Fedora 18 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Mon Aug 26 22:33:30 UTC 2013
The following Fedora 18 Security updates need testing:
Age URL
230 https://admin.fedoraproject.org/updates/FEDORA-2013-0416/fedora-business-cards-1-0.1.beta1.fc18
143 https://admin.fedoraproject.org/updates/FEDORA-2013-4823/microcode_ctl-2.0-3.fc18
128 https://admin.fedoraproject.org/updates/FEDORA-2013-6117/eucalyptus-3.2.2-1.fc18
40 https://admin.fedoraproject.org/updates/FEDORA-2013-13131/livecd-tools-18.17-1.fc18
24 https://admin.fedoraproject.org/updates/FEDORA-2013-14005/zabbix-2.0.6-3.fc18
11 https://admin.fedoraproject.org/updates/FEDORA-2013-14786/nmap-6.40-1.fc18
11 https://admin.fedoraproject.org/updates/FEDORA-2013-14794/filezilla-3.7.3-1.fc18
9 https://admin.fedoraproject.org/updates/FEDORA-2013-14902/python-virtualenv-1.10.1-1.fc18
8 https://admin.fedoraproject.org/updates/FEDORA-2013-14930/drupal7-entity-1.2-1.fc18
7 https://admin.fedoraproject.org/updates/FEDORA-2013-15013/poppler-0.20.2-16.fc18
5 https://admin.fedoraproject.org/updates/FEDORA-2013-15036/ssmtp-2.64-9.fc18
5 https://admin.fedoraproject.org/updates/FEDORA-2013-15072/glibc-2.16-34.fc18
3 https://admin.fedoraproject.org/updates/FEDORA-2013-15142/drupal7-theme-zen-5.4-1.fc18
3 https://admin.fedoraproject.org/updates/FEDORA-2013-14985/php-5.4.19-1.fc18
3 https://admin.fedoraproject.org/updates/FEDORA-2013-15181/ansible-1.2.3-2.fc18
3 https://admin.fedoraproject.org/updates/FEDORA-2013-15157/perl-Module-Metadata-1.000015-1.fc18
2 https://admin.fedoraproject.org/updates/FEDORA-2013-15253/php-pear-Auth-OpenID-2.2.2-7.fc18
0 https://admin.fedoraproject.org/updates/FEDORA-2013-15290/ngircd-20.3-1.fc18
0 https://admin.fedoraproject.org/updates/FEDORA-2013-15223/roundcubemail-0.9.3-2.fc18
0 https://admin.fedoraproject.org/updates/FEDORA-2013-15344/lighttpd-1.4.32-1.fc18
The following Fedora 18 Critical Path updates have yet to be approved:
Age URL
198 https://admin.fedoraproject.org/updates/FEDORA-2013-2192/nautilus-3.6.3-5.fc18
11 https://admin.fedoraproject.org/updates/FEDORA-2013-14695/mdadm-3.2.6-21.fc18
11 https://admin.fedoraproject.org/updates/FEDORA-2013-14691/libtiff-4.0.3-7.fc18
10 https://admin.fedoraproject.org/updates/FEDORA-2013-14827/pcmanfm-1.1.2-1.fc18
5 https://admin.fedoraproject.org/updates/FEDORA-2013-15035/libvdpau-0.7-1.fc18
5 https://admin.fedoraproject.org/updates/FEDORA-2013-15085/system-config-date-1.10.6-1.fc18
5 https://admin.fedoraproject.org/updates/FEDORA-2013-15072/glibc-2.16-34.fc18
2 https://admin.fedoraproject.org/updates/FEDORA-2013-15226/libfm-1.1.2.2-1.fc18
0 https://admin.fedoraproject.org/updates/FEDORA-2013-15331/rpm-4.10.3.1-2.fc18
0 https://admin.fedoraproject.org/updates/FEDORA-2013-15342/redhat-rpm-config-9.1.0-37.2.fc18
The following builds have been pushed to Fedora 18 updates-testing
apper-0.8.1-2.fc18
chinese-calendar-0.8.0-1.fc18
libburn-1.3.2-1.fc18
libisoburn-1.3.2-1.fc18
libisofs-1.3.2-1.fc18
lighttpd-1.4.32-1.fc18
mate-user-share-1.6.1-0.1.git48b2c97.fc18
mksh-48b-1.fc18
perl-Net-Twitter-4.00007-1.fc18
php-Assetic-1.1.2-1.fc18
python-cpopen-1.2.3-1.fc18
python-cpopen-1.2.3-2.fc18
python-datanommer-models-0.5.0-2.fc18
