The following Fedora 19 Security updates need testing:
Age URL
51
https://admin.fedoraproject.org/updates/FEDORA-2013-14814/python-glancecl...
16
https://admin.fedoraproject.org/updates/FEDORA-2013-17121/vino-3.8.1-3.fc19
8
https://admin.fedoraproject.org/updates/FEDORA-2013-17836/davfs2-1.4.7-3....
6
https://admin.fedoraproject.org/updates/FEDORA-2013-17925/fedmsg-0.7.1-2....
3
https://admin.fedoraproject.org/updates/FEDORA-2013-18094/php-pecl-xhprof...
1
https://admin.fedoraproject.org/updates/FEDORA-2013-18243/xinetd-2.3.15-8...
1
https://admin.fedoraproject.org/updates/FEDORA-2013-18228/polarssl-1.2.9-...
0
https://admin.fedoraproject.org/updates/FEDORA-2013-18404/elinks-0.12-0.3...
0
https://admin.fedoraproject.org/updates/FEDORA-2013-18378/xen-4.2.3-3.fc19
0
https://admin.fedoraproject.org/updates/FEDORA-2013-18351/zabbix-2.0.8-3....
The following Fedora 19 Critical Path updates have yet to be approved:
Age URL
38
https://admin.fedoraproject.org/updates/FEDORA-2013-15459/kbd-1.15.5-7.fc19
3
https://admin.fedoraproject.org/updates/FEDORA-2013-18162/perl-threads-1....
3
https://admin.fedoraproject.org/updates/FEDORA-2013-18128/createrepo-0.9....
3
https://admin.fedoraproject.org/updates/FEDORA-2013-18113/gdb-7.6.1-42.fc19
0
https://admin.fedoraproject.org/updates/FEDORA-2013-18385/thunderbird-24....
0
https://admin.fedoraproject.org/updates/FEDORA-2013-18338/icu-50.1.2-8.fc19
0
https://admin.fedoraproject.org/updates/FEDORA-2013-18382/nspr-4.10.1-1.f...
0
https://admin.fedoraproject.org/updates/FEDORA-2013-18394/policycoreutils...
0
https://admin.fedoraproject.org/updates/FEDORA-2013-18369/keyutils-1.5.8-...
0
https://admin.fedoraproject.org/updates/FEDORA-2013-18358/samba-4.0.9-2.fc19
0
https://admin.fedoraproject.org/updates/FEDORA-2013-18357/ibus-1.5.4-2.fc19
The following builds have been pushed to Fedora 19 updates-testing
drumkv1-0.3.5-2.fc19
elinks-0.12-0.35.pre6.fc19
firewalld-0.3.6.2-1.fc19
florist-2011-11.fc19
freeipa-3.3.2-1.fc19
gallery3-openid-2.0-0.2.beta.fc19
ghc-vector-binary-instances-0.2.1.0-2.fc19
grizzly-2.3.6-1.fc19
guitarix-0.28.2-3.fc19
ibus-1.5.4-2.fc19
icu-50.1.2-8.fc19
idris-0.9.9-1.fc19
keyutils-1.5.8-1.fc19
log4c-1.2.4-1.fc19
lv2-x42-plugins-0.1.1-0.1.20130615git7153e34.fc19
mate-desktop-1.6.2-0.2.git81c245b.fc19
mirall-1.4.1-1.fc19
nodejs-mongodb-1.3.19-1.fc19
nqp-0.0.2013.09-1.fc19
nspr-4.10.1-1.fc19
nss-3.15.2-1.fc19
openerp7-7.0-2.20130618_231044.fc19
openid-selector-1.3-1.fc19
openstack-java-sdk-3.0.1-1.fc19
owncloud-csync-0.90.2-1.fc19
parrot-5.5.0-1.fc19
perl-perlmenu-4.0-20.fc19
phoronix-test-suite-4.8.3-1.fc19
php-lightopenid-0.6-1.fc19
policycoreutils-2.1.14-46.6.fc19
postgresql-plparrot-0.05-6.fc19
python-ansi2html-1.0.2-1.fc19
python-falcon-0.1.7-1.fc19
python-phyghtmap-1.47-1.fc19
python-pyasn1-0.1.7-1.fc19
python-yapsy-1.10.2-3.fc19
qt5-qtquickcontrols-5.1.1-2.fc19
rakudo-star-0.0.2013.09_5.5.0-1.fc19
ruby-spqr-0.3.6-6.fc19
rubygem-unf-0.1.2-1.fc19
samba-4.0.9-2.fc19
samplv1-0.3.5-1.fc19
synthv1-0.3.5-1.fc19
thunderbird-24.0-3.fc19
thunderbird-lightning-2.6-1.fc19
tzdata-2013g-1.fc19
wallaby-0.16.3-2.fc19
wallaby-0.16.3-3.fc19
xen-4.2.3-3.fc19
zabbix-2.0.8-3.fc19
Details about builds:
================================================================================
drumkv1-0.3.5-2.fc19 (FEDORA-2013-18100)
An old-school drum-kit sampler
--------------------------------------------------------------------------------
Update Information:
This is a minor update to 0.3.5 of the V1 audio plugin suite. Refer to changelog for
details.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 4 2013 Dan Horák <dan[at]danny.cz> 0.3.5-2
- update also src_lv2ui.pro for all 64-bit arches
* Tue Oct 1 2013 Brendan Jones <brendan.jones.it(a)gmail.com> 0.3.5-1
- Update to 0.3.5
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.3.4-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
elinks-0.12-0.35.pre6.fc19 (FEDORA-2013-18404)
A text-mode Web browser
--------------------------------------------------------------------------------
Update Information:
- verify server certificate hostname with nss_compat_ossl (#881411)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 18 2013 Kamil Dudka <kdudka(a)redhat.com> - 0.12-0.35.pre6
- verify server certificate hostname with nss_compat_ossl (#881411)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #881399 - elinks/links: does not properly verify SSL certificates
https://bugzilla.redhat.com/show_bug.cgi?id=881399
--------------------------------------------------------------------------------
================================================================================
firewalld-0.3.6.2-1.fc19 (FEDORA-2013-18182)
A firewall daemon with D-BUS interface providing a dynamic firewall
--------------------------------------------------------------------------------
Update Information:
New version 0.3.6.2:
* "Direct" support for firewall-config and firewall-cmd
* firewalld.direct(5).
* Own dialog to change zones for NM connections
* several bug-fixes
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 4 2013 Jiri Popelka <jpopelka(a)redhat.com> - 0.3.6.2-1
- firewall-offline-cmd: --forward-port 'toaddr' is optional (RHBZ#1014958)
- firewall-cmd: fix variable name (RHBZ#1015011)
* Thu Oct 3 2013 Jiri Popelka <jpopelka(a)redhat.com> - 0.3.6.1-1
- remove superfluous po files from archive
* Wed Oct 2 2013 Jiri Popelka <jpopelka(a)redhat.com> - 0.3.6-1
- firewalld.richlanguage.xml: correct log levels (RHBZ#993740)
- firewall-config: Make sure that all zone settings are updated properly on firewalld
restart
- Rich_Limit: Allow long representation for duration (RHBZ#994103
- firewall-config: Show "Changes applied." after changes (RHBZ#993643)
- Use own connection dialog to change zones for NM connections
- Rename service cluster-suite to high-availability (RHBZ#885257)
- Permanent direct support for firewall-config and firewall-cmd
- Try to avoid file descriptor leaking (RHBZ#951900)
- New functions to split and join args properly (honoring quotes)
- firewall-cmd(1): 2 simple examples
- Better IPv6 NAT checking.
- Ship firewalld.direct(5).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #951900 - SELinux is preventing /usr/sbin/xtables-multi from 'read'
accesses on the file /etc/firewalld/zones/public.xml.
https://bugzilla.redhat.com/show_bug.cgi?id=951900
--------------------------------------------------------------------------------
================================================================================
florist-2011-11.fc19 (FEDORA-2013-18341)
Open-source implementation of IEEE Standard 1003.5b-1996
--------------------------------------------------------------------------------
Update Information:
Rebuild with new gcc build
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 5 2013 Pavel Zhukov <landgraf(a)fedoraproject.org> - 2011-11
- Recompile with gcc-4.8.1
--------------------------------------------------------------------------------
================================================================================
freeipa-3.3.2-1.fc19 (FEDORA-2013-18371)
The Identity, Policy and Audit system
--------------------------------------------------------------------------------
Update Information:
Update to upstream 3.3.2
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 4 2013 Martin Kosek <mkosek(a)redhat.com> - 3.3.2-1
- Update to upstream 3.3.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #996716 - tmpfiles.d references /var/lock when they should reference
/run/lock
https://bugzilla.redhat.com/show_bug.cgi?id=996716
--------------------------------------------------------------------------------
================================================================================
gallery3-openid-2.0-0.2.beta.fc19 (FEDORA-2013-18386)
OpenID support for Gallery3
--------------------------------------------------------------------------------
Update Information:
Import into F19
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1014344 - Review Request: gallery3-openid - OpenID support for Gallery3
https://bugzilla.redhat.com/show_bug.cgi?id=1014344
[ 2 ] Bug #1014353 - Review Request: php-lightopenid - PHP OpenID library
https://bugzilla.redhat.com/show_bug.cgi?id=1014353
[ 3 ] Bug #1014385 - Review Request: openid-selector - A user-friendly way to select an
OpenID
https://bugzilla.redhat.com/show_bug.cgi?id=1014385
--------------------------------------------------------------------------------
================================================================================
ghc-vector-binary-instances-0.2.1.0-2.fc19 (FEDORA-2013-18372)
Binary and Serialize instances for vector
--------------------------------------------------------------------------------
Update Information:
- update idris to 0.9.9
-
http://www.idris-lang.org/idris-0-9-9-released
- new dependency: library for binary and cereal vector instances
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1007152 - Review Request: ghc-vector-binary-instances - Binary and Serialize
instances for vector
https://bugzilla.redhat.com/show_bug.cgi?id=1007152
--------------------------------------------------------------------------------
================================================================================
grizzly-2.3.6-1.fc19 (FEDORA-2013-18363)
Java NIO Server Framework
--------------------------------------------------------------------------------
Update Information:
update to 2.3.6.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 4 2013 gil cattaneo <puntogil(a)libero.it> 2.3.6-1
- update to 2.3.6
--------------------------------------------------------------------------------
================================================================================
guitarix-0.28.2-3.fc19 (FEDORA-2013-18339)
Mono amplifier to JACK
--------------------------------------------------------------------------------
Update Information:
This update of guitarix 0.28.2 provides a number of bugfixes and enhancements
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 4 2013 Brendan Jones <brendan.jones.it(a)gmail.com> 0.28.2-3
- Add missing avahi-gobject-devel
* Fri Oct 4 2013 Brendan Jones <brendan.jones.it(a)gmail.com> 0.28.2-2
- Add gperf BR
* Sun Sep 29 2013 Brendan Jones <brendan.jones.it(a)gmail.com> 0.28.2-1
- Update to 0.28.2
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.27.1-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Sat Jul 27 2013 pmachata(a)redhat.com - 0.27.1-2
- Rebuild for boost 1.54.0
--------------------------------------------------------------------------------
================================================================================
ibus-1.5.4-2.fc19 (FEDORA-2013-18357)
Intelligent Input Bus for Linux OS
--------------------------------------------------------------------------------
Update Information:
ibus-chewing can change the orientation with ibus-setup. password chars are hid in
gnome-shell password dialog with ibus-anthy.
This update fixes IME state per window and showing ibus icon on ibus-setup. ibus-wayland
is available in f20 or later.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 4 2013 Takao Fujiwara <tfujiwar(a)redhat.com> - 1.5.4-2
- Added ibus-HEAD.patch to sync upstream.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1012781 - Please use lookup table orientation of ibus-setup when ime
doesn't specified it.
https://bugzilla.redhat.com/show_bug.cgi?id=1012781
[ 2 ] Bug #1013948 - Even for engines which do already check IBus.InputPurpose.PASSWORD,
sometimes the engine is enabled in the password entry field of the lock screen of gnome3
https://bugzilla.redhat.com/show_bug.cgi?id=1013948
[ 3 ] Bug #847726 - ibus uses same input method for each application
https://bugzilla.redhat.com/show_bug.cgi?id=847726
[ 4 ] Bug #988780 - incorrect-fsf-address for many source files
https://bugzilla.redhat.com/show_bug.cgi?id=988780
[ 5 ] Bug #1004135 - ibus: cannot enter ASCII text into gnome applications when using
ssh
https://bugzilla.redhat.com/show_bug.cgi?id=1004135
--------------------------------------------------------------------------------
================================================================================
icu-50.1.2-8.fc19 (FEDORA-2013-18338)
International Components for Unicode
--------------------------------------------------------------------------------
Update Information:
added %{?_isa} to Requires for multi-arch systems
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 4 2013 Eike Rathke <erack(a)redhat.com> - 50.1.2-8
- added (x86-64) to Requires for multi-arch systems
--------------------------------------------------------------------------------
================================================================================
idris-0.9.9-1.fc19 (FEDORA-2013-18372)
Functional Programming Language with Dependent Types
--------------------------------------------------------------------------------
Update Information:
- update idris to 0.9.9
-
http://www.idris-lang.org/idris-0-9-9-released
- new dependency: library for binary and cereal vector instances
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 4 2013 Jens Petersen <petersen(a)redhat.com> - 0.9.9-1
- update to 0.9.9
http://www.idris-lang.org/idris-0-9-9-released/
- disable LLVM backend for now
- depends on vector-binary-instances
- buildrequires gc-devel
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.9.8-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1007152 - Review Request: ghc-vector-binary-instances - Binary and Serialize
instances for vector
https://bugzilla.redhat.com/show_bug.cgi?id=1007152
--------------------------------------------------------------------------------
================================================================================
keyutils-1.5.8-1.fc19 (FEDORA-2013-18369)
Linux Key Management Utilities
--------------------------------------------------------------------------------
Update Information:
The new library symbols should be in a new library minor version.
Add support for getting per-UID persistent keyrings (if supported by kernel) and add
support for specifying key-by-name rather than key-by-ID on command line
Add provisional support for persistent keyrings
Add support for getting per-UID persistent keyrings (if supported by kernel) and add
support for specifying key-by-name rather than key-by-ID on command line
Add provisional support for persistent keyrings
Add support for getting per-UID persistent keyrings (if supported by kernel) and add
support for specifying key-by-name rather than key-by-ID on command line
Add provisional support for persistent keyrings
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 4 2013 David Howells <dhowells(a)redhat.com> - 1.5.8-1
- New lib symbols should go in a new library minor version.
* Wed Oct 2 2013 David Howells <dhowells(a)redhat.com> - 1.5.7-1
- Provide a utility function to find a key by type and name.
- Allow keyctl commands to take a type+name arg instead of a key-id arg.
- Add per-UID get_persistent keyring function.
--------------------------------------------------------------------------------
================================================================================
log4c-1.2.4-1.fc19 (FEDORA-2013-18398)
Library for logging application messages
--------------------------------------------------------------------------------
Update Information:
This release provides new layouts using local time and various maintenance work and
improvements. Public API functions with format strings are marked by GNU C format
attribute. New log4c-doc subpackage has been added.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 3 2013 František Dvořák <valtri(a)civ.zcu.cz> - 1.2.4-1
- Release log4c 1.2.4
- Add -doc subpackage
* Sun Jul 28 2013 Ville Skyttä <ville.skytta(a)iki.fi> - 1.2.3-2
- Simplify install of docs.
--------------------------------------------------------------------------------
================================================================================
lv2-x42-plugins-0.1.1-0.1.20130615git7153e34.fc19 (FEDORA-2013-18361)
A number of LV2 plugins
--------------------------------------------------------------------------------
Update Information:
x42-plugins is a collection of LV2 plugins including a MIDI-filter, fader, convolver and
no delay
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1003768 - Review Request: lv2-x42-plugins - a collection of LV2 audio
plugins
https://bugzilla.redhat.com/show_bug.cgi?id=1003768
--------------------------------------------------------------------------------
================================================================================
mate-desktop-1.6.2-0.2.git81c245b.fc19 (FEDORA-2013-18349)
Shared code for mate-panel, mate-session, mate-file-manager, etc
--------------------------------------------------------------------------------
Update Information:
Fix obsoletes tag
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 4 2013 Dan Mashal <dan.mashal(a)fedoraproject.org> - 1.6.2-0.2.git81c245b
- Get rid of obsoletes tag as we no longer need it. (#1015335)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1015335 - mate-desktop obsoletes itself
https://bugzilla.redhat.com/show_bug.cgi?id=1015335
--------------------------------------------------------------------------------
================================================================================
mirall-1.4.1-1.fc19 (FEDORA-2013-18393)
The ownCloud Client
--------------------------------------------------------------------------------
Update Information:
Update to 1.4.1
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 4 2013 <jmarrero(a)fedoraproject.org> 1.4.1-1
- Update to version 1.4.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1005538 - mirall-1.4.0-2 not built with $RPM_OPT_FLAGS
https://bugzilla.redhat.com/show_bug.cgi?id=1005538
[ 2 ] Bug #1010740 - [abrt] mirall-1.4.0-2.fc19: __strlen_sse2: Process
/usr/bin/owncloud was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=1010740
[ 3 ] Bug #1015723 - Bump to 1.4.* in F18
https://bugzilla.redhat.com/show_bug.cgi?id=1015723
--------------------------------------------------------------------------------
================================================================================
nodejs-mongodb-1.3.19-1.fc19 (FEDORA-2013-18403)
A node driver for MongoDB
--------------------------------------------------------------------------------
Update Information:
Newpackage
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #996202 - Review Request: nodejs-mongodb - A nodejs driver for MongoDB
https://bugzilla.redhat.com/show_bug.cgi?id=996202
--------------------------------------------------------------------------------
================================================================================
nqp-0.0.2013.09-1.fc19 (FEDORA-2013-18340)
Not Quite Perl (6)
--------------------------------------------------------------------------------
Update Information:
update to 2013.09
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 4 2013 Gerd Pokorra <gp(a)zimt.uni-siegen.de> 0.0.2013.09-1
- update to 20013.09
- add docs and examples directories to dokumentation files
--------------------------------------------------------------------------------
================================================================================
nspr-4.10.1-1.fc19 (FEDORA-2013-18382)
Netscape Portable Runtime
--------------------------------------------------------------------------------
Update Information:
This update rebases nss, nss-softokn, and nss-util to nss-3.15.2 and the nspr to
nspr-4.10.1.
This release includes security-relevant fixes (CVE-2013-1739).
Detailed upstream release notes are available at
https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.2_release_notes
For a full list of bugs resolved in the upstream release see
https://bugzilla.mozilla.org/buglist.cgi?resolution=FIXED&classificat...
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 26 2013 Elio Maldonado <emaldona(a)redhat.com> - 4.10.1-1
- Update to NSPR_4_10_1_RTM
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
4.10.0-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
nss-3.15.2-1.fc19 (FEDORA-2013-18382)
Network Security Services
--------------------------------------------------------------------------------
Update Information:
This update rebases nss, nss-softokn, and nss-util to nss-3.15.2 and the nspr to
nspr-4.10.1.
This release includes security-relevant fixes (CVE-2013-1739).
Detailed upstream release notes are available at
https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.2_release_notes
For a full list of bugs resolved in the upstream release see
https://bugzilla.mozilla.org/buglist.cgi?resolution=FIXED&classificat...
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 26 2013 Elio Maldonado <emaldona(a)redhat.com> - 3.15.2-1
- Update to NSS_3_15_2_RTM
- Update iquote.patch on account of modified prototype on cert.h installed by nss-devel
- Keep the nss-ssl-cbc-random-iv-off-by-default.patch enabled
* Wed Aug 28 2013 Elio Maldonado <emaldona(a)redhat.com> - 3.15.1-7
- Update pem sources to pick up a patch applied upstream which a faulty merge had missed
- The pem module should not require unique file basenames
* Tue Aug 27 2013 Elio Maldonado <emaldona(a)redhat.com> - 3.15.1-6
- Update pem sources to the latest from interim upstream
* Mon Aug 19 2013 Elio Maldonado <emaldona(a)redhat.com> - 3.15.1-5
- Resolves: rhbz#996639 - Minor bugs in nss man pages
- Fix some typos and improve description and see also sections
* Sun Aug 11 2013 Elio Maldonado <emaldona(a)redhat.com> - 3.15.1-4
- Cleanup spec file to address most rpmlint errors and warnings
- Using double percent symbols to fix macro-in-comment warnings
- Ignore unversioned-explicit-provides nss-system-init per spec comments
- Ignore invalid-url Source0 as it comes from the git lookaside cache
- Ignore invalid-url Source12 as it comes from the git lookaside cache
--------------------------------------------------------------------------------
================================================================================
openerp7-7.0-2.20130618_231044.fc19 (FEDORA-2013-18368)
Business Applications Server
--------------------------------------------------------------------------------
Update Information:
Add missing Requires:
Incompatible update from openerp 6.0 line.
--------------------------------------------------------------------------------
================================================================================
openid-selector-1.3-1.fc19 (FEDORA-2013-18386)
A user-friendly way to select an OpenID
--------------------------------------------------------------------------------
Update Information:
Import into F19
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1014344 - Review Request: gallery3-openid - OpenID support for Gallery3
https://bugzilla.redhat.com/show_bug.cgi?id=1014344
[ 2 ] Bug #1014353 - Review Request: php-lightopenid - PHP OpenID library
https://bugzilla.redhat.com/show_bug.cgi?id=1014353
[ 3 ] Bug #1014385 - Review Request: openid-selector - A user-friendly way to select an
OpenID
https://bugzilla.redhat.com/show_bug.cgi?id=1014385
--------------------------------------------------------------------------------
================================================================================
openstack-java-sdk-3.0.1-1.fc19 (FEDORA-2013-18381)
OpenStack Java SDK
--------------------------------------------------------------------------------
Update Information:
Update to openstack-java-sdk-3.0.1
add support for resteasy 3
Initial build.
--------------------------------------------------------------------------------
================================================================================
owncloud-csync-0.90.2-1.fc19 (FEDORA-2013-18393)
A user level bidirectional client only file synchronizer
--------------------------------------------------------------------------------
Update Information:
Update to 1.4.1
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 4 2013 <jmarrero(a)fedoraproject.org> 0.90.2-1
- Update to version 0.90.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1005538 - mirall-1.4.0-2 not built with $RPM_OPT_FLAGS
https://bugzilla.redhat.com/show_bug.cgi?id=1005538
[ 2 ] Bug #1010740 - [abrt] mirall-1.4.0-2.fc19: __strlen_sse2: Process
/usr/bin/owncloud was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=1010740
[ 3 ] Bug #1015723 - Bump to 1.4.* in F18
https://bugzilla.redhat.com/show_bug.cgi?id=1015723
--------------------------------------------------------------------------------
================================================================================
parrot-5.5.0-1.fc19 (FEDORA-2013-18379)
A virtual machine
--------------------------------------------------------------------------------
Update Information:
update to 5.5.0
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 4 2013 Gerd Pokorra <gp(a)zimt.uni-siegen.de> - 5.5.0-1
- update to 5.5.0
- add patch for config/auto/perldoc.pm
- use the macro _pkgdocdir
--------------------------------------------------------------------------------
================================================================================
perl-perlmenu-4.0-20.fc19 (FEDORA-2013-18354)
Perl library module for curses-based menus & data-entry templates
--------------------------------------------------------------------------------
Update Information:
Source URL changed
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 4 2013 Parag <paragn AT fedoraproject DOT org> - 4.0-20
- Fix Source url for reported source audit
--------------------------------------------------------------------------------
================================================================================
phoronix-test-suite-4.8.3-1.fc19 (FEDORA-2013-18405)
An Automated, Open-Source Testing Framework
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 4 2013 Markus Mayer <lotharlutz(a)gmx.de> - 4.8.3-1
- new upstream
--------------------------------------------------------------------------------
================================================================================
php-lightopenid-0.6-1.fc19 (FEDORA-2013-18386)
PHP OpenID library
--------------------------------------------------------------------------------
