The following Fedora 18 Security updates need testing: Age URL 6 https://admin.fedoraproject.org/updates/FEDORA-2013-0907/moodle-2.3.4-1.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-1176/ndjbdns-1.05.6-1.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-1169/drupal7-7.19-1.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-1203/jakarta-commons-httpclient-3.1-12.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-1222/axis-1.4-19.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-1243/rhncfg-5.10.36-1.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-1277/python-tw2-jquery-2.0.3-5.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-1371/tinymce-spellchecker-2.0.5-8.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-1375/couchdb-1.2.1-2.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-1407/libssh-0.5.4-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-1434/xen-4.2.1-5.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-1442/seamonkey-2.15.1-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-1445/freeipa-3.1.2-1.fc18 76 https://admin.fedoraproject.org/updates/FEDORA-2012-17834/cumin-0.1.5522-4.fc18 12 https://admin.fedoraproject.org/updates/FEDORA-2013-0659/perl-5.16.2-237.fc18 16 https://admin.fedoraproject.org/updates/FEDORA-2013-0416/fedora-business-cards-1-0.1.beta1.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-0437/proftpd-1.3.4b-5.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-1034/drupal6-6.28-1.fc18 8 https://admin.fedoraproject.org/updates/FEDORA-2013-0899/ettercap-0.7.5.1-1.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-1082/zabbix-2.0.4-3.fc18 6 https://admin.fedoraproject.org/updates/FEDORA-2013-0965/qemu-1.2.2-2.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-1001/corosync-2.3.0-1.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-1003/asterisk-11.2.0-1.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-1167/php-symfony2-Yaml-2.1.7-1.fc18 The following Fedora 18 Critical Path updates have yet to be approved: Age URL 0 https://admin.fedoraproject.org/updates/FEDORA-2013-1443/kernel-3.7.4-204.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-1446/js-1.8.5-12.fc18 The following builds have been pushed to Fedora 18 updates-testing RepetierHost-0.83-2.fc18 SDL-1.2.15-3.fc18 audacious-plugins-3.3.3-4.fc18 couchdb-1.2.1-2.fc18 dustmite-1-9.20121031git1fb3ac4.fc18 freeipa-3.1.2-1.fc18 gtk-solidity-engine-0.4.1-3.fc18 gtksourceview3-3.6.2-1.fc18 guacamole-0.7.1-1.fc18 guacamole-common-0.7.0-2.fc18 guacamole-ext-0.7.0-2.fc18 gxine-0.5.907-7.fc18 inadyn-mt-2.24.36-9.fc18 js-1.8.5-12.fc18 kernel-3.7.4-204.fc18 latte-integrale-1.5.3-6.fc18 leptonica-1.69-6.fc18 libguac-client-rdp-0.7.2-1.fc18 libguac-client-vnc-0.7.0-2.fc18 libreoffice-3.6.4.3-4.fc18 libssh-0.5.4-1.fc18 mate-file-archiver-1.5.1-4.fc18 mpdscribble-0.22-3.fc18 nginx-1.2.6-4.fc18 nordugrid-arc-2.0.1-2.fc18 packagedb-cli-1.3.0-1.fc18 perl-ZMQ-LibZMQ2-1.06-1.fc18 perl-ZMQ-LibZMQ3-1.09-1.fc18 php-PsrLog-1.0.0-2.fc18 php-Raven-0.4.0-2.fc18 picard-1.1-1.fc18 printrun-0.0-22.20130123git71e5da0.fc18 privoxy-3.0.19-4.fc18 python-fedora-0.3.31-1.fc18 python-feedparser-5.1.2-5.fc18 rubygem-mixlib-authentication-1.3.0-2.fc18 rubygem-mixlib-cli-1.3.0-1.fc18 rubygem-net-ssh-multi-1.1-2.fc18 scala-2.9.2-4.fc18 seamonkey-2.15.1-1.fc18 squidGuard-1.4-16.fc18 subversion-api-docs-1.7.8-1.fc18 sugar-hello-world-6-3.fc18 tex-fonts-hebrew-0.1-18.fc18 ugene-1.11.4-2.fc18 vimpal-1.2.0-1.fc18 vlgothic-fonts-20121230-2.fc18 weechat-0.4.0-2.fc18 xen-4.2.1-5.fc18 ypserv-2.29-6.fc18 Details about builds: ================================================================================ RepetierHost-0.83-2.fc18 (FEDORA-2013-1409) 3D printer control software -------------------------------------------------------------------------------- Update Information: New release providing Slic3r and Skeinforge integration, that works in Fedora 3D printer control software -------------------------------------------------------------------------------- References: [ 1 ] Bug #890946 - Review Request: RepetierHost - 3D printer control software https://bugzilla.redhat.com/show_bug.cgi?id=890946 -------------------------------------------------------------------------------- ================================================================================ SDL-1.2.15-3.fc18 (FEDORA-2013-1418) A cross-platform multimedia library -------------------------------------------------------------------------------- Update Information: Allow to change gamm on X11 output. -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 23 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 1.2.15-3 - Work around bug in Xorg to allow changing gamma on X11 (bug #891973) -------------------------------------------------------------------------------- References: [ 1 ] Bug #891973 - SDL with xorg-server-1.7 cannot set gamma https://bugzilla.redhat.com/show_bug.cgi?id=891973 -------------------------------------------------------------------------------- ================================================================================ audacious-plugins-3.3.3-4.fc18 (FEDORA-2013-1436) Plugins for the Audacious audio player -------------------------------------------------------------------------------- Update Information: With a special AOSD plug-in trigger configuration from Audacious 3.2.4 or older, Audacious 3.3.3 would crash and refuse to start. This update fixes that. Additionally, users of the AOSD plug-in should revisit the preferences and see whether reconfiguring the triggers is necessary. -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 22 2013 Michael Schwendt <mschwendt@xxxxxxxxxxxxxxxxx> - 3.3.3-4 - Make AOSD plug-in not crash when running into old config values from Audacious 3.2.4 or older. User should revisit plug-in preferences, too! -------------------------------------------------------------------------------- References: [ 1 ] Bug #902796 - audacious crash when AOSD plugin is loaded https://bugzilla.redhat.com/show_bug.cgi?id=902796 -------------------------------------------------------------------------------- ================================================================================ couchdb-1.2.1-2.fc18 (FEDORA-2013-1375) A document database server, accessible via a RESTful JSON API -------------------------------------------------------------------------------- Update Information: - Ver. 1.2.1 (security bugfix release) - Unbundle snappy (see rhbz #871149) - Add _isa to the Requires -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 22 2013 Peter Lemenkov <lemenkov@xxxxxxxxx> - 1.2.1-2 - Revert systemd-macros * Mon Jan 21 2013 Peter Lemenkov <lemenkov@xxxxxxxxx> - 1.2.1-1 - Ver. 1.2.1 (security bugfix release) - Introduce handy systemd-related macros (see rhbz #850069) * Tue Oct 30 2012 Peter Lemenkov <lemenkov@xxxxxxxxx> - 1.2.0-3 - Unbundle snappy (see rhbz #871149) - Add _isa to the Requires -------------------------------------------------------------------------------- References: [ 1 ] Bug #895597 - CVE-2012-5649 CVE-2012-5650 couchdb various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=895597 [ 2 ] Bug #871149 - bundle of erlang-snappy https://bugzilla.redhat.com/show_bug.cgi?id=871149 -------------------------------------------------------------------------------- ================================================================================ dustmite-1-9.20121031git1fb3ac4.fc18 (FEDORA-2013-1406) Minimizes D source code for debugging -------------------------------------------------------------------------------- Update Information: Fix build -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 26 2012 Jonathan MERCIER <bioinfornatics at gmail.com> - 1-9.20121031git1fb3ac4 - rebuild -------------------------------------------------------------------------------- ================================================================================ freeipa-3.1.2-1.fc18 (FEDORA-2013-1445) The Identity, Policy and Audit system -------------------------------------------------------------------------------- Update Information: Update to upstream 3.1.2 -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 23 2013 Rob Crittenden <rcritten@xxxxxxxxxx> - 3.1.2-1 - Update to upstream 3.1.2 - CVE-2012-4546: Incorrect CRLs publishing - CVE-2012-5484: MITM Attack during Join process - CVE-2013-0199: Cross-Realm Trust key leak -------------------------------------------------------------------------------- References: [ 1 ] Bug #901864 - CVE-2013-0199 ipa: cross-realm kerberos with AD information leak https://bugzilla.redhat.com/show_bug.cgi?id=901864 [ 2 ] Bug #876307 - CVE-2012-5484 ipa: weakness when initiating join from IPA client can potentially compromise IPA domain https://bugzilla.redhat.com/show_bug.cgi?id=876307 [ 3 ] Bug #870234 - CVE-2012-4546 ipa: servers do not publish correct CRLs https://bugzilla.redhat.com/show_bug.cgi?id=870234 -------------------------------------------------------------------------------- ================================================================================ gtk-solidity-engine-0.4.1-3.fc18 (FEDORA-2013-1385) Solidity Gtk+ theming engine -------------------------------------------------------------------------------- Update Information: This update adds a license file (according to GPL) and changes the license to GPLv3+. -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 23 2013 Mario Blättermann <mariobl@xxxxxxxxxxxxxxxxx> - 0.4.1-3 - Added license file and change license to GPLv3+ -------------------------------------------------------------------------------- References: [ 1 ] Bug #888958 - Review Request: gtk-solidity-engine - Solidity Gtk+ theming engine https://bugzilla.redhat.com/show_bug.cgi?id=888958 -------------------------------------------------------------------------------- ================================================================================ gtksourceview3-3.6.2-1.fc18 (FEDORA-2013-1386) A library for viewing source files -------------------------------------------------------------------------------- Update Information: Fixes a small warning in the octave language -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 23 2013 Ignacio Casal Quinteiro <icq@xxxxxxxxx> - 3.6.2-1 - Update to 3.6.2 -------------------------------------------------------------------------------- ================================================================================ guacamole-0.7.1-1.fc18 (FEDORA-2013-1384) The main Guacamole web application -------------------------------------------------------------------------------- Update Information: Guacamole stack 0.7.2 update -------------------------------------------------------------------------------- References: [ 1 ] Bug #853922 - Review Request: guacamole - The main Guacamole web application https://bugzilla.redhat.com/show_bug.cgi?id=853922 -------------------------------------------------------------------------------- ================================================================================ guacamole-common-0.7.0-2.fc18 (FEDORA-2013-1384) The core Java library used by the Guacamole web application -------------------------------------------------------------------------------- Update Information: Guacamole stack 0.7.2 update -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 22 2013 Simone Caronni <negativo17@xxxxxxxxx> - 0.7.0-2 - Require maven-local. -------------------------------------------------------------------------------- References: [ 1 ] Bug #853922 - Review Request: guacamole - The main Guacamole web application https://bugzilla.redhat.com/show_bug.cgi?id=853922 -------------------------------------------------------------------------------- ================================================================================ guacamole-ext-0.7.0-2.fc18 (FEDORA-2013-1384) Common interfaces for extending the main Guacamole web application -------------------------------------------------------------------------------- Update Information: Guacamole stack 0.7.2 update -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 22 2013 Simone Caronni <negativo17@xxxxxxxxx> - 0.7.0-2 - Require 0.7.0 level components and maven-local. -------------------------------------------------------------------------------- References: [ 1 ] Bug #853922 - Review Request: guacamole - The main Guacamole web application https://bugzilla.redhat.com/show_bug.cgi?id=853922 -------------------------------------------------------------------------------- ================================================================================ gxine-0.5.907-7.fc18 (FEDORA-2013-1435) GTK frontend for the xine multimedia library -------------------------------------------------------------------------------- Update Information: Switch to mozjs-1.8.5 provided by js package instead of xulrunner which has too unstable API. Fixes a couple of JS related bugs. -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 23 2013 Martin Sourada <mso@xxxxxxxxxxxxxxxxx> - 0.5.907-7 - Switch build to mozjs185, hopefully it has more stable API - SPEC clean-up -------------------------------------------------------------------------------- References: [ 1 ] Bug #863634 - gxine segfaults in generic_JSGetProperty() on fedora 18 lxde spin. https://bugzilla.redhat.com/show_bug.cgi?id=863634 -------------------------------------------------------------------------------- ================================================================================ inadyn-mt-2.24.36-9.fc18 (FEDORA-2013-1403) Dynamic DNS Client -------------------------------------------------------------------------------- Update Information: Add 'Type=forking' in the syystemd unit file. -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 23 2013 Jochen Schmitt <Jochen herr-schmitt de> - 2.24.36-9 - Add Type=forking to the systemd unit file (#90344) -------------------------------------------------------------------------------- References: [ 1 ] Bug #90344 - No references for important accessibility information https://bugzilla.redhat.com/show_bug.cgi?id=90344 -------------------------------------------------------------------------------- ================================================================================ js-1.8.5-12.fc18 (FEDORA-2013-1446) JavaScript interpreter and libraries -------------------------------------------------------------------------------- Update Information: fix compilation on armv5tel where we have illegal instructions -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 18 2013 Dennis Gilmore <dennis@xxxxxxxx> - 1:1.8.5-12 - make sure -march=armv7-a is not hardcoded in arm builds * Sat Nov 17 2012 Pavel Alexeev <Pahan@xxxxxxxxxxxxx> - 1:1.8.5-11 - Thanks to Ville Skyttä (bz#875343) build against libedit instead of readline what simplify licensing apparently without any loss of functionality -------------------------------------------------------------------------------- References: [ 1 ] Bug #892382 - [PATCH] js miscompiled on armv5 https://bugzilla.redhat.com/show_bug.cgi?id=892382 -------------------------------------------------------------------------------- ================================================================================ kernel-3.7.4-204.fc18 (FEDORA-2013-1443) The Linux kernel -------------------------------------------------------------------------------- Update Information: Update to Linux v3.7.4 stable release with a large number of fixes across the tree. This update also contains a fix for some of the i915 graphics hangs users have experienced. -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 23 2013 Justin M. Forbes <jforbes@xxxxxxxxxx> - 3.7.4-204 - brcmsmac fixes from upstream (rhbz 892428) * Wed Jan 23 2013 Dave Jones <davej@xxxxxxxxxx> - Remove warnings about empty IPI masks. * Tue Jan 22 2013 Justin M. Forbes <jforbes@xxxxxxxxxx> - 3.7.4-203 - Add i915 bugfix from airlied * Tue Jan 22 2013 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - Apply ARM errata fix - disable HVC_DCC and VIRTIO_CONSOLE on ARM * Tue Jan 22 2013 Josh Boyer <jwboyer@xxxxxxxxxx> - Fix libata settings bug (rhbz 902523) * Mon Jan 21 2013 Josh Boyer <jwboyer@xxxxxxxxxx> - 3.7.4-201 - Linux v3.7.4 * Fri Jan 18 2013 Justin M. Forbes <jforbes@xxxxxxxxxx> 3.7.3-201 - Linux v3.7.3 * Thu Jan 17 2013 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - Merge 3.7 ARM kernel including unified kernel - Drop separate IMX and highbank kernels - Disable ARM PL310 errata that crash highbank -------------------------------------------------------------------------------- References: [ 1 ] Bug #892428 - [abrt]: WARNING: at drivers/net/wireless/brcm80211/brcmsmac/main.c:7993 brcms_c_wait_for_tx_completion+0x99/0xb0 [brcmsmac]() https://bugzilla.redhat.com/show_bug.cgi?id=892428 [ 2 ] Bug #902523 - sata_mv driver not working https://bugzilla.redhat.com/show_bug.cgi?id=902523 [ 3 ] Bug #896243 - CAP_COMPROMISE_KERNEL breaks logind https://bugzilla.redhat.com/show_bug.cgi?id=896243 -------------------------------------------------------------------------------- ================================================================================ latte-integrale-1.5.3-6.fc18 (FEDORA-2013-1430) Lattice point enumeration -------------------------------------------------------------------------------- Update Information: This update enables long options to the binaries, and fixes a problem with running the tests on ARM platforms. -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 22 2013 Jerry James <loganjerry@xxxxxxxxx> - 1.5.3-6 - Build with _GNU_SOURCE defined to get long options, too - Remove test timeouts so tests don't die spuriously on ARM (bz 893158) -------------------------------------------------------------------------------- References: [ 1 ] Bug #893158 - latte-integrale has tests failing on ARM https://bugzilla.redhat.com/show_bug.cgi?id=893158 -------------------------------------------------------------------------------- ================================================================================ leptonica-1.69-6.fc18 (FEDORA-2013-1447) C library for efficient image processing and image analysis operations -------------------------------------------------------------------------------- Update Information: Rebuild for libwebp update -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 24 2013 Ding-Yi Chen <dchen at redhat.com> - 1.69-6 - Rebuild for dependency libwebp-0.2.1-1 * Fri Jan 18 2013 Adam Tkac <atkac redhat com> - 1.69-5 - rebuild due to "jpeg8-ABI" feature drop * Fri Dec 28 2012 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1.69-4 - Rebuild, see http://lists.fedoraproject.org/pipermail/devel/2012-December/175685.html * Fri Dec 21 2012 Adam Tkac <atkac redhat com> - 1.69-3 - rebuild against new libjpeg -------------------------------------------------------------------------------- ================================================================================ libguac-client-rdp-0.7.2-1.fc18 (FEDORA-2013-1384) RDP support for guacd -------------------------------------------------------------------------------- Update Information: Guacamole stack 0.7.2 update -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 22 2013 Simone Caronni <negativo17@xxxxxxxxx> - 0.7.2-1 - Updated to 0.7.2, still requires libguac 0.7.0. -------------------------------------------------------------------------------- References: [ 1 ] Bug #853922 - Review Request: guacamole - The main Guacamole web application https://bugzilla.redhat.com/show_bug.cgi?id=853922 -------------------------------------------------------------------------------- ================================================================================ libguac-client-vnc-0.7.0-2.fc18 (FEDORA-2013-1384) VNC support for guacd -------------------------------------------------------------------------------- Update Information: Guacamole stack 0.7.2 update -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 22 2013 Simone Caronni <negativo17@xxxxxxxxx> - 0.7.0-2 - Require libguac 0.7.0. -------------------------------------------------------------------------------- References: [ 1 ] Bug #853922 - Review Request: guacamole - The main Guacamole web application https://bugzilla.redhat.com/show_bug.cgi?id=853922 -------------------------------------------------------------------------------- ================================================================================ libreoffice-3.6.4.3-4.fc18 (FEDORA-2013-1453) Free Software Productivity Suite -------------------------------------------------------------------------------- Update Information: This is an update. update to upstream release 3.6.4.3 -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 22 2013 David Tardon <dtardon@xxxxxxxxxx> - 1:3.6.4.3-4 - Resolves: rhbz#901346 do not install 512x512 icons - Resolves: rhbz#760765 Impress doesn't copy custom styles from one file to another * Fri Jan 18 2013 Michael Stahl <mstahl@xxxxxxxxxx> - 1:3.6.4.3-3 - Resolves: fdo#58730 ODF fo:margin 100% bug * Sat Jan 5 2013 Michael Stahl <mstahl@xxxxxxxxxx> - 1:3.6.4.3-2 - Resolves: rhbz#891082 catch libcdr exceptions - Resolves: rhbz#885156 lockup when opening file over SMB * Thu Nov 29 2012 David Tardon <dtardon@xxxxxxxxxx> - 1:3.6.4.3-1 - 3.6.4 rc3 * Wed Nov 28 2012 Caolán McNamara <caolanm@xxxxxxxxxx> - 1:3.6.4.1-2 - fix docx import on big endian * Sun Nov 18 2012 David Tardon <dtardon@xxxxxxxxxx> - 1:3.6.4.1-1 - 3.6.4 rc1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #901346 - installs a bunch of big, unused icons https://bugzilla.redhat.com/show_bug.cgi?id=901346 -------------------------------------------------------------------------------- ================================================================================ libssh-0.5.4-1.fc18 (FEDORA-2013-1407) A library implementing the SSH2 protocol (0xbadc0de version) -------------------------------------------------------------------------------- Update Information: Fixed NULL dereference leads to denial of service - CVE-2013-0176, several NULL pointer dereferences in SSHv1, a free crash bug in options parsing. -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 23 2013 Petr Lautrbach <plautrba@xxxxxxxxxx> 0.5.4-1 - update to security 0.5.4 release - CVE-2013-0176 (#894407) -------------------------------------------------------------------------------- References: [ 1 ] Bug #894407 - CVE-2013-0176 libssh: NULL dereference leads to denial of service https://bugzilla.redhat.com/show_bug.cgi?id=894407 -------------------------------------------------------------------------------- ================================================================================ mate-file-archiver-1.5.1-4.fc18 (FEDORA-2013-1395) MATE Desktop file archiver -------------------------------------------------------------------------------- Update Information: Fix engrampa integration with caja -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 23 2013 Dan Mashal <dan.mashal@xxxxxxxxxxxxxxxxx> - 1.5.1-4 - Bump release * Tue Jan 22 2013 Dan Mashal <dan.mashal@xxxxxxxxxxxxxxxxx> - 1.5.1-3 - Update BRs - Convert back to old BR style - Get rid of separate package for shared library - Add provides field - Rebuild against latest version of mate-desktop - Update icon scriptlets - Add obsoletes tag * Thu Nov 22 2012 Dan Mashal <dan.mashal@xxxxxxxxxxxxxxxxx> - 1.5.1-2 - Rebuild for f17 -------------------------------------------------------------------------------- References: [ 1 ] Bug #902701 - Caja lacks engrampa integration https://bugzilla.redhat.com/show_bug.cgi?id=902701 [ 2 ] Bug #902852 - [abrt] mate-file-archiver-1.5.1-1.fc18: g_settings_set_property: Process /usr/bin/engrampa was killed by signal 5 (SIGTRAP) https://bugzilla.redhat.com/show_bug.cgi?id=902852 -------------------------------------------------------------------------------- ================================================================================ mpdscribble-0.22-3.fc18 (FEDORA-2013-1450) A mpd client which submits information about tracks being played to Last.fm -------------------------------------------------------------------------------- Update Information: - Fixed tmpfiles entry (see rhbz #894364) -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 23 2013 Peter Lemenkov <lemenkov@xxxxxxxxx> - 0.22-3 - Fixed tmpfiles entry (see rhbz #894364) -------------------------------------------------------------------------------- References: [ 1 ] Bug #894364 - Necessary folder/files are not created for mpdscribble to run properly https://bugzilla.redhat.com/show_bug.cgi?id=894364 -------------------------------------------------------------------------------- ================================================================================ nginx-1.2.6-4.fc18 (FEDORA-2013-1392) A high performance web server and reverse proxy server -------------------------------------------------------------------------------- Update Information: Add comment in nginx.conf regarding /etc/nginx/conf.d directory -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 23 2013 Jamie Nguyen <jamielinux@xxxxxxxxxxxxxxxxx> - 1:1.2.6-4 - add comment in nginx.conf regarding "include /etc/nginf/conf.d/*.conf" (#903065) -------------------------------------------------------------------------------- References: [ 1 ] Bug #903065 - nginx config in Fedora 18 no longer supports conf.d directory https://bugzilla.redhat.com/show_bug.cgi?id=903065 -------------------------------------------------------------------------------- ================================================================================ nordugrid-arc-2.0.1-2.fc18 (FEDORA-2013-1106) Advanced Resource Connector Grid Middleware -------------------------------------------------------------------------------- Update Information: New upstream release. -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 23 2013 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 2.0.1-2 - Additional selinux contexts - Fix for python wrappers using swig 2.0.9 * Fri Nov 23 2012 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 2.0.1-1 - 2.0.1 Final Release - Drop patches accepted upstream: nordugrid-arc-unistd.patch, nordugrid-arc-pypara.patch, nordugrid-arc-xmlns.patch, nordugrid-arc-recursive.patch -------------------------------------------------------------------------------- ================================================================================ packagedb-cli-1.3.0-1.fc18 (FEDORA-2013-1381) A CLI for pkgdb -------------------------------------------------------------------------------- Update Information: Update to 1.3.0 which provides some bugs fix including one for the use of the 'all' keyword for the branch. -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 23 2013 Pierre-Yves Chibon <pingou@xxxxxxxxxxxx> - 1.3.0-1 - Update to 1.3.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #887950 - packagedb-cli: silently fails to change ACLs https://bugzilla.redhat.com/show_bug.cgi?id=887950 -------------------------------------------------------------------------------- ================================================================================ perl-ZMQ-LibZMQ2-1.06-1.fc18 (FEDORA-2013-1414) Perl wrapper for the libzmq 2.x library -------------------------------------------------------------------------------- Update Information: Update to 1.06 -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 24 2013 Jose Pedro Oliveira <jpo at di.uminho.pt> - 1.06-1 - Update to version 1.06 * Sat Jan 12 2013 Jose Pedro Oliveira <jpo at di.uminho.pt> - 1.05-1 - Update to version 1.05 -------------------------------------------------------------------------------- ================================================================================ perl-ZMQ-LibZMQ3-1.09-1.fc18 (FEDORA-2013-1399) Perl wrapper for the libzmq 3.x library -------------------------------------------------------------------------------- Update Information: Update to 1.09 First Fedora release -------------------------------------------------------------------------------- References: [ 1 ] Bug #868531 - Review Request: perl-ZMQ-LibZMQ3 - Perl wrapper for the libzmq 3.x library https://bugzilla.redhat.com/show_bug.cgi?id=868531 -------------------------------------------------------------------------------- ================================================================================ php-PsrLog-1.0.0-2.fc18 (FEDORA-2013-1440) Common interface for logging libraries -------------------------------------------------------------------------------- Update Information: This package holds all interfaces/classes/traits related to PSR-3 (https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-3-logger-interface.md). Note that this is not a logger of its own. It is merely an interface that describes a logger. See the specification for more details. -------------------------------------------------------------------------------- References: [ 1 ] Bug #894167 - Review Request: php-PsrLog - Common interface for logging libraries https://bugzilla.redhat.com/show_bug.cgi?id=894167 -------------------------------------------------------------------------------- ================================================================================ php-Raven-0.4.0-2.fc18 (FEDORA-2013-1433) A PHP client for Sentry -------------------------------------------------------------------------------- Update Information: A PHP client for Sentry (http://getsentry.com). -------------------------------------------------------------------------------- References: [ 1 ] Bug #901742 - Review Request: php-Raven - A PHP client for Sentry https://bugzilla.redhat.com/show_bug.cgi?id=901742 -------------------------------------------------------------------------------- ================================================================================ picard-1.1-1.fc18 (FEDORA-2013-1397) MusicBrainz-based audio tagger -------------------------------------------------------------------------------- Update Information: Update to latest upstream 1.1. Fixes AcoustID submission see: https://github.com/musicbrainz/picard/blob/master/NEWS.txt -------------------------------------------------------------------------------- ChangeLog: * Sat Nov 17 2012 Alex Lancaster <alexlan[AT]fedoraproject org> - 1.1-1 - Update to upstream 1.1 (#854142) -------------------------------------------------------------------------------- References: [ 1 ] Bug #854142 - picard-1.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=854142 [ 2 ] Bug #889666 - [abrt] picard-1.0-1.fc16: webservice.py:76:__getattr__:AttributeError: medium_list https://bugzilla.redhat.com/show_bug.cgi?id=889666 [ 3 ] Bug #882436 - [abrt] picard-1.0-1.fc17: webservice.py:76:__getattr__:AttributeError: artist_credit https://bugzilla.redhat.com/show_bug.cgi?id=882436 -------------------------------------------------------------------------------- ================================================================================ printrun-0.0-22.20130123git71e5da0.fc18 (FEDORA-2013-1424) RepRap printer interface and tools -------------------------------------------------------------------------------- Update Information: RepRap printer interface and tools -------------------------------------------------------------------------------- References: [ 1 ] Bug #863796 - Review Request: printrun - RepRap printer interface and tools https://bugzilla.redhat.com/show_bug.cgi?id=863796 -------------------------------------------------------------------------------- ================================================================================ privoxy-3.0.19-4.fc18 (FEDORA-2013-1429) Privacy enhancing proxy -------------------------------------------------------------------------------- Update Information: Add user.filter. -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 23 2013 Jon Ciesla <limburgher@xxxxxxxxx> - 3.0.19-4 - Add user.filter, BZ 896753. * Tue Oct 2 2012 Jon Ciesla <limburgher@xxxxxxxxx> - 3.0.19-3 - Add hardened build. -------------------------------------------------------------------------------- References: [ 1 ] Bug #896753 - Privoxy won't start, missing file https://bugzilla.redhat.com/show_bug.cgi?id=896753 -------------------------------------------------------------------------------- ================================================================================ python-fedora-0.3.31-1.fc18 (FEDORA-2013-1378) Python modules for talking to Fedora Infrastructure Services -------------------------------------------------------------------------------- Update Information: * Fixes a problem with soprovidercsrf if the database doesn't set an encoding * Fixes an issue with the login templates if the template is being translated. * Added a lookup_email parameter to fedora.client.AccountSystem.gravatar_url() to allow generating gravaar urls without looking up email addresses in fas. * Fixed a bug in fedora.tg.utils.tg_absolute_url() where it was still appending the csrf_token. * Add an auth adapter for flask web apps to authenticate to FAS * New minimum version of python: requires python-2.5 or higher * Fix localization of login templates (laxathom) -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 22 2013 Toshio Kuratomi <toshio@xxxxxxxxxxxxxxxxx> - 0.3.31-1 - Minor bugfix release * Thu Jan 10 2013 Toshio Kuratomi <toshio@xxxxxxxxxxxxxxxxx> - 0.3.30-1 - Make TG's loginForm and CSRF's text translated from tg-apps (laxathom). - Fix a bug in fedora.tg.utils.tg_absolute_url - Add a lookup email parameter to gravatar lookups - Add an auth provider for flask -------------------------------------------------------------------------------- ================================================================================ python-feedparser-5.1.2-5.fc18 (FEDORA-2013-1383) Parse RSS and Atom feeds in Python -------------------------------------------------------------------------------- Update Information: remove rhel logic from with_python3 conditional (RHBZ #902896) -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 22 2013 Haïkel Guémar <hguemar@xxxxxxxxxxxxxxxxx> - 5.1.2-5 - remove rhel logic from with_python3 conditional (RHBZ #902896) -------------------------------------------------------------------------------- References: [ 1 ] Bug #902896 - remove rhel logic from with_python3 conditional https://bugzilla.redhat.com/show_bug.cgi?id=902896 -------------------------------------------------------------------------------- ================================================================================ rubygem-mixlib-authentication-1.3.0-2.fc18 (FEDORA-2013-1401) Simple per-request authentication -------------------------------------------------------------------------------- Update Information: New package: rubygem-mixlib-authentication: Ruby class-based header signing authentication object -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 23 2012 Julian C. Dunn <jdunn@xxxxxxxxxxxx> - 1.3.0-1 - Upgrade to 1.3.0 - Drop rubygem-mixlib-authentication-1.1.4-spec.patch * Sun Apr 29 2012 Jonas Courteau <rpms@xxxxxxxxxxxx> - 1.1.4-1 - Repackaged for fc17 - New upstream version - Patch to fix broken spec (fixed in upstream commit fe5cd0116) -------------------------------------------------------------------------------- References: [ 1 ] Bug #823331 - Review Request: rubygem-mixlib-authentication - Ruby class-based header signing authentication object https://bugzilla.redhat.com/show_bug.cgi?id=823331 -------------------------------------------------------------------------------- ================================================================================ rubygem-mixlib-cli-1.3.0-1.fc18 (FEDORA-2013-1423) Simple Ruby mix-in for CLI interfaces -------------------------------------------------------------------------------- Update Information: Upgrade mixlib-cli to 1.3.0 -------------------------------------------------------------------------------- ChangeLog: * Sun Jan 20 2013 Julian C. Dunn <jdunn@xxxxxxxxxxxx> - 1.3.0-1 - Update to 1.3.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #903284 - upgrade rubygem-mixlib-cli to 1.3.0 https://bugzilla.redhat.com/show_bug.cgi?id=903284 -------------------------------------------------------------------------------- ================================================================================ rubygem-net-ssh-multi-1.1-2.fc18 (FEDORA-2013-1431) Control multiple Net::SSH connections via a single interface -------------------------------------------------------------------------------- Update Information: New package: rubygem-net-ssh-multi: control multiple Net::SSH connections via a single interface -------------------------------------------------------------------------------- References: [ 1 ] Bug #823343 - Review Request: rubygem-net-ssh-multi - control multiple net::ssh connections via a single interface https://bugzilla.redhat.com/show_bug.cgi?id=823343 -------------------------------------------------------------------------------- ================================================================================ scala-2.9.2-4.fc18 (FEDORA-2013-1413) A hybrid functional/object-oriented language for the JVM -------------------------------------------------------------------------------- Update Information: Fix issues with /tmp directory in multiuser environments. -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 23 2013 Jochen Schmitt <Jochen herr-schmitt de> - 2.9.2-4 - Fix multiuser issues with fsc on /tmp/scala-devel directory (#903160) -------------------------------------------------------------------------------- References: [ 1 ] Bug #903160 - Setattr error logs are seen while self-healing https://bugzilla.redhat.com/show_bug.cgi?id=903160 -------------------------------------------------------------------------------- ================================================================================ seamonkey-2.15.1-1.fc18 (FEDORA-2013-1442) Web browser, e-mail, news, IRC client, HTML editor -------------------------------------------------------------------------------- Update Information: Update to 2.15.1 Update to 2.15 Fixes CVE-2013-0743, CVE-2013-{0744-0760}, CVE-2013-0762, CVE-2013-0764, CVE-2013-{0766-0770} -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 22 2013 Dmitry Butskoy <Dmitry@xxxxxxxxxxxx> 2.15.1-1 - update to 2.15.1 * Fri Jan 11 2013 Dmitry Butskoy <Dmitry@xxxxxxxxxxxx> 2.15-1 - update to 2.15 - don't try to change global user settings for default browser/mail etc. - add fix for #304121 (derived from Xulrunner) -------------------------------------------------------------------------------- References: [ 1 ] Bug #902244 - seamonkey-2.15.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=902244 [ 2 ] Bug #893717 - seamonkey-2.15 is available https://bugzilla.redhat.com/show_bug.cgi?id=893717 -------------------------------------------------------------------------------- ================================================================================ squidGuard-1.4-16.fc18 (FEDORA-2013-1394) Filter, redirector and access controller plugin for squid -------------------------------------------------------------------------------- Update Information: Fix for db5. -------------------------------------------------------------------------------- ChangeLog: * Mon Jan 21 2013 Bojan Smojver <bojan@xxxxxxxxxxxxx> - 1.4-16 - Fix for Berkeley DB 5 -------------------------------------------------------------------------------- References: [ 1 ] Bug #894294 - squidGuard: database update: BDB1565 DB->put: method not permitted before handle's open method https://bugzilla.redhat.com/show_bug.cgi?id=894294 -------------------------------------------------------------------------------- ================================================================================ subversion-api-docs-1.7.8-1.fc18 (FEDORA-2013-1400) Subversion API documentation -------------------------------------------------------------------------------- Update Information: Rebuilt against current Subversion. -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 24 2013 Bojan Smojver <bojan@xxxxxxxxxxxxx> 1.7.8-1 - bump up to 1.7.8 -------------------------------------------------------------------------------- ================================================================================ sugar-hello-world-6-3.fc18 (FEDORA-2013-1408) Activity to print "Hello world" on the screen -------------------------------------------------------------------------------- Update Information: Initial packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #887490 - Review Request: sugar-hello-world - Sugar activity to print "Hello world" on screen https://bugzilla.redhat.com/show_bug.cgi?id=887490 -------------------------------------------------------------------------------- ================================================================================ tex-fonts-hebrew-0.1-18.fc18 (FEDORA-2013-1425) Culmus Hebrew fonts support for LaTeX -------------------------------------------------------------------------------- Update Information: Fixed BuildRequires and some spec cleanups -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 23 2013 Parag Nemade <pnemade AT redhat DOT com> - 0.1-18 - Resolves:rh#903267-spec cleanup - Change the dependecies for new textlive package in Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #903267 - spec cleanup needed https://bugzilla.redhat.com/show_bug.cgi?id=903267 -------------------------------------------------------------------------------- ================================================================================ ugene-1.11.4-2.fc18 (FEDORA-2013-1444) Integrated bioinformatics toolkit -------------------------------------------------------------------------------- Update Information: New upstream release 1.11.4 -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 22 2013 Yulia Algaer <yalgaer@xxxxxxxxx> - 1.11.4-1 - Upstream version change -------------------------------------------------------------------------------- ================================================================================ vimpal-1.2.0-1.fc18 (FEDORA-2013-1428) Separate application providing a file tree for VIM -------------------------------------------------------------------------------- Update Information: Updated to version 1.2.0. -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- References: [ 1 ] Bug #890482 - Review Request: vimpal - Separate application providing a file tree for VIM https://bugzilla.redhat.com/show_bug.cgi?id=890482 -------------------------------------------------------------------------------- ================================================================================ vlgothic-fonts-20121230-2.fc18 (FEDORA-2013-1448) Japanese TrueType font -------------------------------------------------------------------------------- Update Information: Drop vlgothic-fonts-common package -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 11 2013 Akira TAGOH <tagoh@xxxxxxxxxx> - 20121230-2 - Drop -common package and keep consistent state of the directory by using the macro. (#893789) - Drop old Obsoletes and Provides line. -------------------------------------------------------------------------------- References: [ 1 ] Bug #893789 - vlgothic-fonts own a directory from vlgothic-fonts-common https://bugzilla.redhat.com/show_bug.cgi?id=893789 -------------------------------------------------------------------------------- ================================================================================ weechat-0.4.0-2.fc18 (FEDORA-2013-1441) Portable, fast, light and extensible IRC client -------------------------------------------------------------------------------- Update Information: Reimplement enchant patch, with new support for spelling suggestions Update to upstream release 0.4.0 -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 22 2013 Jamie Nguyen <jamielinux@xxxxxxxxxxxxxxxxx> - 0.4.0-2 - reimplement enchant support as a separate patch - implement additional enchant support for displaying spelling suggestions in weechat_aspell_get_suggestions(), which is a new function introduced by upstream in 0.4.0 * Mon Jan 21 2013 Jamie Nguyen <jamielinux@xxxxxxxxxxxxxxxxx> - 0.4.0-1 - update to upstream release 0.4.0 - add CMAKE options (DPREFIX and DLIBDIR) which negate the need to patch - remove enchant patches to keep close to upstream -------------------------------------------------------------------------------- ================================================================================ xen-4.2.1-5.fc18 (FEDORA-2013-1434) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: Two security fixes from nested virtualization (CVE-2013-0151 CVE-2013-0152), restore status option to xend which is used by libvirt Buffer overflow when processing large packets in qemu e1000 device driver [XSA-41, CVE-2012-6075] -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 22 2013 Michael Young <m.a.young@xxxxxxxxxxxx> - 4.2.1-5 - nested virtualization on 32-bit guest can crash host [XSA-34, CVE-2013-0151] also nested HVM on guest can cause host to run out of memory [XSA-35, CVE-2013-0152] (#902792) - restore status option to xend which is used by libvirt (#893699) * Thu Jan 17 2013 Michael Young <m.a.young@xxxxxxxxxxxx> - 4.2.1-4 - Buffer overflow when processing large packets in qemu e1000 device driver [XSA-41, CVE-2012-6075] -------------------------------------------------------------------------------- References: [ 1 ] Bug #893144 - CVE-2013-0151 CVE-2013-0152: kernel: xen: nested HVM host crash / OOM condition https://bugzilla.redhat.com/show_bug.cgi?id=893144 -------------------------------------------------------------------------------- ================================================================================ ypserv-2.29-6.fc18 (FEDORA-2013-1404) The NIS (Network Information Service) server -------------------------------------------------------------------------------- Update Information: This is an update that fixes problems with accessing map files. -------------------------------------------------------------------------------- ChangeLog: * Mon Jan 21 2013 Honza Horak <hhorak@xxxxxxxxxx> - 2.29-6 - Open database files with correct mode - Make rebuilding maps during upgrade a bit more clever * Fri Nov 30 2012 Honza Horak <hhorak@xxxxxxxxxx> - 2.29-5 - Build daemons and yppush with full relro - Move rpc.yppasswdd.env into /usr/libexec * Fri Nov 9 2012 Honza Horak <hhorak@xxxxxxxxxx> - 2.29-4 - Add missing break in switch -------------------------------------------------------------------------------- References: [ 1 ] Bug #896612 - rpc.ypxfrd doesn't support the needed database type https://bugzilla.redhat.com/show_bug.cgi?id=896612 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
