Fedora 19 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Thu Nov 13 18:25:22 UTC 2014
The following Fedora 19 Security updates need testing:
Age URL
383 https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glance-2013.1.4-1.fc19
195 https://admin.fedoraproject.org/updates/FEDORA-2014-5896/nrpe-2.15-2.fc19
146 https://admin.fedoraproject.org/updates/FEDORA-2014-7496/readline-6.2-8.fc19
64 https://admin.fedoraproject.org/updates/FEDORA-2014-10366/icecream-1.0.1-8.20140822git.fc19
63 https://admin.fedoraproject.org/updates/FEDORA-2014-10640/libreoffice-4.1.6.2-8.fc19
48 https://admin.fedoraproject.org/updates/FEDORA-2014-11544/drupal6-6.33-1.fc19
41 https://admin.fedoraproject.org/updates/FEDORA-2014-12057/krb5-1.11.3-29.fc19
27 https://admin.fedoraproject.org/updates/FEDORA-2014-13047/libxml2-2.9.1-2.fc19
27 https://admin.fedoraproject.org/updates/FEDORA-2014-13018/deluge-1.3.10-1.fc19
17 https://admin.fedoraproject.org/updates/FEDORA-2014-13551/wpa_supplicant-2.0-12.fc19
12 https://admin.fedoraproject.org/updates/FEDORA-2014-14066/php-sabredav-Sabre_VObject-2.1.4-1.fc19,php-sabredav-Sabre_HTTP-1.7.11-1.fc19,php-sabredav-Sabre_CalDAV-1.7.9-1.fc19,php-sabredav-Sabre_DAVACL-1.7.9-1.fc19,php-sabredav-Sabre_CardDAV-1.7.9-2.fc19,php-sabredav-Sabre_DAV-1.7.13-1.fc19,owncloud-5.0.17-2.fc19
12 https://admin.fedoraproject.org/updates/FEDORA-2014-14068/kernel-3.14.23-100.fc19
8 https://admin.fedoraproject.org/updates/FEDORA-2014-14266/python-2.7.5-15.fc19
8 https://admin.fedoraproject.org/updates/FEDORA-2014-14237/claws-mail-plugins-3.11.1-1.fc19,claws-mail-3.11.1-2.fc19,libetpan-1.6-1.fc19
6 https://admin.fedoraproject.org/updates/FEDORA-2014-13702/konversation-1.5.1-1.fc19
6 https://admin.fedoraproject.org/updates/FEDORA-2014-14359/curl-7.29.0-25.fc19
4 https://admin.fedoraproject.org/updates/FEDORA-2014-14498/python-requests-kerberos-0.6-1.fc19
3 https://admin.fedoraproject.org/updates/FEDORA-2014-14564/qpid-cpp-0.26-12.fc19
2 https://admin.fedoraproject.org/updates/FEDORA-2014-14699/drupal7-ckeditor-1.16-2.fc19
1 https://admin.fedoraproject.org/updates/FEDORA-2014-14738/gnutls-3.1.20-6.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-14838/avr-binutils-2.24-2.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-14865/kde-workspace-4.11.14-1.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-14874/arm-none-eabi-binutils-cs-2014.05.28-2.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-14912/polarssl-1.2.12-1.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-14980/python-pillow-2.0.0-16.gitd1c6db8.fc19
The following Fedora 19 Critical Path updates have yet to be approved:
Age URL
331 https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmarks-15-5.fc19
257 https://admin.fedoraproject.org/updates/FEDORA-2014-3245/testdisk-6.14-2.fc19.1,ntfs-3g-2014.2.15-1.fc19
12 https://admin.fedoraproject.org/updates/FEDORA-2014-14068/kernel-3.14.23-100.fc19
12 https://admin.fedoraproject.org/updates/FEDORA-2014-14047/qtwebkit-2.3.4-1.fc19
8 https://admin.fedoraproject.org/updates/FEDORA-2014-14266/python-2.7.5-15.fc19
6 https://admin.fedoraproject.org/updates/FEDORA-2014-14359/curl-7.29.0-25.fc19
4 https://admin.fedoraproject.org/updates/FEDORA-2014-14516/pcre-8.32-11.fc19
4 https://admin.fedoraproject.org/updates/FEDORA-2014-14505/unzip-6.0-12.fc19
1 https://admin.fedoraproject.org/updates/FEDORA-2014-14738/gnutls-3.1.20-6.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-14807/device-mapper-persistent-data-0.4.1-2.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-14846/pciutils-3.3.0-1.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-14865/kde-workspace-4.11.14-1.fc19
The following builds have been pushed to Fedora 19 updates-testing
FoXlibf-4.1.2-1.fc19
arm-none-eabi-binutils-cs-2014.05.28-2.fc19
avr-binutils-2.24-2.fc19
createrepo_c-0.7.4-1.fc19
device-mapper-persistent-data-0.4.1-2.fc19
drupal7-drush_language-1.3-1.fc19
drupal7-l10n_update-1.1-1.fc19
elk-2.3.22-10.fc19
gpaw-0.10.0.11364-7.fc19
kde-workspace-4.11.14-1.fc19
libHX-3.22-1.fc19
lis-1.5.11-1.fc19
love-0.9.1-1.fc19
mozilla-noscript-2.6.9.3-1.fc19
nodejs-nsp-audit-shrinkwrap-1.0.0-1.fc19
pciutils-3.3.0-1.fc19
perl-MCE-1.520-1.fc19
perl-PerlIO-utf8_strict-0.005-1.fc19
perl-Rose-DB-Object-0.813-4.fc19
php-channel-phpseclib-1.3-1.fc19
php-phpseclib-crypt-aes-0.3.9-1.fc19
php-phpseclib-crypt-base-0.3.9-1.fc19
php-phpseclib-crypt-blowfish-0.3.9-2.fc19
php-phpseclib-crypt-des-0.3.9-2.fc19
php-phpseclib-crypt-hash-0.3.9-1.fc19
php-phpseclib-crypt-random-0.3.9-1.fc19
php-phpseclib-crypt-rc4-0.3.9-2.fc19
php-phpseclib-crypt-rijndael-0.3.9-2.fc19
php-phpseclib-crypt-rsa-0.3.9-1.fc19
php-phpseclib-crypt-tripledes-0.3.9-2.fc19
php-phpseclib-crypt-twofish-0.3.9-2.fc19
php-phpseclib-math-biginteger-0.3.9-1.fc19
php-phpseclib-net-sftp-0.3.9-1.fc19
php-phpseclib-net-ssh2-0.3.9-1.fc19
php-phpunit-PHPUnit-3.7.34-2.fc19
php-theseer-autoload-1.16.0-2.fc19
pjproject-2.3-5.fc19
polarssl-1.2.12-1.fc19
python-pillow-2.0.0-16.gitd1c6db8.fc19
rubygem-test-unit-notify-1.0.4-1.fc19
screen-4.1.0-0.17.20120314git3c2946.fc19
supertux-0.3.4-1.fc19
tcalc-1.3-1.fc19
tor-0.2.5.10-1.fc19
torsocks-2.0.0-2.fc19
wxGTK3-3.0.2-2.fc19
xpa-2.1.15-2.fc19
Details about builds:
================================================================================
FoXlibf-4.1.2-1.fc19 (FEDORA-2014-14884)
A Fortran XML Library
--------------------------------------------------------------------------------
Update Information:
FoXlibf-4.1.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1104289 - Review Request: FoXlibf - A Fortran XML Library
https://bugzilla.redhat.com/show_bug.cgi?id=1104289
--------------------------------------------------------------------------------
================================================================================
arm-none-eabi-binutils-cs-2014.05.28-2.fc19 (FEDORA-2014-14874)
GNU Binutils for cross-compilation for arm-none-eabi target
--------------------------------------------------------------------------------
Update Information:
- fix directory traversal vulnerability (#1162657)
- fix CVE-2014-8501: out-of-bounds write when parsing specially crafted PE executable
- fix CVE-2014-8502: heap overflow in objdump
- fix CVE-2014-8503: stack overflow in objdump when parsing specially crafted ihex file
- fix CVE-2014-8504: stack overflow in the SREC parser
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 12 2014 Michal Hlavinka <mhlavink at redhat.com> - 2014.05.28-2
- fix directory traversal vulnerability (#1162657)
- fix CVE-2014-8501: out-of-bounds write when parsing specially crafted PE executable
- fix CVE-2014-8502: heap overflow in objdump
- fix CVE-2014-8503: stack overflow in objdump when parsing specially crafted ihex file
- fix CVE-2014-8504: stack overflow in the SREC parser
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1162655 - binutils: directory traversal vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
[ 2 ] Bug #1162594 - CVE-2014-8502 binutils: heap overflow in objdump
https://bugzilla.redhat.com/show_bug.cgi?id=1162594
[ 3 ] Bug #1162621 - CVE-2014-8504 binutils: stack overflow in the SREC parser
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
[ 4 ] Bug #1162570 - CVE-2014-8501 binutils: out-of-bounds write when parsing specially crafted PE executable
https://bugzilla.redhat.com/show_bug.cgi?id=1162570
--------------------------------------------------------------------------------
================================================================================
avr-binutils-2.24-2.fc19 (FEDORA-2014-14838)
Cross Compiling GNU binutils targeted at avr
--------------------------------------------------------------------------------
Update Information:
- fix directory traversal vulnerability
- fix CVE-2014-8501: out-of-bounds write when parsing specially crafted PE executable
- fix CVE-2014-8502: heap overflow in objdump
- fix CVE-2014-8503: stack overflow in objdump when parsing specially crafted ihex file
- fix CVE-2014-8504: stack overflow in the SREC parser
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 12 2014 Michal Hlavinka <mhlavink at redhat.com> - 1:2.24-2
- fix directory traversal vulnerability (#1162657)
- fix CVE-2014-8501: out-of-bounds write when parsing specially crafted PE executable
- fix CVE-2014-8502: heap overflow in objdump
- fix CVE-2014-8503: stack overflow in objdump when parsing specially crafted ihex file
- fix CVE-2014-8504: stack overflow in the SREC parser
* Wed Aug 13 2014 Michal Hlavinka <mhlavink at redhat.com> - 1:2.24-1
- updated to 2.24
* Mon Feb 3 2014 Michal Hlavinka <mhlavink at redhat.com> - 1:2.23.2-4
- avr-binutils may be affected by libiberty CVE (#1059362)
* Tue Aug 13 2013 Michal Hlavinka <mhlavink at redhat.com> - 1:2.23.2-3
- fix tex again
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1:2.23.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Mon Jun 24 2013 Michal Hlavinka <mhlavink at redhat.com> - 1:2.23.2-1
- updated to 2.23.2
* Tue Jun 18 2013 Jaromir Capik <jcapik at redhat.com> - 1:2.23.1-4
- autoreconf -vif doesn't work -> patching for aarch64 support (#925061)
* Fri Apr 19 2013 Michal Hlavinka <mhlavink at redhat.com> - 1:2.23.1-3
- fix aarch64 support (#925061)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1162655 - binutils: directory traversal vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
[ 2 ] Bug #1162594 - CVE-2014-8502 binutils: heap overflow in objdump
https://bugzilla.redhat.com/show_bug.cgi?id=1162594
[ 3 ] Bug #1162570 - CVE-2014-8501 binutils: out-of-bounds write when parsing specially crafted PE executable
https://bugzilla.redhat.com/show_bug.cgi?id=1162570
[ 4 ] Bug #1162621 - CVE-2014-8504 binutils: stack overflow in the SREC parser
https://bugzilla.redhat.com/show_bug.cgi?id=1162621
--------------------------------------------------------------------------------
================================================================================
createrepo_c-0.7.4-1.fc19 (FEDORA-2014-14804)
Creates a common metadata repository
--------------------------------------------------------------------------------
Update Information:
createrepo_c, mergerepo_c: Follow redirs by default while downloading remote repos
Update to 0.7.1
Update to 0.7.0
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 11 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.7.4-1
- createrepo_c, mergerepo_c: Follow redirs by default while downloading remote repos
- mergerepo_c: Fix segfault when a package without sourcerpm is part of metadata and --koji option is used
* Mon Nov 10 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.7.3-1
- xml_parser: Add file path into error messages
- Refactor: Replace g_error() with g_critical() (RhBug: 1162102)
* Thu Nov 6 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.7.2-1
- createrepo_c: New option --local-sqlite
* Fri Oct 31 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.7.1-1
- Mergerepo: Fix mergerepo
- Mergerepo: Add some debugging of metadata read.
* Mon Oct 20 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.7.0-1
- deltarpms: Update module to work with current version of drpm
- mergerepo_c: Add --omit-baseurl option
- craterepo_c: Gen empty repo if empty pkglist is used
- Docs: Output python docs to separate directory
- Several small fixes
* Tue Aug 12 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.6.1-1
- updateinfo: Use Python datetime objects in python bindings
* Tue Aug 5 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.6.0-1
- Support for updateinfo.xml manipulation (including Python bindings)
* Fri Jul 18 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.5.0-1
- Experimental delta rpm (DRPM) support (Disabled in Fedora build).
* Thu Jun 26 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.4.1-1
- Initialize threads correctly on old versions of GLib2 (RhBug: 1108787)
- Do not print log domain (get rid off C_CREATEREPOLIB prefix in log messages)
- Implements support for --cachedir
- New option --retain-old-md-by-age
- Few small API changes
* Tue May 6 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.4.0-1
- Change default behavior of repodata files handling. (RhBug: 1094539)
See: https://github.com/Tojaj/createrepo_c/wiki/New-File-Handling
By default, createrepo leaves old groupfiles (comps files)
in the repodata/ directory during update.
Createrepo_c did the same thing but the version 0.4.0 changes this behaviour.
* Thu Apr 10 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.3.1-2
- Support for weak and rich dependecies
--------------------------------------------------------------------------------
================================================================================
device-mapper-persistent-data-0.4.1-2.fc19 (FEDORA-2014-14807)
Device-mapper Persistent Data Tools
--------------------------------------------------------------------------------
Update Information:
Resolves: bz#1159466
New upstream version
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 12 2014 Heinz Mauelshagen <heinzm at redhat.com> - 0.4.1-2
- Resolves: bz#1159466
* Tue Oct 28 2014 Heinz Mauelshagen <heinzm at redhat.com> - 0.4.1-1
- New upstream version
- Manual header additions/fixes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1159466 - device-mapper-persistent-data-debuginfo-0.4.1-1 is empty
https://bugzilla.redhat.com/show_bug.cgi?id=1159466
--------------------------------------------------------------------------------
================================================================================
drupal7-drush_language-1.3-1.fc19 (FEDORA-2014-14877)
Drush language commands
--------------------------------------------------------------------------------
Update Information:
## [7.x-1.3](https://www.drupal.org/node/2369947)
* Issue #2361607 by gurvan: Adding language-prefix command
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 12 2014 Shawn Iwinski <shawn.iwinski at gmail.com> - 1.3-1
- Updated to 1.3 (BZ #1163125)
- Removed RPM README b/c it only explained common Drupal workflow
- %license usage
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.2-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1163125 - drupal7-drush_language-1.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1163125
--------------------------------------------------------------------------------
================================================================================
drupal7-l10n_update-1.1-1.fc19 (FEDORA-2014-14881)
Provides automatic downloads and updates for translations
--------------------------------------------------------------------------------
Update Information:
## [7.x-1.1](https://www.drupal.org/node/2372331)
* Issue #2310489 by Sutharsan | hass: Fixed Notice: Undefined index: meta/link/script/img in end().
* Issue #2304137 by lmeurs: Fixed "Notice: Use of undefined constant L10N_UPDATE_DEFAULT_TRANSLATION_PATH".
* Issue #2280483 by Sutharsan: Missing update status info when updates are disabled.
* Issue #2237959 by René-Marc Simard: Fixed Collapsible project titles not working if only one language defined.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 12 2014 Shawn Iwinski <shawn.iwinski at gmail.com> - 1.1-1
- Updated to 1.1 (BZ #1163121)
- Removed RPM README b/c it only explained common Drupal workflow
- %license usage
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1163121 - drupal7-l10n_update-1.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1163121
--------------------------------------------------------------------------------
================================================================================
elk-2.3.22-10.fc19 (FEDORA-2014-14812)
FP-LAPW Code
--------------------------------------------------------------------------------
Update Information:
mpich version 3 on el6
build against new openmpi on fc21 + epel7 package
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 23 2014 Marcin Dulak <Marcin.Dulak at gmail.com> - 2.3.22-10
- mpich version 3 on EL6
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1155076 - elk-mpich2 broke on rhel 6.6 update
https://bugzilla.redhat.com/show_bug.cgi?id=1155076
--------------------------------------------------------------------------------
================================================================================
gpaw-0.10.0.11364-7.fc19 (FEDORA-2014-14806)
A grid-based real-space PAW method DFT code
--------------------------------------------------------------------------------
Update Information:
epel7
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 23 2014 Marcin Dulak <Marcin.Dulak at gmail.com> - 0.10.0.11364-7
- mpich version 3 in EL6
- use atlas on aarch64
- ppc64 on EL7
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.10.0.11364-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
kde-workspace-4.11.14-1.fc19 (FEDORA-2014-14865)
KDE Workspace
--------------------------------------------------------------------------------
Update Information:
New security fix release, privilege escalation issue, see also https://www.kde.org/info/security/advisory-20141106-1.txt
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 11 2014 Rex Dieter <rdieter at fedoraproject.org> 4.11.14-1
- 4.11.14
* Thu Oct 16 2014 Rex Dieter <rdieter at fedoraproject.org> 4.11.13-2
- -libs: make kde-style-oxygen dep unversioned
- enable kscreen support for el7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1163778 - CVE-2014-8651 kde-workspace: arbitrary code execution and local privilege escalation
https://bugzilla.redhat.com/show_bug.cgi?id=1163778
--------------------------------------------------------------------------------
================================================================================
libHX-3.22-1.fc19 (FEDORA-2014-14879)
Useful collection of routines for C and C++ programming
--------------------------------------------------------------------------------
Update Information:
Update to new release
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 9 2014 Till Maas <opensource at till.name> - 3.22-1
- Update to latest release
- Add source code verification
- Harden build
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.18-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.18-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
lis-1.5.11-1.fc19 (FEDORA-2014-14981)
A library for solving linear equations and eigenvalue problems
--------------------------------------------------------------------------------
Update Information:
Update to 1.5.11
Update to 1.5.4
Update to 1.5.2
Update to 1.4.67
Update to 1.4.64
Update to 1.4.63
Update to 1.4.62
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 12 2014 Florian Lehner <dev at der-flo.net> - 1.5.11-1
- Update to 1.5.11
* Tue Nov 4 2014 Florian Lehner <dev at der-flo.net> - 1.5.4-1
- Update to 1.5.4
* Sat Nov 1 2014 Florian Lehner <dev at der-flo.net> - 1.5.2-1
- Update to 1.5.2
* Tue Oct 28 2014 Florian Lehner <dev at der-flo.net> - 1.4.67-1
- Update to 1.4.67
* Mon Oct 27 2014 Florian Lehner <dev at der-flo.net> - 1.4.66-1
- Update to 1.4.66
* Tue Oct 21 2014 Florian Lehner <dev at der-flo.net> - 1.4.64-1
- Update to 1.4.64
* Mon Oct 20 2014 Florian Lehner <dev at der-flo.net> - 1.4.63-1
- Update to 1.4.63
* Sat Oct 18 2014 Florian Lehner <dev at der-flo.net> - 1.4.62-1
- Update to 1.4.62
--------------------------------------------------------------------------------
================================================================================
love-0.9.1-1.fc19 (FEDORA-2014-14913)
A free 2D game engine which enables easy game creation in Lua
--------------------------------------------------------------------------------
Update Information:
Update to 0.9.1
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 12 2014 Jeremy Newton <alexjnewt at hotmail.com> - 0.9.1-1
- Update to 0.9.1
--------------------------------------------------------------------------------
================================================================================
mozilla-noscript-2.6.9.3-1.fc19 (FEDORA-2014-14930)
JavaScript white list extension for Mozilla Firefox
--------------------------------------------------------------------------------
Update Information:
Update to latest version. For full changelog see:
http://noscript.net/changelog
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 11 2014 Thomas Spura <tomspur at fedoraproject.org> - 2.6.9.3-1
- update to 2.6.9.3 (#1124181,#1162797)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1162797 - mozilla-noscript is outdated
https://bugzilla.redhat.com/show_bug.cgi?id=1162797
[ 2 ] Bug #1124181 - mozilla-noscript-2.6.9.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1124181
--------------------------------------------------------------------------------
================================================================================
nodejs-nsp-audit-shrinkwrap-1.0.0-1.fc19 (FEDORA-2014-14907)
Audits a shrinkwrap file against the NSP module vulnerability database
--------------------------------------------------------------------------------
Update Information:
Initial packaging
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1144666 - Review Request: nodejs-nsp-audit-shrinkwrap - Audits a shrinkwrap file against the Node Security Project module vulnerability database
https://bugzilla.redhat.com/show_bug.cgi?id=1144666
--------------------------------------------------------------------------------
================================================================================
pciutils-3.3.0-1.fc19 (FEDORA-2014-14846)
PCI bus related utilities
--------------------------------------------------------------------------------
Update Information:
* Device names exported by BIOS are displayed on Linux.
* On Linux systems, HWDB is used to look up device names when our ID database gives no match. (More precisely, HWDB is consulted after local pci.ids, but before using network to query online pci.ids.)
* Added experimental back-end for OS X / Darwin. Thanks to Richard Yao for providing it.
* Filters now support matching by device class. Original patch by Matthew Wilcox, wrappers for ABI compatibility by me.
* Interrupt Pin and Interrupt Line registers are displayed for bridge devices, too.
* Several portability bugs have been fixed.
* Several typos have been fixed. Also, use of questionable constructs in man pages has been reduced.
* PCIe link capabilities now include the ASPMOptComp bit.
* The "CRS Software Visibility" bit is now decoded properly.
* Updated pci.ids to the current snapshot of the database.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 12 2014 Michal Hlavinka <mhlavink at redhat.com> - 3.3.0-1
- updated to 3.3.0
- updated to 3.3.0
- updated to 3.3.0
- updated to 3.3.0
--------------------------------------------------------------------------------
================================================================================
perl-MCE-1.520-1.fc19 (FEDORA-2014-14954)
Many-core Engine for Perl providing parallel processing capabilities
--------------------------------------------------------------------------------
Update Information:
Many-core Engine (MCE) for Perl helps enable a new level of performance by maximizing all available cores. MCE spawns a pool of workers and therefore does not fork a new process per each element of data. Instead, MCE follows a bank queuing model. Imagine the line being the data and bank-tellers the parallel workers. MCE enhances that model by adding the ability to chunk the next n elements from the input stream to the next available worker.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1162531 - Review Request: perl-MCE - Many-core Engine for Perl providing parallel processing capabilities
https://bugzilla.redhat.com/show_bug.cgi?id=1162531
--------------------------------------------------------------------------------
================================================================================
perl-PerlIO-utf8_strict-0.005-1.fc19 (FEDORA-2014-14977)
Fast and correct UTF-8 I/O
--------------------------------------------------------------------------------
Update Information:
This release improves portability on old perl. We deliver this relase only to provide recent version number.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 12 2014 Petr Pisar <ppisar at redhat.com> - 0.005-1
- 0.005 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1163280 - perl-PerlIO-utf8_strict-0.005 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1163280
--------------------------------------------------------------------------------
================================================================================
perl-Rose-DB-Object-0.813-4.fc19 (FEDORA-2014-14926)
Extensible, high performance object-relational mapper (ORM)
--------------------------------------------------------------------------------
Update Information:
Update to upstream version 0.813
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 12 2014 Bill Pemberton <wfp5p at worldbroken.com> - 0.813-4
- update release to 4
* Wed Nov 12 2014 Bill Pemberton <wfp5p at worldbroken.com> - 0.813-3
- Update to version 0.813
- This version has several bug and documentation fixes.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1163291 - perl-Rose-DB-Object-0.813 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1163291
--------------------------------------------------------------------------------
================================================================================
php-channel-phpseclib-1.3-1.fc19 (FEDORA-2014-14965)
Adds the phpseclib channel to PEAR
--------------------------------------------------------------------------------
Update Information:
This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7.
--------------------------------------------------------------------------------
================================================================================
php-phpseclib-crypt-aes-0.3.9-1.fc19 (FEDORA-2014-14965)
Pure-PHP implementation of AES
--------------------------------------------------------------------------------
Update Information:
This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7.
--------------------------------------------------------------------------------
================================================================================
php-phpseclib-crypt-base-0.3.9-1.fc19 (FEDORA-2014-14965)
Base class for phpseclib cipher implementations
--------------------------------------------------------------------------------
Update Information:
This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7.
--------------------------------------------------------------------------------
================================================================================
php-phpseclib-crypt-blowfish-0.3.9-2.fc19 (FEDORA-2014-14965)
Pure-PHP implementation of Blowfish
--------------------------------------------------------------------------------
Update Information:
This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7.
--------------------------------------------------------------------------------
================================================================================
php-phpseclib-crypt-des-0.3.9-2.fc19 (FEDORA-2014-14965)
Pure-PHP implementation of DES
--------------------------------------------------------------------------------
Update Information:
This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7.
--------------------------------------------------------------------------------
================================================================================
php-phpseclib-crypt-hash-0.3.9-1.fc19 (FEDORA-2014-14965)
Pure-PHP implementations of keyed HMACs and hashing functions
--------------------------------------------------------------------------------
Update Information:
This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7.
--------------------------------------------------------------------------------
================================================================================
php-phpseclib-crypt-random-0.3.9-1.fc19 (FEDORA-2014-14965)
Random Number Generator
--------------------------------------------------------------------------------
Update Information:
This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7.
--------------------------------------------------------------------------------
================================================================================
php-phpseclib-crypt-rc4-0.3.9-2.fc19 (FEDORA-2014-14965)
Pure-PHP implementation of RC4
--------------------------------------------------------------------------------
Update Information:
This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7.
--------------------------------------------------------------------------------
================================================================================
php-phpseclib-crypt-rijndael-0.3.9-2.fc19 (FEDORA-2014-14965)
Pure-PHP implementation of Rijndael
--------------------------------------------------------------------------------
Update Information:
This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7.
--------------------------------------------------------------------------------
================================================================================
php-phpseclib-crypt-rsa-0.3.9-1.fc19 (FEDORA-2014-14965)
Pure-PHP PKCS#1 (v2.1) compliant implementation of RSA
--------------------------------------------------------------------------------
Update Information:
This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7.
--------------------------------------------------------------------------------
================================================================================
php-phpseclib-crypt-tripledes-0.3.9-2.fc19 (FEDORA-2014-14965)
Pure-PHP implementation of Triple DES
--------------------------------------------------------------------------------
Update Information:
This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7.
--------------------------------------------------------------------------------
================================================================================
php-phpseclib-crypt-twofish-0.3.9-2.fc19 (FEDORA-2014-14965)
Pure-PHP implementation of Twofish
--------------------------------------------------------------------------------
Update Information:
This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7.
--------------------------------------------------------------------------------
================================================================================
php-phpseclib-math-biginteger-0.3.9-1.fc19 (FEDORA-2014-14965)
Pure-PHP arbitrary precision integer arithmetic library
--------------------------------------------------------------------------------
Update Information:
This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7.
--------------------------------------------------------------------------------
================================================================================
php-phpseclib-net-sftp-0.3.9-1.fc19 (FEDORA-2014-14965)
Pure-PHP implementation of SFTP
--------------------------------------------------------------------------------
Update Information:
This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7.
--------------------------------------------------------------------------------
================================================================================
php-phpseclib-net-ssh2-0.3.9-1.fc19 (FEDORA-2014-14965)
Pure-PHP implementation of SSHv2
--------------------------------------------------------------------------------
Update Information:
This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7.
--------------------------------------------------------------------------------
================================================================================
php-phpunit-PHPUnit-3.7.34-2.fc19 (FEDORA-2014-14901)
The PHP Unit Testing framework
--------------------------------------------------------------------------------
Update Information:
* disable colors when output is not a tty
* define date.timezone to avoid warning
* Update to 3.7.34
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 12 2014 Remi Collet <remi at fedoraproject.org> - 3.7.34-2
- disable colors when output is not a tty
- define date.timezone to avoid warning
- Update to 3.7.34
--------------------------------------------------------------------------------
================================================================================
php-theseer-autoload-1.16.0-2.fc19 (FEDORA-2014-14894)
A tool and library to generate autoload code
--------------------------------------------------------------------------------
Update Information:
* define date.timezone in phpab command to avoid warning
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 12 2014 Remi Collet <remi at fedoraproject.org> - 1.16.0-2
- define date.timezone in phpab command to avoid warning
--------------------------------------------------------------------------------
================================================================================
pjproject-2.3-5.fc19 (FEDORA-2014-14873)
Libraries for building embedded/non-embedded VoIP applications
--------------------------------------------------------------------------------
Update Information:
Fix endianness support on ARM platform
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 26 2014 Jared Smith <jsmith at fedoraproject.org> - 2.3-5
- Fix endianness support on ARM platform
* Wed Oct 15 2014 Jared Smith <jsmith at fedoraproject.org> - 2.3-3
- Add IPv6 support
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1153786 - pjproject on arm should force PJ_IS_LITTLE_ENDIAN
https://bugzilla.redhat.com/show_bug.cgi?id=1153786
--------------------------------------------------------------------------------
================================================================================
polarssl-1.2.12-1.fc19 (FEDORA-2014-14912)
Light-weight cryptographic and SSL/TLS library
--------------------------------------------------------------------------------
Update Information:
- Update to 1.2.12
- CVE-2014-8628 (#1159845)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 12 2014 Morten Stevens <mstevens at imt-systems.com> - 1.2.12-1
- Update to 1.2.12
- CVE-2014-8628 (#1159845)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1159845 - CVE-2014-8627 CVE-2014-8628 polarssl: various issues fixed in 1.3.9
https://bugzilla.redhat.com/show_bug.cgi?id=1159845
--------------------------------------------------------------------------------
================================================================================
python-pillow-2.0.0-16.gitd1c6db8.fc19 (FEDORA-2014-14980)
Python image processing library
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2014-3007, updated fix for CVE-2014-1932.
Followup fix for CVE-2014-1933.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 12 2014 Sandro Mani <manisandro at gmail.com> - 2.0.0-16.gitd1c6db8
- Fix CVE-2014-3007 (rhbz #1163343), update CVE-2014-1933 to fix one more mktemp usage
* Mon Nov 10 2014 Sandro Mani <manisandro at gmail.com> - 2.0.0-15.gitd1c6db8
- CVE-2014-1933 followup (https://github.com/python-pillow/Pillow/pull/605)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1094101 - CVE-2014-3007 python-pillow, python-imaging: command injection issue
https://bugzilla.redhat.com/show_bug.cgi?id=1094101
[ 2 ] Bug #1063658 - CVE-2014-1932 python-pillow, python-imaging: insecure temporary file creation
https://bugzilla.redhat.com/show_bug.cgi?id=1063658
--------------------------------------------------------------------------------
================================================================================
rubygem-test-unit-notify-1.0.4-1.fc19 (FEDORA-2014-14856)
Test::Unit::Notify - A test result notify extension for Test::Unit
--------------------------------------------------------------------------------
Update Information:
New version 1.0.4 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 12 2014 Mamoru TASAKA <mtasaka at fedoraproject.org> - 1.0.4-1
- 1.0.4
* Wed Aug 13 2014 Mamoru TASAKA <mtasaka at fedoraproject.org> - 1.0.3-1
- 1.0.3
* Sun Jun 8 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.0.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.0.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
screen-4.1.0-0.17.20120314git3c2946.fc19 (FEDORA-2014-14822)
A screen manager that supports multiple logins on one terminal
--------------------------------------------------------------------------------
Update Information:
comply with http://fedoraproject.org/wiki/Packaging:Tmpfiles.d (#884673)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 11 2014 Petr Hracek <phracek at redhat.com> - 4.1.0-0.17.20120314git3c2946
- comply with http://fedoraproject.org/wiki/Packaging:Tmpfiles.d (#884673)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #884673 - Directory '/var/run/screen' must have mode 777.
https://bugzilla.redhat.com/show_bug.cgi?id=884673
--------------------------------------------------------------------------------
================================================================================
supertux-0.3.4-1.fc19 (FEDORA-2014-14915)
Jump'n run like game
--------------------------------------------------------------------------------
Update Information:
Update to 0.3.4 (#999396)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 11 2014 David King <amigadave at amigadave.com> - 0.3.4-1
- Update to 0.3.4 (#999396)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #999396 - supertux-0.3.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=999396
--------------------------------------------------------------------------------
================================================================================
tcalc-1.3-1.fc19 (FEDORA-2014-14910)
The terminal calculator
--------------------------------------------------------------------------------
Update Information:
Fixed file reading function
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1161340 - Review Request: tcalc - The terminal calculator
https://bugzilla.redhat.com/show_bug.cgi?id=1161340
--------------------------------------------------------------------------------
================================================================================
tor-0.2.5.10-1.fc19 (FEDORA-2014-14931)
Anonymizing overlay network for TCP (The onion router)
--------------------------------------------------------------------------------
Update Information:
update to upstream release 0.2.5.10
--------------------------------------------------------------------------------
ChangeLog:
* Mon Oct 27 2014 Jamie Nguyen <jamielinux at fedoraproject.org> - 0.2.5.10-1
- update to upstream release 0.2.5.10
--------------------------------------------------------------------------------
================================================================================
torsocks-2.0.0-2.fc19 (FEDORA-2014-14850)
Use SOCKS-friendly applications with Tor
--------------------------------------------------------------------------------
Update Information:
Update to 2.0.0
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 11 2014 Jamie Nguyen <jamielinux at fedoraproject.org> - 2.0.0-2
- remove extraneous files
* Tue Nov 11 2014 Jamie Nguyen <jamielinux at fedoraproject.org> - 2.0.0-1
- update to 2.0.0
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.3-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sun Jun 8 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1162719 - torsocks-v1 is deprecated, lot of bug, please update to v2.
https://bugzilla.redhat.com/show_bug.cgi?id=1162719
--------------------------------------------------------------------------------
================================================================================
wxGTK3-3.0.2-2.fc19 (FEDORA-2014-14869)
GTK port of the wxWidgets GUI library
--------------------------------------------------------------------------------
Update Information:
Update to 3.0.2, and fixes RH#1124402
Update to 3.0.2
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 4 2014 Jeremy Newton <alexjnewt at hotmail.com> - 3.0.2-2
- Moving things around again, hopefully fixing RH#1124402
- Adding symlinks to avoid breaking things
* Tue Nov 4 2014 Jeremy Newton <alexjnewt at hotmail.com> - 3.0.2-1
- Update to 3.0.2
* Mon Nov 3 2014 Marcin Juszkiewicz <mjuszkiewicz at redhat.com> - 3.0.1-5
- Add aarch64 and ppc64le to list of 64-bit architectures
* Tue Sep 30 2014 Jeremy Newton <alexjnewt at hotmail.com> - 3.0.1-4
- Add conflict with wxgtk-devel again, temporary fix until it can be resolved
* Tue Sep 30 2014 Jeremy Newton <alexjnewt at hotmail.com> - 3.0.1-3
- Avoid gtk warnings, fixes RH#1147995
- Moving wxrc and wx-config to libexec instead of renaming
- Misc changes and spec error fixes, fixes RH#1124402
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1124402 - Missing wxrc-3.0 and few others issues
https://bugzilla.redhat.com/show_bug.cgi?id=1124402
[ 2 ] Bug #1150567 - wxGTK3-3.0.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1150567
--------------------------------------------------------------------------------
================================================================================
xpa-2.1.15-2.fc19 (FEDORA-2014-14805)
The X Public Access messaging system
--------------------------------------------------------------------------------
Update Information:
The XPA Messaging System
--------------------------------------------------------------------------------
More information about the test
mailing list