The following Fedora 19 Security updates need testing:
Age URL
102
https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glanc...
47
https://admin.fedoraproject.org/updates/FEDORA-2013-23592/rubygem-actionp...
39
https://admin.fedoraproject.org/updates/FEDORA-2013-24023/varnish-3.0.5-1...
24
https://admin.fedoraproject.org/updates/FEDORA-2014-0621/graphviz-2.30.1-...
20
https://admin.fedoraproject.org/updates/FEDORA-2014-0797/libinfinity-0.5....
7
https://admin.fedoraproject.org/updates/FEDORA-2014-1734/quassel-0.9.2-1....
7
https://admin.fedoraproject.org/updates/FEDORA-2014-1648/lightdm-gtk-1.6....
6
https://admin.fedoraproject.org/updates/FEDORA-2014-1802/mediawiki-1.21.5...
6
https://admin.fedoraproject.org/updates/FEDORA-2014-1795/socat-1.7.2.3-1....
6
https://admin.fedoraproject.org/updates/FEDORA-2014-1766/libpng12-1.2.50-...
6
https://admin.fedoraproject.org/updates/FEDORA-2014-1754/libpng10-1.0.60-...
6
https://admin.fedoraproject.org/updates/FEDORA-2014-1807/ikiwiki-3.201401...
4
https://admin.fedoraproject.org/updates/FEDORA-2014-1817/libyaml-0.1.4-6....
4
https://admin.fedoraproject.org/updates/FEDORA-2014-1828/ghdl-0.31-1.fc19
3
https://admin.fedoraproject.org/updates/FEDORA-2014-1864/curl-7.29.0-13.fc19
3
https://admin.fedoraproject.org/updates/FEDORA-2014-1883/zarafa-7.1.8-1.fc19
2
https://admin.fedoraproject.org/updates/FEDORA-2014-1916/chrony-1.29.1-1....
2
https://admin.fedoraproject.org/updates/FEDORA-2014-1955/tpp-1.3.1-17.fc19
2
https://admin.fedoraproject.org/updates/FEDORA-2014-1910/ibus-chewing-1.4...
1
https://admin.fedoraproject.org/updates/FEDORA-2014-1972/fwsnort-1.6.4-1....
0
https://admin.fedoraproject.org/updates/FEDORA-2014-1999/pidgin-2.10.9-1....
The following Fedora 19 Critical Path updates have yet to be approved:
Age URL
50
https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmark...
13
https://admin.fedoraproject.org/updates/FEDORA-2014-1324/firefox-26.0-6.fc19
12
https://admin.fedoraproject.org/updates/FEDORA-2014-1368/krb5-1.11.3-19.fc19
11
https://admin.fedoraproject.org/updates/FEDORA-2014-1438/libtool-2.4.2-23...
11
https://admin.fedoraproject.org/updates/FEDORA-2014-1451/pango-1.34.1-2.fc19
10
https://admin.fedoraproject.org/updates/FEDORA-2014-1524/procps-ng-3.3.8-...
8
https://admin.fedoraproject.org/updates/FEDORA-2014-1599/libgsf-1.14.29-1...
3
https://admin.fedoraproject.org/updates/FEDORA-2014-1860/linux-firmware-2...
3
https://admin.fedoraproject.org/updates/FEDORA-2014-1864/curl-7.29.0-13.fc19
3
https://admin.fedoraproject.org/updates/FEDORA-2014-1874/abrt-2.1.12-1.fc...
3
https://admin.fedoraproject.org/updates/FEDORA-2014-1879/ibus-1.5.5-2.fc19
2
https://admin.fedoraproject.org/updates/FEDORA-2014-1958/livecd-tools-19....
2
https://admin.fedoraproject.org/updates/FEDORA-2014-1916/chrony-1.29.1-1....
0
https://admin.fedoraproject.org/updates/FEDORA-2014-2022/gupnp-tools-0.8....
