Fedora 17 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 17 Security updates need testing:
 Age  URL
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-1734/libupnp-1.6.18-1.fc17
  17  https://admin.fedoraproject.org/updates/FEDORA-2013-1286/python-tw2-jquery-2.0.3-5.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-1320/dnsmasq-2.65-4.fc17
  35  https://admin.fedoraproject.org/updates/FEDORA-2013-0210/vdsm-4.10.0-13.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-2143/rubygem-rdoc-3.12-5.fc17
  35  https://admin.fedoraproject.org/updates/FEDORA-2013-0231/ca-certificates-2012.87-1.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-2152/postgresql-9.1.8-1.fc17
  14  https://admin.fedoraproject.org/updates/FEDORA-2013-1466/freetype-2.4.8-4.fc17
  31  https://admin.fedoraproject.org/updates/FEDORA-2013-0455/fedora-business-cards-1-0.1.beta1.fc17
  31  https://admin.fedoraproject.org/updates/FEDORA-2012-19606/cups-1.5.4-18.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-2177/roundcubemail-0.8.5-1.fc17
  60  https://admin.fedoraproject.org/updates/FEDORA-2012-20092/libproxy-0.4.11-1.fc17
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-1997/qt-4.8.4-11.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-1836/perl-5.14.3-221.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-1667/samba4-4.0.0-60alpha18.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-1718/samba-3.6.12-1.fc17.1
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-1661/httpd-2.2.23-1.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-2202/gnome-online-accounts-3.4.2-3.fc17
 218  https://admin.fedoraproject.org/updates/FEDORA-2012-10269/revelation-0.4.14-1.fc17
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-2002/xen-4.1.4-4.fc17
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-2023/tor-0.2.3.25-1700
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-1804/coreutils-8.15-10.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-1826/sssd-1.8.6-1.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-2128/mingw-gnutls-2.12.20-1.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-2206/openssh-5.9p1-29.fc17


The following Fedora 17 Critical Path updates have yet to be approved:
 Age URL
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-2163/policycoreutils-2.1.13-27.3.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-2202/gnome-online-accounts-3.4.2-3.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-2206/openssh-5.9p1-29.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-2124/abrt-2.1.1-1.fc17,libreport-2.1.1-1.fc17
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-2024/xulrunner-18.0.2-1.fc17,firefox-18.0.2-1.fc17
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-1997/qt-4.8.4-11.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-2028/nss-util-3.14.2-2.fc17,nss-3.14.2-2.fc17,nss-softokn-3.14.2-3.fc17,nspr-4.9.5-1.fc17
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-2065/abrt-2.1.0-1.fc17,libreport-2.1.0-2.fc17
   3  https://admin.fedoraproject.org/updates/FEDORA-2013-1965/kernel-3.7.6-102.fc17
   4  https://admin.fedoraproject.org/updates/FEDORA-2013-1926/xorg-x11-drv-evdev-2.7.3-5.fc17
   4  https://admin.fedoraproject.org/updates/FEDORA-2013-1946/fedora-logos-17.0.3-3.fc17
   4  https://admin.fedoraproject.org/updates/FEDORA-2013-1931/util-linux-2.21.2-4.fc17
   5  https://admin.fedoraproject.org/updates/FEDORA-2013-1881/phonon-backend-gstreamer-4.6.3-1.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-1841/sane-backends-1.0.23-7.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-1836/perl-5.14.3-221.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-1865/xorg-x11-drv-synaptics-1.6.3-1.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-1789/bash-4.2.39-3.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-1791/ModemManager-0.6.0.0-3.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-1804/coreutils-8.15-10.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-1712/mtdev-1.1.3-1.fc17
  11  https://admin.fedoraproject.org/updates/FEDORA-2013-1580/audit-2.2.2-2.fc17
  13  https://admin.fedoraproject.org/updates/FEDORA-2013-1540/logrotate-3.8.3-1.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-1725/libnl3-3.2.21-1.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-1320/dnsmasq-2.65-4.fc17
  20  https://admin.fedoraproject.org/updates/FEDORA-2013-1140/xorg-x11-drv-intel-2.20.18-1.fc17
 170  https://admin.fedoraproject.org/updates/FEDORA-2012-12509/PackageKit-0.7.6-1.fc17


The following builds have been pushed to Fedora 17 updates-testing

    abi-compliance-checker-1.98.8-1.fc17
    fedora-review-0.4.0-3.fc17
    fontforge-20120731b-4.fc17
    gambas3-3.4.0-1.fc17
    gnome-online-accounts-3.4.2-3.fc17
    jtidy-1.0-0.13.20100930svn1125.fc17
    lcgdm-dav-0.12.1-1.fc17
    mysql-utilities-1.2.0-1.fc17
    openssh-5.9p1-29.fc17
    ovirt-guest-agent-1.0.6-4.fc17
    perl-Perl-Stripper-0.04-1.fc17
    policycoreutils-2.1.13-27.3.fc17
    python-fedmsg-meta-fedora-infrastructure-0.1.0-1.fc17
    python-rhsm-1.8.2-1.fc17
    roundcubemail-0.8.5-1.fc17
    subscription-manager-1.8.2-1.fc17
    xfce-theme-manager-0.2.4-1.fc17

Details about builds:


================================================================================
 abi-compliance-checker-1.98.8-1.fc17 (FEDORA-2013-2164)
 An ABI Compliance Checker
--------------------------------------------------------------------------------
Update Information:

Update to latest upstream release.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb  8 2013 Richard Shaw <hobbes1069@xxxxxxxxx> - 1.98.8-1
- Update to latest upstream release.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #909136 - abi-compliance-checker-1.98.8 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=909136
--------------------------------------------------------------------------------


================================================================================
 fedora-review-0.4.0-3.fc17 (FEDORA-2013-2184)
 Review tool for fedora rpm packages
--------------------------------------------------------------------------------
Update Information:

This fixes problems with large docs check and incorrect handling of some package names. A small addition is also REVIEW_NO_MOCKGROUP_TEST which turns off verification of mock configuration that can be useful in certain non-standard configurations.
Update to 0.4.0 and incorporate patch from Ralf Bean fixing fedora-create-review.

- The deprecated JSON api has been removed.
- Patch-naming check not mandated by GL is removed (#179).
- New checks:
    * Bundled gnulib check (#53).
    * Run phpci static analyzer on php packages (#63).
    * Various scriptlet checks (#152).
    * Tmpfiles.d check (#156).
    * Bundled fonts check (#155).
    * Improper %_sourcedir usage test (#154).
    * Test that sources could be downloaded from SourceX: tag (#198)
- Improved report layout (#135).
- Improved console output, notably invisible yellow text fixed. (#185).
- The report has got a fixed name 'review.txt'.
- It's now possible to create a python plugin with some tests which
  becomes part of an existing group e. g., a plugin with one new php
  test (#182).
- Improved handling of mock build failures (#79).
- Make used buildroot more visible (#147).
- New Guidelines update (#161).
- Various internal refactoring and clean-ups:
   #134, #140, #145, #172 and a lot of commits...
- Improved unit tests, notably for plugins. Unit tests are now
  packaged (#146, #163, many commits).
- Roughly 20 other bugs fixed.

- The deprecated JSON api has been removed.
- Patch-naming check not mandated by GL is removed (#179).
- New checks:
    * Bundled gnulib check (#53).
    * Run phpci static analyzer on php packages (#63).
    * Various scriptlet checks (#152).
    * Tmpfiles.d check (#156).
    * Bundled fonts check (#155).
    * Improper %_sourcedir usage test (#154).
    * Test that sources could be downloaded from SourceX: tag (#198)
- Improved report layout (#135).
- Improved console output, notably invisible yellow text fixed. (#185).
- The report has got a fixed name 'review.txt'.
- It's now possible to create a python plugin with some tests which
  becomes part of an existing group e. g., a plugin with one new php
  test (#182).
- Improved handling of mock build failures (#79).
- Make used buildroot more visible (#147).
- New Guidelines update (#161).
- Various internal refactoring and clean-ups:
   #134, #140, #145, #172 and a lot of commits...
- Improved unit tests, notably for plugins. Unit tests are now
  packaged (#146, #163, many commits).
- Roughly 20 other bugs fixed.

- The deprecated JSON api has been removed.
- Patch-naming check not mandated by GL is removed (#179).
- New checks:
    * Bundled gnulib check (#53).
    * Run phpci static analyzer on php packages (#63).
    * Various scriptlet checks (#152).
    * Tmpfiles.d check (#156).
    * Bundled fonts check (#155).
    * Improper %_sourcedir usage test (#154).
    * Test that sources could be downloaded from SourceX: tag (#198)
- Improved report layout (#135).
- Improved console output, notably invisible yellow text fixed. (#185).
- The report has got a fixed name 'review.txt'.
- It's now possible to create a python plugin with some tests which
  becomes part of an existing group e. g., a plugin with one new php
  test (#182).
- Improved handling of mock build failures (#79).
- Make used buildroot more visible (#147).
- New Guidelines update (#161).
- Various internal refactoring and clean-ups:
   #134, #140, #145, #172 and a lot of commits...
- Improved unit tests, notably for plugins. Unit tests are now
  packaged (#146, #163, many commits).
- Roughly 20 other bugs fixed.

--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb  8 2013 Stanislav Ochotnicky <sochotnicky@xxxxxxxxxx> - 0.4.0-3
- Fix rhbz908830 and rhbz908830
- Add patch for REVIEW_NO_MOCKGROUP_TEST environment variable
- Remove old patch
* Mon Feb  4 2013 Pierre-Yves Chibon <pingou@xxxxxxxxxxxx> - 0.4.0-2
- Add Patch0 (0001-Fix-syntax-error.patch) from Ralph Bean fixing fedora-create-review
* Mon Jan 28 2013 Stanislav Ochotnicky <sochotnicky@xxxxxxxxxx> - 0.4.0-1
- Updating to upstream 0.4.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #908830 - check-large-docs.sh doesn't properly skip -doc subpackages
        https://bugzilla.redhat.com/show_bug.cgi?id=908830
  [ 2 ] Bug #889087 - Unreadable colors in terminal with white background
        https://bugzilla.redhat.com/show_bug.cgi?id=889087
  [ 3 ] Bug #881337 - AttributeError: 'GemCheckRequiresRubygems' object has no attribute 'spec_packages'
        https://bugzilla.redhat.com/show_bug.cgi?id=881337
  [ 4 ] Bug #872898 - other Fatal error: Exception down the road
        https://bugzilla.redhat.com/show_bug.cgi?id=872898
  [ 5 ] Bug #845651 - AttributeError: 'Source' object has no attribute 'filename'
        https://bugzilla.redhat.com/show_bug.cgi?id=845651
--------------------------------------------------------------------------------


================================================================================
 fontforge-20120731b-4.fc17 (FEDORA-2013-2215)
 Outline and bitmap font editor
--------------------------------------------------------------------------------
Update Information:

Fixes for some crashes that occur while extracting fonts from PDFs.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb  7 2013 Paul Flo Williams <paul@xxxxxxxxxxxxx> - 20120731b-4
- Patch for bug #902089, out-of-bounds errors while reading PDFs
* Fri Jan 18 2013 Adam Tkac <atkac redhat com> - 20120731b-3
- rebuild due to "jpeg8-ABI" feature drop
* Tue Nov 27 2012 Kevin Fenzi <kevin@xxxxxxxxx> 20120731b-2
- Cosmetic cleanups for bug 880472
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #902089 - [abrt] fontforge-20120731b-2.fc18: pcFree: Process /usr/bin/fontforge was killed by signal 11 (SIGSEGV)
        https://bugzilla.redhat.com/show_bug.cgi?id=902089
--------------------------------------------------------------------------------


================================================================================
 gambas3-3.4.0-1.fc17 (FEDORA-2013-2200)
 IDE based on a basic interpreter with object extensions
--------------------------------------------------------------------------------
Update Information:

Update to 3.4.0

This new release fixes about 240 bugs and adds about 270 new features. For full details, see:

http://gambasdoc.org/help/doc/release/3.4.0
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb  7 2013 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 3.4.0-1
- update to 3.4.0
* Fri Jan 18 2013 Adam Tkac <atkac redhat com> - 3.3.4-4
- rebuild due to "jpeg8-ABI" feature drop
* Thu Dec 13 2012 Adam Jackson <ajax@xxxxxxxxxx> - 3.3.4-3
- Rebuild for glew 1.9.0
--------------------------------------------------------------------------------


================================================================================
 gnome-online-accounts-3.4.2-3.fc17 (FEDORA-2013-2202)
 Provide online accounts information
--------------------------------------------------------------------------------
Update Information:

Backport fix for RH #908000 (CVE-2013-0240)
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb  8 2013 Debarshi Ray <rishi@xxxxxxxxxxxxxxxxx> - 3.4.2-3
- Backport fix for RH #908000 (CVE-2013-0240)
* Mon Oct 15 2012 Debarshi Ray <rishi@xxxxxxxxxxxxxxxxx> - 3.4.2-2
- Backport fix for RH #863419
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #894352 - gnome-online-accounts: Does not check SSL certificates when creating Windows Live or Facebook accounts
        https://bugzilla.redhat.com/show_bug.cgi?id=894352
--------------------------------------------------------------------------------


