The following Fedora 17 Security updates need testing: Age URL 298 https://admin.fedoraproject.org/updates/FEDORA-2012-10269/revelation-0.4.14-1.fc17 110 https://admin.fedoraproject.org/updates/FEDORA-2013-0455/fedora-business-cards-1-0.1.beta1.fc17 80 https://admin.fedoraproject.org/updates/FEDORA-2013-2143/rubygem-rdoc-3.12-5.fc17 76 https://admin.fedoraproject.org/updates/FEDORA-2013-2315/rubygem-rack-1.4.0-4.fc17 39 https://admin.fedoraproject.org/updates/FEDORA-2013-4174/glibc-2.15-59.fc17 38 https://admin.fedoraproject.org/updates/FEDORA-2013-4234/stunnel-4.55-1.fc17 37 https://admin.fedoraproject.org/updates/FEDORA-2013-4296/tomcat6-6.0.36-1.fc17 33 https://admin.fedoraproject.org/updates/FEDORA-2013-4501/libxslt-1.1.28-1.fc17 30 https://admin.fedoraproject.org/updates/FEDORA-2013-4581/libuser-0.57.6-2.fc17 18 https://admin.fedoraproject.org/updates/FEDORA-2013-5440/php-geshi-1.0.8.11-3.fc17 18 https://admin.fedoraproject.org/updates/FEDORA-2013-5349/389-ds-base-1.2.11.21-1.fc17 17 https://admin.fedoraproject.org/updates/FEDORA-2013-5546/plexus-archiver-2.3-1.fc17 12 https://admin.fedoraproject.org/updates/FEDORA-2013-5967/xorg-x11-server-1.12.4-7.fc17 7 https://admin.fedoraproject.org/updates/FEDORA-2013-6316/pdns-recursor-3.5-2.fc17 5 https://admin.fedoraproject.org/updates/FEDORA-2013-6557/telepathy-idle-0.1.15-1.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2013-6723/xen-4.1.5-1.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2013-6727/python-pip-1.3.1-1.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2013-6720/curl-7.24.0-8.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-7000/phpMyAdmin-3.5.8.1-1.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-6999/kernel-3.8.10-100.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-7014/php-sabredav-Sabre_DAV-1.6.5-4.fc17 The following Fedora 17 Critical Path updates have yet to be approved: Age URL 250 https://admin.fedoraproject.org/updates/FEDORA-2012-12509/PackageKit-0.7.6-1.fc17 79 https://admin.fedoraproject.org/updates/FEDORA-2013-2163/policycoreutils-2.1.13-27.3.fc17 58 https://admin.fedoraproject.org/updates/FEDORA-2013-3304/libvpx-1.2.0-1.fc17 39 https://admin.fedoraproject.org/updates/FEDORA-2013-4140/audit-2.2.3-2.fc17 7 https://admin.fedoraproject.org/updates/FEDORA-2013-6278/nss-3.14.3-2.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2013-6636/kde-settings-4.8-25.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2013-6720/curl-7.24.0-8.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2013-6750/xorg-x11-drv-synaptics-1.6.3-3.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-6999/kernel-3.8.10-100.fc17 The following builds have been pushed to Fedora 17 updates-testing adobe-source-sans-pro-fonts-1.050-1.fc17 compiz-0.8.8-19.fc17 console-bridge-0.1.4-2.fc17 fedora-review-0.4.1-1.fc17 gputils-1.1.0-0.fc17 kernel-3.8.10-100.fc17 libvisio-0.0.26-1.fc17 libwpd-0.9.7-1.fc17 libwpg-0.2.2-1.fc17 libwps-0.2.8-1.fc17 munin-2.0.13-1.fc17 oniguruma-5.9.4-1.fc17 openscap-0.9.7-1.fc17 oxygen-gtk2-1.3.3-1.fc17 oxygen-gtk3-1.1.3-1.fc17 perl-File-Next-1.12-1.fc17 php-sabredav-Sabre_DAV-1.6.5-4.fc17 phpMyAdmin-3.5.8.1-1.fc17 pyode-1.2.0-4.fc17 python-geojson-1.0.1-2.fc17 python-stem-1.0.1-4.fc17 python-xlrd-0.9.2-1.fc17 rekonq-2.3.0-1.fc17 scim-chewing-0.3.5-1.fc17 tw-0.9.16-1.fc17 xfce4-weather-plugin-0.8.3-1.fc17 Details about builds: ================================================================================ adobe-source-sans-pro-fonts-1.050-1.fc17 (FEDORA-2013-6979) A set of OpenType fonts designed for user interfaces -------------------------------------------------------------------------------- Update Information: Update to 1.050 upstream release -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 29 2013 Alexis Lameire <alexisis-pristontale@xxxxxxxxxxx> - 1.050-1 - update to 1.050-1 upstream release * Wed Feb 13 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.034-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ compiz-0.8.8-19.fc17 (FEDORA-2013-6970) OpenGL window and compositing manager -------------------------------------------------------------------------------- Update Information: This update do following things - enable gtk-windows-decorator based on marco (mate-window-manager) - using libmatewnck for gtk-windows-decorator - remove dbus usage - remove glib usage - add start scripts for gtk-windows-decorator - update start scripts for emerald -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 29 2013 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1:0.8.8-19 - remove compiz-xfce-gtk start script - remove compiz-xfce-gtk.desktop file - rename compiz_disable_gdk_disable_deprecated.patch * Wed Apr 24 2013 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1:0.8.8-18 - enable gtk-windows-decorator based on marco (mate-window-manager) - add compiz_disable_gdk_gtk_disable_deprecated patch - remove dbus - remove glib - remove mateconf - remove kde - remove keybindings - add start scripts for gtk-windows-decorator - update start scripts for emerald - add ldconfig scriptlet for mate subpackage - using libmatewnck instead of libwnck -------------------------------------------------------------------------------- References: [ 1 ] Bug #920411 - [abrt] compiz-0.8.8-17.fc17: Process /usr/bin/compiz was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=920411 -------------------------------------------------------------------------------- ================================================================================ console-bridge-0.1.4-2.fc17 (FEDORA-2013-7008) Lightweight set of macros used for reporting information in libraries -------------------------------------------------------------------------------- Update Information: Initial import of the console-bridge package -------------------------------------------------------------------------------- ================================================================================ fedora-review-0.4.1-1.fc17 (FEDORA-2013-7022) Review tool for fedora rpm packages -------------------------------------------------------------------------------- Update Information: Package has been updated to latest version. Major changes: - Updated and improved Java checks for latest packaging guidelines * Automate buildarch check * Do CheckNoArch per subpackage instead of buildarch * Add check for new style Maven packaging * Update CheckTestSkip for mvn-build * Maven packages don't need to BR/R jpackage-utils check - Fix attachment name for 'MD5-sum check' (bz 861716) - Fix %files section handling for font-packages (#209) - Handle %20 in source URLs correctly (bz 920376) - Fix CheckLicenseField for multiple files without license (#205) - Don't write licenses in random order - Fix several bugs in koji-download-scratch script - Output ANSI color sequences only on color terminals (bz 955719) - Compress legend of report - Fix problem with subpackages being ignored/missed - Add 'Copyright' to illegal tags check -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 29 2013 Stanislav Ochotnicky <sochotnicky@xxxxxxxxxx> - 0.4.1-1 - Update to latest upstream version -------------------------------------------------------------------------------- References: [ 1 ] Bug #908830 - check-large-docs.sh doesn't properly skip -doc subpackages https://bugzilla.redhat.com/show_bug.cgi?id=908830 [ 2 ] Bug #912182 - ERROR: chroot /var/lib/mock/fedora-rawhide-x86_64/root/ not initialized! https://bugzilla.redhat.com/show_bug.cgi?id=912182 [ 3 ] Bug #920376 - other Fatal error: Exception down the road , when url got %20 https://bugzilla.redhat.com/show_bug.cgi?id=920376 -------------------------------------------------------------------------------- ================================================================================ gputils-1.1.0-0.fc17 (FEDORA-2013-7019) Development utilities for Microchip (TM) PIC (TM) microcontrollers -------------------------------------------------------------------------------- Update Information: Upgrade to 1.1.0 fixes problems with enhanced instruction set processors -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 29 2013 Roy Rankin <rrankin[AT]ihug[DOT]com[DOT]au> 1.1.0-0 - New upstream version. Modify package description. * Sat Apr 20 2013 Shakthi Kannan <shakthimaan [AT] fedoraproject.org> - 0.14.3-3 - Use autoreconf for ARM * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.14.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ kernel-3.8.10-100.fc17 (FEDORA-2013-6999) The Linux kernel -------------------------------------------------------------------------------- Update Information: Update to latest upstream stable release, Linux v3.8.10. A variety of fixes across the tree. -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 29 2013 Justin M. Forbes <jforbes@xxxxxxxxxx> - 3.8.10-100 - Linux v3.8.10 * Wed Apr 24 2013 Josh Boyer <jwboyer@xxxxxxxxxx> - 3.8.8-102 - CVE-2013-3228 irda: missing msg_namelen update in irda_recvmsg_dgram (rhbz 956069 956071) - CVE-2013-3230 l2tp: info leak in l2tp_ip6_recvmsg (rhbz 956088 956089) - CVE-2013-3231 llc: Fix missing msg_namelen update in llc_ui_recvmsg (rhbz 956094 956104) - CVE-2013-3232 netrom: information leak via msg_name in nr_recvmsg (rhbz 956110 956113) - CVE-2013-3233 NFC: llcp: info leaks via msg_name in llcp_sock_recvmsg (rhbz 956125 956129) - CVE-2013-3234 rose: info leak via msg_name in rose_recvmsg (rhbz 956135 956139) - CVE-2013-3076 crypto: algif suppress sending src addr info in recvmsg (rhbz 956162 956168) * Tue Apr 23 2013 Josh Boyer <jwboyer@xxxxxxxxxx> - CVE-2013-3223 ax25: information leak via msg_name in ax25_recvmsg (rhbz 955662 955666) - CVE-2013-3225 Bluetooth: RFCOMM missing msg_namelen update in rfcomm_sock_recvmsg (rhbz 955649 955658) - CVE-2013-1979 net: incorrect SCM_CREDENTIALS passing (rhbz 955629 955647) - CVE-2013-3224 Bluetooth: possible info leak in bt_sock_recvmsg (rhbz 955599 955607) * Mon Apr 22 2013 Josh Boyer <jwboyer@xxxxxxxxxx> - CVE-2013-3222 atm: update msg_namelen in vcc_recvmsg (rhbz 955216 955228) -------------------------------------------------------------------------------- References: [ 1 ] Bug #956069 - CVE-2013-3228 Kernel: irda: missing msg_namelen update in irda_recvmsg_dgram https://bugzilla.redhat.com/show_bug.cgi?id=956069 [ 2 ] Bug #956088 - CVE-2013-3230 Kernel: l2tp: info leak in l2tp_ip6_recvmsg https://bugzilla.redhat.com/show_bug.cgi?id=956088 [ 3 ] Bug #956094 - CVE-2013-3231 Kernel: llc: Fix missing msg_namelen update in llc_ui_recvmsg https://bugzilla.redhat.com/show_bug.cgi?id=956094 [ 4 ] Bug #956110 - CVE-2013-3232 Kernel: netrom: information leak via msg_name in nr_recvmsg https://bugzilla.redhat.com/show_bug.cgi?id=956110 [ 5 ] Bug #956125 - CVE-2013-3233 Kernel: NFC: llcp: info leaks via msg_name in llcp_sock_recvmsg https://bugzilla.redhat.com/show_bug.cgi?id=956125 [ 6 ] Bug #956135 - CVE-2013-3234 Kernel: rose: info leak via msg_name in rose_recvmsg https://bugzilla.redhat.com/show_bug.cgi?id=956135 [ 7 ] Bug #956162 - CVE-2013-3076 Kernel: crypto: algif - suppress sending source address information in recvmsg https://bugzilla.redhat.com/show_bug.cgi?id=956162 [ 8 ] Bug #955662 - CVE-2013-3223 Kernel: ax25: information leak via msg_name in ax25_recvmsg() https://bugzilla.redhat.com/show_bug.cgi?id=955662 [ 9 ] Bug #955649 - CVE-2013-3225 Kernel: Bluetooth: RFCOMM - missing msg_namelen update in rfcomm_sock_recvmsg https://bugzilla.redhat.com/show_bug.cgi?id=955649 [ 10 ] Bug #955629 - CVE-2013-1979 kernel: net: incorrect SCM_CREDENTIALS passing https://bugzilla.redhat.com/show_bug.cgi?id=955629 [ 11 ] Bug #955599 - CVE-2013-3224 Kernel: Bluetooth: possible info leak in bt_sock_recvmsg() https://bugzilla.redhat.com/show_bug.cgi?id=955599 [ 12 ] Bug #955216 - CVE-2013-3222 Kernel: atm: update msg_namelen in vcc_recvmsg() https://bugzilla.redhat.com/show_bug.cgi?id=955216 -------------------------------------------------------------------------------- ================================================================================ libvisio-0.0.26-1.fc17 (FEDORA-2013-6978) A library providing ability to interpret and import visio diagrams -------------------------------------------------------------------------------- Update Information: Blah blah blah, blah blah. Blah. -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 23 2013 David Tardon <dtardon@xxxxxxxxxx> - 0.0.26-1 - new release -------------------------------------------------------------------------------- ================================================================================ libwpd-0.9.7-1.fc17 (FEDORA-2013-7002) Library for reading and converting WordPerfect documents -------------------------------------------------------------------------------- Update Information: Nobody is going to read the notes, so why bother writing them? -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 21 2013 David Tardon <dtardon@xxxxxxxxxx> - 0.9.7-1 - new release * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.9.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Tue Sep 25 2012 David Tardon <dtardon@xxxxxxxxxx> - 0.9.6-1 - new release * Thu Jul 19 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.9.4-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ libwpg-0.2.2-1.fc17 (FEDORA-2013-6975) Library for reading WordPerfect Graphics images -------------------------------------------------------------------------------- Update Information: This is an update for your libwpg. Surprised? -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 18 2013 David Tardon <dtardon@xxxxxxxxxx> - 0.2.2-1 - new release * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ libwps-0.2.8-1.fc17 (FEDORA-2013-6986) Library for reading and converting Microsoft Works word processor documents -------------------------------------------------------------------------------- Update Information: You really do not want to know the details. -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 21 2013 David Tardon <dtardon@xxxxxxxxxx> - 0.2.8-1 - new release * Tue Apr 16 2013 Caolán McNamara <caolanm@xxxxxxxxxx> - 0.2.7-5 - Resolves: rhbz#925931 support aarch64 * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.7-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Fri Jul 27 2012 David Tardon <dtardon@xxxxxxxxxx> - 0.2.7-3 - rebuilt for boost 1.50 * Thu Jul 19 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.7-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Fri Jun 29 2012 David Tardon <dtardon@xxxxxxxxxx> - 0.2.7-1 - new release -------------------------------------------------------------------------------- ================================================================================ munin-2.0.13-1.fc17 (FEDORA-2013-6971) Network-wide graphing framework (grapher/gatherer) -------------------------------------------------------------------------------- Update Information: Upstream released 2.0.13, nginx subpackage, apache fcgi cleanup -------------------------------------------------------------------------------- ChangeLog: * Fri Apr 26 2013 D. Johnson <fenris02@xxxxxxxxxxxxxxxxx> - 2.0.13-1 - Upstream released 2.0.13 * Thu Apr 4 2013 Viljo Viitanen <viljo.viitanen@xxxxxx> - 2.0.12-4 - BZ #905421 add nginx cgi package, removed unnecessary services from apache cgi package * Mon Apr 1 2013 D. Johnson <fenris02@xxxxxxxxxxxxxxxxx> - 2.0.12-3 - Add fw_ default config -------------------------------------------------------------------------------- References: [ 1 ] Bug #905421 - nfs.export-volumes tunable does not show up as "Options Reconfigured" for volume created after the tunable has been changed https://bugzilla.redhat.com/show_bug.cgi?id=905421 -------------------------------------------------------------------------------- ================================================================================ oniguruma-5.9.4-1.fc17 (FEDORA-2013-6972) Regular expressions library -------------------------------------------------------------------------------- Update Information: New version 5.9.4 is released. -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 29 2013 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 5.9.4-1 - 5.9.4 * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 5.9.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ openscap-0.9.7-1.fc17 (FEDORA-2013-6997) Set of open source libraries enabling integration of the SCAP line of standards -------------------------------------------------------------------------------- Update Information: This is update to latest openscap-0.9.7 release. see http://open-scap.org/page/Download This is an update to the latest openscap-0.9,5 release. see http://open-scap.org/page/Download -------------------------------------------------------------------------------- ChangeLog: * Fri Apr 26 2013 Petr Lautrbach <plautrba@xxxxxxxxxx> 0.9.7-1 - upgrade * Wed Apr 24 2013 Petr Lautrbach <plautrba@xxxxxxxxxx> 0.9.6-1 - upgrade * Wed Mar 20 2013 Petr Lautrbach <plautrba@xxxxxxxxxx> 0.9.5-1 - upgrade -------------------------------------------------------------------------------- References: [ 1 ] Bug #953069 - oscap segfaults when both --results and are --sce-results used https://bugzilla.redhat.com/show_bug.cgi?id=953069 [ 2 ] Bug #694082 - 'make check' pollutes /tmp/ with many temporary directories https://bugzilla.redhat.com/show_bug.cgi?id=694082 [ 3 ] Bug #689427 - terminal slash in <path> element https://bugzilla.redhat.com/show_bug.cgi?id=689427 [ 4 ] Bug #647201 - Several "Classes" (e.g. cve_entry) miss implementation of clone() function https://bugzilla.redhat.com/show_bug.cgi?id=647201 [ 5 ] Bug #581048 - [RFE] don't delete generated input files associated with a failing test https://bugzilla.redhat.com/show_bug.cgi?id=581048 [ 6 ] Bug #567696 - [OVAL] duplicate code https://bugzilla.redhat.com/show_bug.cgi?id=567696 [ 7 ] Bug #957753 - [abrt] openscap-utils-0.9.4.1-1.fc17: sce_session_get_check_results: Process /usr/bin/oscap was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=957753 -------------------------------------------------------------------------------- ================================================================================ oxygen-gtk2-1.3.3-1.fc17 (FEDORA-2013-6991) Oxygen GTK+2 theme -------------------------------------------------------------------------------- Update Information: Fixes include: - better detection of empty areas for window grabbing - better detection of Aurora as an XUL application - fix to some memory leaks (some, tiny, and one critical, manifest only for some old versions of cairo) See https://projects.kde.org/news/212 -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 22 2013 Alexey Kurov <nucleo@xxxxxxxxxxxxxxxxx> - 1.3.3-1 - oxygen-gtk2-1.3.3 -------------------------------------------------------------------------------- ================================================================================ oxygen-gtk3-1.1.3-1.fc17 (FEDORA-2013-6991) Oxygen GTK+3 theme -------------------------------------------------------------------------------- Update Information: Fixes include: - better detection of empty areas for window grabbing - better detection of Aurora as an XUL application - fix to some memory leaks (some, tiny, and one critical, manifest only for some old versions of cairo) See https://projects.kde.org/news/212 -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 22 2013 Alexey Kurov <nucleo@xxxxxxxxxxxxxxxxx> - 1:1.1.3-1 - oxygen-gtk3-1.1.3 -------------------------------------------------------------------------------- ================================================================================ perl-File-Next-1.12-1.fc17 (FEDORA-2013-6989) An iterator-based module for finding files -------------------------------------------------------------------------------- Update Information: New upstream release -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 29 2013 Robin Lee <cheeselee@xxxxxxxxxxxxxxxxx> - 1.12-1 - Update to 1.12 - License corrected to 'Artistic 2.0', upstream has different licensing in Makefile.PL and the source code, we should follow the source code. - Summary revised. * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.10-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Fri Dec 14 2012 Robin Lee <cheeselee@xxxxxxxxxxxxxxxxx> - 1.10-1 - Update to 1.10 * Fri Jul 20 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.08-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Tue Jun 12 2012 Petr Pisar <ppisar@xxxxxxxxxx> - 1.08-2 - Perl 5.16 rebuild * Tue Jun 5 2012 Robin Lee <cheeselee@xxxxxxxxxxxxxxxxx> - 1.08-1 - Update to 1.08 -------------------------------------------------------------------------------- References: [ 1 ] Bug #890411 - perl-File-Next-1.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=890411 -------------------------------------------------------------------------------- ================================================================================ php-sabredav-Sabre_DAV-1.6.5-4.fc17 (FEDORA-2013-7014) Sabre_DAV is a WebDAV framework for PHP -------------------------------------------------------------------------------- Update Information: This update patches the problem in the browser plugin for sabredav. -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 28 2013 Joseph Marrero <jmarrero@xxxxxxxxxxxxxxxxx> - 1.6.5-4 - added security patch that fixes bugs 951568 951569 951562 - added --ignore-erros flag to pear install macro to accept the patch * Sat Mar 2 2013 Joseph Marrero <jmarrero@xxxxxxxxxxxxxxxxx> - 1.6.5-3 - Fix cleanup in rhel6 and f19 * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.6.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #951562 - CVE-2013-1939 php-sabredav-Sabre_DAV: Local file exposure due improper icons / images path checking in the HTML Browser plug-in https://bugzilla.redhat.com/show_bug.cgi?id=951562 -------------------------------------------------------------------------------- ================================================================================ phpMyAdmin-3.5.8.1-1.fc17 (FEDORA-2013-7000) Handle the administration of MySQL over the World Wide Web -------------------------------------------------------------------------------- Update Information: phpMyAdmin 3.5.8.1 (2013-04-24) =============================== - [security] Remote code execution (preg_replace), reported by Janek Vind (see PMASA-2013-2) - [security] Locally Saved SQL Dump File Multiple File Extension Remote Code Execution, reported by Janek Vind (see PMASA-2013-3) -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 25 2013 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 3.5.8.1-1 - Upgrade to 3.5.8.1 (#956398, #956401) -------------------------------------------------------------------------------- References: [ 1 ] Bug #956398 - CVE-2013-3238 phpMyAdmin: remote code execution via preg_replace() (PMASA-2013-2) https://bugzilla.redhat.com/show_bug.cgi?id=956398 [ 2 ] Bug #956401 - CVE-2013-3239 phpMyAdmin: remote code execution via locally saved SQL dump file multiple extensions (PMASA-2013-3) https://bugzilla.redhat.com/show_bug.cgi?id=956401 -------------------------------------------------------------------------------- ================================================================================ pyode-1.2.0-4.fc17 (FEDORA-2013-7018) Open-source Python bindings for The Open Dynamics Engine -------------------------------------------------------------------------------- Update Information: New package: pyode A set of open-source Python bindings for The Open Dynamics Engine, an open-source physics engine. PyODE also includes an XODE parser -------------------------------------------------------------------------------- References: [ 1 ] Bug #927611 - Review Request: pyode - Open-source Python bindings for The Open Dynamics Engine https://bugzilla.redhat.com/show_bug.cgi?id=927611 -------------------------------------------------------------------------------- ================================================================================ python-geojson-1.0.1-2.fc17 (FEDORA-2013-7005) Encoder/decoder for simple GIS features -------------------------------------------------------------------------------- Update Information: Initial packaging. -------------------------------------------------------------------------------- References: [ 1 ] Bug #916432 - Review Request: python-geojson - Encoder/decoder for simple GIS features https://bugzilla.redhat.com/show_bug.cgi?id=916432 -------------------------------------------------------------------------------- ================================================================================ python-stem-1.0.1-4.fc17 (FEDORA-2013-6984) Python controller library for Tor -------------------------------------------------------------------------------- Update Information: Python controller library for Tor -------------------------------------------------------------------------------- References: [ 1 ] Bug #928541 - Review Request: python-stem - Python controller library for Tor https://bugzilla.redhat.com/show_bug.cgi?id=928541 -------------------------------------------------------------------------------- ================================================================================ python-xlrd-0.9.2-1.fc17 (FEDORA-2013-7020) Library to extract data from Microsoft Excel (TM) spreadsheet files -------------------------------------------------------------------------------- Update Information: Update to upstream. -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 23 2013 Ján ONDREJ (SAL) <ondrejj(at)salstar.sk> - 0.9.2-1 - Update to upstream. - Updated URL and description. * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.8.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Sun Oct 7 2012 Ján ONDREJ (SAL) <ondrejj(at)salstar.sk> - 0.8.0-1 - Update to upstream. * Sat Jul 21 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.7.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #955559 - Update to 0.9.2 https://bugzilla.redhat.com/show_bug.cgi?id=955559 -------------------------------------------------------------------------------- ================================================================================ rekonq-2.3.0-1.fc17 (FEDORA-2013-6962) KDE browser based on QtWebkit -------------------------------------------------------------------------------- Update Information: Rekonq 2.3.0 release Rekonq 2.2 release. See http://adjamblog.wordpress.com/2013/02/28/rekonq-2-2/ -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 28 2013 Jan Grulich <jgrulich@xxxxxxxxxx> 2.3.0-1 - 2.3.0 -------------------------------------------------------------------------------- ================================================================================ scim-chewing-0.3.5-1.fc17 (FEDORA-2013-7023) Chewing Chinese input method for SCIM -------------------------------------------------------------------------------- Update Information: - Upstream update to 0.3.5 - Fixed Bug 926494: scim-chewing: Does not support aarch64 in f19 and rawhide -------------------------------------------------------------------------------- ChangeLog: * Sat Apr 27 2013 Ding-Yi Chen <dchen at redhat dot com> - 0.3.5-1 - Upstream update to 0.3.5 - Fixed Bug 926494: scim-chewing: Does not support aarch64 in f19 and rawhide * Wed Feb 27 2013 Parag Nemade <pnemade AT fedoraproject DOT org> - 0.3.4-5 - Resolves:rh#914507 - scim-chewing: FTBFS in rawhide * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.3.4-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Sat Jul 21 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.3.4-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #926494 - scim-chewing: Does not support aarch64 in f19 and rawhide https://bugzilla.redhat.com/show_bug.cgi?id=926494 -------------------------------------------------------------------------------- ================================================================================ tw-0.9.16-1.fc17 (FEDORA-2013-6994) Translate words into different languages -------------------------------------------------------------------------------- Update Information: Makes aspell, espeak, mythes optional for build, mythes real usable synonyms tool, fixes spec, synonyms utf handling, mythes example on documentation. -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 28 2013 Juan Manuel Borges Caño <juanmabcmail@xxxxxxxxx> - 0.9.16-1 * Update to mainstream. * Fri Feb 15 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.9.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #885833 - Review Request: tw - translate words into different languages https://bugzilla.redhat.com/show_bug.cgi?id=885833 -------------------------------------------------------------------------------- ================================================================================ xfce4-weather-plugin-0.8.3-1.fc17 (FEDORA-2013-6988) Weather plugin for the Xfce panel -------------------------------------------------------------------------------- Update Information: This update fixes the location detection, allows forcasts for more than 6 days and brings numerous improvements. For a complete list of changes, please refer to http://mail.xfce.org/pipermail/xfce/2013-February/031967.html -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 18 2013 Christoph Wickert <cwickert@xxxxxxxxxxxxxxxxx> - 0.8.3-1 - Update to 0.8.3 - BuildRequire upower-devel and libsoup-devel * Fri Feb 15 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.8.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #926941 - xfce4 weather applet becomes a cpu hog if forecast > 6 days https://bugzilla.redhat.com/show_bug.cgi?id=926941 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
