Fedora 18 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Fri Nov 15 20:38:11 UTC 2013
The following Fedora 18 Security updates need testing:
Age URL
209 https://admin.fedoraproject.org/updates/FEDORA-2013-6117/eucalyptus-3.2.2-1.fc18
56 https://admin.fedoraproject.org/updates/FEDORA-2013-17195/spice-gtk-0.18-3.fc18
52 https://admin.fedoraproject.org/updates/FEDORA-2013-17431/thunderbird-17.0.9-1.fc18
50 https://admin.fedoraproject.org/updates/FEDORA-2013-17635/wireshark-1.10.2-4.fc18
48 https://admin.fedoraproject.org/updates/FEDORA-2013-17853/davfs2-1.4.7-3.fc18
47 https://admin.fedoraproject.org/updates/FEDORA-2013-17912/chicken-4.8.0.4-4.fc18
17 https://admin.fedoraproject.org/updates/FEDORA-2013-20176/mantis-1.2.15-3.fc18
6 https://admin.fedoraproject.org/updates/FEDORA-2013-20976/drupal7-context-3.1-1.fc18
4 https://admin.fedoraproject.org/updates/FEDORA-2013-21057/xen-4.2.3-8.fc18
4 https://admin.fedoraproject.org/updates/FEDORA-2013-21018/bip-0.8.9-1.fc18
2 https://admin.fedoraproject.org/updates/FEDORA-2013-21207/samba-4.0.11-1.fc18
1 https://admin.fedoraproject.org/updates/FEDORA-2013-21298/drupal6-context-3.3-1.fc18
0 https://admin.fedoraproject.org/updates/FEDORA-2013-21415/python3-3.3.0-5.fc18
0 https://admin.fedoraproject.org/updates/FEDORA-2013-21354/moodle-2.3.10-1.fc18
0 https://admin.fedoraproject.org/updates/FEDORA-2013-20817/python-djblets-0.7.23-1.fc18,ReviewBoard-1.7.18-1.fc18
The following Fedora 18 Critical Path updates have yet to be approved:
Age URL
279 https://admin.fedoraproject.org/updates/FEDORA-2013-2192/nautilus-3.6.3-5.fc18
8 https://admin.fedoraproject.org/updates/FEDORA-2013-20797/libbluray-0.4.0-1.fc18
7 https://admin.fedoraproject.org/updates/FEDORA-2013-20919/sane-backends-1.0.24-6.fc18
7 https://admin.fedoraproject.org/updates/FEDORA-2013-20908/libxfce4ui-4.10.0-9.fc18
3 https://admin.fedoraproject.org/updates/FEDORA-2013-21084/perl-5.16.3-245.fc18
0 https://admin.fedoraproject.org/updates/FEDORA-2013-21375/kernel-3.11.8-100.fc18
The following builds have been pushed to Fedora 18 updates-testing
ReviewBoard-1.7.18-1.fc18
drupal7-features-2.0-3.fc18
drupal7-strongarm-2.0-3.fc18
erfa-1.0.1-1.fc18
fedmsg-0.7.2-1.fc18
gofer-0.77-1.fc18
ibus-typing-booster-1.2.6-1.fc18
kernel-3.11.8-100.fc18
lcmaps-1.6.1-6.fc18
lz4-r108-1.fc18
mate-desktop-1.6.2-0.9.git81c245b.fc18
mate-themes-1.6.2-1.fc18
mate-window-manager-1.6.2-6.fc18
moodle-2.3.10-1.fc18
open-vm-tools-9.4.0-1.fc18
php-5.4.22-1.fc18
php-bartlett-PHP-CompatInfo-2.25.0-1.fc18
pypy-2.2.0-1.fc18
python-djblets-0.7.23-1.fc18
python-pkgwat-api-0.12-1.fc18
python3-3.3.0-5.fc18
q4wine-1.1-1.fc18
q4wine-1.1-2.fc18
re2-20131024-1.fc18
sddm-kcm-0-0.1.20131114gitafdda33c.fc18
smb4k-1.0.9-1.fc18
xscreensaver-5.23-1.fc18
youtube-dl-2013.11.13-1.fc18
Details about builds:
================================================================================
ReviewBoard-1.7.18-1.fc18 (FEDORA-2013-20817)
Web-based code review tool
--------------------------------------------------------------------------------
Update Information:
- Fix JavaScript errors
- New upstream security release 1.7.17
- http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.17/
- Resolves: CVE-2013-4519
- Security Fixes:
* Fixed XSS vulnerabilities for the 'Branch' field and uploaded file captions.