python-django-ckeditor-4.0.2-5.fc18
python-flask-login-0.2.7-1.fc18
python-wstool-0.0.3-1.fc18
redhat-rpm-config-9.1.0-37.2.fc18
roundcubemail-0.9.3-2.fc18
rpm-4.10.3.1-2.fc18
sfact-0.0-5.20130128gitbc56c68.fc18
skeinforge-12.03.14-15.fc18
trafficserver-3.2.5-3.fc18
transifex-client-0.9-3.fc18
yumex-3.0.11-1.fc18
Details about builds:
================================================================================
apper-0.8.1-2.fc18 (FEDORA-2013-15313)
KDE interface for PackageKit
--------------------------------------------------------------------------------
Update Information:
Translation fixes for the updater applet.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 26 2013 Lukáš Tinkl <ltinkl at redhat.com> 0.8.1-2
- fix translations in the updater applet
--------------------------------------------------------------------------------
================================================================================
chinese-calendar-0.8.0-1.fc18 (FEDORA-2013-15334)
A Chinese traditional calendar of UbuntuKylin
--------------------------------------------------------------------------------
Update Information:
New version..
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 26 2013 Christopher Meng <rpm at cicku.me> - 0.8.0-1
- Update to new version.
--------------------------------------------------------------------------------
================================================================================
libburn-1.3.2-1.fc18 (FEDORA-2013-15295)
Library for reading, mastering and writing optical discs
--------------------------------------------------------------------------------
Update Information:
Changes towards previous version 1.3.0
======================================
libburn novelties
-----------------
* Bug fix: The signal handler aborted on SIGCONT, SIGTSTP, SIGTTIN, SIGTTOU
* New API call burn_make_input_sheet_v07t()
* API call burn_session_input_sheet_v07t(): read multiple blocks from same file
* New API calls burn_drive_extract_audio(), burn_drive_extract_audio_track()
* Optional "make doc" now demands doxygen 1.8.4
cdrskin novelties
-----------------
* Bug fix: cdrskin -msinfo on DVD and BD reported old session start = next writable address. Regression introduced by version 1.2.8 (rev 4956). Also fixed in libburn-1.3.0.pl01.
* New cdrskin option textfile_to_v07t=
* New cdrskin options cdtext_to_textfile= and cdtext_to_v07t=
* New cdrskin options extract_audio_to= , extract_tracks= , extract_basename= , --extract_dap
* New cdrskin option --pacifier_with_newline
* Improved granularity of SCSI log time measurement, now with timestamp
libisofs novelties
------------------
* Bug fix: iso_finish() left an invalid global pointer, which a subsequent call of iso_init() would try to dereference.
* The sort weight of data files loaded from ISO image is now 2 exp 28 to 1 rather than 2 exp 31 - 1 to - 2 exp 31
libisoburn and xorriso novelties
--------------------------------
* Bug fix: -find -exec "sort_weight" did not mark the image as having pending changes
* Bug fix: -backslash_codes "with_program_arguments" was interpreted too late
* Bug fix: Missing or empty parameter with -dus was interpreted as "*" rather than "."
