Fedora 18 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Sun Dec 22 05:49:36 UTC 2013
The following Fedora 18 Security updates need testing:
Age URL
28 https://admin.fedoraproject.org/updates/FEDORA-2013-21875/389-ds-base-1.3.0.9-1.fc18
14 https://admin.fedoraproject.org/updates/FEDORA-2013-22949/net-snmp-5.7.2-7.fc18
11 https://admin.fedoraproject.org/updates/FEDORA-2013-23122/firefox-26.0-2.fc18,xulrunner-26.0-1.fc18
11 https://admin.fedoraproject.org/updates/FEDORA-2013-23140/python-setuptools-0.6.49-1.fc18
9 https://admin.fedoraproject.org/updates/FEDORA-2013-23291/thunderbird-24.2.0-2.fc18
7 https://admin.fedoraproject.org/updates/FEDORA-2013-23378/openttd-1.3.3-1.fc18
7 https://admin.fedoraproject.org/updates/FEDORA-2013-23401/v8-3.14.5.10-3.fc18
5 https://admin.fedoraproject.org/updates/FEDORA-2013-23466/xen-4.2.3-12.fc18
4 https://admin.fedoraproject.org/updates/FEDORA-2013-23504/quagga-0.99.21-6.fc18
2 https://admin.fedoraproject.org/updates/FEDORA-2013-23591/seamonkey-2.23-1.fc18
2 https://admin.fedoraproject.org/updates/FEDORA-2013-23646/perl-Proc-Daemon-0.14-9.fc18
2 https://admin.fedoraproject.org/updates/FEDORA-2013-23575/ca-certificates-2013.1.95-1.fc18
2 https://admin.fedoraproject.org/updates/FEDORA-2013-23662/rubygem-actionpack-3.2.8-4.fc18
2 https://admin.fedoraproject.org/updates/FEDORA-2013-23663/ibus-chewing-1.4.4-1.fc18
2 https://admin.fedoraproject.org/updates/FEDORA-2013-23678/gnupg-1.4.16-2.fc18
The following Fedora 18 Critical Path updates have yet to be approved:
Age URL
315 https://admin.fedoraproject.org/updates/FEDORA-2013-2192/nautilus-3.6.3-5.fc18
11 https://admin.fedoraproject.org/updates/FEDORA-2013-23140/python-setuptools-0.6.49-1.fc18
9 https://admin.fedoraproject.org/updates/FEDORA-2013-23291/thunderbird-24.2.0-2.fc18
9 https://admin.fedoraproject.org/updates/FEDORA-2013-23312/dracut-029-1.fc18.3
9 https://admin.fedoraproject.org/updates/FEDORA-2013-23306/abrt-2.1.10-1.fc18,libreport-2.1.10-1.fc18,satyr-0.12-1.fc18
9 https://admin.fedoraproject.org/updates/FEDORA-2013-23297/libfm-1.1.4-1.fc18
7 https://admin.fedoraproject.org/updates/FEDORA-2013-23381/cryptsetup-1.6.3-1.fc18
1 https://admin.fedoraproject.org/updates/FEDORA-2013-23716/selinux-policy-3.11.1-108.fc18
The following builds have been pushed to Fedora 18 updates-testing
NLopt-2.4.1-1.fc18
aime-7.20131209-1.fc18
libnet-1.1.6-7.fc18
lightdm-1.4.5-3.fc18
lyx-2.0.7-1.fc18
mate-power-manager-1.6.3-1.fc18
mate-settings-daemon-1.6.2-1.fc18
ngrep-1.45-15.git20131221.16ba99a.fc18
nomacs-1.6.2-1.fc18
proftpd-1.3.4d-5.fc18
rubygem-mixlib-cli-1.4.0-1.fc18
rubygem-mixlib-config-2.1.0-1.fc18
scap-security-guide-0.1.4-1.fc18
vifir-0.9-21.fc18
Details about builds:
================================================================================
NLopt-2.4.1-1.fc18 (FEDORA-2013-23834)
Open-Source library for nonlinear optimization
--------------------------------------------------------------------------------
Update Information:
new upstream release: v2.4.1
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 20 2013 Björn Esser <bjoern.esser at gmail.com> - 2.4.1-1
- new upstream release: v2.4.1
- adapted %{source0} to match %{name}
- changed `%global lc_name` to `%define lc_name`, because of globbing problems
- use `tr` instead of shell-builtin for `%define lc_name`
- move `README.md` only if existing
* Fri Dec 20 2013 Björn Esser <bjoern.esser at gmail.com> - 2.4-3.git20130903.35e6377
- made %clean-target conditional on el5
- restructured spec-file for quick switching between snapshot and release
- moved package-specific macros to the corresponding subpackage
--------------------------------------------------------------------------------
================================================================================
aime-7.20131209-1.fc18 (FEDORA-2013-23842)
An application embeddable programming language interpreter
--------------------------------------------------------------------------------
Update Information:
New version.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 21 2013 Christopher Meng <rpm at cicku.me> - 7.20131209-1
- Update to 7.20131209
* Fri Oct 11 2013 Christopher Meng <rpm at cicku.me> - 6.20130921-1
- Update to 6.20130921
--------------------------------------------------------------------------------
================================================================================
libnet-1.1.6-7.fc18 (FEDORA-2013-23775)
C library for portable packet creation and injection
--------------------------------------------------------------------------------
Update Information:
- Run autoreconf to recognize aarch64 (#925813)
- Conditionalized usage of %{_lib} vs %{_libdir} for RHEL < 7
- Tight run-time dependencies between sub-packages via %{?_isa}
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 20 2013 Robert Scheck <robert at fedoraproject.org> 1.1.6-7
- Run autoreconf to recognize aarch64 (#925813)
- Conditionalized usage of %{_lib} vs %{_libdir} for RHEL < 7
- Tight run-time dependencies between sub-packages via %{?_isa}
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.1.6-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.1.6-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #925813 - libnet: Does not support aarch64 in f19 and rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=925813
--------------------------------------------------------------------------------
================================================================================
lightdm-1.4.5-3.fc18 (FEDORA-2013-23816)
Lightweight Display Manager
--------------------------------------------------------------------------------
Update Information:
Fix scriptlet error
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 11 2013 Rex Dieter <rdieter at fedoraproject.org> 1.4.5-3
- sync scriptlets with f20+ branch (#1029006)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1029006 - Error in PREUN scriptlet in rpm package lightdm-1.4.0-2.fc18.armv6hl
https://bugzilla.redhat.com/show_bug.cgi?id=1029006
--------------------------------------------------------------------------------
================================================================================
lyx-2.0.7-1.fc18 (FEDORA-2013-23789)
WYSIWYM (What You See Is What You Mean) document processor
--------------------------------------------------------------------------------
Update Information:
Latest stable update. For further details see http://www.lyx.org/announce/2_0_7.txt
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 21 2013 José Matos <jamatos at fedoraproject.org> - 2.0.7-1
- update to 2.0.7
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.0.6-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Sat Jul 27 2013 pmachata at redhat.com - 2.0.6-2
- Rebuild for boost 1.54.0
--------------------------------------------------------------------------------
================================================================================
mate-power-manager-1.6.3-1.fc18 (FEDORA-2013-23833)
MATE power management service
--------------------------------------------------------------------------------
Update Information:
- updated to 1.6.3 release
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 20 2013 Wolfgang Ulbrich <chat-to-me at raveit.de> - 1.6.3-1
- updated to 1.6.3 release
- fix build, add mate-power-manager_set-DISABLE_DEPRECATED-to-an-empty-string.patch
- remove BR mate-keyring-devel
- fix bogus date in %changelog
--------------------------------------------------------------------------------
================================================================================
mate-settings-daemon-1.6.2-1.fc18 (FEDORA-2013-23798)
MATE Desktop settings daemon
--------------------------------------------------------------------------------
Update Information:
- update to 1.6.2 release
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 20 2013 Wolfgang Ulbrich <chat-to-me at raveit.de> - 1.6.2-1
- update to 1.6.2 release
--------------------------------------------------------------------------------
================================================================================
ngrep-1.45-15.git20131221.16ba99a.fc18 (FEDORA-2013-23762)
Network layer grep tool
--------------------------------------------------------------------------------
Update Information:
- Checkout from official repo(BZ#1044630).
- Remove patch for system pcre as configure script can handle it now.
- Add format security check fix due to dumb GCC.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 21 2013 Christopher Meng <rpm at cicku.me> - 1.45-15.git20131221.16ba99a
- Checkout from official repo(BZ#1044630).
- Remove patch for system pcre as configure script can handle it now.
- Add format security check fix due to dumb GCC.
* Mon Aug 26 2013 Christopher Meng <rpm at cicku.me> - 1.45-14
- SPEC Cleanup.
- AArch64 support(BZ#926232).
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.45-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.45-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1044630 - ngrep completely broken with latest libpcap 1.5 snapshot
https://bugzilla.redhat.com/show_bug.cgi?id=1044630
--------------------------------------------------------------------------------
================================================================================
nomacs-1.6.2-1.fc18 (FEDORA-2013-23839)
Lightweight image viewer
--------------------------------------------------------------------------------
Update Information:
Version bump.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 20 2013 TI_Eugene <ti.eugene at gmail.com> 1.6.2-1
- Version bump.
* Tue Dec 3 2013 Rex Dieter <rdieter at fedoraproject.org> - 1.6.0.2-2
- rebuild (exiv2)
--------------------------------------------------------------------------------
================================================================================
proftpd-1.3.4d-5.fc18 (FEDORA-2013-23806)
Flexible, stable and highly-configurable FTP server
--------------------------------------------------------------------------------
Update Information:
This update adds 3072-bit, 7680-bit and 8192-bit Diffie-Hellman group parameters, needed for support of some ciphers such as aes-256-ctr.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 20 2013 Paul Howarth <paul at city-fan.org> 1.3.4d-5
- Fix support for 8192-bit DH parameters (#1044586)
- Add 3072-bit and 7680-bit DH parameters (upstream bug 4002)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1044586 - proftpd does not ship 8192 bit dh parameter
https://bugzilla.redhat.com/show_bug.cgi?id=1044586
--------------------------------------------------------------------------------
================================================================================
rubygem-mixlib-cli-1.4.0-1.fc18 (FEDORA-2013-23829)
Simple Ruby mix-in for CLI interfaces
--------------------------------------------------------------------------------
Update Information:
Update to 1.4.0 (bz#1038983)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 20 2013 Julian C. Dunn <jdunn at aquezada.com> - 1.4.0-1
- Update to 1.4.0 (bz#1038983)
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.3.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Fri Mar 8 2013 Josef Stribny <jstribny at redhat.com> - 1.3.0-3
- Rebuild for https://fedoraproject.org/wiki/Features/Ruby_2.0.0
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.3.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1038983 - rubygem-mixlib-cli-1.4.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1038983
--------------------------------------------------------------------------------
================================================================================
rubygem-mixlib-config-2.1.0-1.fc18 (FEDORA-2013-23778)
Simple Ruby config mix-in
--------------------------------------------------------------------------------
Update Information:
Upgrade to 2.1.0 (bz#1038984)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 20 2013 Julian C. Dunn <jdunn at aquezada.com> - 2.1.0-1
- Upgrade to 2.1.0 (bz#1038984)
* Sun Sep 15 2013 Julian C. Dunn <jdunn at aquezada.com> - 2.0.0-1
- Upgrade to 2.0.0 (bz#1012369)
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.1.2-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Fri Mar 8 2013 Josef Stribny <jstribny at redhat.com> - 1.1.2-5
- Rebuild for https://fedoraproject.org/wiki/Features/Ruby_2.0.0
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.1.2-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1038984 - rubygem-mixlib-config-2.1.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1038984
--------------------------------------------------------------------------------
================================================================================
scap-security-guide-0.1.4-1.fc18 (FEDORA-2013-23779)
Security guidance and baselines in SCAP formats
--------------------------------------------------------------------------------
Update Information:
Rebase to upstream 0.1.4 version (includes fix for RH BZ#1040335)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 20 2013 Jan iankko Lieskovsky <jlieskov at redhat.com> 0.1.4-1
- Fix remediation for sshd set keepalive (ClientAliveCountMax) and move
it to /shared
- Add shared remediations for sshd disable empty passwords and
sshd set idle timeout
- Shared remediation for sshd disable root login
- Add empty -compat subpackage to ensure backward-compatibility with
openscap-content and firstaidkit-plugin-openscap packages (RH BZ#1040335)
- OVAL check for sshd disable root login
- Fix typo in OVAL check for sshd disable empty passwords
- OVAL check for sshd disable empty passwords
- Unselect no shelllogin for systemaccounts rule from being run by default
- Rename XCCDF rules
- Revert Set up Fedora release name and CPE based on build system properties
- Shared OVAL check for Verify that Shared Library Files Have Root Ownership
- Shared OVAL check for Verify that System Executables Have Restrictive Permissions
- Shared OVAL check for Verify that System Executables Have Root Ownership
- Shared OVAL check for Verify that Shared Library Files Have Restrictive
Permissions
- Fix remediation for Disable Prelinking rule
- OVAL check and remediation for sshd's ClientAliveCountMax rule
- OVAL check for sshd's ClientAliveInterval rule
- Include descriptions for permissions section, and rules for checking
permissions and ownership of shared library files and system executables
- Disable selected rules by default
- Add remediation for Disable Prelinking rule
- Adjust service-enable-macro, service-disable-macro XSLT transforms
definition to evaluate to proper systemd syntax
- Fix service_ntpd_enabled OVAL check make validate to pass again
- Include patch from Šimon Lukašík to obsolete openscap-content
package (RH BZ#1028706)
- Add OVAL check to test if there's is remote NTP server configured for
time data
- Add system settings section for the guide (to track system wide
hardening configurations)
- Include disable prelink rule and OVAL check for it
- Initial OVAL check if ntpd service is enabled. Add package_installed
OVAL templating directory structure and functionality.
- Include services section, and XCCDF description for selected ntpd's
sshd's service rules
- Include remediations for login.defs' based password minimum, maximum and
warning age rules
- Include directory structure to support remediations
- Add SCAP "replace or append pattern value in text file based on variable"
remediation script generator
- Add remediation for "Set Password Minimum Length in login.defs" rule
* Mon Nov 18 2013 Jan iankko Lieskovsky <jlieskov at redhat.com> 0.1.3-1
- Update versioning scheme - move fedorassgrelease to be part of
upstream version. Rename it to fedorassgversion to avoid name collision
with Fedora package release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1040335 - opescap should provide openscap-content and firstaidkit-plugin-openscap in the package
https://bugzilla.redhat.com/show_bug.cgi?id=1040335
--------------------------------------------------------------------------------
================================================================================
vifir-0.9-21.fc18 (FEDORA-2013-23758)
A viewer for electronic aviation charts
--------------------------------------------------------------------------------
Update Information:
* Sat Dec 21 2013 Fabian Affolter <mail at fabian-affolter.ch> - 0.9-21
- Remove poppler dep (rhbz#1043506)
* Thu Nov 28 2013 Fabian Affolter <mail at fabian-affolter.ch> - 0.9-20
- Rebuild for libgps
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 21 2013 Fabian Affolter <mail at fabian-affolter.ch> - 0.9-21
- Remove poppler dep (rhbz#1043506)
* Thu Nov 28 2013 Fabian Affolter <mail at fabian-affolter.ch> - 0.9-20
- Rebuild for libgps
* Mon Aug 19 2013 Marek Kasik <mkasik at redhat.com> - 0.9-19
- Rebuild (poppler-0.24.0)
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.9-18
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Sun Jun 30 2013 Bruno Wolff III <bruno at wolff.to> - 0.9-17
- Rebuild for poppler soname bump
* Wed Jun 26 2013 Fabian Affolter <mail at fabian-affolter.ch> - 0.9-16
- Rebuild poppler
* Fri Feb 15 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.9-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Fri Jan 18 2013 Marek Kasik <mkasik at redhat.com> - 0.9-14
- Rebuild (poppler-0.22.0)
* Sat Nov 10 2012 Fabian Affolter <mail at fabian-affolter.ch> - 0.9-13
- Rebuild for F19
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1043506 - Vifir doesn't need poppler
https://bugzilla.redhat.com/show_bug.cgi?id=1043506
--------------------------------------------------------------------------------
More information about the test
mailing list