The following Fedora 17 Security updates need testing: Age URL 330 https://admin.fedoraproject.org/updates/FEDORA-2012-10269/revelation-0.4.14-1.fc17 142 https://admin.fedoraproject.org/updates/FEDORA-2013-0455/fedora-business-cards-1-0.1.beta1.fc17 71 https://admin.fedoraproject.org/updates/FEDORA-2013-4174/glibc-2.15-59.fc17 70 https://admin.fedoraproject.org/updates/FEDORA-2013-4234/stunnel-4.55-1.fc17 69 https://admin.fedoraproject.org/updates/FEDORA-2013-4296/tomcat6-6.0.36-1.fc17 65 https://admin.fedoraproject.org/updates/FEDORA-2013-4501/libxslt-1.1.28-1.fc17 62 https://admin.fedoraproject.org/updates/FEDORA-2013-4581/libuser-0.57.6-2.fc17 50 https://admin.fedoraproject.org/updates/FEDORA-2013-5349/389-ds-base-1.2.11.21-1.fc17 43 https://admin.fedoraproject.org/updates/FEDORA-2013-5967/xorg-x11-server-1.12.4-7.fc17 15 https://admin.fedoraproject.org/updates/FEDORA-2013-8284/thunderbird-17.0.6-1.fc17 8 https://admin.fedoraproject.org/updates/FEDORA-2013-8953/openjpeg-1.4-15.fc17 6 https://admin.fedoraproject.org/updates/FEDORA-2013-9170/slock-1.1-3.fc17 6 https://admin.fedoraproject.org/updates/FEDORA-2013-9116/transifex-client-0.9-1.fc17 6 https://admin.fedoraproject.org/updates/FEDORA-2013-9111/livecd-tools-17.17-1.fc17 6 https://admin.fedoraproject.org/updates/FEDORA-2013-9138/xorg-x11-drv-openchrome-0.3.3-1.fc17 5 https://admin.fedoraproject.org/updates/FEDORA-2013-9258/pki-tps-9.0.11-1.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2013-9518/mod_security-2.7.3-2.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2013-9505/socat-1.7.2.2-1.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2013-9522/cgit-0.9.2-1.fc17 1 https://admin.fedoraproject.org/updates/FEDORA-2013-9622/mediawiki-1.19.7-1.fc17 1 https://admin.fedoraproject.org/updates/FEDORA-2013-9628/bzr-2.5.1-11.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-9771/rubygem-passenger-3.0.21-1.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-9774/mingw-gnutls-2.12.23-2.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-9799/gnutls-2.12.23-2.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-9798/LibRaw-0.14.8-2.fc17 The following Fedora 17 Critical Path updates have yet to be approved: Age URL 282 https://admin.fedoraproject.org/updates/FEDORA-2012-12509/PackageKit-0.7.6-1.fc17 90 https://admin.fedoraproject.org/updates/FEDORA-2013-3304/libvpx-1.2.0-1.fc17 12 https://admin.fedoraproject.org/updates/FEDORA-2013-8581/clutter-1.10.8-2.fc17 8 https://admin.fedoraproject.org/updates/FEDORA-2013-8916/kwebkitpart-1.3.2-2.fc17,qtwebkit-2.3.1-1.fc17 6 https://admin.fedoraproject.org/updates/FEDORA-2013-9111/livecd-tools-17.17-1.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2013-9510/notification-daemon-0.7.6-2.fc17 1 https://admin.fedoraproject.org/updates/FEDORA-2013-9641/polkit-0.104-7.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-9799/gnutls-2.12.23-2.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-9705/perl-threads-1.87-1.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-9123/kernel-3.9.4-100.fc17 The following builds have been pushed to Fedora 17 updates-testing LibRaw-0.14.8-2.fc17 cabal-rpm-0.8.0-1.fc17 csslint-0.9.10-1.fc17 gnutls-2.12.23-2.fc17 ibus-kkc-1.5.13-1.fc17 kernel-3.9.4-100.fc17 libindicator-12.10.1-1.fc17 libkkc-0.2.3-1.fc17 mingw-gnutls-2.12.23-2.fc17 oxygen-gtk2-1.3.4-1.fc17 oxygen-gtk3-1.1.4-1.fc17 rubygem-passenger-3.0.21-1.fc17 shinken-1.4-1.fc17 sugar-ruler-31-1.fc17 Details about builds: ================================================================================ LibRaw-0.14.8-2.fc17 (FEDORA-2013-9798) Library for reading RAW files obtained from digital photo cameras -------------------------------------------------------------------------------- Update Information: Fix for CVE-2013-2126, double-free flaw when handling damaged full-color in Foveon and sRAW files. Latest upstream, corrects gcc 4.8 issues. -------------------------------------------------------------------------------- ChangeLog: * Wed May 29 2013 Jon Ciesla <limburgher@xxxxxxxxx> - 0.14.8-2 - Patch for double free, CVE-2013-2126, BZ 968387. * Wed May 29 2013 Jon Ciesla <limburgher@xxxxxxxxx> - 0.14.8-1 - Latest upstream, fixes gcc 4.8 issues. * Thu Apr 11 2013 Jon Ciesla <limburgher@xxxxxxxxx> - 0.14.7-4 - Revert prior patch. * Thu Apr 11 2013 Jon Ciesla <limburgher@xxxxxxxxx> - 0.14.7-3 - Patch for segfault, BZ 948628. * Wed Feb 13 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.14.7-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Mon Nov 26 2012 Jon Ciesla <limburgher@xxxxxxxxx> - 0.14.7-1 - New upstream 0.14.7 * Wed Jul 18 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.14.6-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sat Jun 2 2012 Siddhesh Poyarekar <siddhesh.poyarekar@xxxxxxxxx> - 0.14.6-2 - Use lcms2. * Sat Jun 2 2012 Siddhesh Poyarekar <siddhesh.poyarekar@xxxxxxxxx> - 0.14.6-1 - New upstream 0.14.6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #968387 - LibRaw various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=968387 -------------------------------------------------------------------------------- ================================================================================ cabal-rpm-0.8.0-1.fc17 (FEDORA-2013-9770) RPM package creator for Haskell Cabal-based packages -------------------------------------------------------------------------------- Update Information: Version 0.8.0 follows the new updated Fedora Haskell Packaging Guidelines -------------------------------------------------------------------------------- ChangeLog: * Fri May 31 2013 Jens Petersen <petersen@xxxxxxxxxx> - 0.8.0-1 - use simplified Fedora Haskell Packaging macros approved by Fedora Packaging Committee (https://fedorahosted.org/fpc/ticket/194) * Wed Apr 3 2013 Jens Petersen <petersen@xxxxxxxxxx> - 0.7.1-2 - better require cabal-install -------------------------------------------------------------------------------- ================================================================================ csslint-0.9.10-1.fc17 (FEDORA-2013-9786) Detecting potential problems in CSS code -------------------------------------------------------------------------------- Update Information: Upstream 0.9.10. -------------------------------------------------------------------------------- ChangeLog: * Fri May 31 2013 Guillaume Kulakowski <guillaume DOT kulakowski AT fedoraproject DOT org> - 0.9.10-1 - Upstream 0.9.10 * Wed Feb 13 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.9.8-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Wed Jul 18 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.9.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ gnutls-2.12.23-2.fc17 (FEDORA-2013-9799) A TLS protocol implementation -------------------------------------------------------------------------------- Update Information: Important security update - possible DoS of both client and server. -------------------------------------------------------------------------------- ChangeLog: * Fri May 31 2013 Tomas Mraz <tmraz@xxxxxxxxxx> 2.12.23-2 - fix CVE-2013-2116 - regression from the TLS-CBC timing attack fix (#966754) -------------------------------------------------------------------------------- References: [ 1 ] Bug #966754 - CVE-2013-2116 gnutls: out of bounds read in _gnutls_ciphertext2compressed (GNUTLS-SA-2013-2) https://bugzilla.redhat.com/show_bug.cgi?id=966754 -------------------------------------------------------------------------------- ================================================================================ ibus-kkc-1.5.13-1.fc17 (FEDORA-2013-9777) Japanese Kana Kanji input method for ibus -------------------------------------------------------------------------------- Update Information: new upstream release -------------------------------------------------------------------------------- ChangeLog: * Wed May 15 2013 Daiki Ueno <dueno@xxxxxxxxxx> - 1.5.13-1 - new upstream release * Thu May 9 2013 Daiki Ueno <dueno@xxxxxxxxxx> - 1.5.12-1 - new upstream release * Thu May 2 2013 Daiki Ueno <dueno@xxxxxxxxxx> - 1.5.11-2 - specify IBus version when configure * Wed May 1 2013 Daiki Ueno <dueno@xxxxxxxxxx> - 1.5.11-1 - new upstream release -------------------------------------------------------------------------------- ================================================================================ kernel-3.9.4-100.fc17 (FEDORA-2013-9123) The Linux kernel -------------------------------------------------------------------------------- Update Information: Rebase to 3.9.4 now that 3.8 is no longer maintained. -------------------------------------------------------------------------------- ChangeLog: * Fri May 24 2013 Justin M. Forbes <jforbes@xxxxxxxxxx> - 3.9.4-100 - Linux v3.9.4 * Fri May 24 2013 Josh Boyer <jwboyer@xxxxxxxxxx> - Add patch to quiet irq remapping failures (rhbz 948262) * Thu May 23 2013 Josh Boyer <jwboyer@xxxxxxxxxx> - Fix oops from incorrect rfkill set in hp-wmi (rhbz 964367) * Wed May 22 2013 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> - Update ARM configs for 3.9 * Wed May 22 2013 Justin M. Forbes <jforbes@xxxxxxxxxx> - Initial 3.9.3 rebase - Don't remove headers explicitly exported via UAPI (rhbz 959467) - Fix config-local usage (rhbz 950841) * Wed May 22 2013 Josh Boyer <jwboyer@xxxxxxxxxx> - Fix memcmp error in iwlwifi -------------------------------------------------------------------------------- ================================================================================ libindicator-12.10.1-1.fc17 (FEDORA-2013-9778) Shared functions for Ayatana indicators -------------------------------------------------------------------------------- Update Information: Update to 12.10.1. -------------------------------------------------------------------------------- ChangeLog: * Thu May 30 2013 Eduardo Echeverria <echevemaster@xxxxxxxxx> - 12.10.1-1 - Update to 12.10.1 - Add GTK2 support * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.4.94-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Thu Jul 19 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.4.94-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ libkkc-0.2.3-1.fc17 (FEDORA-2013-9777) Japanese Kana Kanji conversion library -------------------------------------------------------------------------------- Update Information: new upstream release -------------------------------------------------------------------------------- ChangeLog: * Wed May 15 2013 Daiki Ueno <dueno@xxxxxxxxxx> - 0.2.3-1 - new upstream release * Wed May 8 2013 Daiki Ueno <dueno@xxxxxxxxxx> - 0.2.2-1 - new upstream release * Wed May 1 2013 Daiki Ueno <dueno@xxxxxxxxxx> - 0.2.1-1 - new upstream release * Wed May 1 2013 Daiki Ueno <dueno@xxxxxxxxxx> - 0.2.0-2 - synch with the latest upstream git master * Tue Apr 30 2013 Daiki Ueno <dueno@xxxxxxxxxx> - 0.2.0-1 - new upstream release -------------------------------------------------------------------------------- ================================================================================ mingw-gnutls-2.12.23-2.fc17 (FEDORA-2013-9774) MinGW GnuTLS TLS/SSL encryption library -------------------------------------------------------------------------------- Update Information: Fix for CVE-2013-2116. -------------------------------------------------------------------------------- ChangeLog: * Thu May 30 2013 Michael Cronenworth <mike@xxxxxxxxxx> - 2.12.23-2 - Fix CVE-2013-2116 -------------------------------------------------------------------------------- References: [ 1 ] Bug #966754 - CVE-2013-2116 gnutls: out of bounds read in _gnutls_ciphertext2compressed (GNUTLS-SA-2013-2) https://bugzilla.redhat.com/show_bug.cgi?id=966754 -------------------------------------------------------------------------------- ================================================================================ oxygen-gtk2-1.3.4-1.fc17 (FEDORA-2013-9781) Oxygen GTK+2 theme -------------------------------------------------------------------------------- Update Information: oxygen-gtk2 1.3.4, oxygen-gtk3 1.1.4 Fixes include: - a crash due to the use of g_spawn_command_line_sync for some versions of gtk - better detection of empty areas for window grabbing https://projects.kde.org/news/222 -------------------------------------------------------------------------------- ChangeLog: * Fri May 31 2013 Alexey Kurov <nucleo@xxxxxxxxxxxxxxxxx> - 1.3.4-1 - oxygen-gtk2-1.3.4 * Mon Apr 22 2013 Alexey Kurov <nucleo@xxxxxxxxxxxxxxxxx> - 1.3.3-1 - oxygen-gtk2-1.3.3 -------------------------------------------------------------------------------- ================================================================================ oxygen-gtk3-1.1.4-1.fc17 (FEDORA-2013-9781) Oxygen GTK+3 theme -------------------------------------------------------------------------------- Update Information: oxygen-gtk2 1.3.4, oxygen-gtk3 1.1.4 Fixes include: - a crash due to the use of g_spawn_command_line_sync for some versions of gtk - better detection of empty areas for window grabbing https://projects.kde.org/news/222 -------------------------------------------------------------------------------- ChangeLog: * Fri May 31 2013 Alexey Kurov <nucleo@xxxxxxxxxxxxxxxxx> - 1:1.1.4-1 - oxygen-gtk3-1.1.4 * Mon Apr 22 2013 Alexey Kurov <nucleo@xxxxxxxxxxxxxxxxx> - 1:1.1.3-1 - oxygen-gtk3-1.1.3 -------------------------------------------------------------------------------- ================================================================================ rubygem-passenger-3.0.21-1.fc17 (FEDORA-2013-9771) Passenger Ruby web application server -------------------------------------------------------------------------------- Update Information: Update to version 3.0.21 - Fix for CVE-2013-2119 -------------------------------------------------------------------------------- ChangeLog: * Thu May 30 2013 Troy Dawson <tdawson@xxxxxxxxxx> - 3.0.21-1 - Update to version 3.0.21 - Fix for CVE-2013-2119 * Thu May 16 2013 Troy Dawson <tdawson@xxxxxxxxxx> - 3.0.19-4 - Fix to make agents work on F19+ * Wed Mar 13 2013 Troy Dawson <tdawson@xxxxxxxxxx> - 3.0.19-3 - Fix to make it build/install on F19+ - Added patch105 * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.0.19-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Sun Jan 20 2013 Orion Poplawski <orion@xxxxxxxxxxxxx> - 3.0.19-1 - Update to 3.0.19 * Wed Sep 19 2012 Orion Poplawski <orion@xxxxxxxxxxxxx> - 3.0.17-3 - Drop dependency on rubygem(file-tail), no longer needed -------------------------------------------------------------------------------- References: [ 1 ] Bug #968930 - CVE-2013-2119 rubygem-passenger: incorrect temporary file usage [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=968930 -------------------------------------------------------------------------------- ================================================================================ shinken-1.4-1.fc17 (FEDORA-2013-9779) Python Monitoring tool -------------------------------------------------------------------------------- Update Information: update version 1.4 -------------------------------------------------------------------------------- ChangeLog: * Mon May 27 2013 David Hannequin <david.hannequin@xxxxxxxxx> - 1.4-1 - Update from upstream. -------------------------------------------------------------------------------- ================================================================================ sugar-ruler-31-1.fc17 (FEDORA-2013-9775) Simple collection of measurement tools -------------------------------------------------------------------------------- Update Information: Version 31 release -------------------------------------------------------------------------------- ChangeLog: * Fri May 31 2013 Kalpa Welivitigoda <callkalpa@xxxxxxxxx> - 31-1 - Release 31 * Sun May 26 2013 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> 29 - Release 29 * Fri Feb 15 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 27-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Sun Jan 13 2013 Kalpa Welivitigoda <callkalpa@xxxxxxxxx> - 27-1 - new upstream 27 release * Tue Jan 8 2013 Kalpa Welivitigoda <callkalpa@xxxxxxxxx> - 25-1 - new upstream 25 release * Sat Dec 29 2012 Kalpa Welivitigoda <callkalpa@xxxxxxxxx> - 24-1 - new upstream 24 release * Fri Nov 2 2012 Kalpa Welivitigoda <callkalpa@xxxxxxxxx> - 23-2 - changed to require: sugar >= 0.97.6 * Tue Oct 30 2012 Kalpa Welivitigoda <callkalpa@xxxxxxxxx> - 23-1 - new upstream 23 release * Sat Oct 27 2012 Kalpa Welivitigoda <callkalpa@xxxxxxxxx> - 21-1 - new upstream 21 release - gtk3 port * Sat Jul 21 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 19-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
