Fedora 17 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 17 Security updates need testing:
 Age  URL
 327  https://admin.fedoraproject.org/updates/FEDORA-2012-10269/revelation-0.4.14-1.fc17
 139  https://admin.fedoraproject.org/updates/FEDORA-2013-0455/fedora-business-cards-1-0.1.beta1.fc17
  68  https://admin.fedoraproject.org/updates/FEDORA-2013-4174/glibc-2.15-59.fc17
  67  https://admin.fedoraproject.org/updates/FEDORA-2013-4234/stunnel-4.55-1.fc17
  66  https://admin.fedoraproject.org/updates/FEDORA-2013-4296/tomcat6-6.0.36-1.fc17
  62  https://admin.fedoraproject.org/updates/FEDORA-2013-4501/libxslt-1.1.28-1.fc17
  59  https://admin.fedoraproject.org/updates/FEDORA-2013-4581/libuser-0.57.6-2.fc17
  47  https://admin.fedoraproject.org/updates/FEDORA-2013-5349/389-ds-base-1.2.11.21-1.fc17
  40  https://admin.fedoraproject.org/updates/FEDORA-2013-5967/xorg-x11-server-1.12.4-7.fc17
  27  https://admin.fedoraproject.org/updates/FEDORA-2013-7144/xmp-3.4.0-11.fc17
  12  https://admin.fedoraproject.org/updates/FEDORA-2013-8284/thunderbird-17.0.6-1.fc17
  11  https://admin.fedoraproject.org/updates/FEDORA-2013-8411/ruby-1.9.3.429-30.fc17
   6  https://admin.fedoraproject.org/updates/FEDORA-2013-8786/spnavcfg-0.2.1-5.fc17
   6  https://admin.fedoraproject.org/updates/FEDORA-2013-8789/pmount-0.9.23-4.fc17
   5  https://admin.fedoraproject.org/updates/FEDORA-2013-8953/openjpeg-1.4-15.fc17
   3  https://admin.fedoraproject.org/updates/FEDORA-2013-9170/slock-1.1-3.fc17
   3  https://admin.fedoraproject.org/updates/FEDORA-2013-9116/transifex-client-0.9-1.fc17
   3  https://admin.fedoraproject.org/updates/FEDORA-2013-9111/livecd-tools-17.17-1.fc17
   3  https://admin.fedoraproject.org/updates/FEDORA-2013-9138/xorg-x11-drv-openchrome-0.3.3-1.fc17
   2  https://admin.fedoraproject.org/updates/FEDORA-2013-9258/pki-tps-9.0.11-1.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-9518/mod_security-2.7.3-2.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-9505/socat-1.7.2.2-1.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-9522/cgit-0.9.2-1.fc17


The following Fedora 17 Critical Path updates have yet to be approved:
 Age URL
 279  https://admin.fedoraproject.org/updates/FEDORA-2012-12509/PackageKit-0.7.6-1.fc17
 108  https://admin.fedoraproject.org/updates/FEDORA-2013-2163/policycoreutils-2.1.13-27.3.fc17
  87  https://admin.fedoraproject.org/updates/FEDORA-2013-3304/libvpx-1.2.0-1.fc17
  12  https://admin.fedoraproject.org/updates/FEDORA-2013-8311/evolution-data-server-3.4.4-5.fc17
  12  https://admin.fedoraproject.org/updates/FEDORA-2013-8284/thunderbird-17.0.6-1.fc17
   9  https://admin.fedoraproject.org/updates/FEDORA-2013-8581/clutter-1.10.8-2.fc17
   6  https://admin.fedoraproject.org/updates/FEDORA-2013-8807/fedora-bookmarks-15-2.fc17
   5  https://admin.fedoraproject.org/updates/FEDORA-2013-8916/kwebkitpart-1.3.2-2.fc17,qtwebkit-2.3.1-1.fc17
   3  https://admin.fedoraproject.org/updates/FEDORA-2013-9123/kernel-3.9.4-100.fc17
   3  https://admin.fedoraproject.org/updates/FEDORA-2013-9111/livecd-tools-17.17-1.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-9510/notification-daemon-0.7.6-2.fc17


The following builds have been pushed to Fedora 17 updates-testing

    babeld-1.3.7-1.fc17
    bacula-5.2.13-11.fc17
    cgit-0.9.2-1.fc17
    im-chooser-1.5.2.2-2.fc17
    libmspack-0.4-0.1.alpha.fc17
    libstoragemgmt-0.0.20-1.fc17
    mariadb-5.5.31-1.fc17
    mod_security-2.7.3-2.fc17
    notification-daemon-0.7.6-2.fc17
    qgit-2.5-1.fc17
    qodem-0.3.2-5.fc17
    socat-1.7.2.2-1.fc17
    sugar-fototoon-15-2.fc17

Details about builds:


================================================================================
 babeld-1.3.7-1.fc17 (FEDORA-2013-9513)
 Ad-hoc network routing daemon
--------------------------------------------------------------------------------
Update Information:

* Fix a bug that would cause the channel list to remain stuck at its initial value when running with -z3.

--------------------------------------------------------------------------------
ChangeLog:

* Tue May 28 2013 Jon Ciesla <limburgher@xxxxxxxxx> - 1.3.7-1
- 1.3.7.
--------------------------------------------------------------------------------


================================================================================
 bacula-5.2.13-11.fc17 (FEDORA-2013-9515)
 Cross platform network backup for Linux, Unix, Mac and Windows
--------------------------------------------------------------------------------
Update Information:

Remove non free code from Bacula
--------------------------------------------------------------------------------
ChangeLog:

* Tue May 28 2013 Petr Hracek <phracek@xxxxxxxxxx> - 5.2.13-11
- Fix for nonfree code (#967417)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #967417 - bacula included non-free code
        https://bugzilla.redhat.com/show_bug.cgi?id=967417
--------------------------------------------------------------------------------


================================================================================
 cgit-0.9.2-1.fc17 (FEDORA-2013-9522)
 A fast web interface for git
--------------------------------------------------------------------------------
Update Information:

A directory traversal vulnerability was discovered in cgit.  By default, cgit is not affected.  However, if cgit is configured to use a readme file from a filesystem path instead of from the git repo itself then files outside of the repository can be read.

Refer to the discussion on oss-security for further details:

http://www.openwall.com/lists/oss-security/2013/05/25/3
--------------------------------------------------------------------------------
ChangeLog:

* Mon May 27 2013 Todd Zullinger <tmz@xxxxxxxxx> - 0.9.2-1
- Update to 0.9.2, fixes CVE-2013-2117
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.9.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Wed Nov 21 2012 Kevin Fenzi <kevin@xxxxxxxxx> 0.9.1-3
- Fixed ldflags. Fixes bug 878611
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #967346 - CVE-2013-2117 cgit: directory traversal
        https://bugzilla.redhat.com/show_bug.cgi?id=967346
--------------------------------------------------------------------------------


================================================================================
 im-chooser-1.5.2.2-2.fc17 (FEDORA-2013-9487)
 Desktop Input Method configuration tool
--------------------------------------------------------------------------------
Update Information:

Fix a crash issue

--------------------------------------------------------------------------------
ChangeLog:

* Tue May 28 2013 Akira TAGOH <tagoh@xxxxxxxxxx> - 1.5.2.2-2
- Fix a crash issue. (#859624)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #859624 - [abrt] im-chooser-1.5.2.2-1.fc17: Process /usr/bin/im-chooser was killed by signal 11 (SIGSEGV)
        https://bugzilla.redhat.com/show_bug.cgi?id=859624
--------------------------------------------------------------------------------


================================================================================
 libmspack-0.4-0.1.alpha.fc17 (FEDORA-2013-9516)
 Library for CAB and related files compression and decompression
--------------------------------------------------------------------------------
Update Information:

update to version 0.4
- add support for decompressing a new file format, the Exchange Offline Address Book (OAB)
--------------------------------------------------------------------------------
ChangeLog:

