Fedora 18 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 18 Security updates need testing:
 Age  URL
 174  https://admin.fedoraproject.org/updates/FEDORA-2013-0416/fedora-business-cards-1-0.1.beta1.fc18
 107  https://admin.fedoraproject.org/updates/FEDORA-2013-3935/puppet-3.1.1-1.fc18
 101  https://admin.fedoraproject.org/updates/FEDORA-2013-4243/stunnel-4.55-1.fc18
  88  https://admin.fedoraproject.org/updates/FEDORA-2013-4823/microcode_ctl-2.0-3.fc18
  72  https://admin.fedoraproject.org/updates/FEDORA-2013-6117/eucalyptus-3.2.2-1.fc18
  31  https://admin.fedoraproject.org/updates/FEDORA-2013-9707/livecd-tools-18.16-2.fc18
  27  https://admin.fedoraproject.org/updates/FEDORA-2013-9962/subversion-1.7.10-1.fc18
  10  https://admin.fedoraproject.org/updates/FEDORA-2013-11419/python-bugzilla-0.9.0-1.fc18
   8  https://admin.fedoraproject.org/updates/FEDORA-2013-10713/openstack-keystone-2012.2.4-5.fc18
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-11574/curl-7.27.0-11.fc18
   6  https://admin.fedoraproject.org/updates/FEDORA-2013-11630/wordpress-3.5.2-1.fc18
   4  https://admin.fedoraproject.org/updates/FEDORA-2013-11768/xen-4.2.2-9.fc18
   4  https://admin.fedoraproject.org/updates/FEDORA-2013-11396/glpi-0.83.9.1-1.fc18
   3  https://admin.fedoraproject.org/updates/FEDORA-2013-11646/ReviewBoard-1.7.11-1.fc18
   3  https://admin.fedoraproject.org/updates/FEDORA-2013-11874/xen-4.2.2-10.fc18
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-12108/gegl-0.2.0-11.fc18
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-12123/ruby-1.9.3.448-31.fc18
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-11998/php-pecl-radius-1.2.7-1.fc18
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-12032/autotrace-0.31.1-34.fc18


The following Fedora 18 Critical Path updates have yet to be approved:
 Age URL
 142  https://admin.fedoraproject.org/updates/FEDORA-2013-2192/nautilus-3.6.3-5.fc18
  22  https://admin.fedoraproject.org/updates/FEDORA-2013-10428/NetworkManager-0.9.8.2-1.fc18,network-manager-applet-0.9.8.2-1.fc18
  11  https://admin.fedoraproject.org/updates/FEDORA-2013-11278/make-3.82-14.fc18
  10  https://admin.fedoraproject.org/updates/FEDORA-2013-11419/python-bugzilla-0.9.0-1.fc18
   8  https://admin.fedoraproject.org/updates/FEDORA-2013-11498/binutils-2.23.51.0.1-10.fc18
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-11574/curl-7.27.0-11.fc18
   6  https://admin.fedoraproject.org/updates/FEDORA-2013-11629/unzip-6.0-10.fc18
   4  https://admin.fedoraproject.org/updates/FEDORA-2013-11749/gnome-shell-3.6.3.1-2.fc18
   4  https://admin.fedoraproject.org/updates/FEDORA-2013-11757/xorg-x11-drv-synaptics-1.6.4-2.fc18
   3  https://admin.fedoraproject.org/updates/FEDORA-2013-11864/gnome-packagekit-3.6.2-2.fc18
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-12117/lcms2-2.5-1.fc18
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-11995/kernel-3.9.8-200.fc18
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-11959/procps-ng-3.3.3-6.20120807git.fc18


The following builds have been pushed to Fedora 18 updates-testing

    dpkg-1.16.10-6.fc18
    dsqlite-1.1.1-1.fc18
    f1lt-2.1.1-1.fc18
    gegl-0.2.0-11.fc18
    ladvd-1.0.4-3.fc18
    lcms2-2.5-1.fc18
    mate-file-archiver-1.6.0-2.fc18
    mate-file-manager-1.6.1-9.fc18
    maven-javadoc-plugin-2.9.1-1.fc18.1
    mingw-glew-1.9.0-5.fc18
    openlmi-providers-0.0.25-2.fc18
    php-PHP-CSS-Parser-5.0.6-1.fc18
    php-channel-nrk-1.3-1.fc18
    php-pecl-apcu-4.0.1-1.fc18
    php-pecl-propro-0.1.0-1.fc18
    php-pecl-raphf-0.1.0-1.fc18
    python-fsmonitor-0.1-1.fc18
    python-py-1.4.15-1.fc18
    python-rsa-3.1.1-2.fc18
    quiterss-0.13.1-1.fc18
    rekonq-2.3.2-1.fc18
    ruby-1.9.3.448-31.fc18
    springframework-security-3.1.4-1.fc18
    tweepy-2.0-1.fc18
    vanityhash-1.1-1.fc18

Details about builds:


================================================================================
 dpkg-1.16.10-6.fc18 (FEDORA-2013-12120)
 Package maintenance system for Debian Linux
--------------------------------------------------------------------------------
Update Information:

add support to logrotate and minor spec enhancements.
8 fixes in rpm .spec
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul  1 2013 Sérgio Basto <sergio@xxxxxxxxxx> - 1.16.10-6
- add support to logrotate, by Oron Peled, rhbz #979378
- added some new %doc and debian/copyright, by Oron Peled, rhbz #979378
- rpmlint cleanups, by Oron Peled, rhbz #979378
* Sun Jun 30 2013 Sérgio Basto <sergio@xxxxxxxxxx> - 1.16.10-5
- rhbz #979378 
  - Obsolete the old dpkg-devel.noarch (replaced by dpkg-dev)
  (Obsoletes: dpkg-devel < 1.16)
  - Readd to dpkg-perl: Requires: dpkg = <version>-<release>
  - Patchset Signed-off-by: Oron Peled
  - [PATCH 1/4] move dpkg.cfg from /etc to /etc/dpkg 
  - [PATCH 2/4] fix some pkgdatadir, pkgconfdir file locations
  - [PATCH 3/4] move "dpkg-dev.mo" files to dpkg-perl
  - [PATCH 4/4] minor fix to dpkg-perl ownerships
- move from dpkg to dpkg-dev, rhbz #979378 
  - dpkg-mergechangelogs and its man-pages
  - dpkg-buildflags and its man-pages
- remove man pages dups, also rhbz #979378
    dpkg-architecture.1.gz
    dpkg-buildflags.1.gz
    dpkg-buildpackage.1.gz
    dpkg-checkbuilddeps.1.gz
    dpkg-distaddfile.1.gz
    dpkg-genchanges.1.gz
    dpkg-gencontrol.1.gz
    dpkg-gensymbols.1.gz
    dpkg-mergechangelogs.1.gz
    dpkg-name.1.gz
    dpkg-parsechangelog.1.gz
    dpkg-scanpackages.1.gz
    dpkg-scansources.1.gz
    dpkg-shlibdeps.1.gz
    dpkg-source.1.gz
    dpkg-vendor.1.gz
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #979378 - Upgrade problem from dpkg* < 1.16 to dpkg* >= 1.16
        https://bugzilla.redhat.com/show_bug.cgi?id=979378
--------------------------------------------------------------------------------


================================================================================
 dsqlite-1.1.1-1.fc18 (FEDORA-2013-12133)
 High level library around SQLite for D language
--------------------------------------------------------------------------------
Update Information:

Merge 1.1.1 changes and fix typo
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jun 28 2013 Christophe Burgun <jouty@xxxxxxxxxxxxxxxxx> 1.1.1-1
- Update dsqlite version
- Change Source0 Url
- Fix prep section with right name
- Fix so files
* Sun Feb 17 2013 Christophe Burgun <jouty@xxxxxxxxxxxxxxxxx> 1.0-5
- Fix summary and description
- Fix -l fr
--------------------------------------------------------------------------------


================================================================================
 f1lt-2.1.1-1.fc18 (FEDORA-2013-12107)
 Unofficial Formula 1 live timing application
--------------------------------------------------------------------------------
Update Information:

Update to 2.1.1
--------------------------------------------------------------------------------
ChangeLog:

* Sun Jun 30 2013 Antonio Trande <sagitter@xxxxxxxxxxxxxxxxx> 2.1.1-1
- Update to 2.1.1
* Sun Jun  9 2013 Antonio Trande <sagitter@xxxxxxxxxxxxxxxxx> 2.1.0-1
- Update to 2.1.0
--------------------------------------------------------------------------------


================================================================================
 gegl-0.2.0-11.fc18 (FEDORA-2013-12108)
 A graph based image processing framework
--------------------------------------------------------------------------------
Update Information:

This update contains the following changes:

* Fix buffer overflow in and add plausibility checks to the ppm-load operation.
* Fix multi-lib issue where content of generated documentation could differ between architectures.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul  1 2013 Nils Philippsen <nils@xxxxxxxxxx> - 0.2.0-11
- replace lua-5.2 patch by upstream commit
- fix buffer overflow in and add plausibility checks to ppm-load op
  (CVE-2012-4433)
- fix multi-lib issue in generated documentation
* Wed May 15 2013 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 0.2.0-10
- rebuild for lua 5.2
- disable check suite (so broken)
* Sun Mar 10 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 0.2.0-9
- rebuild (OpenEXR)
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.0-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Fri Jan 18 2013 Adam Tkac <atkac redhat com> - 0.2.0-7
- rebuild due to "jpeg8-ABI" feature drop
* Fri Dec 21 2012 Adam Tkac <atkac redhat com> - 0.2.0-6
- rebuild against new libjpeg
* Fri Oct 19 2012 Nils Philippsen <nils@xxxxxxxxxx> - 0.2.0-5
- don't catch "make check" errors but skip known problematic tests
* Fri Oct 19 2012 Nils Philippsen <nils@xxxxxxxxxx> - 0.2.0-4
- don't require lensfun-devel for building without workshop ops
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #856300 - CVE-2012-4433 gegl: Integer overflow, leading to heap-based buffer overflow by parsing PPM image headers
        https://bugzilla.redhat.com/show_bug.cgi?id=856300
--------------------------------------------------------------------------------


================================================================================
 ladvd-1.0.4-3.fc18 (FEDORA-2013-12137)
 CDP/LLDP sender for UNIX
--------------------------------------------------------------------------------
Update Information:

Fixes SELinux AVC about /etc/passwd access.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul  1 2013 Tomasz Torcz <ttorcz@xxxxxxxxxxxxxxxxx> - 1.0.4-3
- selinux policy: allow /etc/passwd read ti find out about unpriviledged user (#975959)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #975959 - SELinux is preventing /usr/sbin/ladvd from 'read' accesses on the file /etc/passwd.
        https://bugzilla.redhat.com/show_bug.cgi?id=975959
--------------------------------------------------------------------------------


================================================================================
 lcms2-2.5-1.fc18 (FEDORA-2013-12117)
 Color Management Engine
--------------------------------------------------------------------------------
Update Information:

- Update to new upstream version.
- Added a reference for Mac MLU tag
- Added a way to read the profile creator from header
- Added error descriptions on cmsSmoothToneCurve
- Added identity curves support for write V2 LUT
- Added new cmsPlugInTHR() and fixed some race conditions
- Added TIFF Lab16 handling on tifficc
- Fixed a bug on big endian platforms not supporting uint64 or long long.
- Fixed a multithead bug on optimization
- Fixed devicelink generation for 8 bits
- Fixed some 64 bit warnings on size_t to uint32 conversions
- Rendering intent used when creating the transform is now propagated to profile
- RGB profiles store only one copy of the curve to save space
- Transform2Devicelink now keeps white point when guessing deviceclass is enabled
- Update black point detection algorithm to reflect ICC changes
- User defined parametric curves can now be saved in ICC profiles
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul  1 2013 Richard Hughes <richard@xxxxxxxxxxx> 2.5-1
- Update to new upstream version.
- Added a reference for Mac MLU tag
- Added a way to read the profile creator from header
- Added error descriptions on cmsSmoothToneCurve
- Added identity curves support for write V2 LUT
- Added new cmsPlugInTHR() and fixed some race conditions
- Added TIFF Lab16 handling on tifficc
- Fixed a bug on big endian platforms not supporting uint64 or long long.
- Fixed a multithead bug on optimization
- Fixed devicelink generation for 8 bits
- Fixed some 64 bit warnings on size_t to uint32 conversions
- Rendering intent used when creating the transform is now propagated to profile
- RGB profiles store only one copy of the curve to save space
- Transform2Devicelink now keeps white point when guessing deviceclass is enabled
- Update black point detection algorithm to reflect ICC changes
- User defined parametric curves can now be saved in ICC profiles
--------------------------------------------------------------------------------


================================================================================
 mate-file-archiver-1.6.0-2.fc18 (FEDORA-2013-12068)
 MATE Desktop file archiver
--------------------------------------------------------------------------------
Update Information:

- https://github.com/mate-desktop/mate-file-archiver/issues/19,
- fix add folder to an existing archive
--------------------------------------------------------------------------------
ChangeLog:

* Sun Jun 30 2013 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.6.0-2
- https://github.com/mate-desktop/mate-file-archiver/issues/19,
- fix add folder to existing archive
- remove BR gsettings-desktop-schemas
- remove BR glib2-devel
- remove needless gsettings convert file
--------------------------------------------------------------------------------


================================================================================
 mate-file-manager-1.6.1-9.fc18 (FEDORA-2013-12090)
 File manager for MATE
--------------------------------------------------------------------------------
Update Information:

- set autostart to false in caja-autostart, fix rhbz #969663
- add mate-file-manager_fix-radio-buttons.patch to fix rhbz #964357
- fix single-click 'behavior' for open files and folders
- add AutostartCondition to caja-autostart.desktop



--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul  1 2013 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.6.1-9
- set autostart to false in caja-autostart, fix rhbz #969663
- and #978598
* Sun Jun 30 2013 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.6.1-8
- add mate-file-manager_fix-radio-buttons.patch to fix rhbz #964357
- clean up BR's
- add runtime require hicolor-icon-theme
- revert 1.6.1-7 changes
* Thu Jun 20 2013 Dan Mashal <dan.mashal@xxxxxxxxxxxxxxxxx> - 1.6.1-7
- Try caja without the autostart file (886029)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #978598 - High CPU usage with MATE desktop
        https://bugzilla.redhat.com/show_bug.cgi?id=978598
--------------------------------------------------------------------------------


================================================================================
 maven-javadoc-plugin-2.9.1-1.fc18.1 (FEDORA-2013-12132)
 Maven Javadoc Plugin
--------------------------------------------------------------------------------
Update Information:

Update to latest upstream, fixes rhbz #979577, works around CVE-2013-1571
--------------------------------------------------------------------------------
ChangeLog:

* Sun Jun 30 2013 Mat Booth <fedora@xxxxxxxxxxxxxx> - 2.9.1-1.1
- Fix build deps for F18
* Sun Jun 30 2013 Mat Booth <fedora@xxxxxxxxxxxxxx> - 2.9.1-1
- Update to latest upstream, fixes rhbz #979577, works around CVE-2013-1571
- Remove dep on jakarta-commons-httpclient
* Wed Apr 10 2013 Mikolaj Izdebski <mizdebsk@xxxxxxxxxx> - 2.9-6
- Remove test dependencies from POM
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.9-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Wed Feb  6 2013 Java SIG <java-devel@xxxxxxxxxxxxxxxxxxxxxxx> - 2.9-4
- Update for https://fedoraproject.org/wiki/Fedora_19_Maven_Rebuild
- Replace maven BuildRequires with maven-local
* Tue Jan  8 2013 Mikolaj Izdebski <mizdebsk@xxxxxxxxxx> - 2.9-3
- Add missing requires
- Resolves: rhbz#893166
* Mon Nov 26 2012 Stanislav Ochotnicky <sochotnicky@xxxxxxxxxx> - 2.9-2
- Add LICENSE and NOTICE files to packages (#879605)
- Add dependency exclusion to make enforcer happy
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #979577 - maven-javadoc-plugin-2.9.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=979577
--------------------------------------------------------------------------------


================================================================================
 mingw-glew-1.9.0-5.fc18 (FEDORA-2013-12084)
 MinGW Windows GLEW library
--------------------------------------------------------------------------------
Update Information:

