Fedora 18 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 18 Security updates need testing:
 Age  URL
 116  https://admin.fedoraproject.org/updates/FEDORA-2013-0416/fedora-business-cards-1-0.1.beta1.fc18
  85  https://admin.fedoraproject.org/updates/FEDORA-2013-2131/rubygem-rdoc-3.12-6.fc18
  81  https://admin.fedoraproject.org/updates/FEDORA-2013-2306/rubygem-rack-1.4.0-5.fc18
  50  https://admin.fedoraproject.org/updates/FEDORA-2013-3935/puppet-3.1.1-1.fc18
  43  https://admin.fedoraproject.org/updates/FEDORA-2013-4243/stunnel-4.55-1.fc18
  35  https://admin.fedoraproject.org/updates/FEDORA-2013-4589/tomcat6-6.0.36-2.fc18
  30  https://admin.fedoraproject.org/updates/FEDORA-2013-4823/microcode_ctl-2.0-3.fc18
  23  https://admin.fedoraproject.org/updates/FEDORA-2013-5472/php-geshi-1.0.8.11-3.fc18
  22  https://admin.fedoraproject.org/updates/FEDORA-2013-5548/plexus-archiver-2.3-1.fc18
  15  https://admin.fedoraproject.org/updates/FEDORA-2013-6117/eucalyptus-3.2.2-1.fc18
  11  https://admin.fedoraproject.org/updates/FEDORA-2013-6417/owncloud-4.5.10-1.fc18
   8  https://admin.fedoraproject.org/updates/FEDORA-2013-6721/openstack-keystone-2012.2.4-2.fc18
   4  https://admin.fedoraproject.org/updates/FEDORA-2013-6977/phpMyAdmin-3.5.8.1-1.fc18
   3  https://admin.fedoraproject.org/updates/FEDORA-2013-7135/xmp-3.5.0-3.fc18
   3  https://admin.fedoraproject.org/updates/FEDORA-2013-7120/tinc-1.0.21-1.fc18
   2  https://admin.fedoraproject.org/updates/FEDORA-2013-7289/php-sabredav-Sabre_DAV-1.6.5-5.fc18
   2  https://admin.fedoraproject.org/updates/FEDORA-2013-7309/gpsd-3.9-1.fc18
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-7369/libtiff-4.0.3-6.fc18
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-7426/xen-4.2.2-3.fc18


The following Fedora 18 Critical Path updates have yet to be approved:
 Age URL
 202  https://admin.fedoraproject.org/updates/FEDORA-2012-16107/xorg-x11-drv-qxl-0.1.0-1.fc18
 200  https://admin.fedoraproject.org/updates/FEDORA-2012-16207/thunderbird-lightning-1.8-1.fc18,thunderbird-16.0.1-2.fc18
  84  https://admin.fedoraproject.org/updates/FEDORA-2013-2192/nautilus-3.6.3-5.fc18
  60  https://admin.fedoraproject.org/updates/FEDORA-2013-3458/iproute-3.6.0-7.fc18,iptables-1.4.18-1.fc18
  13  https://admin.fedoraproject.org/updates/FEDORA-2013-6207/sendmail-8.14.7-1.fc18
  12  https://admin.fedoraproject.org/updates/FEDORA-2013-6297/gcr-3.6.2-4.fc18
   2  https://admin.fedoraproject.org/updates/FEDORA-2013-7288/dosfstools-3.0.16-3.fc18
   2  https://admin.fedoraproject.org/updates/FEDORA-2013-7235/colord-0.1.34-1.fc18
   2  https://admin.fedoraproject.org/updates/FEDORA-2013-7211/libwacom-0.7.1-2.fc18
   2  https://admin.fedoraproject.org/updates/FEDORA-2013-6209/ibus-1.5.2-3.fc18
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-7357/abrt-2.1.4-1.fc18,libreport-2.1.4-1.fc18
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-7374/qt-4.8.4-17.fc18
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-7369/libtiff-4.0.3-6.fc18
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-7131/perl-5.16.3-244.fc18,perl-Digest-1.17-244.fc18,perl-threads-1.86-243.fc18,perl-Version-Requirements-0.101022-243.fc18,perl-Test-Simple-0.98-243.fc18,perl-Carp-1.26-243.fc18,perl-ExtUtils-Manifest-1.61-243.fc18,perl-parent-0.225-243.fc18
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-7436/audit-2.3-2.fc18
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-7428/libgphoto2-2.5.1.1-4.fc18


The following builds have been pushed to Fedora 18 updates-testing

    PyQt4-4.10.1-4.fc18
    R-wavethresh-4.6.4-1.fc18
    audit-2.3-2.fc18
    cura-13.04-1.fc18
    cxxtools-2.2-1.fc18
    icedtea-web-1.4-0.fc18
    libgphoto2-2.5.1.1-4.fc18
    mingw-angleproject-0-0.4.svn1561.20121214.fc18
    mingw-crt-2.0.999-0.17.trunk.20121110.fc18
    mingw-qt5-qtbase-5.0.2-1.fc18
    mingw-qt5-qtjsbackend-5.0.2-1.fc18
    mingw-qt5-qtscript-5.0.2-1.fc18
    mingw-qt5-qttools-5.0.2-1.fc18
    nodejs-get-1.2.1-2.fc18
    pdns-recursor-3.5.1-1.fc18
    pgbouncer-1.5.4-1.fc18
    sip-4.14.6-1.fc18
    xen-4.2.2-3.fc18

Details about builds:


================================================================================
 PyQt4-4.10.1-4.fc18 (FEDORA-2013-6830)
 Python bindings for Qt4
--------------------------------------------------------------------------------
Update Information:

New sip/PyQt4 releases, see also:
http://www.riverbankcomputing.com/news/sip-4146
http://www.riverbankcomputing.com/news/pyqt-4101
--------------------------------------------------------------------------------
ChangeLog:

* Fri May  3 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.10.1-4
- fix dbus/mainloop hacks (#957867)
* Thu May  2 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.10.1-3
- ImportError: cannot import name uic (#958736)
* Fri Apr 26 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.10.1-2
- filter private shared objects
- %{python_sitelib}/dbus/mainloop/qt.so should be in %python_sitearch (#957260)
- .spec cleanup
- -assistant subpkg
* Mon Apr 22 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.10.1-1
- 4.10.1
* Tue Apr  2 2013 Than Ngo <than@xxxxxxxxxx> - 4.10-3
- adapt rhel patch
* Fri Mar 22 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.10-2
- introduce qscintilla, webkit feature macros
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #923233 - [abrt] ninja-ide-2.1.1-4.fc18: highlighter.py:326:realtime_highlight:AttributeError: 'QTextBlockUserData' object has no attribute 'clear_data'
        https://bugzilla.redhat.com/show_bug.cgi?id=923233
  [ 2 ] Bug #957260 - PyQt4: %{python_sitelib}/dbus/mainloop/qt.so should be in %python_sitearch
        https://bugzilla.redhat.com/show_bug.cgi?id=957260
--------------------------------------------------------------------------------


================================================================================
 R-wavethresh-4.6.4-1.fc18 (FEDORA-2013-7434)
 R module, Software to perform wavelet statistics and transforms
--------------------------------------------------------------------------------
Update Information:

Minor bug fixes.
--------------------------------------------------------------------------------
ChangeLog:

* Fri May  3 2013 José Matos <jamatos@xxxxxxxxxxxxxxxxx> - 4.6.4-1
- update to 4.6.4
* Thu Apr 11 2013 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 4.6.2-1
- update to 4.6.2
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 4.5-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 audit-2.3-2.fc18 (FEDORA-2013-7436)
 User space tools for 2.6 kernel auditing
--------------------------------------------------------------------------------
Update Information:

This release improves support for systemd, interpretations of audit events, and fixes man pages. This release also includes support for compiling a master set of rules from /etc/audit/rules.d. For more details, see the audit-2.3 release notes and augenrules man page.
This update fixes a lot of small bugs and updates the syscall tables for the 3.7 and 3.8 kernels. It adds more interpretations for arguments of security critical syscalls.
--------------------------------------------------------------------------------
ChangeLog:

* Fri May  3 2013 Steve Grubb <sgrubb@xxxxxxxxxx> 2.3-2
- If no rules exist, copy shipped rules into place
* Tue Apr 30 2013 Steve Grubb <sgrubb@xxxxxxxxxx> 2.3-1
- New upstream bugfix release
--------------------------------------------------------------------------------


================================================================================
 cura-13.04-1.fc18 (FEDORA-2013-7427)
 3D printer control software
--------------------------------------------------------------------------------
Update Information:

Cure can slice now, alsu updated to the latest version
3D printer control software
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #901659 - Review Request: cura - 3D printer control software
        https://bugzilla.redhat.com/show_bug.cgi?id=901659
--------------------------------------------------------------------------------


================================================================================
 cxxtools-2.2-1.fc18 (FEDORA-2013-7435)
 A collection of general-purpose C++ classes
--------------------------------------------------------------------------------
Update Information:

* Fri May 3 2013 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 2.2-1
- new release
- spec file cleanup
--------------------------------------------------------------------------------
ChangeLog:

* Fri May  3 2013 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 2.2-1
- new release
- spec file cleanup
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #821220 - cxxtools - A collection of general-purpose C++ classes
        https://bugzilla.redhat.com/show_bug.cgi?id=821220
--------------------------------------------------------------------------------


================================================================================
 icedtea-web-1.4-0.fc18 (FEDORA-2013-7438)
 Java browser plug-in and Web Start implementation
--------------------------------------------------------------------------------
Update Information:

* Numerous improvements and enhancements in core and system of classloaders
* Added cs localization
* Added de localization
* Added pl localization
* Splash screen for javaws and plugin
* Better error reporting for plugin via Error-splash-screen
* All IcedTea-Web dialogues are centered to middle of active screen
* Download indicator made compact for more then one jar
* User can select its own JVM via itw-settings and deploy.properties.
* Added extended applets security settings and dialogue
* Security updates
   - CVE-2013-1926, RH916774: Class-loader incorrectly shared for applets with same relative-path.
   - CVE-2013-1927, RH884705: fixed gifar vulnerabilit
   - CVE-2012-3422, RH840592: Potential read from an uninitialized memory location
   - CVE-2012-3423, RH841345: Incorrect handling of not 0-terminated strings
* NetX
   - PR1027: DownloadService is not supported by IcedTea-Web
   - PR725: JNLP applications will prompt for creating desktop shortcuts every time they are run
   - PR1292: Javaws does not resolve versioned jar names with periods correctly
* Plugin
   - PR1106: Buffer overflow in plugin table-
   - PR1166: Embedded JNLP File is not supported in applet tag
   - PR1217: Add command line arguments for plugins
   - PR1189: Icedtea-plugin requires code attribute when using jnlp_href
   - PR1198: JSObject is not passed to javascript correctly
   - PR1260: IcedTea-Web should not rely on GTK
   - PR1157: Applets can hang browser after fatal exception
   - PR580: http://www.horaoficial.cl/ loads improperly
* Common
   - PR1049: Extension jnlp's signed jar with the content of only META-INF/* is considered
   - PR955: regression: SweetHome3D fails to run
   - PR1145: IcedTea-Web can cause ClassCircularityError
   - PR1161: X509VariableTrustManager does not work correctly with OpenJDK7
   - PR822: Applets fail to load if jars have different signers
   - PR1186: System.getProperty("deployment.user.security.trusted.cacerts") is null
   - PR909: The Java applet at http://de.gosupermodel.com/games/wardrobegame.jsp fails
   - PR1299: WebStart doesn't read socket proxy settings from firefox correctly


--------------------------------------------------------------------------------
ChangeLog:

* Sat May  4 2013 Jiri Vanek <jvanek@xxxxxxxxxx> 1.4-0
- Updated to 1.4
- See announcement for detail
 - http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-May/023195.html
- added check
--------------------------------------------------------------------------------


================================================================================
 libgphoto2-2.5.1.1-4.fc18 (FEDORA-2013-7428)
 Library for accessing digital cameras
--------------------------------------------------------------------------------
Update Information:

- Fix crash when dealing with PTP devices without a memory card (rhbz#915688)
- Fix PTP devices not working in USB-3 ports (rhbz#819918)
- Cleanup spec-file

--------------------------------------------------------------------------------
ChangeLog:

* Sat May  4 2013 Hans de Goede <hdegoede@xxxxxxxxxx> - 2.5.1.1-4
- Fix crash when dealing with PTP devices without a memory card (rhbz#915688)
* Thu May  2 2013 Hans de Goede <hdegoede@xxxxxxxxxx> - 2.5.1.1-3
- Fix PTP devices not working in USB-3 ports (rhbz#819918)
- Cleanup spec-file
* Tue Apr 23 2013 Tim Waugh <twaugh@xxxxxxxxxx> 2.5.1.1-2
- Use _udevrulesdir macro.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #915688 - [abrt] gphoto2-2.5.0-2.fc18: dtoh32ap: Process /usr/bin/gphoto2 was killed by signal 11 (SIGSEGV)
        https://bugzilla.redhat.com/show_bug.cgi?id=915688
  [ 2 ] Bug #819918 - Canon EOS DSLRs not working on USB 3 ports (ep 0x81, 0x2 - rounding interval to 32768 microframes, ep desc says 0 microframes)
        https://bugzilla.redhat.com/show_bug.cgi?id=819918
--------------------------------------------------------------------------------


================================================================================
 mingw-angleproject-0-0.4.svn1561.20121214.fc18 (FEDORA-2013-7425)
 Almost Native Graphics Layer Engine
--------------------------------------------------------------------------------
Update Information:

Fix compatibility issue regarding vsprintf_s on Windows XP
--------------------------------------------------------------------------------
ChangeLog:

* Sat May  4 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 0-0.4.svn1561.20121214
- Rebuild against latest mingw-crt (fixes Windows XP compatibility issue, RHBZ #917323)
- Added another workaround due to the fact that the gyp
  build system doesn't properly support cross-compilation
  Fixes FTBFS against latest gyp
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #917323 - Win32 apps built with mingw32-qt5-qtbase always crash at startup under wine and windows
        https://bugzilla.redhat.com/show_bug.cgi?id=917323
--------------------------------------------------------------------------------


================================================================================
 mingw-crt-2.0.999-0.17.trunk.20121110.fc18 (FEDORA-2013-7425)
 MinGW Windows cross-compiler runtime
--------------------------------------------------------------------------------
Update Information:

Fix compatibility issue regarding vsprintf_s on Windows XP
--------------------------------------------------------------------------------
ChangeLog:

* Sat May  4 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.0.999-0.17.trunk.20121110
- Added Windows XP compatibility wrapper for the vsprintf_s function (RHBZ #917323)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #917323 - Win32 apps built with mingw32-qt5-qtbase always crash at startup under wine and windows
        https://bugzilla.redhat.com/show_bug.cgi?id=917323
--------------------------------------------------------------------------------


================================================================================
 mingw-qt5-qtbase-5.0.2-1.fc18 (FEDORA-2013-7431)
 Qt5 for Windows - QtBase component
--------------------------------------------------------------------------------
Update Information:

Update to Qt 5.0.2 and disabled DirectWrite support (as it is unavailable on Windows XP)
--------------------------------------------------------------------------------
ChangeLog:

* Sat Apr 13 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 5.0.2-1
- Update to 5.0.2
- Remove DirectWrite support for now as the necessary API
  isn't available on Windows XP (as mentioned in RHBZ #917323)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #917323 - Win32 apps built with mingw32-qt5-qtbase always crash at startup under wine and windows
        https://bugzilla.redhat.com/show_bug.cgi?id=917323
--------------------------------------------------------------------------------


================================================================================
 mingw-qt5-qtjsbackend-5.0.2-1.fc18 (FEDORA-2013-7431)
 Qt5 for Windows - QtJsBackend component
--------------------------------------------------------------------------------
Update Information:

Update to Qt 5.0.2 and disabled DirectWrite support (as it is unavailable on Windows XP)
--------------------------------------------------------------------------------
ChangeLog:

* Fri May  3 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 5.0.2-1
- Update to 5.0.2
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #917323 - Win32 apps built with mingw32-qt5-qtbase always crash at startup under wine and windows
        https://bugzilla.redhat.com/show_bug.cgi?id=917323
--------------------------------------------------------------------------------


================================================================================
 mingw-qt5-qtscript-5.0.2-1.fc18 (FEDORA-2013-7431)
 Qt5 for Windows - QtScript component
--------------------------------------------------------------------------------
Update Information:

Update to Qt 5.0.2 and disabled DirectWrite support (as it is unavailable on Windows XP)
--------------------------------------------------------------------------------
ChangeLog:

* Fri May  3 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 5.0.2-1
- Update to 5.0.2
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #917323 - Win32 apps built with mingw32-qt5-qtbase always crash at startup under wine and windows
        https://bugzilla.redhat.com/show_bug.cgi?id=917323
--------------------------------------------------------------------------------


================================================================================
 mingw-qt5-qttools-5.0.2-1.fc18 (FEDORA-2013-7431)
 Qt5 for Windows - QtTools component
--------------------------------------------------------------------------------
Update Information:

Update to Qt 5.0.2 and disabled DirectWrite support (as it is unavailable on Windows XP)
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr 30 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 5.0.2-1
- Update to 5.0.2
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #917323 - Win32 apps built with mingw32-qt5-qtbase always crash at startup under wine and windows
        https://bugzilla.redhat.com/show_bug.cgi?id=917323
--------------------------------------------------------------------------------


================================================================================
 nodejs-get-1.2.1-2.fc18 (FEDORA-2013-7423)
 A slightly higher-level HTTP client for node
--------------------------------------------------------------------------------
Update Information:

A slightly higher-level HTTP client for Node.js
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #957929 - Review Request: nodejs-get - A slightly higher-level HTTP client for node
        https://bugzilla.redhat.com/show_bug.cgi?id=957929
--------------------------------------------------------------------------------


================================================================================
 pdns-recursor-3.5.1-1.fc18 (FEDORA-2013-7424)
 Modern, advanced and high performance recursing/non authoritative name server
--------------------------------------------------------------------------------
Update Information:

- Update to 3.5.1
--------------------------------------------------------------------------------
ChangeLog:

* Fri May  3 2013 Morten Stevens <mstevens@xxxxxxxxxxxxxxx> - 3.5.1-1
- Update to 3.5.1
--------------------------------------------------------------------------------


================================================================================
 pgbouncer-1.5.4-1.fc18 (FEDORA-2013-7433)
 Lightweight connection pooler for PostgreSQL
--------------------------------------------------------------------------------
Update Information:

- Update to 1.5.4, per changes described at:
  http://pgfoundry.org/frs/shownotes.php?release_id=2000

--------------------------------------------------------------------------------
ChangeLog:

* Fri May  3 2013 Devrim GÜNDÜZ <devrim@xxxxxxxxxx> - 1.5.4-1
- Update to 1.5.4, per changes described at:
  http://pgfoundry.org/frs/shownotes.php?release_id=2000
--------------------------------------------------------------------------------


================================================================================
 sip-4.14.6-1.fc18 (FEDORA-2013-6830)
 SIP - Python/C++ Bindings Generator
--------------------------------------------------------------------------------
Update Information:

New sip/PyQt4 releases, see also:
http://www.riverbankcomputing.com/news/sip-4146
http://www.riverbankcomputing.com/news/pyqt-4101
--------------------------------------------------------------------------------
ChangeLog:

* Sun Apr 21 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 4.14.6-1
- sip-4.14.6
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #923233 - [abrt] ninja-ide-2.1.1-4.fc18: highlighter.py:326:realtime_highlight:AttributeError: 'QTextBlockUserData' object has no attribute 'clear_data'
        https://bugzilla.redhat.com/show_bug.cgi?id=923233
  [ 2 ] Bug #957260 - PyQt4: %{python_sitelib}/dbus/mainloop/qt.so should be in %python_sitearch
        https://bugzilla.redhat.com/show_bug.cgi?id=957260
--------------------------------------------------------------------------------


================================================================================
 xen-4.2.2-3.fc18 (FEDORA-2013-7426)
 Xen is a virtual machine monitor
--------------------------------------------------------------------------------
Update Information:

PV guests can use non-preemptible long latency operations to mount a
denial of service attack on the whole system [XSA-45, CVE-2013-1918],
malicious guests can inject interrupts through bridge devices to mount a
denial of service attack on the whole system [XSA-49, CVE-2013-1952]
--------------------------------------------------------------------------------
ChangeLog:

* Thu May  2 2013 Michael Young <m.a.young@xxxxxxxxxxxx> - 4.2.2-3
- PV guests can use non-preemptible long latency operations to
  mount a denial of service attack on the whole system
  [XSA-45, CVE-2013-1918] (#958918)
- malicious guests can inject interrupts through bridge devices to
  mount a denial of service attack on the whole system
  [XSA-49, CVE-2013-1952] (#958919)
* Fri Apr 26 2013 Michael Young <m.a.young@xxxxxxxxxxxx> - 4.2.2-2
- fix further man page issues to allow building on F19 and F20
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #956163 - CVE-2013-1918 kernel: xen: Several long latency operations are not preemptible
        https://bugzilla.redhat.com/show_bug.cgi?id=956163
  [ 2 ] Bug #956309 - CVE-2013-1952 kernel: xen: VT-d interrupt remapping source validation flaw for bridges
        https://bugzilla.redhat.com/show_bug.cgi?id=956309
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test





[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux