Fedora 18 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Sat Sep 21 08:39:50 UTC 2013
The following Fedora 18 Security updates need testing:
Age URL
154 https://admin.fedoraproject.org/updates/FEDORA-2013-6117/eucalyptus-3.2.2-1.fc18
66 https://admin.fedoraproject.org/updates/FEDORA-2013-13131/livecd-tools-18.17-1.fc18
50 https://admin.fedoraproject.org/updates/FEDORA-2013-14005/zabbix-2.0.6-3.fc18
37 https://admin.fedoraproject.org/updates/FEDORA-2013-14794/filezilla-3.7.3-1.fc18
8 https://admin.fedoraproject.org/updates/FEDORA-2013-16587/wireshark-1.10.2-3.fc18
8 https://admin.fedoraproject.org/updates/FEDORA-2013-16381/lightdm-1.4.3-1.fc18
5 https://admin.fedoraproject.org/updates/FEDORA-2013-16810/proftpd-1.3.4d-4.fc18
4 https://admin.fedoraproject.org/updates/FEDORA-2013-16895/wordpress-3.6.1-1.fc18
2 https://admin.fedoraproject.org/updates/FEDORA-2013-17010/kernel-3.10.12-100.fc18
2 https://admin.fedoraproject.org/updates/FEDORA-2013-17047/xulrunner-24.0-2.fc18,firefox-24.0-1.fc18
2 https://admin.fedoraproject.org/updates/FEDORA-2013-16989/nas-1.9.3-4.fc18
2 https://admin.fedoraproject.org/updates/FEDORA-2013-17112/hplip-3.13.9-2.fc18
2 https://admin.fedoraproject.org/updates/FEDORA-2013-17016/icedtea-web-1.4.1-0.fc18
0 https://admin.fedoraproject.org/updates/FEDORA-2013-17195/spice-gtk-0.18-3.fc18
0 https://admin.fedoraproject.org/updates/FEDORA-2013-17203/systemd-201-2.fc18.8
0 https://admin.fedoraproject.org/updates/FEDORA-2013-17197/polkit-0.107-6.fc18
0 https://admin.fedoraproject.org/updates/FEDORA-2013-17305/libvirt-0.10.2.8-1.fc18
The following Fedora 18 Critical Path updates have yet to be approved:
Age URL
223 https://admin.fedoraproject.org/updates/FEDORA-2013-2192/nautilus-3.6.3-5.fc18
11 https://admin.fedoraproject.org/updates/FEDORA-2013-16214/gdb-7.5.1-42.fc18
11 https://admin.fedoraproject.org/updates/FEDORA-2013-16204/sane-backends-1.0.23-18.fc18
10 https://admin.fedoraproject.org/updates/FEDORA-2013-16335/gstreamer1-plugins-bad-free-1.0.10-1.fc18,gstreamer1-plugins-good-1.0.10-1.fc18,gstreamer1-plugins-base-1.0.10-1.fc18,gstreamer1-1.0.10-1.fc18
7 https://admin.fedoraproject.org/updates/FEDORA-2013-16676/gnome-abrt-0.3.1-1.fc18,abrt-2.1.7-1.fc18,libreport-2.1.7-1.fc18,satyr-0.9-1.fc18
5 https://admin.fedoraproject.org/updates/FEDORA-2013-16816/gdisk-0.8.7-2.fc18
2 https://admin.fedoraproject.org/updates/FEDORA-2013-17047/xulrunner-24.0-2.fc18,firefox-24.0-1.fc18
2 https://admin.fedoraproject.org/updates/FEDORA-2013-17013/device-mapper-persistent-data-0.2.7-1.fc18
2 https://admin.fedoraproject.org/updates/FEDORA-2013-17050/qt-4.8.5-8.fc18
2 https://admin.fedoraproject.org/updates/FEDORA-2013-17010/kernel-3.10.12-100.fc18
0 https://admin.fedoraproject.org/updates/FEDORA-2013-17321/thunderbird-24.0-2.fc18
0 https://admin.fedoraproject.org/updates/FEDORA-2013-17276/freetype-2.4.10-5.fc18
0 https://admin.fedoraproject.org/updates/FEDORA-2013-17197/polkit-0.107-6.fc18
0 https://admin.fedoraproject.org/updates/FEDORA-2013-17203/systemd-201-2.fc18.8
The following builds have been pushed to Fedora 18 updates-testing
ColPack-1.0.9-1.fc18
Mayavi-4.3.0-7.fc18
freetype-2.4.10-5.fc18
gfal-1.16.0-1.fc18
gridftp-ifce-2.3.1-1.fc18
hyperv-daemons-0-0.2.20130826git.fc18
java-1.7.0-openjdk-1.7.0.60-2.4.2.4.fc18
lcg-util-1.16.0-2.fc18
libvirt-0.10.2.8-1.fc18
mongodb-2.4.6-1.fc18
php-tcpdf-6.0.031-1.fc18
pulsecaster-0.1.9-5.fc18
python-bucky-0.2.6-2.fc18
python-libcloud-0.13.2-11.fc18
python-pyface-4.3.0-4.fc18
python-qpid-0.22-3.fc18
qpid-cpp-0.24-1.fc18
qt5-qtquick1-5.1.1-2.fc18
scribus-1.4.3-2.fc18
srm-ifce-1.18.0-1.fc18
thunderbird-24.0-2.fc18
unbound-1.4.21-1.fc18
vile-9.8k-1.fc18
Details about builds:
================================================================================
ColPack-1.0.9-1.fc18 (FEDORA-2013-17287)
Algorithms for specialized vertex coloring problems
--------------------------------------------------------------------------------
Update Information:
ColPack is a package comprising of implementation of algorithms for specialized vertex coloring problems that arise in sparse derivative computation. It is written in an object-oriented fashion heavily using the Standard Template Library (STL). It is designed to be simple, modular, extendable and efficient. This build has openMP-support enabled.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1004760 - Review Request: ColPack - Algorithms for specialized vertex coloring problems
https://bugzilla.redhat.com/show_bug.cgi?id=1004760
--------------------------------------------------------------------------------
================================================================================
Mayavi-4.3.0-7.fc18 (FEDORA-2013-17004)
Scientific data 3-dimensional visualizer
--------------------------------------------------------------------------------
Update Information:
* Add python-pyface-wx and python-pyface-qt packages to handle backend dependencies.
* Make Mayavi depend on python-pyface-wx as it doesn't work with the Qt backend.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 18 2013 Orion Poplawski <orion at cora.nwra.com> - 4.3.0-7
- Add patch to fix vtkQt class loading issue (bug #1008392)
* Mon Sep 16 2013 Orion Poplawski <orion at cora.nwra.com> - 4.3.0-6
- Require python-pyface-wx (bug #1008392)
* Tue Aug 6 2013 Orion Poplawski <orion at cora.nwra.com> - 4.3.0-5
- Drop BR on python-setupdocs, no longer used
* Fri Aug 2 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 4.3.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Wed May 22 2013 Orion Poplawski <orion at cora.nwra.com> - 4.3.0-3
- Use lowercase names in BR
--------------------------------------------------------------------------------
================================================================================
freetype-2.4.10-5.fc18 (FEDORA-2013-17276)
A free and portable font rendering engine
--------------------------------------------------------------------------------
Update Information:
Fix vertical size of emboldened glyphs.
See https://bugzilla.gnome.org/show_bug.cgi?id=686709 for additional info.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 20 2013 Marek Kasik <mkasik at redhat.com> - 2.4.10-5
- Fix vertical size of emboldened glyphs
--------------------------------------------------------------------------------
================================================================================
gfal-1.16.0-1.fc18 (FEDORA-2013-17311)
Grid File access library
--------------------------------------------------------------------------------
Update Information:
Release 1.16.0 of lcg-util
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 16 2013 Alejandro Alvarez <aalvarez at cern.ch> - 1.16.0-1
- Release of gfal 1.16.0
--------------------------------------------------------------------------------
================================================================================
gridftp-ifce-2.3.1-1.fc18 (FEDORA-2013-17282)
GridFTP library for FTS and lcgutil
--------------------------------------------------------------------------------
Update Information:
Release 2.3.1 of gridftp-ifce
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 20 2013 Adrien Devresse <adevress at cern.ch> - 2.3.1-1
- fix unversionned documentation problem
- Release 2.3.1 for EPEL
* Thu Mar 14 2013 Michail Salichos <msalicho at cern.ch> - 2.3.1-0
- replace globus wait with cond_timed_wait
--------------------------------------------------------------------------------
================================================================================
hyperv-daemons-0-0.2.20130826git.fc18 (FEDORA-2013-17290)
HyperV daemons suite
--------------------------------------------------------------------------------
Update Information:
Two bugs fixed.
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1010268 - hypervkvpd using wrong directory for its tools
https://bugzilla.redhat.com/show_bug.cgi?id=1010268
[ 2 ] Bug #1010260 - hypervkvpd WantedBy should be multi-user.target
https://bugzilla.redhat.com/show_bug.cgi?id=1010260
--------------------------------------------------------------------------------
================================================================================
java-1.7.0-openjdk-1.7.0.60-2.4.2.4.fc18 (FEDORA-2013-17304)
OpenJDK Runtime Environment
--------------------------------------------------------------------------------
Update Information:
fix build on arches where Zero VM is used
Improved buildver/updatever handling.
Fixed java -version output
Unluckily the leading 60 have to be kept (will be valid in one month)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 19 2013 Dan Horák <dan[at]danny.cz> - 1.7.0.40-2.4.2.4.f18
- don't apply more patches on ARM
* Thu Sep 19 2013 Dan Horák <dan[at]danny.cz> - 1.7.0.40-2.4.2.3.f18
- don't apply the size_t patch on ARM
* Thu Sep 19 2013 Dan Horák <dan[at]danny.cz> - 1.7.0.40-2.4.2.2.f18
- fix build on zero arches (Andrew Hughes <gnu.andrew at redhat.com)
* Wed Sep 11 2013 Jiri Vanek <jvanek at redhat.com> - 1.7.0.40-2.4.2.1.f18
- buildver replaced by updatever
- buildver reset to 60
- updatever set to 40
- added JDK_BUILD_NUMBER=b`printf "%02d" buildver to make parameters
- buildversion included in id
- desktop icons extracted to text files
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1008988 - build on s390 (32-bit) uses -m64 option
https://bugzilla.redhat.com/show_bug.cgi?id=1008988
--------------------------------------------------------------------------------
================================================================================
lcg-util-1.16.0-2.fc18 (FEDORA-2013-17326)
Command line tools for wlcg storage system
--------------------------------------------------------------------------------
Update Information:
Release 1.16.0 of lcg-util
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 19 2013 Adrien Devresse <adevress at cern.ch> - 1.16.0-2
- Change default doc path to unversionned
- Release 1.16.0 of lcg-util
--------------------------------------------------------------------------------
================================================================================
libvirt-0.10.2.8-1.fc18 (FEDORA-2013-17305)
Library providing a simple virtualization API
--------------------------------------------------------------------------------
Update Information:
* Rebased to version 0.10.2.8
* CVE-2013-4311: Insecure polkit usage (bz #1009539, bz #1005332)
* CVE-2013-4296: Invalid free memory stats (bz #1006173, bz #1009667)
* CVE-2013-4291: Supplementary groups handling (bz #1006509, bz #1006511)
* Fix LXC container creation if selinux disabled (bz #977114)
* Fix virsh change-media with block disk type (bz #951192)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 20 2013 Cole Robinson <crobinso at redhat.com> - 0.10.2.8-1
- Rebased to version 0.10.2.8
- CVE-2013-4311: Insecure polkit usage (bz #1009539, bz #1005332)
- CVE-2013-4296: Invalid free memory stats (bz #1006173, bz #1009667)
- CVE-2013-4291: Supplementary groups handling (bz #1006509, bz #1006511)
- Fix LXC container creation if selinux disabled (bz #977114)
- Fix virsh change-media with block disk type (bz #951192)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1005332 - CVE-2013-4311 libvirt: insecure calling of polkit
https://bugzilla.redhat.com/show_bug.cgi?id=1005332
[ 2 ] Bug #1006173 - CVE-2013-4296 libvirt: invalid free in remoteDispatchDomainMemoryStats
https://bugzilla.redhat.com/show_bug.cgi?id=1006173
[ 3 ] Bug #1006509 - CVE-2013-4291 libvirt: supplementary groups not adjusted correctly when parsing label
https://bugzilla.redhat.com/show_bug.cgi?id=1006509
--------------------------------------------------------------------------------
================================================================================
mongodb-2.4.6-1.fc18 (FEDORA-2013-17286)
High-performance, schema-free document-oriented database
--------------------------------------------------------------------------------
Update Information:
Update to 2.4.6, fix several bugs (#971595,979784,972904)
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
php-tcpdf-6.0.031-1.fc18 (FEDORA-2013-17291)
PHP class for generating PDF documents
--------------------------------------------------------------------------------
Update Information:
Upstream changelog:
6.0.031 (2013-09-18)
- Bug #836 "Optional EOL marker before endstream" was fixed.
- Some additional controls were added to avoid "division by zero" error with badly formatted input.
6.0.030 (2013-09-17)
- Bug #835 "PDF417 and Cyrilic simbols" was fixed.
6.0.029 (2013-09-15)
- Constants K_TCPDF_PARSER_THROW_EXCEPTION_ERROR and K_TCPDF_PARSER_IGNORE_DECODING_ERRORS where removed in favor of a new configuration array in the TCPDF_PARSER class.
- The TCPDF_PARSER class can now be configured using the new $cfg parameter.
6.0.028 (2013-09-15)
- A debug print_r was removed form tcpdf_parser.php.
- TCPDF_FILTERS class now throws an exception in case of error.
- TCPDF_PARSER class now throws an exception in case of error unless you define the constant K_TCPDF_PARSER_THROW_EXCEPTION_ERROR to false.
- The constant K_TCPDF_PARSER_IGNORE_DECODING_ERRORS can be set to tru eto ignore decoding errors on TCPDF_PARSER.
6.0.027 (2013-09-14)
- A bug in tcpdf_parser wen parsing hexadecimal strings was fixed.
- A bug in tcpdf_parser wen looking for statxref was fixed.
- A bug on RC4 encryption was fixed.
6.0.026 (2013-09-14)
- A bug in tcpdf_parser wen decoding streams was fixed.
6.0.025 (2013-09-04)
- A pregSplit() bug was fixed.
- Improved content loading from URLs.
- Improved font path loading.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 19 2013 Remi Collet <remi at fedoraproject.org> - 6.0.031-1
- update to 6.0.031
--------------------------------------------------------------------------------
================================================================================
pulsecaster-0.1.9-5.fc18 (FEDORA-2013-17319)
A PulseAudio-based podcast recorder
--------------------------------------------------------------------------------
Update Information:
This update provides improved translations for a number of languages from upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 20 2013 Paul W. Frields <stickster at gmail.com> - 0.1.9-5
- Updated translations from upstream
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.1.9-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.1.9-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-bucky-0.2.6-2.fc18 (FEDORA-2013-17288)
CollectD and StatsD adapter for Graphite
--------------------------------------------------------------------------------
Update Information:
Add dependency on collectd and update to 0.2.6.
Update to 0.2.6.
Update to 0.2.6.
Update to 0.2.6.
Update to 0.2.6.
Update to 0.2.6.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 19 2013 Jonathan Steffan <jsteffan at fedoraproject.org> - 0.2.6-2
- Update requires (RHBZ#953834)
* Tue Sep 17 2013 Jonathan Steffan <jsteffan at fedoraproject.org> - 0.2.6-1
- Update to 0.2.6
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.2.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #953834 - missing dependencies python-setuptools collectd
https://bugzilla.redhat.com/show_bug.cgi?id=953834
--------------------------------------------------------------------------------
================================================================================
python-libcloud-0.13.2-11.fc18 (FEDORA-2013-17318)
A Python library to address multiple cloud provider APIs
--------------------------------------------------------------------------------
Update Information:
Some bugfixes from Upstream
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 19 2013 Daniel Bruno <dbruno at fedoraproject.org> - 0.13.2-11
- Some bug fixes from Upstream
--------------------------------------------------------------------------------
================================================================================
python-pyface-4.3.0-4.fc18 (FEDORA-2013-17004)
Generic User Interface objects
--------------------------------------------------------------------------------
Update Information:
* Add python-pyface-wx and python-pyface-qt packages to handle backend dependencies.
* Make Mayavi depend on python-pyface-wx as it doesn't work with the Qt backend.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 16 2013 Orion Poplawski <orion at cora.nwra.com> - 4.3.0-4
- Create dummy backend packages to express dependencies
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 4.3.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-qpid-0.22-3.fc18 (FEDORA-2013-17316)
Python client library for AMQP
--------------------------------------------------------------------------------
Update Information:
Created the python-qpid-common subpackage.
Removed the unit tests.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Sep 17 2013 Darryl L. Pierce <dpierce at redhat.com> - 0.22-3
- Added the python-qpid-common subpackage
* Tue Sep 17 2013 Darryl L. Pierce <dpierce at redhat.com> - 0.22-2
- Removed the set of unit tests from the installed package.
- Resolves: BZ#1008877
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1008877 - python-qpid package contains unittest files
https://bugzilla.redhat.com/show_bug.cgi?id=1008877
--------------------------------------------------------------------------------
================================================================================
qpid-cpp-0.24-1.fc18 (FEDORA-2013-17306)
Libraries for Qpid C++ client applications
--------------------------------------------------------------------------------
Update Information:
Rebased on Qpid 0.24.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 20 2013 Darryl L. Pierce <dpierce at redhat.com> - 0.24-1
- Rebased on Qpid 0.24.
- Relocated qpidd.conf to /etc/qpid
- Trimmed old changelog entries due to bogus date complaints.
- Added fixes to support ARM as a primary platform.
- Build depends on qpid-proton 0.5.
- QPID-4938: Stop building ssl and acl support as separate plugin modules on Unix
- Cleaner encoding of index for delivery tags - QPID-5122
- QPID-5123: Changes to Fedora 19 packaging of libdb4 prevents legacystore from building
- QPID-5016: Legacy store not correctly initialising rmgr
- QPID-5126: Fix for building legacy store on ARM platforms
--------------------------------------------------------------------------------
================================================================================
qt5-qtquick1-5.1.1-2.fc18 (FEDORA-2013-17308)
A declarative language for describing user interfaces in Qt5
--------------------------------------------------------------------------------
Update Information:
A declarative language for describing user interfaces in Qt5.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #915907 - Review Request: qt5-qtquick1 - A declarative language for describing user interfaces in Qt5
https://bugzilla.redhat.com/show_bug.cgi?id=915907
--------------------------------------------------------------------------------
================================================================================
scribus-1.4.3-2.fc18 (FEDORA-2013-17298)
DeskTop Publishing application written in Qt
--------------------------------------------------------------------------------
Update Information:
- fix the shape insertion tool
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 19 2013 Dan Horák <dan[at]danny.cz> - 1.4.3-2
- fix the double patch (#1009979)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1009979 - scribus-to-double patch breaks shape insertion tool
https://bugzilla.redhat.com/show_bug.cgi?id=1009979
--------------------------------------------------------------------------------
================================================================================
srm-ifce-1.18.0-1.fc18 (FEDORA-2013-17297)
SRM client side library
--------------------------------------------------------------------------------
Update Information:
Release 1.18.0 for srm-ifce
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 20 2013 Adrien Devresse <adevress at cern.ch> - 1.18.0-1
- Release srm-ifce 1.18.0
* Mon Aug 19 2013 Alejandro Alvarez <aalvarez at cern.ch> - 1.17.0-0
- Release srm-ifce 1.17.0
--------------------------------------------------------------------------------
================================================================================
thunderbird-24.0-2.fc18 (FEDORA-2013-17321)
Mozilla Thunderbird mail/newsgroup client
--------------------------------------------------------------------------------
Update Information:
See http://www.mozilla.org/en/thunderbird/24.0/releasenotes/ for full list of changes.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 18 2013 Martin Stransky <stransky at redhat.com> - 24.0-2
- Added arm build fix
* Mon Sep 16 2013 Jan Horak <jhorak at redhat.com> - 24.0-1
- Update to 24.0
--------------------------------------------------------------------------------
================================================================================
unbound-1.4.21-1.fc18 (FEDORA-2013-17310)
Validating, recursive, and caching DNS(SEC) resolver
--------------------------------------------------------------------------------
Update Information:
Various minor bugfixes, new max-udp-size: 3072 option to reduce harm caused by DNS Amplification attacks
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 19 2013 Paul Wouters <pwouters at redhat.com> - 1.4.21-1
- Updated to 1.4.21
- Remove unbound-rootkey.service (happens via cron in unbound-libs)
- Enabled new max-udp-size: 3072 (so ANY isc.org won't fit)
- Removed patched merged in by upstream
- Enable statistics-cumulative for munin-plugin
- Added outgoing-port-avoid: 0-32767 conformant to SElinux restrictions
- Updated unbound.conf
--------------------------------------------------------------------------------
================================================================================
vile-9.8k-1.fc18 (FEDORA-2013-17312)
VI Like Emacs
--------------------------------------------------------------------------------
Update Information:
upgrade to 9.8k
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 11 2013 Mark McKinstry <mmckinst at nexcess.net> - 9.8k-1
- upgrade to 9.8k (BZ#983023)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #983023 - vile-9.8k is available
https://bugzilla.redhat.com/show_bug.cgi?id=983023
--------------------------------------------------------------------------------
More information about the test
mailing list