* Bug fix: readline history was spammed by -msg_op parsing and pipe loops
* New -pacifier behavior code "interval="
* New -as mkisofs options --sort-weight-list and --sort-weight-patterns
* New -format mode "without_spare" (for BD-RE)
* New command -named_pipe_loop
* New command -sh_style_result
* New -msg_op opcodes "parse_silently" and "parse_bulk_silently"
* New command -application_use and new -as mkisofs option --application_use
--------------------------------------------------------------------------------
ChangeLog:
* Sun Aug 25 2013 Robert Scheck <robert at fedoraproject.org> 1.3.2-1
- Update to upstream 1.3.2 (#994916)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #994921 - libisofs-1.3.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=994921
[ 2 ] Bug #994916 - libburn-1.3.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=994916
[ 3 ] Bug #994920 - libisoburn-1.3.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=994920
--------------------------------------------------------------------------------
================================================================================
libisoburn-1.3.2-1.fc18 (FEDORA-2013-15295)
Library to enable creation and expansion of ISO-9660 filesystems
--------------------------------------------------------------------------------
Update Information:
Changes towards previous version 1.3.0
======================================
libburn novelties
-----------------
* Bug fix: The signal handler aborted on SIGCONT, SIGTSTP, SIGTTIN, SIGTTOU
* New API call burn_make_input_sheet_v07t()
* API call burn_session_input_sheet_v07t(): read multiple blocks from same file
* New API calls burn_drive_extract_audio(), burn_drive_extract_audio_track()
* Optional "make doc" now demands doxygen 1.8.4
cdrskin novelties
-----------------
* Bug fix: cdrskin -msinfo on DVD and BD reported old session start = next writable address. Regression introduced by version 1.2.8 (rev 4956). Also fixed in libburn-1.3.0.pl01.
* New cdrskin option textfile_to_v07t=
* New cdrskin options cdtext_to_textfile= and cdtext_to_v07t=
* New cdrskin options extract_audio_to= , extract_tracks= , extract_basename= , --extract_dap
* New cdrskin option --pacifier_with_newline
* Improved granularity of SCSI log time measurement, now with timestamp
libisofs novelties
------------------
* Bug fix: iso_finish() left an invalid global pointer, which a subsequent call of iso_init() would try to dereference.
* The sort weight of data files loaded from ISO image is now 2 exp 28 to 1 rather than 2 exp 31 - 1 to - 2 exp 31
libisoburn and xorriso novelties
--------------------------------
* Bug fix: -find -exec "sort_weight" did not mark the image as having pending changes
* Bug fix: -backslash_codes "with_program_arguments" was interpreted too late
* Bug fix: Missing or empty parameter with -dus was interpreted as "*" rather than "."
* Bug fix: readline history was spammed by -msg_op parsing and pipe loops
* New -pacifier behavior code "interval="
* New -as mkisofs options --sort-weight-list and --sort-weight-patterns
* New -format mode "without_spare" (for BD-RE)
* New command -named_pipe_loop
* New command -sh_style_result
* New -msg_op opcodes "parse_silently" and "parse_bulk_silently"
* New command -application_use and new -as mkisofs option --application_use
--------------------------------------------------------------------------------
ChangeLog:
* Sun Aug 25 2013 Robert Scheck <robert at fedoraproject.org> 1.3.2-1
- Upgrade to 1.3.2 (#994920)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #994921 - libisofs-1.3.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=994921
[ 2 ] Bug #994916 - libburn-1.3.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=994916
[ 3 ] Bug #994920 - libisoburn-1.3.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=994920
--------------------------------------------------------------------------------
================================================================================
libisofs-1.3.2-1.fc18 (FEDORA-2013-15295)
Library to create ISO 9660 disk images
--------------------------------------------------------------------------------
Update Information:
Changes towards previous version 1.3.0
======================================
libburn novelties
-----------------
* Bug fix: The signal handler aborted on SIGCONT, SIGTSTP, SIGTTIN, SIGTTOU
* New API call burn_make_input_sheet_v07t()
* API call burn_session_input_sheet_v07t(): read multiple blocks from same file
* New API calls burn_drive_extract_audio(), burn_drive_extract_audio_track()
* Optional "make doc" now demands doxygen 1.8.4
cdrskin novelties
-----------------
* Bug fix: cdrskin -msinfo on DVD and BD reported old session start = next writable address. Regression introduced by version 1.2.8 (rev 4956). Also fixed in libburn-1.3.0.pl01.
* New cdrskin option textfile_to_v07t=
* New cdrskin options cdtext_to_textfile= and cdtext_to_v07t=
* New cdrskin options extract_audio_to= , extract_tracks= , extract_basename= , --extract_dap
* New cdrskin option --pacifier_with_newline
* Improved granularity of SCSI log time measurement, now with timestamp
libisofs novelties
------------------
* Bug fix: iso_finish() left an invalid global pointer, which a subsequent call of iso_init() would try to dereference.
* The sort weight of data files loaded from ISO image is now 2 exp 28 to 1 rather than 2 exp 31 - 1 to - 2 exp 31
libisoburn and xorriso novelties
--------------------------------
* Bug fix: -find -exec "sort_weight" did not mark the image as having pending changes
* Bug fix: -backslash_codes "with_program_arguments" was interpreted too late
* Bug fix: Missing or empty parameter with -dus was interpreted as "*" rather than "."
* Bug fix: readline history was spammed by -msg_op parsing and pipe loops
* New -pacifier behavior code "interval="
* New -as mkisofs options --sort-weight-list and --sort-weight-patterns
* New -format mode "without_spare" (for BD-RE)
* New command -named_pipe_loop
* New command -sh_style_result
* New -msg_op opcodes "parse_silently" and "parse_bulk_silently"
* New command -application_use and new -as mkisofs option --application_use
--------------------------------------------------------------------------------
ChangeLog:
* Sun Aug 25 2013 Robert Scheck <robert at fedoraproject.org> 1.3.2-1
- Upgrade to 1.3.2 (#994921)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #994921 - libisofs-1.3.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=994921
[ 2 ] Bug #994916 - libburn-1.3.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=994916
[ 3 ] Bug #994920 - libisoburn-1.3.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=994920
--------------------------------------------------------------------------------
================================================================================
lighttpd-1.4.32-1.fc18 (FEDORA-2013-15344)
Lightning fast webserver with light system requirements
--------------------------------------------------------------------------------
Update Information:
One important denial of service (in 1.4.31) fix: CVE-2012-5533.
A flaw was found in lighttpd version 1.4.31 that could be exploited by a remote user to cause a denial of service condition in lighttpd. A client could send a malformed Connection header to lighttpd (such as "Connection: TE,,Keep-Alive"), which would cause lighttpd to enter an endless loop, detecting an empty token but not incrementing the current string position, causing it to continually read ',' over and over.
This flaw was introduced in 1.4.31 [1] when an "invalid read" bug was fixed [2].
[1] http://redmine.lighttpd.net/projects/lighttpd/repository/revisions/2830/diff/
[2] http://redmine.lighttpd.net/issues/2413
Acknowledgement:
Red Hat would like to thank Stefan Bühler for reporting this issue. Upstream acknowledges Jesse Sipprell from McClatchy Interactive, Inc. as the original reporter.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 26 2013 Jon Ciesla <limburgher at gmail.com> - 1.4.32-1
- Update to 1.4.32, BZ 878915.
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.4.31-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.4.31-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #878915 - CVE-2012-5533 lighttpd: Denial of Service via malformed Connection headers [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=878915
[ 2 ] Bug #878914 - CVE-2012-5533 lighttpd: Denial of Service via malformed Connection headers [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=878914
--------------------------------------------------------------------------------
================================================================================
mate-user-share-1.6.1-0.1.git48b2c97.fc18 (FEDORA-2013-15323)
Mate user file sharing
--------------------------------------------------------------------------------
Update Information:
- update latest git snapshot
- add manpage
- update to apache-2.24
- use mate-session to track the active session, remove consolkit
- disable bluetooth support for fedora > f19
--------------------------------------------------------------------------------
ChangeLog:
* Sun Aug 25 2013 Wolfgang Ulbrich <chat-to-me at raveit.de> - 1.6.1-0.1.git48b2c97
- update latest git snapshot
- add manpage
- update to apache-2.24
- use mate-session to track the active session, remove consolkit
- add dbus requires patch
- add OpenBSD suffers from the same httpd race condition as the other BSDs patch
- add fix turning on sharing not starting mate-user-share
- add bluetooth support optional
- add BR libICE-devel
- add BR libSM-devel
- remove runtime require hicolor-icon-theme
- disable bluetooth support for fedora > f19
- update make install macro
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.6.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
mksh-48b-1.fc18 (FEDORA-2013-15305)
MirBSD enhanced version of the Korn Shell
--------------------------------------------------------------------------------
Update Information:
R48b is a minor bugfix update:
* [tg] Fix display issue with multi-line prompts and SIGWINCH
R48 is a small but important bugfix update:
* [tg] dot.mkshrc: unbreak hd(1) function in UTF-8 mode
* [Jens Staal, tg] Improve buildability on Plan 9 and support kencc
* [tg] Clean up and improve build process and testsuite
* [Michael Langguth] Add multi-layer ICO file from mksh/Win32
* [tg, Steffen Daode Nurpmeso] Fix interactive shell exiting on ^C or syntax error when the EXIT pseudo-signal trap was set (to anything)
* [tg, Daode] Display longer command excerpts in job control
* [tg] Rewrite Emacs mode display window sliding calculation code
* [tg] dot.mkshrc: “doch” now keeps standard input
* [tg] Reduce memory usage and improve comments and documentation
--------------------------------------------------------------------------------
ChangeLog:
* Sun Aug 25 2013 Robert Scheck <robert at fedoraproject.org> 48b-1
- Upgrade to 48b
--------------------------------------------------------------------------------
================================================================================
perl-Net-Twitter-4.00007-1.fc18 (FEDORA-2013-15322)
Perl interface to the Twitter API
--------------------------------------------------------------------------------
Update Information:
Update to perl-Net-Twitter 4.00007
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 22 2013 Julian C. Dunn <jdunn at aquezada.com> - 4.00007-1
- Upgrade to 4.00007 (bz#996455)
* Sun Aug 4 2013 Petr Pisar <ppisar at redhat.com> - 4.00006-3
- Perl 5.18 rebuild
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 4.00006-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #996455 - perl-Net-Twitter-4.00007 is available
https://bugzilla.redhat.com/show_bug.cgi?id=996455
--------------------------------------------------------------------------------
================================================================================
php-Assetic-1.1.2-1.fc18 (FEDORA-2013-15296)
Asset Management for PHP
--------------------------------------------------------------------------------
Update Information:
1.1.2 (July 18, 2013)
* Fixed deep mtime on asset collections
* CallablesFilter now implements DependencyExtractorInterface
* Fixed detection of "partial" children in subfolders in SassFilter
* Restored PathUtils for BC
Full change log: https://github.com/kriswallsmith/assetic/blob/v1.1.2/CHANGELOG-1.1.md
--------------------------------------------------------------------------------
ChangeLog:
* Sun Aug 18 2013 Shawn Iwinski <shawn.iwinski at gmail.com> 1.1.2-1
- Updated to 1.1.2
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.1.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #987400 - php-Assetic-1.1.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=987400
--------------------------------------------------------------------------------
================================================================================
python-cpopen-1.2.3-1.fc18 (FEDORA-2013-15300)
Creates a sub-process in simpler safer manner
--------------------------------------------------------------------------------
Update Information:
adding and arranging package files.
Initial build.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #903246 - Review Request: python-cpopen - Creates a subprocess in simpler safer manner
https://bugzilla.redhat.com/show_bug.cgi?id=903246
--------------------------------------------------------------------------------
================================================================================
python-cpopen-1.2.3-2.fc18 (FEDORA-2013-15312)
Creates a sub-process in simpler safer manner
--------------------------------------------------------------------------------
Update Information:
fixing import error.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #903246 - Review Request: python-cpopen - Creates a subprocess in simpler safer manner
https://bugzilla.redhat.com/show_bug.cgi?id=903246
--------------------------------------------------------------------------------
================================================================================
python-datanommer-models-0.5.0-2.fc18 (FEDORA-2013-15301)
SQLAlchemy models for datanommer
--------------------------------------------------------------------------------
Update Information:
Dont't enable the consumer by default.
Added source type and source name columns. Also added ability to disable paging in calls to .grep().
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 26 2013 Ralph Bean <rbean at redhat.com> - 0.5.0-2
- Disable the consumer by default.
- Use an in-memory database by default.
* Mon Aug 12 2013 Ralph Bean <rbean at redhat.com> - 0.5.0-1
- Added source_name and source_version columns.
- Added possibility to disable paging in calls to .grep().
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.4.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-django-ckeditor-4.0.2-5.fc18 (FEDORA-2013-15306)
Django admin CKEditor integration
--------------------------------------------------------------------------------
Update Information:
Remove bundle flash files.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 26 2013 Eduardo Echeverria <echevemaster at gmail.com> - 4.0.2-5
- Remove bundle flash files %prep section.
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 4.0.2-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1000262 - python-django-ckeditor contains bundled Flash and Flash source files
https://bugzilla.redhat.com/show_bug.cgi?id=1000262
--------------------------------------------------------------------------------
================================================================================
python-flask-login-0.2.7-1.fc18 (FEDORA-2013-15340)
User session management for Flask
--------------------------------------------------------------------------------
Update Information:
New version 0.2.7
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 26 2013 Richard Marko <rmarko at fedoraproject.org> - 0.2.7-1
- Update to 0.2.7
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.2.4-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-wstool-0.0.3-1.fc18 (FEDORA-2013-15335)
Tool for managing a workspace of multiple heterogeneous SCM repositories
--------------------------------------------------------------------------------
Update Information:
* New package!
http://www.ros.org/wiki/wstool
- A tool for managing a workspace of multiple heterogenous SCM repositories
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1000276 - Review Request: python-wstool - A tool for managing a workspace of multiple heterogenous SCM repositories
https://bugzilla.redhat.com/show_bug.cgi?id=1000276
--------------------------------------------------------------------------------
================================================================================
redhat-rpm-config-9.1.0-37.2.fc18 (FEDORA-2013-15342)
Red Hat specific rpm configuration files
--------------------------------------------------------------------------------
Update Information:
Add _pkgdocdir macro (with versioned docdir) for easier handling of docdirs across releases
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 26 2013 Jens Petersen <petersen at redhat.com> - 9.1.0-37.2
- backport new _pkgdocdir macro from F20
--------------------------------------------------------------------------------
================================================================================
roundcubemail-0.9.3-2.fc18 (FEDORA-2013-15223)
Round Cube Webmail is a browser-based multilingual IMAP client
--------------------------------------------------------------------------------
Update Information:
Two XSS flaws were fixed in roundcube 0.9.3 [1]:
* Fix XSS vulnerability when saving HTML signatures [2],[3]
* Fix XSS vulnerability when editing a message "as new" or draft [2],[4]
[1] http://trac.roundcube.net/wiki/Changelog#RELEASE0.9.3
[2] http://trac.roundcube.net/ticket/1489251
[3] http://trac.roundcube.net/changeset/ce5a6496fd6039962ba7424d153278e41ae8761b/github
[4] http://trac.roundcube.net/changeset/93b0a30c1c8aa29d862b587b31e52bcc344b8d16/github
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 23 2013 Adam Williamson <awilliam at redhat.com> - 0.9.3-2
- patch tinymce to cope elegantly with Flash binary being removed
* Fri Aug 23 2013 Jon Ciesla <limburgher at gmail.com> - 0.9.3-1
- Fix two XSS vulnerabilities:
- http://trac.roundcube.net/ticket/1489251
* Fri Aug 16 2013 Jon Ciesla <limburgher at gmail.com> - 0.9.2-3
- Drop precompiled flash.
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.9.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Mon Jun 17 2013 Adam Williamson <awilliam at redhat.com> - 0.9.2-1
- latest upstream
- correct License field, add comment on complex licensing case
* Wed May 1 2013 Adam Williamson <awilliam at redhat.com> - 0.9.0-1
- latest upstream
- drop MDB2 dependencies, add php-pdo dependency (upstream now using
pdo not MDB2)
- drop the update.sh script as it requires the installer framework we
don't ship
- update the Fedora README for changes to sqlite and update process
- drop strict.patch, upstream actually merged it years ago, just in
a slightly different format, and we kept dumbly diffing it
- drop references to obsolete patches (all merged upstream long ago)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1000511 - roundcubemail: two XSS flaws fixed in 0.9.3 [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1000511
[ 2 ] Bug #1000512 - roundcubemail: two XSS flaws fixed in 0.9.3 [epel-6]
https://bugzilla.redhat.com/show_bug.cgi?id=1000512
--------------------------------------------------------------------------------
================================================================================
rpm-4.10.3.1-2.fc18 (FEDORA-2013-15331)
The RPM package management system
--------------------------------------------------------------------------------
Update Information:
This update addresses issues related to concurrent rpmdb access and a build-time crash on %caps() usage in spec files.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 26 2013 Panu Matilainen <pmatilai at redhat.com> - 4.10.3.1-2
- fix build-time double-free on file capability processing (#956190)
- check for stale locks when opening write-cursors (#860500)
- serialize BDB environment open/close (#924417)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #860500 - yum gets stuck during cleanup/verification, but running another yum process unsticks it
https://bugzilla.redhat.com/show_bug.cgi?id=860500
[ 2 ] Bug #924417 - error: rpmdb: BDB0113 Thread/process 2698/140043716605952 failed: BDB1507 Thread died in Berkeley DB library
https://bugzilla.redhat.com/show_bug.cgi?id=924417
[ 3 ] Bug #956190 - rpmbuild crashes with double free or corruption (fasttop) when %caps directives are at the end of a %files section or have wildcards
https://bugzilla.redhat.com/show_bug.cgi?id=956190
--------------------------------------------------------------------------------
================================================================================
sfact-0.0-5.20130128gitbc56c68.fc18 (FEDORA-2013-15348)
Converts 3D model into G-Code for RepRap
--------------------------------------------------------------------------------
Update Information:
Removed the Tkinter warning when slicing with pypy
--------------------------------------------------------------------------------
ChangeLog:
* Sun Aug 25 2013 Miro Hrončok <mhroncok at redhat.com> - 0.0-5.20130128gitbc56c68
- Remove the patch to remove help button
- Added patch to remove Tkinter warning
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.0-4.20130128gitbc56c68
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
skeinforge-12.03.14-15.fc18 (FEDORA-2013-15341)
Converts 3D model into G-Code for RepRap
--------------------------------------------------------------------------------
Update Information:
Removed the Tkinter warning when slicing with pypy
--------------------------------------------------------------------------------
ChangeLog:
* Sun Aug 25 2013 Miro Hrončok <mhroncok at redhat.com> - 12.03.14-15
- Remove the patch to remove hep button
- Added patch to remove Tkinter warning
- Use %{name} instead of the real name
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 12.03.14-14
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Fri Feb 15 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 12.03.14-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
trafficserver-3.2.5-3.fc18 (FEDORA-2013-15299)
Fast, scalable and extensible HTTP/1.1 compliant caching proxy server
--------------------------------------------------------------------------------
Update Information:
Update to 3.2.5.
Switch to using rpmbuild %configure macro, instead of calling configure directly.
Harden build with PIE flags,
Updated to 3.2.4 final.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Aug 25 2013 Jan-Frode Myklebust <janfrode at tanso.net> - 3.2.5-3
- bz#994224 Use rpm
CFLAGS="${CFLAGS:--O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic}" ; export CFLAGS ;
CXXFLAGS="${CXXFLAGS:--O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic}" ; export CXXFLAGS ;
FFLAGS="${FFLAGS:--O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic -I/usr/lib64/gfortran/modules}" ; export FFLAGS ;
LDFLAGS="${LDFLAGS:--Wl,-z,relro -specs=/usr/lib/rpm/redhat/redhat-hardened-ld}"; export LDFLAGS;
./configure --build=x86_64-redhat-linux-gnu --host=x86_64-redhat-linux-gnu \
--program-prefix= \
--disable-dependency-tracking \
--prefix=/usr \
--exec-prefix=/usr \
--bindir=/usr/bin \
--sbindir=/usr/sbin \
--sysconfdir=/etc \
--datadir=/usr/share \
--includedir=/usr/include \
--libdir=/usr/lib64 \
--libexecdir=/usr/libexec \
--localstatedir=/var \
--sharedstatedir=/var/lib \
--mandir=/usr/share/man \
--infodir=/usr/share/info macro, instead of calling configure
directly.
* Fri Aug 9 2013 Jan-Frode Myklebust <janfrode at tanso.net> - 3.2.5-2
- bz#994224 Pass RPM_OPT_FLAGS as environment variables to configure,
instead of overriding on make commandline. Thanks Dimitry Andric!
* Thu Aug 1 2013 Jan-Frode Myklebust <janfrode at tanso.net> - 3.2.5-1
- Update to v3.2.5 which fixes the following bugs:
[TS-1923] Fix memory issue caused by resolve_logfield_string()
[TS-1918] SSL hangs after origin handshake.
[TS-1483] Manager uses hardcoded FD limit causing restarts forever on traffic_server.
[TS-1784] Fix FreeBSD block calculation (both RAW and directory)
[TS-1905] TS hangs (dead lock) on HTTPS POST/PROPFIND requests.
[TS-1785, TS-1904] Fixes to make it build with gcc-4.8.x.
[TS-1903] Remove JEMALLOC_P use, it seems to have been deprecated.
[TS-1902] Remove iconv as dependency.
[TS-1900] Detect and link libhwloc on Ubuntu.
[TS-1470] Fix cache sizes > 16TB (part 2 - Don't reset the cache after restart)
* Mon Jun 3 2013 Jan-Frode Myklebust <janfrode at tanso.net> - 3.2.4-3
- Harden build with PIE flags, ref bz#955127.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #994224 - trafficserver must be compiled with -fno-strict-aliasing, but it is not
https://bugzilla.redhat.com/show_bug.cgi?id=994224
[ 2 ] Bug #955127 - trafficserver package should be built with PIE flags
https://bugzilla.redhat.com/show_bug.cgi?id=955127
--------------------------------------------------------------------------------
================================================================================
transifex-client-0.9-3.fc18 (FEDORA-2013-15307)
Command line tool for Transifex translation management
--------------------------------------------------------------------------------
Update Information:
Command line tool for Transifex translation management
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 26 2013 Luis Bazan <lbazan at fedoraproject.org> - 0.9-3
- remove dependency
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #985248 - transifex-client: use system python-backports-ssl_match_hostname
https://bugzilla.redhat.com/show_bug.cgi?id=985248
--------------------------------------------------------------------------------
================================================================================
yumex-3.0.11-1.fc18 (FEDORA-2013-15325)
Yum Extender graphical package management tool
--------------------------------------------------------------------------------
Update Information:
- backend is only running as root, when needed
- new update checker applet
- updated translations
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 26 2013 Tim Lauridsen <timlau at fedoraproject.org> 3.0.11-1
- bumped version to 3.0.11
--------------------------------------------------------------------------------
More information about the test
mailing list