Fedora 19 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Sat Oct 12 00:08:27 UTC 2013
The following Fedora 19 Security updates need testing:
Age URL
57 https://admin.fedoraproject.org/updates/FEDORA-2013-14814/python-glanceclient-0.9.0-3.fc19
22 https://admin.fedoraproject.org/updates/FEDORA-2013-17121/vino-3.8.1-3.fc19
13 https://admin.fedoraproject.org/updates/FEDORA-2013-17836/davfs2-1.4.7-3.fc19
12 https://admin.fedoraproject.org/updates/FEDORA-2013-17925/fedmsg-0.7.1-2.fc19
7 https://admin.fedoraproject.org/updates/FEDORA-2013-18228/polarssl-1.2.9-1.fc19
5 https://admin.fedoraproject.org/updates/FEDORA-2013-18404/elinks-0.12-0.35.pre6.fc19
5 https://admin.fedoraproject.org/updates/FEDORA-2013-18378/xen-4.2.3-3.fc19
5 https://admin.fedoraproject.org/updates/FEDORA-2013-18351/zabbix-2.0.8-3.fc19
3 https://admin.fedoraproject.org/updates/FEDORA-2013-18493/qemu-1.4.2-12.fc19
1 https://admin.fedoraproject.org/updates/FEDORA-2013-18593/dropbear-2013.59-1.fc19
1 https://admin.fedoraproject.org/updates/FEDORA-2013-18638/mod_fcgid-2.3.9-1.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2013-18794/phpMyAdmin-3.5.8.2-1.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2013-18807/gnupg2-2.0.22-1.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2013-18808/libtar-1.2.11-26.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2013-18771/icu-50.1.2-9.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2013-18931/ReviewBoard-1.7.15-1.fc19,python-djblets-0.7.20-1.fc19
The following Fedora 19 Critical Path updates have yet to be approved:
Age URL
9 https://admin.fedoraproject.org/updates/FEDORA-2013-18128/createrepo-0.9.9-23.fc19
5 https://admin.fedoraproject.org/updates/FEDORA-2013-18369/keyutils-1.5.8-1.fc19
5 https://admin.fedoraproject.org/updates/FEDORA-2013-18357/ibus-1.5.4-2.fc19
1 https://admin.fedoraproject.org/updates/FEDORA-2013-18603/libxklavier-5.4-1.fc19
1 https://admin.fedoraproject.org/updates/FEDORA-2013-18619/cpio-2.11-21.fc19
1 https://admin.fedoraproject.org/updates/FEDORA-2013-18639/python-2.7.5-8.fc19
1 https://admin.fedoraproject.org/updates/FEDORA-2013-18677/gnome-online-accounts-3.8.4.1-1.fc19
1 https://admin.fedoraproject.org/updates/FEDORA-2013-18596/langtable-0.0.16-1.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2013-18935/gtk2-2.24.22-1.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2013-18936/curl-7.29.0-12.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2013-18910/cups-1.6.4-2.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2013-18924/gnome-abrt-0.3.2-1.fc19,abrt-2.1.8-1.fc19,libreport-2.1.8-1.fc19,satyr-0.10-1.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2013-18906/gtk3-3.8.5-1.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2013-18797/usbmuxd-1.0.8-10.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2013-18808/libtar-1.2.11-26.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2013-18807/gnupg2-2.0.22-1.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2013-18771/icu-50.1.2-9.fc19
The following builds have been pushed to Fedora 19 updates-testing
389-ds-base-1.3.1.12-1.fc19
Judy-1.0.5-7.fc19
ReviewBoard-1.7.15-1.fc19
abrt-2.1.8-1.fc19
cifs-utils-6.2-3.fc19
cups-1.6.4-2.fc19
curl-7.29.0-12.fc19
derby-10.9.1.0-5.fc19
dwm-6.0-7.fc19
eclipse-mylyn-3.9.1-3.fc19
firmware-tools-2.1.15-1.fc19.6
geary-0.4.0-1.fc19
gnome-abrt-0.3.2-1.fc19
gtk2-2.24.22-1.fc19
gtk3-3.8.5-1.fc19
guacamole-client-0.8.3-4.fc19
ibus-typing-booster-1.2.5-1.fc19
kate-plugin-cpphelper-0.9.6-1.fc19
libreport-2.1.8-1.fc19
nodejs-node-static-0.7.1-2.fc19
perl-PAR-Packer-1.015-1.fc19
perl-Term-ShellUI-0.92-2.fc19
python-djblets-0.7.20-1.fc19
python-flask-restless-0.12.0-1.fc19
rubygem-capillary-1.0.3-3.fc19
satyr-0.10-1.fc19
timeline-0.20.0-3.fc19
trafficserver-3.2.5-4.fc19
transifex-client-0.9-4.fc19
Details about builds:
================================================================================
389-ds-base-1.3.1.12-1.fc19 (FEDORA-2013-18914)
389 Directory Server (base)
--------------------------------------------------------------------------------
Update Information:
389-ds-base-1.3.1.12 release - several bug fixes
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 10 2013 Noriko Hosoi <nhosoi at redhat.com> - 1.3.1.12-1
- release 1.3.1.12
- Ticket 47513 - tmpfiles.d references /var/lock when they should reference /run/loc
- Ticket 47551 - logconv: -V does not produce unindexed search report
- Ticket 53 - Need to update supported locales
- Ticket 47517 - memory leak in range searches and other various leaks
- Ticket 53 - Need to update supported locales Cleaning up typos and format.
- Ticket 53 - Need to update supported locales
- Ticket 47522 - Password adminstrators should be able to voilate password policy
- Ticket 54 - locale "nl" not supported by collation plugin
- Ticket 47543 - Mozldap - fix compiler warnings
- Coverity fixes - 12023, 12024, and 12025
- Ticket 47533 - logconv: some stats do not work across server restarts
- Ticket 47501 - logconv.pl uses /var/tmp for BDB temp files
- Ticket 47520 - Fix various issues with logconv.pl
- Ticket 47387 - improve logconv.pl performance with large access logs
- Ticket 47387 - improve logconv.pl performance with large access logs
- Ticket 47354 - Indexed search are logged with 'notes=U' in the access logs
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1008306 - tmpfiles.d references /var/lock when they should reference /run/lock
https://bugzilla.redhat.com/show_bug.cgi?id=1008306
--------------------------------------------------------------------------------
================================================================================
Judy-1.0.5-7.fc19 (FEDORA-2013-18927)
General purpose dynamic array
--------------------------------------------------------------------------------
Update Information:
This package is rebuilt with a working gcc; the previous version could segfault as a result of a bug in the compiler it was built with.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Aug 2 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.0.5-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1017338 - Segfault in large bitset array
https://bugzilla.redhat.com/show_bug.cgi?id=1017338
--------------------------------------------------------------------------------
================================================================================
ReviewBoard-1.7.15-1.fc19 (FEDORA-2013-18931)
Web-based code review tool
--------------------------------------------------------------------------------
Update Information:
Review Board 1.6.19 and 1.7.15 fix a few issues in the API where users could access certain data they should not have been able to access, if using the Local Sites feature, invite-only groups, or private repositories. It also fixes cases with invite-only groups where the group name and list of private review requests would show up on some pages (though the review requests themselves were not accessible).
These issues do not affect most of the installations out there, but we strongly recommend upgrading anyway. There are no known cases of anyone exploiting these bugs, and in fact we discovered these internally while building new tools to test for security vulnerabilities in our codebase.
There are also some other bug fixes, and important changes needed for extensions that provide their own REST APIs.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 10 2013 Stephen Gallagher <sgallagh at redhat.com> - 1.7.15-1
- New upstream security release 1.7.15
- http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.15/
- Resolves: CVE-2013-4410
- Fixes access-control problems with REST API
- Resolves: CVE-2013-4411
- Fixes URL processing allowing unauthorized users to view review lists
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1016596 - CVE-2013-4410 ReviewBoard: access-control problems with REST API
https://bugzilla.redhat.com/show_bug.cgi?id=1016596
[ 2 ] Bug #1016599 - CVE-2013-4411 ReviewBoard: URL processing allows unauthorized users to view review lists
https://bugzilla.redhat.com/show_bug.cgi?id=1016599
[ 3 ] Bug #1016601 - CVE-2013-4409 python-djblets: unsanitized eval() vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=1016601
--------------------------------------------------------------------------------
================================================================================
abrt-2.1.8-1.fc19 (FEDORA-2013-18924)
Automatic bug detection and reporting tool
--------------------------------------------------------------------------------
Update Information:
This update includes a new upstream release which fixes the bugs listed. You can find other changes in the upstream description at:
- https://github.com/abrt/satyr/blob/master/NEWS
- https://github.com/abrt/abrt/commit/7dcfd2a024d2d65695e20d0cefd257d091272f66#diff-1e807c90d5bf1222db586f4a8f0a6de1R804
- https://github.com/abrt/libreport/commit/a75dcd1d30c99b751ba38eed1714d89053595687#diff-71a31a3e297ea003eaf1b3a5ac3e9457R575
- https://github.com/abrt/gnome-abrt/commit/7280edf171e1952132ba91e12f6f3f3030de9e85#diff-c3189e78ca44c8f42b1bd5a965e340c2R103
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 4 2013 Jakub Filak <jfilak at redhat.com> 2.1.8-1
- Disassemble only instruction rage memory if backtrace is too big
- Include floating-point registers in the backtrace
- spec: make addon-ccpp dependent on libreport-python
- polkit: replace deprecated functions with their subtitues
- retrace-client: query CCpp exploitable information from Retrace server; closes #703
- GUI config: add support for Private ticket option
- a-a-ureport: handle os errors gracefully rhbz#998428 rhbz#998197
- add prefix from configure to the path of debuginfo installer - closes #701
- spec: added deps on abrt-python - closes rhbz#1008182
- spec: remove abrt-dedup-client; closes #702
- remove abrt-dedup-client; related to #702
- abrt-*-client: simplify formatting of locale-related headers
- Resolves: #998197, #1008125
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #998197 - [abrt] abrt-2.1.6-3.fc19: os.py:531:_spawnvef:OSError: [Errno 11] Risorsa temporaneamente non disponibile
https://bugzilla.redhat.com/show_bug.cgi?id=998197
[ 2 ] Bug #1008125 - Review highlighted tabs for sensitive information : highlight can't be seen.
https://bugzilla.redhat.com/show_bug.cgi?id=1008125
[ 3 ] Bug #1014085 - 100% cpu use while generating backtrace on retrace server
https://bugzilla.redhat.com/show_bug.cgi?id=1014085
--------------------------------------------------------------------------------
================================================================================
cifs-utils-6.2-3.fc19 (FEDORA-2013-18506)
Utilities for mounting and managing CIFS mounts
--------------------------------------------------------------------------------
Update Information:
This updates the cifs-utils package to the latest upstream release and fixes a number of bugs reported by Coverity scans.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 11 2013 Jeff Layton <jlayton at redhat.com> 6.2-3
- fixes for bugs reported by coverity:
- update bad bit shift patch with one that patches getcifsacl.c too
- remove some dead code from getcifsacl.c, asn1.c, and data_blob.c
- fix bad handling of allocated memory in del_mtab in mount.cifs.c
* Wed Oct 9 2013 Jeff Layton <jlayton at redhat.com> 6.2-2
- fix bad bit shift in setcifsacl.c
* Fri Oct 4 2013 Jeff Layton <jlayton at redhat.com> 6.2-1
- update to 6.2 release
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 6.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
cups-1.6.4-2.fc19 (FEDORA-2013-18910)
CUPS printing system
--------------------------------------------------------------------------------
Update Information:
Several bugs have been fixed including one that prevented remote printing from working correctly.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 27 2013 Tim Waugh <twaugh at redhat.com> - 1:1.6.4-2
- Reverted upstream change to FINAL_CONTENT_TYPE in order to fix
printing to remote CUPS servers (bug #1010580).
* Wed Sep 25 2013 Tim Waugh <twaugh at redhat.com> - 1:1.6.4-1
- 1.6.4.
* Wed Aug 21 2013 Jaromír Končický <jkoncick at redhat.com> - 1:1.6.3-8
- Add SyncOnClose option (bug #984883).
* Fri Aug 16 2013 Tim Waugh <twaugh at redhat.com> - 1:1.6.3-7
- Increase web interface get-devices timeout to 10s (bug #996664).
* Thu Aug 15 2013 Tim Waugh <twaugh at redhat.com> - 1:1.6.3-6
- Build with full read-only relocations (bug #996740).
* Tue Aug 6 2013 Tim Waugh <twaugh at redhat.com> - 1:1.6.3-5
- Fixes for jobs with multiple files and multiple formats.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #996740 - no Full RELRO
https://bugzilla.redhat.com/show_bug.cgi?id=996740
[ 2 ] Bug #996664 - web interface for 'add printer' does not allow backend enough time for discovery
https://bugzilla.redhat.com/show_bug.cgi?id=996664
[ 3 ] Bug #984883 - printers.conf frequently gets truncated to zero length after unclean shutdowns
https://bugzilla.redhat.com/show_bug.cgi?id=984883
[ 4 ] Bug #1010580 - Remote printing doesn't work - prnt/hpcups/HPCupsFilter.cpp 542: cupsRasterOpen failed, fd = 6
https://bugzilla.redhat.com/show_bug.cgi?id=1010580
--------------------------------------------------------------------------------
================================================================================
curl-7.29.0-12.fc19 (FEDORA-2013-18936)
A utility for getting files from remote servers (FTP, HTTP, and others)
--------------------------------------------------------------------------------
Update Information:
- do not limit the speed of SCP upload on a fast connection
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 11 2013 Kamil Dudka <kdudka at redhat.com> 7.29.0-12
- do not limit the speed of SCP upload on a fast connection
--------------------------------------------------------------------------------
================================================================================
derby-10.9.1.0-5.fc19 (FEDORA-2013-18922)
Relational database implemented entirely in Java
--------------------------------------------------------------------------------
Update Information:
Add more classes to derbynet.jar (#830661)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 11 2013 Michal Srb <msrb at redhat.com> - 10.9.1.0-5
- Add more classes to derbynet.jar (related to #830661)
- Create and own derby home dir
- Simplify systemd service file a bit
* Mon Aug 12 2013 Mat Booth <fedora at matbooth.co.uk> - 10.9.1.0-4
- Fix FTBFS rhbz #992123
- Update servlet BR
- Add missing BR on systemd-units
- Drop versioned jars
- Remove use of deprecated add_to_maven_depmap macro
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 10.9.1.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #830661 - derby network server fails to load: main class not found
https://bugzilla.redhat.com/show_bug.cgi?id=830661
--------------------------------------------------------------------------------
================================================================================
dwm-6.0-7.fc19 (FEDORA-2013-18915)
Dynamic window manager for X
--------------------------------------------------------------------------------
Update Information:
Apply custom patches in the right order.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 11 2013 Petr Šabata <contyk at redhat.com> - 6.0-7
- Sort the discovered patches before applying (#1017774)
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 6.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1017774 - Order in which patches are applied
https://bugzilla.redhat.com/show_bug.cgi?id=1017774
--------------------------------------------------------------------------------
================================================================================
eclipse-mylyn-3.9.1-3.fc19 (FEDORA-2013-18913)
Eclipse Mylyn main feature.
--------------------------------------------------------------------------------
Update Information:
Fix Red Hat bugzilla edition.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 11 2013 Krzysztof Daniel <kdaniel at redhat.com> 3.9.1-3
- Include fix for Eclipse bug 419133.
--------------------------------------------------------------------------------
================================================================================
firmware-tools-2.1.15-1.fc19.6 (FEDORA-2013-18921)
Scripts and tools to manage firmware and BIOS updates
--------------------------------------------------------------------------------
Update Information:
Commented out the import of gnome.ui module, which is resulting in crashes.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 10 2013 Praveen K Paladugu <praveen_paladugu at dell.com> - 2.1.15-1.6
- Removed the gnome-python2-gnome dependency
- Commented out the import of gnome.ui module as it is not used.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #997577 - [abrt] firmware-tools-2.1.15-1.fc19.4: inventory_firmware_gui:22:<module>:ImportError: No module named gnome.ui
https://bugzilla.redhat.com/show_bug.cgi?id=997577
--------------------------------------------------------------------------------
================================================================================
geary-0.4.0-1.fc19 (FEDORA-2013-18925)
A lightweight email program designed around conversations
--------------------------------------------------------------------------------
Update Information:
Update to the latest stable release of Geary:
This release includes many enhancements:
* Per-account full text search
* Automatic save to draft
* Refreshed user interface
* Per-folder unread email count
* Experimental support for Outlook.com
* Enhanced “show external images” preference
* Find bar for locating text within a conversation (Ctrl+F)
* Improved handling of attachments
* Malicious link checker
* Passwords stored with libsecret instead of GNOME Keyring
* Hundreds of bugs fixed and small improvements
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 9 2013 Thomas Moschny <thomas.moschny at gmx.de> - 0.4.0-1
- Update to 0.4.0.
- Drop patch applied upstream.
- Update build requirements.
- Include appdata file.
* Sat Aug 17 2013 Thomas Moschny <thomas.moschny at gmx.de> - 0.3.1-3
- Fix FTBFS with WebKitGTK+ 2.1 (rhbz#992326).
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.3.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
gnome-abrt-0.3.2-1.fc19 (FEDORA-2013-18924)
A utility for viewing problems that have occurred with the system
--------------------------------------------------------------------------------
Update Information:
This update includes a new upstream release which fixes the bugs listed. You can find other changes in the upstream description at:
- https://github.com/abrt/satyr/blob/master/NEWS
- https://github.com/abrt/abrt/commit/7dcfd2a024d2d65695e20d0cefd257d091272f66#diff-1e807c90d5bf1222db586f4a8f0a6de1R804
- https://github.com/abrt/libreport/commit/a75dcd1d30c99b751ba38eed1714d89053595687#diff-71a31a3e297ea003eaf1b3a5ac3e9457R575
- https://github.com/abrt/gnome-abrt/commit/7280edf171e1952132ba91e12f6f3f3030de9e85#diff-c3189e78ca44c8f42b1bd5a965e340c2R103
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 4 2013 Jakub Filak <jfilak at redhat.com> 0.3.2-1
- Fix a bug in SIGCHLD handler causing 100% CPU usage
- Show "yes" in Reported field only if no URL is available
- Load only the most recent reported to value
- Check if Application has valid name in filter fn
- Fix issues found by new pylint
- Resolves: #1014085
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #998197 - [abrt] abrt-2.1.6-3.fc19: os.py:531:_spawnvef:OSError: [Errno 11] Risorsa temporaneamente non disponibile
https://bugzilla.redhat.com/show_bug.cgi?id=998197
[ 2 ] Bug #1008125 - Review highlighted tabs for sensitive information : highlight can't be seen.
https://bugzilla.redhat.com/show_bug.cgi?id=1008125
[ 3 ] Bug #1014085 - 100% cpu use while generating backtrace on retrace server
https://bugzilla.redhat.com/show_bug.cgi?id=1014085
--------------------------------------------------------------------------------
================================================================================
gtk2-2.24.22-1.fc19 (FEDORA-2013-18935)
The GIMP ToolKit (GTK+), a library for creating GUIs for X
--------------------------------------------------------------------------------
Update Information:
This is a bug-fix release in the 2.24 series.
It fixes a number of bugs, but most notably, this update changes the handling of the immodule cache to be in sync with GTK+ 3. The cache file is no longer in /etc, but instead gets written to libdir. This solves multilib complications, and has already been tested in F20 and rawhide, but since it represents a considerable change, careful testing is advised, in particular if you are using input methods with GTK+ 2 applications.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 11 2013 Matthias Clasen <mclasen at redhat.com> - 2.24.22-1
- Update to 2.24.22
- Make immodule cache handling the same as in gtk3. The cache
file is now in $libdir, no longer in /etc
--------------------------------------------------------------------------------
================================================================================
gtk3-3.8.5-1.fc19 (FEDORA-2013-18906)
The GIMP ToolKit (GTK+), a library for creating GUIs for X
--------------------------------------------------------------------------------
Update Information:
A bug-fix release in the 3.8 series. From the upstream announcement:
* 339539 Ctrl-C, Ctrl-V changes tags
* 341146 reorder lines in configure.in for a better display
* 513812 Optimize gdk_cairo_set_source_pixbuf() alpha multipli...
* 586107 gtkprintbackendpapi.c does not compile on Solaris 10
* 696756 x11: gdk_device_get_source : assertion `GDK_IS_DEVICE...
* 703062 GtkTreeViewColumn returns negative size request on em...
* 706269 Clarify GtkBox, GtkHBox, and GtkVBox documentation
* 706345 GtkExpander's click-and-drag behavior should match th...
* 707872 GtkSwitch shouldn't have a default name
* 707926 GtkSwitch shouldn't have a default accessible description
* 708414 entrycompletion: set the GtkWindow as attached to the...
* 709056 icontheme: use g_file_load_contents() for symbolic icons
* 709264 Fix memory leaks in icons handling
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 10 2013 Matthias Clasen <mclasen at redhat.com> - 3.8.5-1
- Update to 3.8.5
--------------------------------------------------------------------------------
================================================================================
guacamole-client-0.8.3-4.fc19 (FEDORA-2013-18917)
Server-side Java components that form the Guacamole application
--------------------------------------------------------------------------------
Update Information:
Put more strict permissions on config files.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 11 2013 Simone Caronni <negativo17 at gmail.com> - 0.8.3-4
- Tighten permissions on user-mapping.xml.
--------------------------------------------------------------------------------
================================================================================
ibus-typing-booster-1.2.5-1.fc19 (FEDORA-2013-18907)
A typing booster engine for the IBus platform
--------------------------------------------------------------------------------
Update Information:
Add an option to display help for input methods; Some code cleanup
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 11 2013 Mike FABIAN <mfabian at redhat.com> - 1.2.5-1
- Add feature to display input method description to setup tool (Resolves: rhbz#1001581)
- Remove the options “m17n_mim_name” and “other_ime” from the .conf files
- remove tab_enable option from config files
* Tue Oct 1 2013 Mike FABIAN <mfabian at redhat.com> - 1.2.4-3
- Resolves: rhbz#1013992 ibus-typing-booster needs to have ibus write-cache --system in %post and %postun
* Mon Sep 30 2013 Mike FABIAN <mfabian at redhat.com> - 1.2.4-2
- remove superfluous line break in changelog
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1001581 - Help text not available
https://bugzilla.redhat.com/show_bug.cgi?id=1001581
--------------------------------------------------------------------------------
================================================================================
kate-plugin-cpphelper-0.9.6-1.fc19 (FEDORA-2013-18926)
Plugin for Kate to simplify C/C++ programming
--------------------------------------------------------------------------------
Update Information:
New upstream version, fix for bug #1017355 (Segmentation fault on opening configuration)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 10 2013 Mario Blättermann <mariobl at fedoraproject.org> - 0.9.6-1
- New upstream version, fixes bug #1017355
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1017355 - Segmentation fault on opening configuration
https://bugzilla.redhat.com/show_bug.cgi?id=1017355
--------------------------------------------------------------------------------
================================================================================
libreport-2.1.8-1.fc19 (FEDORA-2013-18924)
Generic library for reporting various problems
--------------------------------------------------------------------------------
Update Information:
This update includes a new upstream release which fixes the bugs listed. You can find other changes in the upstream description at:
- https://github.com/abrt/satyr/blob/master/NEWS
- https://github.com/abrt/abrt/commit/7dcfd2a024d2d65695e20d0cefd257d091272f66#diff-1e807c90d5bf1222db586f4a8f0a6de1R804
- https://github.com/abrt/libreport/commit/a75dcd1d30c99b751ba38eed1714d89053595687#diff-71a31a3e297ea003eaf1b3a5ac3e9457R575
- https://github.com/abrt/gnome-abrt/commit/7280edf171e1952132ba91e12f6f3f3030de9e85#diff-c3189e78ca44c8f42b1bd5a965e340c2R103
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 4 2013 Jakub Filak <jfilak at redhat.com> 2.1.8-1
- disable rhel/fedora workflows for anaconda
- added whitelist for sensitive data - rhbz#1009730 rhbz#896246
- ureport: always add BTHASH link to a report
- reprot-gtk: underline tab titles with sensitive information
- introduce FILENAME_EXPLOITABLE; related to abrt/abrt#703
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #998197 - [abrt] abrt-2.1.6-3.fc19: os.py:531:_spawnvef:OSError: [Errno 11] Risorsa temporaneamente non disponibile
https://bugzilla.redhat.com/show_bug.cgi?id=998197
[ 2 ] Bug #1008125 - Review highlighted tabs for sensitive information : highlight can't be seen.
https://bugzilla.redhat.com/show_bug.cgi?id=1008125
[ 3 ] Bug #1014085 - 100% cpu use while generating backtrace on retrace server
https://bugzilla.redhat.com/show_bug.cgi?id=1014085
--------------------------------------------------------------------------------
================================================================================
nodejs-node-static-0.7.1-2.fc19 (FEDORA-2013-18918)
Simple, compliant file streaming module for node
--------------------------------------------------------------------------------
Update Information:
Newpackage
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #965895 - Review Request: nodejs-node-static - Simple, compliant file streaming module for node
https://bugzilla.redhat.com/show_bug.cgi?id=965895
--------------------------------------------------------------------------------
================================================================================
perl-PAR-Packer-1.015-1.fc19 (FEDORA-2013-18909)
PAR Packager
--------------------------------------------------------------------------------
Update Information:
A new bugfix release of PAR::Packer is availeble. See upstream changelog for details -- http://cpansearch.perl.org/src/RSCHUPP/PAR-Packer-1.015/ChangeLog
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 11 2013 Petr Šabata <contyk at redhat.com> - 1.015-1
- 1.015 bugfix bump
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.014-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Fri Aug 2 2013 Petr Pisar <ppisar at redhat.com> - 1.014-3
- Perl 5.18 rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1017576 - perl-PAR-Packer-1.015 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1017576
--------------------------------------------------------------------------------
================================================================================
perl-Term-ShellUI-0.92-2.fc19 (FEDORA-2013-18904)
Perl module to implement a full-featured shell-like command line environment
--------------------------------------------------------------------------------
Update Information:
Initial push
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1002319 - Review Request: perl-Term-ShellUI - Fully-featured shell-like command line environment
https://bugzilla.redhat.com/show_bug.cgi?id=1002319
--------------------------------------------------------------------------------
================================================================================
python-djblets-0.7.20-1.fc19 (FEDORA-2013-18931)
A collection of useful classes and functions for Django
--------------------------------------------------------------------------------
Update Information:
Review Board 1.6.19 and 1.7.15 fix a few issues in the API where users could access certain data they should not have been able to access, if using the Local Sites feature, invite-only groups, or private repositories. It also fixes cases with invite-only groups where the group name and list of private review requests would show up on some pages (though the review requests themselves were not accessible).
These issues do not affect most of the installations out there, but we strongly recommend upgrading anyway. There are no known cases of anyone exploiting these bugs, and in fact we discovered these internally while building new tools to test for security vulnerabilities in our codebase.
There are also some other bug fixes, and important changes needed for extensions that provide their own REST APIs.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 11 2013 Stephen Gallagher <sgallagh at redhat.com> - 0.7.20-1
- New upstream bugfix release 0.7.20
- http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.20.NEWS
- Fixed regression with pagination on the datagrid
* Thu Oct 10 2013 Stephen Gallagher <sgallagh at redhat.com> - 0.7.19-1
- New upstream security release 0.7.19
- http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.19.NEWS
- Resolves: CVE-2013-4409
- Resolves unsanitized eval() vulnerability
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1016596 - CVE-2013-4410 ReviewBoard: access-control problems with REST API
https://bugzilla.redhat.com/show_bug.cgi?id=1016596
[ 2 ] Bug #1016599 - CVE-2013-4411 ReviewBoard: URL processing allows unauthorized users to view review lists
https://bugzilla.redhat.com/show_bug.cgi?id=1016599
[ 3 ] Bug #1016601 - CVE-2013-4409 python-djblets: unsanitized eval() vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=1016601
--------------------------------------------------------------------------------
================================================================================
python-flask-restless-0.12.0-1.fc19 (FEDORA-2013-18920)
Flask-Restless provides simple generation of ReSTful APIs
--------------------------------------------------------------------------------
Update Information:
New release.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 11 2013 Yohan Graterol <yohangraterol92 at gmail.com> - 0.12.0-1
- New release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #995283 - python-flask-restless - Provides simple generation of ReSTful APIs
https://bugzilla.redhat.com/show_bug.cgi?id=995283
--------------------------------------------------------------------------------
================================================================================
rubygem-capillary-1.0.3-3.fc19 (FEDORA-2013-18937)
Generate a JSON payload from Git log output
--------------------------------------------------------------------------------
Update Information:
First Fedora release. Capillary generates a JSON payload from Git log output.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1016370 - Review Request: rubygem-capillary - Generate a JSON payload from Git log output
https://bugzilla.redhat.com/show_bug.cgi?id=1016370
--------------------------------------------------------------------------------
================================================================================
satyr-0.10-1.fc19 (FEDORA-2013-18924)
Tools to create anonymous, machine-friendly problem reports
--------------------------------------------------------------------------------
Update Information:
This update includes a new upstream release which fixes the bugs listed. You can find other changes in the upstream description at:
- https://github.com/abrt/satyr/blob/master/NEWS
- https://github.com/abrt/abrt/commit/7dcfd2a024d2d65695e20d0cefd257d091272f66#diff-1e807c90d5bf1222db586f4a8f0a6de1R804
- https://github.com/abrt/libreport/commit/a75dcd1d30c99b751ba38eed1714d89053595687#diff-71a31a3e297ea003eaf1b3a5ac3e9457R575
- https://github.com/abrt/gnome-abrt/commit/7280edf171e1952132ba91e12f6f3f3030de9e85#diff-c3189e78ca44c8f42b1bd5a965e340c2R103
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 3 2013 Jakub Filak <jfilak at redhat.com> 0.10-1
- New upstream version
- Fix a segmentation fault in sr_rpm_package_uniq()
- Respect kernel flavor when parsing package name
- Parse backtrace without Thread header
- Fix koops json output if there are no modules
- Add support for multiple koops stacks
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #998197 - [abrt] abrt-2.1.6-3.fc19: os.py:531:_spawnvef:OSError: [Errno 11] Risorsa temporaneamente non disponibile
https://bugzilla.redhat.com/show_bug.cgi?id=998197
[ 2 ] Bug #1008125 - Review highlighted tabs for sensitive information : highlight can't be seen.
https://bugzilla.redhat.com/show_bug.cgi?id=1008125
[ 3 ] Bug #1014085 - 100% cpu use while generating backtrace on retrace server
https://bugzilla.redhat.com/show_bug.cgi?id=1014085
--------------------------------------------------------------------------------
================================================================================
timeline-0.20.0-3.fc19 (FEDORA-2013-18903)
Displays and navigates events on a timeline
--------------------------------------------------------------------------------
Update Information:
Fix spec typo.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 11 2013 Jon Ciesla <limburgher at gmail.com> - 0.20.0-3
- Fix typo, BZ 1018161.
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.20.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1018161 - timeline: typo in spec file garbles %postun
https://bugzilla.redhat.com/show_bug.cgi?id=1018161
--------------------------------------------------------------------------------
================================================================================
trafficserver-3.2.5-4.fc19 (FEDORA-2013-18905)
Fast, scalable and extensible HTTP/1.1 compliant caching proxy server
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 11 2013 Ralf Corsépius <corsepiu at fedoraproject.org> - 3.2.5-4
- Add BR: systemd for systemd.macros (RHBZ #1018080).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1018080 - unexpanded systemd-macros in rpm-scriptlets
https://bugzilla.redhat.com/show_bug.cgi?id=1018080
--------------------------------------------------------------------------------
================================================================================
transifex-client-0.9-4.fc19 (FEDORA-2013-18912)
Command line tool for Transifex translation management
--------------------------------------------------------------------------------
Update Information:
Command line tool for Transifex translation management
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 10 2013 Luis Bazan <lbazan at fedoraproject.org> - 0.9-4
- Fix BZ#1002546
* Mon Aug 26 2013 Luis Bazan <lbazan at fedoraproject.org> - 0.9-3
- remove dependency
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1002546 - Missing Dependency: python-setuptools.noarch
https://bugzilla.redhat.com/show_bug.cgi?id=1002546
--------------------------------------------------------------------------------
More information about the test
mailing list