* Added a 'X-Frame-Options' header to prevent clickjacking.
- New Features:
* Remove the need for SSH keys for GitHub repositories.
* Improved validation for GitHub repositories.
* Added support for permissions on Local Sites.
- Performance Improvements:
* Reduced query counts on all pages.
* Reduced query counts in the web API when returning empty lists.
- Extensibility:
* Extensions using the ``configure_extension`` view an now pass in a custom ``template_name`` pointing to a template for the configuration page, if it needs additional customization.
* Enabling, disabling or reconfiguring extensions will now invalidate the caches for pages, ensuring that hooks will take affect.
* Extension configuration now works properly on subdirectory installs.
- Bug Fixes:
* Fixed showing private review requests on a submitter page.
* The description for submitted or discarded review requests is now shown on the diff viewer.
* Discarding, reopening and then closing a review request no longer makes the review request private.
* Fixed a naming conflict with older PyCrypto packages, such as the default package on CentOS 6.4.
* Users with the 'can_change_status' permission no longer need the 'can_edit_reviewrequest' permission in order to close or reopen review requests.
* Switching a repository from using a hosting service to Custom no longer reverts back to the hosting service.
* Fixed editing a repository if its associated hosting service can't be loaded (such as if an extension providing that hosting service is disabled).
* Many diff validation errors weren't being shown on the New Review Request page, generating 500 errors instead.
* Fixed caching issues with the Blocks field on review requests.
* Editing JSON text fields in the administration UI now works, validates, and won't result in warnings in the log.
* Fixed breakages with looking up URLs internally with Local Sites.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 13 2013 Stephen Gallagher <sgallagh at redhat.com> - 1.7.18-1
- New upstream bugfix release 1.7.18
- http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.18/
- Convert to using UglifyJS2 for javascript minification
* Tue Nov 5 2013 Stephen Gallagher <sgallagh at redhat.com> - 1.7.17-1
- New upstream security release 1.7.17
- http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.17/
- Resolves: CVE-2013-4519
- Security Fixes:
* Fixed XSS vulnerabilities for the 'Branch' field and uploaded file
captions.
* Added a 'X-Frame-Options' header to prevent clickjacking.
- New Features:
* Remove the need for SSH keys for GitHub repositories.
* Improved validation for GitHub repositories.
* Added support for permissions on Local Sites.
- Performance Improvements:
* Reduced query counts on all pages.
* Reduced query counts in the web API when returning empty lists.
- Extensibility:
* Extensions using the ``configure_extension`` view an now pass in a custom
``template_name`` pointing to a template for the configuration page, if it
needs additional customization.
* Enabling, disabling or reconfiguring extensions will now invalidate the
caches for pages, ensuring that hooks will take affect.
* Extension configuration now works properly on subdirectory installs.
- Bug Fixes:
* Fixed showing private review requests on a submitter page.
* The description for submitted or discarded review requests is now shown on
the diff viewer.
* Discarding, reopening and then closing a review request no longer makes the
review request private.
* Fixed a naming conflict with older PyCrypto packages, such as the default
package on CentOS 6.4.
* Users with the 'can_change_status' permission no longer need the
'can_edit_reviewrequest' permission in order to close or reopen review
requests.
* Switching a repository from using a hosting service to Custom no longer
reverts back to the hosting service.
* Fixed editing a repository if its associated hosting service can't be
loaded (such as if an extension providing that hosting service is
disabled).
* Many diff validation errors weren't being shown on the New Review Request
page, generating 500 errors instead.
* Fixed caching issues with the Blocks field on review requests.
* Editing JSON text fields in the administration UI now works, validates, and
won't result in warnings in the log.
* Fixed breakages with looking up URLs internally with Local Sites.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1027010 - CVE-2013-4519 ReviewBoard: two XSS vulnerabilities
https://bugzilla.redhat.com/show_bug.cgi?id=1027010
--------------------------------------------------------------------------------
================================================================================
drupal7-features-2.0-3.fc18 (FEDORA-2013-21374)
Provides feature management for Drupal
--------------------------------------------------------------------------------
Update Information:
- Update to upstream 2.0 release for bug fixes
- Upstream changelog for this release: https://drupal.org/node/2114229
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 14 2013 Shawn Iwinski <shawn.iwinski at gmail.com> - 2.0-3
- Superfluous commit to make Bodhi happy
* Thu Nov 14 2013 Shawn Iwinski <shawn.iwinski at gmail.com> - 2.0-2
- Fixed non-versioned versus versioned doc dir issue
* Thu Nov 7 2013 Peter Borsa <peter.borsa at gmail.com> - 2.0-1
- Update to upstream 2.0 release for bug fixes
- Upstream changelog for this release: https://drupal.org/node/2106567
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #993734 - drupal7-features possibly affected by F-20 unversioned docdir change
https://bugzilla.redhat.com/show_bug.cgi?id=993734
--------------------------------------------------------------------------------
================================================================================
drupal7-strongarm-2.0-3.fc18 (FEDORA-2013-21410)
Strongarm gives a way to override the default variable values
--------------------------------------------------------------------------------
Update Information:
- Update to upstream 2.0 release for bug fixes
- Upstream changelog for this release: https://drupal.org/node/1632574
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 14 2013 Shawn Iwinski <shawn.iwinski at gmail.com> - 2.0-3
- Superfluous commit to make Bodhi happy
* Thu Nov 14 2013 Shawn Iwinski <shawn.iwinski at gmail.com> - 2.0-2
- Fixed non-versioned versus versioned doc dir issue
* Fri Nov 8 2013 Peter Borsa <peter.borsa at gmail.com> - 2.0-1
- Update to upstream 2.0 release for bug fixes
- Upstream changelog for this release: https://drupal.org/node/1632574
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.0-0.8.rc1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #993735 - drupal7-strongarm possibly affected by F-20 unversioned docdir change
https://bugzilla.redhat.com/show_bug.cgi?id=993735
--------------------------------------------------------------------------------
================================================================================
erfa-1.0.1-1.fc18 (FEDORA-2013-21379)
Essential Routines for Fundamental Astronomy
--------------------------------------------------------------------------------
Update Information:
Updates the package to the latest upstream version, with minor corrections
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 13 2013 Sergio Pascual <sergiopr at fedoraproject.org> - 1.0.1-1
- New usptream version (1.0.1)
* Sat Oct 26 2013 Sergio Pascual <sergiopr at fedoraproject.org> - 1.0.0-1
- New usptream version (1.0.0)
--------------------------------------------------------------------------------
================================================================================
fedmsg-0.7.2-1.fc18 (FEDORA-2013-21386)
Tools for Fedora Infrastructure real-time messaging
--------------------------------------------------------------------------------
Update Information:
Cap timestamp at second level precision to smooth over signature validation on different installations.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 13 2013 Ralph Bean <rbean at redhat.com> - 0.7.2-1
- Latest upstream.
- Cap message timestamp at the second-level precision.
- Automatically listify endpoints.
- Code cleaning.
--------------------------------------------------------------------------------
================================================================================
gofer-0.77-1.fc18 (FEDORA-2013-21399)
A lightweight, extensible python agent
--------------------------------------------------------------------------------
Update Information:
Bug fixes and general enhancements.
This version used extensively in Pulp.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 30 2013 Jeff Ortel <jortel at redhat.com> 0.77-1
- Reduce logging do DEBUG on frequent messaging and RMI processing events.
(jortel at redhat.com)
* Wed Mar 6 2013 Jeff Ortel <jortel at redhat.com> 0.76-1
- Add support for cancelling RMI; thread pool rewrite; RMI class restructure.
(jortel at redhat.com)
* Wed Nov 7 2012 Jeff Ortel <jortel at redhat.com> 0.75-1
- policy timeout enhancements. (jortel at redhat.com)
- Fix threadpool leak; change plugin to use simplex pool. (jortel at redhat.com)
- Move threadpool test to unit/ (jortel at redhat.com)
- Add simplex/duplex option to ThreadPool. Fixes memory leak. (jortel at redhat.com)
--------------------------------------------------------------------------------
================================================================================
ibus-typing-booster-1.2.6-1.fc18 (FEDORA-2013-21364)
A typing booster engine for the IBus platform
--------------------------------------------------------------------------------
Update Information:
Commit candidate clicked on with the mouse; Change wording of the option to show the total number of candidates
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 14 2013 Mike FABIAN <mfabian at redhat.com> - 1.2.6-1
- Change wording of the option to show the total number of candidates (Resolves: rhbz#1029748)
- Commit candidate clicked on with the mouse (Resolves: rhbz#1029822)
- Use direct input also for IBus.InputPurpose.PIN
- remove unused und superfluous arguments of constructor of Hunspell class
- Add some transliteration options to .conf files which had only native keyboard enabled
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1029748 - Bit confusing label in preference windows
https://bugzilla.redhat.com/show_bug.cgi?id=1029748
[ 2 ] Bug #1029822 - mouse selection and pagination numbering issue for ibus-typing-booster
https://bugzilla.redhat.com/show_bug.cgi?id=1029822
--------------------------------------------------------------------------------
================================================================================
kernel-3.11.8-100.fc18 (FEDORA-2013-21375)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 3.11.8 stable update contains a number of important fixes across the tree.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 13 2013 Justin M. Forbes <jforbes at fedoraproject.org> - 3.11.8-100
- Linux v3.11.8
* Sat Nov 9 2013 Josh Boyer <jwboyer at fedoraproject.org>
- Add patch from Daniel Stone to avoid high order allocations in evdev
- Add qxl backport fixes from Dave Airlie
--------------------------------------------------------------------------------
================================================================================
lcmaps-1.6.1-6.fc18 (FEDORA-2013-21391)
Grid (X.509) and VOMS credentials to local account mapping service
--------------------------------------------------------------------------------
Update Information:
Grid (X.509) and VOMS credentials to local account mapping service
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #736717 - Review Request: lcmaps - Grid (X.509) and VOMS credentials to local account mapping
https://bugzilla.redhat.com/show_bug.cgi?id=736717
--------------------------------------------------------------------------------
================================================================================
lz4-r108-1.fc18 (FEDORA-2013-21370)
Extremely fast compression algorithm
--------------------------------------------------------------------------------
Update Information:
lz4-r108 release.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 10 2013 pjp <pjp at fedoraproject.org> - r108-1
- new release r108
--------------------------------------------------------------------------------
================================================================================
mate-desktop-1.6.2-0.9.git81c245b.fc18 (FEDORA-2013-21416)
Shared code for mate-panel, mate-session, mate-file-manager, etc
--------------------------------------------------------------------------------
Update Information:
- use Menta-Blue as default theme in fedora 20
- change gesettings overrides
- let caja starts with mate-session-manager for > f19
- switch to gnome-keyring for > f19
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 14 2013 Wolfgang Ulbrich <chat-to-me at raveit.de> - 1.6.2-0.9.git81c245b
- use Menta-Blue as default theme in fedora 20, change gesettings overrides
* Tue Nov 12 2013 Wolfgang Ulbrich <chat-to-me at raveit.de> - 1.6.2-0.8.git81c245b
- let caja starts with mate-session-manager for > f19
- adjust mate-fedora gesettings override file
* Sat Oct 19 2013 Wolfgang Ulbrich <chat-to-me at raveit.de> - 1.6.2-0.7.git81c245b
- switch to gnome-keyring for > f19
* Fri Oct 18 2013 Dan Mashal <dan.mashal at fedoraproject.org> - 1.6.2.-0.6.git81c245b
- Fix typo
--------------------------------------------------------------------------------
================================================================================
mate-themes-1.6.2-1.fc18 (FEDORA-2013-21413)
MATE Desktop themes
--------------------------------------------------------------------------------
Update Information:
- update to 1.6.2 release
- syncronize view of panel menus
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 14 2013 Wolfgang Ulbrich <chat-to-me at raveit.de> - 1.6.2-1
- update to 1.6.2 release
- syncronize view of panel menus
--------------------------------------------------------------------------------
================================================================================
mate-window-manager-1.6.2-6.fc18 (FEDORA-2013-21365)
MATE Desktop window manager
--------------------------------------------------------------------------------
Update Information:
- start with side-by-side-tiling and windows-snapping-top-screen support for f20
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 13 2013 Wolfgang Ulbrich <chat-to-me at raveit.de> - 1.6.2-6
- start with side-by-side-tiling and windows-snapping-top-screen support for f20
--------------------------------------------------------------------------------
================================================================================
moodle-2.3.10-1.fc18 (FEDORA-2013-21354)
A Course Management System
--------------------------------------------------------------------------------
Update Information:
Latest upstreams, multiple security fixes.
Name: CVE-2013-6780
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6780
Assigned: 20131112
Reference: https://yuilibrary.com/support/20131111-vulnerability/
Cross-site scripting (XSS) vulnerability in uploader.swf in the
Uploader component in Yahoo! YUI 2.5.0 through 2.9.0 allows remote
attackers to inject arbitrary web script or HTML via the allowedDomain
parameter.
Name: CVE-2013-3630
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3630 [Open">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3630">Open URL]
Assigned: 20130521
Reference: https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-foss-disclosures-part-one [Open">https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-foss-disclosures-part-one">Open URL]
Reference: https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats [Open">https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats">Open URL]
Moodle through 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell pathname and then triggering a spell-check operation within the TinyMCE editor.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 14 2013 Jon Ciesla <limburgher at gmail.com> - 2.3.10-1
- 2.3.10, BZ 1025655,6, 1030084,5.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1025655 - CVE-2013-3630 moodle: authenticated remote command execution [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1025655
[ 2 ] Bug #1025656 - CVE-2013-3630 moodle: authenticated remote command execution [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1025656
[ 3 ] Bug #1030084 - CVE-2013-6780 moodle: XSS vulnerability in YUI 2.5.0 through 2.9.0 [epel-5]
https://bugzilla.redhat.com/show_bug.cgi?id=1030084
[ 4 ] Bug #1030085 - CVE-2013-6780 moodle: XSS vulnerability in YUI 2.5.0 through 2.9.0 [fedora-18]
https://bugzilla.redhat.com/show_bug.cgi?id=1030085
--------------------------------------------------------------------------------
================================================================================
open-vm-tools-9.4.0-1.fc18 (FEDORA-2013-21394)
Open VMware Tools for virtual machines hosted on VMware
--------------------------------------------------------------------------------
Update Information:
New stable version 9.4.0 from upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 13 2013 Ravindra Kumar <ravindrakumar at vmware.com> - 9.4.0-1
- Package new upstream version open-vm-tools-9.4.0-1280544.
- Added CUSTOM_PROCPS_NAME=procps and -Wno-deprecated-declarations
for version 9.4.0.
--------------------------------------------------------------------------------
================================================================================
php-5.4.22-1.fc18 (FEDORA-2013-21366)
PHP scripting language for creating dynamic web sites
--------------------------------------------------------------------------------
Update Information:
14 Nov 2013, PHP 5.4.22
Core:
- Fixed bug #65911 (scope resolution operator - strange behavior with $this). (Bob Weinand)
CLI server:
- Fixed bug #65818 (Segfault with built-in webserver and chunked transfer encoding). (Felipe)
Exif:
- Fixed crash on unknown encoding. (Draal)
FTP:
- Fixed bug #65667 (ftp_nb_continue produces segfault). (Philip Hofstetter)
ODBC
- Fixed bug #65950 (Field name truncation if the field name is bigger than 32 characters). (patch submitted by: michael dot y at zend dot com, Yasuo)
Sockets:
- Fixed bug #65808 (the socket_connect() won't work with IPv6 address). (Mike)
Standard:
- Fixed bug #64760 (var_export() does not use full precision for floating-point numbers) (Yasuo)
XMLReader:
- Fixed bug #51936 (Crash with clone XMLReader). (Mike)
- Fixed bug #64230 (XMLReader does not suppress errors). (Mike)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 13 2013 Remi Collet <remi at fedoraproject.org> 5.4.22-1
- update to 5.4.22
--------------------------------------------------------------------------------
================================================================================
php-bartlett-PHP-CompatInfo-2.25.0-1.fc18 (FEDORA-2013-21419)
Find out version and the extensions required for a piece of code to run
--------------------------------------------------------------------------------
Update Information:
Version 2.25.0 (2013-11-14)
Additions and changes:
* add both support to PHP 5.4.22 and 5.5.6
* update mongo reference to 1.4.5
* update varnish reference to 1.1.1
* add new jsmin reference (0.1.1)
* fixed the test skeleton template now unit test suites used shared fixtures
Bug fixes:
* GH-105: detect PHP-5.4 feature : Short array syntax declaration
* GH-106: detect PHP-5.4 feature : Short array syntax on function call
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 14 2013 Remi Collet <remi at fedoraproject.org> - 2.25.0-1
- Update to 2.25.0
--------------------------------------------------------------------------------
================================================================================
pypy-2.2.0-1.fc18 (FEDORA-2013-21372)
Python implementation with a Just-In-Time compiler
--------------------------------------------------------------------------------
Update Information:
Update to 2.2.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 14 2013 Matej Stuchlik <mstuchli at redhat.com> - 2.2.0-1
- Updated to 2.2.0
* Thu Aug 15 2013 Matej Stuchlik <mstuchli at redhat.com> - 2.1-1
- Updated to 2.1.0
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.0.2-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Mon Jun 24 2013 Matej Stuchlik <mstuchli at redhat.com> - 2.0.2-4
- Patch1 fix
* Mon Jun 24 2013 Matej Stuchlik <mstuchli at redhat.com> - 2.0.2-3
- Yet another Sources fix
* Mon Jun 24 2013 Matej Stuchlik <mstuchli at redhat.com> - 2.0.2-2
- Fixed Source URL
* Mon Jun 24 2013 Matej Stuchlik <mstuchli at redhat.com> - 2.0.2-1
- 2.0.2, patch 8 does not seem necessary anymore
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.0-0.2.b1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Tue Dec 11 2012 David Malcolm <dmalcolm at redhat.com> - 2.0-0.1.b1
- 2.0b1 (drop upstreamed patch 9)
--------------------------------------------------------------------------------
================================================================================
python-djblets-0.7.23-1.fc18 (FEDORA-2013-20817)
A collection of useful classes and functions for Django
--------------------------------------------------------------------------------
Update Information:
- Fix JavaScript errors
- New upstream security release 1.7.17
- http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.17/
- Resolves: CVE-2013-4519
- Security Fixes:
* Fixed XSS vulnerabilities for the 'Branch' field and uploaded file captions.
* Added a 'X-Frame-Options' header to prevent clickjacking.
- New Features:
* Remove the need for SSH keys for GitHub repositories.
* Improved validation for GitHub repositories.
* Added support for permissions on Local Sites.
- Performance Improvements:
* Reduced query counts on all pages.
* Reduced query counts in the web API when returning empty lists.
- Extensibility:
* Extensions using the ``configure_extension`` view an now pass in a custom ``template_name`` pointing to a template for the configuration page, if it needs additional customization.
* Enabling, disabling or reconfiguring extensions will now invalidate the caches for pages, ensuring that hooks will take affect.
* Extension configuration now works properly on subdirectory installs.
- Bug Fixes:
* Fixed showing private review requests on a submitter page.
* The description for submitted or discarded review requests is now shown on the diff viewer.
* Discarding, reopening and then closing a review request no longer makes the review request private.
* Fixed a naming conflict with older PyCrypto packages, such as the default package on CentOS 6.4.
* Users with the 'can_change_status' permission no longer need the 'can_edit_reviewrequest' permission in order to close or reopen review requests.
* Switching a repository from using a hosting service to Custom no longer reverts back to the hosting service.
* Fixed editing a repository if its associated hosting service can't be loaded (such as if an extension providing that hosting service is disabled).
* Many diff validation errors weren't being shown on the New Review Request page, generating 500 errors instead.
* Fixed caching issues with the Blocks field on review requests.
* Editing JSON text fields in the administration UI now works, validates, and won't result in warnings in the log.
* Fixed breakages with looking up URLs internally with Local Sites.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 5 2013 Stephen Gallagher <sgallagh at redhat.com> - 0.7.23-1
- New upstream release 0.7.23
- http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.21.NEWS
* djblets.webapi:
* Added a has_list_access_permissions function, which is used to determine
access to a list resource.
- http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.22.NEWS
* djblets.extensions:
* AJAX_SERIAL is updated when extensions are enabled/disabled or their
configuration changes, allowing templates using AJAX_SERIAL as part of
their cache to invalidate.
* djblets.siteconfig:
* Reduced query counts for installs using siteconfig.
* djblets.webapi:
* Reduced query counts when returning payloads for list resources with no
entries.
* Common attribute lookups on WebAPIResource are now cached.
- http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.23.NEWS
* djblets.extensions:
* Fix URL errors when configuring extensions with a custom SITE_ROOT.
* djblets.util.fields:
* JSONFields can now be safely edited through the administration UI,
complete with validation.
* jquery.gravy:
* Fixed hiding the pencil icons on an inlineEditor when disabled.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1027010 - CVE-2013-4519 ReviewBoard: two XSS vulnerabilities
https://bugzilla.redhat.com/show_bug.cgi?id=1027010
--------------------------------------------------------------------------------
================================================================================
python-pkgwat-api-0.12-1.fc18 (FEDORA-2013-21360)
Python API for querying the fedora packages webapp
--------------------------------------------------------------------------------
Update Information:
Latest upstream with a unicode/encoding bugfix.
Obsolete/Provide the misnamed python3-python-pkgwat-api.
Handle exception when stripping xml tags.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 14 2013 Ralph Bean <rbean at redhat.com> - 0.12-1
- Fix unicode issues when stripping html from responses.
* Sun Nov 3 2013 Ralph Bean <rbean at redhat.com> - 0.10-2
- Add obsoletes/provides on python3-python-pkgwat-api
* Tue Oct 22 2013 Ralph Bean <rbean at redhat.com> - 0.10-1
- Latest upstream with some bugfixes.
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.9-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1030564 - [abrt] pkgwat-0.9-1.fc20: utils.py:36:strip_tags:UnicodeEncodeError: 'ascii' codec can't encode character u'\xe4' in position 11: ordinal not in range(128)
https://bugzilla.redhat.com/show_bug.cgi?id=1030564
--------------------------------------------------------------------------------
================================================================================
python3-3.3.0-5.fc18 (FEDORA-2013-21415)
Version 3 of the Python programming language aka Python 3000
--------------------------------------------------------------------------------
Update Information:
Fix for rhbz#1023742
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 11 2013 Matej Stuchlik <mstuchli at redhat.com> - 3.3.0-5
- Changed behavior of ssl.match_hostname() to follow RFC 6125 (rhbz#1023742)
--------------------------------------------------------------------------------
================================================================================
q4wine-1.1-1.fc18 (FEDORA-2013-21359)
Qt4 GUI for wine
--------------------------------------------------------------------------------
Update Information:
Update to 1.1 version.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 14 2013 Dmitrij S. Kryzhevich <krege at land.ru> - 1.1-2
- Fix setup macros parameters.
* Thu Nov 14 2013 Dmitrij S. Kryzhevich <krege at land.ru> - 1.1-2
- Update to 1.1 release.
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.0-2.r3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
q4wine-1.1-2.fc18 (FEDORA-2013-21407)
Qt4 GUI for wine
--------------------------------------------------------------------------------
Update Information:
Fix release version
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 14 2013 Dmitrij S. Kryzhevich <krege at land.ru> - 1.1-2
- Fix setup macros parameters.
* Thu Nov 14 2013 Dmitrij S. Kryzhevich <krege at land.ru> - 1.1-2
- Update to 1.1 release.
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.0-2.r3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
re2-20131024-1.fc18 (FEDORA-2013-21380)
C++ fast alternative to backtracking RE engines
--------------------------------------------------------------------------------
Update Information:
Update to 20131024, fix missing symbols.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Nov 11 2013 Tom Callaway <spot at fedoraproject.org> - 20131024-1
- update to 20131024
- fix symbols export to stop test from failing
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 20130115-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1027123 - Chromium: missing symbols
https://bugzilla.redhat.com/show_bug.cgi?id=1027123
--------------------------------------------------------------------------------
================================================================================
sddm-kcm-0-0.1.20131114gitafdda33c.fc18 (FEDORA-2013-21392)
SDDM KDE configuration module
--------------------------------------------------------------------------------
Update Information:
New package
--------------------------------------------------------------------------------
================================================================================
smb4k-1.0.9-1.fc18 (FEDORA-2013-21369)
The SMB/CIFS Share Browser for KDE
--------------------------------------------------------------------------------
Update Information:
Update to 1.0.9, bugfix release.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Nov 9 2013 Sérgio Basto <sergio at serjux.com> - 1.0.9-2
- Update 1.0.9, bugfix release.
* Sat Oct 26 2013 Sérgio Basto <sergio at serjux.com> - 1.0.8-1
- Update to 1.0.8, bugfix release.
- Fix some dates.
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.0.7-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
xscreensaver-5.23-1.fc18 (FEDORA-2013-21403)
X screen saver and locker
--------------------------------------------------------------------------------
Update Information:
New version 5.23 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 13 2013 Mamoru TASAKA <mtasaka at fedoraproject.org> - 1:5.23-1
- Update to 5.23
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1:5.22-1.2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
youtube-dl-2013.11.13-1.fc18 (FEDORA-2013-21367)
A small command-line program to download online videos
--------------------------------------------------------------------------------
Update Information:
New version.
New version.
New version.
New version.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 14 2013 Christopher Meng <rpm at cicku.me> - 2013.11.13-1
- Update to new release.
* Tue Nov 12 2013 Christopher Meng <rpm at cicku.me> - 2013.11.11-1
- Update to new release.
* Fri Nov 8 2013 Christopher Meng <rpm at cicku.me> - 2013.11.07-1
- Update to new release(BZ#1027822).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1027822 - youtube-dl-2013.11.07 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1027822
[ 2 ] Bug #1026034 - youtube-dl-2013.11.02 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1026034
--------------------------------------------------------------------------------
More information about the test
mailing list