The following Fedora 18 Security updates need testing: Age URL 6 https://admin.fedoraproject.org/updates/FEDORA-2012-15716/libxslt-1.1.27-2.fc18 2 https://admin.fedoraproject.org/updates/FEDORA-2012-15996/cobbler-2.4.0-beta2.fc18 20 https://admin.fedoraproject.org/updates/FEDORA-2012-14664/openjpeg-1.5.0-5.fc18 2 https://admin.fedoraproject.org/updates/FEDORA-2012-16023/haproxy-1.4.22-1.fc18 2 https://admin.fedoraproject.org/updates/FEDORA-2012-15987/thunderbird-16.0.1-1.fc18 2 https://admin.fedoraproject.org/updates/FEDORA-2012-16022/dhcp-4.2.4-18.P2.fc18,bind-dyndb-ldap-2.0-0.3.20121009git6a86b1.fc18,bind-9.9.2-2.fc18,dnsperf-2.0.0.0-3.fc18 11 https://admin.fedoraproject.org/updates/FEDORA-2012-15342/freeradius-2.2.0-0.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2012-16073/ssmtp-2.64-5.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2012-16071/ruby-1.9.3.286-19.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2012-16130/icecast-2.3.3-1.fc18 The following Fedora 18 Critical Path updates have yet to be approved: Age URL 0 https://admin.fedoraproject.org/updates/FEDORA-2012-16136/ilmbase-1.0.3-4.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2012-16127/NetworkManager-0.9.7.0-6.git20121004.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2012-16134/pyOpenSSL-0.13-4.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2012-16145/harfbuzz-0.9.5-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2012-16119/xorg-x11-drv-ati-7.0.0-0.7.20121015gitbd9e2c064.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2012-16121/xorg-x11-drv-intel-2.20.10-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2012-16117/evolution-data-server-3.6.1-1.fc18,evolution-3.6.1-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2012-16112/iptables-1.4.16.2-3.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2012-16107/xorg-x11-drv-qxl-0.1.0-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2012-16111/glibc-2.16-20.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2012-16077/cairo-1.12.4-1.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2012-16061/libosinfo-0.2.1-1.fc18 2 https://admin.fedoraproject.org/updates/FEDORA-2012-15987/thunderbird-16.0.1-1.fc18 2 https://admin.fedoraproject.org/updates/FEDORA-2012-15993/lorax-18.21-1.fc18 2 https://admin.fedoraproject.org/updates/FEDORA-2012-16010/gtkhtml3-4.6.0-1.fc18,evolution-mapi-3.6.0-1.fc18,evolution-ews-3.6.0-1.fc18,evolution-data-server-3.6.0-1.fc18,evolution-3.6.0-1.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2012-15936/cups-1.5.4-10.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2012-15917/libutempter-1.1.6-1.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2012-15913/abrt-2.0.15-1.fc18,libreport-2.0.16-1.fc18,btparser-0.20-1.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2012-15933/hunspell-en-0.20110318-9.fc18 2 https://admin.fedoraproject.org/updates/FEDORA-2012-15910/openldap-2.4.33-2.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2012-15825/util-linux-2.22.1-1.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2012-15819/polkit-0.107-4.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2012-15800/upower-0.9.18-1.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2012-15822/pulseaudio-2.1-4.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2012-15815/firefox-16.0-1.fc18,xulrunner-16.0-2.fc18,thunderbird-16.0-1.fc18,thunderbird-lightning-1.8-1.fc18 5 https://admin.fedoraproject.org/updates/FEDORA-2012-15785/python-nss-0.13-0.fc18 5 https://admin.fedoraproject.org/updates/FEDORA-2012-15776/kde-workspace-4.9.2-4.fc18 6 https://admin.fedoraproject.org/updates/FEDORA-2012-15701/pulseaudio-2.1-2.fc18,webrtc-audio-processing-0.1-1.fc18 6 https://admin.fedoraproject.org/updates/FEDORA-2012-15711/gnome-settings-daemon-3.6.1-2.fc18 6 https://admin.fedoraproject.org/updates/FEDORA-2012-15716/libxslt-1.1.27-2.fc18 6 https://admin.fedoraproject.org/updates/FEDORA-2012-15670/gnome-settings-daemon-3.6.1-1.fc18,control-center-3.6.1-1.fc18 6 https://admin.fedoraproject.org/updates/FEDORA-2012-15682/pyxdg-0.23-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2012-15666/policycoreutils-2.1.13-8.fc18 7 https://admin.fedoraproject.org/updates/FEDORA-2012-15622/totem-3.6.0-2.fc18,gstreamer1-plugins-bad-free-1.0.1-1.fc18,gstreamer1-plugins-good-1.0.1-1.fc18,gstreamer1-plugins-base-1.0.1-1.fc18,gstreamer1-1.0.1-1.fc18 8 https://admin.fedoraproject.org/updates/FEDORA-2012-15534/webkitgtk3-1.10.0-2.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2012-15547/ibus-1.4.99.20121006-2.fc18 8 https://admin.fedoraproject.org/updates/FEDORA-2012-15543/kdelibs-4.9.2-5.fc18 9 https://admin.fedoraproject.org/updates/FEDORA-2012-15517/nss-util-3.13.6-1.fc18,nss-softokn-3.13.6-1.fc18,nss-3.13.6-1.fc18 9 https://admin.fedoraproject.org/updates/FEDORA-2012-15528/gdb-7.5.0.20120926-25.fc18 10 https://admin.fedoraproject.org/updates/FEDORA-2012-15368/cdrkit-1.1.11-14.fc18 12 https://admin.fedoraproject.org/updates/FEDORA-2012-15291/libarchive-3.0.4-3.fc18 12 https://admin.fedoraproject.org/updates/FEDORA-2012-15306/device-mapper-multipath-0.4.9-32.fc18 12 https://admin.fedoraproject.org/updates/FEDORA-2012-15303/udisks2-2.0.0-1.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2012-15008/kde-settings-4.9-14.fc18 The following builds have been pushed to Fedora 18 updates-testing NetworkManager-0.9.7.0-6.git20121004.fc18 arpwatch-2.1a15-25.fc18 bullet-2.81-1.fc18 cagibi-0.2.0-4.fc18 cobertura-1.9.4.1-1.fc18 fawkes-0.5.0-3.fc18 ganyremote-6.1-1.fc18 harfbuzz-0.9.5-1.fc18 icecast-2.3.3-1.fc18 ilmbase-1.0.3-4.fc18 kanyremote-6.1-1.fc18 libzip-0.10.1-5.fc18 mate-themes-1.4.0-4.fc18 mediatomb-0.12.1-19.fc18 mirall-1.1.0-1.fc18 mozilla-https-everywhere-3.0.1-1.fc18 ninja-ide-2.1.1-3.fc18 octave-general-1.3.2-2.fc18 owncloud-csync-0.60.0-1.fc18 perl-XML-Rules-1.13-1.fc18 policycoreutils-2.1.13-8.fc18 pyOpenSSL-0.13-4.fc18 python-django-federated-login-0.3.1-1.fc18 python-django-horizon-2012.2-2.fc18 rpcbind-0.2.0-18.fc18 rusers-0.17-72.fc18 snakeyaml-1.9-3.fc18 sssd-1.9.2-1.fc18 valgrind-3.8.1-3.fc18 vdrift-20111022-8.fc18 xorg-x11-drv-ati-7.0.0-0.7.20121015gitbd9e2c064.fc18 xorg-x11-drv-intel-2.20.10-1.fc18 xterm-284-1.fc18 zeromq3-3.2.0-0.3.20121009git1ef63bc.fc18 Details about builds: ================================================================================ NetworkManager-0.9.7.0-6.git20121004.fc18 (FEDORA-2012-16127) Network connection manager and user applications -------------------------------------------------------------------------------- Update Information: Fixes a crash when running dispatcher scripts. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 15 2012 Dan Winship <danw@xxxxxxxxxx> - 0.9.7.0-6.git20121004 - Actually apply the patch from the previous commit... * Mon Oct 15 2012 Dan Winship <danw@xxxxxxxxxx> - 0.9.7.0-5.git20121004 - Apply patch from master to fix a crash (rh #865009) -------------------------------------------------------------------------------- References: [ 1 ] Bug #865009 - GString mem alloc crashes after dbus op https://bugzilla.redhat.com/show_bug.cgi?id=865009 -------------------------------------------------------------------------------- ================================================================================ arpwatch-2.1a15-25.fc18 (FEDORA-2012-16141) Network monitoring tools for tracking IP addresses on a network -------------------------------------------------------------------------------- Update Information: Fixes the -i validIF and -i invalidIF parameter startup. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 15 2012 Ales Ledvinka <aledvink@xxxxxxxxxx> - 14:2.1a15-25 - fix -i with invalid interface specified (#842660) * Mon Oct 15 2012 Ales Ledvinka <aledvink@xxxxxxxxxx> - 14:2.1a15-24 - fix devlookup to start with -i interface specified (#842660) -------------------------------------------------------------------------------- References: [ 1 ] Bug #842660 - Arpwatch may not start if no interface is specified https://bugzilla.redhat.com/show_bug.cgi?id=842660 -------------------------------------------------------------------------------- ================================================================================ bullet-2.81-1.fc18 (FEDORA-2012-16102) 3D Collision Detection and Rigid Body Dynamics Library -------------------------------------------------------------------------------- Update Information: Updated bullet to release 2.81 -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 13 2012 Rich Mattes <richmattes@xxxxxxxxx> - 2.81-1 - Update to version 2.81 -------------------------------------------------------------------------------- ================================================================================ cagibi-0.2.0-4.fc18 (FEDORA-2012-16132) SSDP (UPnP discovery) cache/proxy daemon -------------------------------------------------------------------------------- Update Information: Reduce copious debug logging. -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 13 2012 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 0.2.0-4 - cagibi spams /var/logs/messages via dbus-daemon (#865964) - pkgconfig-style deps -------------------------------------------------------------------------------- References: [ 1 ] Bug #865964 - cagibi spams /var/logs/messages via dbus-daemon https://bugzilla.redhat.com/show_bug.cgi?id=865964 -------------------------------------------------------------------------------- ================================================================================ cobertura-1.9.4.1-1.fc18 (FEDORA-2012-16123) Java tool that calculates the percentage of code accessed by tests -------------------------------------------------------------------------------- Update Information: Updates to address licencing concerns and packaging bugs. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 14 2012 Mat Booth <fedora@xxxxxxxxxxxxxx> - 1.9.4.1-1 - Update for latest guidelines. - Update to latest upstream version, bug 848871. - Fix directory ownership, bug 850004. -------------------------------------------------------------------------------- References: [ 1 ] Bug #850004 - cobertura - Should not own /usr/share/maven-fragments directory https://bugzilla.redhat.com/show_bug.cgi?id=850004 [ 2 ] Bug #848871 - cobertura - GPL code linked with ASL 1.1 code https://bugzilla.redhat.com/show_bug.cgi?id=848871 -------------------------------------------------------------------------------- ================================================================================ fawkes-0.5.0-3.fc18 (FEDORA-2012-16102) Robot Software Framework -------------------------------------------------------------------------------- Update Information: Updated bullet to release 2.81 -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 14 2012 Rich Mattes <richmattes@xxxxxxxxx> - 0.5.0-3 - Rebuild for new bullet -------------------------------------------------------------------------------- ================================================================================ ganyremote-6.1-1.fc18 (FEDORA-2012-16131) GTK frontend for anyRemote -------------------------------------------------------------------------------- Update Information: v6.1 -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 10 2012 Mikhail Fedotov <anyremote at mail.ru> - 6.1 - Drop lightthpd dependency. Translation updates -------------------------------------------------------------------------------- ================================================================================ harfbuzz-0.9.5-1.fc18 (FEDORA-2012-16145) Text shaping library -------------------------------------------------------------------------------- Update Information: new upstream update -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 15 2012 Parag Nemade <paragn AT fedoraproject DOT org> - 0.9.5-1 - Update to 0.9.5 upstream release -------------------------------------------------------------------------------- ================================================================================ icecast-2.3.3-1.fc18 (FEDORA-2012-16130) ShoutCast compatible streaming media server -------------------------------------------------------------------------------- Update Information: New upstream release, fixing CVE bug. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 14 2012 Andreas Thienemann <andreas@xxxxxxxxx> - 2.3.3-1 - Upgrade to new upstream release 2.3.3, fixing #831180, #797184, #768176 and #768175. - Add systemd reload macro, fixing #814212. - F18 styled systemd macros, fixing #850153. -------------------------------------------------------------------------------- References: [ 1 ] Bug #831180 - Icecast 2.3.3 available https://bugzilla.redhat.com/show_bug.cgi?id=831180 [ 2 ] Bug #797184 - Apply useful upstream patches https://bugzilla.redhat.com/show_bug.cgi?id=797184 [ 3 ] Bug #768176 - CVE-2011-4612 icecast2: Newline injection in error.log [epel-5] https://bugzilla.redhat.com/show_bug.cgi?id=768176 [ 4 ] Bug #768175 - CVE-2011-4612 icecast2: Newline injection in error.log [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=768175 [ 5 ] Bug #814212 - icecast cannot reload configuration https://bugzilla.redhat.com/show_bug.cgi?id=814212 [ 6 ] Bug #850153 - Introduce new systemd-rpm macros in icecast spec file https://bugzilla.redhat.com/show_bug.cgi?id=850153 -------------------------------------------------------------------------------- ================================================================================ ilmbase-1.0.3-4.fc18 (FEDORA-2012-16136) Abstraction/convenience libraries -------------------------------------------------------------------------------- Update Information: Fix for autogenerated rpm pkgconfig dependencies (ala missing dependency on libGLU-devel) fix build on non-x86 arches -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 15 2012 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.0.3-4 - ilmbase-devel missing dependency on libGLU-devel (#866302) -------------------------------------------------------------------------------- References: [ 1 ] Bug #866302 - ilmbase-devel missing dependency on libGLU-devel https://bugzilla.redhat.com/show_bug.cgi?id=866302 -------------------------------------------------------------------------------- ================================================================================ kanyremote-6.1-1.fc18 (FEDORA-2012-16138) KDE frontend for anyRemote -------------------------------------------------------------------------------- Update Information: v6.1 -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 10 2012 Mikhail Fedotov <anyremote at mail.ru> - 6.1 - Drop lightthpd dependency. Translation updates -------------------------------------------------------------------------------- ================================================================================ libzip-0.10.1-5.fc18 (FEDORA-2012-16120) C library for reading, creating, and modifying zip archives -------------------------------------------------------------------------------- Update Information: fix typo in header path, for non multiarch package to fix ARM build. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 15 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 0.10.1-5 - fix typo in multiarch (#866171) -------------------------------------------------------------------------------- References: [ 1 ] Bug #866171 - php FTBFS on ARM https://bugzilla.redhat.com/show_bug.cgi?id=866171 -------------------------------------------------------------------------------- ================================================================================ mate-themes-1.4.0-4.fc18 (FEDORA-2012-16135) MATE Desktop themes -------------------------------------------------------------------------------- Update Information: add missing themes -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 14 2012 Dan Mashal <dan.mashal@xxxxxxxxxxxxxxxxx> 1.4.0-4 - Update BR and add test themes -------------------------------------------------------------------------------- ================================================================================ mediatomb-0.12.1-19.fc18 (FEDORA-2012-16142) MediaTomb - UPnP AV Mediaserver for Linux -------------------------------------------------------------------------------- Update Information: Multiple fixes. -------------------------------------------------------------------------------- ChangeLog: * Sun Sep 16 2012 David Jaša <jasa.david@xxxxxxxxx> - 0.12.1-19 - added patch to enable subtitles support - Committed by Jon Ciesla <limburgher@xxxxxxxxx> * Mon Sep 3 2012 David Jaša <djasa@xxxxxxxxxx> - 0.12.1-18 - cleaned up conditionals handling Fedora <= 13 - added missing comma before flac-devel in BuildRequires - made .spec compatible with RHEL6 + EPEL - Committed by Jon Ciesla <limburgher@xxxxxxxxx> -------------------------------------------------------------------------------- References: [ 1 ] Bug #857751 - add conditionals to be able to build with systemd or sysvinit support whereever applicable https://bugzilla.redhat.com/show_bug.cgi?id=857751 -------------------------------------------------------------------------------- ================================================================================ mirall-1.1.0-1.fc18 (FEDORA-2012-16122) The ownCloud Client -------------------------------------------------------------------------------- Update Information: Update to owncloud-client, mirall, owncloud-csync Please be advice this package now only works with Owncloud Server 4.5 or up. OwnClous 4.0.x and below are not supported in the new desktop client. This update fixes, corrupted syncs, does faster sync and fixes Seg faults errors. This owncloud-csync won't build the smb plugin for standalone syncing over the cli of ocsync with samba. The problem is like caused because of the upgrade from samba 3(f17) to samba 4 (in f18 and rawhide) Is a bug similar to bug #862169 in kde-libs -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 14 2012 <jmarrero@xxxxxxxxxxxxxxxxx> 1.1.0-1 - Version Upgrade to 1.1.0 - Removed the need to look for occsync now mirall looks for ocsync the new name of owncloud-csync -------------------------------------------------------------------------------- References: [ 1 ] Bug #852146 - [abrt] owncloud-client-1.0.5-4.fc17: XFreeColormap: Process /usr/bin/owncloud was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=852146 [ 2 ] Bug #859919 - [abrt] owncloud-client-1.0.5-5.fc17: __gconv: Process /usr/bin/owncloud was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=859919 [ 3 ] Bug #862832 - [abrt] owncloud-client-1.0.5-5.fc17: QThreadStorageData::get: Process /usr/bin/owncloud was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=862832 [ 4 ] Bug #865686 - [abrt] owncloud-client-1.0.5-5.fc17: QWidget::~QWidget: Process /usr/bin/owncloud was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=865686 -------------------------------------------------------------------------------- ================================================================================ mozilla-https-everywhere-3.0.1-1.fc18 (FEDORA-2012-16124) HTTPS/HSTS enforcement extension for Mozilla Firefox and SeaMonkey -------------------------------------------------------------------------------- Update Information: * Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory, IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo, Shannon Health, O'Reilly Media https://trac.torproject.org/projects/tor/ticket/7080 https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.html * Disable broken: Springer https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.html * Updated translations: Basque, Hungarian, Traditional Chinese - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 15 2012 Russell Golden <niveusluna@xxxxxxxxxxxxxx> - 3.0.0-1 - Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory, IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo, Shannon Health, O'Reilly Media https://trac.torproject.org/projects/tor/ticket/7080 https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.html - Disable broken: Springer https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.html - Updated translations: Basque, Hungarian, Traditional Chinese * Fri Oct 12 2012 Russell Golden <niveusluna@xxxxxxxxxxxxxx> - 3.0.0-2 - Replace "firefox" in EPEL builds with "firefox >= 3.5" for EL users who think updates are for sissies and/or voiding support contracts with proprietary vendors. They can't use this if their Firefox install is older than 3.5 anyway, so what's the harm? * Tue Oct 9 2012 Russell Golden <niveusluna@xxxxxxxxxxxxxx> - 3.0.0-1 - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage -------------------------------------------------------------------------------- ================================================================================ ninja-ide-2.1.1-3.fc18 (FEDORA-2012-16126) Ninja IDE for Python development -------------------------------------------------------------------------------- Update Information: Ninja IDE for Python development -------------------------------------------------------------------------------- References: [ 1 ] Bug #863983 - Review Request: ninja-ide - Ninja IDE for Python development https://bugzilla.redhat.com/show_bug.cgi?id=863983 -------------------------------------------------------------------------------- ================================================================================ octave-general-1.3.2-2.fc18 (FEDORA-2012-16143) General tools for Octave, string dictionary, parallel computing -------------------------------------------------------------------------------- Update Information: Introduce octave-general -------------------------------------------------------------------------------- References: [ 1 ] Bug #860424 - Review Request: octave-general - General tools for Octave, string dictionary, parallel computing https://bugzilla.redhat.com/show_bug.cgi?id=860424 -------------------------------------------------------------------------------- ================================================================================ owncloud-csync-0.60.0-1.fc18 (FEDORA-2012-16122) A user level bidirectional client only file synchronizer -------------------------------------------------------------------------------- Update Information: Update to owncloud-client, mirall, owncloud-csync Please be advice this package now only works with Owncloud Server 4.5 or up. OwnClous 4.0.x and below are not supported in the new desktop client. This update fixes, corrupted syncs, does faster sync and fixes Seg faults errors. This owncloud-csync won't build the smb plugin for standalone syncing over the cli of ocsync with samba. The problem is like caused because of the upgrade from samba 3(f17) to samba 4 (in f18 and rawhide) Is a bug similar to bug #862169 in kde-libs -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 14 2012 <jmarrero@xxxxxxxxxxxxxxxxx> 0.60.0-1 - Version bump to 0.60.0 - removed renaming patches as uptream has renamed to ocsync - fixed all refences from occsync and csync to ocsync -------------------------------------------------------------------------------- References: [ 1 ] Bug #852146 - [abrt] owncloud-client-1.0.5-4.fc17: XFreeColormap: Process /usr/bin/owncloud was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=852146 [ 2 ] Bug #859919 - [abrt] owncloud-client-1.0.5-5.fc17: __gconv: Process /usr/bin/owncloud was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=859919 [ 3 ] Bug #862832 - [abrt] owncloud-client-1.0.5-5.fc17: QThreadStorageData::get: Process /usr/bin/owncloud was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=862832 [ 4 ] Bug #865686 - [abrt] owncloud-client-1.0.5-5.fc17: QWidget::~QWidget: Process /usr/bin/owncloud was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=865686 -------------------------------------------------------------------------------- ================================================================================ perl-XML-Rules-1.13-1.fc18 (FEDORA-2012-16125) Parse XML and specify what and how to keep/process for individual tags -------------------------------------------------------------------------------- Update Information: Update to upstream version 1.13 -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 15 2012 Bill Pemberton <wfp5p@xxxxxxxxxxxx> - 1.13-1 - update to version 1.13 -------------------------------------------------------------------------------- References: [ 1 ] Bug #866031 - perl-XML-Rules-1.13 is available https://bugzilla.redhat.com/show_bug.cgi?id=866031 -------------------------------------------------------------------------------- ================================================================================ policycoreutils-2.1.13-8.fc18 (FEDORA-2012-15666) SELinux policy core utilities -------------------------------------------------------------------------------- Update Information: Add new sepolicy command suite. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 8 2012 Dan Walsh <dwalsh@xxxxxxxxxx> - 2.1.12-8 - Fix typo in preunstall line for restorecond - Add mgrepl patch to consolidate file context generated by sepolicy generate * Mon Oct 8 2012 Dan Walsh <dwalsh@xxxxxxxxxx> - 2.1.12-7 - Fix manpage generation, missing import - Add equiv_dict to get samba booleans into smbd_selinux - Add proper translations for booleans and remove selinux.tbl * Sat Oct 6 2012 Dan Walsh <dwalsh@xxxxxxxxxx> - 2.1.12-6 - Fix system-config-selinux to use sepolicy.generate instead of sepolgen * Thu Oct 4 2012 Dan Walsh <dwalsh@xxxxxxxxxx> - 2.1.12-5 - Add sepolicy commands, and change tools to use them. * Tue Sep 25 2012 Dan Walsh <dwalsh@xxxxxxxxxx> - 2.1.12-4 - Rebuild without bogus prebuild 64 bit seunshare app * Sun Sep 16 2012 Dan Walsh <dwalsh@xxxxxxxxxx> - 2.1.12-3 - Allow fixfiles to specify -v, so they can get verbosity rather then progress. - Fix load_file Makefile to use SBINDIR rather then real OS. - Fix man pages in setfiles and restorecon to reflect what happens when you relabel the entire OS. * Sun Sep 16 2012 Dan Walsh <dwalsh@xxxxxxxxxx> - 2.1.12-2 - Use systemd post install scriptlets * Thu Sep 13 2012 Dan Walsh <dwalsh@xxxxxxxxxx> - 2.1.12-1 - Update to upstream * genhomedircon: manual page improvements * setfiles/restorecon minor improvements * run_init: If open_init_pty is not available then just use exec * newrole: do not drop capabilities when newrole is run as * restorecon: only update type by default * scripts: Don't syslog setfiles changes on a fixfiles restore * setfiles: do not syslog if no changes * Disable user restorecond by default * Make restorecon return 0 when a file has changed context * setfiles: Fix process_glob error handling * semanage: allow enable/disable under -m * add .tx to gitignore * translations: commit translations from Fedora community * po: silence build process * gui: Checking in policy to support polgengui and sepolgen. * gui: polgen: search for systemd subpackage when generating policy * gui: for exploring booleans * gui: system-config-selinux gui * Add Makefiles to support new gui code * gui: remove lockdown wizard * return equivalency records in fcontext customized * semanage: option to not load new policy into kernel after * sandbox: manpage update to describe standard types * setsebool: -N should not reload policy on changes * semodule: Add -N qualifier to no reload kernel policy * gui: polgen: sort selinux types of user controls * gui: polgen: follow symlinks and get the real path to * gui: Fix missing error function * setfiles: return errors when bad paths are given * fixfiles: tell restorecon to ignore missing paths * setsebool: error when setting multiple options * semanage: use boolean subs. * sandbox: Make sure Xephyr never listens on tcp ports * sepolgen: return and output constraint violation information * semanage: skip comments while reading external configuration files * restorecond: relabel all mount runtime files in the restorecond example * genhomedircon: dynamically create genhomedircon * Allow returning of bastard matches * sepolgen: return and output constraint violation information * audit2allow: one role/type pair per line * Wed Aug 8 2012 Dan Walsh <dwalsh@xxxxxxxxxx> - 2.1.11-6 - Change polgen to generate dbus apps as optional so they can compile on minimal policy system, patch from Miroslav Grepl -------------------------------------------------------------------------------- ================================================================================ pyOpenSSL-0.13-4.fc18 (FEDORA-2012-16134) Python wrapper module around the OpenSSL library -------------------------------------------------------------------------------- Update Information: Drop unintentional run-time dependency on TeXLive. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 12 2012 Petr Pisar <ppisar@xxxxxxxxxx> - 0.13-4 - Do not scan documentation for dependencies (bug #865806) * Mon Oct 8 2012 Dan Horák <dan[at]danny.cz> - 0.13-3 - rebuilt because ARM packages had wrong Requires autodetected -------------------------------------------------------------------------------- References: [ 1 ] Bug #865806 - pyOpenSSL-0.13-3.fc19.x86_64 pulls in latex2html and thus whole texlive https://bugzilla.redhat.com/show_bug.cgi?id=865806 -------------------------------------------------------------------------------- ================================================================================ python-django-federated-login-0.3.1-1.fc18 (FEDORA-2012-16137) Provides federated logins to django projects -------------------------------------------------------------------------------- Update Information: Provides federated logins to django projects -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 15 2012 Luis Bazan <lbazan@xxxxxxxxxxxxxxxxx> - 0.3.1-1 - New Upstream Version -------------------------------------------------------------------------------- ================================================================================ python-django-horizon-2012.2-2.fc18 (FEDORA-2012-16139) Django application for talking to Openstack -------------------------------------------------------------------------------- Update Information: Fix issues with /static files -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 15 2012 Matthias Runge <mrunge@xxxxxxxxxx> - 2012-2-2 - fix static img, static fonts issue -------------------------------------------------------------------------------- ================================================================================ rpcbind-0.2.0-18.fc18 (FEDORA-2012-16144) Universal Addresses to RPC Program Number Mapper -------------------------------------------------------------------------------- Update Information: - Fixed typo causing rpcbind to run as root (bz 734598) - Added /etc/sysconfig/rpcbind config file (bz 861025) -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 14 2012 Steve Dickson <steved@xxxxxxxxxx> - 0.2.0-18 - Fixed typo causing rpcbind to run as root (bz 734598) - Added /etc/sysconfig/rpcbind config file (bz 861025) -------------------------------------------------------------------------------- References: [ 1 ] Bug #734598 - rpcbind no longer runs as user rpc (runs as root) https://bugzilla.redhat.com/show_bug.cgi?id=734598 [ 2 ] Bug #861025 - service rpcbind do not allow to specify command line options https://bugzilla.redhat.com/show_bug.cgi?id=861025 -------------------------------------------------------------------------------- ================================================================================ rusers-0.17-72.fc18 (FEDORA-2012-15370) Displays the users logged into machines on the local network -------------------------------------------------------------------------------- Update Information: This is an update that fixes using of new systemd macros. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 5 2012 Honza Horak <hhorak@xxxxxxxxxx> - 0.17-72 - Remove sdnotify message, while it doesn't work with forking service * Thu Oct 4 2012 Honza Horak <hhorak@xxxxxxxxxx> - 0.17-71 - Run %triggerun regardless of systemd_post variable definition -------------------------------------------------------------------------------- References: [ 1 ] Bug #850302 - Introduce new systemd-rpm macros in rusers spec file https://bugzilla.redhat.com/show_bug.cgi?id=850302 -------------------------------------------------------------------------------- ================================================================================ snakeyaml-1.9-3.fc18 (FEDORA-2012-16140) YAML parser and emitter for the Java programming language -------------------------------------------------------------------------------- Update Information: This update removes unneeded dependencies (base64coder, gdata-java). -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 15 2012 Mikolaj Izdebski <mizdebsk@xxxxxxxxxx> - 1.9-3 - Remove unneeded dependencies: base64coder, gdata-java - Convert pom.xml patch to POM macro -------------------------------------------------------------------------------- ================================================================================ sssd-1.9.2-1.fc18 (FEDORA-2012-16129) System Security Services Daemon -------------------------------------------------------------------------------- Update Information: A new upstream release of the SSSD -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 14 2012 Jakub Hrozek <jhrozek@xxxxxxxxxx> - 1.9.2-1 - New upstream release 1.9.2 -------------------------------------------------------------------------------- ================================================================================ valgrind-3.8.1-3.fc18 (FEDORA-2012-16133) Tool for finding memory management bugs in programs -------------------------------------------------------------------------------- Update Information: Support /proc/self/auxv, testsuite cleanups, pkg-config fix, wcs string functions, gdbserver exit support, increase VG_N_SEG constants, s390x tsearch suppression workaround. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 15 2012 Mark Wielaard <mjw@xxxxxxxxxx> 3.8.1-3 - Add valgrind-3.8.1-x86_amd64_features-avx.patch (KDE#307285) - Add valgrind-3.8.1-gdbserver_tests-syscall-template-source.patch (KDE#307155) - Add valgrind-3.8.1-overlap_memcpy_filter.patch (KDE#307290) - Add valgrind-3.8.1-pkg-config.patch (#827219, KDE#307729) - Add valgrind-3.8.1-proc-auxv.patch (KDE#253519) - Add valgrind-3.8.1-wcs.patch (#755242, KDE#307828) - Add valgrind-3.8.1-filter_gdb.patch (KDE#308321) - Add valgrind-3.8.1-gdbserver_exit.patch (#862795, KDE#308341) - Add valgrind-3.8.1-aspacemgr_VG_N_SEGs.patch (#730303, KDE#164485) - Add valgrind-3.8.1-s390_tsearch_supp.patch (#816244, KDE#308427) -------------------------------------------------------------------------------- References: [ 1 ] Bug #827219 - pkg-config info wrong https://bugzilla.redhat.com/show_bug.cgi?id=827219 [ 2 ] Bug #755242 - wcscmp() triggers valgrind warnings https://bugzilla.redhat.com/show_bug.cgi?id=755242 [ 3 ] Bug #862795 - script debugging via valgrind gdb server behaves strange, throwing error where it shouldn't https://bugzilla.redhat.com/show_bug.cgi?id=862795 [ 4 ] Bug #730303 - Need to increase VG_N_SEGNAMES https://bugzilla.redhat.com/show_bug.cgi?id=730303 [ 5 ] Bug #816244 - tsearch conditional jump or move depends on uninitialized value https://bugzilla.redhat.com/show_bug.cgi?id=816244 -------------------------------------------------------------------------------- ================================================================================ vdrift-20111022-8.fc18 (FEDORA-2012-16102) Driving/drift racing simulation -------------------------------------------------------------------------------- Update Information: Updated bullet to release 2.81 -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 13 2012 Rich Mattes <richmattes@xxxxxxxxx> - 20111022-8 - Rebuild for new bullet - Add fix for build error with new bullet -------------------------------------------------------------------------------- ================================================================================ xorg-x11-drv-ati-7.0.0-0.7.20121015gitbd9e2c064.fc18 (FEDORA-2012-16119) Xorg X11 ati video driver -------------------------------------------------------------------------------- Update Information: fix misrendering when used with offload device -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 15 2012 Dave Airlie <airlied@xxxxxxxxxx> 7.0.0-0.7.20121015gitbd9e2c064 - fix issue with damage when using offload or sw cursor -------------------------------------------------------------------------------- ================================================================================ xorg-x11-drv-intel-2.20.10-1.fc18 (FEDORA-2012-16121) Xorg X11 Intel video driver -------------------------------------------------------------------------------- Update Information: Latest upstream release, fixes USB offload misrendering Intel 2.20.9. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 15 2012 Dave Airlie <airlied@xxxxxxxxxx> 2.20.10-1 - intel 2.20.10 * Fri Oct 5 2012 Adam Jackson <ajax@xxxxxxxxxx> 2.20.9-1 - intel 2.20.9 - Today's intel-gpu-tools snapshot -------------------------------------------------------------------------------- References: [ 1 ] Bug #861739 - xorg-x11-drv-intel-2.20.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=861739 -------------------------------------------------------------------------------- ================================================================================ xterm-284-1.fc18 (FEDORA-2012-16118) Terminal emulator for the X Window System -------------------------------------------------------------------------------- Update Information: Update to the latest upstream release and use the icon installed by the package instead of a possibly missing gnome icon. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 15 2012 Miroslav Lichvar <mlichvar@xxxxxxxxxx> 284-1 - update to 284 * Wed Oct 10 2012 Miroslav Lichvar <mlichvar@xxxxxxxxxx> 283-1 - update to 283 - install icon to hicolor theme and use it in desktop file (#804279) - use new configure options to set some resource defaults (#819588) - fix URL (#856957) - remove obsolete macros * Thu Oct 4 2012 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 278-4 - revert bad -3 build * Tue Sep 25 2012 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 278-3 - xterm.desktop: +Path=$HOME -------------------------------------------------------------------------------- References: [ 1 ] Bug #804279 - xterm - desktop file's icon missmatch the installed icons https://bugzilla.redhat.com/show_bug.cgi?id=804279 [ 2 ] Bug #819588 - xterm man page conflicts with fedora patches xterm app-defaults https://bugzilla.redhat.com/show_bug.cgi?id=819588 [ 3 ] Bug #856957 - URL in xterm.spec has moved permanently https://bugzilla.redhat.com/show_bug.cgi?id=856957 -------------------------------------------------------------------------------- ================================================================================ zeromq3-3.2.0-0.3.20121009git1ef63bc.fc18 (FEDORA-2012-16128) Software library for fast, message-based applications -------------------------------------------------------------------------------- Update Information: Initial import of zeromq version 3.X.X -------------------------------------------------------------------------------- References: [ 1 ] Bug #864937 - Review Request: zeromq3 - Software library for fast, message-based applications https://bugzilla.redhat.com/show_bug.cgi?id=864937 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
