The following Fedora 18 Security updates need testing: Age URL 15 https://admin.fedoraproject.org/updates/FEDORA-2012-13510/xen-4.1.3-3.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2012-14279/phpldapadmin-1.2.2-3.gitbbedf1.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2012-14370/icedtea-web-1.3-1.fc18 11 https://admin.fedoraproject.org/updates/FEDORA-2012-13785/mediawiki119-1.19.2-1.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2012-14578/php-Smarty-3.1.11-1.fc18 10 https://admin.fedoraproject.org/updates/FEDORA-2012-13871/libxslt-1.1.27-1.fc18 10 https://admin.fedoraproject.org/updates/FEDORA-2012-13897/seamonkey-2.12.1-1.fc18 7 https://admin.fedoraproject.org/updates/FEDORA-2012-13972/cloud-init-0.6.3-0.5.bzr532.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2012-14638/tor-0.2.2.39-1800.fc18 The following builds have been pushed to Fedora 18 updates-testing clamav-0.97.6-1800.fc18 erlang-js-1.2.1-1.fc18 libteam-0.1-15.20120923git8448186.fc18 mingw-dbus-1.6.4-1.fc18 openstack-quantum-2012.2-0.10.rc2.fc18 php-pecl-memcache-3.0.7-2.fc18 python-glanceclient-0.5.1-1.fc18 rubygem-declarative_authorization-0.5.6-1.fc18 tor-0.2.2.39-1800.fc18 Details about builds: ================================================================================ clamav-0.97.6-1800.fc18 (FEDORA-2012-14635) End-user tools for the Clam Antivirus scanner -------------------------------------------------------------------------------- Update Information: . -------------------------------------------------------------------------------- ChangeLog: * Sat Sep 22 2012 Enrico Scholz <enrico.scholz@xxxxxxxxxxxxxxxxxxxxxxxxx> - 0.97.6-1800 - updated to 0.97.6 -------------------------------------------------------------------------------- ================================================================================ erlang-js-1.2.1-1.fc18 (FEDORA-2012-14637) A Friendly Erlang to Javascript Binding -------------------------------------------------------------------------------- Update Information: * Ver. 1.2.1 (bugfix release) -------------------------------------------------------------------------------- ChangeLog: * Sat Sep 22 2012 Peter Lemenkov <lemenkov@xxxxxxxxx> - 1.2.1-1 - Ver. 1.2.1 - Drop upstreamed patches * Wed Sep 5 2012 Peter Lemenkov <lemenkov@xxxxxxxxx> - 1.2.0-1 - Ver. 1.2.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #854562 - Upgrade erlang-js to the version 1.2.0 https://bugzilla.redhat.com/show_bug.cgi?id=854562 -------------------------------------------------------------------------------- ================================================================================ libteam-0.1-15.20120923git8448186.fc18 (FEDORA-2012-12531) Library for controlling team network device -------------------------------------------------------------------------------- Update Information: Rebase to git commit 8448186 -------------------------------------------------------------------------------- ChangeLog: * Sun Sep 23 2012 Jiri Pirko <jpirko@xxxxxxxxxx> - 0.1-15.20120923git8448186 - Rebase to git commit 8448186 * Tue Sep 4 2012 Jiri Pirko <jpirko@xxxxxxxxxx> - 0.1-14.20120904gitbdcf72c - Rebase to git commit bdcf72c * Wed Aug 22 2012 Jiri Pirko <jpirko@xxxxxxxxxx> - 0.1-13.20120822gitc0d943d - Rebase to git commit c0d943d -------------------------------------------------------------------------------- ================================================================================ mingw-dbus-1.6.4-1.fc18 (FEDORA-2012-14633) MinGW Windows port of D-Bus -------------------------------------------------------------------------------- Update Information: Update to 1.6.4, fixes C++11 compatibility -------------------------------------------------------------------------------- ChangeLog: * Sun Sep 23 2012 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 1.6.4-1 - Update to 1.6.4 - Fixes compatibility issue with c++11 support -------------------------------------------------------------------------------- ================================================================================ openstack-quantum-2012.2-0.10.rc2.fc18 (FEDORA-2012-14634) Virtual network service for OpenStack (quantum) -------------------------------------------------------------------------------- Update Information: Updated to rc2. -------------------------------------------------------------------------------- ChangeLog: * Sun Sep 23 2012 Gary Kotton <gkotton@xxxxxxxxxx> - 2012.2-0.9.rc2 - Update to folsom rc2 -------------------------------------------------------------------------------- ================================================================================ php-pecl-memcache-3.0.7-2.fc18 (FEDORA-2012-14632) Extension to work with the Memcached caching daemon -------------------------------------------------------------------------------- Update Information: Upstream changelog: - Fixed bug #62589 - missing "$" in memcache.php - Fix php_stream_cast() usage. - fixes for windows build and php 5.4 compat -------------------------------------------------------------------------------- ChangeLog: * Sun Sep 23 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 3.0.7-2 - use upstream patch instead of our (memleak) * Sun Sep 23 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 3.0.7-1 - update to 3.0.7 - drop patches merged upstream - cleanup spec -------------------------------------------------------------------------------- ================================================================================ python-glanceclient-0.5.1-1.fc18 (FEDORA-2012-14636) Python API and CLI for OpenStack Glance -------------------------------------------------------------------------------- Update Information: * Update to 0.5.1 * Add dependency on python-setuptools (#850844) * Revert client script rename, old glance client is now deprecated. -------------------------------------------------------------------------------- References: [ 1 ] Bug #850844 - python-glanceclient missing dependency on python-setuptools https://bugzilla.redhat.com/show_bug.cgi?id=850844 -------------------------------------------------------------------------------- ================================================================================ rubygem-declarative_authorization-0.5.6-1.fc18 (FEDORA-2012-14639) Provides readable authorization rules for Rails -------------------------------------------------------------------------------- Update Information: Rebased on declarative_authorization 0.5.6. -------------------------------------------------------------------------------- ChangeLog: * Sun Sep 23 2012 Darryl L. Pierce <dpierce@xxxxxxxxxx> - 0.5.6-1 - Rebased on declarative_authorization 0.5.6. - Moved the license file into the main package. -------------------------------------------------------------------------------- ================================================================================ tor-0.2.2.39-1800.fc18 (FEDORA-2012-14638) Anonymizing overlay network for TCP (The onion router) -------------------------------------------------------------------------------- Update Information: . . . -------------------------------------------------------------------------------- ChangeLog: * Sat Sep 22 2012 Enrico Scholz <enrico.scholz@xxxxxxxxxxxxxxxxxxxxxxxxx> - 0.2.2.39-1800 - updated to 0.2.2.29 - CVE-2012-4419: assertion failure when comparing an address with port 0 to an address policy - CVE-2012-4422: assertion failure in tor_timegm() * Wed Aug 22 2012 Enrico Scholz <enrico.scholz@xxxxxxxxxxxxxxxxxxxxxxxxx> - 0.2.2.38-1801 - fixed upgrade path by obsoleting -upstart * Sun Aug 19 2012 Enrico Scholz <enrico.scholz@xxxxxxxxxxxxxxxxxxxxxxxxx> - 0.2.2.38-1800 - updated to 0.2.2.38 - CVE-2012-3517: Read from freed memory and double free by processing failed DNS request - conditionalized upstart and disabled it by default -------------------------------------------------------------------------------- References: [ 1 ] Bug #856988 - CVE-2012-4419 CVE-2012-4922 tor: assertion failures in tor_timegm() and compare_tor_addr_to_addr_policy() https://bugzilla.redhat.com/show_bug.cgi?id=856988 [ 2 ] Bug #849949 - CVE-2012-3517 tor: Read from freed memory and double free by processing failed DNS request https://bugzilla.redhat.com/show_bug.cgi?id=849949 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test