The following Fedora 18 Security updates need testing: Age URL 116 https://admin.fedoraproject.org/updates/FEDORA-2012-17834/cumin-0.1.5522-4.fc18 56 https://admin.fedoraproject.org/updates/FEDORA-2013-0416/fedora-business-cards-1-0.1.beta1.fc18 41 https://admin.fedoraproject.org/updates/FEDORA-2013-1277/python-tw2-jquery-2.0.3-5.fc18 25 https://admin.fedoraproject.org/updates/FEDORA-2013-2131/rubygem-rdoc-3.12-6.fc18 21 https://admin.fedoraproject.org/updates/FEDORA-2013-2306/rubygem-rack-1.4.0-5.fc18 10 https://admin.fedoraproject.org/updates/FEDORA-2013-2843/python-django-1.4.5-2.fc18 10 https://admin.fedoraproject.org/updates/FEDORA-2013-2866/bugzilla-4.2.5-1.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-3297/sudo-1.8.6p7-1.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-3253/crypto-utils-2.4.1-39.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-3379/telepathy-gabble-0.16.5-1.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-3414/gnome-online-accounts-3.6.3-1.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-3425/zfs-fuse-0.7.0-10.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-3462/euca2ools-2.1.3-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-3436/perl-5.16.2-240.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-3434/tor-0.2.3.25-1802.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-3453/mingw-gnutls-2.12.23-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-3265/mediawiki-1.19.4-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-3468/java-1.7.0-openjdk-1.7.0.9-2.3.8.0.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-3473/poppler-0.20.2-10.fc18 The following Fedora 18 Critical Path updates have yet to be approved: Age URL 142 https://admin.fedoraproject.org/updates/FEDORA-2012-16107/xorg-x11-drv-qxl-0.1.0-1.fc18 140 https://admin.fedoraproject.org/updates/FEDORA-2012-16207/thunderbird-lightning-1.8-1.fc18,thunderbird-16.0.1-2.fc18 113 https://admin.fedoraproject.org/updates/FEDORA-2012-17832/empathy-3.6.1-4.fc18,gstreamer1-plugins-good-1.0.2-3.fc18,gnome-online-accounts-3.6.1-2.20121107git.fc18 55 https://admin.fedoraproject.org/updates/FEDORA-2013-0541/mdadm-3.2.6-11.fc18 25 https://admin.fedoraproject.org/updates/FEDORA-2013-2111/abrt-2.1.1-1.fc18,libreport-2.1.1-1.fc18 24 https://admin.fedoraproject.org/updates/FEDORA-2013-2192/nautilus-3.6.3-5.fc18 13 https://admin.fedoraproject.org/updates/FEDORA-2013-2711/yum-3.4.3-50.fc18 13 https://admin.fedoraproject.org/updates/FEDORA-2013-2726/pulseaudio-2.1-7.fc18 12 https://admin.fedoraproject.org/updates/FEDORA-2013-2756/redland-1.0.15-2.fc18.1 10 https://admin.fedoraproject.org/updates/FEDORA-2013-2837/orc-0.4.17-2.fc18 9 https://admin.fedoraproject.org/updates/FEDORA-2013-2900/wayland-1.0.5-1.fc18,weston-1.0.5-1.fc18 9 https://admin.fedoraproject.org/updates/FEDORA-2013-2936/dosfstools-3.0.15-1.fc18 9 https://admin.fedoraproject.org/updates/FEDORA-2013-2961/libwacom-0.7-3.fc18 9 https://admin.fedoraproject.org/updates/FEDORA-2013-2930/kbd-1.15.3-7.fc18 6 https://admin.fedoraproject.org/updates/FEDORA-2013-3120/tracker-0.14.5-2.fc18 6 https://admin.fedoraproject.org/updates/FEDORA-2013-3100/sendmail-8.14.6-4.fc18 5 https://admin.fedoraproject.org/updates/FEDORA-2013-3186/network-manager-applet-0.9.8.0-1.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-3247/crda-1.1.3_2013.02.13-2.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-3251/libvpx-1.2.0-1.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-3271/policycoreutils-2.1.13-56.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-3297/sudo-1.8.6p7-1.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-3414/gnome-online-accounts-3.6.3-1.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-3398/selinux-policy-3.11.1-83.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-3473/poppler-0.20.2-10.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-3436/perl-5.16.2-240.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-3442/libgusb-0.1.6-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-3433/libosinfo-0.2.5-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-3446/gnome-session-3.6.2-4.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-3447/python-bugzilla-0.8.0-2.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-3458/iproute-3.6.0-7.fc18,iptables-1.4.18-1.fc18 The following builds have been pushed to Fedora 18 updates-testing clipsmm-0.3.2-1.fc18 eclipse-4.2.2-4.fc18 euca2ools-2.1.3-1.fc18 fedmsg-0.6.8-1.fc18 gnome-session-3.6.2-4.fc18 iproute-3.6.0-7.fc18 iptables-1.4.18-1.fc18 java-1.7.0-openjdk-1.7.0.9-2.3.8.0.fc18 lcgdm-dav-0.12.1-2.fc18 libcdr-0.0.11-1.fc18 libdivecomputer-0.3.0-2.fc18 libgusb-0.1.6-1.fc18 libmspub-0.0.5-1.fc18 libosinfo-0.2.5-1.fc18 libvisio-0.0.25-1.fc18 mediawiki-1.19.4-1.fc18 mingw-gnutls-2.12.23-1.fc18 mod_evasive-1.10.1-15.fc18 nodejs-chrono-1.0.4-1.fc18 nodejs-mapnik-reference-5.0.4-2.fc18 nodejs-passport-0.1.16-1.fc18 nodejs-sphericalmercator-1.0.2-1.fc18 nodejs-step-0.0.5-1.fc18 nodejs-xml2js-0.2.6-1.fc18 nodejs-zap-0.2.5-2.fc18 openscap-0.9.4.1-1.fc18 openstack-nova-2012.2.3-2.fc18 perl-5.16.2-240.fc18 perl-DateTime-Format-Flexible-0.25-1.fc18 perl-Mail-Box-Parser-C-3.007-1.fc18 perl-Net-SFTP-Foreign-1.74.05-5.fc18 perl-WWW-OrangeHRM-Client-0.4.0-1.fc18 poppler-0.20.2-10.fc18 pymunk-1.0.0-6.fc18 python-bugzilla-0.8.0-2.fc18 slrn-1.0.1-3.fc18 subsurface-3.0.2-1.fc18 targetcli-2.0.fb21-1.fc18 tor-0.2.3.25-1802.fc18 vym-2.3.14-1.fc18 xml-commons-apis-1.4.01-11.fc18 Details about builds: ================================================================================ clipsmm-0.3.2-1.fc18 (FEDORA-2013-3459) C++ interface to the CLIPS expert system C library -------------------------------------------------------------------------------- Update Information: Upgrade to 0.3.2 Upgrade to 0.3.0 -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 5 2013 Tim Niemueller <tim@xxxxxxxxxxxxx> - 0.3.2-1 - Upgrade to 0.3.2. * Sat Feb 9 2013 Tim Niemueller <tim@xxxxxxxxxxxxx> - 0.3.0-1 - Upgrade to 0.3.0 -------------------------------------------------------------------------------- ================================================================================ eclipse-4.2.2-4.fc18 (FEDORA-2013-3470) An open, extensible IDE -------------------------------------------------------------------------------- Update Information: Fixed linkage errors by removing the linkage paths and adding system.bundle to the dependencies of javax.xml. it is necessary to start eclipse -clean. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 4 2013 Krzysztof Daniel <kdaniel@xxxxxxxxxx> 1:4.2.2-4 - Drop the linkage patch. Rebuild with latest xml-commons-apis. * Fri Mar 1 2013 Krzysztof Daniel <kdaniel@xxxxxxxxxx> 1:4.2.2-3 - Use org.w3c.dom version provided by JVM in all ui bundles. * Wed Feb 27 2013 Krzysztof Daniel <kdaniel@xxxxxxxxxx> 1:4.2.2-2 - Fix the /usr/lib/java/swt.jar symlink. * Wed Feb 20 2013 Krzysztof Daniel <kdaniel@xxxxxxxxxx> 1:4.2.2-1 - Update to upstream 4.2.2 release. * Wed Feb 20 2013 Krzysztof Daniel <kdaniel@xxxxxxxxxx> 1:4.2.2-0.10.git20121217 - Yet another fix for RHBZ#912664. * Tue Feb 19 2013 Krzysztof Daniel <kdaniel@xxxxxxxxxx> 1:4.2.2-0.9.git20121217 - Remove merge artifacts. * Tue Feb 19 2013 Krzysztof Daniel <kdaniel@xxxxxxxxxx> 1:4.2.2-0.8.git20121217 - RHBZ#912664 - eclipse-swt should put swt.jar into /usr/lib/java even on 64 bit systems. - RHBZ#903537 - [abrt] java-1.7.0-openjdk-1.7.0.9-2.3.4.fc18: gtk_widget_real_map (SIGABRT) * Wed Feb 6 2013 Krzysztof Daniel <kdaniel@xxxxxxxxxx> 1:4.2.2-0.7.git20121217 - Do really fix the swt.jar (RHBZ#908112) * Tue Feb 5 2013 Krzysztof Daniel <kdaniel@xxxxxxxxxx> 1:4.2.2-0.6.git20121217 - Fix the generated swt.jar. * Fri Jan 25 2013 Krzysztof Daniel <kdaniel@xxxxxxxxxx> 1:4.2.2-0.5.git20121217 - RHBZ#832053: Ship SWT and other native plugins as folders. * Thu Jan 17 2013 Krzysztof Daniel <kdaniel@xxxxxxxxxx> 1:4.2.2-0.4.git20121217 - RHBZ#893774: file shipped twice in eclipse-platform and eclipse-equinox-osgi * Sat Jan 5 2013 Krzysztof Daniel <kdaniel@xxxxxxxxxx> 1:4.2.2-0.3.git20121217 - Fix missing about files on arm and ppc. * Wed Jan 2 2013 Krzysztof Daniel <kdaniel@xxxxxxxxxx> 1:4.2.2-0.2.git20121217 - Enable bootstrap (for the purpose of arm build). - Fix the launcher build for arm. - Fix the s390 build issue. -------------------------------------------------------------------------------- References: [ 1 ] Bug #917418 - org.eclipse.swt.SWTException: Device is disposed https://bugzilla.redhat.com/show_bug.cgi?id=917418 -------------------------------------------------------------------------------- ================================================================================ euca2ools-2.1.3-1.fc18 (FEDORA-2013-3462) Eucalyptus/AWS-compatible command line tools -------------------------------------------------------------------------------- Update Information: This update adds support for the new signature method introduced in Eucalyptus 3.2.1. It also includes several bugfixes. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 4 2013 Garrett Holmstrom <gholms@xxxxxxxxxxxxxxxxx> - 2.1.3-1 - Upstream update (2.1.3) [RH:916716] - Fix euare-useraddpolicy --delegate * Wed Feb 13 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.1.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #916716 - Update euca2ools to 2.1.3 https://bugzilla.redhat.com/show_bug.cgi?id=916716 -------------------------------------------------------------------------------- ================================================================================ fedmsg-0.6.8-1.fc18 (FEDORA-2013-3474) Tools for Fedora Infrastructure real-time messaging -------------------------------------------------------------------------------- Update Information: fedmsg-tail --gource; standardization of fedmsg-tweet -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 4 2013 Ralph Bean <rbean@xxxxxxxxxx> - 0.6.8-1 - New fedmsg-tail --gource option for visualizations. - fedmsg-tweet reorganized to be more similar to other daemons. -------------------------------------------------------------------------------- ================================================================================ gnome-session-3.6.2-4.fc18 (FEDORA-2013-3446) GNOME session manager -------------------------------------------------------------------------------- Update Information: Fixed session management. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 4 2013 Jan Horak <jhorak@xxxxxxxxxx> - 3.6.2-4 - Added ustream patch to fix session management handling (rhbz#894537) -------------------------------------------------------------------------------- References: [ 1 ] Bug #894537 - gnome-terminal gets told "Refusing new client connection because the session is currently being shut down" https://bugzilla.redhat.com/show_bug.cgi?id=894537 -------------------------------------------------------------------------------- ================================================================================ iproute-3.6.0-7.fc18 (FEDORA-2013-3458) Advanced IP routing and network device configuration tools -------------------------------------------------------------------------------- Update Information: New version 1.4.18 - lots of documentation changes - Introduce match/target aliases - Add the "state" alias to the "conntrack" match - iptables: remove unused leftover definitions - libxtables: add xtables_rule_matches_free - libxtables: add xtables_print_num - extensions: libip6t_DNPT: fix wording in DNPT target - extension: libip6t_DNAT: allow port DNAT without address - extensions: libip6t_DNAT: set IPv6 DNAT --to-destination - extensions: S/DNPT: add missing save function - changes of 1.4.17: - libxt_time: add support to ignore day transition - Convert the NAT targets to use the kernel supplied nf_nat.h header - extensions: add IPv6 MASQUERADE extension - extensions: add IPv6 SNAT extension - extensions: add IPv6 DNAT target - extensions: add IPv6 REDIRECT extension - extensions: add IPv6 NETMAP extension - extensions: add NPT extension - extensions: libxt_statistic: Fix save output -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 4 2013 Petr Šabata <contyk@xxxxxxxxxx> - 3.6.0-7 - Bump for 1.4.18 rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #868150 - iptables-1.4.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=868150 -------------------------------------------------------------------------------- ================================================================================ iptables-1.4.18-1.fc18 (FEDORA-2013-3458) Tools for managing Linux kernel packet filtering capabilities -------------------------------------------------------------------------------- Update Information: New version 1.4.18 - lots of documentation changes - Introduce match/target aliases - Add the "state" alias to the "conntrack" match - iptables: remove unused leftover definitions - libxtables: add xtables_rule_matches_free - libxtables: add xtables_print_num - extensions: libip6t_DNPT: fix wording in DNPT target - extension: libip6t_DNAT: allow port DNAT without address - extensions: libip6t_DNAT: set IPv6 DNAT --to-destination - extensions: S/DNPT: add missing save function - changes of 1.4.17: - libxt_time: add support to ignore day transition - Convert the NAT targets to use the kernel supplied nf_nat.h header - extensions: add IPv6 MASQUERADE extension - extensions: add IPv6 SNAT extension - extensions: add IPv6 DNAT target - extensions: add IPv6 REDIRECT extension - extensions: add IPv6 NETMAP extension - extensions: add NPT extension - extensions: libxt_statistic: Fix save output -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 4 2013 Thomas Woerner <twoerner@xxxxxxxxxx> 1.4.18-1 - new version 1.4.18 - lots of documentation changes - Introduce match/target aliases - Add the "state" alias to the "conntrack" match - iptables: remove unused leftover definitions - libxtables: add xtables_rule_matches_free - libxtables: add xtables_print_num - extensions: libip6t_DNPT: fix wording in DNPT target - extension: libip6t_DNAT: allow port DNAT without address - extensions: libip6t_DNAT: set IPv6 DNAT --to-destination - extensions: S/DNPT: add missing save function - changes of 1.4.17: - libxt_time: add support to ignore day transition - Convert the NAT targets to use the kernel supplied nf_nat.h header - extensions: add IPv6 MASQUERADE extension - extensions: add IPv6 SNAT extension - extensions: add IPv6 DNAT target - extensions: add IPv6 REDIRECT extension - extensions: add IPv6 NETMAP extension - extensions: add NPT extension - extensions: libxt_statistic: Fix save output -------------------------------------------------------------------------------- References: [ 1 ] Bug #868150 - iptables-1.4.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=868150 -------------------------------------------------------------------------------- ================================================================================ java-1.7.0-openjdk-1.7.0.9-2.3.8.0.fc18 (FEDORA-2013-3468) OpenJDK Runtime Environment -------------------------------------------------------------------------------- Update Information: This is a new security release of OpenJDK7 (based on IcedTea7 2.3.8 forest) that fixes CVE-2013-0809 and CVE-2013-1493. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 4 2013 Omair Majid <omajid@xxxxxxxxxx> - 1.7.0.9-2.3.8.fc18 - Updated to icedtea7 2.3.8 (forest) - Remove upstreamed patches contained in extra tarball. -------------------------------------------------------------------------------- ================================================================================ lcgdm-dav-0.12.1-2.fc18 (FEDORA-2013-3440) HTTP/DAV front end to the DPM/LFC services -------------------------------------------------------------------------------- Update Information: Upstream patch: mod_lcgdm_disk url-decodes received parameters - fix for a frequent segfault Update for new upstream release Update for new upstream release Update for new upstream release Update for new upstream release - fix for a frequent segfault Update for new upstream release Update for new upstream release Update for new upstream release Update for new upstream release - fix for a frequent segfault Update for new upstream release Update for new upstream release Update for new upstream release Update for new upstream release - fix for a frequent segfault Update for new upstream release Update for new upstream release Update for new upstream release Update for new upstream release -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 5 2013 Alejandro Alvarez <aalvarez@xxxxxxx> - 0.12.1-2 - Upstream patch: mod_lcgdm_disk url-decodes received parameters * Fri Feb 8 2013 Ricardo Rocha <ricardo.rocha@xxxxxxx> - 0.12.1-1 - Update for new upstream release (patch for segfault) * Wed Feb 6 2013 Ricardo Rocha <ricardo.rocha@xxxxxxx> - 0.12.0-1 - Update for new upstream release * Tue Jan 29 2013 Ricardo Rocha <ricardo.rocha@xxxxxxx> - 0.11.0-2 - Added patch for apache 2.4 api change * Wed Nov 14 2012 Ricardo Rocha <ricardo.rocha@xxxxxxx> - 0.11.0-1 - Update for new upstream release -------------------------------------------------------------------------------- ================================================================================ libcdr-0.0.11-1.fc18 (FEDORA-2013-3450) A library providing ability to interpret and import Corel Draw drawings -------------------------------------------------------------------------------- Update Information: New release. -------------------------------------------------------------------------------- ChangeLog: * Sat Mar 2 2013 David Tardon <dtardon@xxxxxxxxxx> - 0.0.11-1 - new release * Thu Jan 31 2013 David Tardon <dtardon@xxxxxxxxxx> - 0.0.10-2 - rebuild for ICU change * Mon Jan 28 2013 David Tardon <dtardon@xxxxxxxxxx> - 0.0.10-1 - new release -------------------------------------------------------------------------------- ================================================================================ libdivecomputer-0.3.0-2.fc18 (FEDORA-2013-2987) Library for communication with dive computers -------------------------------------------------------------------------------- Update Information: Update to 3.0.2 This update brings quite a number of nice new features, see announce: http://subsurface.hohndel.org/2013/02/subsurface-3-0-has-been-released/ -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 21 2013 Pierre-Yves Chibon - 0.3.0-2 - Remove all the binary installed but the universal application * Wed Feb 20 2013 Pierre-Yves Chibon - 0.3.0-1 - Update to 0.3.0 * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ libgusb-0.1.6-1.fc18 (FEDORA-2013-3442) GLib wrapper around libusb1 -------------------------------------------------------------------------------- Update Information: - New upstream version - Do not use deprecated GLib functionality - Unref the GMainloop after it has been run, not when just quit -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 6 2013 Richard Hughes <richard@xxxxxxxxxxx> 0.1.6-1 - New upstream version - Do not use deprecated GLib functionality - Unref the GMainloop after it has been run, not when just quit * Tue Feb 5 2013 Richard Hughes <richard@xxxxxxxxxxx> 0.1.5-1 - New upstream version -------------------------------------------------------------------------------- ================================================================================ libmspub-0.0.5-1.fc18 (FEDORA-2013-3448) A library providing ability to interpret and import Microsoft Publisher files -------------------------------------------------------------------------------- Update Information: New release. -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 20 2013 David Tardon <dtardon@xxxxxxxxxx> - 0.0.5-1 - new release -------------------------------------------------------------------------------- ================================================================================ libosinfo-0.2.5-1.fc18 (FEDORA-2013-3433) A library for managing OS information for virtualization -------------------------------------------------------------------------------- Update Information: libosinfo 0.2.5 -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 5 2013 Christophe Fergeau <cfergeau@xxxxxxxxxx> 0.2.5-1 - New upstream release 0.2.5 - Disable udev rule as it's no longer required with newer systemd/util-linux -------------------------------------------------------------------------------- ================================================================================ libvisio-0.0.25-1.fc18 (FEDORA-2013-3464) A library providing ability to interpret and import visio diagrams -------------------------------------------------------------------------------- Update Information: New release. -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 28 2013 David Tardon <dtardon@xxxxxxxxxx> - 0.0.25-1 - new release * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.0.24-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ mediawiki-1.19.4-1.fc18 (FEDORA-2013-3265) A wiki engine -------------------------------------------------------------------------------- Update Information: Bring mediawiki up to date to fix multiple bugs, security holes, and bring new features. The package should automatically attempt to upgrade your wiki, but please make sure to perform backups before updating. Special care may be required for MySQL based wikis. See bug 845818. Read the main mediawiki web site for Release Notes for 1.17, 1.18, and 1.19. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 4 2013 Michael Cronenworth <mike@xxxxxxxxxx> - 1.19.4-1 - New upstream release. * Thu Feb 28 2013 Michael Cronenworth <mike@xxxxxxxxxx> - 1.19.3-2 - Fix upgrade path. * Wed Feb 27 2013 Michael Cronenworth <mike@xxxxxxxxxx> - 1.19.3-1 - New upstream release. * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.16.5-62 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #882325 - CVE-2012-5391 mediawiki: Vulnerable to session fixation attacks https://bugzilla.redhat.com/show_bug.cgi?id=882325 -------------------------------------------------------------------------------- ================================================================================ mingw-gnutls-2.12.23-1.fc18 (FEDORA-2013-3453) MinGW GnuTLS TLS/SSL encryption library -------------------------------------------------------------------------------- Update Information: Version 2.12.23 (released 2012-02-04) * libgnutls: Eliminated memory leak in PCKS #11 initialization. Report and fix by Sam Varshavchik. * libgnutls: Fixes in record padding parsing to prevent a timing attack. Issue reported by Kenny Patterson and Nadhem Alfardan. * libgnutls: DN variable 'T' was expanded to 'title'. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 4 2013 Michael Cronenworth <mike@xxxxxxxxxx> - 2.12.23-1 - Update to 2.12.23 -------------------------------------------------------------------------------- ================================================================================ mod_evasive-1.10.1-15.fc18 (FEDORA-2013-3441) Denial of Service evasion module for Apache -------------------------------------------------------------------------------- Update Information: Fix configuration file for httpd-2.4. -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 26 2012 Ján ONDREJ (SAL) <ondrejj(at)salstar.sk> - 1.10.1-15 - fix configuration file for new version (#879269) -------------------------------------------------------------------------------- References: [ 1 ] Bug #879269 - mod_evasive broken with httpd 2.4 https://bugzilla.redhat.com/show_bug.cgi?id=879269 -------------------------------------------------------------------------------- ================================================================================ nodejs-chrono-1.0.4-1.fc18 (FEDORA-2013-3075) Format dates in JavaScript -------------------------------------------------------------------------------- Update Information: This update includes various new npm packages for Node.js. -------------------------------------------------------------------------------- References: [ 1 ] Bug #917417 - Review Request: nodejs-zap - A tiny test runner https://bugzilla.redhat.com/show_bug.cgi?id=917417 [ 2 ] Bug #917419 - Review Request: nodejs-xml2js - Simple XML to JavaScript object converter https://bugzilla.redhat.com/show_bug.cgi?id=917419 [ 3 ] Bug #915087 - Review Request: nodejs-chrono - Format dates in JavaScript https://bugzilla.redhat.com/show_bug.cgi?id=915087 [ 4 ] Bug #914937 - Review Request: nodejs-sphericalmercator - Transformations between Spherical Mercator and Lat/Lon https://bugzilla.redhat.com/show_bug.cgi?id=914937 [ 5 ] Bug #914925 - Review Request: nodejs-passport - Simple, unobtrusive authentication for Node.js https://bugzilla.redhat.com/show_bug.cgi?id=914925 [ 6 ] Bug #915095 - Review Request: nodejs-mapnik-reference - Reference for Mapnik Styling Options https://bugzilla.redhat.com/show_bug.cgi?id=915095 [ 7 ] Bug #917308 - Review Request: nodejs-step - A simple control-flow library for Node.js https://bugzilla.redhat.com/show_bug.cgi?id=917308 -------------------------------------------------------------------------------- ================================================================================ nodejs-mapnik-reference-5.0.4-2.fc18 (FEDORA-2013-3075) Reference for Mapnik Styling Options -------------------------------------------------------------------------------- Update Information: This update includes various new npm packages for Node.js. -------------------------------------------------------------------------------- References: [ 1 ] Bug #917417 - Review Request: nodejs-zap - A tiny test runner https://bugzilla.redhat.com/show_bug.cgi?id=917417 [ 2 ] Bug #917419 - Review Request: nodejs-xml2js - Simple XML to JavaScript object converter https://bugzilla.redhat.com/show_bug.cgi?id=917419 [ 3 ] Bug #915087 - Review Request: nodejs-chrono - Format dates in JavaScript https://bugzilla.redhat.com/show_bug.cgi?id=915087 [ 4 ] Bug #914937 - Review Request: nodejs-sphericalmercator - Transformations between Spherical Mercator and Lat/Lon https://bugzilla.redhat.com/show_bug.cgi?id=914937 [ 5 ] Bug #914925 - Review Request: nodejs-passport - Simple, unobtrusive authentication for Node.js https://bugzilla.redhat.com/show_bug.cgi?id=914925 [ 6 ] Bug #915095 - Review Request: nodejs-mapnik-reference - Reference for Mapnik Styling Options https://bugzilla.redhat.com/show_bug.cgi?id=915095 [ 7 ] Bug #917308 - Review Request: nodejs-step - A simple control-flow library for Node.js https://bugzilla.redhat.com/show_bug.cgi?id=917308 -------------------------------------------------------------------------------- ================================================================================ nodejs-passport-0.1.16-1.fc18 (FEDORA-2013-3075) Simple, unobtrusive authentication for Node.js -------------------------------------------------------------------------------- Update Information: This update includes various new npm packages for Node.js. -------------------------------------------------------------------------------- References: [ 1 ] Bug #917417 - Review Request: nodejs-zap - A tiny test runner https://bugzilla.redhat.com/show_bug.cgi?id=917417 [ 2 ] Bug #917419 - Review Request: nodejs-xml2js - Simple XML to JavaScript object converter https://bugzilla.redhat.com/show_bug.cgi?id=917419 [ 3 ] Bug #915087 - Review Request: nodejs-chrono - Format dates in JavaScript https://bugzilla.redhat.com/show_bug.cgi?id=915087 [ 4 ] Bug #914937 - Review Request: nodejs-sphericalmercator - Transformations between Spherical Mercator and Lat/Lon https://bugzilla.redhat.com/show_bug.cgi?id=914937 [ 5 ] Bug #914925 - Review Request: nodejs-passport - Simple, unobtrusive authentication for Node.js https://bugzilla.redhat.com/show_bug.cgi?id=914925 [ 6 ] Bug #915095 - Review Request: nodejs-mapnik-reference - Reference for Mapnik Styling Options https://bugzilla.redhat.com/show_bug.cgi?id=915095 [ 7 ] Bug #917308 - Review Request: nodejs-step - A simple control-flow library for Node.js https://bugzilla.redhat.com/show_bug.cgi?id=917308 -------------------------------------------------------------------------------- ================================================================================ nodejs-sphericalmercator-1.0.2-1.fc18 (FEDORA-2013-3075) Transformations between Spherical Mercator and Lat/Lon -------------------------------------------------------------------------------- Update Information: This update includes various new npm packages for Node.js. -------------------------------------------------------------------------------- References: [ 1 ] Bug #917417 - Review Request: nodejs-zap - A tiny test runner https://bugzilla.redhat.com/show_bug.cgi?id=917417 [ 2 ] Bug #917419 - Review Request: nodejs-xml2js - Simple XML to JavaScript object converter https://bugzilla.redhat.com/show_bug.cgi?id=917419 [ 3 ] Bug #915087 - Review Request: nodejs-chrono - Format dates in JavaScript https://bugzilla.redhat.com/show_bug.cgi?id=915087 [ 4 ] Bug #914937 - Review Request: nodejs-sphericalmercator - Transformations between Spherical Mercator and Lat/Lon https://bugzilla.redhat.com/show_bug.cgi?id=914937 [ 5 ] Bug #914925 - Review Request: nodejs-passport - Simple, unobtrusive authentication for Node.js https://bugzilla.redhat.com/show_bug.cgi?id=914925 [ 6 ] Bug #915095 - Review Request: nodejs-mapnik-reference - Reference for Mapnik Styling Options https://bugzilla.redhat.com/show_bug.cgi?id=915095 [ 7 ] Bug #917308 - Review Request: nodejs-step - A simple control-flow library for Node.js https://bugzilla.redhat.com/show_bug.cgi?id=917308 -------------------------------------------------------------------------------- ================================================================================ nodejs-step-0.0.5-1.fc18 (FEDORA-2013-3075) A simple control-flow library for Node.js -------------------------------------------------------------------------------- Update Information: This update includes various new npm packages for Node.js. -------------------------------------------------------------------------------- References: [ 1 ] Bug #917417 - Review Request: nodejs-zap - A tiny test runner https://bugzilla.redhat.com/show_bug.cgi?id=917417 [ 2 ] Bug #917419 - Review Request: nodejs-xml2js - Simple XML to JavaScript object converter https://bugzilla.redhat.com/show_bug.cgi?id=917419 [ 3 ] Bug #915087 - Review Request: nodejs-chrono - Format dates in JavaScript https://bugzilla.redhat.com/show_bug.cgi?id=915087 [ 4 ] Bug #914937 - Review Request: nodejs-sphericalmercator - Transformations between Spherical Mercator and Lat/Lon https://bugzilla.redhat.com/show_bug.cgi?id=914937 [ 5 ] Bug #914925 - Review Request: nodejs-passport - Simple, unobtrusive authentication for Node.js https://bugzilla.redhat.com/show_bug.cgi?id=914925 [ 6 ] Bug #915095 - Review Request: nodejs-mapnik-reference - Reference for Mapnik Styling Options https://bugzilla.redhat.com/show_bug.cgi?id=915095 [ 7 ] Bug #917308 - Review Request: nodejs-step - A simple control-flow library for Node.js https://bugzilla.redhat.com/show_bug.cgi?id=917308 -------------------------------------------------------------------------------- ================================================================================ nodejs-xml2js-0.2.6-1.fc18 (FEDORA-2013-3075) Simple XML to JavaScript object converter -------------------------------------------------------------------------------- Update Information: This update includes various new npm packages for Node.js. -------------------------------------------------------------------------------- References: [ 1 ] Bug #917417 - Review Request: nodejs-zap - A tiny test runner https://bugzilla.redhat.com/show_bug.cgi?id=917417 [ 2 ] Bug #917419 - Review Request: nodejs-xml2js - Simple XML to JavaScript object converter https://bugzilla.redhat.com/show_bug.cgi?id=917419 [ 3 ] Bug #915087 - Review Request: nodejs-chrono - Format dates in JavaScript https://bugzilla.redhat.com/show_bug.cgi?id=915087 [ 4 ] Bug #914937 - Review Request: nodejs-sphericalmercator - Transformations between Spherical Mercator and Lat/Lon https://bugzilla.redhat.com/show_bug.cgi?id=914937 [ 5 ] Bug #914925 - Review Request: nodejs-passport - Simple, unobtrusive authentication for Node.js https://bugzilla.redhat.com/show_bug.cgi?id=914925 [ 6 ] Bug #915095 - Review Request: nodejs-mapnik-reference - Reference for Mapnik Styling Options https://bugzilla.redhat.com/show_bug.cgi?id=915095 [ 7 ] Bug #917308 - Review Request: nodejs-step - A simple control-flow library for Node.js https://bugzilla.redhat.com/show_bug.cgi?id=917308 -------------------------------------------------------------------------------- ================================================================================ nodejs-zap-0.2.5-2.fc18 (FEDORA-2013-3075) A tiny test runner -------------------------------------------------------------------------------- Update Information: This update includes various new npm packages for Node.js. -------------------------------------------------------------------------------- References: [ 1 ] Bug #917417 - Review Request: nodejs-zap - A tiny test runner https://bugzilla.redhat.com/show_bug.cgi?id=917417 [ 2 ] Bug #917419 - Review Request: nodejs-xml2js - Simple XML to JavaScript object converter https://bugzilla.redhat.com/show_bug.cgi?id=917419 [ 3 ] Bug #915087 - Review Request: nodejs-chrono - Format dates in JavaScript https://bugzilla.redhat.com/show_bug.cgi?id=915087 [ 4 ] Bug #914937 - Review Request: nodejs-sphericalmercator - Transformations between Spherical Mercator and Lat/Lon https://bugzilla.redhat.com/show_bug.cgi?id=914937 [ 5 ] Bug #914925 - Review Request: nodejs-passport - Simple, unobtrusive authentication for Node.js https://bugzilla.redhat.com/show_bug.cgi?id=914925 [ 6 ] Bug #915095 - Review Request: nodejs-mapnik-reference - Reference for Mapnik Styling Options https://bugzilla.redhat.com/show_bug.cgi?id=915095 [ 7 ] Bug #917308 - Review Request: nodejs-step - A simple control-flow library for Node.js https://bugzilla.redhat.com/show_bug.cgi?id=917308 -------------------------------------------------------------------------------- ================================================================================ openscap-0.9.4.1-1.fc18 (FEDORA-2013-3445) Set of open source libraries enabling integration of the SCAP line of standards -------------------------------------------------------------------------------- Update Information: This is an update to the latest openscap-0.9.4.1 release -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 4 2013 Petr Lautrbach <plautrba@xxxxxxxxxx> 0.9.4.1-1 - upgrade * Tue Feb 26 2013 Petr Lautrbach <plautrba@xxxxxxxxxx> 0.9.4-1 - upgrade -------------------------------------------------------------------------------- ================================================================================ openstack-nova-2012.2.3-2.fc18 (FEDORA-2013-3452) OpenStack Compute (nova) -------------------------------------------------------------------------------- Update Information: - Update to folsom stable release 3 - Use LIBGUESTFS_ATTACH_METHOD=appliance to allow injection to work -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 28 2013 Dan Prince <dprince@xxxxxxxxxx> - 2012.2.3-2 - Use LIBGUESTFS_ATTACH_METHOD=appliance to allow injection to work * Mon Feb 4 2013 Pádraig Brady <pbrady@xxxxxxxxxx> - 2012.2.3-1 - Update to folsom stable release 3 * Tue Jan 29 2013 Pádraig Brady <pbrady@xxxxxxxxxx> - 2012.2.2-2 - disallow boot from volume from specifying arbitrary volumes (CVE-2013-0208) - Added python-keystone requirement -------------------------------------------------------------------------------- ================================================================================ perl-5.16.2-240.fc18 (FEDORA-2013-3436) Practical Extraction and Report Language -------------------------------------------------------------------------------- Update Information: Fix CVE-2013-1667 (DoS in rehashing code). -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 5 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 4:5.16.2-240 - Fix CVE-2013-1667 (DoS in rehashing code) (bug #918008) -------------------------------------------------------------------------------- References: [ 1 ] Bug #912276 - CVE-2013-1667 perl: DoS in rehashing code https://bugzilla.redhat.com/show_bug.cgi?id=912276 -------------------------------------------------------------------------------- ================================================================================ perl-DateTime-Format-Flexible-0.25-1.fc18 (FEDORA-2013-3451) Flexibly parse strings and turn them into DateTime objects -------------------------------------------------------------------------------- Update Information: Support for "HH:MM::SS timezone YYYY/MM/DD" added. -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 5 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 0.25-1 - 0.25 bump -------------------------------------------------------------------------------- References: [ 1 ] Bug #917980 - perl-DateTime-Format-Flexible-0.25 is available https://bugzilla.redhat.com/show_bug.cgi?id=917980 -------------------------------------------------------------------------------- ================================================================================ perl-Mail-Box-Parser-C-3.007-1.fc18 (FEDORA-2013-3455) Parsing folders for MailBox with C routines -------------------------------------------------------------------------------- Update Information: Update to 3.007 to support header lines longer than 1023 characters. -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 5 2013 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 3.007-1 - update to 3.007 * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.006-15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #917669 - Please update to Mail::Box::Parser::C 3.007 to fix bug: parses messages with long header lines (>1023 characters) improperly https://bugzilla.redhat.com/show_bug.cgi?id=917669 -------------------------------------------------------------------------------- ================================================================================ perl-Net-SFTP-Foreign-1.74.05-5.fc18 (FEDORA-2013-3460) SSH File Transfer Protocol client -------------------------------------------------------------------------------- Update Information: Removing dependency that breaks builds -------------------------------------------------------------------------------- ================================================================================ perl-WWW-OrangeHRM-Client-0.4.0-1.fc18 (FEDORA-2013-3430) Client for OrangeHRM -------------------------------------------------------------------------------- Update Information: Show day names in time sheet listing. -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 5 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 0.4.0-1 - 0.4.0 bump -------------------------------------------------------------------------------- ================================================================================ poppler-0.20.2-10.fc18 (FEDORA-2013-3473) PDF rendering library -------------------------------------------------------------------------------- Update Information: This update fixes these security issues: CVE-2013-1788, CVE-2013-1789 and CVE-2013-1790. -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 5 2013 Marek Kasik <mkasik@xxxxxxxxxx> 0.20.2-10 - Backport several security fixes: - CVE-2013-1788 (Invalid memory accesses) - CVE-2013-1789 (Crash on certain documents) - CVE-2013-1790 (Read of uninitialized memory) - Resolves: #917113 -------------------------------------------------------------------------------- References: [ 1 ] Bug #917108 - CVE-2013-1788 poppler: multiple invalid memory access flaws https://bugzilla.redhat.com/show_bug.cgi?id=917108 [ 2 ] Bug #917109 - CVE-2013-1789 poppler: multiple denial of service flaws https://bugzilla.redhat.com/show_bug.cgi?id=917109 [ 3 ] Bug #917111 - CVE-2013-1790 poppler: uninitialized memory read flaw https://bugzilla.redhat.com/show_bug.cgi?id=917111 -------------------------------------------------------------------------------- ================================================================================ pymunk-1.0.0-6.fc18 (FEDORA-2013-3463) Python wrapper for the chipmunk 2D physics engine -------------------------------------------------------------------------------- Update Information: Fix 64-bit library path. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 4 2013 Jon Ciesla <limb@xxxxxxxxxxxx> - 1.0.0-6 - Fix shared lib patch for 64-bit. * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #916515 - Unable to import pymunk in Python https://bugzilla.redhat.com/show_bug.cgi?id=916515 -------------------------------------------------------------------------------- ================================================================================ python-bugzilla-0.8.0-2.fc18 (FEDORA-2013-3447) A python library for interacting with Bugzilla -------------------------------------------------------------------------------- Update Information: * Don't upload scrambled attachments (bz #915318) * Rebased to version 0.8.0 * Drop most usage of non-upstream RH Bugzilla API * Test suite improvements, nearly complete code coverage * Fix all open bug reports and RFEs -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 4 2013 Cole Robinson <crobinso@xxxxxxxxxx> - 0.8.0-2 - Don't upload scrambled attachments (bz #915318) * Fri Feb 15 2013 Cole Robinson <crobinso@xxxxxxxxxx> - 0.8.0-1 - Rebased to version 0.8.0 - Drop most usage of non-upstream RH Bugzilla API - Test suite improvements, nearly complete code coverage - Fix all open bug reports and RFEs -------------------------------------------------------------------------------- References: [ 1 ] Bug #915318 - File attachments contents is mangled [regression] https://bugzilla.redhat.com/show_bug.cgi?id=915318 [ 2 ] Bug #905525 - [abrt] python-bugzilla-0.7.0-3.fc18: base.py:1260:__getattr__:AttributeError: Bug object has no attribute 'None_whiteboard' https://bugzilla.redhat.com/show_bug.cgi?id=905525 [ 3 ] Bug #906781 - getusers doesn't return user list in the same order as the input list https://bugzilla.redhat.com/show_bug.cgi?id=906781 [ 4 ] Bug #889150 - [patch] python-bugzilla: traceback with certain arguments trying to split None https://bugzilla.redhat.com/show_bug.cgi?id=889150 [ 5 ] Bug #905529 - [abrt] python-bugzilla-0.7.0-3.fc18: bugzilla:730:bug_field:TypeError: sequence item 0: expected string, int found https://bugzilla.redhat.com/show_bug.cgi?id=905529 -------------------------------------------------------------------------------- ================================================================================ slrn-1.0.1-3.fc18 (FEDORA-2013-3476) A threaded Internet news reader -------------------------------------------------------------------------------- Update Information: Require slang shell for interpreting SMIME slrn script. -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 5 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 1.0.1-3 - Require slang-slsh -------------------------------------------------------------------------------- ================================================================================ subsurface-3.0.2-1.fc18 (FEDORA-2013-2987) Rough divelog in C and Gtk -------------------------------------------------------------------------------- Update Information: Update to 3.0.2 This update brings quite a number of nice new features, see announce: http://subsurface.hohndel.org/2013/02/subsurface-3-0-has-been-released/ -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 4 2013 Pierre-Yves Chibon <pingou@xxxxxxxxxxxx> - 3.0.2-1 - Update to 3.0.2 * Thu Feb 21 2013 Pierre-Yves Chibon <pingou@xxxxxxxxxxxx> - 3.0-1 - Update to 3.0 which adds the dependency on osm-gps-map and a BR on libzip-devel * Fri Feb 15 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ targetcli-2.0.fb21-1.fc18 (FEDORA-2013-3471) An administration shell for storage targets -------------------------------------------------------------------------------- Update Information: Support for tags. -------------------------------------------------------------------------------- ================================================================================ tor-0.2.3.25-1802.fc18 (FEDORA-2013-3434) Anonymizing overlay network for TCP (The onion router) -------------------------------------------------------------------------------- Update Information: Update for security and massive revamp of spec Fix outstanding security issues, plus package cleanup torify subpackage should depend on torsocks not tsocks -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 4 2013 Jamie Nguyen <jamielinux@xxxxxxxxxxxxxxxxx> - 0.2.3.25-1802 - add missing %{?dist} - cleanup systemd macros - remove unnecessary Requires on logrotate directory - change permissions of the following files/directories: /var/log/tor should be owned by toranon:toranon with 0700 permissions; /var/lib/tor should be owned by toranon:toranon with 0700 permissions; /etc/tor/torrc should be owned by root:root with 0644 permissions; - remove dependency on fedora-usermgmt as it has been queued for obsoletion from Fedora - add users and groups without forcing use of uid=19 as it is not necessarily available, nor is it required or expected by upstream - do not remove users/groups in %postun as the guidelines state: https://fedoraproject.org/wiki/Packaging:UsersAndGroups - remove tor-upstart subpackage as upstart is no longer installable within Fedora and renders the subpackage obsolete - amend logrotate file to match closer with upstream defaults, and removing references to several obsolete init systems - move the tor-core subpackage back into the main tor package to match upstream expectations and user expectations (ie, yum install tor) - move the tor-systemd subpackage back into the main tor package: the main tor package has a hard requirement on tor-systemd, so there is no purpose for keeping tor-systemd separate from the main package - remove "Requires: tor-systemd" - move the torify subpackage back into the main tor package to match upstream expectations and user expectations (ie, yum install tor) - remove the logic separating the documentation files for tor and torify, which is now no longer needed - use --docdir option when running %configure - after moving the tor-systemd and torify subpackages back into the main tor package, the %with_noarch macro and the associated conditionals are no longer used so remove them - split username global variable into separate toruser and torgroup global variables to improve spec flexibility and ease of comprehension, as well as matching how upstream have written their spec - use --with-tor-user=%toruser and --with-tor-group=%torgroup options when running %configure, as recommended by upstream - remove all modifications to the default tor configuration file so that we can stick more closely to upstream defaults - add /usr/share/tor/defaults-torrc file, which only contains two options: DataDirectory /var/lib/tor User toranon Log notice syslog - when starting the tor service, use the following options as recommended by upstream: --defaults-torrc /usr/share/tor/defaults-torrc -f /etc/tor/torrc - take a more cautious approach in the %files section and specify filenames more explicitly rather than using wildcards, which also makes it easier to see the contents of the package - the /var/run/tor directory is not needed so remove it, which also fixes bug #656707 - use %_localstatedir instead of %_var - add some useful comments about the Obsoletes/Provides/Requires - add comments about tor.logrotate, tor.defaults-torrc and tor.systemd.service - remove unnecessary custom LDFLAGS - increase LimitNOFILE in tor.service from 4096 to 32768, as advised by upstream: https://trac.torproject.org/projects/tor/ticket/8368#comment:4 - remove unused files in git (verinfo and lastver) - change URL to HTTPS - remove TODO as it doesn't contain any useful information - disallow group read for /var/log/tor * Thu Feb 7 2013 Jamie Nguyen <jamielinux@xxxxxxxxxxxxxxxxx> - 0.2.3.25-1801 - torify subpackage should depend on torsocks not tsocks (#908569) * Wed Feb 6 2013 Jamie Nguyen <jamielinux@xxxxxxxxxxxxxxxxx> - 0.2.3.25-1800 - add additional %configure options for user and group - add --defaults-torrc to systemd service to make sure sane defaults are set unless explicitly overridden - remove unnecessary BuildRoot tag - remove unnecessary rm -rf RPM_BUILD_ROOT - remove unnecessary %clean section - remove unnecessary defattr's - fix Requires for torify subpackage - update scriptlets to latest systemd guidelines - aesthetic changes to the SPEC for clarity and readability - remove changelog entry from different branch -------------------------------------------------------------------------------- References: [ 1 ] Bug #880310 - CVE-2012-5573 tor: denial of service when handling SENDME cells https://bugzilla.redhat.com/show_bug.cgi?id=880310 -------------------------------------------------------------------------------- ================================================================================ vym-2.3.14-1.fc18 (FEDORA-2013-3456) View your mind -------------------------------------------------------------------------------- Update Information: Latest upstream. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 4 2013 Jon Ciesla <limburgher@xxxxxxxxx> - 2.3.14-1 - Latest upstream, BZ 915251. * Sat Feb 9 2013 Parag Nemade <paragn AT fedoraproject DOT org> - 2.3.11-2 - Remove vendor tag from desktop file as per https://fedorahosted.org/fesco/ticket/1077 - Cleanup spec as per recently changed packaging guidelines -------------------------------------------------------------------------------- References: [ 1 ] Bug #915251 - vym-2.3.14 is available https://bugzilla.redhat.com/show_bug.cgi?id=915251 -------------------------------------------------------------------------------- ================================================================================ xml-commons-apis-1.4.01-11.fc18 (FEDORA-2013-3470) APIs for DOM, SAX, and JAXP -------------------------------------------------------------------------------- Update Information: Fixed linkage errors by removing the linkage paths and adding system.bundle to the dependencies of javax.xml. it is necessary to start eclipse -clean. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 4 2013 Mikolaj Izdebski <mizdebsk@xxxxxxxxxx> - 1.4.01-11 - Exclude system.bundle from auto-requires - Works around: rhbz#917647 * Mon Mar 4 2013 Mikolaj Izdebski <mizdebsk@xxxxxxxxxx> - 1.4.01-11 - Add Require-Bundle: system.bundle to manifest - Resolves: rhbz#917659 * Fri Feb 15 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.4.01-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Fri Nov 2 2012 Mikolaj Izdebski <mizdebsk@xxxxxxxxxx> - 1.4.01-9 - Add additional maven depmap -------------------------------------------------------------------------------- References: [ 1 ] Bug #917418 - org.eclipse.swt.SWTException: Device is disposed https://bugzilla.redhat.com/show_bug.cgi?id=917418 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
