The following Fedora 17 Security updates need testing: Age URL 243 https://admin.fedoraproject.org/updates/FEDORA-2012-10269/revelation-0.4.14-1.fc17 84 https://admin.fedoraproject.org/updates/FEDORA-2012-20092/libproxy-0.4.11-1.fc17 59 https://admin.fedoraproject.org/updates/FEDORA-2013-0210/vdsm-4.10.0-13.fc17 59 https://admin.fedoraproject.org/updates/FEDORA-2013-0231/ca-certificates-2012.87-1.fc17 55 https://admin.fedoraproject.org/updates/FEDORA-2013-0455/fedora-business-cards-1-0.1.beta1.fc17 41 https://admin.fedoraproject.org/updates/FEDORA-2013-1286/python-tw2-jquery-2.0.3-5.fc17 32 https://admin.fedoraproject.org/updates/FEDORA-2013-1804/coreutils-8.15-10.fc17 25 https://admin.fedoraproject.org/updates/FEDORA-2013-2143/rubygem-rdoc-3.12-5.fc17 25 https://admin.fedoraproject.org/updates/FEDORA-2013-2023/tor-0.2.3.25-1700 21 https://admin.fedoraproject.org/updates/FEDORA-2013-2315/rubygem-rack-1.4.0-4.fc17 12 https://admin.fedoraproject.org/updates/FEDORA-2013-2789/yum-3.4.3-31.fc17 12 https://admin.fedoraproject.org/updates/FEDORA-2013-2793/openssl-1.0.0k-1.fc17 10 https://admin.fedoraproject.org/updates/FEDORA-2013-2874/Django-1.4.5-1.fc17 10 https://admin.fedoraproject.org/updates/FEDORA-2013-2845/bugzilla-4.0.10-1.fc17 9 https://admin.fedoraproject.org/updates/FEDORA-2013-2984/libtasn1-2.14-1.fc17,gnutls-2.12.23-1.fc17 6 https://admin.fedoraproject.org/updates/FEDORA-2013-3079/nss-3.14.3-1.fc17,nss-softokn-3.14.3-1.fc17,nss-util-3.14.3-1.fc17,nspr-4.9.5-2.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2013-3252/kernel-3.7.10-101.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2013-3259/crypto-utils-2.4.1-39.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2013-3270/sudo-1.8.6p7-1.fc17 1 https://admin.fedoraproject.org/updates/FEDORA-2013-3382/zfs-fuse-0.7.0-3.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-3437/euca2ools-2.1.3-1.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-3227/mediawiki-1.19.4-1.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-3438/mingw-gnutls-2.12.23-1.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-3439/telepathy-gabble-0.16.5-1.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-3443/perl-5.14.3-223.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-3457/poppler-0.18.4-4.fc17 The following Fedora 17 Critical Path updates have yet to be approved: Age URL 195 https://admin.fedoraproject.org/updates/FEDORA-2012-12509/PackageKit-0.7.6-1.fc17 25 https://admin.fedoraproject.org/updates/FEDORA-2013-2065/abrt-2.1.0-1.fc17,libreport-2.1.0-2.fc17 24 https://admin.fedoraproject.org/updates/FEDORA-2013-2163/policycoreutils-2.1.13-27.3.fc17 12 https://admin.fedoraproject.org/updates/FEDORA-2013-2789/yum-3.4.3-31.fc17 12 https://admin.fedoraproject.org/updates/FEDORA-2013-2793/openssl-1.0.0k-1.fc17 10 https://admin.fedoraproject.org/updates/FEDORA-2013-2858/orc-0.4.17-2.fc17 9 https://admin.fedoraproject.org/updates/FEDORA-2013-2989/dosfstools-3.0.15-1.fc17 9 https://admin.fedoraproject.org/updates/FEDORA-2013-2984/libtasn1-2.14-1.fc17,gnutls-2.12.23-1.fc17 6 https://admin.fedoraproject.org/updates/FEDORA-2013-3119/python-pycurl-7.19.0-11.fc17 6 https://admin.fedoraproject.org/updates/FEDORA-2013-3079/nss-3.14.3-1.fc17,nss-softokn-3.14.3-1.fc17,nss-util-3.14.3-1.fc17,nspr-4.9.5-2.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2013-3304/libvpx-1.2.0-1.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2013-3276/createrepo-0.9.9-12.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2013-3252/kernel-3.7.10-101.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2013-3270/sudo-1.8.6p7-1.fc17 2 https://admin.fedoraproject.org/updates/FEDORA-2013-3360/qt-4.8.4-14.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-3466/selinux-policy-3.10.0-168.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-3443/perl-5.14.3-223.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-3435/python-bugzilla-0.8.0-2.fc17 The following builds have been pushed to Fedora 17 updates-testing clipsmm-0.3.2-1.fc17 euca2ools-2.1.3-1.fc17 fedmsg-0.6.8-1.fc17 irqbalance-1.0.3-7.fc17 java-1.7.0-openjdk-1.7.0.9-2.3.8.0.fc17 lcgdm-dav-0.12.1-2.fc17 libdivecomputer-0.3.0-2.fc17 libvisio-0.0.25-1.fc17 mediawiki-1.19.4-1.fc17 mingw-gnutls-2.12.23-1.fc17 openscap-0.9.4.1-1.fc17 perl-5.14.3-223.fc17 perl-DateTime-Format-Flexible-0.25-1.fc17 perl-Mail-Box-Parser-C-3.007-1.fc17 perl-Net-SFTP-Foreign-1.74.05-5.fc17 perl-WWW-OrangeHRM-Client-0.4.0-1.fc17 poppler-0.18.4-4.fc17 pymunk-1.0.0-6.fc17 python-bugzilla-0.8.0-2.fc17 selinux-policy-3.10.0-168.fc17 subsurface-3.0.2-1.fc17 telepathy-gabble-0.16.5-1.fc17 Details about builds: ================================================================================ clipsmm-0.3.2-1.fc17 (FEDORA-2013-3475) C++ interface to the CLIPS expert system C library -------------------------------------------------------------------------------- Update Information: Upgrade to 0.3.2 Upgrade to 0.3.0 -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 5 2013 Tim Niemueller <tim@xxxxxxxxxxxxx> - 0.3.2-1 - Upgrade to 0.3.2. * Sat Feb 9 2013 Tim Niemueller <tim@xxxxxxxxxxxxx> - 0.3.0-1 - Upgrade to 0.3.0 * Thu Sep 27 2012 Tim Niemueller <tim@xxxxxxxxxxxxx> - 0.2.1-3 - Own gtk-doc dir and no longer depend on it, fixes #604341 * Wed Jul 18 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ euca2ools-2.1.3-1.fc17 (FEDORA-2013-3437) Eucalyptus/AWS-compatible command line tools -------------------------------------------------------------------------------- Update Information: This update adds support for the new signature method introduced in Eucalyptus 3.2.1. It also includes several bugfixes. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 4 2013 Garrett Holmstrom <gholms@xxxxxxxxxxxxxxxxx> - 2.1.3-1 - Upstream update (2.1.3) [RH:916716] - Fix euare-useraddpolicy --delegate * Wed Feb 13 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.1.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #916716 - Update euca2ools to 2.1.3 https://bugzilla.redhat.com/show_bug.cgi?id=916716 -------------------------------------------------------------------------------- ================================================================================ fedmsg-0.6.8-1.fc17 (FEDORA-2013-3431) Tools for Fedora Infrastructure real-time messaging -------------------------------------------------------------------------------- Update Information: fedmsg-tail --gource; standardization of fedmsg-tweet -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 4 2013 Ralph Bean <rbean@xxxxxxxxxx> - 0.6.8-1 - New fedmsg-tail --gource option for visualizations. - fedmsg-tweet reorganized to be more similar to other daemons. -------------------------------------------------------------------------------- ================================================================================ irqbalance-1.0.3-7.fc17 (FEDORA-2013-3449) IRQ balancing daemon -------------------------------------------------------------------------------- Update Information: Fixes SIGSEGV (bz859572) -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 5 2013 Petr Holasek <pholasek@xxxxxxxxxx> - 2:1.0.3-7 - Fixes SIGSEGV (bz859572) -------------------------------------------------------------------------------- References: [ 1 ] Bug #859572 - [abrt] irqbalance-1.0.3-6.fc17: for_each_irq: Process /usr/sbin/irqbalance was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=859572 -------------------------------------------------------------------------------- ================================================================================ java-1.7.0-openjdk-1.7.0.9-2.3.8.0.fc17 (FEDORA-2013-3467) OpenJDK Runtime Environment -------------------------------------------------------------------------------- Update Information: This is a new release of OpenJDK 7 (based on IcedTea7 2.3.8 forest) that fixes CVE-2013-0809 and CVE-2013-1493. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 4 2013 Omair Majid <omajid@xxxxxxxxxx> -1.7.0.9-2.3.8.fc17 - Update to icedtea7-forest-2.3.8 tarball - Remove SOURCE11. All upstreamed. -------------------------------------------------------------------------------- ================================================================================ lcgdm-dav-0.12.1-2.fc17 (FEDORA-2013-3454) HTTP/DAV front end to the DPM/LFC services -------------------------------------------------------------------------------- Update Information: Upstream patch: mod_lcgdm_disk url-decodes received parameters - fix for a frequent segfault Update for new upstream release Update for new upstream release Update for new upstream release Update for new upstream release - fix for a frequent segfault Update for new upstream release Update for new upstream release Update for new upstream release Update for new upstream release - fix for a frequent segfault Update for new upstream release Update for new upstream release Update for new upstream release Update for new upstream release - fix for a frequent segfault Update for new upstream release Update for new upstream release Update for new upstream release Update for new upstream release -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 5 2013 Alejandro Alvarez <aalvarez@xxxxxxx> - 0.12.1-2 - Upstream patch: mod_lcgdm_disk url-decodes received parameters * Fri Feb 8 2013 Ricardo Rocha <ricardo.rocha@xxxxxxx> - 0.12.1-1 - Update for new upstream release (patch for segfault) * Wed Feb 6 2013 Ricardo Rocha <ricardo.rocha@xxxxxxx> - 0.12.0-1 - Update for new upstream release * Tue Jan 29 2013 Ricardo Rocha <ricardo.rocha@xxxxxxx> - 0.11.0-2 - Added patch for apache 2.4 api change -------------------------------------------------------------------------------- ================================================================================ libdivecomputer-0.3.0-2.fc17 (FEDORA-2013-2956) Library for communication with dive computers -------------------------------------------------------------------------------- Update Information: Update to 3.0 This update brings quite a number of nice new features, see announce: http://subsurface.hohndel.org/2013/02/subsurface-3-0-has-been-released/ -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 21 2013 Pierre-Yves Chibon - 0.3.0-2 - Remove all the binary installed but the universal application * Wed Feb 20 2013 Pierre-Yves Chibon - 0.3.0-1 - Update to 0.3.0 * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ libvisio-0.0.25-1.fc17 (FEDORA-2013-3444) A library providing ability to interpret and import visio diagrams -------------------------------------------------------------------------------- Update Information: New release. -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 28 2013 David Tardon <dtardon@xxxxxxxxxx> - 0.0.25-1 - new release * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.0.24-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ mediawiki-1.19.4-1.fc17 (FEDORA-2013-3227) A wiki engine -------------------------------------------------------------------------------- Update Information: Bring mediawiki up to date to fix multiple bugs, security holes, and bring new features. The package should automatically attempt to upgrade your wiki, but please make sure to perform backups before updating. Special care may be required for MySQL based wikis. See bug 845818. Read the main mediawiki web site for Release Notes for 1.17, 1.18, and 1.19. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 4 2013 Michael Cronenworth <mike@xxxxxxxxxx> - 1.19.4-1 - New upstream release. * Thu Feb 28 2013 Michael Cronenworth <mike@xxxxxxxxxx> - 1.19.3-2 - Fix upgrade path. * Wed Feb 27 2013 Michael Cronenworth <mike@xxxxxxxxxx> - 1.19.3-1 - New upstream release. * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.16.5-62 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Fri Jul 20 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.16.5-61 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #882325 - CVE-2012-5391 mediawiki: Vulnerable to session fixation attacks https://bugzilla.redhat.com/show_bug.cgi?id=882325 -------------------------------------------------------------------------------- ================================================================================ mingw-gnutls-2.12.23-1.fc17 (FEDORA-2013-3438) MinGW GnuTLS TLS/SSL encryption library -------------------------------------------------------------------------------- Update Information: Version 2.12.23 (released 2012-02-04) * libgnutls: Eliminated memory leak in PCKS #11 initialization. Report and fix by Sam Varshavchik. * libgnutls: Fixes in record padding parsing to prevent a timing attack. Issue reported by Kenny Patterson and Nadhem Alfardan. * libgnutls: DN variable 'T' was expanded to 'title'. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 4 2013 Michael Cronenworth <mike@xxxxxxxxxx> - 2.12.23-1 - Update to 2.12.23 -------------------------------------------------------------------------------- ================================================================================ openscap-0.9.4.1-1.fc17 (FEDORA-2013-3469) Set of open source libraries enabling integration of the SCAP line of standards -------------------------------------------------------------------------------- Update Information: This is an update to the latest openscap-0.9.4.1 release -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 4 2013 Petr Lautrbach <plautrba@xxxxxxxxxx> 0.9.4.1-1 - upgrade * Tue Feb 26 2013 Petr Lautrbach <plautrba@xxxxxxxxxx> 0.9.4-1 - upgrade -------------------------------------------------------------------------------- ================================================================================ perl-5.14.3-223.fc17 (FEDORA-2013-3443) Practical Extraction and Report Language -------------------------------------------------------------------------------- Update Information: Fix CVE-2013-1667 (DoS in rehashing code). Add NAME section to perl-CPAN manual pages to build whatis database properly. -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 5 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 4:5.14.3-223 - Fix CVE-2013-1667 (DoS in rehashing code) (bug #918008) * Mon Feb 18 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 4:5.14.3-222 - Add NAME headings to CPAN modules (bug #908113) -------------------------------------------------------------------------------- References: [ 1 ] Bug #912276 - CVE-2013-1667 perl: DoS in rehashing code https://bugzilla.redhat.com/show_bug.cgi?id=912276 -------------------------------------------------------------------------------- ================================================================================ perl-DateTime-Format-Flexible-0.25-1.fc17 (FEDORA-2013-3465) Flexibly parse strings and turn them into DateTime objects -------------------------------------------------------------------------------- Update Information: Support for "HH:MM::SS timezone YYYY/MM/DD" added. -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 5 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 0.25-1 - 0.25 bump -------------------------------------------------------------------------------- References: [ 1 ] Bug #917980 - perl-DateTime-Format-Flexible-0.25 is available https://bugzilla.redhat.com/show_bug.cgi?id=917980 -------------------------------------------------------------------------------- ================================================================================ perl-Mail-Box-Parser-C-3.007-1.fc17 (FEDORA-2013-3478) Parsing folders for MailBox with C routines -------------------------------------------------------------------------------- Update Information: Update to 3.007 to support header lines longer than 1023 characters. -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 5 2013 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 3.007-1 - update to 3.007 * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.006-15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Fri Jul 20 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.006-14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sat Jun 23 2012 Petr Pisar <ppisar@xxxxxxxxxx> - 3.006-13 - Perl 5.16 rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #917669 - Please update to Mail::Box::Parser::C 3.007 to fix bug: parses messages with long header lines (>1023 characters) improperly https://bugzilla.redhat.com/show_bug.cgi?id=917669 -------------------------------------------------------------------------------- ================================================================================ perl-Net-SFTP-Foreign-1.74.05-5.fc17 (FEDORA-2013-3461) SSH File Transfer Protocol client -------------------------------------------------------------------------------- Update Information: Removing dependency that breaks builds -------------------------------------------------------------------------------- ================================================================================ perl-WWW-OrangeHRM-Client-0.4.0-1.fc17 (FEDORA-2013-3477) Client for OrangeHRM -------------------------------------------------------------------------------- Update Information: Show day names in time sheet listing. -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 5 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 0.4.0-1 - 0.4.0 bump -------------------------------------------------------------------------------- ================================================================================ poppler-0.18.4-4.fc17 (FEDORA-2013-3457) PDF rendering library -------------------------------------------------------------------------------- Update Information: This update fixes these security issues: CVE-2013-1788 and CVE-2013-1790. -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 5 2013 Marek Kasik <mkasik@xxxxxxxxxx> 0.18.4-4 - Backport several security fixes: - CVE-2013-1788 (Invalid memory accesses) - CVE-2013-1790 (Read of uninitialized memory) - Resolves: #917113 -------------------------------------------------------------------------------- References: [ 1 ] Bug #917108 - CVE-2013-1788 poppler: multiple invalid memory access flaws https://bugzilla.redhat.com/show_bug.cgi?id=917108 [ 2 ] Bug #917109 - CVE-2013-1789 poppler: multiple denial of service flaws https://bugzilla.redhat.com/show_bug.cgi?id=917109 [ 3 ] Bug #917111 - CVE-2013-1790 poppler: uninitialized memory read flaw https://bugzilla.redhat.com/show_bug.cgi?id=917111 -------------------------------------------------------------------------------- ================================================================================ pymunk-1.0.0-6.fc17 (FEDORA-2013-3432) Python wrapper for the chipmunk 2D physics engine -------------------------------------------------------------------------------- Update Information: Fix 64-bit library path. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 4 2013 Jon Ciesla <limb@xxxxxxxxxxxx> - 1.0.0-6 - Fix shared lib patch for 64-bit. * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Sat Jul 21 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #916515 - Unable to import pymunk in Python https://bugzilla.redhat.com/show_bug.cgi?id=916515 -------------------------------------------------------------------------------- ================================================================================ python-bugzilla-0.8.0-2.fc17 (FEDORA-2013-3435) A python library for interacting with Bugzilla -------------------------------------------------------------------------------- Update Information: * Don't upload scrambled attachments (bz #915318) * Rebased to version 0.8.0 * Drop most usage of non-upstream RH Bugzilla API * Test suite improvements, nearly complete code coverage * Fix all open bug reports and RFEs -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 4 2013 Cole Robinson <crobinso@xxxxxxxxxx> - 0.8.0-2 - Don't upload scrambled attachments (bz #915318) * Fri Feb 15 2013 Cole Robinson <crobinso@xxxxxxxxxx> - 0.8.0-1 - Rebased to version 0.8.0 - Drop most usage of non-upstream RH Bugzilla API - Test suite improvements, nearly complete code coverage - Fix all open bug reports and RFEs -------------------------------------------------------------------------------- References: [ 1 ] Bug #824241 - Multicall queries trigger "Cannot locate object method _bug_to_hash" error https://bugzilla.redhat.com/show_bug.cgi?id=824241 [ 2 ] Bug #886843 - New changes in Bugzilla 4.4 RPC API https://bugzilla.redhat.com/show_bug.cgi?id=886843 -------------------------------------------------------------------------------- ================================================================================ selinux-policy-3.10.0-168.fc17 (FEDORA-2013-3466) SELinux policy configuration -------------------------------------------------------------------------------- Update Information: Here is where you give an explanation of your update. -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 5 2013 Miroslav Grepl <mgrepl@xxxxxxxxxx> 3.10.0-168 - Add files_dontaudit_read_all_sockets interface - Add gnome_dontaudit_rw_inherited_config interface - Allow httpd_collectd_script to read /etc/passwd - Allow milter domains to read /dev/random - Backport readahead fixes from F18 - Allow collectd to read utmp - /usr/share/munin/plugins/plugin.sh should be labeled as bin_t - Fix svnserve policy - Add additional fixes for ecrypts - Add additional interface for ecryptfs - Dontaudit leak fd for mozilla_plugin_config - Allow pppd to send signull -------------------------------------------------------------------------------- References: [ 1 ] Bug #891292 - SELinux is preventing /usr/sbin/opendkim from using the dac_override capability https://bugzilla.redhat.com/show_bug.cgi?id=891292 [ 2 ] Bug #909508 - SELinux is preventing /usr/sbin/pppd from using the 'signull' accesses on a process. https://bugzilla.redhat.com/show_bug.cgi?id=909508 [ 3 ] Bug #909527 - SELinux is preventing /usr/lib/nspluginwrapper/plugin-config from 'write' accesses on the file /home/thedigiwiz/.config/cairo-dock/clock/tasks.ics. https://bugzilla.redhat.com/show_bug.cgi?id=909527 [ 4 ] Bug #909707 - SELinux is preventing /usr/lib64/chromium-browser/chrome-sandbox from read, append access on the file /home/adellam/.xsession-errors. https://bugzilla.redhat.com/show_bug.cgi?id=909707 [ 5 ] Bug #912506 - SELinux is preventing /usr/bin/svnserve from 'name_bind' accesses on the tcp_socket . https://bugzilla.redhat.com/show_bug.cgi?id=912506 [ 6 ] Bug #915514 - SELinux is preventing /usr/sbin/collectd from read access on the file utmp https://bugzilla.redhat.com/show_bug.cgi?id=915514 [ 7 ] Bug #915750 - SELinux is preventing graph.cgi from read access on the file /etc/passwd. https://bugzilla.redhat.com/show_bug.cgi?id=915750 [ 8 ] Bug #915955 - SELinux is preventing systemd-readahe from 'read' accesses on the sock_file klauncherMT2227.slave-socket. https://bugzilla.redhat.com/show_bug.cgi?id=915955 [ 9 ] Bug #912372 - selinux blocks munin plugins https://bugzilla.redhat.com/show_bug.cgi?id=912372 -------------------------------------------------------------------------------- ================================================================================ subsurface-3.0.2-1.fc17 (FEDORA-2013-2956) Rough divelog in C and Gtk -------------------------------------------------------------------------------- Update Information: Update to 3.0 This update brings quite a number of nice new features, see announce: http://subsurface.hohndel.org/2013/02/subsurface-3-0-has-been-released/ -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 4 2013 Pierre-Yves Chibon <pingou@xxxxxxxxxxxx> - 3.0.2-1 - Update to 3.0.2 * Thu Feb 21 2013 Pierre-Yves Chibon <pingou@xxxxxxxxxxxx> - 3.0-1 - Update to 3.0 which adds the dependency on osm-gps-map and a BR on libzip-devel * Fri Feb 15 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ telepathy-gabble-0.16.5-1.fc17 (FEDORA-2013-3439) A Jabber/XMPP connection manager -------------------------------------------------------------------------------- Update Information: Update to latest security release. -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 4 2013 Debarshi Ray <rishi@xxxxxxxxxxxxxxxxx> - 0.16.5-1 - Update to 0.16.5 - Drop upstreamed patches. * Thu Jan 31 2013 Brian Pepple <bpepple@xxxxxxxxxxxxxxxxx> - 0.16.4-3 - Pull upstream patches to fix some crashes with privacy lists. (#905170) * Sat Nov 17 2012 Kalev Lember <kalevlember@xxxxxxxxx> - 0.16.4-2 - Obsolete telepathy-butterfly (#820858) * Fri Nov 9 2012 Brian Pepple <bpepple@xxxxxxxxxxxxxxxxx> - 0.16.4-1 - Update to 0.16.4. - Drop patch. Fixed upstream. * Fri Oct 19 2012 Debarshi Ray <rishi@xxxxxxxxxxxxxxxxx> - 0.16.3-2 - Fix FD #56181 -------------------------------------------------------------------------------- References: [ 1 ] Bug #917769 - CVE-2013-1769 telepathy-gabble: NULL pointer dereference when trying to hash caps containingpathological data forms [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=917769 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
