Fedora 17 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The following Fedora 17 Security updates need testing:
 Age  URL
 289  https://admin.fedoraproject.org/updates/FEDORA-2012-10269/revelation-0.4.14-1.fc17
 101  https://admin.fedoraproject.org/updates/FEDORA-2013-0455/fedora-business-cards-1-0.1.beta1.fc17
  71  https://admin.fedoraproject.org/updates/FEDORA-2013-2143/rubygem-rdoc-3.12-5.fc17
  67  https://admin.fedoraproject.org/updates/FEDORA-2013-2315/rubygem-rack-1.4.0-4.fc17
  30  https://admin.fedoraproject.org/updates/FEDORA-2013-4174/glibc-2.15-59.fc17
  29  https://admin.fedoraproject.org/updates/FEDORA-2013-4234/stunnel-4.55-1.fc17
  28  https://admin.fedoraproject.org/updates/FEDORA-2013-4296/tomcat6-6.0.36-1.fc17
  24  https://admin.fedoraproject.org/updates/FEDORA-2013-4501/libxslt-1.1.28-1.fc17
  21  https://admin.fedoraproject.org/updates/FEDORA-2013-4581/libuser-0.57.6-2.fc17
  16  https://admin.fedoraproject.org/updates/FEDORA-2013-4827/haproxy-1.4.23-1.fc17
   9  https://admin.fedoraproject.org/updates/FEDORA-2013-5440/php-geshi-1.0.8.11-3.fc17
   9  https://admin.fedoraproject.org/updates/FEDORA-2013-5349/389-ds-base-1.2.11.21-1.fc17
   8  https://admin.fedoraproject.org/updates/FEDORA-2013-5546/plexus-archiver-2.3-1.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-5610/curl-7.24.0-7.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-5623/phpMyAdmin-3.5.8-1.fc17
   5  https://admin.fedoraproject.org/updates/FEDORA-2013-5756/pdns-recursor-3.5-1.fc17
   4  https://admin.fedoraproject.org/updates/FEDORA-2013-5833/mantis-1.2.15-1.fc17
   3  https://admin.fedoraproject.org/updates/FEDORA-2013-5967/xorg-x11-server-1.12.4-7.fc17
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-6107/php-twig-Twig-1.12.3-1.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-6170/mediawiki-1.19.5-1.fc17


The following Fedora 17 Critical Path updates have yet to be approved:
 Age URL
 241  https://admin.fedoraproject.org/updates/FEDORA-2012-12509/PackageKit-0.7.6-1.fc17
  70  https://admin.fedoraproject.org/updates/FEDORA-2013-2163/policycoreutils-2.1.13-27.3.fc17
  49  https://admin.fedoraproject.org/updates/FEDORA-2013-3304/libvpx-1.2.0-1.fc17
  30  https://admin.fedoraproject.org/updates/FEDORA-2013-4140/audit-2.2.3-2.fc17
  11  https://admin.fedoraproject.org/updates/FEDORA-2013-5287/libogg-1.3.0-5.fc17
  11  https://admin.fedoraproject.org/updates/FEDORA-2013-5288/python-pycurl-7.19.0-11.1.fc17
   9  https://admin.fedoraproject.org/updates/FEDORA-2013-5476/perl-5.14.4-225.fc17
   9  https://admin.fedoraproject.org/updates/FEDORA-2013-5353/abrt-2.1.3-2.fc17,libreport-2.1.3-1.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-5610/curl-7.24.0-7.fc17
   5  https://admin.fedoraproject.org/updates/FEDORA-2013-5724/ncurses-5.9-10.20130413.fc17
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-6034/kernel-3.8.8-100.fc17
The following builds have been pushed to Fedora 17 updates-testing

    mediawiki-1.19.5-1.fc17
    perl-Devel-PatchPerl-0.84-1.fc17
    salt-0.14.1-1.fc17
    ultimaker-marlin-firmware-12.12-0.5.RC1.fc17
    xscreensaver-5.21-3.fc17

Details about builds:


================================================================================
 mediawiki-1.19.5-1.fc17 (FEDORA-2013-6170)
 A wiki engine
--------------------------------------------------------------------------------
Update Information:

*An internal review discovered that specially crafted Lua function names could lead to XSS. https://bugzilla.wikimedia.org/show_bug.cgi?id=46084

*Daniel Franke reported that during SVG parsing, MediaWiki failed to prevent XML external entity (XXE) processing. This could lead to local file disclosure, or potentially remote command execution in environments that have enabled expect:// handling. https://bugzilla.wikimedia.org/show_bug.cgi?id=46859

*Internal review also discovered that Special:Import, and Extension:RSS failed to prevent XML external entity (XXE) processing. https://bugzilla.wikimedia.org/show_bug.cgi?id=47251
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr 17 2013 Michael Cronenworth <mike@xxxxxxxxxx> - 1.19.5-1
- New upstream release.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #953666 - CVE-2013-1951 mediawiki: security releases 1.20.4 and 1.19.5
        https://bugzilla.redhat.com/show_bug.cgi?id=953666
--------------------------------------------------------------------------------


================================================================================
 perl-Devel-PatchPerl-0.84-1.fc17 (FEDORA-2013-6165)
 Patch perl source à la Devel::PPPort's buildperl.pl
--------------------------------------------------------------------------------
Update Information:

This update includes an updated linux hints file.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 19 2013 Iain Arnell <iarnell@xxxxxxxxx> 0.84-1
- update to latest upstream version
- drop IPC::Cmd dependency
* Tue Feb 19 2013 Iain Arnell <iarnell@xxxxxxxxx> 0.78-1
- update to latest upstream version
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.76-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 salt-0.14.1-1.fc17 (FEDORA-2013-6156)
 A parallel remote execution system
--------------------------------------------------------------------------------
Update Information:

upstream patch release 0.14.1 and unit test fixes
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 19 2013 Clint Savage <herlo1@xxxxxxxxx> - 0.14.1-1
- Update to upstream patch release 0.14.1
--------------------------------------------------------------------------------


================================================================================
 ultimaker-marlin-firmware-12.12-0.5.RC1.fc17 (FEDORA-2013-6176)
 Ultimaker firmware for the 3D printer
--------------------------------------------------------------------------------
Update Information:

package now includes both boudrates
Ultimaker firmware for the 3D printer
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #905681 - Review Request: ultimaker-marlin-firmware - Ultimaker firmware for the 3D printer
        https://bugzilla.redhat.com/show_bug.cgi?id=905681
--------------------------------------------------------------------------------


================================================================================
 xscreensaver-5.21-3.fc17 (FEDORA-2013-6160)
 X screen saver and locker
--------------------------------------------------------------------------------
Update Information:

Some issues are found on several hacks shipped in xscreensaver. Also an issue was reported that when installing gss rpms xscreensaver hacks appears in desktop entry.

This new rpm will fix these issues.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Apr 21 2013 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 1:5.21-3
- Fix the iteration number for pentomino mode in polyominoes
  (bug 954077)
- Convert maxlife option from 5.20- for fireworkx (bug 953916)
- Fix broken Name entry for desktop file of GL hacks (bug 953558)
- Add OnlyShownIn entry for desktop files (bug 953558)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #954077 - [abrt] xscreensaver-extras-5.21-2.fc19: make_one_sided_pentomino: Process /usr/libexec/xscreensaver/polyominoes was killed by signal 11 (SIGSEGV)
        https://bugzilla.redhat.com/show_bug.cgi?id=954077
  [ 2 ] Bug #953916 - [abrt] xscreensaver-extras-5.21-2.fc18: rnd: Process /usr/libexec/xscreensaver/fireworkx was killed by signal 8 (SIGFPE)
        https://bugzilla.redhat.com/show_bug.cgi?id=953916
  [ 3 ] Bug #953558 - Xfce-Panel adds Xscreensaver-Plugins into Panelsection 'Other' (German: Sonstiges)
        https://bugzilla.redhat.com/show_bug.cgi?id=953558
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux