Fedora 19 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Mon Oct 27 03:29:33 UTC 2014
The following Fedora 19 Security updates need testing:
Age URL
366 https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glance-2013.1.4-1.fc19
178 https://admin.fedoraproject.org/updates/FEDORA-2014-5896/nrpe-2.15-2.fc19
129 https://admin.fedoraproject.org/updates/FEDORA-2014-7496/readline-6.2-8.fc19
127 https://admin.fedoraproject.org/updates/FEDORA-2014-6774/claws-mail-3.10.1-1.fc19,claws-mail-plugins-3.10.0-1.fc19,libetpan-1.5-1.fc19
72 https://admin.fedoraproject.org/updates/FEDORA-2014-9427/pipelight-0.2.7.3-3.fc19
47 https://admin.fedoraproject.org/updates/FEDORA-2014-10366/icecream-1.0.1-8.20140822git.fc19
46 https://admin.fedoraproject.org/updates/FEDORA-2014-10640/libreoffice-4.1.6.2-8.fc19
30 https://admin.fedoraproject.org/updates/FEDORA-2014-11522/python-2.7.5-14.fc19
30 https://admin.fedoraproject.org/updates/FEDORA-2014-11544/drupal6-6.33-1.fc19
23 https://admin.fedoraproject.org/updates/FEDORA-2014-12057/krb5-1.11.3-29.fc19
16 https://admin.fedoraproject.org/updates/FEDORA-2014-12407/sddm-0.9.0-2.20141007git6a28c29b.fc19
9 https://admin.fedoraproject.org/updates/FEDORA-2014-13044/thunderbird-31.2.0-1.fc19
9 https://admin.fedoraproject.org/updates/FEDORA-2014-12994/firefox-33.0-1.fc19
9 https://admin.fedoraproject.org/updates/FEDORA-2014-13047/libxml2-2.9.1-2.fc19
9 https://admin.fedoraproject.org/updates/FEDORA-2014-13018/deluge-1.3.10-1.fc19
5 https://admin.fedoraproject.org/updates/FEDORA-2014-13360/asterisk-11.13.1-1.fc19
4 https://admin.fedoraproject.org/updates/FEDORA-2014-13451/webkitgtk3-2.0.4-4.fc19
3 https://admin.fedoraproject.org/updates/FEDORA-2014-13504/phpMyAdmin-4.2.10.1-1.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-13570/php-Smarty-3.1.21-1.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-13551/wpa_supplicant-2.0-12.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-13564/kernel-3.14.22-101.fc19
The following Fedora 19 Critical Path updates have yet to be approved:
Age URL
314 https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmarks-15-5.fc19
240 https://admin.fedoraproject.org/updates/FEDORA-2014-3245/testdisk-6.14-2.fc19.1,ntfs-3g-2014.2.15-1.fc19
11 https://admin.fedoraproject.org/updates/FEDORA-2014-12870/nss-util-3.17.2-1.fc19,nss-softokn-3.17.2-1.fc19,nss-3.17.2-1.fc19
9 https://admin.fedoraproject.org/updates/FEDORA-2014-13047/libxml2-2.9.1-2.fc19
9 https://admin.fedoraproject.org/updates/FEDORA-2014-13044/thunderbird-31.2.0-1.fc19
9 https://admin.fedoraproject.org/updates/FEDORA-2014-13059/kde-workspace-4.11.13-1.fc19
5 https://admin.fedoraproject.org/updates/FEDORA-2014-13362/perl-Encode-2.54-3.fc19
4 https://admin.fedoraproject.org/updates/FEDORA-2014-13451/webkitgtk3-2.0.4-4.fc19
4 https://admin.fedoraproject.org/updates/FEDORA-2014-13434/curl-7.29.0-24.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-13549/xulrunner-33.0-2.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-13551/wpa_supplicant-2.0-12.fc19
0 https://admin.fedoraproject.org/updates/FEDORA-2014-13564/kernel-3.14.22-101.fc19
The following builds have been pushed to Fedora 19 updates-testing
ahkab-0.10-2.fc19
kernel-3.14.22-101.fc19
mate-themes-extras-3.8.0-1.fc19
nginx-1.4.7-5.fc19
oxygen-gtk2-1.4.6-1.fc19
peervpn-0.040-1.fc19
php-Smarty-3.1.21-1.fc19
python-fedora-0.3.36-2.fc19
wpa_supplicant-2.0-12.fc19
xulrunner-33.0-2.fc19
Details about builds:
================================================================================
ahkab-0.10-2.fc19 (FEDORA-2014-13568)
A SPICE-like electronic circuit simulator written in Python
--------------------------------------------------------------------------------
Update Information:
Clean lines on spec file.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2014 Kiara Navarro <sophiekovalevsky at fedoraproject.org> - 0.10-2
- Clean lines on spec file.
* Sat Oct 18 2014 Kiara Navarro <sophiekovalevsky at fedoraproject.org> - 0.10-1
- Update release version and new source.
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.09-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
kernel-3.14.22-101.fc19 (FEDORA-2014-13564)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
Various security fixes for KVM and SCTP
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2014 Josh Boyer <jwboyer at fedoraproject.org> - 3.14.22-101
- CVE-2014-3688 sctp: remote memory pressure from excessive queuing (rhbz 1155745 1155751)
- CVE-2014-3687 sctp: panic on duplicate ASCONF chunks (rhbz 1155731 1155738)
- CVE-2014-3673 sctp: panic with malformed ASCONF chunks (rhbz 1147850 1155727)
- CVE-2014-3690 kvm: invalid host cr4 handling (rhbz 1153322 1155372)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1153322 - CVE-2014-3690 kernel: kvm: vmx: invalid host cr4 handling across vm entries
https://bugzilla.redhat.com/show_bug.cgi?id=1153322
[ 2 ] Bug #1155745 - CVE-2014-3688 kernel: net: sctp: remote memory pressure from excessive queueing
https://bugzilla.redhat.com/show_bug.cgi?id=1155745
[ 3 ] Bug #1155731 - CVE-2014-3687 kernel: net: sctp: fix panic on duplicate ASCONF chunks
https://bugzilla.redhat.com/show_bug.cgi?id=1155731
[ 4 ] Bug #1147850 - CVE-2014-3673 kernel: sctp: skb_over_panic when receiving malformed ASCONF chunks
https://bugzilla.redhat.com/show_bug.cgi?id=1147850
--------------------------------------------------------------------------------
================================================================================
mate-themes-extras-3.8.0-1.fc19 (FEDORA-2014-13548)
Extra gtk-2/3 themes for gtk based desktops
--------------------------------------------------------------------------------
Update Information:
- update to 3.8.0 release to reflect GTK3 version
- update faience themes to GTK3-3.10 (works with GTK3-3.8)
- drop cologne theme, get rid of runtime require gtk-xfce-engine
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2014 Wolfgang Ulbrich <chat-to-me at raveit.de> -3.8.0.1
- update to 3.8.0 release to reflect GTK3 version
- update faince themes to GTK3-3.10 (works with GTK3-3.8)
- drop cologne theme, get rid of runtime require gtk-xfce-engine
* Thu Oct 16 2014 Wolfgang Ulbrich <chat-to-me at raveit.de> - 1.7.6-1
- update to 1.7.6 release
--------------------------------------------------------------------------------
================================================================================
nginx-1.4.7-5.fc19 (FEDORA-2014-13567)
A high performance web server and reverse proxy server
--------------------------------------------------------------------------------
Update Information:
* use default.d directory
* add vim files
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2014 Jamie Nguyen <jamielinux at fedoraproject.org> - 1:1.4.7-5
- use default.d directory
* Wed Oct 22 2014 Jamie Nguyen <jamielinux at fedoraproject.org> - 1:1.4.7-4
- add vim files (#1142849)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1142298 - RFE: nginx + php + webapp
https://bugzilla.redhat.com/show_bug.cgi?id=1142298
[ 2 ] Bug #1142849 - [RFE] include nginx vim files
https://bugzilla.redhat.com/show_bug.cgi?id=1142849
--------------------------------------------------------------------------------
================================================================================
oxygen-gtk2-1.4.6-1.fc19 (FEDORA-2014-13556)
Oxygen GTK+2 theme
--------------------------------------------------------------------------------
Update Information:
oxygen-gtk2 1.4.6
- Fixes a serious crash inside eclipse (kde bug 339174)
- Fix some rendering issue for checkboxes when low contrast is used for color palette
See https://projects.kde.org/news/276
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2014 Alexey Kurov <nucleo at fedoraproject.org> - 1.4.6-1
- oxygen-gtk2-1.4.6
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.4.5-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.4.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
peervpn-0.040-1.fc19 (FEDORA-2014-13565)
A VPN software using full mesh network topology
--------------------------------------------------------------------------------
Update Information:
Updated to 0.040
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2014 Jan Cholasta <jcholast at redhat.com> - 0.040-1
- Updated to 0.040
--------------------------------------------------------------------------------
================================================================================
php-Smarty-3.1.21-1.fc19 (FEDORA-2014-13570)
Template/Presentation Framework for PHP
--------------------------------------------------------------------------------
Update Information:
New upstream release, fix CVE-2014-8350
New upstream release
New upstream release
New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 23 2014 Johan Cwiklinski <johan AT x-tnd DOT be> - 3.1.21-1
- New upstream release
- Fix version constant
- Fix requires
* Wed Oct 15 2014 Johan Cwiklinski <johan AT x-tnd DOT be> - 3.1.20-1
- New upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1155846 - CVE-2014-8350 php-Smarty: secure mode bypass
https://bugzilla.redhat.com/show_bug.cgi?id=1155846
--------------------------------------------------------------------------------
================================================================================
python-fedora-0.3.36-2.fc19 (FEDORA-2014-13561)
Python modules for talking to Fedora Infrastructure Services
--------------------------------------------------------------------------------
Update Information:
Backport the fix to flask-fas-openid merged upstream at https://github.com/fedora-infra/python-fedora/pull/108
New upstream release fixing logging in openidbaseclient
* Update to new upstream: https://github.com/fedora-infra/python-fedora/blob/develop/NEWS
* Update to new upstream: https://github.com/fedora-infra/python-fedora/blob/develop/NEWS
New upstream release fixing logging in openidbaseclient
* Update to new upstream: https://github.com/fedora-infra/python-fedora/blob/develop/NEWS
* Update to new upstream: https://github.com/fedora-infra/python-fedora/blob/develop/NEWS
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 23 2014 Pierre-Yves Chibon <pingou at pingoured.fr> - 0.3.36-2
- Backport the flask-fas-openid fix merged upstream at:
https://github.com/fedora-infra/python-fedora/pull/108
* Thu Aug 7 2014 Toshio Kuratomi <toshio at fedoraproject.org> - 0.3.36-1
- New upstream release fixing logging in openidbaseclient
* Wed Aug 6 2014 Toshio Kuratomi <toshio at fedoraproject.org> - 0.3.35-1
- Upstream 0.3.35 release that adds openidbaseclient
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.3.34-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1150301 - Using "pkgdb-cli" leads to "NameError: name 'NullHandler' is not defined"
https://bugzilla.redhat.com/show_bug.cgi?id=1150301
--------------------------------------------------------------------------------
================================================================================
wpa_supplicant-2.0-12.fc19 (FEDORA-2014-13551)
WPA/WPA2/IEEE 802.1X Supplicant
--------------------------------------------------------------------------------
Update Information:
This update fixes a possible security issue executing scripts with wpa_cli.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2014 Dan Williams <dcbw at redhat.com> - 1:2.0-12
- Use os_exec() for action script execution (CVE-2014-3686)
* Thu Aug 21 2014 Kevin Fenzi <kevin at scrye.com> - 1:2.0-11
- Rebuild for rpm bug 1131960
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1:2.0-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sun Jun 8 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1:2.0-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1151259 - CVE-2014-3686 wpa_supplicant and hostapd: wpa_cli and hostapd_cli remote command execution issue
https://bugzilla.redhat.com/show_bug.cgi?id=1151259
--------------------------------------------------------------------------------
================================================================================
xulrunner-33.0-2.fc19 (FEDORA-2014-13549)
XUL Runtime for Gecko Applications
--------------------------------------------------------------------------------
Update Information:
Second arch fixes.
Update to latest upstream - Xulrunner 33.
Update to latest upstream - Firefox 31.
Update to latest upstream - Xulrunner 33.
Update to latest upstream - Firefox 31.
Update to latest upstream - Xulrunner 33.
Update to latest upstream - Firefox 31.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 22 2014 Dan HorĂ¡k <dan[at]danny.cz> - 33.0-2
- Fix filelist for secondary arches
* Thu Oct 16 2014 Martin Stransky <stransky at redhat.com> - 33.0-1
- Update to 33.0
* Sat Sep 20 2014 Peter Robinson <pbrobinson at fedoraproject.org> 32.0.2-1
- Update to 32.0.2
- sync fixes to the same as firefox
* Tue Sep 9 2014 Martin Stransky <stransky at redhat.com> - 32.0-2
- move /sdk/bin to xulrunner libdir
* Tue Aug 26 2014 Martin Stransky <stransky at redhat.com> - 32.0-1
- Update to 32.0 build 1
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 31.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Fri Jul 25 2014 Martin Stransky <stransky at redhat.com> - 31.0-1
- Update to 31.0 build 2
* Fri Jul 25 2014 Yaakov Selkowitz <yselkowi at redhat.com> - 30.0-3
- Fix mozilla-config.h wrapper on aarch64
* Sun Jun 8 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 30.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
More information about the test
mailing list