* Tue May 28 2013 Dan Horák <dan[at]danny.cz> - 0.4-0.1.alpha
- updated to 0.4alpha
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.3-0.4.alpha
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.3-0.3.alpha
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 libstoragemgmt-0.0.20-1.fc17 (FEDORA-2013-9502)
 Storage array management library
--------------------------------------------------------------------------------
Update Information:

New upstream release.
Upstream update.
Upstream update.
--------------------------------------------------------------------------------
ChangeLog:

* Tue May 28 2013 Tony Asleson <tasleson@xxxxxxxxxx> - 0.0.20-1
- New upstream release
- Separate package for python libraries
- Make timestamps match on version.py in library
- Add python-paramiko requirement for IBM plug-in
* Mon Apr 22 2013 Tony Asleson <tasleson@xxxxxxxxxx> - 0.0.19-1
- New upstream release
--------------------------------------------------------------------------------


================================================================================
 mariadb-5.5.31-1.fc17 (FEDORA-2013-9511)
 A community developed branch of MySQL
--------------------------------------------------------------------------------
Update Information:

This is an update to the new upstream release 5.5.31, which fixes issues described at https://kb.askmonty.org/en/mariadb-5531-changelog/.

Since this update, MariaDB will use /var/tmp as temporary directory and conflicting mytop utility was removed.
--------------------------------------------------------------------------------
ChangeLog:

* Fri May 24 2013 Honza Horak <hhorak@xxxxxxxxxx> 5.5.31-1
- Rebase to 5.5.31
  https://kb.askmonty.org/en/mariadb-5531-changelog/
- Preserve time-stamps in case of installed files
- Use /var/tmp instead of /tmp, since the later is using tmpfs,
  which can cause problems
  Resolves: #962087
- Fix test suite requirements
* Sun May  5 2013 Honza Horak <hhorak@xxxxxxxxxx> 5.5.30-2
- Remove mytop utility, which is packaged separately
- Resolve multilib conflicts in mysql/private/config.h
* Fri Mar 22 2013 Honza Horak <hhorak@xxxxxxxxxx> 5.5.30-1
- Rebase to 5.5.30
  https://kb.askmonty.org/en/mariadb-5530-changelog/
* Wed Mar 13 2013 Honza Horak <hhorak@xxxxxxxxxx> 5.5.29-9
- Let mariadb-embedded-devel conflict with MySQL-embedded-devel
- Adjust mariadb-sortbuffer.patch to correspond with upstream patch
* Mon Mar  4 2013 Honza Horak <hhorak@xxxxxxxxxx> 5.5.29-8
- Mask expected warnings about setrlimit in test suite
* Thu Feb 28 2013 Honza Horak <hhorak@xxxxxxxxxx> 5.5.29-7
- Use configured prefix value instead of guessing basedir
  in mysql_config
Resolves: #916189
- Export dynamic columns and non-blocking API functions documented
  by upstream
* Wed Feb 27 2013 Honza Horak <hhorak@xxxxxxxxxx> 5.5.29-6
- Fix sort_buffer_length option type
* Wed Feb 13 2013 Honza Horak <hhorak@xxxxxxxxxx> 5.5.29-5
- Suppress warnings in tests and skip tests also on ppc64p7
--------------------------------------------------------------------------------


================================================================================
 mod_security-2.7.3-2.fc17 (FEDORA-2013-9518)
 Security module for the Apache HTTP Server
--------------------------------------------------------------------------------
Update Information:

Fix NULL pointer dereference (DoS, crash) (CVE-2013-2765) and a possible memory leak.
--------------------------------------------------------------------------------
ChangeLog:

* Tue May 28 2013 Athmane Madjoudj <athmane@xxxxxxxxxxxxxxxxx> 2.7.3-2
- Fix NULL pointer dereference (DoS, crash) (CVE-2013-2765) (RHBZ #967615)
- Fix a possible memory leak.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #967615 - mod_security: NULL pointer dereference (DoS, crash) when forceRequestBodyVariable action triggered and unknown Content-Type was used
        https://bugzilla.redhat.com/show_bug.cgi?id=967615
--------------------------------------------------------------------------------


================================================================================
 notification-daemon-0.7.6-2.fc17 (FEDORA-2013-9510)
 Desktop Notification Daemon
--------------------------------------------------------------------------------
Update Information:

NEW in 0.7.6:
==============
- Fix a wrong loop condition
- Translation updates (Marathi)
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.7.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Tue Sep  4 2012 Richard Hughes <hughsient@xxxxxxxxx> - 0.7.6-1
- Update to 0.7.6
* Fri Jul 27 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.7.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Thu Jun  7 2012 Richard Hughes <hughsient@xxxxxxxxx> - 0.7.5-1
- Update to 0.7.5
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #829269 - Notification daemon ignore timeout settings in notify-send
        https://bugzilla.redhat.com/show_bug.cgi?id=829269
--------------------------------------------------------------------------------


================================================================================
 qgit-2.5-1.fc17 (FEDORA-2013-9512)
 GUI browser for git repositories
--------------------------------------------------------------------------------
Update Information:

update to new upstream version 2.5
- Chris OBryan fixed the sorting of the tree-view with non-latin locales
- Tim Blechmann contributed a better support for dark GUI color schemes
- the annoying bug of off-sync line numbers in the annotation file view is now gone
--------------------------------------------------------------------------------
ChangeLog:

* Mon May 27 2013 Dan Horák <dan[at]danny.cz> - 2.5-1
- update to 2.5
* Fri Feb 22 2013 Toshio Kuratomi <toshio@xxxxxxxxxxxxxxxxx> - 2.4-6
- iremove --vendor from desktop-file-install https://fedorahosted.org/fesco/ticket/1077
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.4-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 qodem-0.3.2-5.fc17 (FEDORA-2013-9496)
 Terminal emulator and communications package
--------------------------------------------------------------------------------
Update Information:

Add autoreconf to permit building for aarch64.
--------------------------------------------------------------------------------
ChangeLog:

* Sun May 26 2013 Richard Shaw <hobbes1069@xxxxxxxxx> - 0.3.2-5
- Add autoreconf to permit building for aarch64.
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.3.2-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.3.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #926412 - qodem: Does not support aarch64 in f19 and rawhide
        https://bugzilla.redhat.com/show_bug.cgi?id=926412
--------------------------------------------------------------------------------


================================================================================
 socat-1.7.2.2-1.fc17 (FEDORA-2013-9505)
 Bidirectional data relay between two data channels ('netcat++')
--------------------------------------------------------------------------------
Update Information:

Fix for CVE-2013-3571: Denial of service due to file descriptor leak
--------------------------------------------------------------------------------
ChangeLog:

* Mon May 27 2013 Paul Wouters <pwouters@xxxxxxxxxx> - 1.7.2.2-1
- Updated to 1.7.2.2 for CVE-2013-3571, rhbz#967539
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #967345 - CVE-2013-3571 socat: Denial of service due to file descriptor leak
        https://bugzilla.redhat.com/show_bug.cgi?id=967345
--------------------------------------------------------------------------------


================================================================================
 sugar-fototoon-15-2.fc17 (FEDORA-2013-9517)
 An activity used to create cartoons
--------------------------------------------------------------------------------
Update Information:

Version 15 release
--------------------------------------------------------------------------------
ChangeLog:

* Mon May 27 2013 Kalpa Welivitigoda <callkalpa@xxxxxxxxx> - 15-2
- rectified the error of uploading the source with a different extension
* Mon May 27 2013 Kalpa Welivitigoda <callkalpa@xxxxxxxxx> - 15-1
- Release version 15
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test





[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux