Fedora 17 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Fri May 3 02:03:58 UTC 2013
The following Fedora 17 Security updates need testing:
Age URL
301 https://admin.fedoraproject.org/updates/FEDORA-2012-10269/revelation-0.4.14-1.fc17
113 https://admin.fedoraproject.org/updates/FEDORA-2013-0455/fedora-business-cards-1-0.1.beta1.fc17
83 https://admin.fedoraproject.org/updates/FEDORA-2013-2143/rubygem-rdoc-3.12-5.fc17
79 https://admin.fedoraproject.org/updates/FEDORA-2013-2315/rubygem-rack-1.4.0-4.fc17
42 https://admin.fedoraproject.org/updates/FEDORA-2013-4174/glibc-2.15-59.fc17
41 https://admin.fedoraproject.org/updates/FEDORA-2013-4234/stunnel-4.55-1.fc17
40 https://admin.fedoraproject.org/updates/FEDORA-2013-4296/tomcat6-6.0.36-1.fc17
36 https://admin.fedoraproject.org/updates/FEDORA-2013-4501/libxslt-1.1.28-1.fc17
33 https://admin.fedoraproject.org/updates/FEDORA-2013-4581/libuser-0.57.6-2.fc17
21 https://admin.fedoraproject.org/updates/FEDORA-2013-5440/php-geshi-1.0.8.11-3.fc17
21 https://admin.fedoraproject.org/updates/FEDORA-2013-5349/389-ds-base-1.2.11.21-1.fc17
20 https://admin.fedoraproject.org/updates/FEDORA-2013-5546/plexus-archiver-2.3-1.fc17
14 https://admin.fedoraproject.org/updates/FEDORA-2013-5967/xorg-x11-server-1.12.4-7.fc17
6 https://admin.fedoraproject.org/updates/FEDORA-2013-6723/xen-4.1.5-1.fc17
6 https://admin.fedoraproject.org/updates/FEDORA-2013-6727/python-pip-1.3.1-1.fc17
6 https://admin.fedoraproject.org/updates/FEDORA-2013-6720/curl-7.24.0-8.fc17
2 https://admin.fedoraproject.org/updates/FEDORA-2013-7000/phpMyAdmin-3.5.8.1-1.fc17
1 https://admin.fedoraproject.org/updates/FEDORA-2013-7144/xmp-3.4.0-11.fc17
1 https://admin.fedoraproject.org/updates/FEDORA-2013-7128/tinc-1.0.21-1.fc17
0 https://admin.fedoraproject.org/updates/FEDORA-2013-7285/php-sabredav-Sabre_DAV-1.6.5-5.fc17
0 https://admin.fedoraproject.org/updates/FEDORA-2013-7305/gpsd-3.9-1.fc17
0 https://admin.fedoraproject.org/updates/FEDORA-2013-6999/kernel-3.8.11-100.fc17
The following Fedora 17 Critical Path updates have yet to be approved:
Age URL
253 https://admin.fedoraproject.org/updates/FEDORA-2012-12509/PackageKit-0.7.6-1.fc17
82 https://admin.fedoraproject.org/updates/FEDORA-2013-2163/policycoreutils-2.1.13-27.3.fc17
61 https://admin.fedoraproject.org/updates/FEDORA-2013-3304/libvpx-1.2.0-1.fc17
42 https://admin.fedoraproject.org/updates/FEDORA-2013-4140/audit-2.2.3-2.fc17
10 https://admin.fedoraproject.org/updates/FEDORA-2013-6278/nss-3.14.3-2.fc17
7 https://admin.fedoraproject.org/updates/FEDORA-2013-6636/kde-settings-4.8-25.fc17
6 https://admin.fedoraproject.org/updates/FEDORA-2013-6720/curl-7.24.0-8.fc17
6 https://admin.fedoraproject.org/updates/FEDORA-2013-6750/xorg-x11-drv-synaptics-1.6.3-3.fc17
0 https://admin.fedoraproject.org/updates/FEDORA-2013-7291/dosfstools-3.0.16-3.fc17
The following builds have been pushed to Fedora 17 updates-testing
PyQt4-4.10.1-3.fc17
dosfstools-3.0.16-3.fc17
gnome-chemistry-utils-0.14.2-2.fc17
gnumeric-1.12.2-1.fc17
goffice-0.10.2-1.fc17
gpsd-3.9-1.fc17
julius-voxforge-2013.03.01-1.fc17
kernel-3.8.11-100.fc17
php-sabredav-Sabre_DAV-1.6.5-5.fc17
sip-4.14.6-1.fc17
tw-0.9.16-2.fc17
Details about builds:
================================================================================
PyQt4-4.10.1-3.fc17 (FEDORA-2013-6827)
Python bindings for Qt4
--------------------------------------------------------------------------------
Update Information:
New sip/PyQt4 releases, see also:
http://www.riverbankcomputing.com/news/sip-4146
http://www.riverbankcomputing.com/news/pyqt-4101
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 2 2013 Rex Dieter <rdieter at fedoraproject.org> 4.10.1-3
- ImportError: cannot import name uic (#958736)
* Fri Apr 26 2013 Rex Dieter <rdieter at fedoraproject.org> 4.10.1-2
- filter private shared objects
- %{python_sitelib}/dbus/mainloop/qt.so should be in %python_sitearch (#957260)
- .spec cleanup
- -assistant subpkg
* Mon Apr 22 2013 Rex Dieter <rdieter at fedoraproject.org> 4.10.1-1
- 4.10.1
* Tue Apr 2 2013 Than Ngo <than at redhat.com> - 4.10-3
- adapt rhel patch
* Fri Mar 22 2013 Rex Dieter <rdieter at fedoraproject.org> 4.10-2
- introduce qscintilla, webkit feature macros
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #923233 - [abrt] ninja-ide-2.1.1-4.fc18: highlighter.py:326:realtime_highlight:AttributeError: 'QTextBlockUserData' object has no attribute 'clear_data'
https://bugzilla.redhat.com/show_bug.cgi?id=923233
[ 2 ] Bug #957260 - PyQt4: %{python_sitelib}/dbus/mainloop/qt.so should be in %python_sitearch
https://bugzilla.redhat.com/show_bug.cgi?id=957260
--------------------------------------------------------------------------------
================================================================================
dosfstools-3.0.16-3.fc17 (FEDORA-2013-7291)
Utilities for making and checking MS-DOS FAT filesystems on Linux
--------------------------------------------------------------------------------
Update Information:
This is an update that fixes dosfslabel.
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 2 2013 Jaroslav Škarvada <jskarvad at redhat.com> - 3.0.16-3
- Fixed dosfslabel (by fix-label patch)
Resolves: rhbz#948055
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #948055 - [abrt] dosfstools-3.0.16-2.fc17: _IO_str_chk_overflow: Process /usr/sbin/dosfslabel was killed by signal 6 (SIGABRT)
https://bugzilla.redhat.com/show_bug.cgi?id=948055
--------------------------------------------------------------------------------
================================================================================
gnome-chemistry-utils-0.14.2-2.fc17 (FEDORA-2013-7296)
A set of chemical utilities
--------------------------------------------------------------------------------
Update Information:
Latest releases of goffice and gnumeric:
* http://projects.gnome.org/gnumeric/announcements/1.12/gnumeric-1.12.2.shtml
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 1 2013 Julian Sikorski <belegdol at fedoraproject.org> - 0.14.2-2
- Rebuilt for gnumeric-1.12.2
--------------------------------------------------------------------------------
================================================================================
gnumeric-1.12.2-1.fc17 (FEDORA-2013-7296)
Spreadsheet program for GNOME
--------------------------------------------------------------------------------
Update Information:
Latest releases of goffice and gnumeric:
* http://projects.gnome.org/gnumeric/announcements/1.12/gnumeric-1.12.2.shtml
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 1 2013 Julian Sikorski <belegdol at fedoraproject.org> - 1:1.12.2-1
- Updated to 1.12.2
- Added a patch to build with libgsf-1.14.24
--------------------------------------------------------------------------------
================================================================================
goffice-0.10.2-1.fc17 (FEDORA-2013-7296)
G Office support libraries
--------------------------------------------------------------------------------
Update Information:
Latest releases of goffice and gnumeric:
* http://projects.gnome.org/gnumeric/announcements/1.12/gnumeric-1.12.2.shtml
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 29 2013 Julian Sikorski <belegdol at fedoraproject.org> - 0.10.2-1
- Updated to 0.10.2
--------------------------------------------------------------------------------
================================================================================
gpsd-3.9-1.fc17 (FEDORA-2013-7305)
Service daemon for mediating access to a GPS
--------------------------------------------------------------------------------
Update Information:
This is an update to the latest upstream release, which fixes a denial of service flaw found in the way AIS driver packet parser processed certain malformed packets.
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 2 2013 Miroslav Lichvar <mlichvar at redhat.com> - 3.9-1
- update to 3.9 (#958717)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #958717 - gpsd: DoS (packet parser crash) in the AIS driver when processing malformed packet
https://bugzilla.redhat.com/show_bug.cgi?id=958717
--------------------------------------------------------------------------------
================================================================================
julius-voxforge-2013.03.01-1.fc17 (FEDORA-2013-7293)
VoxForge Acoustic Model files for Julius
--------------------------------------------------------------------------------
Update Information:
New package: VoxForge Acoustic Model files for Julius
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #957238 - Review Request: julius-voxforge - VoxForge Acoustic Model files for Julius
https://bugzilla.redhat.com/show_bug.cgi?id=957238
--------------------------------------------------------------------------------
================================================================================
kernel-3.8.11-100.fc17 (FEDORA-2013-6999)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream stable release, Linux v3.8.11. A variety of fixes across the tree.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 1 2013 Justin M. Forbes <jforbes at redhat.com> - 3.8.11-100
- Linux v3.8.11
* Mon Apr 29 2013 Justin M. Forbes <jforbes at redhat.com> - 3.8.10-100
- Linux v3.8.10
* Wed Apr 24 2013 Josh Boyer <jwboyer at redhat.com> - 3.8.8-102
- CVE-2013-3228 irda: missing msg_namelen update in irda_recvmsg_dgram (rhbz 956069 956071)
- CVE-2013-3230 l2tp: info leak in l2tp_ip6_recvmsg (rhbz 956088 956089)
- CVE-2013-3231 llc: Fix missing msg_namelen update in llc_ui_recvmsg (rhbz 956094 956104)
- CVE-2013-3232 netrom: information leak via msg_name in nr_recvmsg (rhbz 956110 956113)
- CVE-2013-3233 NFC: llcp: info leaks via msg_name in llcp_sock_recvmsg (rhbz 956125 956129)
- CVE-2013-3234 rose: info leak via msg_name in rose_recvmsg (rhbz 956135 956139)
- CVE-2013-3076 crypto: algif suppress sending src addr info in recvmsg (rhbz 956162 956168)
* Tue Apr 23 2013 Josh Boyer <jwboyer at redhat.com>
- CVE-2013-3223 ax25: information leak via msg_name in ax25_recvmsg (rhbz 955662 955666)
- CVE-2013-3225 Bluetooth: RFCOMM missing msg_namelen update in rfcomm_sock_recvmsg (rhbz 955649 955658)
- CVE-2013-1979 net: incorrect SCM_CREDENTIALS passing (rhbz 955629 955647)
- CVE-2013-3224 Bluetooth: possible info leak in bt_sock_recvmsg (rhbz 955599 955607)
* Mon Apr 22 2013 Josh Boyer <jwboyer at redhat.com>
- CVE-2013-3222 atm: update msg_namelen in vcc_recvmsg (rhbz 955216 955228)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #956069 - CVE-2013-3228 Kernel: irda: missing msg_namelen update in irda_recvmsg_dgram
https://bugzilla.redhat.com/show_bug.cgi?id=956069
[ 2 ] Bug #956088 - CVE-2013-3230 Kernel: l2tp: info leak in l2tp_ip6_recvmsg
https://bugzilla.redhat.com/show_bug.cgi?id=956088
[ 3 ] Bug #956094 - CVE-2013-3231 Kernel: llc: Fix missing msg_namelen update in llc_ui_recvmsg
https://bugzilla.redhat.com/show_bug.cgi?id=956094
[ 4 ] Bug #956110 - CVE-2013-3232 Kernel: netrom: information leak via msg_name in nr_recvmsg
https://bugzilla.redhat.com/show_bug.cgi?id=956110
[ 5 ] Bug #956125 - CVE-2013-3233 Kernel: NFC: llcp: info leaks via msg_name in llcp_sock_recvmsg
https://bugzilla.redhat.com/show_bug.cgi?id=956125
[ 6 ] Bug #956135 - CVE-2013-3234 Kernel: rose: info leak via msg_name in rose_recvmsg
https://bugzilla.redhat.com/show_bug.cgi?id=956135
[ 7 ] Bug #956162 - CVE-2013-3076 Kernel: crypto: algif - suppress sending source address information in recvmsg
https://bugzilla.redhat.com/show_bug.cgi?id=956162
[ 8 ] Bug #955662 - CVE-2013-3223 Kernel: ax25: information leak via msg_name in ax25_recvmsg()
https://bugzilla.redhat.com/show_bug.cgi?id=955662
[ 9 ] Bug #955649 - CVE-2013-3225 Kernel: Bluetooth: RFCOMM - missing msg_namelen update in rfcomm_sock_recvmsg
https://bugzilla.redhat.com/show_bug.cgi?id=955649
[ 10 ] Bug #955629 - CVE-2013-1979 kernel: net: incorrect SCM_CREDENTIALS passing
https://bugzilla.redhat.com/show_bug.cgi?id=955629
[ 11 ] Bug #955599 - CVE-2013-3224 Kernel: Bluetooth: possible info leak in bt_sock_recvmsg()
https://bugzilla.redhat.com/show_bug.cgi?id=955599
[ 12 ] Bug #955216 - CVE-2013-3222 Kernel: atm: update msg_namelen in vcc_recvmsg()
https://bugzilla.redhat.com/show_bug.cgi?id=955216
--------------------------------------------------------------------------------
================================================================================
php-sabredav-Sabre_DAV-1.6.5-5.fc17 (FEDORA-2013-7285)
Sabre_DAV is a WebDAV framework for PHP
--------------------------------------------------------------------------------
Update Information:
Fixes archives/files problem
This update patches the problem in the browser plugin for sabredav.
This update patches the problem in the browser plugin for sabredav.
This update patches the problem in the browser plugin for sabredav.
This update patches the problem in the browser plugin for sabredav.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 1 2013 Joseph Marrero <jmarrero at fedoraproject.org> - 1.6.5-5
- Fix problem with checksum whitout braking the files installed
* Sun Apr 28 2013 Joseph Marrero <jmarrero at fedoraproject.org> - 1.6.5-4
- added security patch that fixes bugs 951568 951569 951562
- added --ignore-erros flag to pear install macro to accept the patch
* Sat Mar 2 2013 Joseph Marrero <jmarrero at fedoraproject.org> - 1.6.5-3
- Fix cleanup in rhel6 and f19
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.6.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #951562 - CVE-2013-1939 php-sabredav-Sabre_DAV: Local file exposure due improper icons / images path checking in the HTML Browser plug-in
https://bugzilla.redhat.com/show_bug.cgi?id=951562
--------------------------------------------------------------------------------
================================================================================
sip-4.14.6-1.fc17 (FEDORA-2013-6827)
SIP - Python/C++ Bindings Generator
--------------------------------------------------------------------------------
Update Information:
New sip/PyQt4 releases, see also:
http://www.riverbankcomputing.com/news/sip-4146
http://www.riverbankcomputing.com/news/pyqt-4101
--------------------------------------------------------------------------------
ChangeLog:
* Sun Apr 21 2013 Rex Dieter <rdieter at fedoraproject.org> 4.14.6-1
- sip-4.14.6
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #923233 - [abrt] ninja-ide-2.1.1-4.fc18: highlighter.py:326:realtime_highlight:AttributeError: 'QTextBlockUserData' object has no attribute 'clear_data'
https://bugzilla.redhat.com/show_bug.cgi?id=923233
[ 2 ] Bug #957260 - PyQt4: %{python_sitelib}/dbus/mainloop/qt.so should be in %python_sitearch
https://bugzilla.redhat.com/show_bug.cgi?id=957260
--------------------------------------------------------------------------------
================================================================================
tw-0.9.16-2.fc17 (FEDORA-2013-7302)
Translate words into different languages
--------------------------------------------------------------------------------
Update Information:
Makes aspell, espeak, mythes optional for build, mythes real usable synonyms tool, fixes spec, synonyms utf handling, mythes example on documentation.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 1 2013 Juan Manuel Borges Caño <juanmabcmail at gmail.com> - 0.9.16-2
* Add espeak to BuildRequires.
* Sun Apr 28 2013 Juan Manuel Borges Caño <juanmabcmail at gmail.com> - 0.9.16-1
* Update to mainstream.
* Fri Feb 15 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.9.8-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
More information about the test
mailing list