Update Information:
Import into F19
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1014344 - Review Request: gallery3-openid - OpenID support for Gallery3
https://bugzilla.redhat.com/show_bug.cgi?id=1014344
[ 2 ] Bug #1014353 - Review Request: php-lightopenid - PHP OpenID library
https://bugzilla.redhat.com/show_bug.cgi?id=1014353
[ 3 ] Bug #1014385 - Review Request: openid-selector - A user-friendly way to select an
OpenID
https://bugzilla.redhat.com/show_bug.cgi?id=1014385
--------------------------------------------------------------------------------
================================================================================
policycoreutils-2.1.14-46.6.fc19 (FEDORA-2013-18394)
SELinux policy core utilities
--------------------------------------------------------------------------------
Update Information:
Fix sandbox.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 4 2013 Dan Walsh <dwalsh(a)redhat.com> - 2.1.14-46.6
- Fix sandbox to work properly with seunshare using file capabilties.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1015614 - sandbox does not start
https://bugzilla.redhat.com/show_bug.cgi?id=1015614
[ 2 ] Bug #1011588 - sandboxes terminate quickly after upgrade to 2.1.14-46.5
https://bugzilla.redhat.com/show_bug.cgi?id=1011588
[ 3 ] Bug #986079 - sandbox -X does nothing at all after F19 upgrade
https://bugzilla.redhat.com/show_bug.cgi?id=986079
--------------------------------------------------------------------------------
================================================================================
postgresql-plparrot-0.05-6.fc19 (FEDORA-2013-18376)
A PostgreSQL procedural language for the Parrot virtual machine
--------------------------------------------------------------------------------
Update Information:
rebuild with new parrot, add version for postgresql-server
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 5 2013 Gerd Pokorra <gp(a)zimt.uni-siegen.de> - 0.05-6
- rebuild with new parrot
- add version for postgresql-server
--------------------------------------------------------------------------------
================================================================================
python-ansi2html-1.0.2-1.fc19 (FEDORA-2013-18389)
Python module that converts text with ANSI color to HTML
--------------------------------------------------------------------------------
Update Information:
Latest upstream, notably with manpages.
Latest upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 4 2013 Ralph Bean <rbean(a)redhat.com> - 1.0.2-1
- Latest upstream.
- Manpages now included.
* Thu Sep 26 2013 Ralph Bean <rbean(a)redhat.com> - 0.10.0-3
- Latest upstream with a superior internal state model thanks to Sebastian
Pipping.
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.9.4-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Tue Mar 26 2013 Ralph Bean <rbean(a)redhat.com> - 0.9.4-2
- Removed python3 rhel conditional.
--------------------------------------------------------------------------------
================================================================================
python-falcon-0.1.7-1.fc19 (FEDORA-2013-18384)
A supersonic micro-framework for building cloud APIs
--------------------------------------------------------------------------------
Update Information:
A supersonic micro-framework for building cloud APIs.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1009750 - Review Request: python-falcon - High-performance cloud API
framework
https://bugzilla.redhat.com/show_bug.cgi?id=1009750
--------------------------------------------------------------------------------
================================================================================
python-phyghtmap-1.47-1.fc19 (FEDORA-2013-18375)
Generate OSM contour lines from NASA SRTM data
--------------------------------------------------------------------------------
Update Information:
* Fixed broken dependency matplotlib.nxutils which was removed in matplotlib
1.3.0.
* Added input validation for the --polygon option.
* Improved handling of void values in number of nodes estimation.
* Added the --void-range-max option to extend the range of height values read
from the source hgt files regarded as void values (by default, this is
only -0x8000 [-32768]). This is mainly a workaround for using source files
containing implausible height values.
* Void areas are now generally masked with NaNs. This was necessary to
implement the --void-range-max option and has the side effect that contour
lines adjoining void areas are not closed at the void area edges
which---depending on the files' topology---can render the resulting osm
files much smaller.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 2 2013 Volker Fröhlich <volker27(a)gmx.at> - 1.47-1
- New upstream release
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.45-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-pyasn1-0.1.7-1.fc19 (FEDORA-2013-18366)
ASN.1 tools for Python
--------------------------------------------------------------------------------
Update Information:
Update to upstream 0.1.7, modules 0.0.5
Fix to decoder working on indefinite length substrate -- end-of-octets marker is now
detected by both tag and value. Otherwise zero values may interfere with end-of-octets
marker.
Fix to decoder to fail in cases where tagFormat indicates inappropriate format for the
type (e.g. BOOLEAN is always PRIMITIVE, SET is always CONSTRUCTED and OCTET STRING is
either of the two)
Fix to REAL type encoder to force primitive encoding form encoding.
Fix to CHOICE decoder to handle explicitly tagged, indefinite length mode encoding
Fix to REAL type decoder to handle negative REAL values correctly. Test case added.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 4 2013 Rob Crittenden <rcritten(a)redhat.com> - 0.1.7-1
- update to upstream release 0.1.7
- update modules to 0.0.5
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #988071 - Update to 0.1.7
https://bugzilla.redhat.com/show_bug.cgi?id=988071
--------------------------------------------------------------------------------
================================================================================
python-yapsy-1.10.2-3.fc19 (FEDORA-2013-18345)
A simple plugin system for Python applications
--------------------------------------------------------------------------------
Update Information:
Adding proper python3 support via subpackages.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 4 2013 Pete Travis <immanetize(a)fedoraproject.org> 1.10.2-3
- Turning on python3 boolean so python3 subpackage actually builds
- Correct build and install sections to properly create python3 subpackage
- Remove ill-conceived patches
- Add python3-yapsy-doc subpackage, as upstream procides py3 sources for docs
--------------------------------------------------------------------------------
================================================================================
qt5-qtquickcontrols-5.1.1-2.fc19 (FEDORA-2013-18367)
Qt5 - module with set of QtQuick controls
--------------------------------------------------------------------------------
Update Information:
Qt5 QtQuickControls module
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1008527 - Review Request: qt5-qtquickcontrols - Qt5 - module with set of
QtQuick controls
https://bugzilla.redhat.com/show_bug.cgi?id=1008527
--------------------------------------------------------------------------------
================================================================================
rakudo-star-0.0.2013.09_5.5.0-1.fc19 (FEDORA-2013-18388)
Rakudo, Perl6-modules and documentation
--------------------------------------------------------------------------------
Update Information:
update to 2013.09
--------------------------------------------------------------------------------
ChangeLog:
* Sat Oct 5 2013 Gerd Pokorra <gp(a)zimt.uni-siegen.de> - 0.0.2013.09_5.5.0-1
- updated to 2013.09
- remove perl6_group.so
--------------------------------------------------------------------------------
================================================================================
ruby-spqr-0.3.6-6.fc19 (FEDORA-2013-18377)
SPQR: {Schema Processor|Straightforward Publishing} for QMF agents in Ruby
--------------------------------------------------------------------------------
Update Information:
Fixes ruby-qmf dependency.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 4 2013 willb <willb@redhat> - 0.3.6-6
- Removed bogus ruby-qmf dependency
--------------------------------------------------------------------------------
================================================================================
rubygem-unf-0.1.2-1.fc19 (FEDORA-2013-18353)
Wrapper library to bring Unicode Normalization Form support to Ruby/JRuby
--------------------------------------------------------------------------------
Update Information:
This is a new package.
--------------------------------------------------------------------------------
================================================================================
samba-4.0.9-2.fc19 (FEDORA-2013-18358)
Server and Client software to interoperate with Windows machines
--------------------------------------------------------------------------------
Update Information:
Fix installation of winbind modules as multiarch.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 4 2013 - Andreas Schneider <asn(a)redhat.com> - 2:4.0.9-2
- resolves: #1010722 - Split out a samba-winbind-modules package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1010722 - Unable to instal both 32-bit and 64-bit packages samba-common and
samba-winbind-clients
https://bugzilla.redhat.com/show_bug.cgi?id=1010722
--------------------------------------------------------------------------------
================================================================================
samplv1-0.3.5-1.fc19 (FEDORA-2013-18100)
A polyphonic sampler synthesizer with stereo fx
--------------------------------------------------------------------------------
Update Information:
This is a minor update to 0.3.5 of the V1 audio plugin suite. Refer to changelog for
details.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Oct 1 2013 Brendan Jones <brendan.jones.it(a)gmail.com> 0.3.5-1
- Update to 0.3.5
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.3.4-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
synthv1-0.3.5-1.fc19 (FEDORA-2013-18100)
A 4-oscillator subtractive polyphonic synthesizer
--------------------------------------------------------------------------------
Update Information:
This is a minor update to 0.3.5 of the V1 audio plugin suite. Refer to changelog for
details.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Oct 1 2013 Brendan Jones <brendan.jones.it(a)gmail.com> 0.3.5-1
- Update to 0.3.5
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.3.4-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
thunderbird-24.0-3.fc19 (FEDORA-2013-18385)
Mozilla Thunderbird mail/newsgroup client
--------------------------------------------------------------------------------
Update Information:
For changes see:
http://www.mozilla.org/en/thunderbird/24.0/releasenotes/
This update fixes installation problem on system without updated NSS and NSPR libraries.
- Vulnerability outlined here:
https://blog.mozilla.org/security/2012/10/10/security-vulnerability-in-fi...
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 25 2013 Jan Horak <jhorak(a)redhat.com> - 24.0-3
- Update to 24.0
--------------------------------------------------------------------------------
================================================================================
thunderbird-lightning-2.6-1.fc19 (FEDORA-2013-18385)
The calendar extension to Thunderbird
--------------------------------------------------------------------------------
Update Information:
For changes see:
http://www.mozilla.org/en/thunderbird/24.0/releasenotes/
This update fixes installation problem on system without updated NSS and NSPR libraries.
- Vulnerability outlined here:
https://blog.mozilla.org/security/2012/10/10/security-vulnerability-in-fi...
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 18 2013 Jan Horak <jhorak(a)redhat.com> - 2.6-1
- Update to 2.6
* Sat Aug 17 2013 Orion Poplawski <orion(a)cora.nwra.com> - 1.9.1-5
- Fix up gdata lightning version dependency
* Fri Aug 16 2013 Orion Poplawski <orion(a)cora.nwra.com> - 1.9.1-4
- Split Google data provider into a sub-package (bug #554113)
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.9.1-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
tzdata-2013g-1.fc19 (FEDORA-2013-18359)
Timezone data
--------------------------------------------------------------------------------
Update Information:
Rebase to latest version. Includes update to handle Morocco change to end-of-DST from
September to October.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 3 2013 Patsy Franklin <pfrankli(a)redhat.com> 2013g-1
- Morocco moved end of DST from September to October. Rebase to
pick up the Morocco DST change.
--------------------------------------------------------------------------------
================================================================================
wallaby-0.16.3-2.fc19 (FEDORA-2013-18374)
HTCondor pool configuration service with QMF interface
--------------------------------------------------------------------------------
Update Information:
Fixes broken deps.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 4 2013 willb <willb@redhat> - 0.16.3-2
- Fixes broken dependency on ruby-qmf
--------------------------------------------------------------------------------
================================================================================
wallaby-0.16.3-3.fc19 (FEDORA-2013-18400)
HTCondor pool configuration service with QMF interface
--------------------------------------------------------------------------------
Update Information:
Fixed ruby-qmf dep.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 4 2013 willb <willb@redhat> - 0.16.3-3
- Fixes spurious ruby(abi) dep introduced in last merge
* Fri Oct 4 2013 willb <willb@redhat> - 0.16.3-2
- Fixes broken dependency on ruby-qmf
--------------------------------------------------------------------------------
================================================================================
xen-4.2.3-3.fc19 (FEDORA-2013-18378)
Xen is a virtual machine monitor
--------------------------------------------------------------------------------
Update Information:
Two security fixes CVE-2013-4355 CVE-2013-4361,
Set "Domain-0" label in xenstored.service systemd file
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 2 2013 Michael Young <m.a.young(a)durham.ac.uk> - 4.2.3-3
- Set "Domain-0" label in xenstored.service systemd file to match
xencommons init.d script.
- security fixes (#1013748)
Information leaks to HVM guests through I/O instruction emulation
[XSA-63, CVE-2013-4355]
Information leak to HVM guests through fbld instruction emulation
[XSA-66, CVE-2013-4361]
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1009817 - CVE-2013-4361 Kernel: Xen: Xsa-66: information leak through fbld
instruction emulation
https://bugzilla.redhat.com/show_bug.cgi?id=1009817
[ 2 ] Bug #1009598 - CVE-2013-4355 Kernel: Xen: Xsa-63: information leak via I/O
instruction emulation
https://bugzilla.redhat.com/show_bug.cgi?id=1009598
--------------------------------------------------------------------------------
================================================================================
zabbix-2.0.8-3.fc19 (FEDORA-2013-18351)
Open-source monitoring solution for your IT infrastructure
--------------------------------------------------------------------------------
Update Information:
- New upstream version 2.0.8
- Patch for CVE-2013-5743 (SQL injection vulnerability, ZBX-7091)
- Patch for ZBX-6922 (Failing host XML import)
- SQL speed-up patch for graphs (ZBX-6804)
- Require php-ldap and ZBX-6992 (Service SQL)
- Create and configure a spooling directory for fping files outside of /tmp
- Update README to reflect that and add a SELinux section
- Drop PrivateTmp from systemd unit files
This update solves a security issue involving the use of libcurl in the code used to
access the eztexting service. It potentially allows for man-in-the-middle attacks. The
issue was described as CVE-2012-6086.
Please refer to
https://support.zabbix.com/browse/ZBX-5924 for details!
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 3 2013 Volker Fröhlich <volker27(a)gmx.at> - 2.0.8-3
- Add SQL speed-up patch (ZBX-6804)
- Add SQL injection vulnerability patch (ZBX-7091, CVE-2013-5743)
- Add patch for failing XML host import (ZBX-6922)
* Fri Sep 13 2013 Volker Fröhlich <volker27(a)gmx.at> - 2.0.8-2
- Add php-ldap as a requirement for the frontend
- Add patch for ZBX-6992
* Fri Aug 23 2013 Volker Fröhlich <volker27(a)gmx.at> - 2.0.8-1
- New upstream release
- Create and configure a spooling directory for fping files outside of /tmp
- Update README to reflect that and add a SELinux section
- Drop PrivateTmp from systemd unit files
- Drop patch for ZBX-6526 (solved upstream)
- Drop patch for CVE-2012-6086 (solved upstream)
- Correct path for the flash applet when removing
- Truncate changelog
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #983096 - Zabbix WEB doesn't work due to deprecated mysql_connect()
https://bugzilla.redhat.com/show_bug.cgi?id=983096
[ 2 ] Bug #892687 - CVE-2012-6086 zabbix: Improper use of cURL API might lead to
improper SSL certificate verification (MiTM) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=892687
--------------------------------------------------------------------------------