The following builds have been pushed to Fedora 19 updates-testing
aprsdigi-3.5.1-2.fc19
bcfg2-1.3.3-4.fc19
ffcall-1.10-14.20120424cvs.fc19
groonga-3.1.2-1.fc19
gssdp-0.14.7-1.fc19
gupnp-0.20.10-1.fc19
gupnp-av-0.12.5-1.fc19
gupnp-tools-0.8.9-1.fc19
httpie-0.8.0-1.fc19
mozilla-adblockplus-2.4.1-1.fc19
mysql-connector-python-1.1.5-1.fc19
perl-Email-Address-List-0.04-1.fc19
perl-No-Worries-1.1-1.fc19
php-tcpdf-6.0.059-1.fc19
pidgin-2.10.9-1.fc19
publican-4.0.0-0.1.fc19
python-celery-3.0.15-6.fc19
rubygem-sequel-4.7.0-2.fc19
Details about builds:
================================================================================
aprsdigi-3.5.1-2.fc19 (FEDORA-2014-1995)
AX.25 Automatic Position Reporting System
--------------------------------------------------------------------------------
Update Information:
Initial import (#1016089).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1016089 - Review Request: aprsdigi - AX.25 Automatic Position Reporting
System aprsdigi and aprsmon
https://bugzilla.redhat.com/show_bug.cgi?id=1016089
--------------------------------------------------------------------------------
================================================================================
bcfg2-1.3.3-4.fc19 (FEDORA-2014-2019)
A configuration management system
--------------------------------------------------------------------------------
Update Information:
EPEL7 updates; EPEL5 bcfg2-web pkg disabled
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 1 2014 John Morris <john(a)zultron.com> - 1.3.3-4
- Disable bcfg2-web package on EL5; bz #1058427
- Disable %check on EL7; missing EPEL deps
- BR: systemd to pick up _unitdir macro
* Mon Jan 27 2014 Sol Jerome <sol.jerome(a)gmail.com> - 1.3.3-4
- Fix BuildRequires for EPEL7's Django
- Remove unnecessary client-side lxml dependency
- Add Django dependency for bcfg2-web (the web package *does* require
Django for the database)
- Fix OS detection for RHEL7 initscripts
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1058427 - Add bcfg2 package to EPEL7
https://bugzilla.redhat.com/show_bug.cgi?id=1058427
--------------------------------------------------------------------------------
================================================================================
ffcall-1.10-14.20120424cvs.fc19 (FEDORA-2014-2023)
Libraries for foreign function call interfaces
--------------------------------------------------------------------------------
Update Information:
This update moves the RPM macro file from /etc/rpm to /usr/lib/rpm/macros.d. There are no
other changes.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 3 2014 Jerry James <loganjerry(a)gmail.com> - 1.10-14.20120424cvs
- Update location of rpm macro file for rpm >= 4.11
--------------------------------------------------------------------------------
================================================================================
groonga-3.1.2-1.fc19 (FEDORA-2014-2005)
An Embeddable Fulltext Search Engine
--------------------------------------------------------------------------------
Update Information:
Update to 3.1.2. See
http://groonga.org/docs/news.html#release-3-1-2
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 3 2014 HAYASHI Kentaro <hayashi(a)clear-code.com> - 3.1.2-1
- new upstream release.
* Tue Dec 31 2013 HAYASHI Kentaro <hayashi(a)clear-code.com> - 3.1.1-1
- new upstream release.
--------------------------------------------------------------------------------
================================================================================
gssdp-0.14.7-1.fc19 (FEDORA-2014-2022)
Resource discovery and announcement over SSDP
--------------------------------------------------------------------------------
Update Information:
gssdp-0.14.7
============
- Add mising function declaration.
gupnp-0.20.10
=============
Changes since 0.20.9:
- Make sure ResourceFactory creates proxies with the correct GType.
- Make it possible to unsubscribe from a service proxy during a call-back.
- Disable managed RootDevices on WL change in addition to ControlPoints.
Bugs fixed in this release:
-
https://bugzilla.gnome.org/show_bug.cgi?id=678701
-
https://bugzilla.gnome.org/show_bug.cgi?id=690400
-
https://bugzilla.gnome.org/show_bug.cgi?id=711332
gnupg-av-0.12.5
===============
Changes since 0.12.4:
- Fix name of cleartext-size property.
- Fix creation of pv namespace in DIDLLite parser.
- Check for empty mandatory tags in UpdateObject.
Bugs fixed in this release:
-
https://bugzilla.gnome.org/show_bug.cgi?id=705522
-
https://bugzilla.gnome.org/show_bug.cgi?id=719377
gupnp-tools-0.8.9
=================
Changes since 0.8.8:
- Make DIDL-Lite dialog work when closed with "X".
- Make UniversalCP behave nicer in busy networks where a lot of devices
appear/disappear/reappear.
Bugs fixed in this release:
-
https://bugzilla.gnome.org/show_bug.cgi?id=722245
-
https://bugzilla.gnome.org/show_bug.cgi?id=723172
Added/updated translations
- cs, courtesy of Marek Černocký
- sr, courtesy of МироÑлав Ðиколић
- sr@latin, courtesy of Miroslav Nikolić
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 4 2014 Peter Robinson <pbrobinson(a)fedoraproject.org> 0.14.7-1
- 0.14.7 release
-
http://ftp.gnome.org/pub/GNOME/sources/gssdp/0.14/gssdp-0.14.7.news
* Sun Nov 3 2013 Peter Robinson <pbrobinson(a)fedoraproject.org> 0.14.6-1
- 0.14.6 release
-
http://ftp.gnome.org/pub/GNOME/sources/gssdp/0.14/gssdp-0.14.6.news
--------------------------------------------------------------------------------
================================================================================
gupnp-0.20.10-1.fc19 (FEDORA-2014-2022)
A framework for creating UPnP devices & control points
--------------------------------------------------------------------------------
Update Information:
gssdp-0.14.7
============
- Add mising function declaration.
gupnp-0.20.10
=============
Changes since 0.20.9:
- Make sure ResourceFactory creates proxies with the correct GType.
- Make it possible to unsubscribe from a service proxy during a call-back.
- Disable managed RootDevices on WL change in addition to ControlPoints.
Bugs fixed in this release:
-
https://bugzilla.gnome.org/show_bug.cgi?id=678701
-
https://bugzilla.gnome.org/show_bug.cgi?id=690400
-
https://bugzilla.gnome.org/show_bug.cgi?id=711332
gnupg-av-0.12.5
===============
Changes since 0.12.4:
- Fix name of cleartext-size property.
- Fix creation of pv namespace in DIDLLite parser.
- Check for empty mandatory tags in UpdateObject.
Bugs fixed in this release:
-
https://bugzilla.gnome.org/show_bug.cgi?id=705522
-
https://bugzilla.gnome.org/show_bug.cgi?id=719377
gupnp-tools-0.8.9
=================
Changes since 0.8.8:
- Make DIDL-Lite dialog work when closed with "X".
- Make UniversalCP behave nicer in busy networks where a lot of devices
appear/disappear/reappear.
Bugs fixed in this release:
-
https://bugzilla.gnome.org/show_bug.cgi?id=722245
-
https://bugzilla.gnome.org/show_bug.cgi?id=723172
Added/updated translations
- cs, courtesy of Marek Černocký
- sr, courtesy of МироÑлав Ðиколић
- sr@latin, courtesy of Miroslav Nikolić
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 4 2014 Peter Robinson <pbrobinson(a)fedoraproject.org> 0.20.10-1
- 0.20.10 release
-
http://ftp.gnome.org/pub/GNOME/sources/gupnp/0.20/gupnp-0.20.10.news
--------------------------------------------------------------------------------
================================================================================
gupnp-av-0.12.5-1.fc19 (FEDORA-2014-2022)
A collection of helpers for building UPnP AV applications
--------------------------------------------------------------------------------
Update Information:
gssdp-0.14.7
============
- Add mising function declaration.
gupnp-0.20.10
=============
Changes since 0.20.9:
- Make sure ResourceFactory creates proxies with the correct GType.
- Make it possible to unsubscribe from a service proxy during a call-back.
- Disable managed RootDevices on WL change in addition to ControlPoints.
Bugs fixed in this release:
-
https://bugzilla.gnome.org/show_bug.cgi?id=678701
-
https://bugzilla.gnome.org/show_bug.cgi?id=690400
-
https://bugzilla.gnome.org/show_bug.cgi?id=711332
gnupg-av-0.12.5
===============
Changes since 0.12.4:
- Fix name of cleartext-size property.
- Fix creation of pv namespace in DIDLLite parser.
- Check for empty mandatory tags in UpdateObject.
Bugs fixed in this release:
-
https://bugzilla.gnome.org/show_bug.cgi?id=705522
-
https://bugzilla.gnome.org/show_bug.cgi?id=719377
gupnp-tools-0.8.9
=================
Changes since 0.8.8:
- Make DIDL-Lite dialog work when closed with "X".
- Make UniversalCP behave nicer in busy networks where a lot of devices
appear/disappear/reappear.
Bugs fixed in this release:
-
https://bugzilla.gnome.org/show_bug.cgi?id=722245
-
https://bugzilla.gnome.org/show_bug.cgi?id=723172
Added/updated translations
- cs, courtesy of Marek Černocký
- sr, courtesy of МироÑлав Ðиколић
- sr@latin, courtesy of Miroslav Nikolić
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 4 2014 Peter Robinson <pbrobinson(a)fedoraproject.org> 0.12.5-1
- 0.12.5 release
-
http://ftp.gnome.org/pub/GNOME/sources/gupnp-av/0.12/gupnp-av-0.12.5.news
* Mon Nov 18 2013 Peter Robinson <pbrobinson(a)fedoraproject.org> 0.12.4-1
- 0.12.4 release
-
http://ftp.gnome.org/pub/GNOME/sources/gupnp-av/0.12/gupnp-av-0.12.4.news
* Wed Oct 16 2013 Peter Robinson <pbrobinson(a)fedoraproject.org> 0.12.3-1
- 0.12.3 release
-
http://ftp.gnome.org/pub/GNOME/sources/gupnp-av/0.12/gupnp-av-0.12.3.news
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.12.2-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
gupnp-tools-0.8.9-1.fc19 (FEDORA-2014-2022)
A collection of dev tools utilising GUPnP and GTK+
--------------------------------------------------------------------------------
Update Information:
gssdp-0.14.7
============
- Add mising function declaration.
gupnp-0.20.10
=============
Changes since 0.20.9:
- Make sure ResourceFactory creates proxies with the correct GType.
- Make it possible to unsubscribe from a service proxy during a call-back.
- Disable managed RootDevices on WL change in addition to ControlPoints.
Bugs fixed in this release:
-
https://bugzilla.gnome.org/show_bug.cgi?id=678701
-
https://bugzilla.gnome.org/show_bug.cgi?id=690400
-
https://bugzilla.gnome.org/show_bug.cgi?id=711332
gnupg-av-0.12.5
===============
Changes since 0.12.4:
- Fix name of cleartext-size property.
- Fix creation of pv namespace in DIDLLite parser.
- Check for empty mandatory tags in UpdateObject.
Bugs fixed in this release:
-
https://bugzilla.gnome.org/show_bug.cgi?id=705522
-
https://bugzilla.gnome.org/show_bug.cgi?id=719377
gupnp-tools-0.8.9
=================
Changes since 0.8.8:
- Make DIDL-Lite dialog work when closed with "X".
- Make UniversalCP behave nicer in busy networks where a lot of devices
appear/disappear/reappear.
Bugs fixed in this release:
-
https://bugzilla.gnome.org/show_bug.cgi?id=722245
-
https://bugzilla.gnome.org/show_bug.cgi?id=723172
Added/updated translations
- cs, courtesy of Marek Černocký
- sr, courtesy of МироÑлав Ðиколић
- sr@latin, courtesy of Miroslav Nikolić
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 4 2014 Peter Robinson <pbrobinson(a)fedoraproject.org> 0.8.9-1
- Update to 0.8.9
-
http://ftp.gnome.org/pub/GNOME/sources/gupnp-tools/0.8/gupnp-tools-0.8.9....
* Mon Nov 11 2013 Peter Robinson <pbrobinson(a)fedoraproject.org> 0.8.8-1
- Update to 0.8.8
-
http://ftp.gnome.org/pub/GNOME/sources/gupnp-tools/0.8/gupnp-tools-0.8.8....
--------------------------------------------------------------------------------
================================================================================
httpie-0.8.0-1.fc19 (FEDORA-2014-2003)
A Curl-like tool for humans
--------------------------------------------------------------------------------
Update Information:
Latest upstream release.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 31 2014 Ricky Elrod <codeblock(a)fedoraproject.org> - 0.8.0-1
- Latest upstream release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1057992 - httpie-0.8.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1057992
--------------------------------------------------------------------------------
================================================================================
mozilla-adblockplus-2.4.1-1.fc19 (FEDORA-2014-2026)
Adblocking extension for Mozilla Firefox, Thunderbird, and SeaMonkey
--------------------------------------------------------------------------------
Update Information:
- This release introduces support for the Australis theme that will be introduced in
future Firefox versions.
- Default icon location is the navigation toolbar again (add-on bar is going away).
- Fixed image preview in the list of blockable items (forum topic).
- Fixed: Changes to Adblock Plus options didn’t always persist.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 4 2014 Russell Golden <niveusluna(a)niveusluna.org> - 2.4.1-1
- This release introduces support for the Australis theme that will be introduced in
future Firefox versions.
- Default icon location is the navigation toolbar again (add-on bar is going away).
- Fixed image preview in the list of blockable items (forum topic).
- Fixed keyboard shortcut on Mac OS X (Control key was used instead of Command).
- Fixed: Changes to Adblock Plus options didn’t always persist.
--------------------------------------------------------------------------------
================================================================================
mysql-connector-python-1.1.5-1.fc19 (FEDORA-2014-1994)
MySQL Connector for Python 2
--------------------------------------------------------------------------------
Update Information:
Version 1.1.5 (2014-01-31)
* BUG#17857712: Added fixes to use CPY with Django 1.6
* BUG#18040042: Fixed clearing session with pooled connection
* BUG#17826833: Fixed executemany for INSERT with no VALUES-clause
* BUG#17573172: Added support for access modes for START TRANSACTION
* BUG#18054810: Fixed output of pylint to include msg_id
* BUG#17889076: Fixed error handling for unittests.py using -t option
* BUG#17780576: Added support for utf8mb4 character set
* BUG#17958420: Fix error handling parse_column_count()
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 4 2014 Remi Collet <remi(a)fedoraproject.org> - 1.1.5-1
- version 1.1.5 GA
http://dev.mysql.com/doc/relnotes/connector-python/en/news-1-1-5.html
--------------------------------------------------------------------------------
================================================================================
perl-Email-Address-List-0.04-1.fc19 (FEDORA-2014-2029)
RFC close address list parsing
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
perl-No-Worries-1.1-1.fc19 (FEDORA-2014-1996)
Perl coding without worries
--------------------------------------------------------------------------------
Update Information:
Update to upstream version, rhbz #1054233.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 31 2014 Massimo Paladin <massimo.paladin(a)gmail.com> 1.1-1
- Updating to upstream 1.1, rhbz #1054233.
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.0-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu Jul 25 2013 Petr Pisar <ppisar(a)redhat.com> - 1.0-2
- Perl 5.18 rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1054233 - Upgrade to new upstream version
https://bugzilla.redhat.com/show_bug.cgi?id=1054233
--------------------------------------------------------------------------------
================================================================================
php-tcpdf-6.0.059-1.fc19 (FEDORA-2014-2027)
PHP class for generating PDF documents
--------------------------------------------------------------------------------
Update Information:
6.0.059 (2014-02-03)
* SVG 'use' support was imporved.
6.0.058 (2014-01-31)
* Bug #886 "Bugs with SVG using <defs> and <use>" was fixed.
6.0.057 (2014-01-26)
* Bug #883 "Parsing error" was fixed.
6.0.056 (2014-01-25)
* The automatic cache folder selection now works also with some restricted hosting
environments.
* CSS text-transform property is now supported (requires the multibyte string library for
php) - see examle n. 061 (Thanks to Walter Ferraz).
* Bug #884 "Parsing error prev tag looking for" was fixed.
6.0.055 (2014-01-15)
* Bug #880 "Error detecting hX tags (h1,h2..)" was fixed
* Bug #879 "Thead on the second page inherits style of previous tr" was fixed
6.0.054 (2014-01-13)
* Bug #877 "Parenteses causing corrupt text" was fixed.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 4 2014 Remi Collet <remi(a)fedoraproject.org> - 6.0.059-1
- update to 6.0.059
--------------------------------------------------------------------------------
================================================================================
pidgin-2.10.9-1.fc19 (FEDORA-2014-1999)
A Gtk+ based multiprotocol instant messaging client
--------------------------------------------------------------------------------
Update Information:
Update to 2.10.9
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 3 2014 Dan Mashal <dan.mashal(a)fedoraproject.org> 2.10.9-1
- Update to 2.10.9
* Thu Sep 26 2013 Rex Dieter <rdieter(a)fedoraproject.org> 2.10.7-9
- add explicit avahi build deps
* Thu Aug 8 2013 Jan Synáček <jsynacek(a)redhat.com> - 2.10.7-8
- Remove versioned docdirs, BZ 994039
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
2.10.7-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu Aug 1 2013 Petr Pisar <ppisar(a)redhat.com> - 2.10.7-6
- Perl 5.18 rebuild
* Fri Jul 19 2013 Orion Poplawski <orion(a)cora.nwra.com> - 2.10.7-5
- Fix setting -fstack-protector on F20+, use -fstack-protector-strong there
- Filter out provides from plugins
* Wed Jul 17 2013 Petr Pisar <ppisar(a)redhat.com> - 2.10.7-4
- Perl 5.18 rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1056473 - CVE-2012-6152 pidgin: DoS when decoding non-UTF-8 strings in Yahoo
protocol plugin
https://bugzilla.redhat.com/show_bug.cgi?id=1056473
[ 2 ] Bug #1056479 - CVE-2013-6477 pidgin: DoS when handling timestamps in the XMPP
plugin
https://bugzilla.redhat.com/show_bug.cgi?id=1056479
[ 3 ] Bug #1056904 - CVE-2013-6478 pidgin: DoS when rendering long URLs
https://bugzilla.redhat.com/show_bug.cgi?id=1056904
[ 4 ] Bug #1056907 - CVE-2013-6479 pidgin: DoS when parsing certain HTTP response
headers
https://bugzilla.redhat.com/show_bug.cgi?id=1056907
[ 5 ] Bug #1056908 - CVE-2013-6481 pidgin: DoS caused due to OOB read in Yahoo protocol
plugin
https://bugzilla.redhat.com/show_bug.cgi?id=1056908
[ 6 ] Bug #1056913 - CVE-2013-6482 pidgin: DoS via multiple null pointer dereferences in
MSN protocol plugin
https://bugzilla.redhat.com/show_bug.cgi?id=1056913
[ 7 ] Bug #1056978 - CVE-2013-6483 pidgin: Possible spoofing using iq replies in XMPP
protocol plugin
https://bugzilla.redhat.com/show_bug.cgi?id=1056978
[ 8 ] Bug #1057481 - CVE-2013-6484 pidgin: DoS via specially-crafted stun messages
https://bugzilla.redhat.com/show_bug.cgi?id=1057481
[ 9 ] Bug #1057484 - CVE-2013-6485 pidgin: Heap-based buffer overflow when parsing
chunked HTTP responses
https://bugzilla.redhat.com/show_bug.cgi?id=1057484
[ 10 ] Bug #1057489 - CVE-2013-6487 pidgin: Heap-based buffer overflow in Gadu-Gadu
protocol plugin
https://bugzilla.redhat.com/show_bug.cgi?id=1057489
[ 11 ] Bug #1057490 - CVE-2013-6489 pidgin: Heap-based buffer overflow in MXit emoticon
parsing
https://bugzilla.redhat.com/show_bug.cgi?id=1057490
[ 12 ] Bug #1057498 - CVE-2013-6490 pidgin: Heap-based buffer overflow in SIMPLE
protocol plugin
https://bugzilla.redhat.com/show_bug.cgi?id=1057498
[ 13 ] Bug #1057502 - CVE-2014-0020 pidgin: DoS in IRC protocol plugin due to arguement
parsing
https://bugzilla.redhat.com/show_bug.cgi?id=1057502
--------------------------------------------------------------------------------
================================================================================
publican-4.0.0-0.1.fc19 (FEDORA-2014-2018)
Common files and scripts for publishing with DocBook XML
--------------------------------------------------------------------------------
Update Information:
New upstream with many enhancements and fixes:
- Support DocBook 5 as input format. BZ #1005042
- Fix duplicate first author in PDF. BZ #996351
- Include DocBook 5-compatible templates. BZ #697366
- Fix UTF8 issue in ~/.publican.cfg. BZ #987325
- Replace abstract and subtitle xsl. BZ #953675
- Change Cover page font. BZ #1006134
- Fix TOC leader in PDF. BZ #1006056
- Fix PDF Legal Notice trademarks & formatting. BZ #970851
- Fix keyword lable showing in PDF when there are no keywords. BZ #1007146
- Indicate whether a translation is older in the web GUI. BZ #889031
- Include time in update_date. BZ #979846
- Support web site navigation for books without HTML. BZ #885916
- Support ascending Revision History. BZ #999578
- Add ability to compy installed brand web content to another site. BZ #967664
- Fix PDF example.properties template. BZ #999586
- Fix PUG PDF format for OpenSuse. BZ #999581
- Simplify highlight error message. BZ #987059
- Add css styles for table sizes. BZ #1005640
- Tidy up Build.PL for better CPAN support. BZ #999259
- Fix image path for icon.svg. BZ #1011222
- Fix print_unused not handling include from higher directories. BZ #1004955
- Fix SVG fallback to PNG. BZ #990823
- Fix subtitle font size. BZ #987431
- Support grouping of books within a version. BZ #901560
- Remove bold from titles in Indic scripts. BZ #1006135
- Overhaul EPUB, basic CSS, harcode chunking, fix errors. BZ #883159
- Fix duplicate file listing in EPUB. BZ #875119
- Fix objects in EPUB not in catalog. BZ #875125
- Fix duplicate ID's in EPUBs. BZ #875116
- Fix ConfigData not being reset after testing on all platforms. BZ #999427
- Fix links to step not functioning. BZ #1009015
- Support GIT for distributed sets. BZ #864226
- Fix Build.PL not handling .mo files. BZ #1016421
- Bold and Center titlepage edition. BZ #1017548
- Fix broken use of pushd in Build.PL. BZ #1018608
- Remove XML from spec file abstract. BZ #1018796
- Fix UTF8 in publican.cfg not being handled. BZ #1020059
- Fix Indic PDF build on F19. BZ #1018024
- Fix UTF8 encoding for title in Revision_History.xml BZ #1020570
- Fix browser not detecting UTF8 on HTML5 files with .html extension. BZ #1018659
- Fix styling of DB4 example, package, & option. Remove html.longdesc.embed xsl. BZ
#1023248
- Fix UTF8 in Groups.xml. BZ #1022575
- Add translations for "Edition" BZ# 1007141
- Add translations for "English is newer" BZ #889031
- Fix broken or-IN translation.
- Update DB4 CSS steps, stepalts, OLs, term. BZ #1026173
- Remove chunk override from html.xsl. BZ #1026563
- Fix path to POD. BZ #1026563
- Update CLI translations
- Various fixes to Common Content + update Common Content translation. BZ #1027248
- Update and correct Debian installation instructions. BZ #1013934
- Correct OpenSUSE installation instructions. BZ #1000534
- Add Docker installation instructions. BZ #1015943
- Clarify where relative paths are used in brand instructions - BZ #1028815
- Update and clarify translation instructions BZ #1021287
- Expose glossterm in PO files to support sortas attribute. BZ #1030591
- Add report action to print readability statistics. BZ #1031364
- Change comment in syntax highlight to light grey. BZ #1030718
- Document use of "sortas" for indexes and glossaries in PUG
- Fix newline in translation affecting output. BZ #1036150
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 18 2013 Rüdiger Landmann <rlandmann(a)redhat.com> 4.0.0-0.1
- (Build)Require FOP instead of wkhtmltopdf for Fedora
* Wed Dec 18 2013 Rüdiger Landmann <rlandmann(a)redhat.com> 4.0.0-0
- Support DocBook 5 as input format. BZ #1005042
- Fix duplicate first author in PDF. BZ #996351
- Include DocBook 5-compatible templates. BZ #697366
- Fix UTF8 issue in ~/.publican.cfg. BZ #987325
- Replace abstract and subtitle xsl. BZ #953675
- Change Cover page font. BZ #1006134
- Fix TOC leader in PDF. BZ #1006056
- Fix PDF Legal Notice trademarks & formatting. BZ #970851
- Fix keyword lable showing in PDF when there are no keywords. BZ #1007146
- Indicate whether a translation is older in the web GUI. BZ #889031
- Include time in update_date. BZ #979846
- Support web site navigation for books without HTML. BZ #885916
- Support ascending Revision History. BZ #999578
- Add ability to compy installed brand web content to another site. BZ #967664
- Fix PDF example.properties template. BZ #999586
- Fix PUG PDF format for OpenSuse. BZ #999581
- Simplify highlight error message. BZ #987059
- Add css styles for table sizes. BZ #1005640
- Tidy up Build.PL for better CPAN support. BZ #999259
- Fix image path for icon.svg. BZ #1011222
- Fix print_unused not handling include from higher directories. BZ #1004955
- Fix SVG fallback to PNG. BZ #990823
- Fix subtitle font size. BZ #987431
- Support grouping of books within a version. BZ #901560
- Remove bold from titles in Indic scripts. BZ #1006135
- Overhaul EPUB, basic CSS, harcode chunking, fix errors. BZ #883159
- Fix duplicate file listing in EPUB. BZ #875119
- Fix objects in EPUB not in catalog. BZ #875125
- Fix duplicate ID's in EPUBs. BZ #875116
- Fix ConfigData not being reset after testing on all platforms. BZ #999427
- Fix links to step not functioning. BZ #1009015
- Support GIT for distributed sets. BZ #864226
- Fix Build.PL not handling .mo files. BZ #1016421
- Bold and Center titlepage edition. BZ #1017548
- Fix broken use of pushd in Build.PL. BZ #1018608
- Remove XML from spec file abstract. BZ #1018796
- Fix UTF8 in publican.cfg not being handled. BZ #1020059
- Fix Indic PDF build on F19. BZ #1018024
- Fix UTF8 encoding for title in Revision_History.xml BZ #1020570
- Fix browser not detecting UTF8 on HTML5 files with .html extension. BZ #1018659
- Fix styling of DB4 example, package, & option. Remove html.longdesc.embed xsl. BZ
#1023248
- Fix UTF8 in Groups.xml. BZ #1022575
- Add translations for "Edition" BZ# 1007141
- Add translations for "English is newer" BZ #889031
- Fix broken or-IN translation.
- Update DB4 CSS steps, stepalts, OLs, term. BZ #1026173
- Remove chunk override from html.xsl. BZ #1026563
- Fix path to POD. BZ #1026563
- Update CLI translations
- Various fixes to Common Content + update Common Content translation. BZ #1027248
- Update and correct Debian installation instructions. BZ #1013934
- Correct OpenSUSE installation instructions. BZ #1000534
- Add Docker installation instructions. BZ #1015943
- Clarify where relative paths are used in brand instructions - BZ #1028815
- Update and clarify translation instructions BZ #1021287
- Expose glossterm in PO files to support sortas attribute. BZ #1030591
- Add report action to print readability statistics. BZ #1031364
- Change comment in syntax highlight to light grey. BZ #1030718
- Document use of "sortas" for indexes and glossaries in PUG
- Fix newline in translation affecting output. BZ #1036150
* Fri Oct 4 2013 Jeff Fearn <jfearn(a)redhat.com> 3.9.9-0
- Publican 4.0 RC1
--------------------------------------------------------------------------------
================================================================================
python-celery-3.0.15-6.fc19 (FEDORA-2014-2008)
Distributed Task Queue
--------------------------------------------------------------------------------
Update Information:
python-billiard-2.7.3.34 is sufficient, too (rhbz#1059460)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 3 2014 Matthias Runge <mrunge(a)redhat.com> - 3.0.15-6
- python-billiard-2.7.3.34 is sufficient, too (rhbz#1059460)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1059460 - python-celery requires wrong version of python-billiard
https://bugzilla.redhat.com/show_bug.cgi?id=1059460
--------------------------------------------------------------------------------
================================================================================
rubygem-sequel-4.7.0-2.fc19 (FEDORA-2014-2038)
The Database Toolkit for Ruby
--------------------------------------------------------------------------------
Update Information:
update to sequel 4.7.0
--------------------------------------------------------------------------------