Fedora 17 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 17 Security updates need testing:
 Age  URL
 301  https://admin.fedoraproject.org/updates/FEDORA-2012-10269/revelation-0.4.14-1.fc17
 113  https://admin.fedoraproject.org/updates/FEDORA-2013-0455/fedora-business-cards-1-0.1.beta1.fc17
  83  https://admin.fedoraproject.org/updates/FEDORA-2013-2143/rubygem-rdoc-3.12-5.fc17
  79  https://admin.fedoraproject.org/updates/FEDORA-2013-2315/rubygem-rack-1.4.0-4.fc17
  42  https://admin.fedoraproject.org/updates/FEDORA-2013-4174/glibc-2.15-59.fc17
  41  https://admin.fedoraproject.org/updates/FEDORA-2013-4234/stunnel-4.55-1.fc17
  40  https://admin.fedoraproject.org/updates/FEDORA-2013-4296/tomcat6-6.0.36-1.fc17
  36  https://admin.fedoraproject.org/updates/FEDORA-2013-4501/libxslt-1.1.28-1.fc17
  33  https://admin.fedoraproject.org/updates/FEDORA-2013-4581/libuser-0.57.6-2.fc17
  21  https://admin.fedoraproject.org/updates/FEDORA-2013-5440/php-geshi-1.0.8.11-3.fc17
  21  https://admin.fedoraproject.org/updates/FEDORA-2013-5349/389-ds-base-1.2.11.21-1.fc17
  20  https://admin.fedoraproject.org/updates/FEDORA-2013-5546/plexus-archiver-2.3-1.fc17
  14  https://admin.fedoraproject.org/updates/FEDORA-2013-5967/xorg-x11-server-1.12.4-7.fc17
   6  https://admin.fedoraproject.org/updates/FEDORA-2013-6723/xen-4.1.5-1.fc17
   6  https://admin.fedoraproject.org/updates/FEDORA-2013-6727/python-pip-1.3.1-1.fc17
   6  https://admin.fedoraproject.org/updates/FEDORA-2013-6720/curl-7.24.0-8.fc17
   2  https://admin.fedoraproject.org/updates/FEDORA-2013-7000/phpMyAdmin-3.5.8.1-1.fc17
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-7144/xmp-3.4.0-11.fc17
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-7128/tinc-1.0.21-1.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-7285/php-sabredav-Sabre_DAV-1.6.5-5.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-7305/gpsd-3.9-1.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-6999/kernel-3.8.11-100.fc17


The following Fedora 17 Critical Path updates have yet to be approved:
 Age URL
 253  https://admin.fedoraproject.org/updates/FEDORA-2012-12509/PackageKit-0.7.6-1.fc17
  82  https://admin.fedoraproject.org/updates/FEDORA-2013-2163/policycoreutils-2.1.13-27.3.fc17
  61  https://admin.fedoraproject.org/updates/FEDORA-2013-3304/libvpx-1.2.0-1.fc17
  42  https://admin.fedoraproject.org/updates/FEDORA-2013-4140/audit-2.2.3-2.fc17
  10  https://admin.fedoraproject.org/updates/FEDORA-2013-6278/nss-3.14.3-2.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-6636/kde-settings-4.8-25.fc17
   6  https://admin.fedoraproject.org/updates/FEDORA-2013-6720/curl-7.24.0-8.fc17
   6  https://admin.fedoraproject.org/updates/FEDORA-2013-6750/xorg-x11-drv-synaptics-1.6.3-3.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-7291/dosfstools-3.0.16-3.fc17
The following builds have been pushed to Fedora 17 updates-testing

    PyQt4-4.10.1-3.fc17
    dosfstools-3.0.16-3.fc17
    gnome-chemistry-utils-0.14.2-2.fc17
    gnumeric-1.12.2-1.fc17
    goffice-0.10.2-1.fc17
    gpsd-3.9-1.fc17
    julius-voxforge-2013.03.01-1.fc17
    kernel-3.8.11-100.fc17
    php-sabredav-Sabre_DAV-1.6.5-5.fc17
    sip-4.14.6-1.fc17
    tw-0.9.16-2.fc17

Details about builds:


================================================================================
 PyQt4-4.10.1-3.fc17 (FEDORA-2013-6827)
 Python bindings for Qt4
--------------------------------------------------------------------------------
Update Information:

New sip/PyQt4 releases, see also:
http://www.riverbankcomputing.com/news/sip-4146
http://www.riverbankcomputing.com/news/pyqt-4101
--------------------------------------------------------------------------------
ChangeLog:

* Thu May  2 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.10.1-3
- ImportError: cannot import name uic (#958736)
* Fri Apr 26 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.10.1-2
- filter private shared objects
- %{python_sitelib}/dbus/mainloop/qt.so should be in %python_sitearch (#957260)
- .spec cleanup
- -assistant subpkg
* Mon Apr 22 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.10.1-1
- 4.10.1
* Tue Apr  2 2013 Than Ngo <than@xxxxxxxxxx> - 4.10-3
- adapt rhel patch
* Fri Mar 22 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.10-2
- introduce qscintilla, webkit feature macros
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #923233 - [abrt] ninja-ide-2.1.1-4.fc18: highlighter.py:326:realtime_highlight:AttributeError: 'QTextBlockUserData' object has no attribute 'clear_data'
        https://bugzilla.redhat.com/show_bug.cgi?id=923233
  [ 2 ] Bug #957260 - PyQt4: %{python_sitelib}/dbus/mainloop/qt.so should be in %python_sitearch
        https://bugzilla.redhat.com/show_bug.cgi?id=957260
--------------------------------------------------------------------------------


================================================================================
 dosfstools-3.0.16-3.fc17 (FEDORA-2013-7291)
 Utilities for making and checking MS-DOS FAT filesystems on Linux
--------------------------------------------------------------------------------
Update Information:

This is an update that fixes dosfslabel.
--------------------------------------------------------------------------------
ChangeLog:

* Thu May  2 2013 Jaroslav Škarvada <jskarvad@xxxxxxxxxx> - 3.0.16-3
- Fixed dosfslabel (by fix-label patch)
  Resolves: rhbz#948055
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #948055 - [abrt] dosfstools-3.0.16-2.fc17: _IO_str_chk_overflow: Process /usr/sbin/dosfslabel was killed by signal 6 (SIGABRT)
        https://bugzilla.redhat.com/show_bug.cgi?id=948055
--------------------------------------------------------------------------------


================================================================================
 gnome-chemistry-utils-0.14.2-2.fc17 (FEDORA-2013-7296)
 A set of chemical utilities
--------------------------------------------------------------------------------
Update Information:

Latest releases of goffice and gnumeric:
* http://projects.gnome.org/gnumeric/announcements/1.12/gnumeric-1.12.2.shtml
--------------------------------------------------------------------------------
ChangeLog:

* Wed May  1 2013 Julian Sikorski <belegdol@xxxxxxxxxxxxxxxxx> - 0.14.2-2
- Rebuilt for gnumeric-1.12.2
--------------------------------------------------------------------------------


================================================================================
 gnumeric-1.12.2-1.fc17 (FEDORA-2013-7296)
 Spreadsheet program for GNOME
--------------------------------------------------------------------------------
Update Information:

Latest releases of goffice and gnumeric:
* http://projects.gnome.org/gnumeric/announcements/1.12/gnumeric-1.12.2.shtml
--------------------------------------------------------------------------------
ChangeLog:

* Wed May  1 2013 Julian Sikorski <belegdol@xxxxxxxxxxxxxxxxx> - 1:1.12.2-1
- Updated to 1.12.2
- Added a patch to build with libgsf-1.14.24
--------------------------------------------------------------------------------


================================================================================
 goffice-0.10.2-1.fc17 (FEDORA-2013-7296)
 G Office support libraries
--------------------------------------------------------------------------------
Update Information:

Latest releases of goffice and gnumeric:
* http://projects.gnome.org/gnumeric/announcements/1.12/gnumeric-1.12.2.shtml
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr 29 2013 Julian Sikorski <belegdol@xxxxxxxxxxxxxxxxx> - 0.10.2-1
- Updated to 0.10.2
--------------------------------------------------------------------------------


================================================================================
 gpsd-3.9-1.fc17 (FEDORA-2013-7305)
 Service daemon for mediating access to a GPS
--------------------------------------------------------------------------------
Update Information:

This is an update to the latest upstream release, which fixes a denial of service flaw found in the way AIS driver packet parser processed certain malformed packets.
--------------------------------------------------------------------------------
ChangeLog:

* Thu May  2 2013 Miroslav Lichvar <mlichvar@xxxxxxxxxx> - 3.9-1
- update to 3.9 (#958717)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #958717 - gpsd: DoS (packet parser crash) in the AIS driver when processing malformed packet
        https://bugzilla.redhat.com/show_bug.cgi?id=958717
--------------------------------------------------------------------------------


================================================================================
 julius-voxforge-2013.03.01-1.fc17 (FEDORA-2013-7293)
 VoxForge Acoustic Model files for Julius
--------------------------------------------------------------------------------
Update Information:

New package: VoxForge Acoustic Model files for Julius
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #957238 - Review Request: julius-voxforge - VoxForge Acoustic Model files for Julius
        https://bugzilla.redhat.com/show_bug.cgi?id=957238
--------------------------------------------------------------------------------


================================================================================
 kernel-3.8.11-100.fc17 (FEDORA-2013-6999)
 The Linux kernel
--------------------------------------------------------------------------------
Update Information:

Update to latest upstream stable release, Linux v3.8.11. A variety of fixes across the tree.
--------------------------------------------------------------------------------
ChangeLog:

* Wed May  1 2013 Justin M. Forbes <jforbes@xxxxxxxxxx> - 3.8.11-100
- Linux v3.8.11
* Mon Apr 29 2013 Justin M. Forbes <jforbes@xxxxxxxxxx> - 3.8.10-100
- Linux v3.8.10
* Wed Apr 24 2013 Josh Boyer <jwboyer@xxxxxxxxxx> - 3.8.8-102
- CVE-2013-3228 irda: missing msg_namelen update in irda_recvmsg_dgram (rhbz 956069 956071)
- CVE-2013-3230 l2tp: info leak in l2tp_ip6_recvmsg (rhbz 956088 956089)
- CVE-2013-3231 llc: Fix missing msg_namelen update in llc_ui_recvmsg (rhbz 956094 956104)
- CVE-2013-3232 netrom: information leak via msg_name in nr_recvmsg (rhbz 956110 956113)
- CVE-2013-3233 NFC: llcp: info leaks via msg_name in llcp_sock_recvmsg (rhbz 956125 956129)
- CVE-2013-3234 rose: info leak via msg_name in rose_recvmsg (rhbz 956135 956139)
- CVE-2013-3076 crypto: algif suppress sending src addr info in recvmsg (rhbz 956162 956168)
* Tue Apr 23 2013 Josh Boyer <jwboyer@xxxxxxxxxx>
- CVE-2013-3223 ax25: information leak via msg_name in ax25_recvmsg (rhbz 955662 955666)
- CVE-2013-3225 Bluetooth: RFCOMM missing msg_namelen update in rfcomm_sock_recvmsg (rhbz 955649 955658)
- CVE-2013-1979 net: incorrect SCM_CREDENTIALS passing (rhbz 955629 955647)
- CVE-2013-3224 Bluetooth: possible info leak in bt_sock_recvmsg (rhbz 955599 955607)
* Mon Apr 22 2013 Josh Boyer <jwboyer@xxxxxxxxxx>
- CVE-2013-3222 atm: update msg_namelen in vcc_recvmsg (rhbz 955216 955228)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #956069 - CVE-2013-3228 Kernel: irda: missing msg_namelen update in irda_recvmsg_dgram
        https://bugzilla.redhat.com/show_bug.cgi?id=956069
  [ 2 ] Bug #956088 - CVE-2013-3230 Kernel: l2tp: info leak in l2tp_ip6_recvmsg
        https://bugzilla.redhat.com/show_bug.cgi?id=956088
  [ 3 ] Bug #956094 - CVE-2013-3231 Kernel: llc: Fix missing msg_namelen update in llc_ui_recvmsg
        https://bugzilla.redhat.com/show_bug.cgi?id=956094
  [ 4 ] Bug #956110 - CVE-2013-3232 Kernel: netrom: information leak via msg_name in nr_recvmsg
        https://bugzilla.redhat.com/show_bug.cgi?id=956110
  [ 5 ] Bug #956125 - CVE-2013-3233 Kernel: NFC: llcp: info leaks via msg_name in llcp_sock_recvmsg
        https://bugzilla.redhat.com/show_bug.cgi?id=956125
  [ 6 ] Bug #956135 - CVE-2013-3234 Kernel: rose: info leak via msg_name in rose_recvmsg
        https://bugzilla.redhat.com/show_bug.cgi?id=956135
  [ 7 ] Bug #956162 - CVE-2013-3076 Kernel: crypto: algif - suppress sending source address information in recvmsg
        https://bugzilla.redhat.com/show_bug.cgi?id=956162
  [ 8 ] Bug #955662 - CVE-2013-3223 Kernel: ax25: information leak via msg_name in ax25_recvmsg()
        https://bugzilla.redhat.com/show_bug.cgi?id=955662
  [ 9 ] Bug #955649 - CVE-2013-3225 Kernel: Bluetooth: RFCOMM - missing msg_namelen update in rfcomm_sock_recvmsg
        https://bugzilla.redhat.com/show_bug.cgi?id=955649
  [ 10 ] Bug #955629 - CVE-2013-1979 kernel: net: incorrect SCM_CREDENTIALS passing
        https://bugzilla.redhat.com/show_bug.cgi?id=955629
  [ 11 ] Bug #955599 - CVE-2013-3224 Kernel: Bluetooth: possible info leak in bt_sock_recvmsg()
        https://bugzilla.redhat.com/show_bug.cgi?id=955599
  [ 12 ] Bug #955216 - CVE-2013-3222 Kernel: atm: update msg_namelen in vcc_recvmsg()
        https://bugzilla.redhat.com/show_bug.cgi?id=955216
--------------------------------------------------------------------------------


================================================================================
 php-sabredav-Sabre_DAV-1.6.5-5.fc17 (FEDORA-2013-7285)
 Sabre_DAV is a WebDAV framework for PHP
--------------------------------------------------------------------------------
Update Information:

Fixes archives/files problem
This update patches the problem in the browser plugin for sabredav.
This update patches the problem in the browser plugin for sabredav.
This update patches the problem in the browser plugin for sabredav.
This update patches the problem in the browser plugin for sabredav.
--------------------------------------------------------------------------------
ChangeLog:

* Wed May  1 2013 Joseph Marrero <jmarrero@xxxxxxxxxxxxxxxxx> - 1.6.5-5
- Fix problem with checksum whitout braking the files installed
* Sun Apr 28 2013 Joseph Marrero <jmarrero@xxxxxxxxxxxxxxxxx> - 1.6.5-4
- added security patch that fixes bugs 951568 951569 951562
- added --ignore-erros flag to pear install macro to accept the patch
* Sat Mar  2 2013 Joseph Marrero <jmarrero@xxxxxxxxxxxxxxxxx> - 1.6.5-3
- Fix cleanup in rhel6 and f19
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.6.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #951562 - CVE-2013-1939 php-sabredav-Sabre_DAV: Local file exposure due improper icons / images path checking in the HTML Browser plug-in
        https://bugzilla.redhat.com/show_bug.cgi?id=951562
--------------------------------------------------------------------------------


================================================================================
 sip-4.14.6-1.fc17 (FEDORA-2013-6827)
 SIP - Python/C++ Bindings Generator
--------------------------------------------------------------------------------
Update Information:

New sip/PyQt4 releases, see also:
http://www.riverbankcomputing.com/news/sip-4146
http://www.riverbankcomputing.com/news/pyqt-4101
--------------------------------------------------------------------------------
ChangeLog:

* Sun Apr 21 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.14.6-1
- sip-4.14.6
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #923233 - [abrt] ninja-ide-2.1.1-4.fc18: highlighter.py:326:realtime_highlight:AttributeError: 'QTextBlockUserData' object has no attribute 'clear_data'
        https://bugzilla.redhat.com/show_bug.cgi?id=923233
  [ 2 ] Bug #957260 - PyQt4: %{python_sitelib}/dbus/mainloop/qt.so should be in %python_sitearch
        https://bugzilla.redhat.com/show_bug.cgi?id=957260
--------------------------------------------------------------------------------


================================================================================
 tw-0.9.16-2.fc17 (FEDORA-2013-7302)
 Translate words into different languages
--------------------------------------------------------------------------------
Update Information:

Makes aspell, espeak, mythes optional for build, mythes real usable synonyms tool, fixes spec, synonyms utf handling, mythes example on documentation.

--------------------------------------------------------------------------------
ChangeLog:

* Wed May  1 2013 Juan Manuel Borges Caño <juanmabcmail@xxxxxxxxx> - 0.9.16-2
* Add espeak to BuildRequires.
* Sun Apr 28 2013 Juan Manuel Borges Caño <juanmabcmail@xxxxxxxxx> - 0.9.16-1
* Update to mainstream.
* Fri Feb 15 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.9.8-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test





[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux