Fedora 19 updates-testing report

updates at fedoraproject.org updates at fedoraproject.org
Mon Jul 21 05:24:02 UTC 2014


The following Fedora 19 Security updates need testing:
 Age  URL
 268  https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glance-2013.1.4-1.fc19
  80  https://admin.fedoraproject.org/updates/FEDORA-2014-5896/nrpe-2.15-2.fc19
  60  https://admin.fedoraproject.org/updates/FEDORA-2014-6553/chicken-4.8.0.6-2.fc19
  58  https://admin.fedoraproject.org/updates/FEDORA-2014-6597/drupal7-views-3.8-1.fc19
  37  https://admin.fedoraproject.org/updates/FEDORA-2014-7322/thunderbird-24.6.0-1.fc19
  31  https://admin.fedoraproject.org/updates/FEDORA-2014-7496/readline-6.2-8.fc19
  30  https://admin.fedoraproject.org/updates/FEDORA-2014-7570/asterisk-11.10.2-2.fc19
  29  https://admin.fedoraproject.org/updates/FEDORA-2014-6774/claws-mail-3.10.1-1.fc19,claws-mail-plugins-3.10.0-1.fc19,libetpan-1.5-1.fc19
  29  https://admin.fedoraproject.org/updates/FEDORA-2014-7610/perl-Email-Address-1.905-1.fc19
  25  https://admin.fedoraproject.org/updates/FEDORA-2014-7716/python-simplejson-3.5.3-1.fc19
  20  https://admin.fedoraproject.org/updates/FEDORA-2014-7939/lzo-2.08-1.fc19
  15  https://admin.fedoraproject.org/updates/FEDORA-2014-8089/rubygem-activerecord-3.2.13-2.fc19
  11  https://admin.fedoraproject.org/updates/FEDORA-2014-8223/libXfont-1.4.8-1.fc19
  10  https://admin.fedoraproject.org/updates/FEDORA-2014-7645/couchdb-1.6.0-9.fc19,erlang-ibrowse-4.0.1-1.fc19
   9  https://admin.fedoraproject.org/updates/FEDORA-2014-7889/zarafa-7.1.10-2.fc19
   7  https://admin.fedoraproject.org/updates/FEDORA-2014-8328/python-bottle-0.12.6-1.fc19
   7  https://admin.fedoraproject.org/updates/FEDORA-2014-8332/transmission-2.84-1.fc19
   5  https://admin.fedoraproject.org/updates/FEDORA-2014-8352/cups-1.6.4-6.fc19
   4  https://admin.fedoraproject.org/updates/FEDORA-2014-8443/mosquitto-1.3.2-1.fc19
   4  https://admin.fedoraproject.org/updates/FEDORA-2014-8402/ipython-0.13.2-4.fc19
   4  https://admin.fedoraproject.org/updates/FEDORA-2014-8395/java-1.7.0-openjdk-1.7.0.65-2.5.1.2.fc19
   4  https://admin.fedoraproject.org/updates/FEDORA-2014-8441/java-1.8.0-openjdk-1.8.0.11-1.b12.fc19
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-8487/kernel-3.14.13-100.fc19
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-8545/cobbler-2.6.3-1.fc19
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-8515/drupal7-7.29-1.fc19
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-8528/sdcc-3.3.0-1.fc19
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-8564/dpkg-1.16.15-1.fc19
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-8488/drupal6-6.32-1.fc19
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-8176/krb5-1.11.3-23.fc19
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-8577/phpMyAdmin-4.2.6-1.fc19
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-8571/homebank-4.6.1-1.fc19


The following Fedora 19 Critical Path updates have yet to be approved:
 Age URL
 216  https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmarks-15-5.fc19
 142  https://admin.fedoraproject.org/updates/FEDORA-2014-3245/testdisk-6.14-2.fc19.1,ntfs-3g-2014.2.15-1.fc19
  12  https://admin.fedoraproject.org/updates/FEDORA-2014-8202/fontconfig-2.10.93-2.fc19
  11  https://admin.fedoraproject.org/updates/FEDORA-2014-8223/libXfont-1.4.8-1.fc19
  10  https://admin.fedoraproject.org/updates/FEDORA-2014-8256/langtable-0.0.25-1.fc19
   5  https://admin.fedoraproject.org/updates/FEDORA-2014-8360/pcre-8.32-10.fc19
   5  https://admin.fedoraproject.org/updates/FEDORA-2014-8352/cups-1.6.4-6.fc19
   5  https://admin.fedoraproject.org/updates/FEDORA-2014-8338/curl-7.29.0-21.fc19
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-8487/kernel-3.14.13-100.fc19
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-8176/krb5-1.11.3-23.fc19


The following builds have been pushed to Fedora 19 updates-testing

    Panini-0.71.104-1.fc19
    homebank-4.6.1-1.fc19
    php-Metadata-1.5.1-1.fc19
    php-gitter-0.3.0-1.fc19
    php-gliph-0.1.6-1.fc19
    phpMyAdmin-4.2.6-1.fc19
    sugar-words-21-1.fc19
    xfce4-whiskermenu-plugin-1.4.0-1.fc19

Details about builds:


================================================================================
 Panini-0.71.104-1.fc19 (FEDORA-2014-8568)
 A tool for creating perspective views from panoramic and wide angle images
--------------------------------------------------------------------------------
Update Information:

* Update to new release
--------------------------------------------------------------------------------
ChangeLog:

* Sun Jul 20 2014 Ankur Sinha <ankursinha AT fedoraproject DOT org> 0.71.104-1
- Updated to latest upstream release
* Fri Jun  6 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.71.103-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Fri Aug  2 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.71.103-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1032381 - Panini-0.71.104 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1032381
--------------------------------------------------------------------------------


================================================================================
 homebank-4.6.1-1.fc19 (FEDORA-2014-8571)
 Free easy personal accounting for all
--------------------------------------------------------------------------------
Update Information:

Rebuilt for new upstream version 4.6.1
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun 26 2014 Filipe Rosset <rosset.filipe at gmail.com> - 4.6.1-1
- Rebuilt for new upstream version 4.6.1
* Mon Jun 23 2014 Filipe Rosset <rosset.filipe at gmail.com> - 4.6-1
- Rebuilt for new upstream version 4.6, spec cleanup
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 4.5.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1108055 - homebank-4.6beta is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1108055
--------------------------------------------------------------------------------


================================================================================
 php-Metadata-1.5.1-1.fc19 (FEDORA-2014-8585)
 A library for class/method/property metadata management in PHP
--------------------------------------------------------------------------------
Update Information:

### Updated to [1.5.1](https://github.com/schmittjoh/metadata/releases/tag/1.5.1)
* Fixes a performance regression
* RPM: Added `php-composer(jms/metadata)` virtual provide
* RPM: Added option to build without tests (`--without tests`)
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jul 19 2014 Shawn Iwinski <shawn.iwinski at gmail.com> - 1.5.1-1
- Updated to 1.5.1 (BZ #1119425)
- Added "php-composer(jms/metadata)" virtual provide
- Added option to build without tests ("--without tests")
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.5.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Fri May 30 2014 Shawn Iwinski <shawn.iwinski at gmail.com> - 1.5.0-2
- Updated dependencies to match newly available pkgs
  -- php-pear(pear.doctrine-project.org/DoctrineCommon) => php-doctrine-cache
     (cache separated out from common)
  -- php-pear(pear.symfony.com/DependencyInjection) => php-symfony-dependencyinjection
- Doctrine cache required instead of just build requirement
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1119425 - php-Metadata-1.5.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1119425
--------------------------------------------------------------------------------


================================================================================
 php-gitter-0.3.0-1.fc19 (FEDORA-2014-8580)
 Object oriented interaction with Git repositories
--------------------------------------------------------------------------------
Update Information:

### Updated to [0.3.0](https://github.com/klaussilveira/gitter/releases/tag/0.3.0)
* See [git diff](https://github.com/klaussilveira/gitter/compare/786e86a54121d1bb3c768e6bc93e37e431aa6264...0.3.0) for changes since last RPM release
* RPM: Added `php-composer(klaussilveira/gitter)` virtual provide
* RPM: Added option to build without tests (`--without tests`)
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jul 19 2014 Shawn Iwinski <shawn.iwinski at gmail.com> - 0.3.0-1
- Updated to 0.3.0 (BZ #1101229)
- Added "php-composer(klaussilveira/gitter)" virtual provide
- Added option to build without tests ("--without tests")
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.2.0-3.20131206git786e86a
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1101229 - php-gitter-0.3.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1101229
--------------------------------------------------------------------------------


================================================================================
 php-gliph-0.1.6-1.fc19 (FEDORA-2014-8583)
 A graph library for PHP
--------------------------------------------------------------------------------
Update Information:

### Updated to [0.1.6](https://github.com/sdboyer/gliph/releases/tag/0.1.6)
* Shorten edge-adders, and reduce duplicate membership checks
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jul 19 2014 Shawn Iwinski <shawn.iwinski at gmail.com> - 0.1.6-1
- Updated to 0.1.6 (BZ #1119424)
- Added "php-composer(sdboyer/gliph)" virtual provide
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.1.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1119424 - php-gliph-0.1.6 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1119424
--------------------------------------------------------------------------------


================================================================================
 phpMyAdmin-4.2.6-1.fc19 (FEDORA-2014-8577)
 Handle the administration of MySQL over the World Wide Web
--------------------------------------------------------------------------------
Update Information:

phpMyAdmin 4.2.6.0 (2014-07-17)
===============================

- Undefined index warning with referenced column.
- $cfg['MaxExactCount'] is ignored when BROWSING is back
- Multi Column sorting (improved user experience)
- Server validation does not work while in setup/mysqli
- Undefined variable when grid editing a foreign key column
- mult_submits.inc.php Undefined variable Error
- Sorting breaks the copy column feature
- Javascript error when renaming table
- 'New window' link (selflink) disappears, causing Javascript error
- Incorrect detection of privileges for routine creation
- First few characters of database name aren't clickable when expanded
- [security] XSS injection due to unescaped table comment
- [security] XSS injection due to unescaped table name (triggers)
- [security] XSS in AJAX confirmation messages
- [security] Missing validation for accessing User groups feature


phpMyAdmin 4.2.5.0 (2014-06-26)
===============================

- shell_exec() has been disabled for security reasons
- Error while submitting empty query
- Fatal error: Class 'PMA_DatabaseInterface' not found
- Fixed cookie based login for installations without mcrypt
- incorrect result count when having clause is used
- mcrypt: remove the requirement (64-bit) and the related warning


phpMyAdmin 4.2.4.0 (2014-06-20)
===============================

- Mediawiki export does not produce table header row; also fix related PHP warnings
- New lines are added to query every time
- Fatal error on SQL Export of join query
- Dump binary columns in hexadecimal notation not working
- Regenerate cookie encryption IV for every session
- Cannot import (open_basedir): fix another case
- SQL tab - Insert queries not showing affected row count
- Missing warning about existing account, on multi-server config
- WHERE clause can be undefined
- SQL export views as tables option getting ignored
- [security] XSS injection due to unescaped db/table name in navigation hiding
- [security] XSS injection due to unescaped db/table name in recent/favorite tables


phpMyAdmin 4.2.3.0 (2014-06-08)
===============================

- Moving fields not working
- Table indexes disappear after altering field
- Error while displaying chart at server level
- Cannot import (open_basedir)
- Problem copying constraints (such as Sakila)
- Missing privileges submenu
- Drop db confirmation message when dropping a user
- Insert form numeric field with function drop-down list
- Problems due to missing enforcement of the minimum supported MySQL version
- Add enforcement of the minimum supported PHP version (5.3.0)
- Query error on submitting a column change form containing a disabled input field
- Incorrect menu tab generation from usergroups
- Missing space in index creation/edit generated query
- Unchecking 'Show SQL queries' results NaN


phpMyAdmin 4.2.2.0 (2014-05-20)
===============================

- Disable database expansion when enabled throws Error 500 when database name is clicked in navigation tree
- table display of performance_schema DB structure
- Protect Binary Columns: many problems
- BLOB link transformation is broken
- Respect ['ShowCreateDb'] in the navi panel
- Cannot see databases in nav panel on databases grouping when disabled database expansion
- No more calendar into search tab
- Monitor should fit into screen width
- When copying databases, primary key attributes get lost
- empty maxInputVars on js/messages.php


phpMyAdmin 4.2.1.0 (2014-05-13)
===============================

- Cannot display table structure with enums containing special characters
- Cannot remove the last remembered sorted column
- Correctly fetch length of user and host fields in MySQL tables
- examples/signon.php does not support the SessionSavePath directive
- Missing source for OpenLayers library
- Incorrect attributes for number fields
- Cannot update values in Zoom search
- GIS Visualization Extension does not work with PointFromText() function
- Incorrect "Rows" total shown when truncating or dropping a table on DB Structure page
- Grid edit on sorted columns fails
- Null checkbox covering data input when editing
- Data type changing by itself (no size but attribute present)


phpMyAdmin 4.2.0.0 (2014-05-08)
===============================

- Export only triggers
- Export Server/Database/Table without triggers
- Add table comment tool tip in database structure page
- Single table for display Character Sets and Collations
- Display icons/text/both for the table row actions
- Transformation to convert Boolean value to text
- Changing users password will delete it
- Text transformation combines Append and Prepend
- Added warning about the mysql extension being deprecated and removed the extension directive
- Added support for scatter charts
- Make Column Headings Sticky
- Enhance privileges initials table
- [interface] Break "Edit privileges" with sub-menus
- Minor refactoring required
- Create indexes at the end in SQL export
- Relations edit form for larger monitors
- Inline query box vertical resize
- [interface] Add bottom border to top menu container
- Add datepicker for 'TIME' type
- HTTP Referer disclosure in SQL links
- Show full names on navigation hover
- Behaviour on click on a routine in nav panel
- Support more than one separating character on CSV import
- Load/Save Query By Example
- Grid edit ENUM field, dialog disappears when trying to select
- DB export using zip compression generates an empty archive
- confirmation message at the top
- breadcrubs wrong on table create
- better validate database name for copying
- Database tab "Drop" button should be a link
- Highlight required form fields after failed submission
- Redirect to login page after session has expired
- Grid edit: can't change month on date fields
- add maxlength by field with length-spec
- Import happily doesn't do anything with no file name provided
- Add function to all the insert boxes automatically
- Option to skip tables larger than n
- Possibility of disabling database expansion
- Favourite tables select box
- $cfg['CharEditing']='textarea' for structure edit
- Avoid editing of fields which are part of relation
- [interface] Highlight active left menu item in setup
- Filter on-screen rows during Browse
- Removed support for SQL Validator (SOAP service no longer offered)
- Settings > Manage: incorrect messages
- "More" in Actions area doesn't collapse to fit available space
- Group two DB, one's name is the prefix of the other one
- Confusing database/table grouping
- Creating Index doesn't update index-list
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jul 19 2014 Robert Scheck <robert at fedoraproject.org> 4.2.6-1
- Upgrade to 4.2.6 (#548260, #959946, #989660, #989668, #993613
  and #1000261, #1067713, #1110877, #1117600, #1117601)
- Switch from HTTP- to cookie-based authentication (for php-fpm)
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.5.8.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Thu Dec 12 2013 Ville Skyttä <ville.skytta at iki.fi> - 3.5.8.2-2
- Fix paths to changelog and license when doc dir is unversioned (#994036).
- Fix source URL, use xz compressed tarball.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #989660 - CVE-2013-4998 CVE-2013-4999 CVE-2013-5000 phpMyAdmin: Multiple full path disclosure flaws (PMASA-2013-12)
        https://bugzilla.redhat.com/show_bug.cgi?id=989660
  [ 2 ] Bug #989668 - CVE-2013-5003 phpMyAdmin: SQL injection leading to 'control user' role privilege escalation (PMASA-2013-15)
        https://bugzilla.redhat.com/show_bug.cgi?id=989668
  [ 3 ] Bug #993613 - CVE-2013-5029 phpMyAdmin: ClickJacking protection can be bypassed (PMASA-2013-10)
        https://bugzilla.redhat.com/show_bug.cgi?id=993613
  [ 4 ] Bug #1067713 - CVE-2014-1879 phpMyAdmin: XSS in import.php
        https://bugzilla.redhat.com/show_bug.cgi?id=1067713
  [ 5 ] Bug #1117600 - CVE-2014-4348 phpMyAdmin: Self-XSS due to unescaped HTML output in recent/favorite tables navigation
        https://bugzilla.redhat.com/show_bug.cgi?id=1117600
  [ 6 ] Bug #1117601 - CVE-2014-4349 phpMyAdmin: Self-XSS due to unescaped HTML output in navigation items hiding feature
        https://bugzilla.redhat.com/show_bug.cgi?id=1117601
--------------------------------------------------------------------------------


================================================================================
 sugar-words-21-1.fc19 (FEDORA-2014-8570)
 A multi lingual dictionary with speech synthesis
--------------------------------------------------------------------------------
Update Information:

version 21 release
--------------------------------------------------------------------------------
ChangeLog:

* Sun Jul 20 2014 Kalpa Welivitigoda <callkalpa at gmail.com> - 21-1
- version 21 release
* Sun Jun  8 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 19-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sun Aug  4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 19-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 xfce4-whiskermenu-plugin-1.4.0-1.fc19 (FEDORA-2014-8582)
 An alternate application launcher for Xfce
--------------------------------------------------------------------------------
Update Information:

Rebuilt for new upstream release 1.4.0
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jul 19 2014 Filipe Rosset <rosset.filipe at gmail.com> - 1.4.0-1
- Rebuilt for new upstream release 1.4.0
* Sun Jun  8 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.3.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------



More information about the test mailing list