Fedora 19 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Fri Oct 10 16:12:44 UTC 2014
The following Fedora 19 Security updates need testing:
Age URL
349 https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glance-2013.1.4-1.fc19
161 https://admin.fedoraproject.org/updates/FEDORA-2014-5896/nrpe-2.15-2.fc19
112 https://admin.fedoraproject.org/updates/FEDORA-2014-7496/readline-6.2-8.fc19
110 https://admin.fedoraproject.org/updates/FEDORA-2014-6774/claws-mail-3.10.1-1.fc19,claws-mail-plugins-3.10.0-1.fc19,libetpan-1.5-1.fc19
101 https://admin.fedoraproject.org/updates/FEDORA-2014-7939/lzo-2.08-1.fc19
64 https://admin.fedoraproject.org/updates/FEDORA-2014-9162/xulrunner-31.0-1.fc19
55 https://admin.fedoraproject.org/updates/FEDORA-2014-9427/pipelight-0.2.7.3-3.fc19
43 https://admin.fedoraproject.org/updates/FEDORA-2014-9830/glibc-2.17-21.fc19
30 https://admin.fedoraproject.org/updates/FEDORA-2014-10366/icecream-1.0.1-8.20140822git.fc19
29 https://admin.fedoraproject.org/updates/FEDORA-2014-10640/libreoffice-4.1.6.2-8.fc19
27 https://admin.fedoraproject.org/updates/FEDORA-2014-10794/squid-3.3.13-2.fc19
14 https://admin.fedoraproject.org/updates/FEDORA-2014-11522/python-2.7.5-14.fc19
14 https://admin.fedoraproject.org/updates/FEDORA-2014-11544/drupal6-6.33-1.fc19
13 https://admin.fedoraproject.org/updates/FEDORA-2014-11649/rubygem-bundler-1.7.3-1.fc19
7 https://admin.fedoraproject.org/updates/FEDORA-2014-12059/torque-3.0.4-5.fc19
7 https://admin.fedoraproject.org/updates/FEDORA-2014-12057/krb5-1.11.3-29.fc19
7 https://admin.fedoraproject.org/updates/FEDORA-2014-12000/xen-4.2.5-3.fc19
6 https://admin.fedoraproject.org/updates/FEDORA-2014-12165/mantis-1.2.17-3.fc19
4 https://admin.fedoraproject.org/updates/FEDORA-2014-12262/mediawiki-1.23.5-1.fc19
1 https://admin.fedoraproject.org/updates/FEDORA-2014-12344/php-ZendFramework-1.12.9-1.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-12536/python-oauth2-1.5.211-8.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-12584/bugzilla-4.2.11-1.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-12407/sddm-0.9.0-2.20141007git6a28c29b.fc19
The following Fedora 19 Critical Path updates have yet to be approved:
Age URL
297 https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmarks-15-5.fc19
223 https://admin.fedoraproject.org/updates/FEDORA-2014-3245/testdisk-6.14-2.fc19.1,ntfs-3g-2014.2.15-1.fc19
13 https://admin.fedoraproject.org/updates/FEDORA-2014-11671/koji-1.9.0-5.fc19
10 https://admin.fedoraproject.org/updates/FEDORA-2014-11828/dash-0.5.8-1.fc19
7 https://admin.fedoraproject.org/updates/FEDORA-2014-12057/krb5-1.11.3-29.fc19
1 https://admin.fedoraproject.org/updates/FEDORA-2014-12420/initscripts-9.47-2.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-12547/xfce4-session-4.10.1-2.fc19
The following builds have been pushed to Fedora 19 updates-testing
R-3.1.1-7.fc19
bugzilla-4.2.11-1.fc19
chirp-0.4.1-1.fc19
elk-2.3.22-9.fc19
fedmsg-0.11.0-1.fc19
game-music-emu-0.6.0-5.fc19
libmygpo-qt-1.0.8-2.fc19
mksh-50d-1.fc19
perl-HTML-WikiConverter-Markdown-0.06-1.fc19
perl-WWW-OrangeHRM-Client-0.9.0-1.fc19
php-pear-Net-URL2-2.0.9-1.fc19
python-fedmsg-meta-fedora-infrastructure-0.3.5-1.fc19
python-fedora-0.3.36-1.fc19
python-oauth2-1.5.211-8.fc19
razorqt-0.5.2-20.fc19
sddm-0.9.0-2.20141007git6a28c29b.fc19
xfce4-session-4.10.1-2.fc19
Details about builds:
================================================================================
R-3.1.1-7.fc19 (FEDORA-2014-12586)
A language for data analysis and graphics
--------------------------------------------------------------------------------
Update Information:
Fix java Requires/BuildRequires to be more permissive.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Sep 29 2014 Orion Poplawski <orion at cora.nwra.com> - 3.1.1-7
- Just BR/R java instead of java-1.5.0-gcj (bug #1110684)
* Tue Sep 16 2014 David Sommerseth <davids at redhat.com> - 3.1.1-6
- Setting ulimit when running make check, to avoid segfault due to too small stack (needed on PPC64)
* Tue Aug 26 2014 David Tardon <dtardon at redhat.com> - 3.1.1-5
- rebuild for ICU 53.1
* Fri Aug 15 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.1.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1110684 - R-java update has new dependencies
https://bugzilla.redhat.com/show_bug.cgi?id=1110684
--------------------------------------------------------------------------------
================================================================================
bugzilla-4.2.11-1.fc19 (FEDORA-2014-12584)
Bug tracking system
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2014-1571, CVE-2014-1572, CVE-2014-1573
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 8 2014 Emmanuel Seyman <emmanuel at seyman.fr> - 4.2.11-1
- Update to 4.2.11 (CVE-2014-157, CVE-2014-1573 and CVE-2014-1571)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1150091 - CVE-2014-1571 CVE-2014-1572 CVE-2014-1573 bugzilla: security fixes release
https://bugzilla.redhat.com/show_bug.cgi?id=1150091
--------------------------------------------------------------------------------
================================================================================
chirp-0.4.1-1.fc19 (FEDORA-2014-12489)
A tool for programming two-way radio equipment
--------------------------------------------------------------------------------
Update Information:
Version 0.4.1 contains a special backport for Baofeng users to work around a firmware incompatibility issue.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 9 2014 Richard Shaw <hobbes1069 at gmail.com> - 0.4.1-1
- Update to latest bugfix release.
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org>
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1150979 - chirp-0.4.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1150979
--------------------------------------------------------------------------------
================================================================================
elk-2.3.22-9.fc19 (FEDORA-2014-12582)
FP-LAPW Code
--------------------------------------------------------------------------------
Update Information:
build against new openmpi on fc21 + epel7 package
--------------------------------------------------------------------------------
ChangeLog:
* Tue Oct 7 2014 Marcin Dulak <Marcin.Dulak at gmail.com> - 2.3.22-9
- build against new openmpi
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.3.22-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
fedmsg-0.11.0-1.fc19 (FEDORA-2014-12575)
Tools for Fedora Infrastructure real-time messaging
--------------------------------------------------------------------------------
Update Information:
New fedmsg.meta.msg2long_form API. Other IRC-related bugfixes and enhancements.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 9 2014 Ralph Bean <rbean at redhat.com> - 0.11.0-1
- Fix harmless error about twisted.words at daemon startup.
- Optional shortening of links in IRC.
- IRC bot now reconnects when dropped.
- New fedmsg.meta.msg2long_form API.
--------------------------------------------------------------------------------
================================================================================
game-music-emu-0.6.0-5.fc19 (FEDORA-2014-12445)
Video game music file emulation/playback library
--------------------------------------------------------------------------------
Update Information:
update to latest stable
--------------------------------------------------------------------------------
ChangeLog:
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.6.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.6.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Fri Sep 20 2013 Karel Volný <kvolny at redhat.com> 0.6.0-3
- Adjust virtual provides according to further comments on bug#1006881
* Fri Sep 13 2013 Karel Volný <kvolny at redhat.com> 0.6.0-2
- Add virtual provides libgme (bug #1006881)
* Thu Aug 22 2013 Karel Volný <kvolny at redhat.com> 0.6.0-1
- New release
- See changes.txt for list of upstream changes
- Adds pkgconfig file (+ patch to correct path)
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.5.5-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
libmygpo-qt-1.0.8-2.fc19 (FEDORA-2014-12008)
Qt4 Library that wraps the gpodder.net Web API
--------------------------------------------------------------------------------
Update Information:
Update to latest 1.0.8 release, adds Qt5 support, and fix cmake/pkgconfig header paths
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 9 2014 Rex Dieter <rdieter at fedoraproject.org> 1.0.8-2
- qt5-devel: fix typo in base pkg dependency
* Wed Oct 1 2014 Rex Dieter <rdieter at fedoraproject.org> 1.0.8-1
- 1.0.8
- include path for cmake and chkconfig are wrong for libmygpo-qt (#1148246)
- use github-hosted sources
- Qt5 support: libmygpo-qt5,libmy-qt5-devel subpkgs
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.0.7-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.0.7-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1148246 - libmygpo-qt: include path for cmake and pkgconfig are wrong
https://bugzilla.redhat.com/show_bug.cgi?id=1148246
--------------------------------------------------------------------------------
================================================================================
mksh-50d-1.fc19 (FEDORA-2014-12497)
MirBSD enhanced version of the Korn Shell
--------------------------------------------------------------------------------
Update Information:
R50d is a required bugfix release:
* Fix NULL pointer dereference on “unset x; nameref x”
* Fix severe regression in field splitting (LP#1378208)
* Add a warning about not using tainted user input (including from the environ(7)ment) in arithmetics, until Stéphane writes it up nicely
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 8 2014 Robert Scheck <robert at fedoraproject.org> 50d-1
- Upgrade to 50d (#1150493)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1150493 - mksh-50d is available
https://bugzilla.redhat.com/show_bug.cgi?id=1150493
--------------------------------------------------------------------------------
================================================================================
perl-HTML-WikiConverter-Markdown-0.06-1.fc19 (FEDORA-2014-12484)
Convert HTML to Markdown markup
--------------------------------------------------------------------------------
Update Information:
Update to 0.06
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 8 2014 Jitka Plesnikova <jplesnik at redhat.com> - 0.06-1
- 0.06 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1127473 - Please update to upstream version >= 0.06
https://bugzilla.redhat.com/show_bug.cgi?id=1127473
--------------------------------------------------------------------------------
================================================================================
perl-WWW-OrangeHRM-Client-0.9.0-1.fc19 (FEDORA-2014-12568)
Client for OrangeHRM
--------------------------------------------------------------------------------
Update Information:
This release adjust to changes on SAML IDP side and it adds support for Kerberos authentication.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 8 2014 Petr Pisar <ppisar at redhat.com> - 0.9.0-1
- 0.9.0 bump
--------------------------------------------------------------------------------
================================================================================
php-pear-Net-URL2-2.0.9-1.fc19 (FEDORA-2014-12450)
Class for parsing and handling URL
--------------------------------------------------------------------------------
Update Information:
Upstream Changelog:
Version 2.0.9
* Fixed #20418: Incorrect normalization of URI with missing authority
* Upd: Test for RFC 3986 Section 1.1.2 Examples
* Upd: Travis CI - PHP 5.6 added
Version 2.0.8
* Fixed #20420: Inconsistent setAuthority and getAuthority
* Fixed #20423: URI with IPv6 or IPvFuture not parsed
* Imp: Test for RFC 3986 Section 1.1.2 Examples
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 9 2014 Remi Collet <remi at fedoraproject.org> - 2.0.9-1
- Update to 2.0.8 (stable)
* Wed Oct 8 2014 Remi Collet <remi at fedoraproject.org> - 2.0.8-1
- Update to 2.0.8 (stable)
--------------------------------------------------------------------------------
================================================================================
python-fedmsg-meta-fedora-infrastructure-0.3.5-1.fc19 (FEDORA-2014-12559)
Metadata providers for Fedora Infrastructure's fedmsg deployment
--------------------------------------------------------------------------------
Update Information:
Fix to anitya processor.
Bugfixes to anitya and pkgdb processors.
New koschei and anitya processors.
Handle new pkgdb messages, certain legacy messages, and new bugzilla messages. git messages now return the full patch via a call to msg2long_form
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 9 2014 Ralph Bean <rbean at redhat.com> - 0.3.5-1
- Further fixes to anitya.
* Wed Oct 8 2014 Ralph Bean <rbean at redhat.com> - 0.3.4-1
- Fixes to pkgdb and anitya processors.
* Fri Oct 3 2014 Ralph Bean <rbean at redhat.com> - 0.3.3-1
- New koschei and anitya processors.
* Mon Sep 29 2014 Ralph Bean <rbean at redhat.com> - 0.3.2-1
- Latest upstream.
- Handle different types of legacy messages.
- git messages now return the full patch via a call to msg2long_form.
- future-proofing against new types of bugzilla messages.
--------------------------------------------------------------------------------
================================================================================
python-fedora-0.3.36-1.fc19 (FEDORA-2014-12555)
Python modules for talking to Fedora Infrastructure Services
--------------------------------------------------------------------------------
Update Information:
New upstream release fixing logging in openidbaseclient
* Update to new upstream: https://github.com/fedora-infra/python-fedora/blob/develop/NEWS
* Update to new upstream: https://github.com/fedora-infra/python-fedora/blob/develop/NEWS
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 7 2014 Toshio Kuratomi <toshio at fedoraproject.org> - 0.3.36-1
- New upstream release fixing logging in openidbaseclient
* Wed Aug 6 2014 Toshio Kuratomi <toshio at fedoraproject.org> - 0.3.35-1
- Upstream 0.3.35 release that adds openidbaseclient
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.3.34-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1150301 - Using "pkgdb-cli" leads to "NameError: name 'NullHandler' is not defined"
https://bugzilla.redhat.com/show_bug.cgi?id=1150301
--------------------------------------------------------------------------------
================================================================================
python-oauth2-1.5.211-8.fc19 (FEDORA-2014-12536)
Python support for improved oauth
--------------------------------------------------------------------------------
Update Information:
Actually apply patch to fix CVE-2013-4347 (thanks to Jason Green, Matt Wilson).
Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski.
Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 8 2014 Tom Callaway <spot at fedoraproject.org> - 1.5.211-8
- actually apply patch to fix CVE-2013-4347 (thanks to Jason Green, Matt Wilson)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1007746 - CVE-2013-4346 python-oauth2: _check_signature() ignores the nonce value when validating signed urls
https://bugzilla.redhat.com/show_bug.cgi?id=1007746
[ 2 ] Bug #1007758 - CVE-2013-4347 python-oauth2: Uses poor PRNG in nonce
https://bugzilla.redhat.com/show_bug.cgi?id=1007758
--------------------------------------------------------------------------------
================================================================================
razorqt-0.5.2-20.fc19 (FEDORA-2014-12560)
Lightweight desktop toolbox
--------------------------------------------------------------------------------
Update Information:
rebuild with system libqtxdg-0.5.3
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 5 2014 TI_Eugene <ti.eugene at gmail.com> 0.5.2-20
- rebuild with system libqtxdg-0.5.3
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.5.2-19
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Fri Aug 1 2014 Rex Dieter <rdieter at fedoraproject.org> 0.5.2-18
- revert (bundled) libqtxdg package version to 0.5.2
avoids conflicts with system liqtxdg
* Fri Aug 1 2014 Rex Dieter <rdieter at fedoraproject.org> 0.5.2-17
- fix epel-6 build
* Mon Jun 16 2014 TI_Eugene <ti.eugene at gmail.com> 0.5.2-16
- Fixed bad "Requires: razorqt-data" version
* Fri Jun 13 2014 TI_Eugene <ti.eugene at gmail.com> 0.5.2-15
- Repackaging with libqtxdg-0.5.3 (builtin)
* Sun Jun 8 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.5.2-14
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
sddm-0.9.0-2.20141007git6a28c29b.fc19 (FEDORA-2014-12407)
QML based X11 desktop manager
--------------------------------------------------------------------------------
Update Information:
Bump to latest upstream git (and a new release), fixes CVE-2014-7271 and CVE-2014-7272
Sync to the newest upstream development, fixes authentication
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 9 2014 Martin Briza <mbriza at redhat.com> - 0.9.0-2.20141007git6a28c29b
- Remove pam_gnome_keyring.so (temporarily) from sddm.pam to fix impossibility to log out
- Resolves: #1150283
* Tue Oct 7 2014 Martin Briza <mbriza at redhat.com> - 0.9.0-1.20141007git6a28c29b
- Bump to latest upstream git (and a new release)
- Hack around focus problem in the Fedora theme
- Compile against Qt5
- Removed upstreamed patch and files
- Resolves: #1114192 #1119777 #1123506 #1125129 #1140386 #1112841 #1128463 #1128465 #1149608 #1149628 #1148659 #1148660 #1149610 #1149629
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.2.0-0.32.20140627gitf49c2c79
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Fri Jun 27 2014 Martin Briza <mbriza at redhat.com> - 0.2.0-0.31.20140627gitf49c2c79
- Patch unitialized values in signal handler in the daemon
* Fri Jun 27 2014 Martin Briza <mbriza at redhat.com> - 0.2.0-0.30.20140627gitf49c2c79
- Bump to latest upstream, switch back to sddm project
- Drop sddm.service
- Enable manpage and journald support
* Tue Jun 24 2014 Martin Briza <mbriza at redhat.com> - 0.2.0-0.29.20140623gitdb1d7381
- Fix default config to respect the new /usr/share paths
- Fixed multiple users after autologin
* Mon Jun 23 2014 Martin Briza <mbriza at redhat.com> - 0.2.0-0.28.20140623gitdb1d7381
- Fix Requires, release
* Mon Jun 23 2014 Martin Briza <mbriza at redhat.com> - 0.2.0-0.27.20131125gitdb1d7381
- Updated to the latest upstream git
- Notable changes: Greeter runs under the sddm user, it's possible to configure display setup, different install paths in /usr/share
- Resolves: #1034414 #1035939 #1035950 #1036308 #1038548 #1045722 #1045937 #1065715 #1082229 #1007067 #1027711 #1031745 #1008951 #1016902 #1031415 #1020921
* Sun Jun 8 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.2.0-0.26.20131125git7a008602
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Thu May 1 2014 Rex Dieter <rdieter at fedoraproject.org> 0.2.0-0.25.20131125git7a008602
- update pam config (+pam_kwallet,-pam_mate_keyring)
* Mon Jan 27 2014 Adam Jackson <ajax at redhat.com> 0.2.0-0.24.20131125git7a008602
- Rebuild for new sonames in libxcb 1.10
* Mon Dec 16 2013 Martin Briza <mbriza at redhat.com> - 0.2.0-0.23.20131125git7a008602
- Revert all work done on authentication, doesn't support multiple logins right now
* Mon Nov 25 2013 Martin Briza <mbriza at redhat.com> - 0.2.0-0.22.20131125git7a008602
- Fix saving of last session and user
* Mon Nov 25 2013 Martin Briza <mbriza at redhat.com> - 0.2.0-0.21.20131125git7a008602
- Rebase to current upstream
- Fix the theme (and improve it by a bit)
- Fix the authentication stack
- Don't touch numlock on startup
- Disabled the XDMCP server until it's accepted upstream
- Resolves: #1016902 #1028799 #1031415 #1031745 #1020921 #1008951 #1004621
* Tue Nov 5 2013 Martin Briza <mbriza at redhat.com> - 0.2.0-0.20.20130914git50ca5b20
- Fix xdisplay and tty vars
* Tue Nov 5 2013 Martin Briza <mbriza at redhat.com> - 0.2.0-0.19.20130914git50ca5b20
- Patch cleanup
* Tue Nov 5 2013 Martin Briza <mbriza at redhat.com> - 0.2.0-0.18.20130914git50ca5b20
- Cmake magic
* Tue Nov 5 2013 Martin Briza <mbriza at redhat.com> - 0.2.0-0.17.20130914git50ca5b20
- Rewritten the authentication stack to work right with PAM
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1149608 - CVE-2014-7271 sddm: user "sddm" can login without authentication.
https://bugzilla.redhat.com/show_bug.cgi?id=1149608
[ 2 ] Bug #1148659 - sddm: multiple flaws in SDDM display manager leading to privilege escalation to root
https://bugzilla.redhat.com/show_bug.cgi?id=1148659
[ 3 ] Bug #1149610 - CVE-2014-7272 sddm: several local privileges escalation issues
https://bugzilla.redhat.com/show_bug.cgi?id=1149610
--------------------------------------------------------------------------------
================================================================================
xfce4-session-4.10.1-2.fc19 (FEDORA-2014-12547)
Xfce session manager
--------------------------------------------------------------------------------
Update Information:
Update to fix bug 1150207
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 8 2014 Mukundan Ragavan <nonamedotc at fedoraproject.org> - 4.10.1-2
- Add patch for fixing bashisms. Fixes bug 1150207
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1150207 - bashisms in startxfce4
https://bugzilla.redhat.com/show_bug.cgi?id=1150207
--------------------------------------------------------------------------------
More information about the test
mailing list