Rebuild with fix for FTBFS on i686 hosts.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Jun 30 2013 Sandro Mani <manisandro@xxxxxxxxx> - 1.9.0-5
- Don't strip glew.exe visualinfo.exe on install
--------------------------------------------------------------------------------


================================================================================
 openlmi-providers-0.0.25-2.fc18 (FEDORA-2013-12109)
 Set of basic CIM providers
--------------------------------------------------------------------------------
Update Information:

Again add registration of 05_LMI_Qualifiers.mof
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jun 28 2013 Roman Rakus <rrakus@xxxxxxxxxx> - 0.0.25-2
- Againg add registration of 05_LMI_Qualifiers.mof
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #973233 - sfcbd process SEGV on openlmi lmiusers request
        https://bugzilla.redhat.com/show_bug.cgi?id=973233
--------------------------------------------------------------------------------


================================================================================
 php-PHP-CSS-Parser-5.0.6-1.fc18 (FEDORA-2013-12119)
 A Parser for CSS Files
--------------------------------------------------------------------------------
Update Information:

PHP CSS Parser: a Parser for CSS Files written in PHP.

Allows extraction of CSS files into a data structure, manipulation of said structure and output as (optimized) CSS.

--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #969436 - Review Request: php-PHP-CSS-Parser - A Parser for CSS Files
        https://bugzilla.redhat.com/show_bug.cgi?id=969436
--------------------------------------------------------------------------------


================================================================================
 php-channel-nrk-1.3-1.fc18 (FEDORA-2013-12088)
 Adds pear.nrk.io channel to PEAR
--------------------------------------------------------------------------------
Update Information:

This package adds the pear.nrk.io channel which allows PEAR packages from this channel to be installed.

--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #970927 - Review Request: php-channel-nrk - Adds pear.nrk.io channel to PEAR
        https://bugzilla.redhat.com/show_bug.cgi?id=970927
--------------------------------------------------------------------------------


================================================================================
 php-pecl-apcu-4.0.1-1.fc18 (FEDORA-2013-12102)
 APC User Cache
--------------------------------------------------------------------------------
Update Information:

APCu is userland caching: APC stripped of opcode caching in preparation for the deployment of Zend OPcache as the primary solution to opcode caching in future versions of PHP.

APCu has a revised and simplified codebase, by the time the PECL release is available, every part of APCu being used will have received review and where necessary or appropriate, changes.

Simplifying and documenting the API of APCu completely removes the barrier to maintenance and development of APCu in the future, and additionally allows us to make optimizations not possible previously because of APC's inherent complexity.

APCu only supports userland caching (and dumping) of variables, providing an upgrade path for the future. When O+ takes over, many will be tempted to use 3rd party solutions to userland caching, possibly even distributed solutions; this would be a grave error. The tried and tested APC codebase provides far superior support for local storage of PHP variables.

--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #928196 - Review Request: php-pecl-apcu - APC User Cache
        https://bugzilla.redhat.com/show_bug.cgi?id=928196
--------------------------------------------------------------------------------


================================================================================
 php-pecl-propro-0.1.0-1.fc18 (FEDORA-2013-12114)
 Property proxy
--------------------------------------------------------------------------------
Update Information:

A reusable split-off of pecl_http's property proxy API.

--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #974818 - Review Request: php-pecl-propro - Property proxy
        https://bugzilla.redhat.com/show_bug.cgi?id=974818
--------------------------------------------------------------------------------


================================================================================
 php-pecl-raphf-0.1.0-1.fc18 (FEDORA-2013-12087)
 Resource and persistent handles factory
--------------------------------------------------------------------------------
Update Information:

A reusable split-off of pecl_http's persistent handle and resource factory API.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #974819 - Review Request: php-pecl-raphf - Resource and persistent handles factory
        https://bugzilla.redhat.com/show_bug.cgi?id=974819
--------------------------------------------------------------------------------


================================================================================
 python-fsmonitor-0.1-1.fc18 (FEDORA-2013-12081)
 Filesystem Monitoring for Python
--------------------------------------------------------------------------------
Update Information:

python-fsmonitor 0.1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #979847 - python-fsmonitor - Filesystem Monitoring for Python
        https://bugzilla.redhat.com/show_bug.cgi?id=979847
--------------------------------------------------------------------------------


================================================================================
 python-py-1.4.15-1.fc18 (FEDORA-2013-12100)
 Library with cross-python path, ini-parsing, io, code, log facilities
--------------------------------------------------------------------------------
Update Information:

Update to the latest stable version.

>From the upstream changelog:

 * majorly speed up some common calling patterns with LocalPath.listdir()/join/check/stat functions considerably.

 * fix an edge case with fnmatch where a glob style pattern appeared in an absolute path.

--------------------------------------------------------------------------------
ChangeLog:

* Sun Jun 30 2013 Thomas Moschny <thomas.moschny@xxxxxx> - 1.4.15-1
- Update to 1.4.15.
- Disable failing Subversion checks for now.
* Wed Jun 12 2013 Thomas Moschny <thomas.moschny@xxxxxx> - 1.4.14-2
- Use python-sphinx for rhel > 6 (rhbz#973321).
- Update URL.
- Fix changelog entry with an incorrect date (rhbz#973325).
--------------------------------------------------------------------------------


================================================================================
 python-rsa-3.1.1-2.fc18 (FEDORA-2013-12074)
 Pure-Python RSA implementation
--------------------------------------------------------------------------------
Update Information:

python-rsa 3.1.1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #965095 - python-rsa - Pure-Python RSA implementation
        https://bugzilla.redhat.com/show_bug.cgi?id=965095
--------------------------------------------------------------------------------


================================================================================
 quiterss-0.13.1-1.fc18 (FEDORA-2013-12116)
 RSS/Atom aggregator
--------------------------------------------------------------------------------
Update Information:

Version bump.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul  1 2013 TI_Eugene <ti.eugene@xxxxxxxxx> - 0.13.1-1
- Version bump
--------------------------------------------------------------------------------


================================================================================
 rekonq-2.3.2-1.fc18 (FEDORA-2013-12130)
 KDE browser based on QtWebkit
--------------------------------------------------------------------------------
Update Information:

Rekonq 2.3.2 release
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul  1 2013 Jan Grulich <jgrulich@xxxxxxxxxx> 2.3.2-1
- 2.3.2
--------------------------------------------------------------------------------


================================================================================
 ruby-1.9.3.448-31.fc18 (FEDORA-2013-12123)
 An interpreter of object-oriented scripting language
--------------------------------------------------------------------------------
Update Information:

A vulnerability was found in Ruby's SSL client that could allow man-in-the-middle attackers to spoof SSL servers via valid certificate issued by a trusted certification authority.

This vulnerability has been assigned the CVE identifier CVE-2013-4073.

This new update should solve this issue.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jul  1 2013 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 1.9.3.448-31
- Update to 1.9.3 p448
- Fix hostname check bypassing vulnerability in SSL client
  (CVE-2013-4073)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #979295 - ruby: CVE-2013-4073 ruby: hostname check bypassing vulnerability in SSL client [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=979295
--------------------------------------------------------------------------------


================================================================================
 springframework-security-3.1.4-1.fc18 (FEDORA-2013-12071)
 Modular Java/J2EE application security framework
--------------------------------------------------------------------------------
Update Information:

Initial import (#882477).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #882477 - Review Request: springframework-security - Modular Java/J2EE application security framework
        https://bugzilla.redhat.com/show_bug.cgi?id=882477
--------------------------------------------------------------------------------


================================================================================
 tweepy-2.0-1.fc18 (FEDORA-2013-12093)
 Twitter library for python
--------------------------------------------------------------------------------
Update Information:

Update tweepy to version 2.0
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jun 28 2013 rtnpro <rtnpro@xxxxxxxxx> 2.0-1
- Update to tweepy v2.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #675104 - Review Request: tweepy - Twitter library for python
        https://bugzilla.redhat.com/show_bug.cgi?id=675104
--------------------------------------------------------------------------------


================================================================================
 vanityhash-1.1-1.fc18 (FEDORA-2013-12096)
 Hexadecimal hash fragment creation tool
--------------------------------------------------------------------------------
Update Information:

Hexadecimal hash fragment creation tool.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #979370 - Review Request: vanityhash - Hexadecimal hash fragment creation tool
        https://bugzilla.redhat.com/show_bug.cgi?id=979370
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test





[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux