Fedora 18 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Tue Jul 16 01:53:02 UTC 2013
The following Fedora 18 Security updates need testing:
Age URL
188 https://admin.fedoraproject.org/updates/FEDORA-2013-0416/fedora-business-cards-1-0.1.beta1.fc18
122 https://admin.fedoraproject.org/updates/FEDORA-2013-3935/puppet-3.1.1-1.fc18
115 https://admin.fedoraproject.org/updates/FEDORA-2013-4243/stunnel-4.55-1.fc18
102 https://admin.fedoraproject.org/updates/FEDORA-2013-4823/microcode_ctl-2.0-3.fc18
87 https://admin.fedoraproject.org/updates/FEDORA-2013-6117/eucalyptus-3.2.2-1.fc18
41 https://admin.fedoraproject.org/updates/FEDORA-2013-9962/subversion-1.7.10-1.fc18
22 https://admin.fedoraproject.org/updates/FEDORA-2013-10713/openstack-keystone-2012.2.4-5.fc18
13 https://admin.fedoraproject.org/updates/FEDORA-2013-12193/lldpad-0.9.45-4.fc18
6 https://admin.fedoraproject.org/updates/FEDORA-2013-12653/file-roller-3.6.4-1.fc18
4 https://admin.fedoraproject.org/updates/FEDORA-2013-12711/seamonkey-2.19-1.fc18
1 https://admin.fedoraproject.org/updates/FEDORA-2013-12960/openjpa-2.2.0-3.fc18
1 https://admin.fedoraproject.org/updates/FEDORA-2013-11780/nodejs-callsite-1.0.0-2.fc18,nodejs-inherits1-1.0.0-11.fc18,nodejs-cmd-shim-1.1.0-3.fc18,nodejs-editor-0.0.4-2.fc18,nodejs-child-process-close-0.1.1-2.fc18,nodejs-npm-user-validate-0.0.3-1.fc18,nodejs-better-assert-1.0.0-2.fc18,nodejs-normalize-package-data-0.2.0-1.fc18,nodejs-github-url-from-git-1.1.1-2.fc18,nodejs-ctype-0.5.3-3.fc18,nodejs-asn1-0.1.11-3.fc18,nodejs-http-signature-0.10.0-3.fc18,nodejs-ansi-0.2.0-1.fc18,nodejs-aws-sign-0.3.0-1.fc18,nodejs-boom-0.4.2-2.fc18,nodejs-config-chain-1.1.7-1.fc18,nodejs-cookie-jar-0.3.0-1.fc18,nodejs-couch-login-0.1.17-1.fc18,nodejs-cryptiles-0.2.1-1.fc18,nodejs-forever-agent-0.5.0-1.fc18,nodejs-form-data-0.0.10-1.fc18,nodejs-fstream-ignore-0.0.7-1.fc18,nodejs-fstream-npm-0.1.5-1.fc18,nodejs-hawk-0.15.0-1.fc18,nodejs-hoek-0.9.1-1.fc18,nodejs-inherits-2.0.0-3.fc18,nodejs-init-package-json-0.0.10-1.fc18,nodejs-json-stringify-safe-5.0.0-1.fc18,nodejs-npmconf-0.1.1-1.fc18,nodejs-oauth-sign-0.3.0-1.fc18,nodejs-read-installed-0.2.2-1.fc18,nodejs-read-package-json-1.1.0-2.fc18,nodejs-request-2.21.0-1.fc18,nodejs-rimraf-2.2.0-1.fc18,nodejs-slide-1.1.4-1.fc18,nodejs-sntp-0.2.4-1.fc18,nodejs-tunnel-agent-0.3.0-1.fc18,npm-1.3.3-1.fc18,nodejs-tap-0.4.1-6.fc18,nodejs-vows-0.7.0-6.fc18,nodejs-fstream-0.1.23-1.fc18,nodejs-glob-3.2.3-1.fc18,nodejs-graceful-fs-2.0.0-2.fc18,node-gyp-0.10.6-1.fc18,nodejs-lockfile-0.4.0-1.fc18,nodejs-npm-registry-client-0.2.27-1.fc18,nodejs-semver-2.0.10-1.fc18,nodejs-sha-1.0.1-4.fc18,nodejs-npmlog-0.0.4-1.fc18
1 https://admin.fedoraproject.org/updates/FEDORA-2013-12315/php-5.4.17-2.fc18
0 https://admin.fedoraproject.org/updates/FEDORA-2013-13019/libzrtpcpp-2.3.4-1.fc18,ortp-0.20.0-5.fc18,twinkle-1.4.2-19.fc18.1
The following Fedora 18 Critical Path updates have yet to be approved:
Age URL
156 https://admin.fedoraproject.org/updates/FEDORA-2013-2192/nautilus-3.6.3-5.fc18
36 https://admin.fedoraproject.org/updates/FEDORA-2013-10428/NetworkManager-0.9.8.2-1.fc18,network-manager-applet-0.9.8.2-1.fc18
13 https://admin.fedoraproject.org/updates/FEDORA-2013-12193/lldpad-0.9.45-4.fc18
10 https://admin.fedoraproject.org/updates/FEDORA-2013-12374/ppp-2.4.5-30.fc18
10 https://admin.fedoraproject.org/updates/FEDORA-2013-12352/lxpanel-0.5.12-3.fc18
9 https://admin.fedoraproject.org/updates/FEDORA-2013-12449/fuse-2.9.3-1.fc18
9 https://admin.fedoraproject.org/updates/FEDORA-2013-12445/exo-0.10.2-5.fc18
8 https://admin.fedoraproject.org/updates/FEDORA-2013-12570/strigi-0.7.8-1.fc18
3 https://admin.fedoraproject.org/updates/FEDORA-2013-12897/pam-1.1.6-4.fc18
2 https://admin.fedoraproject.org/updates/FEDORA-2013-12922/device-mapper-persistent-data-0.2.1-1.fc18
2 https://admin.fedoraproject.org/updates/FEDORA-2013-12915/sane-backends-1.0.23-13.fc18
1 https://admin.fedoraproject.org/updates/FEDORA-2013-12979/squashfs-tools-4.3-0.18.gitaae0aff4.fc18
1 https://admin.fedoraproject.org/updates/FEDORA-2013-12987/kernel-3.9.10-200.fc18
0 https://admin.fedoraproject.org/updates/FEDORA-2013-13016/opus-1.0.3-1.fc18
0 https://admin.fedoraproject.org/updates/FEDORA-2013-13024/emacs-24.2-20.fc18
The following builds have been pushed to Fedora 18 updates-testing
cacti-0.8.8a-8.fc18
condor-8.1.0-0.2.fc18
emacs-24.2-20.fc18
jpanoramamaker-5.5-0.fc18
labyrinth-0.6-1.fc18
librime-0.9.8-3.fc18
libzrtpcpp-2.3.4-1.fc18
nomacs-1.4.0-1.fc18
openscap-0.9.10-1.fc18
opus-1.0.3-1.fc18
ortp-0.20.0-5.fc18
perl-File-Find-Object-Rule-0.0303-1.fc18
perl-qpid-0.22-3.fc18
php-pecl-zendopcache-7.0.2-2.fc18
quotatool-1.6.2-1.fc18
rubygem-qpid_messaging-0.22.0-2.fc18
tomcat-7.0.42-1.fc18
twinkle-1.4.2-19.fc18.1
wget-1.14-5.fc18
Details about builds:
================================================================================
cacti-0.8.8a-8.fc18 (FEDORA-2013-13026)
An rrd based graphing tool
--------------------------------------------------------------------------------
Update Information:
* Remove non-free Javascript files and use a Free jQuery implementation instead.
* Move "README.cacti" to "README.fedora".
* Improve httpd configuration guidance (cacti.conf).
* Adjust package requirements so cacti will now pull in net-snmp-utils.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jul 14 2013 Ken Dreyer <ktdreyer at ktdreyer.org> - 0.8.8a-8
- Improve security description in cacti's httpd conf (RHBZ #895823)
- Use improved treeview replacement patch (RHBZ #888207)
- rpmlint fixes
- trim RPM changelog
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.8.8a-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Tue Jan 8 2013 Ken Dreyer <ktdreyer at ktdreyer.com> - 0.8.8a-6
- Add note to README.fedora about the default MySQL password
- Remove reference to "docs/INSTALL" in README.fedora (RHBZ #893122)
- Add dependency on net-snmp-utils (RHBZ #893150)
* Fri Jan 4 2013 Ken Dreyer <ktdreyer at ktdreyer.com> - 0.8.8a-5
- Install our README file as README.fedora
* Fri Jan 4 2013 Tom Callaway <spot at fedoraproject.org> - 0.8.8a-4
- remove non-free treeview bits (replace with jquery future code from 0.8.9 trunk)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #893122 - documentation file: README.cacti points to missing file: docs/INSTALL
https://bugzilla.redhat.com/show_bug.cgi?id=893122
[ 2 ] Bug #888207 - Cacti included non-free Java Scripts files.
https://bugzilla.redhat.com/show_bug.cgi?id=888207
[ 3 ] Bug #893150 - missing Requires: net-snmp-utils
https://bugzilla.redhat.com/show_bug.cgi?id=893150
[ 4 ] Bug #895823 - [RFE] improve httpd config guidance
https://bugzilla.redhat.com/show_bug.cgi?id=895823
--------------------------------------------------------------------------------
================================================================================
condor-8.1.0-0.2.fc18 (FEDORA-2013-13036)
Condor: High Throughput Computing
--------------------------------------------------------------------------------
Update Information:
Update and minor fixes around init scripts
Updated build dependencies.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jun 22 2013 <tstclair at redhat.com> - 8.1.0-0.2
- Fix for aviary hadoop field swap
* Wed Jun 19 2013 <tstclair at redhat.com> - 8.1.0-0.1
- Update to latest uw/master
* Fri Mar 15 2013 <tstclair at redhat.com> - 7.9.5-0.2
- Update build dependencies
* Thu Feb 28 2013 <tstclair at redhat.com> - 7.9.5-0.1
- Fast forward to 7.9.5 pre-release
* Thu Feb 14 2013 Brian Bockelman <bbockelm at cse.unl.edu> - 7.9.5-0.1.4e2a2ef.git
- Re-sync with master.
- Use upstream python bindings.
* Sun Feb 10 2013 Denis Arnaud <denis.arnaud_fedora at m4x.org> - 7.9.1-0.1.5
- Rebuild for Boost-1.53.0
* Sat Feb 9 2013 Denis Arnaud <denis.arnaud_fedora at m4x.org> - 7.9.1-0.1.4
- Rebuild for Boost-1.53.0
* Sat Feb 2 2013 Brian Bockelman <bbockelm at cse.unl.edu> - 7.9.4-0.4.d028b17.git
- Re-sync with master.
* Wed Jan 2 2013 Brian Bockelman <bbockelm at cse.unl.edu> - 7.9.4-0.1.dce3324.git
- Add support for python bindings.
* Thu Dec 6 2012 Brian Bockelman <bbockelm at cse.unl.edu> - 7.9.3-0.6.ce12f50.git
- Fix compile for CREAM.
* Thu Dec 6 2012 Brian Bockelman <bbockelm at cse.unl.edu> - 7.9.3-0.5.ce12f50.git
- Merge code which has improved blahp file cleanup.
* Tue Oct 30 2012 Brian Bockelman <bbockelm at cse.unl.edu> - 7.9.2-0.2.b714b0e.git
- Re-up to the latest master.
- Add support for syslog.
* Thu Oct 11 2012 Brian Bockelman <bbockelm at cse.unl.edu> - 7.9.1-0.14.b135441.git
- Re-up to the latest master.
- Split out a separate package for BOSCO.
* Tue Sep 25 2012 Brian Bockelman <bbockelm at cse.unl.edu> - 7.9.1-0.13.c7df613.git
- Rebuild to re-enable blahp.
* Mon Sep 24 2012 Brian Bockelman <bbockelm at cse.unl.edu> - 7.9.1-0.12.c7df613.git
- Update to capture the latest security fixes.
- CGAHP scalability fixes have been upstreamed.
--------------------------------------------------------------------------------
================================================================================
emacs-24.2-20.fc18 (FEDORA-2013-13024)
GNU Emacs text editor
--------------------------------------------------------------------------------
Update Information:
This is a working fix for bug 970924 (the rpm-goto-add-change-log-entry command).
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jul 14 2013 Michael Schwendt <mschwendt at fedoraproject.org> - 1:24.2-20
- Really fix #970924
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #970924 - rpm-goto-add-change-log-entry is not working as expected
https://bugzilla.redhat.com/show_bug.cgi?id=970924
--------------------------------------------------------------------------------
================================================================================
jpanoramamaker-5.5-0.fc18 (FEDORA-2013-13032)
Tool for stitching photos to panorama in linear curved space
--------------------------------------------------------------------------------
Update Information:
Udpated to altest upstream
Minor fixes:
- fixed classpath
- fixed loading of more then 9 files in time
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 15 2013 Jiri Vanek <jvanek at redhat.com> - 5.5-0
- folowing changes in jutils, version for classpath setup fixed
- unlimited number of arguments now supported upstreamed
--------------------------------------------------------------------------------
================================================================================
labyrinth-0.6-1.fc18 (FEDORA-2013-12993)
A light weight mind mapping tool
--------------------------------------------------------------------------------
Update Information:
Un-retired package!
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #982255 - Re-Review Request: labyrinth - A light weight mind mapping tool
https://bugzilla.redhat.com/show_bug.cgi?id=982255
--------------------------------------------------------------------------------
================================================================================
librime-0.9.8-3.fc18 (FEDORA-2013-13008)
Rime Input Method Engine Library
--------------------------------------------------------------------------------
Update Information:
Fixes arm build
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 15 2013 Peng Wu <pwu at redhat.com> - 0.9.8-3
- Fixes arm build
--------------------------------------------------------------------------------
================================================================================
libzrtpcpp-2.3.4-1.fc18 (FEDORA-2013-13019)
ZRTP support library for the GNU ccRTP stack
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2013-2221, CVE-2013-2222, CVE-2013-2223.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 3 2013 Kevin Fenzi <kevin at scrye.com> 2.3.4-1
- Update to 2.3.4
- Fixes CVE-2013-2221 CVE-2013-2222 CVE-2013-2223
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.3.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Wed Nov 21 2012 Kevin Fenzi <kevin at scrye.com> 2.3.2-1
- Update to 2.3.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #980904 - CVE-2013-2221 CVE-2013-2222 CVE-2013-2223 libzrtpcpp various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=980904
--------------------------------------------------------------------------------
================================================================================
nomacs-1.4.0-1.fc18 (FEDORA-2013-13023)
Lightweight image viewer
--------------------------------------------------------------------------------
Update Information:
Version bump.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 15 2013 TI_Eugene <ti.eugene at gmail.com> 1.4.0-1
- Version bump.
- BR libtiff-devel added
--------------------------------------------------------------------------------
================================================================================
openscap-0.9.10-1.fc18 (FEDORA-2013-13013)
Set of open source libraries enabling integration of the SCAP line of standards
--------------------------------------------------------------------------------
Update Information:
This is a new openscap release, see https://git.fedorahosted.org/cgit/openscap.git/tree/NEWS?id=91a5412b314219bc3d85a7f812a86acb8b0996f0
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 15 2013 Petr Lautrbach <plautrba at redhat.com> 0.9.10-1
- upgrade
--------------------------------------------------------------------------------
================================================================================
opus-1.0.3-1.fc18 (FEDORA-2013-13016)
An audio codec for use in low-delay speech and audio communication
--------------------------------------------------------------------------------
Update Information:
Opus 1.0.3 includes a backport of the new 1.1 surround API. Aside from that, it includes fixes for a few minor glitches during mode switching, some minor fixed-point fixes, and fixes a regression in the FEC code introduced in 1.0.2.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jul 14 2013 Peter Robinson <pbrobinson at fedoraproject.org> 1.0.3-1
- 1.0.3 release
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.0.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Thu Jan 10 2013 Peter Robinson <pbrobinson at fedoraproject.org> 1.0.2-2
- Enable extra custom modes API
--------------------------------------------------------------------------------
================================================================================
ortp-0.20.0-5.fc18 (FEDORA-2013-13019)
A C library implementing the RTP protocol (RFC3550)
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2013-2221, CVE-2013-2222, CVE-2013-2223.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Mar 23 2013 Alexey Kurov <nucleo at fedoraproject.org> - 1:0.20.0-5
- autoreconf in %prep (#926292)
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1:0.20.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #980904 - CVE-2013-2221 CVE-2013-2222 CVE-2013-2223 libzrtpcpp various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=980904
--------------------------------------------------------------------------------
================================================================================
perl-File-Find-Object-Rule-0.0303-1.fc18 (FEDORA-2013-13031)
Alternative interface to File::Find::Object
--------------------------------------------------------------------------------
Update Information:
New RPM.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #979674 - Review Request: perl-File-Find-Object-Rule - Alternative interface to File::Find::Object
https://bugzilla.redhat.com/show_bug.cgi?id=979674
--------------------------------------------------------------------------------
================================================================================
perl-qpid-0.22-3.fc18 (FEDORA-2013-13004)
Perl bindings for the Qpid messaging framework
--------------------------------------------------------------------------------
Update Information:
Fixed dependencies on shared libraries from qpid-cpp.
Makefile.PL generates the Swig bindings. QPID-4939
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 15 2013 Darryl L. Pierce <dpierce at redhat.com> - 0.22-3
- Updated build to fix dependency issues on qpid-cpp.
* Tue Jun 25 2013 Darryl L. Pierce <dpierce at redhat.com> - 0.22-2
- Perl Makefile.PL now generates the Swig bindings source.
- Resolves: QPID-4939
--------------------------------------------------------------------------------
================================================================================
php-pecl-zendopcache-7.0.2-2.fc18 (FEDORA-2013-13017)
The Zend OPcache
--------------------------------------------------------------------------------
Update Information:
Fix ZTS configuration: the /etc/php-zts.d/opcache now have
opcache.blacklist_filename=/etc/php-zts.d/opcache*.blacklist and
/etc/php-zts.d/opcache-default.blacklist is provided
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 15 2013 Remi Collet <rcollet at redhat.com> - 7.0.2-2
- fix ZTS configuration
- Adapt for SCL
--------------------------------------------------------------------------------
================================================================================
quotatool-1.6.2-1.fc18 (FEDORA-2013-13009)
Command-line utility for filesystem quotas
--------------------------------------------------------------------------------
Update Information:
New RPM.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #981839 - Review Request: quotatool - Command-line utility for filesystem quotas
https://bugzilla.redhat.com/show_bug.cgi?id=981839
--------------------------------------------------------------------------------
================================================================================
rubygem-qpid_messaging-0.22.0-2.fc18 (FEDORA-2013-13042)
Ruby bindings for the Qpid messaging framework
--------------------------------------------------------------------------------
Update Information:
Fixed the dependency on shared libraries in qpid-cpp.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 15 2013 Darryl L. Pierce <dpierce at redhat.com> - 0.22-2
- Updated build to fix dependency issues on qpid-cpp.
--------------------------------------------------------------------------------
================================================================================
tomcat-7.0.42-1.fc18 (FEDORA-2013-12996)
Apache Servlet/JSP Engine, RI for Servlet 3.0/JSP 2.2 API
--------------------------------------------------------------------------------
Update Information:
update to 7.0.42
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 11 2013 Dmitry Tikhonov <squall.sama at gmail.com> 0:7.0.42-1
- Updated to 7.0.42
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #973077 - tomcat-7.0.42 is available
https://bugzilla.redhat.com/show_bug.cgi?id=973077
--------------------------------------------------------------------------------
================================================================================
twinkle-1.4.2-19.fc18.1 (FEDORA-2013-13019)
A SIP Soft Phone
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2013-2221, CVE-2013-2222, CVE-2013-2223.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jul 14 2013 Alexey Kurov <nucleo at fedoraproject.org> - 1.4.2-19.1
- Rebuild for libzrtpcpp (#980904)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #980904 - CVE-2013-2221 CVE-2013-2222 CVE-2013-2223 libzrtpcpp various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=980904
--------------------------------------------------------------------------------
================================================================================
wget-1.14-5.fc18 (FEDORA-2013-13011)
A utility for retrieving files using the HTTP or FTP protocols
--------------------------------------------------------------------------------
Update Information:
- Fix several bugs
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 12 2013 Tomas Hozza <thozza at redhat.com> - 1.14-5
- Fix deadcode and possible use of NULL in vprintf (#913153)
- Add documentation for --regex-type and --preserve-permissions
- Fix --preserve-permissions to work as documented (and expected)
- Fix bug when authenticating using user:password at url syntax (#912358)
* Wed Jul 10 2013 Tomas Hozza <thozza at redhat.com> - 1.14-4
- Fix double free of iri->orig_url (#981778)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #981778 - *** glibc detected *** wget: double free or corruption (!prev): 0x0979df90 ***
https://bugzilla.redhat.com/show_bug.cgi?id=981778
[ 2 ] Bug #912358 - wget syntax to login to protected site using http://username:password@server/ stopped working
https://bugzilla.redhat.com/show_bug.cgi?id=912358
[ 3 ] Bug #913153 - [abrt] wget-1.14-3.fc18: _IO_vfprintf_internal: Process /usr/bin/wget was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=913153
--------------------------------------------------------------------------------
More information about the test
mailing list