The following Fedora 17 Security updates need testing:
Age URL
385
https://admin.fedoraproject.org/updates/FEDORA-2012-10269/revelation-0.4....
197
https://admin.fedoraproject.org/updates/FEDORA-2013-0455/fedora-business-...
125
https://admin.fedoraproject.org/updates/FEDORA-2013-4234/stunnel-4.55-1.fc17
120
https://admin.fedoraproject.org/updates/FEDORA-2013-4501/libxslt-1.1.28-1...
117
https://admin.fedoraproject.org/updates/FEDORA-2013-4581/libuser-0.57.6-2...
49
https://admin.fedoraproject.org/updates/FEDORA-2013-10121/subversion-1.7....
39
https://admin.fedoraproject.org/updates/FEDORA-2013-10940/tomcat6-6.0.37-...
7
https://admin.fedoraproject.org/updates/FEDORA-2013-13202/fdupes-1.51-1.fc17
5
https://admin.fedoraproject.org/updates/FEDORA-2013-13252/moodle-2.2.11-1...
5
https://admin.fedoraproject.org/updates/FEDORA-2013-13231/rubygem-passeng...
2
https://admin.fedoraproject.org/updates/FEDORA-2013-13381/ghc-xmonad-cont...
1
https://admin.fedoraproject.org/updates/FEDORA-2013-13473/openttd-1.3.0-2...
1
https://admin.fedoraproject.org/updates/FEDORA-2013-13499/analitza-4.10.5...
0
https://admin.fedoraproject.org/updates/FEDORA-2013-13610/perl-Proc-Proce...
0
https://admin.fedoraproject.org/updates/FEDORA-2013-13647/gksu-polkit-0.0...
0
https://admin.fedoraproject.org/updates/FEDORA-2013-13459/squid-3.2.13-1....
The following Fedora 17 Critical Path updates have yet to be approved:
Age URL
145
https://admin.fedoraproject.org/updates/FEDORA-2013-3304/libvpx-1.2.0-1.fc17
8
https://admin.fedoraproject.org/updates/FEDORA-2013-13129/livecd-tools-17...
8
https://admin.fedoraproject.org/updates/FEDORA-2013-13082/selinux-policy-...
7
https://admin.fedoraproject.org/updates/FEDORA-2013-13149/qtwebkit-2.3.2-...
1
https://admin.fedoraproject.org/updates/FEDORA-2013-13499/analitza-4.10.5...
The following builds have been pushed to Fedora 17 updates-testing
duply-1.5.11-1.fc17
gksu-polkit-0.0.3-8.gitf8ce834c.fc17
libssh-0.5.4-5.fc17
mate-power-manager-1.6.2-1.fc17
perl-Proc-ProcessTable-0.48-1.fc17
printrun-0.0-28.20130711gitb8f549b.fc17
Details about builds:
================================================================================
duply-1.5.11-1.fc17 (FEDORA-2013-13641)
Wrapper for duplicity
--------------------------------------------------------------------------------
Update Information:
Update to 1.5.11.
Upstream changelog:
- purge-incr command for remove-all-inc-of-but-n-full feature added
patch provided by Moritz Augsburger, thanks!
- documented version command in man page
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 23 2013 Thomas Moschny <thomas.moschny(a)gmx.de> - 1.5.11-1
- Update to 1.5.11.
--------------------------------------------------------------------------------
================================================================================
gksu-polkit-0.0.3-8.gitf8ce834c.fc17 (FEDORA-2013-13647)
Command line utility to run programs as root
--------------------------------------------------------------------------------
Update Information:
* Recreate tarball from proper sources; previous package was shipping an unknown code
tarball.
* Add proper patching for CVE-2012-5617/CVE-2013-4161, the previous fix was creating a
patch file and not patching the code.
* Use proper bus name in service file to fix service timeout.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jul 21 2013 Simone Caronni <negativo17(a)gmail.com> - 0.0.3-8.gitf8ce834c
- Update to git snapshot, add script to recreate tarball.
- Fix Patch1, was creating a patch file and not patching files.
- Add fix to service file from Jan Pokorný (#975541).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #987561 - CVE-2013-4161 gksu-polkit: improper patching of CVE-2012-5617
https://bugzilla.redhat.com/show_bug.cgi?id=987561
[ 2 ] Bug #883162 - CVE-2012-5617 gksu-polkit: privilege escalation due to improper
authentication settings in policykit configuration file
https://bugzilla.redhat.com/show_bug.cgi?id=883162
--------------------------------------------------------------------------------
================================================================================
libssh-0.5.4-5.fc17 (FEDORA-2013-13653)
A library implementing the SSH2 protocol (0xbadc0de version)
--------------------------------------------------------------------------------
Update Information:
Add EPEL 5 support and enable Doxygen documentation.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 18 2013 Simone Caronni <negativo17(a)gmail.com> - 0.5.4-5
- Add EPEL 5 support.
- Add Debian patches to enable Doxygen documentation.
--------------------------------------------------------------------------------
================================================================================
mate-power-manager-1.6.2-1.fc17 (FEDORA-2013-13623)
MATE power management service
--------------------------------------------------------------------------------
Update Information:
update to 1.6.2 release
Features:
- Removed systemd-daemon dependency and check at runtime if
systemd-logind is running
- Improved systemd-logind support
Bug fixes:
- Dont rely only on consolekit for button pressed event
- rhbz (#972881)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 24 2013 Wolfgang Ulbrich <chat-to-me(a)raveit.de> - 1.6.2-1
- update to 1.6.2 release
- fix systemd-login1 support, (#972881)
- remove runtime require ConsoleKit-x11
- remove gsettings convert file
- remove runtime require ConsoleKit-x11
- remove BR systemd-devel
- remove systemd configure flags
- remove NOCONFIGURE=1 ./autogen.sh
--------------------------------------------------------------------------------
================================================================================
perl-Proc-ProcessTable-0.48-1.fc17 (FEDORA-2013-13610)
Perl extension to access the Unix process table
--------------------------------------------------------------------------------
Update Information:
This update, to the current upstream maintenance release, fixes numerous bugs (as
mentioned in the package changelog), including unsafe usage of /tmp when caching is
enabled (CVE-2011-4363), which could allow an attacker to overwrite arbitrary files due to
a race condition.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 24 2013 Paul Howarth <paul(a)city-fan.org> - 0.48-1
- Update to 0.48
- Make module thread-safe on linux (CPAN RT#38709)
- New constructor flag enable_ttys, which when set to 0 disables traversing
the device tree
- New maintainer JSWARTZ
- Fix reading process command lines (CPAN RT#51470)
- Fixes for non-threaded perls (CPAN RT#41397, CPAN RT#46861, CPAN RT#58236)
- Fix file descriptor leak (CPAN RT#69397)
- Fix unsafe use of /tmp (CPAN RT#72862, CVE-2011-4363)
- Various fixes for non-linux operating systems
- Fix byte order tag in cache file (CPAN RT#72862)
- Fixes to stay accurate on machines with many CPUs (CPAN RT#82175), to
include system time into calculations (CPAN RT#80391) and others
(CPAN RT#81312, CPAN RT#82175 and CPAN RT#80391)
- Fix unknown process states for debian kernels (CPAN RT#71976)
- Added tests
- Drop ARG_MAX patch, no longer needed
- Don't use macros for commands
- Don't need to remove empty directories from the buildroot
- Don't ship empty TODO file
- Drop %defattr, redundant since rpm 4.4
- Specify all dependencies
- Add %{?perl_default_filter}
* Thu Jul 18 2013 Petr Pisar <ppisar(a)redhat.com> - 0.44-14
- Perl 5.18 rebuild
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.44-13
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Fri Jul 20 2012 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.44-12
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Mon Jun 11 2012 Petr Pisar <ppisar(a)redhat.com> - 0.44-11
- Perl 5.16 rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #758866 - CVE-2011-4363 perl-Proc-ProcessTable: unsafe temporary file usage
https://bugzilla.redhat.com/show_bug.cgi?id=758866
--------------------------------------------------------------------------------
================================================================================
printrun-0.0-28.20130711gitb8f549b.fc17 (FEDORA-2013-13603)
RepRap printer interface and tools
--------------------------------------------------------------------------------
Update Information:
New tag release fixinfg several bugs and adding more features.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 24 2013 Miro Hrončok <mhroncok(a)redhat.com> - 0.0-28.20130711gitb8f549b
- New upstream tag release
- Corrected bogus date in %changelog
- Flush patch no longer needed
- No longer NoArch
- BR added Cython
--------------------------------------------------------------------------------