The following Fedora 17 Security updates need testing: Age URL 345 https://admin.fedoraproject.org/updates/FEDORA-2012-10269/revelation-0.4.14-1.fc17 157 https://admin.fedoraproject.org/updates/FEDORA-2013-0455/fedora-business-cards-1-0.1.beta1.fc17 85 https://admin.fedoraproject.org/updates/FEDORA-2013-4234/stunnel-4.55-1.fc17 80 https://admin.fedoraproject.org/updates/FEDORA-2013-4501/libxslt-1.1.28-1.fc17 77 https://admin.fedoraproject.org/updates/FEDORA-2013-4581/libuser-0.57.6-2.fc17 23 https://admin.fedoraproject.org/updates/FEDORA-2013-8953/openjpeg-1.4-15.fc17 10 https://admin.fedoraproject.org/updates/FEDORA-2013-10128/ssmtp-2.61-20.fc17 10 https://admin.fedoraproject.org/updates/FEDORA-2013-10121/subversion-1.7.10-1.fc17 9 https://admin.fedoraproject.org/updates/FEDORA-2013-10233/php-5.4.16-1.fc17 7 https://admin.fedoraproject.org/updates/FEDORA-2013-10415/perl-Module-Signature-0.73-1.fc17 2 https://admin.fedoraproject.org/updates/FEDORA-2013-10830/fail2ban-0.8.10-1.fc17 2 https://admin.fedoraproject.org/updates/FEDORA-2013-9123/kernel-3.9.5-101.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-10929/xen-4.1.5-6.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-10940/tomcat6-6.0.37-1.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-10980/clamav-0.97.8-2.fc17 The following Fedora 17 Critical Path updates have yet to be approved: Age URL 297 https://admin.fedoraproject.org/updates/FEDORA-2012-12509/PackageKit-0.7.6-1.fc17 105 https://admin.fedoraproject.org/updates/FEDORA-2013-3304/libvpx-1.2.0-1.fc17 10 https://admin.fedoraproject.org/updates/FEDORA-2013-10172/gnome-bluetooth-3.4.2-2.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2013-10602/dnsmasq-2.65-6.fc17 The following builds have been pushed to Fedora 17 updates-testing cabal-rpm-0.8.1-1.fc17 clamav-0.97.8-2.fc17 drupal7-features-2.0-0.4.rc1.fc17 easy-rsa-2.2.0-2.fc17 golang-1.1.1-1.fc17 guacamole-0.8.1-1.fc17 hotot-0.9.9-6.20130614gited2ff01.fc17 ibus-typing-booster-1.0.1-1.fc17 ibus-typing-booster-1.0.2-1.fc17 jemalloc-3.4.0-1.fc17 libguac-client-ssh-0.8.0-2.fc17 mlpack-1.0.6-1.fc17 nomacs-1.2.0-1.fc17 nordugrid-arc-3.0.2-1.fc17 nordugrid-arc-doc-1.3.2-1.fc17 perl-Net-Twitter-4.00006-1.fc17 perl-qpid-0.22-1.fc17 php-xcache-3.0.2-1.fc17 pidgin-sipe-1.16.0-1.fc17 python-cliapp-1.20130613-1.fc17 python-martian-0.14-1.fc17 qpid-cpp-0.22-1.fc17 scotch-6.0.0-1.fc17 tomcat6-6.0.37-1.fc17 xen-4.1.5-6.fc17 Details about builds: ================================================================================ cabal-rpm-0.8.1-1.fc17 (FEDORA-2013-10960) RPM package creator for Haskell Cabal-based packages -------------------------------------------------------------------------------- Update Information: - follow new updated Fedora Haskell Packaging Guidelines - no longer truncate long summary - word wrapping of descriptions - use generic description for shared subpackage -------------------------------------------------------------------------------- ChangeLog: * Fri Jun 14 2013 Jens Petersen <petersen@xxxxxxxxxx> - 0.8.1-1 - word wrapping of descriptions - use generic description for shared subpackage - simplify logic for summary and description processing * Fri May 31 2013 Jens Petersen <petersen@xxxxxxxxxx> - 0.8.0-1 - use simplified Fedora Haskell Packaging macros approved by Fedora Packaging Committee (https://fedorahosted.org/fpc/ticket/194) * Wed Apr 3 2013 Jens Petersen <petersen@xxxxxxxxxx> - 0.7.1-2 - better require cabal-install -------------------------------------------------------------------------------- ================================================================================ clamav-0.97.8-2.fc17 (FEDORA-2013-10980) End-user tools for the Clam Antivirus scanner -------------------------------------------------------------------------------- Update Information: Fix 963920 Update to 0.97.8 -------------------------------------------------------------------------------- ChangeLog: * Thu May 2 2013 Nick Bebout <nb@xxxxxxxxxxxxxxxxx> - 0.97.8-1 - Update to 0.97.8 * Wed Apr 10 2013 Jon Ciesla <limburgher@xxxxxxxxx> - 0.97.7-2 - Migrate from fedora-usermgmt to guideline scriptlets. -------------------------------------------------------------------------------- References: [ 1 ] Bug #956176 - CVE-2013-2020 CVE-2013-2021 clamav: Multiple potential security issues fixed in upstream 0.97.8 version https://bugzilla.redhat.com/show_bug.cgi?id=956176 -------------------------------------------------------------------------------- ================================================================================ drupal7-features-2.0-0.4.rc1.fc17 (FEDORA-2013-10984) Provides feature management for Drupal -------------------------------------------------------------------------------- Update Information: - Update to upstream 2.0-rc1 release for bug fixes - Upstream changelog for this release is available at https://drupal.org/node/1999432 -------------------------------------------------------------------------------- ChangeLog: * Sat Jun 15 2013 Peter Borsa <peter.borsa@xxxxxxxxx> - 2.0-0.4.rc1 - Update to upstream 2.0-rc1 release for bug fixes - Upstream changelog for this release is available at https://drupal.org/node/1999432 -------------------------------------------------------------------------------- References: [ 1 ] Bug #965403 - drupal7-features-2.0-rc1 is available https://bugzilla.redhat.com/show_bug.cgi?id=965403 -------------------------------------------------------------------------------- ================================================================================ easy-rsa-2.2.0-2.fc17 (FEDORA-2013-10977) Simple shell based CA utility -------------------------------------------------------------------------------- Update Information: Split out from OpenVPN. -------------------------------------------------------------------------------- References: [ 1 ] Bug #966139 - Review Request: easy-rsa - Simple shell based CA utility https://bugzilla.redhat.com/show_bug.cgi?id=966139 -------------------------------------------------------------------------------- ================================================================================ golang-1.1.1-1.fc17 (FEDORA-2013-10971) The Go Programming Language -------------------------------------------------------------------------------- Update Information: * Make this package actually usable (sorry) * Update to golang 1.1.1 -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 13 2013 Adam Goode <adam@xxxxxxxxxxxxx> - 1.1.1-1 - Update to 1.1.1 - Fix basically useless package (#973842) * Sat May 25 2013 Dan Horák <dan[at]danny.cz> - 1.1-3 - set ExclusiveArch -------------------------------------------------------------------------------- References: [ 1 ] Bug #973842 - golang package is unusable https://bugzilla.redhat.com/show_bug.cgi?id=973842 -------------------------------------------------------------------------------- ================================================================================ guacamole-0.8.1-1.fc17 (FEDORA-2013-10976) The main Guacamole web application -------------------------------------------------------------------------------- Update Information: Updated Guacamole with SSH session support -------------------------------------------------------------------------------- ChangeLog: * Fri Jun 7 2013 Simone Caronni <negativo17@xxxxxxxxx> - 0.8.1-1 - Update to 0.8.1. -------------------------------------------------------------------------------- References: [ 1 ] Bug #973159 - Review Request: libguac-client-ssh - SSH support for guacd https://bugzilla.redhat.com/show_bug.cgi?id=973159 -------------------------------------------------------------------------------- ================================================================================ hotot-0.9.9-6.20130614gited2ff01.fc17 (FEDORA-2013-10951) Lightweight & open source micro blogging client -------------------------------------------------------------------------------- Update Information: fix name and icon -------------------------------------------------------------------------------- ChangeLog: * Sat Jun 15 2013 Rahul Sundaram <sundaram@xxxxxxxxxxxxxxxxx> - 0.9.9-6.20130614gited2ff01 - copy generic name to name and fix scriptlets * Fri Jun 14 2013 Rahul Sundaram <sundaram@xxxxxxxxxxxxxxxxx> - 0.9.9-5.20130614gited2ff01 - latest git snapshot. fixes twitter api break. resolves rhbz#974212 - validate qt desktop file. resolves rhbz#894867 - requires python-xlib. resolves rhbz#895180 * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.9.9-4.20121215gitcaad812 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ ibus-typing-booster-1.0.1-1.fc17 (FEDORA-2013-10952) A typing booster engine for the IBus platform -------------------------------------------------------------------------------- Update Information: Fix problem when IBUS_TYPING_BOOSTER_DEBUG_LEVEL is not set Much more intelligent now because it uses the context -------------------------------------------------------------------------------- ChangeLog: * Fri Jun 14 2013 Mike FABIAN <mfabian@xxxxxxxxxx> - 1.0.1-1 - Update to 1.0.1 upstream version - Fix problem when IBUS_TYPING_BOOSTER_DEBUG_LEVEL is not set * Thu Jun 13 2013 Mike FABIAN <mfabian@xxxxxxxxxx> - 1.0.0-1 - Update to 1.0.0 upstream version - Remove mudb and use “Write-Ahead Logging” - Introduce an environment variable IBUS_TYPING_BOOSTER_DEBUG_LEVEL for debugging - Speed up converting an old database to the current format - Make prediction more intelligent by using context of up to 2 previous words - Automatically remove whitespace between the last word and a punctuation character ending a sentence -------------------------------------------------------------------------------- ================================================================================ ibus-typing-booster-1.0.2-1.fc17 (FEDORA-2013-10985) A typing booster engine for the IBus platform -------------------------------------------------------------------------------- Update Information: Push context *after* writing the trigram to the database -------------------------------------------------------------------------------- ChangeLog: * Fri Jun 14 2013 Mike FABIAN <mfabian@xxxxxxxxxx> - 1.0.2-1 - Update to 1.0.2 upstream version - Push context *after* writing the trigram to the database * Fri Jun 14 2013 Mike FABIAN <mfabian@xxxxxxxxxx> - 1.0.1-1 - Update to 1.0.1 upstream version - Fix problem when IBUS_TYPING_BOOSTER_DEBUG_LEVEL is not set * Thu Jun 13 2013 Mike FABIAN <mfabian@xxxxxxxxxx> - 1.0.0-1 - Update to 1.0.0 upstream version - Remove mudb and use “Write-Ahead Logging” - Introduce an environment variable IBUS_TYPING_BOOSTER_DEBUG_LEVEL for debugging - Speed up converting an old database to the current format - Make prediction more intelligent by using context of up to 2 previous words - Automatically remove whitespace between the last word and a punctuation character ending a sentence -------------------------------------------------------------------------------- ================================================================================ jemalloc-3.4.0-1.fc17 (FEDORA-2013-10930) General-purpose scalable concurrent malloc implementation -------------------------------------------------------------------------------- Update Information: New upstream release: A bugfix release. >From the upstream changelog Bug fixes: * Fix race-triggered deadlocks in chunk_record(). These deadlocks were typically triggered by multiple threads concurrently deallocating huge objects. New features: * Add support for the aarch64 architecture. -------------------------------------------------------------------------------- ChangeLog: * Fri Jun 7 2013 Ingvar Hagelund <ingvar@xxxxxxxxxxxxxxxxxx> - 3.4.0-1 - New upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #970082 - jemalloc-3.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=970082 -------------------------------------------------------------------------------- ================================================================================ libguac-client-ssh-0.8.0-2.fc17 (FEDORA-2013-10976) SSH support for guacd -------------------------------------------------------------------------------- Update Information: Updated Guacamole with SSH session support -------------------------------------------------------------------------------- References: [ 1 ] Bug #973159 - Review Request: libguac-client-ssh - SSH support for guacd https://bugzilla.redhat.com/show_bug.cgi?id=973159 -------------------------------------------------------------------------------- ================================================================================ mlpack-1.0.6-1.fc17 (FEDORA-2013-10975) Scalable, fast C++ machine learning library -------------------------------------------------------------------------------- Update Information: Update to latest stable version. -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 13 2013 Ryan Curtin <gth671b@xxxxxxxxxxxxxxx> - 1.0.6-1 - Update to latest stable release. * Sat May 25 2013 Ryan Curtin <gth671b@xxxxxxxxxxxxxxx> - 1.0.5-1 - Update to latest stable release. - Add new executables that version 1.0.5 provides. * Sun Feb 10 2013 Denis Arnaud <denis.arnaud_fedora@xxxxxxx> - 1.0.4-3 - Rebuild for Boost-1.53.0 * Sat Feb 9 2013 Denis Arnaud <denis.arnaud_fedora@xxxxxxx> - 1.0.4-2 - Rebuild for Boost-1.53.0 -------------------------------------------------------------------------------- ================================================================================ nomacs-1.2.0-1.fc17 (FEDORA-2013-10987) Lightweight image viewer -------------------------------------------------------------------------------- Update Information: Version bump. -------------------------------------------------------------------------------- ChangeLog: * Sat Jun 15 2013 TI_Eugene <ti.eugene@xxxxxxxxx> 1.2.0-1 - Version bump. - %find_lang macro added - _als translation removed * Fri May 31 2013 Jon Ciesla <limburgher@xxxxxxxxx> 1.0.2-4 - Rebuild for new LibRaw. -------------------------------------------------------------------------------- ================================================================================ nordugrid-arc-3.0.2-1.fc17 (FEDORA-2013-10937) Advanced Resource Connector Grid Middleware -------------------------------------------------------------------------------- Update Information: New NorduGrid ARC release. For details see: http://www.nordugrid.org/arc/releases/13.02u2/release_notes_13.02u2.html -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 13 2013 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 3.0.2-1 - 3.0.2 Final Release -------------------------------------------------------------------------------- ================================================================================ nordugrid-arc-doc-1.3.2-1.fc17 (FEDORA-2013-10937) Advanced Resource Connector Documentation -------------------------------------------------------------------------------- Update Information: New NorduGrid ARC release. For details see: http://www.nordugrid.org/arc/releases/13.02u2/release_notes_13.02u2.html -------------------------------------------------------------------------------- ChangeLog: * Fri Jun 14 2013 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 1.3.2-1 - 1.3.2 Final Release -------------------------------------------------------------------------------- ================================================================================ perl-Net-Twitter-4.00006-1.fc17 (FEDORA-2013-10989) Perl interface to the Twitter API -------------------------------------------------------------------------------- Update Information: Upgrade to perl-Net-Twitter 4.00006 supporting Twitter API 1.1 -------------------------------------------------------------------------------- ChangeLog: * Fri Jun 14 2013 Julian C. Dunn <jdunn@xxxxxxxxxxxx> - 4.00006-1 - Upgrade to 4.00006 (bz#914316) * Wed Mar 13 2013 Julian C. Dunn <jdunn@xxxxxxxxxxxx> - 4.00004-1 - Upgrade to 4.00004 (bz#914316) * Fri Mar 8 2013 Julian C. Dunn <jdunn@xxxxxxxxxxxx> - 4.00003-1 - Upgrade to 4.00003 (bz#914316) * Sun Feb 24 2013 Julian C. Dunn <jdunn@xxxxxxxxxxxx> - 4.00002-1 - Upgrade to 4.00002 (bz#914316) * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #914316 - perl-Net-Twitter-4.00006 is available https://bugzilla.redhat.com/show_bug.cgi?id=914316 -------------------------------------------------------------------------------- ================================================================================ perl-qpid-0.22-1.fc17 (FEDORA-2013-10973) Perl bindings for the Qpid messaging framework -------------------------------------------------------------------------------- Update Information: Rebased on Qpid 0.22 -------------------------------------------------------------------------------- ChangeLog: * Fri Jun 14 2013 Darryl L. Pierce <dpierce@xxxxxxxxxx> - 0.22-1 - Rebased on Qpid 0.22. - Added the perl(qpid) and perl(qpid_messaging) virtual packages. - Resolves: BZ#964168 - Set the source URL to point to official releases. -------------------------------------------------------------------------------- References: [ 1 ] Bug #964168 - TypeError on message release/reject https://bugzilla.redhat.com/show_bug.cgi?id=964168 -------------------------------------------------------------------------------- ================================================================================ php-xcache-3.0.2-1.fc17 (FEDORA-2013-10956) Fast, stable PHP opcode cacher -------------------------------------------------------------------------------- Update Information: Upstream NEW, 3.0.2, 2013-06-10 * (PHP5.4+ only bug) random "cannot redeclare class" errors is now gone. Can also be avoid by using readonly_protection (unavailable with /dev/zero). * fixes SEGV with Zend Debugger * more bug fixes -------------------------------------------------------------------------------- ChangeLog: * Fri Jun 14 2013 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 3.0.2-1 - bugfixes version -------------------------------------------------------------------------------- ================================================================================ pidgin-sipe-1.16.0-1.fc17 (FEDORA-2013-10936) Pidgin protocol plugin to connect to MS Office Communicator -------------------------------------------------------------------------------- Update Information: New upstream release: * new HTTP stack: reduced network traffic, no more crashes * added support to call to a phone number * fixes subscription timeout handling, e.g. for buddy status updates -------------------------------------------------------------------------------- ChangeLog: * Sat Jun 15 2013 Stefan Becker <chemobejk@xxxxxxxxx> - 1.16.0-1 - update to 1.16.0: - new HTTP stack: reduced network traffic, no more crashes - added support to call to a phone number - fixes subscription timeout handling, e.g. for buddy status updates -------------------------------------------------------------------------------- ================================================================================ python-cliapp-1.20130613-1.fc17 (FEDORA-2013-10983) Python framework for Unix command line programs -------------------------------------------------------------------------------- Update Information: * cliapp(5) now mentions subcommands and the automatic subcommand "help". * `ssh_runcmd` now has the `tty` keyword argument to enable ssh allocation of pseudo-TTYs. Patch from Jannis Pohlmann. * The `help` subcommand now writes a useful error message, instead of a stack trace, if given an unknown subcommand. Reported by Rob Taylor. -------------------------------------------------------------------------------- ChangeLog: * Fri Jun 14 2013 Michel Salim <salimma@xxxxxxxxxxxxxxxxx> - 1.20130613-1 - Update to 1.20130613 -------------------------------------------------------------------------------- References: [ 1 ] Bug #974524 - python-cliapp-1.20130613 is available https://bugzilla.redhat.com/show_bug.cgi?id=974524 -------------------------------------------------------------------------------- ================================================================================ python-martian-0.14-1.fc17 (FEDORA-2013-10945) A library to grok configuration from Python code -------------------------------------------------------------------------------- Update Information: initial version -------------------------------------------------------------------------------- References: [ 1 ] Bug #973793 - Review Request: python-martian - A library to grok configuration from Python code https://bugzilla.redhat.com/show_bug.cgi?id=973793 -------------------------------------------------------------------------------- ================================================================================ qpid-cpp-0.22-1.fc17 (FEDORA-2013-10978) Libraries for Qpid C++ client applications -------------------------------------------------------------------------------- Update Information: Rebase on Qpid 0.22 -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 13 2013 Darryl L. Pierce <dpierce@xxxxxxxxxx> - 0.22-1 - Rebased on Qpid 0.22. - The package now uses the CMake build system from Qpid. - No longer use a separate source for the store. - Resolves: BZ#616080 - Resolves: BZ#966780 - Resolves: BZ#967100 -------------------------------------------------------------------------------- ================================================================================ scotch-6.0.0-1.fc17 (FEDORA-2013-10974) Graph, mesh and hypergraph partitioning library -------------------------------------------------------------------------------- Update Information: Update to version 6.0.0 -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 13 2013 Deji Akingunola <dakingun@xxxxxxxxx> - 6.0.0-1 - Update to 6.0.0 - Configured to run with 2 threads (for now) - Install the headers in arch-dependent sub-directories * Sat Nov 17 2012 Deji Akingunola <dakingun@xxxxxxxxx> - 5.1.12-1.b - Update to 5.1.12b -------------------------------------------------------------------------------- ================================================================================ tomcat6-6.0.37-1.fc17 (FEDORA-2013-10940) Apache Servlet/JSP Engine, RI for Servlet 2.5/JSP 2.1 API -------------------------------------------------------------------------------- Update Information: Update to tc 6.0.37 which includes fixes for CVE-2013-2067 and CVE-2013-3544 Update source to tc 6.0.36 which resolves rhbz 883690-CVE-2012-4531,rhbz 883675-CVE-2012-4431, rhbz 873703-CVE-2012-588[5,6,7] aka CVE-2012-3439, rhbz 873702-CVE-2012-4546, CVE-2012-2773. Patch for apache-tomcat bz 54615 "tomcat will not compile against ecj 4.x" -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 13 2013 David Knox <dknox@xxxxxxxxxx> 0:6.0.37-1 - Rebase to tc 6.0.37. patch for apache bz 54615 removed. - fixed in 6.0.37 * Thu Mar 14 2013 David Knox <dknox@xxxxxxxxxx> 0:6.0.36-1 - Rebase to tc 6.0.36 which resolves rhbz 883690-CVE-2012-4531, - rhbz 883675-CVE-2012-4431, rhbz 873703-CVE-2012-588[5,6,7] aka - CVE-2012-3439, rhbz 873702-CVE-2012-4546, CVE-2012-2773. - Patch for apache-tomcat bz 54615 tomcat will not compile against - ech 4.x * Tue Jun 26 2012 David Knox <dknox@xxxxxxxxxx> 0:6.0.35-2 - Resolves: rhbz 678630 - add jpackage-utils R(post,postun) -------------------------------------------------------------------------------- ================================================================================ xen-4.1.5-6.fc17 (FEDORA-2013-10929) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: Revised fixes for [XSA-55] -------------------------------------------------------------------------------- ChangeLog: * Fri Jun 14 2013 Michael Young <m.a.young@xxxxxxxxxxxx> - 4.1.5-6 - Revised fixes for [XSA-55] (#970640) -------------------------------------------------------------------------------- References: [ 1 ] Bug #970631 - xen: Multiple vulnerabilities in libelf PV kernel handling https://bugzilla.redhat.com/show_bug.cgi?id=970631 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test