Fedora 17 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Tue Jul 2 00:36:16 UTC 2013
The following Fedora 17 Security updates need testing:
Age URL
361 https://admin.fedoraproject.org/updates/FEDORA-2012-10269/revelation-0.4.14-1.fc17
173 https://admin.fedoraproject.org/updates/FEDORA-2013-0455/fedora-business-cards-1-0.1.beta1.fc17
101 https://admin.fedoraproject.org/updates/FEDORA-2013-4234/stunnel-4.55-1.fc17
96 https://admin.fedoraproject.org/updates/FEDORA-2013-4501/libxslt-1.1.28-1.fc17
93 https://admin.fedoraproject.org/updates/FEDORA-2013-4581/libuser-0.57.6-2.fc17
25 https://admin.fedoraproject.org/updates/FEDORA-2013-10128/ssmtp-2.61-20.fc17
25 https://admin.fedoraproject.org/updates/FEDORA-2013-10121/subversion-1.7.10-1.fc17
15 https://admin.fedoraproject.org/updates/FEDORA-2013-10940/tomcat6-6.0.37-1.fc17
10 https://admin.fedoraproject.org/updates/FEDORA-2013-11397/python-bugzilla-0.9.0-1.fc17
7 https://admin.fedoraproject.org/updates/FEDORA-2013-11568/curl-7.24.0-10.fc17
6 https://admin.fedoraproject.org/updates/FEDORA-2013-11649/wordpress-3.5.2-1.fc17
4 https://admin.fedoraproject.org/updates/FEDORA-2013-11413/glpi-0.83.9.1-1.fc17
4 https://admin.fedoraproject.org/updates/FEDORA-2013-11785/xen-4.1.5-8.fc17
3 https://admin.fedoraproject.org/updates/FEDORA-2013-11871/xen-4.1.5-9.fc17
0 https://admin.fedoraproject.org/updates/FEDORA-2013-11992/php-pecl-radius-1.2.7-1.fc17
0 https://admin.fedoraproject.org/updates/FEDORA-2013-12062/ruby-1.9.3.448-31.fc17
0 https://admin.fedoraproject.org/updates/FEDORA-2013-12075/gegl-0.2.0-11.fc17
The following Fedora 17 Critical Path updates have yet to be approved:
Age URL
313 https://admin.fedoraproject.org/updates/FEDORA-2012-12509/PackageKit-0.7.6-1.fc17
121 https://admin.fedoraproject.org/updates/FEDORA-2013-3304/libvpx-1.2.0-1.fc17
10 https://admin.fedoraproject.org/updates/FEDORA-2013-11411/deltarpm-3.6-0.12.20110223git.fc17
10 https://admin.fedoraproject.org/updates/FEDORA-2013-11397/python-bugzilla-0.9.0-1.fc17
7 https://admin.fedoraproject.org/updates/FEDORA-2013-11568/curl-7.24.0-10.fc17
The following builds have been pushed to Fedora 17 updates-testing
cups-1.5.4-22.fc17
gegl-0.2.0-11.fc17
mate-control-center-1.6.0-2.fc17
mate-file-archiver-1.6.0-2.fc17
mate-file-manager-1.6.1-9.fc17
python-fsmonitor-0.1-1.fc17
quiterss-0.13.1-1.fc17
rekonq-2.3.2-1.fc17
ruby-1.9.3.448-31.fc17
tweepy-2.0-1.fc17
vanityhash-1.1-1.fc17
Details about builds:
================================================================================
cups-1.5.4-22.fc17 (FEDORA-2013-12076)
Common Unix Printing System
--------------------------------------------------------------------------------
Update Information:
This update fixes some issues with the move of some options from cupsd.conf to cups-files.conf, and prevents a crash in the dnssd backend.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 1 2013 Tim Waugh <twaugh at redhat.com> 1:1.5.4-22
- dnssd backend: don't crash if avahi gives a callback with no TXT
record (bug #927040).
* Tue Mar 5 2013 Tim Waugh <twaugh at redhat.com> 1:1.5.4-21
- Documentation fixes from STR #4223 (bug #915981).
* Fri Jan 18 2013 Jiri Popelka <jpopelka at redhat.com> 1:1.5.4-20
- Add quirk rule for Canon MP210 (#847923).
* Mon Jan 14 2013 Jiri Popelka <jpopelka at redhat.com> 1:1.5.4-19
- Fix unowned directories (#894531).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #882379 - cups RPM moves LogFilePerm from cupsd.conf to cups-files.conf and breaks cups
https://bugzilla.redhat.com/show_bug.cgi?id=882379
[ 2 ] Bug #915981 - cups-files.conf html help files missing, many config entries undocumented
https://bugzilla.redhat.com/show_bug.cgi?id=915981
[ 3 ] Bug #927040 - [abrt] cups-1.5.4-20.fc18: avahi_string_list_get_pair: Process /usr/lib/cups/backend/dnssd was killed by signal 6 (SIGABRT)
https://bugzilla.redhat.com/show_bug.cgi?id=927040
--------------------------------------------------------------------------------
================================================================================
gegl-0.2.0-11.fc17 (FEDORA-2013-12075)
A graph based image processing framework
--------------------------------------------------------------------------------
Update Information:
This update contains the following changes:
* Fix buffer overflow in and add plausibility checks to the ppm-load operation.
* Fix multi-lib issue where content of generated documentation could differ between architectures.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 1 2013 Nils Philippsen <nils at redhat.com> - 0.2.0-11
- replace lua-5.2 patch by upstream commit
- fix buffer overflow in and add plausibility checks to ppm-load op
(CVE-2012-4433)
- fix multi-lib issue in generated documentation
* Wed May 15 2013 Tom Callaway <spot at fedoraproject.org> - 0.2.0-10
- rebuild for lua 5.2
- disable check suite (so broken)
* Sun Mar 10 2013 Rex Dieter <rdieter at fedoraproject.org> - 0.2.0-9
- rebuild (OpenEXR)
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.2.0-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Fri Jan 18 2013 Adam Tkac <atkac redhat com> - 0.2.0-7
- rebuild due to "jpeg8-ABI" feature drop
* Fri Dec 21 2012 Adam Tkac <atkac redhat com> - 0.2.0-6
- rebuild against new libjpeg
* Fri Oct 19 2012 Nils Philippsen <nils at redhat.com> - 0.2.0-5
- don't catch "make check" errors but skip known problematic tests
* Fri Oct 19 2012 Nils Philippsen <nils at redhat.com> - 0.2.0-4
- don't require lensfun-devel for building without workshop ops
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.2.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Wed May 2 2012 Rex Dieter <rdieter at fedoraproject.org> - 0.2.0-2
- rebuild (exiv2)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #856300 - CVE-2012-4433 gegl: Integer overflow, leading to heap-based buffer overflow by parsing PPM image headers
https://bugzilla.redhat.com/show_bug.cgi?id=856300
--------------------------------------------------------------------------------
================================================================================
mate-control-center-1.6.0-2.fc17 (FEDORA-2013-12101)
MATE Desktop control-center
--------------------------------------------------------------------------------
Update Information:
add runtime require gsettings-desktop-schemas to have proxy support from gnome gsettings schema
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jun 29 2013 Wolfgang Ulbrich <chat-to-me at raveit.de> - 1.6.0.2
- add runtime require gsettings-desktop-schemas to have proxy support
- from gnome gsettings schema
- remove needless mate-control-center.convert file
- remove unused-direct-shlib-dependency to avoid rpmlint warnings
- cleanup BR's
--------------------------------------------------------------------------------
================================================================================
mate-file-archiver-1.6.0-2.fc17 (FEDORA-2013-12127)
MATE Desktop file archiver
--------------------------------------------------------------------------------
Update Information:
- https://github.com/mate-desktop/mate-file-archiver/issues/19,
- fix add folder to an existing archive
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jun 30 2013 Wolfgang Ulbrich <chat-to-me at raveit.de> - 1.6.0-2
- https://github.com/mate-desktop/mate-file-archiver/issues/19,
- fix add folder to existing archive
- remove BR gsettings-desktop-schemas
- remove BR glib2-devel
- remove needless gsettings convert file
* Wed Apr 3 2013 Dan Mashal <dan.mashal at fedoraproject.org> - 1.6.0-1
- Update to latest 1.6.0 stable release.
--------------------------------------------------------------------------------
================================================================================
mate-file-manager-1.6.1-9.fc17 (FEDORA-2013-12061)
File manager for MATE
--------------------------------------------------------------------------------
Update Information:
- set autostart to false in caja-autostart, fix rhbz #969663
- add mate-file-manager_fix-radio-buttons.patch to fix rhbz #964357
- fix single-click 'behavior' for open files and folders
- remove gsettings convert file
- add AutostartCondition to caja-autostart.desktop
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 1 2013 Wolfgang Ulbrich <chat-to-me at raveit.de> - 1.6.1-9
- set autostart to false in caja-autostart, fix rhbz #969663
- and #978598
* Sun Jun 30 2013 Wolfgang Ulbrich <chat-to-me at raveit.de> - 1.6.1-8
- add mate-file-manager_fix-radio-buttons.patch to fix rhbz #964357
- clean up BR's
- add runtime require hicolor-icon-theme
- revert 1.6.1-7 changes
* Thu Jun 20 2013 Dan Mashal <dan.mashal at fedoraproejct.org> - 1.6.1-7
- Try caja without the autostart file (886029)
* Sat Jun 15 2013 Wolfgang Ulbrich <chat-to-me at raveit.de> - 1.6.1-6
- remove gsettings convert file
--------------------------------------------------------------------------------
================================================================================
python-fsmonitor-0.1-1.fc17 (FEDORA-2013-12097)
Filesystem Monitoring for Python
--------------------------------------------------------------------------------
Update Information:
python-fsmonitor 0.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #979847 - python-fsmonitor - Filesystem Monitoring for Python
https://bugzilla.redhat.com/show_bug.cgi?id=979847
--------------------------------------------------------------------------------
================================================================================
quiterss-0.13.1-1.fc17 (FEDORA-2013-12065)
RSS/Atom aggregator
--------------------------------------------------------------------------------
Update Information:
Vesion bump.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 1 2013 TI_Eugene <ti.eugene at gmail.com> - 0.13.1-1
- Version bump
--------------------------------------------------------------------------------
================================================================================
rekonq-2.3.2-1.fc17 (FEDORA-2013-12128)
KDE browser based on QtWebkit
--------------------------------------------------------------------------------
Update Information:
Rekonq 2.3.2 release
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 1 2013 Jan Grulich <jgrulich at redhat.com> 2.3.2-1
- 2.3.2
--------------------------------------------------------------------------------
================================================================================
ruby-1.9.3.448-31.fc17 (FEDORA-2013-12062)
An interpreter of object-oriented scripting language
--------------------------------------------------------------------------------
Update Information:
A vulnerability was found in Ruby's SSL client that could allow man-in-the-middle attackers to spoof SSL servers via valid certificate issued by a trusted certification authority.
This vulnerability has been assigned the CVE identifier CVE-2013-4073.
This new update should solve this issue.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 1 2013 Mamoru TASAKA <mtasaka at fedoraproject.org> - 1.9.3.448-31
- Update to 1.9.3 p448
- Fix hostname check bypassing vulnerability in SSL client
(CVE-2013-4073)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #979295 - ruby: CVE-2013-4073 ruby: hostname check bypassing vulnerability in SSL client [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=979295
--------------------------------------------------------------------------------
================================================================================
tweepy-2.0-1.fc17 (FEDORA-2013-12112)
Twitter library for python
--------------------------------------------------------------------------------
Update Information:
Update tweepy to version 2.0
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jun 28 2013 rtnpro <rtnpro at gmail.com> 2.0-1
- Update to tweepy v2.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #675104 - Review Request: tweepy - Twitter library for python
https://bugzilla.redhat.com/show_bug.cgi?id=675104
--------------------------------------------------------------------------------
================================================================================
vanityhash-1.1-1.fc17 (FEDORA-2013-12066)
Hexadecimal hash fragment creation tool
--------------------------------------------------------------------------------
Update Information:
Hexadecimal hash fragment creation tool.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #979370 - Review Request: vanityhash - Hexadecimal hash fragment creation tool
https://bugzilla.redhat.com/show_bug.cgi?id=979370
--------------------------------------------------------------------------------
More information about the test
mailing list