Fedora 18 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 18 Security updates need testing:
 Age  URL
  81  https://admin.fedoraproject.org/updates/FEDORA-2013-0416/fedora-business-cards-1-0.1.beta1.fc18
  50  https://admin.fedoraproject.org/updates/FEDORA-2013-2131/rubygem-rdoc-3.12-6.fc18
  46  https://admin.fedoraproject.org/updates/FEDORA-2013-2306/rubygem-rack-1.4.0-5.fc18
  14  https://admin.fedoraproject.org/updates/FEDORA-2013-3891/php-5.4.13-1.fc18
  14  https://admin.fedoraproject.org/updates/FEDORA-2013-3935/puppet-3.1.1-1.fc18
   9  https://admin.fedoraproject.org/updates/FEDORA-2013-4050/squid-3.2.9-1.fc18
   8  https://admin.fedoraproject.org/updates/FEDORA-2013-4243/stunnel-4.55-1.fc18
   8  https://admin.fedoraproject.org/updates/FEDORA-2012-20578/nodejs-0.10.1-1.fc18,libuv-0.10.0-2.git5462dab.fc18,v8-3.14.5.8-1.fc18
   6  https://admin.fedoraproject.org/updates/FEDORA-2013-4319/mantis-1.2.14-1.fc18
   4  https://admin.fedoraproject.org/updates/FEDORA-2013-4403/mingw-openssl-1.0.1e-1.fc18
   4  https://admin.fedoraproject.org/updates/FEDORA-2013-4387/moodle-2.3.6-1.fc18
   3  https://admin.fedoraproject.org/updates/FEDORA-2013-4447/py-bcrypt-0.3-1.fc18
   3  https://admin.fedoraproject.org/updates/FEDORA-2013-4507/libxslt-1.1.28-1.fc18
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-4525/bind-9.9.2-10.P2.fc18
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-4564/roundcubemail-0.8.6-1.fc18
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-4539/mongodb-2.2.3-4.fc18
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-4532/drupal7-rules-2.3-1.fc18
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-4537/libarchive-3.0.4-4.fc18
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-4566/asterisk-11.2.2-1.fc18
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-4541/httpd-2.4.4-2.fc18
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-4460/freeipa-3.1.3-3.fc18
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-4590/openstack-keystone-2012.2.3-5.fc18
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-4578/389-ds-base-1.3.0.5-1.fc18
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-4592/mingw-libarchive-3.0.4-4.fc18
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-4571/libuser-0.58-3.fc18
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-4593/ngircd-20.2-1.fc18
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-4589/tomcat6-6.0.36-2.fc18


The following Fedora 18 Critical Path updates have yet to be approved:
 Age URL
 167  https://admin.fedoraproject.org/updates/FEDORA-2012-16107/xorg-x11-drv-qxl-0.1.0-1.fc18
 165  https://admin.fedoraproject.org/updates/FEDORA-2012-16207/thunderbird-lightning-1.8-1.fc18,thunderbird-16.0.1-2.fc18
  79  https://admin.fedoraproject.org/updates/FEDORA-2013-0541/mdadm-3.2.6-11.fc18
  49  https://admin.fedoraproject.org/updates/FEDORA-2013-2192/nautilus-3.6.3-5.fc18
  38  https://admin.fedoraproject.org/updates/FEDORA-2013-2726/pulseaudio-2.1-7.fc18
  24  https://admin.fedoraproject.org/updates/FEDORA-2013-3458/iproute-3.6.0-7.fc18,iptables-1.4.18-1.fc18
  11  https://admin.fedoraproject.org/updates/FEDORA-2013-4006/dnsmasq-2.65-5.fc18
   8  https://admin.fedoraproject.org/updates/FEDORA-2013-4251/selinux-policy-3.11.1-87.fc18
   8  https://admin.fedoraproject.org/updates/FEDORA-2013-4219/audit-2.2.3-2.fc18
   8  https://admin.fedoraproject.org/updates/FEDORA-2013-4159/docbook-style-xsl-1.78.1-1.fc18
   8  https://admin.fedoraproject.org/updates/FEDORA-2013-4221/python-slip-0.4.0-1.fc18
   6  https://admin.fedoraproject.org/updates/FEDORA-2013-4295/libnotify-0.7.5-5.fc18
   4  https://admin.fedoraproject.org/updates/FEDORA-2013-4406/yum-3.4.3-53.fc18
   3  https://admin.fedoraproject.org/updates/FEDORA-2013-4507/libxslt-1.1.28-1.fc18
   3  https://admin.fedoraproject.org/updates/FEDORA-2013-4493/perl-5.16.3-241.fc18
   3  https://admin.fedoraproject.org/updates/FEDORA-2013-4485/bind-dyndb-ldap-2.6-1.fc18,bind-9.9.2-9.P1.fc18
   3  https://admin.fedoraproject.org/updates/FEDORA-2013-4429/redland-1.0.15-3.fc18
   3  https://admin.fedoraproject.org/updates/FEDORA-2013-4425/libosinfo-0.2.6-1.fc18
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-4537/libarchive-3.0.4-4.fc18
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-4549/network-manager-applet-0.9.8.1-1.git20130327.fc18,NetworkManager-0.9.8.1-1.git20130327.fc18
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-4571/libuser-0.58-3.fc18
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-4573/emacs-24.2-15.fc18
The following builds have been pushed to Fedora 18 updates-testing

    389-ds-base-1.3.0.5-1.fc18
    SimplyHTML-0.16.7-1.fc18
    cqrlog-1.5.4-1.fc18
    emacs-24.2-15.fc18
    freeipa-3.1.3-3.fc18
    gnome-abrt-0.2.10-1.fc18
    java-1.7.0-openjdk-1.7.0.17-2.3.8.3.fc18
    libuser-0.58-3.fc18
    megaglest-3.7.1-6.fc18
    mingw-libarchive-3.0.4-4.fc18
    mingw-qt5-qtbase-5.0.1-4.fc18
    mingw-qt5-qtjsbackend-5.0.1-1.fc18
    mingw-qt5-qtscript-5.0.1-1.fc18
    mingw-qt5-qttools-5.0.1-1.fc18
    nfsometer-1.5-1.fc18
    ngircd-20.2-1.fc18
    openstack-keystone-2012.2.3-5.fc18
    python-matplotlib-1.2.0-10.fc18
    python-rhsm-1.8.8-1.fc18
    qpdfview-0.4.1-1.fc18
    subscription-manager-1.8.5-1.fc18
    tomcat6-6.0.36-2.fc18
    tudu-0.8.2-1.fc18
    yum-langpacks-0.3.1-1.fc18

Details about builds:


================================================================================
 389-ds-base-1.3.0.5-1.fc18 (FEDORA-2013-4578)
 389 Directory Server (base)
--------------------------------------------------------------------------------
Update Information:

This release fixes 7 critical bugs including one security bug.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 28 2013 Noriko Hosoi <nhosoi@xxxxxxxxxx> - 1.3.0.5-1
- bump version to 1.3.0.5
- Ticket 47308 - unintended information exposure when anonymous access is set to rootdse
- Ticket 628 - crash in aci evaluation
- Ticket 627 - ns-slapd crashes sporadically with segmentation fault in libslapd.so
- Ticket 634 - Deadlock in DNA plug-in Ticket #576 - DNA: use event queue for config update only at the start up
- Ticket 632 - 389-ds-base cannot handle Kerberos tickets with PAC
- Ticket 623 - cleanAllRUV task fails to cleanup config upon completion
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #928105 - CVE-2013-1897 389-ds: unintended information exposure when rootdse is enabled
        https://bugzilla.redhat.com/show_bug.cgi?id=928105
--------------------------------------------------------------------------------


================================================================================
 SimplyHTML-0.16.7-1.fc18 (FEDORA-2013-4585)
 Application and a java component for rich text processing
--------------------------------------------------------------------------------
Update Information:

- update to latest upstream version
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 29 2013 Johannes Lips <hannes@xxxxxxxxxxxxxxxxx> 0.16.7-1
- update to latest upstream version
--------------------------------------------------------------------------------


================================================================================
 cqrlog-1.5.4-1.fc18 (FEDORA-2013-4579)
 An amateur radio contact logging program
--------------------------------------------------------------------------------
Update Information:

* Upgrade to version 1.5.4
* fixed problem with MASTER.SCP
* added support for Super Check Partial (Window -> Super Check Partial)
* added Tune function (for WinKeyerUSB and cwdaemon), hotkey CTRL+T
* added Repair table function to database connection window (Utils button)
* improved export for QSL labels printing (labels are sorted by dxcc, you can choose what fields will be be printed)
* updated membership tables
* fixed program crash when editing DX cluster info
* CW keys window doesn't show caption for F9 and F10 keys
* ADIF export ignored delimitter in TX_PWR (0.5 was exported as 05)
* CQRLOG killed rigctld even when autostart was disabled
* double click to spots listed with SH/DX didn't work
* QSO list window showed filter is enabled after reopen (filter was disabled)
* login to eQSL with password containing special character didn't work
* when QSO passed over the midnight, the qso was saved with wrong date
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 29 2013 Eric "Sparks" Christensen - 1.5.4-1
- Upgrade to version 1.5.4
- fixed problem with MASTER.SCP
- added support for Super Check Partial (Window -> Super Check Partial)
- added Tune function (for WinKeyerUSB and cwdaemon), hotkey CTRL+T
- added Repair table function to database connection window (Utils button)
- improved export for QSL labels printing (labels are sorted by dxcc, you can choose what fields will be be printed)
- updated membership tables
- fixed program crash when editing DX cluster info
- CW keys window doesn't show caption for F9 and F10 keys
- ADIF export ignored delimitter in TX_PWR (0.5 was exported as 05)
- CQRLOG killed rigctld even when autostart was disabled
- double click to spots listed with SH/DX didn't work
- QSO list window showed filter is enabled after reopen (filter was disabled)
- login to eQSL with password containing special character didn't work
- when QSO passed over the midnight, the qso was saved with wrong date
* Thu Feb 28 2013 Eric "Sparks" Christensen - 1.5.2-6
- Fixed OpenSSL requirements
--------------------------------------------------------------------------------


================================================================================
 emacs-24.2-15.fc18 (FEDORA-2013-4573)
 GNU Emacs text editor
--------------------------------------------------------------------------------
Update Information:

Here is where you give an explanation of your update.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 28 2013 Petr Hracek <phracek@xxxxxxxxxx> - 1:24.2-15
- Fix for emacs bug 112144, style_changed_cb (#922519) 
- Fix for emacs bug 112131, bell does not work (#526719)
* Tue Mar 26 2013 Petr Hracek <phracek@xxxxxxxxxx> - 1:24.2-14
- fixing distribution flags to rhel instead of el6:1
* Mon Mar 18 2013 Petr Hracek <phracek@xxxxxxxxxx> - 1:24.2-13
- solved problem with distribution flag in case of rhel
* Mon Mar 18 2013 Petr Hracek <phracek@xxxxxxxxxx> - 1:24.2-12
- solved problem with distribution flag in case of rhel
* Fri Mar  8 2013 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 1:24.2-11
- Remove %config from %{_sysconfdir}/rpm/macros.*
  (https://fedorahosted.org/fpc/ticket/259).
- Fix broken spec-file changelog entry.
* Wed Mar  6 2013 Tomáš Mráz <tmraz@xxxxxxxxxx> - 1:24.2-10
- Rebuild with new gnutls
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #922519 - [abrt] emacs-24.2-6.fc18: style_changed_cb: Process /usr/bin/emacs-24.2 was killed by signal 11 (SIGSEGV)
        https://bugzilla.redhat.com/show_bug.cgi?id=922519
--------------------------------------------------------------------------------


================================================================================
 freeipa-3.1.3-3.fc18 (FEDORA-2013-4460)
 The Identity, Policy and Audit system
--------------------------------------------------------------------------------
Update Information:

Update to upstream 3.1.3.

Add fix for CVE-2013-0336 389-ds-base: DoS when connecting with a missing username/dn
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 29 2013 Martin Kosek <mkosek@xxxxxxxxxx> - 3.1.3-3
- DoS when connecting with a missing username/dn (#928387)
* Thu Mar 28 2013 Martin Kosek <mkosek@xxxxxxxxxx> - 3.1.3-2
- Avoid running ipa-ldap-updater twice
* Tue Mar 26 2013 Martin Kosek <mkosek@xxxxxxxxxx> - 3.1.3-1
- Update to upstream 3.1.3
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #913751 - CVE-2013-0336 389-ds-base: DoS when connecting with a missing username/dn
        https://bugzilla.redhat.com/show_bug.cgi?id=913751
--------------------------------------------------------------------------------


================================================================================
 gnome-abrt-0.2.10-1.fc18 (FEDORA-2013-4586)
 A utility for viewing problems that have occurred with the system
--------------------------------------------------------------------------------
Update Information:

This is an update that fixes problems with errors handling and adds a dialog for reporting problems with ABRT.
This is an update which in most improves stability and introduces:
* Truncate long texts with ellipsis 
* Add a popopup menu for list of problems
* Don't allow reporting if the problem is not reportable
* Suggest reporting a bug if it wasn't reported yet
* Allow only a single instance of gnome-abrt
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 27 2013 Jakub Filak <jfilak@xxxxxxxxxx> 0.2.10-1
- Add the report dialog to the menu
- Add 'Report problem with ABRT' dialog
- Add VERSION and PACKAGE attributes to gnome_abrt module
- Rename attribute in errors.InvalidProblem
- Use IOChannel approach in order to make signal handling synchronous
- Add all python Requires to BuildRequires because of pylint
- Replace GNU style make pattern rules by implicit rules
- Remove left-over RELEASE varible from configure.ac
- Recover from DBus errors while sending command line
- Catch more exceptions and handle them correctly
- Add pylint check and fix problems uncoverend by pylint
- Filter out empyt strings from splitted cmdline
- Fix sytanx error
- Change the label "No oopses" to "No problems detected"
- Get rid of scrollbar around the text on the bottom of window in default size
- Fix appearance of scrolled widgets to no longer have white background
- Remove leftover shebang from non-executable script
- Resolves: #92486, #927434, #928796, #928772
* Mon Mar 18 2013 Jakub Filak <jfilak@xxxxxxxxxx> 0.2.9-1
- Truncate long texts with ellipsis instead of auto-adjusting of window width
- Add a popopup menu for list of problems
- Use executable's basename as an application name instead of the full path
- Remove invalid problems from GUI tree view list
- Remove invalid problems from the dbus cache
- Robustize the processing of newly occurred problems
- Remove a left-over usage of the window member in OopsApplication
- Handle reaching inotify max watches better
- Update translation
- Don't allow reporting if the problem is not reportable
- Suggest reporting a bug if it wasn't reported yet
- Simplify the glade file and add a widget for messages
- Refactorize the function rendering a problem data
- A workaround for the bug in remote GtkApplications
- Allow only a single instance of gnome-abrt
- Fix bugs in main window in handler of configuration updates
- Resolves: #910317, #918771, #922649, #922652
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #927434 - gnome-abrt calls gtk functions from unix signal handler
        https://bugzilla.redhat.com/show_bug.cgi?id=927434
  [ 2 ] Bug #924856 - gnome-abrt crashes if cmdline item contains extra whitespace
        https://bugzilla.redhat.com/show_bug.cgi?id=924856
  [ 3 ] Bug #928772 - the secondary gnome-abrt instance fails if sending command line arguments over dbus returns an error
        https://bugzilla.redhat.com/show_bug.cgi?id=928772
  [ 4 ] Bug #910317 - Suggest reporting a bug if it wasn't reported yet
        https://bugzilla.redhat.com/show_bug.cgi?id=910317
  [ 5 ] Bug #918771 - gnome-abrt dies if it reaches inotify max watches
        https://bugzilla.redhat.com/show_bug.cgi?id=918771
  [ 6 ] Bug #922649 - gnome-abrt doesn't recover from errors caused by accessing of invalid problems
        https://bugzilla.redhat.com/show_bug.cgi?id=922649
  [ 7 ] Bug #922652 - Interface enhancement
        https://bugzilla.redhat.com/show_bug.cgi?id=922652
  [ 8 ] Bug #928769 - gnome-abrt abrt fails if invalid problem is selected
        https://bugzilla.redhat.com/show_bug.cgi?id=928769
--------------------------------------------------------------------------------


================================================================================
 java-1.7.0-openjdk-1.7.0.17-2.3.8.3.fc18 (FEDORA-2013-4595)
 OpenJDK Runtime Environment
--------------------------------------------------------------------------------
Update Information:

- added manual deletion of classes.jsa
- ghost classes.jsa restricted to jitarches and to full path
- zlib in BuildReq restricted for  1.2.3-7 or higher
 - see https://bugzilla.redhat.com/show_bug.cgi?id=904231
- Removed a -icedtea tag from the version
  - package have less and less connections to icedtea7
- Added and applied patch500 java-1.7.0-openjdk-fixZeroAllocFailure.patch
  - to fix not-jit arches build
  - is already in upstreamed icedtea 2.1
- Added gcc-c++ build dependence. Sometimes caused troubles during rpm -bb
- Added (Build)Requires for fontconfig and xorg-x11-fonts-Type1
  - see https://bugzilla.redhat.com/show_bug.cgi?id=721033 for details
- Removed all fonconfig files. Fonts are now handled differently in JDK 
  and those files are redundant. This is going to be usptreamed.
  - see https://bugzilla.redhat.com/show_bug.cgi?id=902227 for details
- logging.properties marked as config(noreplace)
  - see https://bugzilla.redhat.com/show_bug.cgi?id=679180 for details
- classes.jsa marked as ghost 
  - see https://bugzilla.redhat.com/show_bug.cgi?id=918172 for details
- nss.cfg was marked as config(noreplace) 
  - see https://bugzilla.redhat.com/show_bug.cgi?id=913821 for details
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 26 2013 Jiri Vanek <jvanek@xxxxxxxxxx> - 1.7.0.9-2.3.8.3.fc18
- added manual deletion of classes.jsa
- ghost classes.jsa restricted to jitarches and to full path
- zlib in BuildReq restricted for  1.2.3-7 or higher
 - see https://bugzilla.redhat.com/show_bug.cgi?id=904231
- Removed a -icedtea tag from the version
  - package have less and less connections to icedtea7
- Added link to nss as noreplace bug to previous changelog item
* Mon Mar 25 2013 Jiri Vanek <jvanek@xxxxxxxxxx> - 1.7.0.9-2.3.8.1.fc18
- Bumped release
- Added and applied patch500 java-1.7.0-openjdk-fixZeroAllocFailure.patch
  - to fix not-jit arches build
  - is already in upstreamed icedtea 2.1
- Added gcc-c++ build dependence. Sometimes caused troubles during rpm -bb
- Added (Build)Requires for fontconfig and xorg-x11-fonts-Type1
  - see https://bugzilla.redhat.com/show_bug.cgi?id=721033 for details
- Removed all fonconfig files. Fonts are now handled differently in JDK 
  and those files are redundant. This is going to be usptreamed.
  - see https://bugzilla.redhat.com/show_bug.cgi?id=902227 for details
- logging.properties marked as config(noreplace)
  - see https://bugzilla.redhat.com/show_bug.cgi?id=679180 for details
- classes.jsa marked as ghost 
  - see https://bugzilla.redhat.com/show_bug.cgi?id=918172 for details
- nss.cfg was marked as config(noreplace)
--------------------------------------------------------------------------------


================================================================================
 libuser-0.58-3.fc18 (FEDORA-2013-4571)
 A user and group account administration library
--------------------------------------------------------------------------------
Update Information:

This update fixes a TOCTOU race condition when copying and removing directory trees.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 15 2013 Hercinger Viktor <hercinger.viktor@xxxxxxxxx> - 0.58-3
- Fixed TOCTOU race condition when copying, removing or creating directory trees
  Resolves: #928846, CVE-2012-5630, CVE-2012-5644
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #884685 - CVE-2012-5630 libuser: TOCTOU race conditions by copying and removing directory trees
        https://bugzilla.redhat.com/show_bug.cgi?id=884685
  [ 2 ] Bug #885724 - CVE-2012-5644 libuser: (Complete) Information disclosure when moving user's home directory
        https://bugzilla.redhat.com/show_bug.cgi?id=885724
--------------------------------------------------------------------------------


================================================================================
 megaglest-3.7.1-6.fc18 (FEDORA-2013-4575)
 Open Source 3d real time strategy game
--------------------------------------------------------------------------------
Update Information:

Correct crash with NULL unit in selection (#924874)
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 29 2013 pcpa <paulo.cesar.pereira.de.andrade@xxxxxxxxx> - 3.7.1-4
- Correct crash with NULL unit in selection (#924874)
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.7.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Mon Jan 21 2013 Adam Tkac <atkac redhat com> - 3.7.1-4
- rebuild due to "jpeg8-ABI" feature drop
* Wed Jan 16 2013 pcpa <paulo.cesar.pereira.de.andrade@xxxxxxxxx> - 3.7.1-3
- Add patch suggested by upstream for better color picking selection mode.
* Thu Dec 13 2012 Adam Jackson <ajax@xxxxxxxxxx> - 3.7.1-2
- Rebuild for glew 1.9.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #924874 - [abrt] megaglest-3.7.1-1.fc17: Glest::Game::ExceptionHandler::handleRuntimeError: Process /usr/bin/megaglest was killed by signal 6 (SIGABRT)
        https://bugzilla.redhat.com/show_bug.cgi?id=924874
--------------------------------------------------------------------------------


================================================================================
 mingw-libarchive-3.0.4-4.fc18 (FEDORA-2013-4592)
 MinGW package for handling streaming archive formats
--------------------------------------------------------------------------------
Update Information:

This update fixes CVE-2013-0211 libarchive: read buffer overflow on 64-bit systems.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 29 2013 Michael Cronenworth <mike@xxxxxxxxxx> - 3.0.4-4
- Fix CVE-2013-0211: read buffer overflow on 64-bit systems (#927105)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #902998 - CVE-2013-0211 libarchive: read buffer overflow on 64-bit systems
        https://bugzilla.redhat.com/show_bug.cgi?id=902998
--------------------------------------------------------------------------------


================================================================================
 mingw-qt5-qtbase-5.0.1-4.fc18 (FEDORA-2013-4499)
 Qt5 for Windows - QtBase component
--------------------------------------------------------------------------------
Update Information:

New package
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 28 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 5.0.1-4
- Have the -qmake packages require mingw{32,64}-qt5-qttools-lrelease
  and update the reference to it in the mkspecs profiles
* Tue Mar 26 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 5.0.1-3
- Make sure the .pc files of the Qt5 modules are installed correctly
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #858068 - Review Request: mingw-qt5-qtjsbackend - Qt5 for Windows - QtJsBackend component
        https://bugzilla.redhat.com/show_bug.cgi?id=858068
  [ 2 ] Bug #858076 - Review Request: mingw-qt5-qtscript - Qt5 for Windows - QtScript component
        https://bugzilla.redhat.com/show_bug.cgi?id=858076
  [ 3 ] Bug #858080 - Review Request: mingw-qt5-qttools - Qt5 for Windows - QtTools component
        https://bugzilla.redhat.com/show_bug.cgi?id=858080
--------------------------------------------------------------------------------


================================================================================
 mingw-qt5-qtjsbackend-5.0.1-1.fc18 (FEDORA-2013-4499)
 Qt5 for Windows - QtJsBackend component
--------------------------------------------------------------------------------
Update Information:

New package
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #858068 - Review Request: mingw-qt5-qtjsbackend - Qt5 for Windows - QtJsBackend component
        https://bugzilla.redhat.com/show_bug.cgi?id=858068
  [ 2 ] Bug #858076 - Review Request: mingw-qt5-qtscript - Qt5 for Windows - QtScript component
        https://bugzilla.redhat.com/show_bug.cgi?id=858076
  [ 3 ] Bug #858080 - Review Request: mingw-qt5-qttools - Qt5 for Windows - QtTools component
        https://bugzilla.redhat.com/show_bug.cgi?id=858080
--------------------------------------------------------------------------------


================================================================================
 mingw-qt5-qtscript-5.0.1-1.fc18 (FEDORA-2013-4499)
 Qt5 for Windows - QtScript component
--------------------------------------------------------------------------------
Update Information:

New package
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #858068 - Review Request: mingw-qt5-qtjsbackend - Qt5 for Windows - QtJsBackend component
        https://bugzilla.redhat.com/show_bug.cgi?id=858068
  [ 2 ] Bug #858076 - Review Request: mingw-qt5-qtscript - Qt5 for Windows - QtScript component
        https://bugzilla.redhat.com/show_bug.cgi?id=858076
  [ 3 ] Bug #858080 - Review Request: mingw-qt5-qttools - Qt5 for Windows - QtTools component
        https://bugzilla.redhat.com/show_bug.cgi?id=858080
--------------------------------------------------------------------------------


================================================================================
 mingw-qt5-qttools-5.0.1-1.fc18 (FEDORA-2013-4499)
 Qt5 for Windows - QtTools component
--------------------------------------------------------------------------------
Update Information:

New package
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #858068 - Review Request: mingw-qt5-qtjsbackend - Qt5 for Windows - QtJsBackend component
        https://bugzilla.redhat.com/show_bug.cgi?id=858068
  [ 2 ] Bug #858076 - Review Request: mingw-qt5-qtscript - Qt5 for Windows - QtScript component
        https://bugzilla.redhat.com/show_bug.cgi?id=858076
  [ 3 ] Bug #858080 - Review Request: mingw-qt5-qttools - Qt5 for Windows - QtTools component
        https://bugzilla.redhat.com/show_bug.cgi?id=858080
--------------------------------------------------------------------------------


================================================================================
 nfsometer-1.5-1.fc18 (FEDORA-2013-4572)
 NFS Performance Framework Tool
--------------------------------------------------------------------------------
Update Information:

Updated to the latest upstream release: 1.5
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 26 2013 Weston Andros Adamson <dros@xxxxxxxxxx> 1.5-1
- Updated to the latest upstream release: 1.5
* Tue Jan 15 2013 Steve Dickson <steved@xxxxxxxxxx> 1.3-1
- Updated to the latest upstream release: 1.3
--------------------------------------------------------------------------------


================================================================================
 ngircd-20.2-1.fc18 (FEDORA-2013-4593)
 Next Generation IRC Daemon
--------------------------------------------------------------------------------
Update Information:

Update to 20.2, which fixes a crash issue. 
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 29 2013 Kevin Fenzi <kevin@xxxxxxxxx> 20.2-1
- Update to 20.2.
- Fix for CVE-2013-1747
* Thu Mar  7 2013 Tomáš Mráz <tmraz@xxxxxxxxxx> 20.1-2
- Rebuilt with new GnuTLS
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #929168 - CVE-2013-1747 ngircd: DoS (assertion failure, crash) via a KICK command for a user who is not on the associated channel
        https://bugzilla.redhat.com/show_bug.cgi?id=929168
--------------------------------------------------------------------------------


================================================================================
 openstack-keystone-2012.2.3-5.fc18 (FEDORA-2013-4590)
 OpenStack Identity Service
--------------------------------------------------------------------------------
Update Information:

Fix online revocation check for PKI tokens
CVE-2013-1865
Add openssl dependency for PKI tokens
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 29 2013 Alan Pevec <apevec@xxxxxxxxxx> 2012.2.3-5
- Fix online revocation check for PKI tokens CVE-2013-1865
* Mon Mar 11 2013 Alan Pevec <apevec@xxxxxxxxxx> 2012.2.3-4
- openssl is required for PKI tokens rhbz#918757
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #922230 - CVE-2013-1865 OpenStack keystone: online validation of Keystone PKI tokens bypasses revocation check
        https://bugzilla.redhat.com/show_bug.cgi?id=922230
--------------------------------------------------------------------------------


================================================================================
 python-matplotlib-1.2.0-10.fc18 (FEDORA-2013-4600)
 Python 2D plotting library
--------------------------------------------------------------------------------
Update Information:

Use stix fonts avoid problems with missing cm fonts (#908717). Correct type mismatch in python3 font_manager (#912843, #928326)
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 28 2013 pcpa <paulo.cesar.pereira.de.andrade@xxxxxxxxx> - 1.2.0-10
- Use stix fonts avoid problems with missing cm fonts (#908717)
- Correct type mismatch in python3 font_manager (#912843, #928326)
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.2.0-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #908717 - mathtext fonts missing?
        https://bugzilla.redhat.com/show_bug.cgi?id=908717
  [ 2 ] Bug #912843 - run time Type error while calling show() to plot any graph, due to type mismatch in font_manager.py
        https://bugzilla.redhat.com/show_bug.cgi?id=912843
  [ 3 ] Bug #928326 - fontconfig problem with python3-matplotlib
        https://bugzilla.redhat.com/show_bug.cgi?id=928326
--------------------------------------------------------------------------------


================================================================================
 python-rhsm-1.8.8-1.fc18 (FEDORA-2013-4597)
 A Python library to communicate with a Red Hat Unified Entitlement Platform
--------------------------------------------------------------------------------
Update Information:

Caching of entitlement status for temporary disconnected use case. Changes for management of installed product certs. Several bug fixes.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 27 2013 Devan Goodwin <dgoodwin@xxxxxxxx> 1.8.8-1
- no 'json' module in rhel5, use simplejson instead (alikins@xxxxxxxxxx)
- Adding plugin directory config option. (awood@xxxxxxxxxx)
--------------------------------------------------------------------------------


================================================================================
 qpdfview-0.4.1-1.fc18 (FEDORA-2013-4587)
 Tabbed PDF Viewer
--------------------------------------------------------------------------------
Update Information:

Qt-based PDF viewer.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #926062 - Review Request: qpdfview - Qt-based PDF viewer
        https://bugzilla.redhat.com/show_bug.cgi?id=926062
--------------------------------------------------------------------------------


================================================================================
 subscription-manager-1.8.5-1.fc18 (FEDORA-2013-4597)
 Tools and libraries for subscription and repository management
--------------------------------------------------------------------------------
Update Information:

Caching of entitlement status for temporary disconnected use case. Changes for management of installed product certs. Several bug fixes.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 27 2013 Devan Goodwin <dgoodwin@xxxxxxxx> 1.8.5-1
- 927875: Fix GUI bug if there is an expired certificate. (dgoodwin@xxxxxxxxxx)
- 922806: Use dependency injection with firstboot module. (awood@xxxxxxxxxx)
- 919512: Remove proxy options from config command. (awood@xxxxxxxxxx)
- 921126: latest string updates from zanata (alikins@xxxxxxxxxx)
- 919255: Remove extraneous print statement. (awood@xxxxxxxxxx)
- 919584: Fix unicode error in RHEL 5. (awood@xxxxxxxxxx)
- Implement entitlement/product status caching. (dgoodwin@xxxxxxxxxx)
- 921245: Update installed products tab after registration. (awood@xxxxxxxxxx)
- 893993: some refactoring, show_autosubscribe_output returns 0 or 1
  (ckozak@xxxxxxxxxx)
- 859197: add special case for products that provide 'rhel-' tags
  (alikins@xxxxxxxxxx)
- productid db now supports multiple repos per product id (alikins@xxxxxxxxxx)
- let ProductData support multiple repos per product (alikins@xxxxxxxxxx)
- 893993: attach --auto now prints the proper text when no products are
  installed (ckozak@xxxxxxxxxx)
- 918746: Switched or ordering for disabling repos.  Will now print all
  repository validation errors (ckozak@xxxxxxxxxx)
- 914717: rct cat-manifest fails to report Contract from the embedded
  entitlement cert (wpoteat@xxxxxxxxxx)
- More convenient dep injection. (dgoodwin@xxxxxxxxxx)
- Try to handle the really old dbus-python on rhel5 (alikins@xxxxxxxxxx)
- add missing conf file for all_slots plugin (alikins@xxxxxxxxxx)
- 919700: Reload consumer identity after force subscribing.
  (dgoodwin@xxxxxxxxxx)
- utils.parseDate is now isodate.parse_date (alikins@xxxxxxxxxx)
- Remove  ent/prod dir arguments to CLI commands. (dgoodwin@xxxxxxxxxx)
- PluginsCommand does not need network cli options (alikins@xxxxxxxxxx)
- Fix pluginDir config value in default config file (alikins@xxxxxxxxxx)
--------------------------------------------------------------------------------


================================================================================
 tomcat6-6.0.36-2.fc18 (FEDORA-2013-4589)
 Apache Servlet/JSP Engine, RI for Servlet 2.5/JSP 2.1 API
--------------------------------------------------------------------------------
Update Information:

rhbz 701038 - tomcat user shell /sbin/nologin regression
rhbz 868171 - tomcat6-6.0.36 is available. tomcat6-6.0.36 was made available in tomcat6-6.0.36-1.fc18. The bz is noted here so it can be closed.
rhbz 876987 - tomcat6 logrotate should specify "su root tomcat"
rhbz 678630 - tomcat6 servlet-2.5-api missing R:jpackage-utils
rhbz 680447 - Location of TOMCAT_LOG

Updated to tc 6.0.36 which includes the CVE's referenced in the bzs (883690:CVE-2012-4531, 883675:CVE-2012-4431, 873703:CVE-2012-5885, 5886 ,5887, 3439, 883702:CVE-2012-3546, CVE-2012-2733) The update includes apache-tomcat bz 54615 "tomcat6 does not compile against ecj 4.x". Patching 54615 was necessary for a successful build.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 18 2013 David Knox <dknox@xxxxxxxxxx> 0:6.0.36-2
- Resolves: rhbz 680447 was incompletely patched. The default
- location of TOMCAT_LOG was incorrect
- Resolves: rhbz 701038 tomcat user shell needs to use nologin
- in systemv init script
- Resolves: rhbz 868171 tomcat 6.0.36 is available
- Resolves: rhbz 876987 logrotate must specify su root tomcat
- Resolves: rhbz 678630 servlet-api missing Requires jpackage-utils
* Wed Mar 13 2013 David Knox <dknox@xxxxxxxxxx> 0:6.0.36-1
- Rebase on tc 6.0.36. 
- Resolves: apache-tomcat bz 54615 tomcat6 does not compile against
- ecj 4.x
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #701038 - tomcat user shell /sbin/nologin regression in F15
        https://bugzilla.redhat.com/show_bug.cgi?id=701038
  [ 2 ] Bug #868171 - tomcat6-6.0.36 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=868171
  [ 3 ] Bug #876987 - tomcat6 logrotate should specify "su root tomcat"
        https://bugzilla.redhat.com/show_bug.cgi?id=876987
  [ 4 ] Bug #678630 - tomcat6-servlet-2.5-api is missing various requires
        https://bugzilla.redhat.com/show_bug.cgi?id=678630
  [ 5 ] Bug #680447 - initscript sources global tomcat6 config and instance config in wrong order
        https://bugzilla.redhat.com/show_bug.cgi?id=680447
  [ 6 ] Bug #883675 - CVE-2012-4431 Tomcat/JBoss Web - Bypass of CSRF prevention filter [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=883675
  [ 7 ] Bug #883702 - CVE-2012-3546 Tomcat/JBoss Web - Bypass of security constraints [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=883702
  [ 8 ] Bug #883690 - CVE-2012-4534 Tomcat - Denial Of Service when using NIO+SSL+sendfile [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=883690
  [ 9 ] Bug #873703 - CVE-2012-5885 CVE-2012-5886 CVE-2012-5587 CVE-2012-2733 tomcat6 various flaws [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=873703
--------------------------------------------------------------------------------


================================================================================
 tudu-0.8.2-1.fc18 (FEDORA-2013-4582)
 A simple, command line interface to do list application
--------------------------------------------------------------------------------
Update Information:

* Updated to version 0.8.2
* Adds a configuration variable 'tudu_file' to set the path to the XML file.
* Improves the category editor. 
* Doesn't check configuration files when invoked with '-h' and '-v'. 
* Fixes a segfault on the scroll help page when the resolution is high.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 28 2013 Eric "Sparks" Christensen <sparks@xxxxxxxxxxxxxxxxx> - 0.8.2-1
- Updated to version 0.8.2
- Adds a configuration variable 'tudu_file' to set the path to the XML file.
- Improves the category editor. 
- Doesn't check configuration files when invoked with '-h' and '-v'. 
- Fixes a segfault on the scroll help page when the resolution is high.
* Fri Feb 15 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.8.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #828280 - tudu-0.8.2 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=828280
--------------------------------------------------------------------------------


================================================================================
 yum-langpacks-0.3.1-1.fc18 (FEDORA-2013-4584)
 Langpacks plugin for yum
--------------------------------------------------------------------------------
Update Information:

New upstream release 0.3.1 which fixed a bug -> "yum langinstall hi_IN" command to work without root user access.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 29 2013 Jens Petersen <petersen@xxxxxxxxxx> - 0.3.1-1
- update to 0.3.1
- have to be root also to run langinstall (Parag Nemade, #928833)
* Fri Feb 15 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.3.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #928833 - yum langinstall still installs packages without root permission
        https://bugzilla.redhat.com/show_bug.cgi?id=928833
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test




[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux