Fedora 19)
* Fix still-often-broken building
* Make this package actually usable (sorry)
* Update to golang 1.1.1
* Make this package actually usable (sorry)
* Update to golang 1.1.1
* Make this package actually usable (sorry)
* Update to golang 1.1.1
* Fix update problems (at least for pre-Fedora 19)
* Fix still-often-broken building
* Make this package actually usable (sorry)
* Update to golang 1.1.1
* Make this package actually usable (sorry)
* Update to golang 1.1.1
* Make this package actually usable (sorry)
* Update to golang 1.1.1
* Fix update problems (at least for pre-Fedora 19)
* Fix still-often-broken building
* Make this package actually usable (sorry)
* Update to golang 1.1.1
* Make this package actually usable (sorry)
* Update to golang 1.1.1
* Make this package actually usable (sorry)
* Update to golang 1.1.1
Use lua in pretrans
* Fix update problems (at least for pre-Fedora 19)
* Fix still-often-broken building
* Make this package actually usable (sorry)
* Update to golang 1.1.1
* Make this package actually usable (sorry)
* Update to golang 1.1.1
* Make this package actually usable (sorry)
* Update to golang 1.1.1
* Fix update problems (at least for pre-Fedora 19)
* Fix still-often-broken building
* Make this package actually usable (sorry)
* Update to golang 1.1.1
* Make this package actually usable (sorry)
* Update to golang 1.1.1
* Make this package actually usable (sorry)
* Update to golang 1.1.1
* Fix update problems (at least for pre-Fedora 19)
* Fix still-often-broken building
* Make this package actually usable (sorry)
* Update to golang 1.1.1
* Make this package actually usable (sorry)
* Update to golang 1.1.1
* Make this package actually usable (sorry)
* Update to golang 1.1.1
Use lua in pretrans
* Fix update problems (at least for pre-Fedora 19)
* Fix still-often-broken building
* Make this package actually usable (sorry)
* Update to golang 1.1.1
* Make this package actually usable (sorry)
* Update to golang 1.1.1
* Make this package actually usable (sorry)
* Update to golang 1.1.1
* Fix update problems (at least for pre-Fedora 19)
* Fix still-often-broken building
* Make this package actually usable (sorry)
* Update to golang 1.1.1
* Make this package actually usable (sorry)
* Update to golang 1.1.1
* Make this package actually usable (sorry)
* Update to golang 1.1.1
* Fix update problems (at least for pre-Fedora 19)
* Fix still-often-broken building
* Make this package actually usable (sorry)
* Update to golang 1.1.1
* Make this package actually usable (sorry)
* Update to golang 1.1.1
* Make this package actually usable (sorry)
* Update to golang 1.1.1
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 5 2013 Adam Goode <adam(a)spicenitz.org> - 1.1.1-4
- Move src to libdir for now (#973842) (upstream issue
https://code.google.com/p/go/issues/detail?id=5830)
- Eliminate noarch data package to work around RPM bug (#975909)
- Try to add runtime-gdb.py to the gdb safe-path (#981356)
* Wed Jun 19 2013 Adam Goode <adam(a)spicenitz.org> - 1.1.1-3
- Use lua for pretrans
(
http://fedoraproject.org/wiki/Packaging:Guidelines#The_.25pretrans_scriptlet)
* Mon Jun 17 2013 Adam Goode <adam(a)spicenitz.org> - 1.1.1-2
- Hopefully really fix #973842
- Fix update from pre-1.1.1 (#974840)
* Thu Jun 13 2013 Adam Goode <adam(a)spicenitz.org> - 1.1.1-1
- Update to 1.1.1
- Fix basically useless package (#973842)
* Sat May 25 2013 Dan Horák <dan[at]danny.cz> - 1.1-3
- set ExclusiveArch
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #974840 - golang-1.1.1-1.fc19 update fails due to conflicts
https://bugzilla.redhat.com/show_bug.cgi?id=974840
[ 2 ] Bug #973842 - golang package is unusable
https://bugzilla.redhat.com/show_bug.cgi?id=973842
--------------------------------------------------------------------------------
================================================================================
ibus-kkc-1.5.15-1.fc18 (FEDORA-2013-12432)
Japanese Kana Kanji input method for ibus
--------------------------------------------------------------------------------
Update Information:
new upstream release
new upstream release
new upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 5 2013 Daiki Ueno <dueno(a)redhat.com> - 1.5.15-1
- new upstream release
* Fri Jun 7 2013 Daiki Ueno <dueno(a)redhat.com> - 1.5.14-1
- new upstream release
* Wed May 15 2013 Daiki Ueno <dueno(a)redhat.com> - 1.5.13-1
- new upstream release
* Thu May 9 2013 Daiki Ueno <dueno(a)redhat.com> - 1.5.12-1
- new upstream release
* Thu May 2 2013 Daiki Ueno <dueno(a)redhat.com> - 1.5.11-2
- specify IBus version when configure
--------------------------------------------------------------------------------
================================================================================
libguestfs-1.20.9-2.fc18 (FEDORA-2013-12425)
Access and modify virtual machine disk images
--------------------------------------------------------------------------------
Update Information:
Rebuild against latest Augeas update.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 5 2013 Richard W.M. Jones <rjones(a)redhat.com> - 1:1.20.9-2
- Bump and rebuild.
--------------------------------------------------------------------------------
================================================================================
libkkc-0.2.6-1.fc18 (FEDORA-2013-12432)
Japanese Kana Kanji conversion library
--------------------------------------------------------------------------------
Update Information:
new upstream release
new upstream release
new upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 5 2013 Daiki Ueno <dueno(a)redhat.com> - 0.2.6-1
- new upstream release
* Thu Jul 4 2013 Daiki Ueno <dueno(a)redhat.com> - 0.2.5-1
- new upstream release
* Fri Jun 7 2013 Daiki Ueno <dueno(a)redhat.com> - 0.2.4-1
- new upstream release
* Wed May 15 2013 Daiki Ueno <dueno(a)redhat.com> - 0.2.3-1
- new upstream release
* Wed May 8 2013 Daiki Ueno <dueno(a)redhat.com> - 0.2.2-1
- new upstream release
--------------------------------------------------------------------------------
================================================================================
mingw-pcre-8.33-1.fc18 (FEDORA-2013-12380)
MinGW Windows pcre library
--------------------------------------------------------------------------------
Update Information:
Update to 8.33 and added the configure arguments --enable-pcre8 --enable-pcre16
--enable-pcre32 (the pcre16 one is needed by mingw-qt5-qtbase)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 3 2013 Erik van Pienbroek <epienbro(a)fedoraproject.org> - 8.33-1
- Update to 8.33
- Added the configure arguments --enable-pcre8 --enable-pcre16 --enable-pcre32
(the pcre16 one is needed by mingw-qt5-qtbase)
- Use a more verbose filelist
* Sun Mar 24 2013 Erik van Pienbroek <epienbro(a)fedoraproject.org> - 8.32-1
- Update to 8.32
* Sun Jan 27 2013 Erik van Pienbroek <epienbro(a)fedoraproject.org> - 8.31-2
- Rebuild against mingw-gcc 4.8 (win64 uses SEH exceptions now)
--------------------------------------------------------------------------------
================================================================================
mingw-qt-4.8.5-2.fc18 (FEDORA-2013-12379)
Qt for Windows
--------------------------------------------------------------------------------
Update Information:
Update to 4.8.5
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 4 2013 Erik van Pienbroek <epienbro(a)fedoraproject.org> - 4.8.5-2
- When building static binaries, make sure the gcc argument -DQT_DLL isn't used
* Wed Jul 3 2013 Erik van Pienbroek <epienbro(a)fedoraproject.org> - 4.8.5-1
- Update to 4.8.5
* Sun Jun 16 2013 Erik van Pienbroek <epienbro(a)fedoraproject.org> - 4.8.4-6
- Rebuild to resolve InterlockedCompareExchange regression in mingw32 libraries
* Sat Jun 15 2013 Erik van Pienbroek <epienbro(a)fedoraproject.org> - 4.8.4-5
- Rebuild to resolve InterlockedCompareExchange regression in mingw32 libraries
--------------------------------------------------------------------------------
================================================================================
perl-CPAN-FindDependencies-2.42-2.fc18 (FEDORA-2013-12404)
Find dependencies for modules on CPAN
--------------------------------------------------------------------------------
Update Information:
New RPM.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #979663 - Review Request: perl-CPAN-FindDependencies - Find dependencies for
modules on CPAN
https://bugzilla.redhat.com/show_bug.cgi?id=979663
--------------------------------------------------------------------------------
================================================================================
perl-Data-MessagePack-0.47-1.fc18 (FEDORA-2013-12399)
MessagePack serialising/deserialising
--------------------------------------------------------------------------------
Update Information:
New RPM.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #979665 - Review Request: perl-Data-MessagePack - MessagePack
serialising/deserialising
https://bugzilla.redhat.com/show_bug.cgi?id=979665
--------------------------------------------------------------------------------
================================================================================
perl-File-Find-Object-0.2.7-2.fc18 (FEDORA-2013-12433)
Object oriented File::Find replacement
--------------------------------------------------------------------------------
Update Information:
New RPM.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #979673 - Review Request: perl-File-Find-Object - Object oriented File::Find
replacement
https://bugzilla.redhat.com/show_bug.cgi?id=979673
--------------------------------------------------------------------------------
================================================================================
perl-Net-Random-2.22-2.fc18 (FEDORA-2013-12417)
A module gets random data from online sources
--------------------------------------------------------------------------------
Update Information:
New RPM.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #979661 - Review Request: perl-Net-Random - A module gets random data from
online sources
https://bugzilla.redhat.com/show_bug.cgi?id=979661
--------------------------------------------------------------------------------
================================================================================
perl-Perl6-Slurp-0.051003-2.fc18 (FEDORA-2013-12385)
Implemention of the Perl 6 'slurp' built-in
--------------------------------------------------------------------------------
Update Information:
Here is where you give an explanation of your update.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #979653 - Review Request: perl-Perl6-Slurp - Implemention of the Perl 6
'slurp' built-in
https://bugzilla.redhat.com/show_bug.cgi?id=979653
--------------------------------------------------------------------------------
================================================================================
perl-Tie-Function-0.02-1.fc18 (FEDORA-2013-12377)
Wrap functions in tied hash sugar
--------------------------------------------------------------------------------
Update Information:
New RPM.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #979667 - Review Request: perl-Tie-Function - Wrap functions in tied hash
sugar
https://bugzilla.redhat.com/show_bug.cgi?id=979667
--------------------------------------------------------------------------------
================================================================================
perl-XML-Tiny-2.06-1.fc18 (FEDORA-2013-12406)
Simple lightweight parser for a subset of XML
--------------------------------------------------------------------------------
Update Information:
New RPM.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #979657 - Review Request: perl-XML-Tiny - Simple lightweight parser for a
subset of XML
https://bugzilla.redhat.com/show_bug.cgi?id=979657
--------------------------------------------------------------------------------
================================================================================
php-pear-Mail-Mime-1.8.8-1.fc18 (FEDORA-2013-12428)
Classes to create MIME messages
--------------------------------------------------------------------------------
Update Information:
Upstream Changelog:
Version 1.8.8
* Fixed warning/notice on (static vs. non-static) PEAR::raiseError() usage [alec]
* Fixed Bug #19761: PHP5 warnings about return by reference [alec]
* Fixed Bug #19770: Make cid generator more unique on Windows [alec]
* Fixed Bug #19987: E_STRICT warning when null is passed by reference [alec]
Version 1.8.7
* Bug #5333: Fix more return by reference errors [alec]
* Bug #19754: Fix compatibility with PHP4 [alec]
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 5 2013 Remi Collet <remi(a)fedoraproject.org> - 1.8.8-1
- Version 1.8.8 (stable) - API 1.4.3 (stable)
* Thu Dec 27 2012 Remi Collet <remi(a)fedoraproject.org> - 1.8.7-1
- Version 1.8.7 (stable) - API 1.4.3 (stable)
--------------------------------------------------------------------------------
================================================================================
php-pear-Net-SMTP-1.6.2-1.fc18 (FEDORA-2013-12388)
Provides an implementation of the SMTP protocol
--------------------------------------------------------------------------------
Update Information:
Upstream changelog:
- Fix EHLO response handling for HELO-only servers.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 5 2013 Remi Collet <remi(a)fedoraproject.org> - 1.6.2-1
- Version 1.6.2 (stable) - API 1.2.0 (stable)
--------------------------------------------------------------------------------
================================================================================
ppp-2.4.5-30.fc18 (FEDORA-2013-12374)
The Point-to-Point Protocol daemon
--------------------------------------------------------------------------------
Update Information:
Fix possible bad memory handling that might cause crash of pppd.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 4 2013 Michal Sekletar <msekleta(a)redhat.com> - 2.4.5-30
- fix possible NULL pointer dereferencing
* Wed May 29 2013 Michal Sekletar <msekleta(a)redhat.com> - 2.4.5-29
- make radius plugin config parser less strict
- resolves : #906913, #918296
* Wed Mar 20 2013 Michal Sekletar <msekleta(a)redhat.com> - 2.4.5-28
- Add /etc/logrotate.d to files section since we no longer hard depend on logrotate
* Wed Mar 20 2013 Michal Sekletar <msekleta(a)redhat.com> - 2.4.5-27
- Don't hard depend on logrotate
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.4.5-26
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #815617 - PATCH: properly deal with crypt() returning NULL
https://bugzilla.redhat.com/show_bug.cgi?id=815617
--------------------------------------------------------------------------------
================================================================================
tzdata-2013c-2.fc18 (FEDORA-2013-12381)
Timezone data
--------------------------------------------------------------------------------
Update Information:
- Morocco will observe Daylight Saving starting on July 7.
- The period of Daylight Saving Time in Israel was extended until last Sunday in October
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 4 2013 Petr Machata <pmachata(a)redhat.com> - 2013c-2
- Update descriptions in iso3166.tab; make Jerusalem coordinates in
zone.tab more precise
(0001-Adjust-commentary-to-try-to-defuse-recent-issues-som.patch)
- Update local mean time for Jerusalem to match more-precise longitude
(0002-asia-Asia-Jerusalem-Fix-LMT-to-match-more-precise-lo.patch)
- Move Morocco's midsummer 2013 transitions
(0003-Move-Morocco-s-midsummer-2013-transitions.patch)
- Israel now falls back on the last Sunday of October
(0004-Israel-now-falls-back-on-the-last-Sunday-of-October.patch)
--------------------------------------------------------------------------------
================================================================================
xsane-0.999-3.fc18 (FEDORA-2013-12413)
X Window System front-end for the SANE scanner interface
--------------------------------------------------------------------------------
Update Information:
This update fixes a bug where xsane failed to change working directories and scans ended
up in wrong locations.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 5 2013 Nils Philippsen <nils(a)redhat.com> - 0.999-3
- fix no-file-selected patch: change working directories (#621778, fix by Pavel
Polischouk)
* Thu Jun 27 2013 Nils Philippsen <nils(a)redhat.com> - 0.999-2
- ensure correct autoconf patch is used
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #621778 - xsane fails to change "working-directory" resulting in
scans saved in wrong locations (and other fun with file names)
https://bugzilla.redhat.com/show_bug.cgi?id=621778
--------------------------------------------------------------------------------
================================================================================
zeroinstall-injector-2.3-1.fc18 (FEDORA-2013-12396)
The Zero Install Injector (0launch)
--------------------------------------------------------------------------------
Update Information:
Enhancements:
- upstream now ships an experimental OCaml front-end, this is not yet enabled
- Add fish-shell command completion
- Allow relative files in <archive> and <file> for local feeds. This makes it
easy to test feeds before passing them to 0repo.
Bug fixes:
- Better handling of default="" in <environment> bindings. This now
specifies that the default should be "", overriding any system default.
- Fixed --refresh with "download" and "run" for apps.
- Updated ssl_match_hostname based on latest bug-fixes. This fix is intended to fix a
denial-of-service attack, which doesn't really matter to 0install, but we might as
well have the latest version. CVE-2013-2099
- Better error when the <rename> source does not exist.
- Allow selecting local archives even in offline mode.
- Support the use of the system store with recipes. This is especially important now that
we treat all downloads as recipes!
- Removed old zeroinstall-add.desktop file.
Changes for APIs we depend on
- Cope with more PyGObject API changes. Based on patch in
http://twistedmatrix.com/trac/ticket/6369
- Keep gobject and glib separate. Sometimes we need GLib, sometimes we need GObject.
- Updates to avoid PyGIDeprecationWarning.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 5 2013 Michel Salim <salimma(a)fedoraproject.org> - 2.3-1
- Update to 2.3
* Mon May 6 2013 Michel Salim <salimma(a)fedoraproject.org> - 2.2-1
- Update to 2.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #958834 - zeroinstall-injector-2.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=958834
[ 2 ] Bug #966273 - CVE-2013-2098 CVE-2013-2099 python: ssl.match_hostname() DoS via
certificates with specially crafted hostname wildcard patterns [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=966273
[ 3 ] Bug #966274 - CVE-2013-2098 CVE-2013-2099 python: ssl.match_hostname() DoS via
certificates with specially crafted hostname wildcard patterns [epel-6]
https://bugzilla.redhat.com/show_bug.cgi?id=966274
--------------------------------------------------------------------------------