================================================================================
 jtidy-1.0-0.13.20100930svn1125.fc17 (FEDORA-2013-2176)
 HTML syntax checker and pretty printer
--------------------------------------------------------------------------------
Update Information:

This update adds missing Requires: xml-commons-apis.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb  6 2013 Mikolaj Izdebski <mizdebsk@xxxxxxxxxx> - 2:1.0-0.13.20100930svn1125
- Add missing BR and R: xml-commons-apis
- Resolves: rhbz#908421
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2:1.0-0.12.20100930svn1125
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #908421 - jtidy: Missing dependencies on xml-commons-apis
        https://bugzilla.redhat.com/show_bug.cgi?id=908421
--------------------------------------------------------------------------------


================================================================================
 lcgdm-dav-0.12.1-1.fc17 (FEDORA-2013-2211)
 HTTP/DAV front end to the DPM/LFC services
--------------------------------------------------------------------------------
Update Information:

- fix for a frequent segfault
Update for new upstream release
Update for new upstream release
Update for new upstream release
Update for new upstream release
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb  8 2013 Ricardo Rocha <ricardo.rocha@xxxxxxx> - 0.12.1-1
- Update for new upstream release (patch for segfault)
* Wed Feb  6 2013 Ricardo Rocha <ricardo.rocha@xxxxxxx> - 0.12.0-1
- Update for new upstream release
* Tue Jan 29 2013 Ricardo Rocha <ricardo.rocha@xxxxxxx> - 0.11.0-2
- Added patch for apache 2.4 api change
--------------------------------------------------------------------------------


================================================================================
 mysql-utilities-1.2.0-1.fc17 (FEDORA-2013-2207)
 MySQL Utilities
--------------------------------------------------------------------------------
Update Information:

Release 1.2.0 (Released January 26, 2013)
* BUG#13956819: MySQL Utilities requires changes for RPM packaging
* WL#6256: Change password handling
* WL#6262: Audit log parser

Release 1.1.2 (Released January 17, 2013)
* BUG#13931340: mysqluserclone should dump all users
* BUG#14712211: mysqluc fails to look for the utilities for a given utildir 
* BUG#15867353: Add GTID handling to mysqldbcopy, mysqldbexport
* BUG#16010766: gtid enabled utilities need to check version of the server
* BUG#16016887: mysqldiskusage reports missing binlog
* BUG#16020953: --timeout option in mysqlfailover throws error
* BUG#16023646: mysqldbcopy cannot copy world_innodb sample database
* BUG#16023781: switchover can fail to complete if there are errors in slaves
* BUG#16035934: unused --server option in mysqldbcompare
* BUG#16037123: mysqlrplshow fails to report connection errors
* BUG#16072863: gtid-enabled utilities need better error handling
* BUG#14158371: mysqlserverinfo reports server offline on authentication error

--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb  8 2013 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.2.0-1
- update to 1.2.0
- new commands: mysqlauditadmin and mysqlauditgrep
--------------------------------------------------------------------------------


================================================================================
 openssh-5.9p1-29.fc17 (FEDORA-2013-2206)
 An open source implementation of SSH protocol versions 1 and 2
--------------------------------------------------------------------------------
Update Information:

This update changes default of MaxStartups to 10:30:100 to start doing random early drop at 10 connections up to 100 connections - CVE-2010-5107
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb  8 2013 Petr Lautrbach <plautrba@xxxxxxxxxx> 5.9p1-29 + 0.9.3-1
- change default value of MaxStartups - CVE-2010-5107 (#908707)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #908707 - CVE-2010-5107 openssh: Prevent connection slot exhaustion attacks
        https://bugzilla.redhat.com/show_bug.cgi?id=908707
--------------------------------------------------------------------------------


================================================================================
 ovirt-guest-agent-1.0.6-4.fc17 (FEDORA-2013-2181)
 The oVirt Guest Agent
--------------------------------------------------------------------------------
Update Information:

This is the oVirt managment agent running inside the guest. The agent
interfaces with the oVirt manager, supplying heart-beat info as well as
runtime data from within the guest itself. The agent also accepts
control commands to be run executed within the OS (like: shutdown and
restart).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #889546 - Review Request: ovirt-guest-agent - oVirt Guest Agent
        https://bugzilla.redhat.com/show_bug.cgi?id=889546
--------------------------------------------------------------------------------


================================================================================
 perl-Perl-Stripper-0.04-1.fc17 (FEDORA-2013-2185)
 Yet another PPI-based Perl source code stripper
--------------------------------------------------------------------------------
Update Information:

Yet another PPI-based Perl source code stripper
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #908788 - Review Request: perl-Perl-Stripper - Yet another PPI-based Perl source code stripper
        https://bugzilla.redhat.com/show_bug.cgi?id=908788
--------------------------------------------------------------------------------


================================================================================
 policycoreutils-2.1.13-27.3.fc17 (FEDORA-2013-2163)
 SELinux policy core utilities
--------------------------------------------------------------------------------
Update Information:

Remove boolean_name sub code
Fix problem in post install
Make auditallow -b work on all systems.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jan 24 2013 Dan Walsh <dwalsh@xxxxxxxxxx> - 2.1.12-27.2
- Fix post install scripts to not use systemd macros
* Wed Nov  7 2012 Dan Walsh <dwalsh@xxxxxxxxxx> - 2.1.12-27.1
- Fix audit2allow -b to work in all timezones
* Wed Nov  7 2012 Dan Walsh <dwalsh@xxxxxxxxxx> - 2.1.12-27
- Only report restorecon warning for missing default label, if not running
recusively
- Update translations
* Mon Nov  5 2012 Dan Walsh <dwalsh@xxxxxxxxxx> - 2.1.12-26
- Fix semanage booleans -l, move more boolean_dict handling into sepolicy
- Update translations
- Fixup sepolicy generate to discover /var/log, /var/run and /var/lib directories if they match the name
- Fix kill function call should indicate signal_perms not kill capability
- Error out cleanly in system-config-selinux, if it can not contact XServer
* Mon Nov  5 2012 Dan Walsh <dwalsh@xxxxxxxxxx> - 2.1.12-25
- Remove run_init, no longer needed with systemd.
- Fix sepolicy generate to not include subdirs in generated fcontext file.  (mgrepl patch)
* Sat Nov  3 2012 Dan Walsh <dwalsh@xxxxxxxxxx> - 2.1.12-24
- Fix manpage to generate proper man pages for alternate policy,  
basically allow me to build RHEL6 man pages on a Fedora 18 box, as long as 
I pull the policy, policy.xml and file_contexts and file_contexts.homedir
* Thu Nov  1 2012 Dan Walsh <dwalsh@xxxxxxxxxx> - 2.1.12-23
- Fix some build problems in sepolicy manpage and sepolicy transition
* Tue Oct 30 2012 Dan Walsh <dwalsh@xxxxxxxxxx> - 2.1.12-22
- Add alias man pages to sepolicy manpage
* Mon Oct 29 2012 Dan Walsh <dwalsh@xxxxxxxxxx> - 2.1.12-21
- Redesign sepolicy to only read the policy file once, not for every call
* Mon Oct 29 2012 Dan Walsh <dwalsh@xxxxxxxxxx> - 2.1.12-20
- Fixes to sepolicy transition, allow it to list all transitions from a domain
* Sat Oct 27 2012 Dan Walsh <dwalsh@xxxxxxxxxx> - 2.1.12-19
- Change sepolicy python bindings to have python pick policy file, fixes weird memory problems in sepolicy network
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #908773 - python: seobject - Cannot modify selinux bool
        https://bugzilla.redhat.com/show_bug.cgi?id=908773
  [ 2 ] Bug #866296 - semanage: not possible to feed multiple commands from stdin
        https://bugzilla.redhat.com/show_bug.cgi?id=866296
  [ 3 ] Bug #889508 - Non-fatal POSTIN scriptlet failure in rpm package policycoreutils-restorecond-2.1.13-27.1.fc17.x86_64
        https://bugzilla.redhat.com/show_bug.cgi?id=889508
  [ 4 ] Bug #855483 - allow2audit doesn't parse boot date correctly in all locales
        https://bugzilla.redhat.com/show_bug.cgi?id=855483
--------------------------------------------------------------------------------


================================================================================
 python-fedmsg-meta-fedora-infrastructure-0.1.0-1.fc17 (FEDORA-2013-2170)
 Metadata providers for Fedora Infrastructure's fedmsg deployment
--------------------------------------------------------------------------------
Update Information:

Fix to KojiProcessor.__name__
Processors for koji and planet messages..
Changes to git/scm messages.
pkgdb messages.
Fixes to git/scm messages.
Koji usernames and links; fas legacy compat
--------------------------------------------------------------------------------
ChangeLog:

--------------------------------------------------------------------------------


================================================================================
 python-rhsm-1.8.2-1.fc17 (FEDORA-2013-2193)
 A Python library to communicate with a Red Hat Unified Entitlement Platform
--------------------------------------------------------------------------------
Update Information:

Add support for disabling package reporting, various cosmetic bug fixes.
Dozens of bug fixes, new rct commands for examining manifests.
Dozens of bug fixes, new rct commands for examining manifests.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jan 31 2013 Bryan Kearney <bkearney@xxxxxxxxxx> 1.8.2-1
- Add a default value for the report_package_profile setting
  (bkearney@xxxxxxxxxx)
- Remove F16 releasers, add F18. (dgoodwin@xxxxxxxxxx)
* Thu Jan 24 2013 Devan Goodwin <dgoodwin@xxxxxxxx> 1.8.1-1
- Do not retrieve the value unless the match is valid (bkearney@xxxxxxxxxx)
- Only look for a single item as it is quicker and all we care about is zero or
  not zero (bkearney@xxxxxxxxxx)
- Several small tweaks: (bkearney@xxxxxxxxxx)
- Store off the len of the oid to save recalculating it more that once
  (bkearney@xxxxxxxxxx)
- certificate.match will now only accept oids. (bkearney@xxxxxxxxxx)
- Remove the use of exceptions to denote a return value of false.
  (bkearney@xxxxxxxxxx)
- The email.utils module was named email.Utils in RHEL5 (bkearney@xxxxxxxxxx)
- Make stylish issues resolved (bkearney@xxxxxxxxxx)
- 772936: Warn the user when clock skew is detected. (bkearney@xxxxxxxxxx)
- Improve logging for rhsmcertd scenarios (wpoteat@xxxxxxxxxx)
- 845622: If an identity certificate has expired, there should be a friendly
  error message (wpoteat@xxxxxxxxxx)
- Add international text to test automatic JSON encoding. (awood@xxxxxxxxxx)
- 880070: Adding unicode encoding hook for simplejson. (awood@xxxxxxxxxx)
- 848836: Remove trailing / from the handler in UEPConnection
  (bkearney@xxxxxxxxxx)
- 884259: If LANG is unset, do not attempt to send up a default locale in
  redeem call (bkearney@xxxxxxxxxx)
--------------------------------------------------------------------------------


================================================================================
 roundcubemail-0.8.5-1.fc17 (FEDORA-2013-2177)
 Round Cube Webmail is a browser-based multilingual IMAP client
--------------------------------------------------------------------------------
Update Information:

A cross-site scripting (XSS) flaws were round in the way Round Cube Webmail, a browser-based multilingual IMAP client, performed sanitization of 'data' and 'vbscript' URLs. A remote attacker could provide a specially-crafted URL that, when opened would lead to arbitrary JavaScript, VisualBasic script or HTML code execution in the context of Round Cube Webmail's user session.

Upstream ticket:
[1] http://trac.roundcube.net/ticket/1488850

Further details:
[2] http://trac.roundcube.net/attachment/ticket/1488850/RoundCube2XSS.pdf

Upstream patch:
[3] https://github.com/roundcube/roundcubemail/commit/74cd0a9b62f11bc07c5a1d3ba0098b54883eb0ba

References:
[4] http://sourceforge.net/news/?group_id=139281&id=310213
[5] http://www.openwall.com/lists/oss-security/2013/02/07/11
[6] http://www.openwall.com/lists/oss-security/2013/02/08/1
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb  8 2013 Jon Ciesla <limburgher@xxxxxxxxx> - 0.8.5-1
- Latest upstream.
* Mon Nov 19 2012 Jon Ciesla <limburgher@xxxxxxxxx> - 0.8.4-1
- Latest upstream.
* Mon Oct 29 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 0.8.2-3
- fix configuration for httpd 2.4 (#871123)
* Sun Oct 28 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 0.8.2-2
- add fix for latest MDB2 (#870933)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #909304 - CVE-2012-6121 roundcubemail: Cross-site scripting (XSS) in vbscript: and data:text URL handling [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=909304
  [ 2 ] Bug #909306 - CVE-2012-6121 roundcubemail: Cross-site scripting (XSS) in vbscript: and data:text URL handling [epel-6]
        https://bugzilla.redhat.com/show_bug.cgi?id=909306
--------------------------------------------------------------------------------


================================================================================
 subscription-manager-1.8.2-1.fc17 (FEDORA-2013-2193)
 Tools and libraries for subscription and repository management
--------------------------------------------------------------------------------
Update Information:

Add support for disabling package reporting, various cosmetic bug fixes.
Dozens of bug fixes, new rct commands for examining manifests.
Dozens of bug fixes, new rct commands for examining manifests.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb  8 2013 Bryan Kearney <bkearney@xxxxxxxxxx> 1.8.2-1
- Update tito for RHEL 7.0 (bkearney@xxxxxxxxxx)
- Small cleanups for test_migrate (alikins@xxxxxxxxxx)
- Write repofile once instead of during every iteration. (awood@xxxxxxxxxx)
- Add unit test for migration script. (awood@xxxxxxxxxx)
- Adding more tests for the migration script. (awood@xxxxxxxxxx)
- Bump the required version of python-rhsm to pick up the new config file
  defaults (bkearney@xxxxxxxxxx)
- Modify migration script tests to run on Fedora. (awood@xxxxxxxxxx)
- Give users the ability to disable package reporting (bkearney@xxxxxxxxxx)
- 891377: Note in deprecated string that auto-attach-interval is a command
  option (bkearney@xxxxxxxxxx)
- 901612: Yum plugin warnings should go to stderr, not stdout
  (bkearney@xxxxxxxxxx)
- 903298: Replace use of 'Register to' with 'Register with'
  (bkearney@xxxxxxxxxx)
- Rewrite of the migration script featuring unit tests. (awood@xxxxxxxxxx)
- Remove F16 and old cvs releasers, add F18. (dgoodwin@xxxxxxxxxx)
* Thu Jan 24 2013 Devan Goodwin <dgoodwin@xxxxxxxx> 1.8.1-1
- Add two manifest commands to rct. (bkearney@xxxxxxxxxx)
- latest translations from zanata (alikins@xxxxxxxxxx)
- 895447: The count of subscriptions removed is zero for certs that have been
  imported. (wpoteat@xxxxxxxxxx)
- 895462: Message for subscription-manager repos --list for disabled repo needs
  to be modified (wpoteat@xxxxxxxxxx)
- 885964: After registration, recreate the UEP connection using the identity
  cert. (awood@xxxxxxxxxx)
- 869306: Add org ID to facts dialog. (awood@xxxxxxxxxx)
- 888853: Put output into proper columns regardless of the output language.
  (awood@xxxxxxxxxx)
- Update python-rhsm requires version (wpoteat@xxxxxxxxxx)
- 888052: Add all binaries to the makefile path for gettext string extraction
  (bkearney@xxxxxxxxxx)
- 851303: additional term updates (dlackey@xxxxxxxxxxxxxx)
- 844411: Add an --insecure option to subscription-manager. (awood@xxxxxxxxxx)
- 891621: Users can incorrectly enter activation keys when registering to
  hosted. (awood@xxxxxxxxxx)
- 889573: Only persist serverurl and baseurl when registering.
  (awood@xxxxxxxxxx)
- 889204: Encode the unicode string to utf-8 to avoid syslog errors
  (bkearney@xxxxxxxxxx)
- 889621: String substitution inside gettext causes message translations to
  never be found (bkearney@xxxxxxxxxx)
- 890296: Unicode characters with a - are causing printing issues for rct
  printing (bkearney@xxxxxxxxxx)
- 878269 (dlackey@xxxxxxxxxxxxxx)
- 784056: Raise a running instance of the GUI to the forefront.
  (awood@xxxxxxxxxx)
- 888968: Improve the gui message formatting for SLA selection
  (bkearney@xxxxxxxxxx)
- 873601: Return a non zero code if subscription manager is run with an
  incorrect command name (bkearney@xxxxxxxxxx)
- 839779: Improve messaging when autosubscribe does not work because of SLA
  (bkearney@xxxxxxxxxx)
- 867603: Add quantity to confirm subscriptions dialog. (awood@xxxxxxxxxx)
- 888790: Rebuild UEP connection after registering with activation keys.
  (awood@xxxxxxxxxx)
- 886280; 878257; 878264; 878269 (dlackey@xxxxxxxxxxxxxx)
- 814378: disable linkify if we are running as firstboot (alikins@xxxxxxxxxx)
- 886887: Take the user back to the activation key page if he enters an invalid
  key. (awood@xxxxxxxxxx)
- 863572: Make forward/back insensitive when registering (alikins@xxxxxxxxxx)
- 825950: updating SAM registration procedure; other term edits and updated
  screenshot (dlackey@xxxxxxxxxxxxxx)
- 885964: Do not make a getOwner call when not necessary. (awood@xxxxxxxxxx)
- Ask for the org in environments and service-level modules. (awood@xxxxxxxxxx)
- 886992: Fix for bad fix for 886604, wrong path for yum repos
  (alikins@xxxxxxxxxx)
- matt reid's edits to rct; bz886280; bz878257; bz878269; bz878264
  (dlackey@xxxxxxxxxxxxxx)
- 841496: Do not use hyphens in bash completion files as these are invalid for
  identifiers in the sh shell. (bkearney@xxxxxxxxxx)
- Improve logging for rhsmcertd scenarios (wpoteat@xxxxxxxxxx)
- 878609: Do not use public url redirectors, instead use a redhat.com address
  (bkearney@xxxxxxxxxx)
- 886604: Fix incorrect path in repos.d check (alikins@xxxxxxxxxx)
- 727092: Read in the org key during registration if none is given.
  (awood@xxxxxxxxxx)
- 845622: If an identity certificate has expired, there should be a friendly
  error message (wpoteat@xxxxxxxxxx)
- 883123: Have the migration code use the name and the label for org and
  environment lookup. (bkearney@xxxxxxxxxx)
- 886110: help blurb for --auto-attach formatted poorly (alikins@xxxxxxxxxx)
- 880070: require latest python-rhsm to handle unicode issues
  (alikins@xxxxxxxxxx)
- 798788: Results from subscription-manager facts --update after a server-side
  consumer was deleted. (wpoteat@xxxxxxxxxx)
- 878634: Improve the consistency of capitalization of URL, ID, HTTP, and CPU
  (bkearney@xxxxxxxxxx)
- 878657: Make consistent use of the term unregister instead of un-register
  (bkearney@xxxxxxxxxx)
- 883735: load branding module slightly differently (jesusr@xxxxxxxxxx)
- Stylish fix. (dgoodwin@xxxxxxxxxx)
- 878664: Add bash completion script for rct (bkearney@xxxxxxxxxx)
- 880764: Command line options which can be specified more than once should use
  the same help text (bkearney@xxxxxxxxxx)
- 867070: Adjust default sizing of subscriptions pane in Installed Products
  tab. (awood@xxxxxxxxxx)
- 873791: Expected exit codes from unsubscribe with multiple serial numbers
  (wpoteat@xxxxxxxxxx)
- 800323: Set default output stream encoding to UTF-8. (awood@xxxxxxxxxx)
- 862852: Fix double separator in redeem dialog. (dgoodwin@xxxxxxxxxx)
- Display "None" if environments value is empty on consumer. (awood@xxxxxxxxxx)
- 872351: Display environment in GUI facts dialog and CLI identity command.
  (awood@xxxxxxxxxx)
- 881091: Remove punctuation in the help message (bkearney@xxxxxxxxxx)
- Revert "878986: refactor to use curses/textwrap for format"
  (alikins@xxxxxxxxxx)
- 877579: Fix -1 quantity to consume for unlimited pools. (dgoodwin@xxxxxxxxxx)
- 881117: Add at-spi locator to redemption dialog. (awood@xxxxxxxxxx)
- 881952: Warn and continue if encountering a failure during system deletion.
  (awood@xxxxxxxxxx)
- 878820: Fix console error when yum.repos.d does not exist.
  (dgoodwin@xxxxxxxxxx)
- 839772: Display "Not Set" instead of "" in SLA and release preferences.
  (awood@xxxxxxxxxx)
- rev zanata branch version to 1.8.X (alikins@xxxxxxxxxx)
- 878986: refactor to use curses/textwrap for format (alikins@xxxxxxxxxx)
- 878986: Default to no line breaking if no stty is available
  (bkearney@xxxxxxxxxx)
- 878588: Move the requires on usermode from subscription-manager-gui to
  subscription-manager (bkearney@xxxxxxxxxx)
- 878648: Make the help usage formatting consistent for the rct and
  subscription manager commands (bkearney@xxxxxxxxxx)
- 869046: Remove stray 'print' (jbowes@xxxxxxxxxx)
- 864207: Autosubscribe should not run when all products are already
  subscribed. (wpoteat@xxxxxxxxxx)
- 854702: Place the asterisk indicating editability into the quantity cell.
  (awood@xxxxxxxxxx)
--------------------------------------------------------------------------------


================================================================================
 xfce-theme-manager-0.2.4-1.fc17 (FEDORA-2013-2214)
 A theme manager for Xfce
--------------------------------------------------------------------------------
Update Information:

xfce-theme-manager updated to version 0.2.4.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Feb  2 2013 Eduardo Echeverria  <echevemaster@xxxxxxxxx> - 0.2.4-1
- Update to version 0.2.4
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #876043 - Review Request: xfce-theme-manager - A theme manager for Xfce
        https://bugzilla.redhat.com/show_bug.cgi?id=876043
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test



[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux