The following Fedora 18 Security updates need testing: Age URL 147 https://admin.fedoraproject.org/updates/FEDORA-2013-0416/fedora-business-cards-1-0.1.beta1.fc18 80 https://admin.fedoraproject.org/updates/FEDORA-2013-3935/puppet-3.1.1-1.fc18 74 https://admin.fedoraproject.org/updates/FEDORA-2013-4243/stunnel-4.55-1.fc18 65 https://admin.fedoraproject.org/updates/FEDORA-2013-4589/tomcat6-6.0.36-2.fc18 60 https://admin.fedoraproject.org/updates/FEDORA-2013-4823/microcode_ctl-2.0-3.fc18 45 https://admin.fedoraproject.org/updates/FEDORA-2013-6117/eucalyptus-3.2.2-1.fc18 18 https://admin.fedoraproject.org/updates/FEDORA-2013-8385/owncloud-4.5.11-1.fc18 18 https://admin.fedoraproject.org/updates/FEDORA-2013-8381/varnish-3.0.3-5.fc18 10 https://admin.fedoraproject.org/updates/FEDORA-2013-9156/libxcb-1.9-3.fc18 10 https://admin.fedoraproject.org/updates/FEDORA-2013-9147/libXfixes-5.0-6.20130524gitc480fe327.fc18 10 https://admin.fedoraproject.org/updates/FEDORA-2013-9146/libXt-1.1.3-4.20130524git1f4802b74.fc18 10 https://admin.fedoraproject.org/updates/FEDORA-2013-9177/libXxf86dga-1.1.3-5.20130524gita8dc6be32.fc18 10 https://admin.fedoraproject.org/updates/FEDORA-2013-9188/libXv-1.0.7-5.20130524git50fc4cb18.fc18 10 https://admin.fedoraproject.org/updates/FEDORA-2013-9155/libXtst-1.2.1-6.20130524gite7e04b7be.fc18 6 https://admin.fedoraproject.org/updates/FEDORA-2013-9498/cgit-0.9.2-1.fc18 6 https://admin.fedoraproject.org/updates/FEDORA-2013-9504/socat-1.7.2.2-1.fc18 6 https://admin.fedoraproject.org/updates/FEDORA-2013-9519/mod_security-2.7.3-2.fc18 5 https://admin.fedoraproject.org/updates/FEDORA-2013-9616/mediawiki-1.19.7-1.fc18 5 https://admin.fedoraproject.org/updates/FEDORA-2013-9620/bzr-2.5.1-11.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-9708/heat-jeos-9-1.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-9707/livecd-tools-18.16-2.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-9789/rubygem-passenger-3.0.21-1.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-9783/mingw-gnutls-2.12.23-2.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-9773/LibRaw-0.14.8-2.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-9792/gnutls-2.12.23-2.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-9794/telepathy-gabble-0.16.6-1.fc18 2 https://admin.fedoraproject.org/updates/FEDORA-2013-9848/nrpe-2.14-3.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-9950/perl-Dancer-1.3100-3.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-9962/subversion-1.7.10-1.fc18 The following Fedora 18 Critical Path updates have yet to be approved: Age URL 115 https://admin.fedoraproject.org/updates/FEDORA-2013-2192/nautilus-3.6.3-5.fc18 10 https://admin.fedoraproject.org/updates/FEDORA-2013-9156/libxcb-1.9-3.fc18 6 https://admin.fedoraproject.org/updates/FEDORA-2013-9490/unzip-6.0-9.fc18 5 https://admin.fedoraproject.org/updates/FEDORA-2013-9637/redhat-rpm-config-9.1.0-37.1.fc18 5 https://admin.fedoraproject.org/updates/FEDORA-2013-9590/polkit-0.107-5.fc18 5 https://admin.fedoraproject.org/updates/FEDORA-2013-9635/cogl-1.12.2-2.fc18 5 https://admin.fedoraproject.org/updates/FEDORA-2013-9634/ntfs-3g-2013.1.13-5.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-9710/xorg-x11-drv-qxl-0.1.0-2.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-9681/perl-threads-1.87-1.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-9707/livecd-tools-18.16-2.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-9683/gstreamer1-plugins-base-1.0.7-2.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-9792/gnutls-2.12.23-2.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-9693/audit-2.3.1-2.fc18 2 https://admin.fedoraproject.org/updates/FEDORA-2013-9851/ModemManager-0.6.2.0-1.fc18 The following builds have been pushed to Fedora 18 updates-testing brasero-3.6.1-2.fc18 compiz-0.8.8-23.fc18 debconf-1.5.49-2.fc18 dpkg-1.16.10-4.fc18 flac123-0.0.12-1.fc18 freeipa-3.1.5-1.fc18 ganglia-3.6.0-1.fc18 globus-core-8.9-6.fc18 globus-proxy-utils-5.0-6.fc18 globus-simple-ca-3.2-3.fc18 gsbase-2.0.1-1.fc18 ibus-typing-booster-0.0.32-1.fc18 josql-2.2-1.fc18 konkretcmpi-0.9.0-5.fc18 libdbusmenu-12.10.2-3.fc18 libxdiff-1.0-1.fc18 nodejs-ain2-1.2.1-4.fc18 nodejs-esprima-1.0.3-2.fc18 nodejs-jscoverage-0.3.7-4.fc18 openid4java-0.9.8-1.fc18 openlmi-providers-0.0.25-1.fc18 openvpn-2.3.2-1.fc18 perl-Dancer-1.3100-3.fc18 php-horde-Horde-Data-2.0.4-1.fc18 php-horde-Horde-Date-2.0.6-1.fc18 php-horde-Horde-Imap-Client-2.11.2-1.fc18 php-horde-Horde-Mime-2.2.0-1.fc18 php-horde-Horde-Nls-2.0.3-1.fc18 php-horde-Horde-Text-Filter-2.1.3-1.fc18 postgresql-plparrot-0.05-4.fc18 python-d2to1-0.2.10-1.fc18 python-requests-kerberos-0.3-1.fc18 rasdaemon-0.4.1-3.fc18 repsnapper-2.2.0-0.2.a4.fc18 subversion-1.7.10-1.fc18 Details about builds: ================================================================================ brasero-3.6.1-2.fc18 (FEDORA-2013-9955) Gnome CD/DVD burning application -------------------------------------------------------------------------------- Update Information: This update addresses a compatibility issue with a renamed GStreamer1 plugin. -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 3 2013 Kalev Lember <kalevlember@xxxxxxxxx> - 3.6.1-2 - Backport a patch for renamed mpegaudioparse plugin in gstreamer1 (#883983) -------------------------------------------------------------------------------- References: [ 1 ] Bug #883983 - Brasero won't accept MP3's https://bugzilla.redhat.com/show_bug.cgi?id=883983 -------------------------------------------------------------------------------- ================================================================================ compiz-0.8.8-23.fc18 (FEDORA-2013-9954) OpenGL window and compositing manager -------------------------------------------------------------------------------- Update Information: 1:0.8.8-23 - fix windows-decorator scripts and desktop files 1:0.8.8-22 - add patch to speed up start - remove --sm-disable --ignore-desktop-hints from start scipts - fix build for aarch64 - add xfce subpackage again with start script and desktop file - move matecompat plugin to main package - add requires hicolor-icon-theme - add scripts and desktop files for switch the windows-decorator to - mate subpackage - remove useless compiz_new_add-cursor-theme-support.patch - complete removal of gconf - clean up patches - rename patches and add more descriptions to spec file - remove unnecessary desktop-file-validate checks - update icon-cache scriptlets -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 3 2013 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1:0.8.8-23 - fix windows-decorator scripts and desktop files * Sun May 26 2013 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1:0.8.8-22 - add patch to speed up start - remove --sm-disable --ignore-desktop-hints from start scipts - fix build for aarch64 - add xfce subpackage again with start script and desktop file - move matecompat plugin to main package - add requires hicolor-icon-theme - add scripts and desktop files for switch the windows-decorator to - mate subpackage - remove useless compiz_new_add-cursor-theme-support.patch - complete removal of gconf - clean up patches - rename patches and add more descriptions to spec file - remove unnecessary desktop-file-validate checks - update icon-cache scriptlets -------------------------------------------------------------------------------- ================================================================================ debconf-1.5.49-2.fc18 (FEDORA-2013-9937) Debian configuration management system -------------------------------------------------------------------------------- Update Information: Sync all branches with git master. -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 3 2013 Sérgio Basto <sergio@xxxxxxxxxx> - 1.5.49-2 - Source rpms will have last 2 commits, which document better our patches. * Wed Apr 3 2013 Oron Peled <oron@xxxxxxxxxxxx> - 1.5.49-1 - Bump to version used by Debian/wheezy - Fix 'find ... -perm' in Makefile to modern format. The deprecated format (+100) caused problems with find version >= 4.5.11 - Split 'make install' as is done in debian/rules for consistency * Wed Feb 13 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.5.42-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #591332 - Review Request: debconf - Debian configuration management system https://bugzilla.redhat.com/show_bug.cgi?id=591332 -------------------------------------------------------------------------------- ================================================================================ dpkg-1.16.10-4.fc18 (FEDORA-2013-9942) Package maintenance system for Debian Linux -------------------------------------------------------------------------------- Update Information: Provided virtual -static package rhbz #967215. -------------------------------------------------------------------------------- ChangeLog: * Sun Jun 2 2013 Sérgio Basto <sergio@xxxxxxxxxx> - 1.16.10-4 - provided virtual -static package rhbz #967215 * Tue May 21 2013 Sérgio Basto <sergio@xxxxxxxxxx> - 1.16.10-3 - Copied from dpkg-1.16.10/debian/dpkg.postinst, on post install, runs create_database, create_logfile. - Based on dpkg.install and dselect.install created some missing directories in /var/lib/dpkg and in /etc/dpkg . - Drop Requirement dpkg of dpkg-perl. - Fix a FIXME , all perls moved to dpkg-perl. - TODO: set logrotates, see debian/dpkg.logrotate. * Fri May 17 2013 Sérgio Basto <sergio@xxxxxxxxxx> - 1.16.10-2 - apply fix by Oron Peled bug #648384, adds dpkg-perl as noarch * Thu May 16 2013 Sérgio Basto <sergio@xxxxxxxxxx> - 1.16.10-1 - Add BR perl-podlators for pod2man in F19 development or just BR perl - Add some other importants BR: doxygen flex xz-devel po4a dotconf-devel - Fix packages names which are debianized, so packages will be: dpkg-perl and dpkg-dev (and dpkg-devel for headers of dpkg). - Some clean ups. - dpkg-perl must be arched. * Sat May 4 2013 Oron Peled <oron@xxxxxxxxxxxx> - Bump version to Debian/wheezy - Call autoreconf: make sure we don't reuse Debian packaged stuff (config.guess, etc.) - CVE patches not needed -- is already fixed upstream - Removed dpkg-change-libdir.patch: - Patching Makefile.in is wrong (can patch Makefile.am with autoreconf) - Less patch churn for non-critical paths - Accept /usr/lib/dpkg/parsechangelog - Accept /usr/lib/dpkg/methods * Wed Feb 13 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.15.5.6-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #967215 - dpkg : does not adhere to Static Library Packaging Guidelines https://bugzilla.redhat.com/show_bug.cgi?id=967215 -------------------------------------------------------------------------------- ================================================================================ flac123-0.0.12-1.fc18 (FEDORA-2013-9958) Command-line program for playing FLAC audio files -------------------------------------------------------------------------------- Update Information: * update to 0.0.12 * Extended remote spec with V(OLUME) command -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 7 2013 Charles R. Anderson <cra@xxxxxxx> - 0.0.12-1 - update to 0.0.12 - use correct Sourceforge source URL - update description * Wed Feb 13 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.0.11-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ freeipa-3.1.5-1.fc18 (FEDORA-2013-9944) The Identity, Policy and Audit system -------------------------------------------------------------------------------- Update Information: Update to upstream 3.1.5. -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 3 2013 Martin Kosek <mkosek@xxxxxxxxxx> - 3.1.5-1 - Update to upstream 3.1.5 -------------------------------------------------------------------------------- References: [ 1 ] Bug #970024 - Inconsistent replies from FreeIPA to Netlogon ping queries https://bugzilla.redhat.com/show_bug.cgi?id=970024 -------------------------------------------------------------------------------- ================================================================================ ganglia-3.6.0-1.fc18 (FEDORA-2013-9930) Distributed Monitoring System -------------------------------------------------------------------------------- Update Information: Update to latest upstream release ganglia 3.6.0. Update also includes ganglia web 3.5.8. -------------------------------------------------------------------------------- ChangeLog: * Sun Jun 2 2013 Terje Rosten <terje.rosten@xxxxxxx> - 3.6.0-1 - Update to ganglia 3.6.0 and ganglia-web 3.5.8 * Thu May 9 2013 Terje Rosten <terje.rosten@xxxxxxx> - 3.5.0-4 - Hardened build in FC > 18. -------------------------------------------------------------------------------- References: [ 1 ] Bug #919305 - ganglia: please update to 3.6.0 https://bugzilla.redhat.com/show_bug.cgi?id=919305 -------------------------------------------------------------------------------- ================================================================================ globus-core-8.9-6.fc18 (FEDORA-2013-9949) Globus Toolkit - Globus Core -------------------------------------------------------------------------------- Update Information: Increase default proxy size to 1024 bits. -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 3 2013 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 8.9-6 - Add --force-missing to automake call in bootstrap * Sat May 25 2013 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 8.9-5 - Running latex 5 times is sometimes not enough * Tue May 21 2013 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 8.9-4 - Add aarch64 to the list of 64 bit platforms - Fix build configuration for aarch64 and x32 - Don't use AM_CONFIG_HEADER (automake 1.13) * Wed Feb 13 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 8.9-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ globus-proxy-utils-5.0-6.fc18 (FEDORA-2013-9949) Globus Toolkit - Globus GSI Proxy Utility Programs -------------------------------------------------------------------------------- Update Information: Increase default proxy size to 1024 bits. -------------------------------------------------------------------------------- ChangeLog: * Tue May 21 2013 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 5.0-6 - Add aarch64 to the list of 64 bit platforms - Use 1024 bits as default for generated proxies * Wed Feb 13 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 5.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ globus-simple-ca-3.2-3.fc18 (FEDORA-2013-9949) Globus Toolkit - Simple CA Utility -------------------------------------------------------------------------------- Update Information: Increase default proxy size to 1024 bits. -------------------------------------------------------------------------------- ChangeLog: * Thu May 23 2013 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 3.2-3 - Don't use \t in echo * Wed Feb 13 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ gsbase-2.0.1-1.fc18 (FEDORA-2013-9940) A collection of java utility classes -------------------------------------------------------------------------------- Update Information: Initial import (#821283). -------------------------------------------------------------------------------- References: [ 1 ] Bug #821283 - Review Request: gsbase - A collection of java utility classes https://bugzilla.redhat.com/show_bug.cgi?id=821283 -------------------------------------------------------------------------------- ================================================================================ ibus-typing-booster-0.0.32-1.fc18 (FEDORA-2013-9959) A typing booster engine for the IBus platform -------------------------------------------------------------------------------- Update Information: Rewrite the code for moving and editing within the preëdit Typing characters which are not explicitly listed as “valid_input_chars” in .conf files in ibus-typing-booster get inserted in a weird position Do not use lang_chars for matching in the hunspell dictionaries, return immediately if input contains a “/” -------------------------------------------------------------------------------- ChangeLog: * Sun Jun 2 2013 Mike FABIAN <mfabian@xxxxxxxxxx> - 0.0.32-1 - Update to 0.0.32 upstream version - Resolves: rhbz#969847 - Editing in the preëdit of ibus-typing-booster behaves weird, especially with transliteration - Fix behaviour of Control+Number - When committing by typing TAB, update frequency data in user database - When committing by tying RETURN or ENTER, update frequency data in user database - Do not try to match very long words in the hunspell dictionaries - Rewrite the code for moving and editing within the preëdit (rhbz#969847) - Fix encoding error when changing values with the setup tool - Add ko_KR.conf and ko_KR.svg - Use normalization forms NFD or NFKD internally and NFC externally - Remove old way of using libtranslit via ctypes - Get rid of “freq” column in databases - Remove too simpleminded auto-capitalization * Wed May 29 2013 Mike FABIAN <mfabian@xxxxxxxxxx> - 0.0.31-1 - Update to 0.0.31 upstream version - Resolves: rhbz#968209 - Typing characters which are not explicitly listed as “valid_input_chars” in .conf files in ibus-typing-booster get inserted in a weird position - Remove lots of unused and/or useless code - Simplify some code - Fix the problem that after “page down” the first “arrow down” does not move down in the lookup table - Never use “-” or “=” as page up and page down keys - Print more useful debug output when an exception happens - Replace unencodable characters when asking pyhunspell for suggestions - Get dictionary encoding from .aff file - Get rid of the the variable “valid_input_chars” (rhbz#968209) - Remove option “valid_input_chars” from .conf files and template.txt - Replace keysym2unichr(key.code) with IBus.keyval_to_unicode(key.code) * Sun May 26 2013 Mike FABIAN <mfabian@xxxxxxxxxx> - 0.0.30-1 - Update to 0.0.30 upstream version - simplify database structure and code - The Swedish hunspell dictionary is in UTF-8, not ISO-8859-1 - SQL LIKE should behave case sensitively - Do not throw away the input phrase in hunspell_suggest.suggest() - Merge candidates which have the same resulting phrase in select_words() - Remove phrases always from the user database when typing Alt+Number - Sync memory user database “mudb” to disk user database “user_db” on focus out - Delete all records from mudb after syncing to user_db - Do not prevent phrases of length < 4 to be added to the frequency database - Resolves: #966947 - When typing a/ with the da_DK ibus-typing-booster, one gets weird matches like a/ACJSTVW - Do not use lang_chars for matching in the hunspell dictionaries, return immediately if input contains a “/” (Resolves: #966947) - Remove lang_chars variable - Use re.escape() to escape the string typed by the user correctly for use in a regular expression - When removing a phrase with Alt+Number, remove it independent of the input_phrase -------------------------------------------------------------------------------- References: [ 1 ] Bug #969847 - Editing in the preëdit of ibus-typing-booster behaves weird, especially with transliteration https://bugzilla.redhat.com/show_bug.cgi?id=969847 [ 2 ] Bug #968209 - Typing characters which are not explicitly listed as “valid_input_chars” in .conf files in ibus-typing-booster get inserted in a weird position https://bugzilla.redhat.com/show_bug.cgi?id=968209 [ 3 ] Bug #966947 - When typing a/ with the da_DK ibus-typing-booster, one gets weird matches like a/ACJSTVW https://bugzilla.redhat.com/show_bug.cgi?id=966947 -------------------------------------------------------------------------------- ================================================================================ josql-2.2-1.fc18 (FEDORA-2013-9936) Library to apply SQL-like syntax to Java objects -------------------------------------------------------------------------------- Update Information: Initial import (#822832). -------------------------------------------------------------------------------- References: [ 1 ] Bug #822832 - Review Request: josql - Library to apply SQL-like syntax to Java objects https://bugzilla.redhat.com/show_bug.cgi?id=822832 -------------------------------------------------------------------------------- ================================================================================ konkretcmpi-0.9.0-5.fc18 (FEDORA-2013-9935) Tool for rapid CMPI providers development -------------------------------------------------------------------------------- Update Information: Fixed: Bug 969494: RFE: support varlist in KReturn2 BUg 952684: Generated code for indication provider has bad return values -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 3 2013 Radek Novacek <rnovacek@xxxxxxxxxx> 0.9.0-5 - Support varlist in KReturn2 - Resolves: rhbz#969494 * Thu May 9 2013 Radek Novacek <rnovacek@xxxxxxxxxx> 0.9.0-4 - Fix return type for generated indication functions -------------------------------------------------------------------------------- References: [ 1 ] Bug #969494 - RFE: support varlist in KReturn2 https://bugzilla.redhat.com/show_bug.cgi?id=969494 [ 2 ] Bug #952684 - Generated code for indication provider has bad return values. https://bugzilla.redhat.com/show_bug.cgi?id=952684 -------------------------------------------------------------------------------- ================================================================================ libdbusmenu-12.10.2-3.fc18 (FEDORA-2013-9939) A library that pulling out some code out of indicator-applet -------------------------------------------------------------------------------- Update Information: Fix BR valgrind-devel in selected archs. libdbusmenu 12.10.2 version. -------------------------------------------------------------------------------- References: [ 1 ] Bug #962029 - Review Request: libdbusmenu - A library that pulling out some code out of indicator-applet https://bugzilla.redhat.com/show_bug.cgi?id=962029 -------------------------------------------------------------------------------- ================================================================================ libxdiff-1.0-1.fc18 (FEDORA-2013-9948) Basic functionality to create difference/patches in binary and text -------------------------------------------------------------------------------- Update Information: New package: libxdiff - Basic functionality to create difference/patches in binary and text -------------------------------------------------------------------------------- References: [ 1 ] Bug #969111 - Review Request: libxdiff - Basic functionality to create difference/patches in binary and text https://bugzilla.redhat.com/show_bug.cgi?id=969111 -------------------------------------------------------------------------------- ================================================================================ nodejs-ain2-1.2.1-4.fc18 (FEDORA-2013-9957) A Node.js module for syslog logging (and a continuation of ain) -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #911023 - Review Request: nodejs-ain2 - A Node.js module for syslog logging (and a continuation of ain) https://bugzilla.redhat.com/show_bug.cgi?id=911023 -------------------------------------------------------------------------------- ================================================================================ nodejs-esprima-1.0.3-2.fc18 (FEDORA-2013-9951) ECMAScript parsing infrastructure for multipurpose analysis -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #968599 - Review Request: nodejs-esprima - ECMAScript parsing infrastructure for multipurpose analysis https://bugzilla.redhat.com/show_bug.cgi?id=968599 -------------------------------------------------------------------------------- ================================================================================ nodejs-jscoverage-0.3.7-4.fc18 (FEDORA-2013-9963) A JavaScript coverage tool for Node.js and browser development -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #910159 - Review Request: nodejs-jscoverage - A JavaScript coverage tool for Node.js and browser development https://bugzilla.redhat.com/show_bug.cgi?id=910159 -------------------------------------------------------------------------------- ================================================================================ openid4java-0.9.8-1.fc18 (FEDORA-2013-9934) This library allows you to OpenID-enable your Java web-app -------------------------------------------------------------------------------- Update Information: Initial import (#882476). -------------------------------------------------------------------------------- References: [ 1 ] Bug #882476 - Review Request: openid4java - This library allows you to OpenID-enable your Java webapp https://bugzilla.redhat.com/show_bug.cgi?id=882476 -------------------------------------------------------------------------------- ================================================================================ openlmi-providers-0.0.25-1.fc18 (FEDORA-2013-9956) Set of basic CIM providers -------------------------------------------------------------------------------- Update Information: Update to release 0.0.25 -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 3 2013 Roman Rakus <rrakus@xxxxxxxxxx> - 0.0.25-1 - Version 0.0.25 * Tue May 21 2013 Radek Novacek <rnovacek@xxxxxxxxxx> 0.0.23-1 - Version 0.0.23 - Remove unused libexec files from services provider * Fri May 17 2013 Jan Safranek <jsafrane@xxxxxxxxxx> 0.0.22-3 - Remove duplicate definition of LMI_ConcreteJob * Fri May 17 2013 Radek Novacek <rnovacek@xxxxxxxxxx> 0.0.22-2 - Add registration of 05_LMI_Qualifiers.mof * Fri May 10 2013 Jan Safranek <jsafrane@xxxxxxxxxx> 0.0.22-1 - Version 0.0.22 * Thu May 9 2013 Radek Novacek <rnovacek@xxxxxxxxxx> 0.0.21-3 - Fix wrong condition when registering provider * Tue May 7 2013 Michal Minar <miminar@xxxxxxxxxx> 0.0.21-2 - Software indication filters get (un)installed in pre/post scripts. * Fri May 3 2013 Radek Novacek <rnovacek@xxxxxxxxxx> 0.0.21-1 - Version 0.0.21 - Added openlmi-realmd subpackage - Add numeral prefix for the mof files - Add FindOpenLMI.cmake and openlmi.pc to the -devel subpackage * Fri Mar 22 2013 Michal Minar <miminar@xxxxxxxxxx> 0.0.20-1 - Version 0.0.20 - Added shared LMI_Jobs.mof file. - This file is registered upon installation of openlmi-providers. -------------------------------------------------------------------------------- ================================================================================ openvpn-2.3.2-1.fc18 (FEDORA-2013-9952) A full-featured SSL VPN solution -------------------------------------------------------------------------------- Update Information: 2013.05.31 -- Version 2.3.2 Only print script warnings when a script is used. Remove stray mention of script-security system. Move settings of user script into set_user_script function Move checking of script file access into set_user_script Provide more accurate warning message Fix NULL-pointer crash in route_list_add_vpn_gateway(). Fix problem with UDP tunneling due to mishandled pktinfo structures. Always push basic set of peer info values to server. make 'explicit-exit-notify' pullable again Fix proto tcp6 for server & non-P2MP modes Fix Windows script execution when called from script hooks Fixed tls-cipher translation bug in openssl-build Fixed usage of stale define USE_SSL to ENABLE_SSL Fix segfault when enabling pf plug-ins Properly enable PKCS11. -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 3 2013 Jon Ciesla <limburgher@xxxxxxxxx> 2.3.2-1 - 2.3.2, BZ 970089. * Thu May 16 2013 Jon Ciesla <limburgher@xxxxxxxxx> 2.3.1-4 - chmod -x .service, BZ 963914. * Thu May 16 2013 Jon Ciesla <limburgher@xxxxxxxxx> 2.3.1-3 - Enable --enable-pkcs11, BZ 963868. -------------------------------------------------------------------------------- References: [ 1 ] Bug #970089 - openvpn-2.3.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=970089 [ 2 ] Bug #969503 - PKCS11 disabled on purpose? https://bugzilla.redhat.com/show_bug.cgi?id=969503 -------------------------------------------------------------------------------- ================================================================================ perl-Dancer-1.3100-3.fc18 (FEDORA-2013-9950) Lightweight yet powerful web application framework -------------------------------------------------------------------------------- Update Information: This release fixes CR-LF injection into Cookie HTTP header (CVE-2012-5572). -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 3 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 1.3100-3 - Fix CVE-2012-5572 (cookie name CR-LF injection) (bug #880330) -------------------------------------------------------------------------------- References: [ 1 ] Bug #880329 - CVE-2012-5572 perl-Dancer: Newline injection due to improper CRLF escaping in cookie() and cookies() methods https://bugzilla.redhat.com/show_bug.cgi?id=880329 -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Data-2.0.4-1.fc18 (FEDORA-2013-9938) Horde Data API -------------------------------------------------------------------------------- Update Information: Horde_NLS 2.0.3: * [jan] Update Ukrainian translation (Andriy Kopystyansky). * [jan] Update Basque translation (Ibon Igartua). Horde_Date 2.0.6: * [jan] Don't use /e modifier with preg_replace() calls (Remi Collet). Horde_Text_Filter 2.1.3: * [mms] Yet more sanity checking in the Text2html filter to workaround incorrect charset information. Horde_Mime 2.2.0: * [mms] Add "no_body" parameter to Horde_Mime_Part#parseMessage(). Horde_Imap_Client 2.11.2: * [mms] Fix regression in Socket driver when moving messages without UIDPLUS. Horde_Imap_Client 2.11.1: * [mms] Fix caching MIME structure data in POP3 driver. * [mms] Enhanced parsing of POP3 data from the remote server. Horde_Imap_Client 2.11.0: * [mms] Workaround broken IMAP servers and prevent infinite loops (Bug #12265). * [mms] Add support for the DOWNGRADED IMAP response code (RFC 6858). Horde_Data 2.0.4: * [jan] Update Ukrainian translation (Andriy Kopystyansky). * [jan] Update Basque translation (Ibon Igartua). -------------------------------------------------------------------------------- ChangeLog: * Fri May 31 2013 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.0.4-1 - Update to 2.0.4 - switch from Conflicts to Requires - modernize %check -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Date-2.0.6-1.fc18 (FEDORA-2013-9938) Horde Date package -------------------------------------------------------------------------------- Update Information: Horde_NLS 2.0.3: * [jan] Update Ukrainian translation (Andriy Kopystyansky). * [jan] Update Basque translation (Ibon Igartua). Horde_Date 2.0.6: * [jan] Don't use /e modifier with preg_replace() calls (Remi Collet). Horde_Text_Filter 2.1.3: * [mms] Yet more sanity checking in the Text2html filter to workaround incorrect charset information. Horde_Mime 2.2.0: * [mms] Add "no_body" parameter to Horde_Mime_Part#parseMessage(). Horde_Imap_Client 2.11.2: * [mms] Fix regression in Socket driver when moving messages without UIDPLUS. Horde_Imap_Client 2.11.1: * [mms] Fix caching MIME structure data in POP3 driver. * [mms] Enhanced parsing of POP3 data from the remote server. Horde_Imap_Client 2.11.0: * [mms] Workaround broken IMAP servers and prevent infinite loops (Bug #12265). * [mms] Add support for the DOWNGRADED IMAP response code (RFC 6858). Horde_Data 2.0.4: * [jan] Update Ukrainian translation (Andriy Kopystyansky). * [jan] Update Basque translation (Ibon Igartua). -------------------------------------------------------------------------------- ChangeLog: * Fri May 31 2013 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.0.6-1 - Update to 2.0.6 - switch from Conflicts >= max to Requires < max -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Imap-Client-2.11.2-1.fc18 (FEDORA-2013-9938) Horde IMAP abstraction interface -------------------------------------------------------------------------------- Update Information: Horde_NLS 2.0.3: * [jan] Update Ukrainian translation (Andriy Kopystyansky). * [jan] Update Basque translation (Ibon Igartua). Horde_Date 2.0.6: * [jan] Don't use /e modifier with preg_replace() calls (Remi Collet). Horde_Text_Filter 2.1.3: * [mms] Yet more sanity checking in the Text2html filter to workaround incorrect charset information. Horde_Mime 2.2.0: * [mms] Add "no_body" parameter to Horde_Mime_Part#parseMessage(). Horde_Imap_Client 2.11.2: * [mms] Fix regression in Socket driver when moving messages without UIDPLUS. Horde_Imap_Client 2.11.1: * [mms] Fix caching MIME structure data in POP3 driver. * [mms] Enhanced parsing of POP3 data from the remote server. Horde_Imap_Client 2.11.0: * [mms] Workaround broken IMAP servers and prevent infinite loops (Bug #12265). * [mms] Add support for the DOWNGRADED IMAP response code (RFC 6858). Horde_Data 2.0.4: * [jan] Update Ukrainian translation (Andriy Kopystyansky). * [jan] Update Basque translation (Ibon Igartua). -------------------------------------------------------------------------------- ChangeLog: * Fri May 31 2013 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.11.2-1 - Update to 2.11.2 - add mising requires on Horde_Translation -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Mime-2.2.0-1.fc18 (FEDORA-2013-9938) Horde MIME Library -------------------------------------------------------------------------------- Update Information: Horde_NLS 2.0.3: * [jan] Update Ukrainian translation (Andriy Kopystyansky). * [jan] Update Basque translation (Ibon Igartua). Horde_Date 2.0.6: * [jan] Don't use /e modifier with preg_replace() calls (Remi Collet). Horde_Text_Filter 2.1.3: * [mms] Yet more sanity checking in the Text2html filter to workaround incorrect charset information. Horde_Mime 2.2.0: * [mms] Add "no_body" parameter to Horde_Mime_Part#parseMessage(). Horde_Imap_Client 2.11.2: * [mms] Fix regression in Socket driver when moving messages without UIDPLUS. Horde_Imap_Client 2.11.1: * [mms] Fix caching MIME structure data in POP3 driver. * [mms] Enhanced parsing of POP3 data from the remote server. Horde_Imap_Client 2.11.0: * [mms] Workaround broken IMAP servers and prevent infinite loops (Bug #12265). * [mms] Add support for the DOWNGRADED IMAP response code (RFC 6858). Horde_Data 2.0.4: * [jan] Update Ukrainian translation (Andriy Kopystyansky). * [jan] Update Basque translation (Ibon Igartua). -------------------------------------------------------------------------------- ChangeLog: * Fri May 31 2013 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.2.0-1 - Update to 2.2.0 - switch from Conflicts >= max to Requires < max -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Nls-2.0.3-1.fc18 (FEDORA-2013-9938) Native Language Support (NLS) -------------------------------------------------------------------------------- Update Information: Horde_NLS 2.0.3: * [jan] Update Ukrainian translation (Andriy Kopystyansky). * [jan] Update Basque translation (Ibon Igartua). Horde_Date 2.0.6: * [jan] Don't use /e modifier with preg_replace() calls (Remi Collet). Horde_Text_Filter 2.1.3: * [mms] Yet more sanity checking in the Text2html filter to workaround incorrect charset information. Horde_Mime 2.2.0: * [mms] Add "no_body" parameter to Horde_Mime_Part#parseMessage(). Horde_Imap_Client 2.11.2: * [mms] Fix regression in Socket driver when moving messages without UIDPLUS. Horde_Imap_Client 2.11.1: * [mms] Fix caching MIME structure data in POP3 driver. * [mms] Enhanced parsing of POP3 data from the remote server. Horde_Imap_Client 2.11.0: * [mms] Workaround broken IMAP servers and prevent infinite loops (Bug #12265). * [mms] Add support for the DOWNGRADED IMAP response code (RFC 6858). Horde_Data 2.0.4: * [jan] Update Ukrainian translation (Andriy Kopystyansky). * [jan] Update Basque translation (Ibon Igartua). -------------------------------------------------------------------------------- ChangeLog: * Fri May 31 2013 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.0.3-1 - Update to 2.0.3 - spec cleanups - fix License -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Text-Filter-2.1.3-1.fc18 (FEDORA-2013-9938) Horde Text Filter API -------------------------------------------------------------------------------- Update Information: Horde_NLS 2.0.3: * [jan] Update Ukrainian translation (Andriy Kopystyansky). * [jan] Update Basque translation (Ibon Igartua). Horde_Date 2.0.6: * [jan] Don't use /e modifier with preg_replace() calls (Remi Collet). Horde_Text_Filter 2.1.3: * [mms] Yet more sanity checking in the Text2html filter to workaround incorrect charset information. Horde_Mime 2.2.0: * [mms] Add "no_body" parameter to Horde_Mime_Part#parseMessage(). Horde_Imap_Client 2.11.2: * [mms] Fix regression in Socket driver when moving messages without UIDPLUS. Horde_Imap_Client 2.11.1: * [mms] Fix caching MIME structure data in POP3 driver. * [mms] Enhanced parsing of POP3 data from the remote server. Horde_Imap_Client 2.11.0: * [mms] Workaround broken IMAP servers and prevent infinite loops (Bug #12265). * [mms] Add support for the DOWNGRADED IMAP response code (RFC 6858). Horde_Data 2.0.4: * [jan] Update Ukrainian translation (Andriy Kopystyansky). * [jan] Update Basque translation (Ibon Igartua). -------------------------------------------------------------------------------- ChangeLog: * Fri May 31 2013 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.1.3-1 - Update to 2.1.3 -------------------------------------------------------------------------------- ================================================================================ postgresql-plparrot-0.05-4.fc18 (FEDORA-2013-9953) A PostgreSQL procedural language for the Parrot virtual machine -------------------------------------------------------------------------------- Update Information: rebuild with parrot-5.2.0 -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 3 2013 Gerd Pokorra <gp@xxxxxxxxxxxxxxxxxx> - 0.05-4 - rebuild with new parrot -------------------------------------------------------------------------------- ================================================================================ python-d2to1-0.2.10-1.fc18 (FEDORA-2013-9960) Allows using distutils2-like setup.cfg files with setup.py -------------------------------------------------------------------------------- Update Information: See https://pypi.python.org/pypi/d2to1/0.2.10#changes for changes -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 25 2013 Sergio Pascual <sergiopr@xxxxxxxxxxxxxxxxx> - 0.2.10-1 - New upstream source * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.7-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ python-requests-kerberos-0.3-1.fc18 (FEDORA-2013-9964) A Kerberos authentication handler for python-requests -------------------------------------------------------------------------------- Update Information: Requests is an HTTP library, written in Python, for human beings. This library adds optional Kerberos/GSSAPI authentication support and supports mutual authentication. -------------------------------------------------------------------------------- References: [ 1 ] Bug #962612 - Review Request: python-requests-kerberos - A Kerberos authentication handler for python-requests https://bugzilla.redhat.com/show_bug.cgi?id=962612 -------------------------------------------------------------------------------- ================================================================================ rasdaemon-0.4.1-3.fc18 (FEDORA-2013-9941) Utility to receive RAS error tracings -------------------------------------------------------------------------------- Update Information: ARM has EDMA drivers (currently supported in Calxeda highbank) with basic RAS, minor spec cleanups Add support to collect MCE and PCIe AER traces. Allow storing data on a sqlite3 database. Add a package to allow capturing RAS (Reliability, Availability and Serviceability) events containing Hardware errors and potencial problems and send the relevant data to journald. Add a package to allow capturing RAS (Reliability, Availability and Serviceability) events containing Hardware errors and potencial problems and send the relevant data to journald. Add support to collect MCE and PCIe AER traces. Allow storing data on a sqlite3 database. Add a package to allow capturing RAS (Reliability, Availability and Serviceability) events containing Hardware errors and potencial problems and send the relevant data to journald. Add a package to allow capturing RAS (Reliability, Availability and Serviceability) events containing Hardware errors and potencial problems and send the relevant data to journald. -------------------------------------------------------------------------------- References: [ 1 ] Bug #965344 - Review Request: rasdaemon - Daemon to collect RAS error tracing events from the Kernel drivers https://bugzilla.redhat.com/show_bug.cgi?id=965344 -------------------------------------------------------------------------------- ================================================================================ repsnapper-2.2.0-0.2.a4.fc18 (FEDORA-2013-9947) RepRap control software -------------------------------------------------------------------------------- Update Information: New upstream tag release, fixing wierd font issue on GNOME -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 3 2013 Miro Hrončok <mhroncok@xxxxxxxxxx> - 2.2.0-0.2.a2 - Tag 2.2.0a4 - Fixed the font bug (#969624) -------------------------------------------------------------------------------- References: [ 1 ] Bug #969624 - [abrt] repsnapper-2.2.0-0.1.a2.fc18: gobj: Process /usr/bin/repsnapper was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=969624 -------------------------------------------------------------------------------- ================================================================================ subversion-1.7.10-1.fc18 (FEDORA-2013-9962) A Modern Concurrent Version Control System -------------------------------------------------------------------------------- Update Information: This update includes the latest release of Subversion, fixing several security issues: If a filename which contains a newline character (ASCII 0x0a) is committed to a repository using the FSFS format, the resulting revision is corrupt. This can lead to disruption for users of the repository. (CVE-2013-1968) Subversion's contrib/ directory contains two example hook scripts, which use 'svnlook changed' to examine a revision or transaction and then pass those paths as arguments to further 'svnlook' commands, without properly escaping the command-line. (CVE-2013-2088) Subversion's svnserve server process may exit when an incoming TCP connection is closed early in the connection process. This can lead to disruption for users of the server. (CVE-2013-2112) The following client-side bugs are fixed in this release: * fix 'svn revert' "no such table: revert_list" spurious error * fix 'svn diff' doesn't show some locally added files * fix changelist filtering when --changelist values aren't UTF8 * fix 'svn diff --git' shows wrong copyfrom * fix 'svn diff -x-w' shows wrong changes * fix 'svn blame' sometimes shows every line as modified * fix regression in 'svn status -u' output for externals * fix file permissions change on commit of file with keywords * improve some fatal error messages * fix externals not removed when working copy is made shallow The following server-side bugs are fixed in this release: * fix repository corruption due to newline in filename * fix svnserve exiting when a client connection is aborted * fix svnserve memory use after clear -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 3 2013 Joe Orton <jorton@xxxxxxxxxx> - 1.7.10-1 - update to 1.7.10 (#970014) - fix aarch64 build issues (Dennis Gilmore, #926578) * Tue Apr 9 2013 Joe Orton <jorton@xxxxxxxxxx> - 1.7.9-1 - update to 1.7.9 (#948813) -------------------------------------------------------------------------------- References: [ 1 ] Bug #970014 - CVE-2013-1968 subversion (FSFS format): Filenames with newline character can lead to revision corruption https://bugzilla.redhat.com/show_bug.cgi?id=970014 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
