The following Fedora 17 Security updates need testing: Age URL 269 https://admin.fedoraproject.org/updates/FEDORA-2012-10269/revelation-0.4.14-1.fc17 81 https://admin.fedoraproject.org/updates/FEDORA-2013-0455/fedora-business-cards-1-0.1.beta1.fc17 51 https://admin.fedoraproject.org/updates/FEDORA-2013-2143/rubygem-rdoc-3.12-5.fc17 47 https://admin.fedoraproject.org/updates/FEDORA-2013-2315/rubygem-rack-1.4.0-4.fc17 19 https://admin.fedoraproject.org/updates/FEDORA-2013-3673/perl-5.14.4-224.fc17 16 https://admin.fedoraproject.org/updates/FEDORA-2013-3927/php-5.4.13-1.fc17 11 https://admin.fedoraproject.org/updates/FEDORA-2013-4063/squid-3.2.9-1.fc17 10 https://admin.fedoraproject.org/updates/FEDORA-2013-4174/glibc-2.15-59.fc17 9 https://admin.fedoraproject.org/updates/FEDORA-2013-4234/stunnel-4.55-1.fc17 8 https://admin.fedoraproject.org/updates/FEDORA-2013-4296/tomcat6-6.0.36-1.fc17 6 https://admin.fedoraproject.org/updates/FEDORA-2013-4404/moodle-2.2.9-1.fc17 5 https://admin.fedoraproject.org/updates/FEDORA-2013-4424/py-bcrypt-0.3-1.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2013-4501/libxslt-1.1.28-1.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2013-4533/bind-9.9.2-7.P2.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2013-4536/roundcubemail-0.8.6-1.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2013-4531/mongodb-2.2.3-4.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2013-4522/libarchive-3.0.4-3.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2013-4516/drupal7-rules-2.3-1.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2013-4528/asterisk-10.12.2-1.fc17 1 https://admin.fedoraproject.org/updates/FEDORA-2013-4598/389-ds-base-1.2.11.20-1.fc17 1 https://admin.fedoraproject.org/updates/FEDORA-2013-4576/mingw-libarchive-3.0.4-4.fc17 1 https://admin.fedoraproject.org/updates/FEDORA-2013-4581/libuser-0.57.6-2.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-4619/polarssl-1.1.6-1.fc17 The following Fedora 17 Critical Path updates have yet to be approved: Age URL 221 https://admin.fedoraproject.org/updates/FEDORA-2012-12509/PackageKit-0.7.6-1.fc17 50 https://admin.fedoraproject.org/updates/FEDORA-2013-2163/policycoreutils-2.1.13-27.3.fc17 29 https://admin.fedoraproject.org/updates/FEDORA-2013-3304/libvpx-1.2.0-1.fc17 12 https://admin.fedoraproject.org/updates/FEDORA-2013-4037/dnsmasq-2.65-5.fc17 11 https://admin.fedoraproject.org/updates/FEDORA-2013-4066/xulrunner-19.0.2-3.fc17 10 https://admin.fedoraproject.org/updates/FEDORA-2013-4216/xorg-x11-drv-intel-2.21.5-1.fc17 10 https://admin.fedoraproject.org/updates/FEDORA-2013-4140/audit-2.2.3-2.fc17 10 https://admin.fedoraproject.org/updates/FEDORA-2013-4147/docbook-style-xsl-1.78.1-1.fc17 10 https://admin.fedoraproject.org/updates/FEDORA-2013-4174/glibc-2.15-59.fc17 8 https://admin.fedoraproject.org/updates/FEDORA-2013-4308/libnotify-0.7.5-5.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2013-4501/libxslt-1.1.28-1.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2013-4522/libarchive-3.0.4-3.fc17 1 https://admin.fedoraproject.org/updates/FEDORA-2013-4581/libuser-0.57.6-2.fc17 The following builds have been pushed to Fedora 17 updates-testing mock-1.1.30-1.fc17 opendkim-2.8.2-1.fc17 polarssl-1.1.6-1.fc17 weechat-0.4.0-6.fc17 willie-3.2.0-1.fc17 Details about builds: ================================================================================ mock-1.1.30-1.fc17 (FEDORA-2013-4618) Builds packages inside chroots -------------------------------------------------------------------------------- Update Information: Added some logic to kill RPM DB lock files before and after chroot operations that might run rpm main fix is to remove CLONE_NEWPID until we figure out correct usage for mock. This fixes memory hog issues on rawhide kernel -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 28 2013 Clark Williams <williams@xxxxxxxxxx> - 1.1.30-1 - beef up the logic to remove RPM lock files inside the chroot - add backup-before-clean configuration options [BZ# 799639] - added fedora-19 config files [BZ# 922268] - package_state plugin: don't run repoquery when offline [BZ# 927496] -------------------------------------------------------------------------------- ================================================================================ opendkim-2.8.2-1.fc17 (FEDORA-2013-4614) A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail -------------------------------------------------------------------------------- Update Information: Update to 2.8.2. Fix bug #SF3607071: Report the reason why a key file is determined to be unsafe. Problem noted by Doug Barton. Fix bug #SF3607072: When checking for key file safety, take any "-u" value provided on the command line into account. Problem noted by Doug Barton. Fix bug #SF3608401: Solaris 10 doesn't have strsep(). Problem noted by Bryan Costales. BUILD: Fix build for versions of libdb between 3.1 and 4.6. Problem noted by John Wood. Applied patch from upstream to fix libdb compatibility issues. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Applied patch from upstream to fix libdb compatibility issues. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Applied patch from upstream to fix libdb compatibility issues. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Applied patch from upstream to fix libdb compatibility issues. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Fix bug #SF3607071: Report the reason why a key file is determined to be unsafe. Problem noted by Doug Barton. Fix bug #SF3607072: When checking for key file safety, take any "-u" value provided on the command line into account. Problem noted by Doug Barton. Fix bug #SF3608401: Solaris 10 doesn't have strsep(). Problem noted by Bryan Costales. BUILD: Fix build for versions of libdb between 3.1 and 4.6. Problem noted by John Wood. Applied patch from upstream to fix libdb compatibility issues. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Applied patch from upstream to fix libdb compatibility issues. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Applied patch from upstream to fix libdb compatibility issues. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Applied patch from upstream to fix libdb compatibility issues. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Fix bug #SF3607071: Report the reason why a key file is determined to be unsafe. Problem noted by Doug Barton. Fix bug #SF3607072: When checking for key file safety, take any "-u" value provided on the command line into account. Problem noted by Doug Barton. Fix bug #SF3608401: Solaris 10 doesn't have strsep(). Problem noted by Bryan Costales. BUILD: Fix build for versions of libdb between 3.1 and 4.6. Problem noted by John Wood. Applied patch from upstream to fix libdb compatibility issues. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Applied patch from upstream to fix libdb compatibility issues. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Applied patch from upstream to fix libdb compatibility issues. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Applied patch from upstream to fix libdb compatibility issues. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Fix bug #SF3607071: Report the reason why a key file is determined to be unsafe. Problem noted by Doug Barton. Fix bug #SF3607072: When checking for key file safety, take any "-u" value provided on the command line into account. Problem noted by Doug Barton. Fix bug #SF3608401: Solaris 10 doesn't have strsep(). Problem noted by Bryan Costales. BUILD: Fix build for versions of libdb between 3.1 and 4.6. Problem noted by John Wood. Applied patch from upstream to fix libdb compatibility issues. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Applied patch from upstream to fix libdb compatibility issues. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Applied patch from upstream to fix libdb compatibility issues. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Applied patch from upstream to fix libdb compatibility issues. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. Update to newer 2.8.0 upstream source. -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 29 2013 Steve Jenkins <steve stevejenkins com> 2.8.2-1 - Updated to use newer upstream 2.8.2 source code * Tue Mar 19 2013 Steve Jenkins <steve stevejenkins com> 2.8.1-1 - Updated to use newer upstream 2.8.1 source code - Removed patches for bugs fixed in upstream source * Wed Feb 27 2013 Steve Jenkins <steve stevejenkins com> 2.8.0-4 - Added patch from upstream to fix libdb compatibility issues * Tue Feb 26 2013 Steve Jenkins <steve stevejenkins com> 2.8.0-3 - Split into two spec files: systemd (F17+) and SysV (EL5-6) - Removed leading / from unitdir variables - Removed commented source lines - Created comment sections for easy switching between systemd and SysV * Mon Feb 25 2013 Steve Jenkins <steve stevejenkins com> 2.8.0-2 - Added / in front of unitdir variables * Thu Feb 21 2013 Steve Jenkins <steve stevejenkins com> 2.8.0-1 - Happy Birthday to me! :) - Updated to use newer upstream 2.8.0 source code - Migration from SysV initscript to systemd unit file - Added systemd build requirement - Edited comments in default configuration files - Changed default Canonicalization to relaxed/relaxed in config file - Changed default values in EnvironmentFile - Moved program startup options into EnvironmentFile - Moved default key check and generation on startup to external script - Removed AutoRestart directives from default config (systemd will handle) - Incorporated additional variable names throughout spec file - Added support for new opendkim-sysvinit package for legacy SysV systems -------------------------------------------------------------------------------- ================================================================================ polarssl-1.1.6-1.fc17 (FEDORA-2013-4619) Light-weight cryptographic and SSL/TLS library -------------------------------------------------------------------------------- Update Information: TLS and DTLS protocol issue: CVE-2013-0169 (bug 907589) out-of-bounds comparisons: CVE-2013-1621 (bug 908423) -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 31 2013 Mads Kiilerich <mads@xxxxxxxxxxxxx> - 1.1.6-1 - polarssl-1.1.6 - TLS and DTLS protocol issue: CVE-2013-0169 (bug 907589) - out-of-bounds comparisons: CVE-2013-1621 (bug 908423) -------------------------------------------------------------------------------- ================================================================================ weechat-0.4.0-6.fc17 (FEDORA-2013-4616) Portable, fast, light and extensible IRC client -------------------------------------------------------------------------------- Update Information: Enable _hardened_build as weechat matches the "long running" criterion -------------------------------------------------------------------------------- ChangeLog: * Sat Mar 30 2013 Jamie Nguyen <jamielinux@xxxxxxxxxxxxxxxxx> - 0.4.0-6 - enable _hardened_build as weechat matches the "long running" criteria - remove redundant PIE patch * Fri Mar 29 2013 Jamie Nguyen <jamielinux@xxxxxxxxxxxxxxxxx> - 0.4.0-5 - fix crash with Ruby 2.0 * Wed Mar 13 2013 Jamie Nguyen <jamielinux@xxxxxxxxxxxxxxxxx> - 0.4.0-4 - rebuild with Ruby 2.0.0 - add patch to properly obtain the version of ruby - fix bogus dates in older changelog entries * Fri Feb 15 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.4.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ willie-3.2.0-1.fc17 (FEDORA-2013-4607) Simple, lightweight and easy-to-use IRC Utility bot -------------------------------------------------------------------------------- Update Information: New upstream release. -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 31 2013 Elad Alfassa <elad@xxxxxxxxxxxxxxxxx> - 3.2.0-1 - New upstream release -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
