Fedora 19 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Tue Apr 29 05:30:27 UTC 2014
The following Fedora 19 Security updates need testing:
Age URL
185 https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glance-2013.1.4-1.fc19
122 https://admin.fedoraproject.org/updates/FEDORA-2013-24023/varnish-3.0.5-1.fc19
26 https://admin.fedoraproject.org/updates/FEDORA-2014-4676/a2ps-4.14-23.fc19
14 https://admin.fedoraproject.org/updates/FEDORA-2014-5024/smb4k-1.1.1-2.fc19
14 https://admin.fedoraproject.org/updates/FEDORA-2014-4975/json-c-0.11-6.fc19
14 https://admin.fedoraproject.org/updates/FEDORA-2014-5031/elfutils-0.158-3.fc19
10 https://admin.fedoraproject.org/updates/FEDORA-2014-5308/srm-1.2.13-1.fc19
7 https://admin.fedoraproject.org/updates/FEDORA-2014-5414/bugzilla-4.2.9-1.fc19
6 https://admin.fedoraproject.org/updates/FEDORA-2014-5511/ndjbdns-1.06-1.fc19
6 https://admin.fedoraproject.org/updates/FEDORA-2014-5487/python-pillow-2.0.0-13.gitd1c6db8.fc19
4 https://admin.fedoraproject.org/updates/FEDORA-2014-5562/python-django-1.5.6-1.fc19
4 https://admin.fedoraproject.org/updates/FEDORA-2014-5551/zabbix-2.0.11-3.fc19
4 https://admin.fedoraproject.org/updates/FEDORA-2014-5586/prosody-0.8.2-11.fc19
2 https://admin.fedoraproject.org/updates/FEDORA-2014-5609/kernel-3.13.11-100.fc19
1 https://admin.fedoraproject.org/updates/FEDORA-2014-5715/qt-4.8.6-2.fc19
1 https://admin.fedoraproject.org/updates/FEDORA-2014-5691/mediawiki-1.21.9-1.fc19
1 https://admin.fedoraproject.org/updates/FEDORA-2014-5680/qt5-qtbase-5.2.1-8.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-5751/mumble-1.2.5-1.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-5759/cups-filters-1.0.53-1.fc19
The following Fedora 19 Critical Path updates have yet to be approved:
Age URL
133 https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmarks-15-5.fc19
59 https://admin.fedoraproject.org/updates/FEDORA-2014-3245/testdisk-6.14-2.fc19.1,ntfs-3g-2014.2.15-1.fc19
13 https://admin.fedoraproject.org/updates/FEDORA-2014-5073/iscsi-initiator-utils-6.2.0.873-21.fc19
13 https://admin.fedoraproject.org/updates/FEDORA-2014-5117/audit-2.3.6-1.fc19
12 https://admin.fedoraproject.org/updates/FEDORA-2014-5223/bash-4.2.47-1.fc19
12 https://admin.fedoraproject.org/updates/FEDORA-2014-5213/xdg-utils-1.1.0-0.24.rc2.fc19
10 https://admin.fedoraproject.org/updates/FEDORA-2014-5341/libjpeg-turbo-1.3.1-2.fc19
7 https://admin.fedoraproject.org/updates/FEDORA-2014-5448/ibus-1.5.6-3.fc19
4 https://admin.fedoraproject.org/updates/FEDORA-2014-5590/libcap-ng-0.7.4-1.fc19
2 https://admin.fedoraproject.org/updates/FEDORA-2014-5620/abrt-2.2.1-1.fc19,libreport-2.2.2-2.fc19
2 https://admin.fedoraproject.org/updates/FEDORA-2014-5609/kernel-3.13.11-100.fc19
1 https://admin.fedoraproject.org/updates/FEDORA-2014-5665/curl-7.29.0-18.fc19
1 https://admin.fedoraproject.org/updates/FEDORA-2014-5715/qt-4.8.6-2.fc19
The following builds have been pushed to Fedora 19 updates-testing
asterisk-11.9.0-1.fc19
cups-filters-1.0.53-1.fc19
darktable-1.4.2-1.fc19
mate-applet-softupd-0.2.11-1.fc19
mumble-1.2.5-1.fc19
perl-Apache-LogFormat-Compiler-0.30-2.fc19
perl-MooX-HandlesVia-0.001005-2.fc19
perl-Text-CSV_XS-1.06-1.fc19
php-PHP-CSS-Parser-5.1.2-1.fc19
php-tcpdf-6.0.072-1.fc19
rubygem-mixlib-cli-1.5.0-1.fc19
shogun-data-0.8.1-0.8.git20140420.8652c9c.fc19
Details about builds:
================================================================================
asterisk-11.9.0-1.fc19 (FEDORA-2014-5742)
The Open Source PBX
--------------------------------------------------------------------------------
Update Information:
The Asterisk Development Team has announced the release of Asterisk 11.9.0.
This release is available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk
The release of Asterisk 11.9.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!
The following are the issues resolved in this release:
Bugs fixed in this release:
-----------------------------------
* ASTERISK-22790 - check_modem_rate() may return incorrect rate
for V.27 (Reported by Paolo Compagnini)
* ASTERISK-23034 - [patch] manager Originate doesn't abort on
failed format_cap allocation (Reported by Corey Farrell)
* ASTERISK-23061 - [Patch] 'textsupport' setting not mentioned in
sip.conf.sample (Reported by Eugene)
* ASTERISK-23028 - [patch] Asterisk man pages contains unquoted
minus signs (Reported by Jeremy Lainé)
* ASTERISK-23046 - Custom CDR fields set during a GoSUB called
from app_queue are not inserted (Reported by Denis Pantsyrev)
* ASTERISK-23027 - [patch] Spelling typo "transfered" instead of
"transferred" (Reported by Jeremy Lainé)
* ASTERISK-23008 - Local channels loose CALLERID name when DAHDI
channel connects (Reported by Michael Cargile)
* ASTERISK-23100 - [patch] In chan_mgcp the ident in transmitted
request and request queue may differ - fix for locking (Reported
by adomjan)
* ASTERISK-22988 - [patch]T38 , SIP 488 after Rejecting image
media offer due to invalid or unsupported syntax (Reported by
adomjan)
* ASTERISK-22861 - [patch]Specifying a null time as parameter to
GotoIfTime or ExecIfTime causes segmentation fault (Reported by
Sebastian Murray-Roberts)
* ASTERISK-17837 - extconfig.conf - Maximum Include level (1)
exceeded (Reported by pz)
* ASTERISK-22662 - Documentation fix? - queues.conf says
persistentmembers defaults to yes, it appears to lie (Reported
by Rusty Newton)
* ASTERISK-23134 - [patch] res_rtp_asterisk port selection cannot
handle selinux port restrictions (Reported by Corey Farrell)
* ASTERISK-23220 - STACK_PEEK function with no arguments causes
crash/core dump (Reported by James Sharp)
* ASTERISK-19773 - Asterisk crash on issuing Asterisk-CLI 'reload'
command multiple times on cli_aliases (Reported by Joel Vandal)
* ASTERISK-22757 - segfault in res_clialiases.so on reload when
mapping "module reload" command (Reported by Gareth Blades)
* ASTERISK-17727 - [patch] TLS doesn't get all certificate chain
(Reported by LN)
* ASTERISK-23178 - devicestate.h: device state setting functions
are documented with the wrong return values (Reported by
Jonathan Rose)
* ASTERISK-23232 - LocalBridge AMI Event LocalOptimization value
is opposite to what's expected (Reported by Leon Roy)
* ASTERISK-23098 - [patch]possible null pointer dereference in
format.c (Reported by Marcello Ceschia)
* ASTERISK-23297 - Asterisk 12, pbx_config.so segfaults if
res_parking.so is not loaded, or if res_parking.conf has no
configuration (Reported by CJ Oster)
* ASTERISK-23069 - Custom CDR variable not recorded when set in
macro called from app_queue (Reported by Bryan Anderson)
* ASTERISK-19499 - ConfBridge MOH is not working for transferee
after attended transfer (Reported by Timo Teräs)
* ASTERISK-23261 - [patch]Output mixup in
${CHANNEL(rtpqos,audio,all)} (Reported by rsw686)
* ASTERISK-23279 - [patch]Asterisk doesn't support the dynamic
payload change in rtp mapping in the 200 OK response (Reported
by NITESH BANSAL)
* ASTERISK-23255 - UUID included for Redhat, but missing for
Debian distros in install_prereq script (Reported by Rusty
Newton)
* ASTERISK-23260 - [patch]ForkCDR v option does not keep CDR
variables for subsequent records (Reported by zvision)
* ASTERISK-23141 - Asterisk crashes on Dial(), in
pbx_find_extension at pbx.c (Reported by Maxim)
* ASTERISK-23336 - Asterisk warning "Don't know how to indicate
condition 33 on ooh323c" on outgoing calls from H323 to SIP peer
(Reported by Alexander Semych)
* ASTERISK-23231 - Since 405693 If we have res_fax.conf file set
to minrate=2400, then res_fax refuse to load (Reported by David
Brillert)
* ASTERISK-23135 - Crash - segfault in ast_channel_hangupcause_set
- probably introduced in 11.7.0 (Reported by OK)
* ASTERISK-23323 - [patch]chan_sip: missing p->owner checks in
handle_response_invite (Reported by Walter Doekes)
* ASTERISK-23406 - [patch]Fix typo in "sip show peer" (Reported by
ibercom)
* ASTERISK-23310 - bridged channel crashes in bridge_p2p_rtp_write
(Reported by Jeremy Lainé)
* ASTERISK-22911 - [patch]Asterisk fails to resume WebRTC call
from hold (Reported by Vytis Valentinavičius)
* ASTERISK-23104 - Specifying the SetVar AMI without a Channel
cause Asterisk to crash (Reported by Joel Vandal)
* ASTERISK-21930 - [patch]WebRTC over WSS is not working.
(Reported by John)
* ASTERISK-23383 - Wrong sense test on stat return code causes
unchanged config check to break with include files. (Reported by
David Woolley)
* ASTERISK-20149 - Crash when faxing SIP to SIP with strictrtp set
to yes (Reported by Alexandr Gordeev)
* ASTERISK-17523 - Qualify for static realtime peers does not work
(Reported by Maciej Krajewski)
* ASTERISK-21406 - [patch] chan_sip deadlock on monlock between
unload_module and do_monitor (Reported by Corey Farrell)
* ASTERISK-23373 - [patch]Security: Open FD exhaustion with
chan_sip Session-Timers (Reported by Corey Farrell)
* ASTERISK-23340 - Security Vulnerability: stack allocation of
cookie headers in loop allows for unauthenticated remote denial
of service attack (Reported by Matt Jordan)
* ASTERISK-23311 - Manager - MoH Stop Event fails to show up when
leaving Conference (Reported by Benjamin Keith Ford)
* ASTERISK-23420 - [patch]Memory leak in manager_add_filter
function in manager.c (Reported by Etienne Lessard)
* ASTERISK-23488 - Logic error in callerid checksum processing
(Reported by Russ Meyerriecks)
* ASTERISK-23461 - Only first user is muted when joining
confbridge with 'startmuted=yes' (Reported by Chico Manobela)
* ASTERISK-20841 - fromdomain not honored on outbound INVITE
request (Reported by Kelly Goedert)
* ASTERISK-22079 - Segfault: INTERNAL_OBJ (user_data=0x6374652f)
at astobj2.c:120 (Reported by Jamuel Starkey)
* ASTERISK-23509 - [patch]SayNumber for Polish language tries to
play empty files for numbers divisible by 100 (Reported by
zvision)
* ASTERISK-23103 - [patch]Crash in ast_format_cmp, in ao2_find
(Reported by JoshE)
* ASTERISK-23391 - Audit dialplan function usage of channel
variable (Reported by Corey Farrell)
* ASTERISK-23548 - POST to ARI sometimes returns no body on
success (Reported by Scott Griepentrog)
* ASTERISK-23460 - ooh323 channel stuck if call is placed directly
and gatekeeper is not available (Reported by Dmitry Melekhov)
Improvements made in this release:
-----------------------------------
* ASTERISK-22980 - [patch]Allow building cdr_radius and cel_radius
against libfreeradius-client (Reported by Jeremy Lainé)
* ASTERISK-22661 - Unable to exit ChanSpy if spied channel does
not have a call in progress (Reported by Chris Hillman)
* ASTERISK-23099 - [patch] WSS: enable ast_websocket_read()
function to read the whole available data at first and then wait
for any fragmented packets (Reported by Thava Iyer)
For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.9.0
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 23 2014 Jeffrey Ollie <jeff at ocjtech.us> - 11.9.0-1:
- The Asterisk Development Team has announced the release of Asterisk 11.9.0.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 11.9.0 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following are the issues resolved in this release:
-
- Bugs fixed in this release:
- -----------------------------------
- * ASTERISK-22790 - check_modem_rate() may return incorrect rate
- for V.27 (Reported by Paolo Compagnini)
- * ASTERISK-23034 - [patch] manager Originate doesn't abort on
- failed format_cap allocation (Reported by Corey Farrell)
- * ASTERISK-23061 - [Patch] 'textsupport' setting not mentioned in
- sip.conf.sample (Reported by Eugene)
- * ASTERISK-23028 - [patch] Asterisk man pages contains unquoted
- minus signs (Reported by Jeremy Lainé)
- * ASTERISK-23046 - Custom CDR fields set during a GoSUB called
- from app_queue are not inserted (Reported by Denis Pantsyrev)
- * ASTERISK-23027 - [patch] Spelling typo "transfered" instead of
- "transferred" (Reported by Jeremy Lainé)
- * ASTERISK-23008 - Local channels loose CALLERID name when DAHDI
- channel connects (Reported by Michael Cargile)
- * ASTERISK-23100 - [patch] In chan_mgcp the ident in transmitted
- request and request queue may differ - fix for locking (Reported
- by adomjan)
- * ASTERISK-22988 - [patch]T38 , SIP 488 after Rejecting image
- media offer due to invalid or unsupported syntax (Reported by
- adomjan)
- * ASTERISK-22861 - [patch]Specifying a null time as parameter to
- GotoIfTime or ExecIfTime causes segmentation fault (Reported by
- Sebastian Murray-Roberts)
- * ASTERISK-17837 - extconfig.conf - Maximum Include level (1)
- exceeded (Reported by pz)
- * ASTERISK-22662 - Documentation fix? - queues.conf says
- persistentmembers defaults to yes, it appears to lie (Reported
- by Rusty Newton)
- * ASTERISK-23134 - [patch] res_rtp_asterisk port selection cannot
- handle selinux port restrictions (Reported by Corey Farrell)
- * ASTERISK-23220 - STACK_PEEK function with no arguments causes
- crash/core dump (Reported by James Sharp)
- * ASTERISK-19773 - Asterisk crash on issuing Asterisk-CLI 'reload'
- command multiple times on cli_aliases (Reported by Joel Vandal)
- * ASTERISK-22757 - segfault in res_clialiases.so on reload when
- mapping "module reload" command (Reported by Gareth Blades)
- * ASTERISK-17727 - [patch] TLS doesn't get all certificate chain
- (Reported by LN)
- * ASTERISK-23178 - devicestate.h: device state setting functions
- are documented with the wrong return values (Reported by
- Jonathan Rose)
- * ASTERISK-23232 - LocalBridge AMI Event LocalOptimization value
- is opposite to what's expected (Reported by Leon Roy)
- * ASTERISK-23098 - [patch]possible null pointer dereference in
- format.c (Reported by Marcello Ceschia)
- * ASTERISK-23297 - Asterisk 12, pbx_config.so segfaults if
- res_parking.so is not loaded, or if res_parking.conf has no
- configuration (Reported by CJ Oster)
- * ASTERISK-23069 - Custom CDR variable not recorded when set in
- macro called from app_queue (Reported by Bryan Anderson)
- * ASTERISK-19499 - ConfBridge MOH is not working for transferee
- after attended transfer (Reported by Timo Teräs)
- * ASTERISK-23261 - [patch]Output mixup in
- ${CHANNEL(rtpqos,audio,all)} (Reported by rsw686)
- * ASTERISK-23279 - [patch]Asterisk doesn't support the dynamic
- payload change in rtp mapping in the 200 OK response (Reported
- by NITESH BANSAL)
- * ASTERISK-23255 - UUID included for Redhat, but missing for
- Debian distros in install_prereq script (Reported by Rusty
- Newton)
- * ASTERISK-23260 - [patch]ForkCDR v option does not keep CDR
- variables for subsequent records (Reported by zvision)
- * ASTERISK-23141 - Asterisk crashes on Dial(), in
- pbx_find_extension at pbx.c (Reported by Maxim)
- * ASTERISK-23336 - Asterisk warning "Don't know how to indicate
- condition 33 on ooh323c" on outgoing calls from H323 to SIP peer
- (Reported by Alexander Semych)
- * ASTERISK-23231 - Since 405693 If we have res_fax.conf file set
- to minrate=2400, then res_fax refuse to load (Reported by David
- Brillert)
- * ASTERISK-23135 - Crash - segfault in ast_channel_hangupcause_set
- - probably introduced in 11.7.0 (Reported by OK)
- * ASTERISK-23323 - [patch]chan_sip: missing p->owner checks in
- handle_response_invite (Reported by Walter Doekes)
- * ASTERISK-23406 - [patch]Fix typo in "sip show peer" (Reported by
- ibercom)
- * ASTERISK-23310 - bridged channel crashes in bridge_p2p_rtp_write
- (Reported by Jeremy Lainé)
- * ASTERISK-22911 - [patch]Asterisk fails to resume WebRTC call
- from hold (Reported by Vytis Valentinavičius)
- * ASTERISK-23104 - Specifying the SetVar AMI without a Channel
- cause Asterisk to crash (Reported by Joel Vandal)
- * ASTERISK-21930 - [patch]WebRTC over WSS is not working.
- (Reported by John)
- * ASTERISK-23383 - Wrong sense test on stat return code causes
- unchanged config check to break with include files. (Reported by
- David Woolley)
- * ASTERISK-20149 - Crash when faxing SIP to SIP with strictrtp set
- to yes (Reported by Alexandr Gordeev)
- * ASTERISK-17523 - Qualify for static realtime peers does not work
- (Reported by Maciej Krajewski)
- * ASTERISK-21406 - [patch] chan_sip deadlock on monlock between
- unload_module and do_monitor (Reported by Corey Farrell)
- * ASTERISK-23373 - [patch]Security: Open FD exhaustion with
- chan_sip Session-Timers (Reported by Corey Farrell)
- * ASTERISK-23340 - Security Vulnerability: stack allocation of
- cookie headers in loop allows for unauthenticated remote denial
- of service attack (Reported by Matt Jordan)
- * ASTERISK-23311 - Manager - MoH Stop Event fails to show up when
- leaving Conference (Reported by Benjamin Keith Ford)
- * ASTERISK-23420 - [patch]Memory leak in manager_add_filter
- function in manager.c (Reported by Etienne Lessard)
- * ASTERISK-23488 - Logic error in callerid checksum processing
- (Reported by Russ Meyerriecks)
- * ASTERISK-23461 - Only first user is muted when joining
- confbridge with 'startmuted=yes' (Reported by Chico Manobela)
- * ASTERISK-20841 - fromdomain not honored on outbound INVITE
- request (Reported by Kelly Goedert)
- * ASTERISK-22079 - Segfault: INTERNAL_OBJ (user_data=0x6374652f)
- at astobj2.c:120 (Reported by Jamuel Starkey)
- * ASTERISK-23509 - [patch]SayNumber for Polish language tries to
- play empty files for numbers divisible by 100 (Reported by
- zvision)
- * ASTERISK-23103 - [patch]Crash in ast_format_cmp, in ao2_find
- (Reported by JoshE)
- * ASTERISK-23391 - Audit dialplan function usage of channel
- variable (Reported by Corey Farrell)
- * ASTERISK-23548 - POST to ARI sometimes returns no body on
- success (Reported by Scott Griepentrog)
- * ASTERISK-23460 - ooh323 channel stuck if call is placed directly
- and gatekeeper is not available (Reported by Dmitry Melekhov)
-
- Improvements made in this release:
- -----------------------------------
- * ASTERISK-22980 - [patch]Allow building cdr_radius and cel_radius
- against libfreeradius-client (Reported by Jeremy Lainé)
- * ASTERISK-22661 - Unable to exit ChanSpy if spied channel does
- not have a call in progress (Reported by Chris Hillman)
- * ASTERISK-23099 - [patch] WSS: enable ast_websocket_read()
- function to read the whole available data at first and then wait
- for any fragmented packets (Reported by Thava Iyer)
--------------------------------------------------------------------------------
================================================================================
cups-filters-1.0.53-1.fc19 (FEDORA-2014-5759)
OpenPrinting CUPS filters and backends
--------------------------------------------------------------------------------
Update Information:
This update fixes two flaws and various bugs.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 28 2014 Jiri Popelka <jpopelka at redhat.com> - 1.0.53-1
- 1.0.53
* Wed Apr 2 2014 Jiri Popelka <jpopelka at redhat.com> - 1.0.41-6
- Remote command injection in cups-browsed (bug #1083327).
* Tue Mar 11 2014 Jiri Popelka <jpopelka at redhat.com> - 1.0.41-5
- Don't ship pdftoopvp (#1027557) and urftopdf (#1002947).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1091565 - cups-filters: inadequate fix for CVE-2014-2707
https://bugzilla.redhat.com/show_bug.cgi?id=1091565
[ 2 ] Bug #1091568 - cups-filters: unsupported BrowseAllow value lets cups-browsed accept from all hosts
https://bugzilla.redhat.com/show_bug.cgi?id=1091568
[ 3 ] Bug #1083326 - CVE-2014-2707 cups-filters: remote command injection in cups-browsed
https://bugzilla.redhat.com/show_bug.cgi?id=1083326
--------------------------------------------------------------------------------
================================================================================
darktable-1.4.2-1.fc19 (FEDORA-2014-5746)
Utility to organize and develop raw images
--------------------------------------------------------------------------------
Update Information:
upgrade to 1.4.2
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 25 2014 Edouard Bourguignon <madko at linuxed.net> - 1.4.2-1
- Upgrade to 1.4.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1090878 - darktable-1.4.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1090878
--------------------------------------------------------------------------------
================================================================================
mate-applet-softupd-0.2.11-1.fc19 (FEDORA-2014-5735)
MATE Software Update Applet
--------------------------------------------------------------------------------
Update Information:
* Mon Apr 28 2014 Patrick Monnerat <pm at datasphere.ch> 0.2.11-1
- New upstream release.
- Stop timers on applet destroy.
https://bugzilla.redhat.com/show_bug.cgi?id=1086989
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 28 2014 Patrick Monnerat <pm at datasphere.ch> 0.2.11-1
- New upstream release.
- Stop timers on applet destroy.
https://bugzilla.redhat.com/show_bug.cgi?id=1086989
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1086989 - [abrt] mate-applet-softupd: check_dead_bones(): softupd_applet killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1086989
--------------------------------------------------------------------------------
================================================================================
mumble-1.2.5-1.fc19 (FEDORA-2014-5751)
Voice chat suite aimed at gamers
--------------------------------------------------------------------------------
Update Information:
New upstream release 1.2.5.
This update fixes:
* CVE-2014-0044
* CVE-2014-0045
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 25 2014 Christian Krause <chkr at fedoraproject.org> - 1.2.5-1
- Update 1.2.5 (BZ 1062209)
- Update fixes CVE-2014-0044 (BZ 1061857) and CVE-2014-0045 (BZ 1061858)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1061857 - CVE-2014-0044 mumble: NULL pointer dereference leads to denial of service
https://bugzilla.redhat.com/show_bug.cgi?id=1061857
[ 2 ] Bug #1061858 - CVE-2014-0045 mumble: NULL pointer dereference leads to denial of service
https://bugzilla.redhat.com/show_bug.cgi?id=1061858
--------------------------------------------------------------------------------
================================================================================
perl-Apache-LogFormat-Compiler-0.30-2.fc19 (FEDORA-2014-5750)
Compile a log format string to perl-code
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Fri Apr 25 2014 Petr Pisar <ppisar at redhat.com> - 0.30-2
- Drop unneeded build-time dependencies
* Thu Apr 17 2014 Ralf Corsépius <corsepiu at fedoraproject.org> 0.30-1
- Upstream update.
- Reflect upstream R:/BR: changes.
* Fri Jan 17 2014 Ralf Corsépius <corsepiu at fedoraproject.org> 0.23-1
- Upstream update.
- Reflect upstream R:/BR: changes.
--------------------------------------------------------------------------------
================================================================================
perl-MooX-HandlesVia-0.001005-2.fc19 (FEDORA-2014-5755)
NativeTrait-like behavior for Moo
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1079615 - Review Request: perl-MooX-HandlesVia - NativeTrait-like behavior for Moo
https://bugzilla.redhat.com/show_bug.cgi?id=1079615
--------------------------------------------------------------------------------
================================================================================
perl-Text-CSV_XS-1.06-1.fc19 (FEDORA-2014-5736)
Comma-separated values manipulation routines
--------------------------------------------------------------------------------
Update Information:
Close filehandles in csv() only on real files.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 28 2014 Petr Šabata <contyk at redhat.com> - 1.06-1
- 1.06 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1091737 - perl-Text-CSV_XS-1.06 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1091737
--------------------------------------------------------------------------------
================================================================================
php-PHP-CSS-Parser-5.1.2-1.fc19 (FEDORA-2014-5760)
A Parser for CSS Files
--------------------------------------------------------------------------------
Update Information:
* Add fr relative size unit
* Fix some issues with HHVM
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 28 2014 Remi Collet <remi at fedoraproject.org> - 5.1.2-1
- update to 5.1.2
* Thu Feb 20 2014 Remi Collet <remi at fedoraproject.org> - 5.1.1-2
- add upstream patch (required by Horde_Css_Parser)
--------------------------------------------------------------------------------
================================================================================
php-tcpdf-6.0.072-1.fc19 (FEDORA-2014-5761)
PHP class for generating PDF documents
--------------------------------------------------------------------------------
Update Information:
Upstream Changelog:
6.0.072 (2014-04-27)
* Deprecated curly braces substring syntax was replaced with square braces.
6.0.071 (2014-04-25)
* Bug #911 "error with buffered png pics" was fixed.
6.0.070 (2014-04-24)
* Bug #910 "An SVG image is being cut off (with clipping mask) when you use align options" was fixed.
6.0.069 (2014-04-24)
* Datamatrix Base256 encoding was fixed.
6.0.068 (2014-04-22)
* Some Datamatrix barcode bugs were fixed.
6.0.067 (2014-04-21)
* startLayer() method signature was changed to include a new "lock" parameter.
6.0.066 (2014-04-20)
* Bug #908 "Linebreak is not considered when getting length of the next string" was fixed.
6.0.065 (2014-04-10)
* Bug #905 "RGB percentage color bug in convertHTMLColorToDec()" was fixed.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Apr 28 2014 Remi Collet <remi at fedoraproject.org> - 6.0.072-1
- update to 6.0.072
--------------------------------------------------------------------------------
================================================================================
rubygem-mixlib-cli-1.5.0-1.fc19 (FEDORA-2014-5752)
Simple Ruby mix-in for CLI interfaces
--------------------------------------------------------------------------------
Update Information:
Update to 1.5.0 (bz#1091745)
--------------------------------------------------------------------------------
ChangeLog:
* Sun Apr 27 2014 Julian C. Dunn <jdunn at aquezada.com> - 1.5.0-1
- Update to 1.5.0 (bz#1091745)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1091745 - rubygem-mixlib-cli-1.5.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1091745
--------------------------------------------------------------------------------
================================================================================
shogun-data-0.8.1-0.8.git20140420.8652c9c.fc19 (FEDORA-2014-5741)
Data-files for the SHOGUN machine learning toolbox
--------------------------------------------------------------------------------
Update Information:
updated to new snapshot git20140420.8652c9c8f81742a80ee9b999ea182fd9624dd4f2
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 24 2014 Björn Esser <bjoern.esser at gmail.com> - 0.8.1-0.8.git20140420.8652c9c
- updated to new snapshot git20140420.8652c9c8f81742a80ee9b999ea182fd9624dd4f2
* Mon Apr 14 2014 Björn Esser <bjoern.esser at gmail.com> - 0.8.1-0.7.git20140414.9a8b634
- updated to new snapshot git20140414.9a8b634ebdbc013ae020191bf1f5fe9846168087
* Mon Apr 14 2014 Björn Esser <bjoern.esser at gmail.com> - 0.8.1-0.6.git20140408.1e5eb17
- updated to new snapshot git20140408.1e5eb17040965b5ffe7f6c13ab3d7eae41fd7a25
- removed %config from macro-files
* Tue Mar 18 2014 Björn Esser <bjoern.esser at gmail.com> - 0.8.1-0.5.git20140317.082eeb5
- updated to new snapshot git20140317.082eeb56ea20fc55085950e6114ef4e7849d438d
--------------------------------------------------------------------------------
More information about the test
mailing list