Fedora 19 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Thu Jun 19 23:02:59 UTC 2014
The following Fedora 19 Security updates need testing:
Age URL
236 https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glance-2013.1.4-1.fc19
49 https://admin.fedoraproject.org/updates/FEDORA-2014-5896/nrpe-2.15-2.fc19
38 https://admin.fedoraproject.org/updates/FEDORA-2014-6233/dpkg-1.16.14-1.fc19
28 https://admin.fedoraproject.org/updates/FEDORA-2014-6553/chicken-4.8.0.6-2.fc19
27 https://admin.fedoraproject.org/updates/FEDORA-2014-6597/drupal7-views-3.8-1.fc19
7 https://admin.fedoraproject.org/updates/FEDORA-2014-7274/tor-0.2.4.22-2.fc19
6 https://admin.fedoraproject.org/updates/FEDORA-2014-7333/ReviewBoard-1.7.26-2.fc19,python-django-evolution-0.6.9-4.fc19
6 https://admin.fedoraproject.org/updates/FEDORA-2014-7322/thunderbird-24.6.0-1.fc19
4 https://admin.fedoraproject.org/updates/FEDORA-2014-7399/python-jinja2-2.6-7.fc19
2 https://admin.fedoraproject.org/updates/FEDORA-2014-7413/rb_libtorrent-0.16.8-2.fc19
2 https://admin.fedoraproject.org/updates/FEDORA-2014-7408/xen-4.2.4-5.fc19
1 https://admin.fedoraproject.org/updates/FEDORA-2014-7426/kernel-3.14.8-100.fc19
1 https://admin.fedoraproject.org/updates/FEDORA-2014-7490/sos-3.1-1.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-7496/readline-6.2-8.fc19
The following Fedora 19 Critical Path updates have yet to be approved:
Age URL
184 https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmarks-15-5.fc19
111 https://admin.fedoraproject.org/updates/FEDORA-2014-3245/testdisk-6.14-2.fc19.1,ntfs-3g-2014.2.15-1.fc19
9 https://admin.fedoraproject.org/updates/FEDORA-2014-7157/libbluray-0.6.0-1.fc19
9 https://admin.fedoraproject.org/updates/FEDORA-2014-7178/perl-Filter-1.50-1.fc19
9 https://admin.fedoraproject.org/updates/FEDORA-2014-7192/linux-firmware-20140605-36.gita4f3bc03.fc19
7 https://admin.fedoraproject.org/updates/FEDORA-2014-7270/qt-4.8.6-9.fc19
7 https://admin.fedoraproject.org/updates/FEDORA-2014-7285/gupnp-av-0.12.6-1.fc19
6 https://admin.fedoraproject.org/updates/FEDORA-2014-7322/thunderbird-24.6.0-1.fc19
4 https://admin.fedoraproject.org/updates/FEDORA-2014-7389/crda-1.1.3_2014.06.13-1.fc19
4 https://admin.fedoraproject.org/updates/FEDORA-2014-7395/squashfs-tools-4.3-6.fc19
1 https://admin.fedoraproject.org/updates/FEDORA-2014-7462/btrfs-progs-3.14.2-1.fc19
1 https://admin.fedoraproject.org/updates/FEDORA-2014-7453/kde-workspace-4.11.10-2.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-7496/readline-6.2-8.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-7498/pcre-8.32-9.fc19
The following builds have been pushed to Fedora 19 updates-testing
asm6809-2.1-1.fc19
copr-cli-1.33-1.fc19
erlang-sd_notify-0.1-1.fc19
iperf3-3.0.5-1.fc19
knot-1.4.7-1.fc19
lwtools-4.10-1.fc19
mozilla-https-everywhere-3.5.1-2.fc19
nodejs-0.10.29-1.fc19
pcp-3.9.5-1.fc19
pcre-8.32-9.fc19
ratools-0.5.3-2.fc19
readline-6.2-8.fc19
traceroute-2.0.20-1.fc19
udt-4.11-2.fc19
v8-3.14.5.10-9.fc19
wcd-5.2.5-1.fc19
xfig-3.2.5-43.c.fc19
Details about builds:
================================================================================
asm6809-2.1-1.fc19 (FEDORA-2014-7543)
Multiple pass 6809 & 6309 cross assembler
--------------------------------------------------------------------------------
Update Information:
asm6809 - Multiple pass 6809 & 6309 cross assembler
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1109366 - Review Request: asm6809 - Multiple pass 6809 & 6309 cross assembler
https://bugzilla.redhat.com/show_bug.cgi?id=1109366
--------------------------------------------------------------------------------
================================================================================
copr-cli-1.33-1.fc19 (FEDORA-2014-7515)
Command line interface for COPR
--------------------------------------------------------------------------------
Update Information:
cancel added to the man page
exit code 4 for failed build and man pages updated
error and shell return code 1 when build fails
delete a project
shell return codes with errors
copr-cli cancel fix
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 19 2014 Miroslav Suchý <msuchy at redhat.com> 1.33-1
- cancel added to the man page
- exit code 4 for failed build and man pages updated
- error and shell return code 1 when build fails
- delete a project
- shell return codes with errors
- copr-cli cancel fix
--------------------------------------------------------------------------------
================================================================================
erlang-sd_notify-0.1-1.fc19 (FEDORA-2014-7510)
Erlang interface to systemd notify subsystem
--------------------------------------------------------------------------------
Update Information:
* Initial build
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1104604 - Review Request: erlang-sd_notify - Erlang interface to systemd notify subsystem
https://bugzilla.redhat.com/show_bug.cgi?id=1104604
--------------------------------------------------------------------------------
================================================================================
iperf3-3.0.5-1.fc19 (FEDORA-2014-7545)
Measurement tool for TCP/UDP bandwidth performance
--------------------------------------------------------------------------------
Update Information:
Update to 3.0.5
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 19 2014 Susant Sahani <ssahani at redhat.com> 3.0.5-1
- Update to 3.0.5
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1111027 - iperf3-3.0.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1111027
--------------------------------------------------------------------------------
================================================================================
knot-1.4.7-1.fc19 (FEDORA-2014-7549)
An authoritative DNS daemon
--------------------------------------------------------------------------------
Update Information:
update to 1.4.7
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 18 2014 Jan Vcelak <jvcelak at fedoraproject.org> 1.4.7-1
- update to 1.4.7
+ Fixed DDNS corner cases
+ Fixed zone EXPIRE timer
+ Fixed semantic checks false positives
+ Fixed sending malformed IXFR with automatic DNSSEC
+ Fixed NAPTR record serialization
--------------------------------------------------------------------------------
================================================================================
lwtools-4.10-1.fc19 (FEDORA-2014-7547)
Cross-development tool chain for Motorola 6809 and Hitachi 6309
--------------------------------------------------------------------------------
Update Information:
lwtools - Cross-development tool chain for Motorola 6809 and Hitachi 6309
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1109314 - Review Request: lwtools - Cross-development tool chain for Motorola 6809 and Hitachi 6309
https://bugzilla.redhat.com/show_bug.cgi?id=1109314
--------------------------------------------------------------------------------
================================================================================
mozilla-https-everywhere-3.5.1-2.fc19 (FEDORA-2014-7506)
HTTPS/HSTS enforcement extension for Mozilla Firefox and SeaMonkey
--------------------------------------------------------------------------------
Update Information:
Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.5.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Fri May 30 2014 Russell Golden <niveusluna at niveusluna.org> - 3.5.1-1
- Revert https://github.com/EFForg/https-everywhere/pull/134 due to YouTube
-- breakage.
- Re-enable ability to see all rulesets in enable/disable dialog.
- Added more Debian coverage.
- Fixes to Doubleclick, Guardian, Heroku, Home Depot, HypeMachine, IMDB,
-- Justin.tv, Kikatek, Mozilla, MyFitnessPal, Pinterest, XKCD, Reuters,
-- Technet, Tumblr, Wordpress, Yandex, Youtube, Flickr.
- Fix Australis icon positioning:
-- https://github.com/EFForg/https-everywhere/pull/216
* Wed Apr 16 2014 Russell Golden <niveusluna at niveusluna.org> - 3.5-1
- Merge all non-ruleset changes from 4.0development.16
- Merge all new/modified rulesets from 4.0development.16 that are
-- in the Alexa Top 1000 using utils/alexa-ruleset-checker.py. For a full list,
-- see utils/alexa-logs/07042014.log.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1100493 - can't access http://www.pcworld.com with mozilla-https-everywhere enabled
https://bugzilla.redhat.com/show_bug.cgi?id=1100493
--------------------------------------------------------------------------------
================================================================================
nodejs-0.10.29-1.fc19 (FEDORA-2014-7518)
JavaScript runtime
--------------------------------------------------------------------------------
Update Information:
2014.06.05, Version 0.10.29 (Stable)
* child_process: do not set args before throwing (Greg Sabia Tucker)
* child_process: spawn() does not throw TypeError (Greg Sabia Tucker)
* constants: export O_NONBLOCK (Fedor Indutny)
* crypto: improve memory usage (Alexis Campailla)
* fs: close file if fstat() fails in readFile() (cjihrig)
* lib: name EventEmitter prototype methods (Ben Noordhuis)
* tls: fix performance issue (Alexis Campailla)
The invalid UTF8 fix has been reverted since this breaks v8 API, which cannot be done in a stable distribution release. This build of nodejs will behave as if NODE_INVALID_UTF8 was set. For more information on the implications, see: http://blog.nodejs.org/2014/06/16/openssl-and-breaking-utf-8-change/
Additionally, a minor bug in v8 has been fixed that caused certain integer comparisons to return true when they should have returned false.
Please note that there is no OpenSSL security fixes as part of this update as there were upstream; nodejs in Fedora uses the system OpenSSL library and thus receives security updates as soon as the "openssl" packages on your system are updated.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 19 2014 T.C. Hollingsworth <tchollingsworth at gmail.com> - 0.10.29-1
- new upstream release 0.10.29
http://blog.nodejs.org/2014/06/16/node-v0-10-29-stable/
- The invalid UTF8 fix has been reverted since this breaks v8 API, which cannot
be done in a stable distribution release. This build of nodejs will behave as
if NODE_INVALID_UTF8 was set. For more information on the implications, see:
http://blog.nodejs.org/2014/06/16/openssl-and-breaking-utf-8-change/
--------------------------------------------------------------------------------
================================================================================
pcp-3.9.5-1.fc19 (FEDORA-2014-7548)
System-level performance monitoring and performance management
--------------------------------------------------------------------------------
Update Information:
Daemon signal handlers no longer use unsafe APIs (BZ 847343), Handle /var/run setups on a temporary filesystem (BZ 656659), Resolve pmlogcheck sigsegv for some archives (BZ 1077432), Ensure pcp-gui-{testsuite,debuginfo} packages get replaced, Revive support for EPEL5 builds, post pcp-gui merge, Update to latest PCP sources.
Update to latest PCP sources
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 18 2014 Dave Brolley <brolley at redhat.com> - 3.9.5-1
- Daemon signal handlers no longer use unsafe APIs (BZ 847343)
- Handle /var/run setups on a temporary filesystem (BZ 656659)
- Resolve pmlogcheck sigsegv for some archives (BZ 1077432)
- Ensure pcp-gui-{testsuite,debuginfo} packages get replaced.
- Revive support for EPEL5 builds, post pcp-gui merge.
- Update to latest PCP sources.
* Fri Jun 6 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.9.4-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Thu May 15 2014 Nathan Scott <nathans at redhat.com> - 3.9.4-1
- Merged pcp-gui and pcp-doc packages into core PCP.
- Allow for conditional libmicrohttpd builds in spec file.
- Adopt slow-start capability in systemd PMDA (BZ 1073658)
- Resolve pmcollectl network/disk mis-reporting (BZ 1097095)
- Update to latest PCP sources.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #847343 - pcp: pmcd signal handlers are unsafe
https://bugzilla.redhat.com/show_bug.cgi?id=847343
[ 2 ] Bug #656659 - Please Update Spec File to use %ghost on files in /var/run and /var/lock
https://bugzilla.redhat.com/show_bug.cgi?id=656659
[ 3 ] Bug #1077432 - pmlogcheck SEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1077432
[ 4 ] Bug #1073658 - intermittent pmdasystemd failure at pmcd startup during system boot
https://bugzilla.redhat.com/show_bug.cgi?id=1073658
--------------------------------------------------------------------------------
================================================================================
pcre-8.32-9.fc19 (FEDORA-2014-7498)
Perl-compatible regular expression library
--------------------------------------------------------------------------------
Update Information:
This release fixes matching first character in multi-line case-insensitive UTF-8 mode and compilation of character class with a literal quotation.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 19 2014 Petr Pisar <ppisar at redhat.com> - 8.32-9
- Fix bad starting data when char with more than one other case follows
circumflex in multiline UTF mode (bug #1110620)
- Fix character class with a literal quotation (bug #1111054)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1110620 - First character optimization bug for multi-line case insensitive UTF-8 match
https://bugzilla.redhat.com/show_bug.cgi?id=1110620
[ 2 ] Bug #1111054 - Character class with literal quotation is miscompiled
https://bugzilla.redhat.com/show_bug.cgi?id=1111054
--------------------------------------------------------------------------------
================================================================================
ratools-0.5.3-2.fc19 (FEDORA-2014-7504)
Framework for IPv6 Router Advertisements
--------------------------------------------------------------------------------
Update Information:
Update to ratools-0.5.3
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 18 2014 Florian Lehner <dev at der-flo.net> - 0.5.3-2
- Use macroized scriptlets for systemd
* Mon Jun 16 2014 Florian Lehner <dev at der-flo.net> - 0.5.3-1
- Move ractl.8-manpage from section 1 to section 8
- Add rad.8-manpage
- Add Systemd files
- Move config.example to example.conf
* Sun Jun 8 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.5.2-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
readline-6.2-8.fc19 (FEDORA-2014-7496)
A library for editing typed command lines
--------------------------------------------------------------------------------
Update Information:
readline in Fedora is very slow when rl_event_hook is used, this update fix it.
Security patch for debug function
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 19 2014 Jiří Klimeš <jklimes at redhat.com> - 6.2-8
- resolves: #1109946
input: fix rl_read_key slowness when using rl_event_hook
* Mon May 26 2014 jchaloup <jchaloup at redhat.com> - 6.2-7
- resolves: #1077026
Security patch for debug functions
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1109946 - readline in Fedora is very slow when rl_event_hook is used
https://bugzilla.redhat.com/show_bug.cgi?id=1109946
[ 2 ] Bug #1077026 - readline: insecure temporary file use in _rl_tropen() [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1077026
--------------------------------------------------------------------------------
================================================================================
traceroute-2.0.20-1.fc19 (FEDORA-2014-7494)
Traces the route taken by packets over an IPv4/IPv6 network
--------------------------------------------------------------------------------
Update Information:
Update to 2.0.20
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 18 2014 Dmitry Butskoy <Dmitry at Butskoy.name> - 3:2.0.20-1
- update to 2.0.20
* Sun Jun 8 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3:2.0.19-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Tue Dec 3 2013 Dmitry Butskoy <Dmitry at Butskoy.name> - 3:2.0.19-5
- fix format-security issue (#1037363)
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3:2.0.19-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
udt-4.11-2.fc19 (FEDORA-2014-7533)
UDP based Data Transfer Protocol
--------------------------------------------------------------------------------
Update Information:
UDT is a reliable UDP based application level data transport protocol for distributed data intensive applications over wide area high-speed networks. UDT uses UDP to transfer bulk data with its own eliability control and congestion control mechanisms. The new protocol can transfer data at a much higher speed than TCP does. UDT is also a highly configurable framework that can accommodate various congestion control algorithms.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1107441 - Review Request: udt - UDP based Data Transfer Protocol
https://bugzilla.redhat.com/show_bug.cgi?id=1107441
--------------------------------------------------------------------------------
================================================================================
v8-3.14.5.10-9.fc19 (FEDORA-2014-7518)
JavaScript Engine
--------------------------------------------------------------------------------
Update Information:
2014.06.05, Version 0.10.29 (Stable)
* child_process: do not set args before throwing (Greg Sabia Tucker)
* child_process: spawn() does not throw TypeError (Greg Sabia Tucker)
* constants: export O_NONBLOCK (Fedor Indutny)
* crypto: improve memory usage (Alexis Campailla)
* fs: close file if fstat() fails in readFile() (cjihrig)
* lib: name EventEmitter prototype methods (Ben Noordhuis)
* tls: fix performance issue (Alexis Campailla)
The invalid UTF8 fix has been reverted since this breaks v8 API, which cannot be done in a stable distribution release. This build of nodejs will behave as if NODE_INVALID_UTF8 was set. For more information on the implications, see: http://blog.nodejs.org/2014/06/16/openssl-and-breaking-utf-8-change/
Additionally, a minor bug in v8 has been fixed that caused certain integer comparisons to return true when they should have returned false.
Please note that there is no OpenSSL security fixes as part of this update as there were upstream; nodejs in Fedora uses the system OpenSSL library and thus receives security updates as soon as the "openssl" packages on your system are updated.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 19 2014 T.C. Hollingsworth <tchollingsworth at gmail.com> - 1:3.14.5.10-9
- fix corner case in integer comparisons (v8 bug#2416; nodejs bug#7528)
--------------------------------------------------------------------------------
================================================================================
wcd-5.2.5-1.fc19 (FEDORA-2014-7514)
Chdir for DOS and Unix
--------------------------------------------------------------------------------
Update Information:
New upstream version 5.2.5.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 18 2014 Erwin Waterlander <waterlan at xs4all.nl> - 5.2.5-1
- New upstream version 5.2.5.
--------------------------------------------------------------------------------
================================================================================
xfig-3.2.5-43.c.fc19 (FEDORA-2014-7542)
An X Window System tool for drawing basic vector graphics
--------------------------------------------------------------------------------
Update Information:
- Fix crash when changing arrow size on x86_64 (rhbz#1046102)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 18 2014 Hans de Goede <hdegoede at redhat.com> - 3.2.5-43.c
- Fix crash when changing arrow size on x86_64 (rhbz#1046102)
* Sun Jun 8 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.2.5-42.c
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Mon Jan 6 2014 Michal Srb <msrb at redhat.com> - 3.2.5-41.c
- Name binaries correctly
* Mon Jan 6 2014 Michal Srb <msrb at redhat.com> - 3.2.5-40.c
- Use fprintf in safe manner
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1046102 - [abrt] xfig: set_arrow_size_state(): xfig-Xaw3d killed by SIGABRT
https://bugzilla.redhat.com/show_bug.cgi?id=1046102
--------------------------------------------------------------------------------
More information about the test
mailing list