The following Fedora 19 Security updates need testing: Age URL 80 https://admin.fedoraproject.org/updates/FEDORA-2013-5801/mantis-1.2.15-1.fc19 35 https://admin.fedoraproject.org/updates/FEDORA-2013-9715/heat-jeos-9-1.fc19 23 https://admin.fedoraproject.org/updates/FEDORA-2013-10678/python-keystoneclient-0.2.3-4.fc19 11 https://admin.fedoraproject.org/updates/FEDORA-2013-10467/openstack-keystone-2013.1.2-3.fc19 9 https://admin.fedoraproject.org/updates/FEDORA-2013-11734/libXv-1.0.9-1.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2013-11911/php-pecl-radius-1.2.7-1.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2013-11904/autotrace-0.31.1-34.fc19 4 https://admin.fedoraproject.org/updates/FEDORA-2013-12083/libXp-1.0.2-1.fc19 4 https://admin.fedoraproject.org/updates/FEDORA-2013-12115/gegl-0.2.0-11.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2013-12118/ruby-2.0.0.247-11.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2013-12199/dbus-glib-0.100-5.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2013-12178/lldpad-0.9.46-2.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2013-12384/gallery3-3.0.9-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2013-12321/gpm-1.20.6-33.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2013-12414/zeroinstall-injector-2.3-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2013-12389/ansible-1.2.1-2.fc19 The following builds have been pushed to Fedora 19 updates-testing CuraEngine-13.06.3-2.fc19 ansible-1.2.1-2.fc19 elixir-0.9.3-2.fc19 gallery3-3.0.9-1.fc19 ghc-language-java-0.2.4-2.fc19 ghc-libffi-0.1-2.fc19 ghc-maccatcher-2.1.5-1.fc19 gnumed-1.3.6-1.fc19 gnumed-server-18.6-1.fc19 golang-1.1.1-4.fc19 groovy18-1.8.9-3.fc19 ibus-kkc-1.5.15-1.fc19 libdmapsharing-2.9.18-1.fc19 libexttextcat-3.4.3-1.fc19 libkkc-0.2.6-1.fc19 libmatthew-java-0.8-6.fc19 lua-lpeg-0.12-1.fc19 lua-moonscript-0.2.4-1.fc19 mingw-pcre-8.33-1.fc19 mingw-qt-4.8.5-2.fc19 pdns-3.3-1.fc19 perl-CPAN-FindDependencies-2.42-2.fc19 perl-Data-MessagePack-0.47-1.fc19 perl-File-Find-Object-0.2.7-2.fc19 perl-Net-Random-2.22-2.fc19 perl-Perl6-Slurp-0.051003-2.fc19 perl-Tie-Function-0.02-1.fc19 perl-XML-Tiny-2.06-1.fc19 php-channel-swift-1.3-7.fc19 php-pear-Mail-Mime-1.8.8-1.fc19 php-pear-Net-SMTP-1.6.2-1.fc19 ppp-2.4.5-30.fc19 rpm-4.11.1-1.fc19 scratch-1.4.0.7-5.fc19 supermin-4.1.1-2.fc19 sylpheed-3.4.0-0.5.beta4.fc19 tycho-0.18.0-3.fc19 tzdata-2013c-2.fc19 uim-1.8.6-1.fc19 xsane-0.999-3.fc19 zeroinstall-injector-2.3-1.fc19 Details about builds: ================================================================================ CuraEngine-13.06.3-2.fc19 (FEDORA-2013-12419) Engine for processing 3D models into G-code instructions for 3D printers -------------------------------------------------------------------------------- Update Information: Engine for processing 3D models into G-code instructions for 3D printers -------------------------------------------------------------------------------- References: [ 1 ] Bug #977112 - Review Request: CuraEngine - Engine for processing 3D models into G-code instructions for 3D printers https://bugzilla.redhat.com/show_bug.cgi?id=977112 -------------------------------------------------------------------------------- ================================================================================ ansible-1.2.1-2.fc19 (FEDORA-2013-12389) SSH-based configuration management, deployment, and task execution system -------------------------------------------------------------------------------- Update Information: Upstream 1.2.1 version. See: https://groups.google.com/forum/#!topic/ansible-project/Bj0TmfsExhk for more info. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 5 2013 Kevin Fenzi <kevin@xxxxxxxxx> 1.2.1-2 - Update to newer upstream re-release to fix a syntax error * Thu Jul 4 2013 Kevin Fenzi <kevin@xxxxxxxxx> 1.2.1-1 - Update to 1.2.1 - Fixes CVE-2013-2233 -------------------------------------------------------------------------------- References: [ 1 ] Bug #980821 - CVE-2013-2233 ansible: Does not cache SSH host keys (preventing possibility of server's host key to be checked against system host keys) https://bugzilla.redhat.com/show_bug.cgi?id=980821 -------------------------------------------------------------------------------- ================================================================================ elixir-0.9.3-2.fc19 (FEDORA-2013-12390) A modern approach to programming for the Erlang VM -------------------------------------------------------------------------------- Update Information: Update to upstream 0.9.3 Upstream 0.9.1 -------------------------------------------------------------------------------- ChangeLog: * Wed Jun 12 2013 Ricky Elrod <codeblock@xxxxxxxxxxxxxxxxx> - 0.9.3-2 - Fix patch, doctest.exs was renamed to doc_test.exs * Wed Jun 12 2013 Ricky Elrod <codeblock@xxxxxxxxxxxxxxxxx> - 0.9.3-1 - Update to upstream 0.9.3. * Wed Jun 12 2013 Ricky Elrod <codeblock@xxxxxxxxxxxxxxxxx> - 0.9.1-1 - Update to upstream 0.9.1. - Clean up specfile. -------------------------------------------------------------------------------- ================================================================================ gallery3-3.0.9-1.fc19 (FEDORA-2013-12384) Customizable photo gallery web site -------------------------------------------------------------------------------- Update Information: Fixes for CVE-2013-2240, CVE-2013-2241. A security flaw was found in the way flowplayer SWF file handling functionality of Gallery version 3, an open source project with the goal to develop and support leading photo sharing web application solutions, processed certain URL fragments passed to this file (certain URL fragments were not stripped properly when these files were called via direct URL request(s)). A remote attacker could use this flaw to conduct replay attacks. Multiple information exposure flaws were found in the way data rest core module of Gallery version 3, an open source project with the goal to develop and support leading photo sharing web application solutions, used to previously restrict access to certain items of the photo album. A remote attacker, valid Gallery 3 user, could use this flaw to possibly obtain sensitive information (file, resize or thumb path of the item in question). -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 5 2013 Jon Ciesla <limburgher@xxxxxxxxx> - 3.0.9-1 - 3.0.9. -------------------------------------------------------------------------------- References: [ 1 ] Bug #981218 - CVE-2013-2138 gallery3 various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=981218 [ 2 ] Bug #981219 - CVE-2013-2138 gallery3 various flaws [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=981219 -------------------------------------------------------------------------------- ================================================================================ ghc-language-java-0.2.4-2.fc19 (FEDORA-2013-12420) Java source manipulation -------------------------------------------------------------------------------- Update Information: Manipulates Java source: abstract syntax, lexer, parser, and pretty-printer. -------------------------------------------------------------------------------- References: [ 1 ] Bug #980133 - Review Request: ghc-language-java - Java source manipulation https://bugzilla.redhat.com/show_bug.cgi?id=980133 -------------------------------------------------------------------------------- ================================================================================ ghc-libffi-0.1-2.fc19 (FEDORA-2013-12409) A binding to libffi -------------------------------------------------------------------------------- Update Information: A binding to libffi, allowing C functions of types only known at runtime to be called from Haskell. -------------------------------------------------------------------------------- References: [ 1 ] Bug #980123 - Review Request: ghc-libffi - A binding to libffi https://bugzilla.redhat.com/show_bug.cgi?id=980123 -------------------------------------------------------------------------------- ================================================================================ ghc-maccatcher-2.1.5-1.fc19 (FEDORA-2013-12439) Obtain the host MAC address on *NIX and Windows -------------------------------------------------------------------------------- Update Information: Obtain the host MAC address on *NIX and Windows. -------------------------------------------------------------------------------- References: [ 1 ] Bug #974721 - Review Request: ghc-maccatcher - Obtain the host MAC address on *NIX and Windows https://bugzilla.redhat.com/show_bug.cgi?id=974721 -------------------------------------------------------------------------------- ================================================================================ gnumed-1.3.6-1.fc19 (FEDORA-2013-12397) The GNUmed client -------------------------------------------------------------------------------- Update Information: FIX: exception on merging patients with identical addresses [thanks Jim] FIX: exception on repeatedly updating LOINC [thanks A.Maier] FIX: exception on getattr() in braindead-tree-items-data-access workaround [thanks V.Banait] FIX: exception on detecting patient ID column in patient listing ctrl [thanks Marc] IMPROVED: show "U" for soapU data rather than "?" [thanks Jim] IMPROVED: print recalls from vaccinations list -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 5 2013 Michel Salim <salimma@xxxxxxxxxxxxxxxxx> - 1.3.6-1 - Update to 1.3.6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #981368 - gnumed-1.3.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=981368 [ 2 ] Bug #981370 - gnumed-server-18.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=981370 -------------------------------------------------------------------------------- ================================================================================ gnumed-server-18.6-1.fc19 (FEDORA-2013-12397) The GNUmed back end server -------------------------------------------------------------------------------- Update Information: FIX: exception on merging patients with identical addresses [thanks Jim] FIX: exception on repeatedly updating LOINC [thanks A.Maier] FIX: exception on getattr() in braindead-tree-items-data-access workaround [thanks V.Banait] FIX: exception on detecting patient ID column in patient listing ctrl [thanks Marc] IMPROVED: show "U" for soapU data rather than "?" [thanks Jim] IMPROVED: print recalls from vaccinations list -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 5 2013 Michel Salim <salimma@xxxxxxxxxxxxxxxxx> - 18.6-1 - Update to v18.6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #981368 - gnumed-1.3.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=981368 [ 2 ] Bug #981370 - gnumed-server-18.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=981370 -------------------------------------------------------------------------------- ================================================================================ golang-1.1.1-4.fc19 (FEDORA-2013-12426) The Go Programming Language -------------------------------------------------------------------------------- Update Information: Try again at updating this package. Use lua in pretrans * Fix update problems (at least for pre-Fedora 19) * Fix still-often-broken building * Make this package actually usable (sorry) * Update to golang 1.1.1 * Make this package actually usable (sorry) * Update to golang 1.1.1 * Make this package actually usable (sorry) * Update to golang 1.1.1 * Fix update problems (at least for pre-Fedora 19) * Fix still-often-broken building * Make this package actually usable (sorry) * Update to golang 1.1.1 * Make this package actually usable (sorry) * Update to golang 1.1.1 * Make this package actually usable (sorry) * Update to golang 1.1.1 * Fix update problems (at least for pre-Fedora 19) * Fix still-often-broken building * Make this package actually usable (sorry) * Update to golang 1.1.1 * Make this package actually usable (sorry) * Update to golang 1.1.1 * Make this package actually usable (sorry) * Update to golang 1.1.1 Use lua in pretrans * Fix update problems (at least for pre-Fedora 19) * Fix still-often-broken building * Make this package actually usable (sorry) * Update to golang 1.1.1 * Make this package actually usable (sorry) * Update to golang 1.1.1 * Make this package actually usable (sorry) * Update to golang 1.1.1 * Fix update problems (at least for pre-Fedora 19) * Fix still-often-broken building * Make this package actually usable (sorry) * Update to golang 1.1.1 * Make this package actually usable (sorry) * Update to golang 1.1.1 * Make this package actually usable (sorry) * Update to golang 1.1.1 * Fix update problems (at least for pre-Fedora 19) * Fix still-often-broken building * Make this package actually usable (sorry) * Update to golang 1.1.1 * Make this package actually usable (sorry) * Update to golang 1.1.1 * Make this package actually usable (sorry) * Update to golang 1.1.1 Use lua in pretrans * Fix update problems (at least for pre-Fedora 19) * Fix still-often-broken building * Make this package actually usable (sorry) * Update to golang 1.1.1 * Make this package actually usable (sorry) * Update to golang 1.1.1 * Make this package actually usable (sorry) * Update to golang 1.1.1 * Fix update problems (at least for pre-Fedora 19) * Fix still-often-broken building * Make this package actually usable (sorry) * Update to golang 1.1.1 * Make this package actually usable (sorry) * Update to golang 1.1.1 * Make this package actually usable (sorry) * Update to golang 1.1.1 * Fix update problems (at least for pre-Fedora 19) * Fix still-often-broken building * Make this package actually usable (sorry) * Update to golang 1.1.1 * Make this package actually usable (sorry) * Update to golang 1.1.1 * Make this package actually usable (sorry) * Update to golang 1.1.1 -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 5 2013 Adam Goode <adam@xxxxxxxxxxxxx> - 1.1.1-4 - Move src to libdir for now (#973842) (upstream issue https://code.google.com/p/go/issues/detail?id=5830) - Eliminate noarch data package to work around RPM bug (#975909) - Try to add runtime-gdb.py to the gdb safe-path (#981356) * Wed Jun 19 2013 Adam Goode <adam@xxxxxxxxxxxxx> - 1.1.1-3 - Use lua for pretrans (http://fedoraproject.org/wiki/Packaging:Guidelines#The_.25pretrans_scriptlet) * Mon Jun 17 2013 Adam Goode <adam@xxxxxxxxxxxxx> - 1.1.1-2 - Hopefully really fix #973842 - Fix update from pre-1.1.1 (#974840) * Thu Jun 13 2013 Adam Goode <adam@xxxxxxxxxxxxx> - 1.1.1-1 - Update to 1.1.1 - Fix basically useless package (#973842) * Sat May 25 2013 Dan Horák <dan[at]danny.cz> - 1.1-3 - set ExclusiveArch -------------------------------------------------------------------------------- References: [ 1 ] Bug #974840 - golang-1.1.1-1.fc19 update fails due to conflicts https://bugzilla.redhat.com/show_bug.cgi?id=974840 [ 2 ] Bug #973842 - golang package is unusable https://bugzilla.redhat.com/show_bug.cgi?id=973842 -------------------------------------------------------------------------------- ================================================================================ groovy18-1.8.9-3.fc19 (FEDORA-2013-12415) Dynamic language for the Java Platform -------------------------------------------------------------------------------- Update Information: fix groovy18-script. Initial import (#858127). -------------------------------------------------------------------------------- References: [ 1 ] Bug #858127 - Review Request: groovy18 - Dynamic language for the Java Platform https://bugzilla.redhat.com/show_bug.cgi?id=858127 -------------------------------------------------------------------------------- ================================================================================ ibus-kkc-1.5.15-1.fc19 (FEDORA-2013-12422) Japanese Kana Kanji input method for ibus -------------------------------------------------------------------------------- Update Information: new upstream release -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 5 2013 Daiki Ueno <dueno@xxxxxxxxxx> - 1.5.15-1 - new upstream release -------------------------------------------------------------------------------- ================================================================================ libdmapsharing-2.9.18-1.fc19 (FEDORA-2013-12383) A DMAP client and server library -------------------------------------------------------------------------------- Update Information: Update to 2.9.18. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 5 2013 W. Michael Petullo <mike[@]flyn.org> - 2.9.18-1 - new upstream version -------------------------------------------------------------------------------- ================================================================================ libexttextcat-3.4.3-1.fc19 (FEDORA-2013-12440) Text categorization library -------------------------------------------------------------------------------- Update Information: fix an overlapping memcpy -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 5 2013 Caolán McNamara <caolanm@xxxxxxxxxx> 3.4.3-1 - latest version -------------------------------------------------------------------------------- ================================================================================ libkkc-0.2.6-1.fc19 (FEDORA-2013-12422) Japanese Kana Kanji conversion library -------------------------------------------------------------------------------- Update Information: new upstream release -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 5 2013 Daiki Ueno <dueno@xxxxxxxxxx> - 0.2.6-1 - new upstream release * Thu Jul 4 2013 Daiki Ueno <dueno@xxxxxxxxxx> - 0.2.5-1 - new upstream release -------------------------------------------------------------------------------- ================================================================================ libmatthew-java-0.8-6.fc19 (FEDORA-2013-12434) A few useful Java libraries -------------------------------------------------------------------------------- Update Information: Put jars in _jnidir to allow build systems that crawl javadir and jnidir to find them. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 5 2013 Alexander Kurtakov <akurtako@xxxxxxxxxx> 0.8-6 - Place jars in _jnidir according to new guidelines. -------------------------------------------------------------------------------- ================================================================================ lua-lpeg-0.12-1.fc19 (FEDORA-2013-12438) Parsing Expression Grammars for Lua -------------------------------------------------------------------------------- Update Information: LPeg: - no "unsigned short" limit for pattern sizes - mathtime captures considered nullable - some bugs fixed Moonscript: - various updates. Test fixture currently not run, awaiting packaging of new dependencies -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 4 2013 Michel Salim <salimma@xxxxxxxxxxxxxxxxx> - 0.12-1 - Update to 0.12 * Wed Apr 3 2013 Michel Salim <salimma@xxxxxxxxxxxxxxxxx> - 0.11-1 - Update to 0.11 -------------------------------------------------------------------------------- References: [ 1 ] Bug #959929 - lua-lpeg-0.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=959929 [ 2 ] Bug #981384 - lua-moonscript-0.2.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=981384 -------------------------------------------------------------------------------- ================================================================================ lua-moonscript-0.2.4-1.fc19 (FEDORA-2013-12438) A little language that compiles to Lua -------------------------------------------------------------------------------- Update Information: LPeg: - no "unsigned short" limit for pattern sizes - mathtime captures considered nullable - some bugs fixed Moonscript: - various updates. Test fixture currently not run, awaiting packaging of new dependencies -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 4 2013 Michel Salim <salimma@xxxxxxxxxxxxxxxxx> - 0.2.4-1 - Update to 0.2.4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #959929 - lua-lpeg-0.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=959929 [ 2 ] Bug #981384 - lua-moonscript-0.2.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=981384 -------------------------------------------------------------------------------- ================================================================================ mingw-pcre-8.33-1.fc19 (FEDORA-2013-12436) MinGW Windows pcre library -------------------------------------------------------------------------------- Update Information: Update to 8.33 and added the configure arguments --enable-pcre8 --enable-pcre16 --enable-pcre32 (the pcre16 one is needed by mingw-qt5-qtbase) -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 3 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 8.33-1 - Update to 8.33 - Added the configure arguments --enable-pcre8 --enable-pcre16 --enable-pcre32 (the pcre16 one is needed by mingw-qt5-qtbase) - Use a more verbose filelist -------------------------------------------------------------------------------- ================================================================================ mingw-qt-4.8.5-2.fc19 (FEDORA-2013-12407) Qt for Windows -------------------------------------------------------------------------------- Update Information: Update to 4.8.5 -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 4 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 4.8.5-2 - When building static binaries, make sure the gcc argument -DQT_DLL isn't used * Wed Jul 3 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 4.8.5-1 - Update to 4.8.5 -------------------------------------------------------------------------------- ================================================================================ pdns-3.3-1.fc19 (FEDORA-2013-12430) A modern, advanced and high performance authoritative-only nameserver -------------------------------------------------------------------------------- Update Information: - Update to 3.3 - This is a stability, bugfix and conformity update to 3.2. It improves interoperability with various validators, either through bugfixes or by catering to their needs beyond the specifications. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 5 2013 Morten Stevens <mstevens@xxxxxxxxxxxxxxx> - 3.3-1 - Update to 3.3 * Fri Jun 28 2013 Morten Stevens <mstevens@xxxxxxxxxxxxxxx> - 3.3-0.3.rc2 - Update to 3.3-rc2 - Add extra tools package for pdns * Tue Jun 4 2013 Morten Stevens <mstevens@xxxxxxxxxxxxxxx> - 3.3-0.2.rc1 - Update systemd unit file - Spec cleanup * Tue May 28 2013 Morten Stevens <mstevens@xxxxxxxxxxxxxxx> - 3.3-0.1.rc1 - Update to 3.3-rc1 -------------------------------------------------------------------------------- ================================================================================ perl-CPAN-FindDependencies-2.42-2.fc19 (FEDORA-2013-12408) Find dependencies for modules on CPAN -------------------------------------------------------------------------------- Update Information: New RPM. -------------------------------------------------------------------------------- References: [ 1 ] Bug #979663 - Review Request: perl-CPAN-FindDependencies - Find dependencies for modules on CPAN https://bugzilla.redhat.com/show_bug.cgi?id=979663 -------------------------------------------------------------------------------- ================================================================================ perl-Data-MessagePack-0.47-1.fc19 (FEDORA-2013-12423) MessagePack serialising/deserialising -------------------------------------------------------------------------------- Update Information: New RPM. -------------------------------------------------------------------------------- References: [ 1 ] Bug #979665 - Review Request: perl-Data-MessagePack - MessagePack serialising/deserialising https://bugzilla.redhat.com/show_bug.cgi?id=979665 -------------------------------------------------------------------------------- ================================================================================ perl-File-Find-Object-0.2.7-2.fc19 (FEDORA-2013-12418) Object oriented File::Find replacement -------------------------------------------------------------------------------- Update Information: New RPM. -------------------------------------------------------------------------------- References: [ 1 ] Bug #979673 - Review Request: perl-File-Find-Object - Object oriented File::Find replacement https://bugzilla.redhat.com/show_bug.cgi?id=979673 -------------------------------------------------------------------------------- ================================================================================ perl-Net-Random-2.22-2.fc19 (FEDORA-2013-12405) A module gets random data from online sources -------------------------------------------------------------------------------- Update Information: New RPM. -------------------------------------------------------------------------------- References: [ 1 ] Bug #979661 - Review Request: perl-Net-Random - A module gets random data from online sources https://bugzilla.redhat.com/show_bug.cgi?id=979661 -------------------------------------------------------------------------------- ================================================================================ perl-Perl6-Slurp-0.051003-2.fc19 (FEDORA-2013-12398) Implemention of the Perl 6 'slurp' built-in -------------------------------------------------------------------------------- Update Information: Here is where you give an explanation of your update. -------------------------------------------------------------------------------- References: [ 1 ] Bug #979653 - Review Request: perl-Perl6-Slurp - Implemention of the Perl 6 'slurp' built-in https://bugzilla.redhat.com/show_bug.cgi?id=979653 -------------------------------------------------------------------------------- ================================================================================ perl-Tie-Function-0.02-1.fc19 (FEDORA-2013-12375) Wrap functions in tied hash sugar -------------------------------------------------------------------------------- Update Information: New RPM. -------------------------------------------------------------------------------- References: [ 1 ] Bug #979667 - Review Request: perl-Tie-Function - Wrap functions in tied hash sugar https://bugzilla.redhat.com/show_bug.cgi?id=979667 -------------------------------------------------------------------------------- ================================================================================ perl-XML-Tiny-2.06-1.fc19 (FEDORA-2013-12401) Simple lightweight parser for a subset of XML -------------------------------------------------------------------------------- Update Information: New RPM. -------------------------------------------------------------------------------- References: [ 1 ] Bug #979657 - Review Request: perl-XML-Tiny - Simple lightweight parser for a subset of XML https://bugzilla.redhat.com/show_bug.cgi?id=979657 -------------------------------------------------------------------------------- ================================================================================ php-channel-swift-1.3-7.fc19 (FEDORA-2013-12386) Adds swift mailer project channel to PEAR -------------------------------------------------------------------------------- Update Information: Update channel definition. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 5 2013 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.3-7 - refresh channel.xml, #981539 -------------------------------------------------------------------------------- References: [ 1 ] Bug #981539 - outdated channel definition https://bugzilla.redhat.com/show_bug.cgi?id=981539 -------------------------------------------------------------------------------- ================================================================================ php-pear-Mail-Mime-1.8.8-1.fc19 (FEDORA-2013-12378) Classes to create MIME messages -------------------------------------------------------------------------------- Update Information: Upstream Changelog: Version 1.8.8 * Fixed warning/notice on (static vs. non-static) PEAR::raiseError() usage [alec] * Fixed Bug #19761: PHP5 warnings about return by reference [alec] * Fixed Bug #19770: Make cid generator more unique on Windows [alec] * Fixed Bug #19987: E_STRICT warning when null is passed by reference [alec] -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 5 2013 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.8.8-1 - Version 1.8.8 (stable) - API 1.4.3 (stable) -------------------------------------------------------------------------------- ================================================================================ php-pear-Net-SMTP-1.6.2-1.fc19 (FEDORA-2013-12395) Provides an implementation of the SMTP protocol -------------------------------------------------------------------------------- Update Information: Upstream changelog: - Fix EHLO response handling for HELO-only servers. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 5 2013 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.6.2-1 - Version 1.6.2 (stable) - API 1.2.0 (stable) -------------------------------------------------------------------------------- ================================================================================ ppp-2.4.5-30.fc19 (FEDORA-2013-12387) The Point-to-Point Protocol daemon -------------------------------------------------------------------------------- Update Information: Fix possible bad memory handling, which would cause crash of pppd. -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 4 2013 Michal Sekletar <msekleta@xxxxxxxxxx> - 2.4.5-30 - fix possible NULL pointer dereferencing -------------------------------------------------------------------------------- References: [ 1 ] Bug #815617 - PATCH: properly deal with crypt() returning NULL https://bugzilla.redhat.com/show_bug.cgi?id=815617 -------------------------------------------------------------------------------- ================================================================================ rpm-4.11.1-1.fc19 (FEDORA-2013-12411) The RPM package management system -------------------------------------------------------------------------------- Update Information: This update brings rpm to the latest stable upstream version, including performance improvements and fixes for numerous bugs: http://rpm.org/wiki/Releases/4.11.1 -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 5 2013 Panu Matilainen <pmatilai@xxxxxxxxxx> - 4.11.1-1 - update to 4.11.1 (http://rpm.org/wiki/Releases/4.11.1) - drop upstreamed patches - fix .gnu_debuglink CRC32 after dwz, buildrequire binutils-devel (#971119) - ensure relocatable packages always get install-prefix(es) set (#979443) -------------------------------------------------------------------------------- References: [ 1 ] Bug #971119 - /usr/lib/debug fails to load without build-id https://bugzilla.redhat.com/show_bug.cgi?id=971119 [ 2 ] Bug #979443 - RPM: scriptlet: RPM_INSTALL_PREFIX not defined by default https://bugzilla.redhat.com/show_bug.cgi?id=979443 [ 3 ] Bug #909618 - rpm: rpmbuild segfaults when rebuilding SRPM https://bugzilla.redhat.com/show_bug.cgi?id=909618 -------------------------------------------------------------------------------- ================================================================================ scratch-1.4.0.7-5.fc19 (FEDORA-2013-12410) Programming language learning environment for stories, games, music and art -------------------------------------------------------------------------------- Update Information: First package of scratch for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #981099 - Scratch announced in Release note but not available in repo https://bugzilla.redhat.com/show_bug.cgi?id=981099 -------------------------------------------------------------------------------- ================================================================================ supermin-4.1.1-2.fc19 (FEDORA-2013-12393) Tool for creating supermin appliances -------------------------------------------------------------------------------- Update Information: Add fix for non-regular %ghost files, required for building libguestfs in Fedora 19. -------------------------------------------------------------------------------- ChangeLog: * Wed Jun 26 2013 Richard W.M. Jones <rjones@xxxxxxxxxx> - 4.1.1-2 - Add upstream patch to ignore ghost non-regular files. - This fixes builds on Fedora 20 because the filesystem package has been changed so /var/lock and /var/run are marked as ghost. -------------------------------------------------------------------------------- ================================================================================ sylpheed-3.4.0-0.5.beta4.fc19 (FEDORA-2013-12437) GTK+ based, lightweight, and fast email client -------------------------------------------------------------------------------- Update Information: This update fixes printing of messages, improves the display of HTML messages and allows to save messages as plain text files. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 5 2013 Christoph Wickert <cwickert@xxxxxxxxxxxxxxxxx> - 3.4.0-0.5.beta4 - Update to 3.4.0beta3 (#968437) - Remove patches for DSO fix and aarch64 support, no longer required -------------------------------------------------------------------------------- References: [ 1 ] Bug #968437 - sylpheed-3.4.0beta4 is available https://bugzilla.redhat.com/show_bug.cgi?id=968437 -------------------------------------------------------------------------------- ================================================================================ tycho-0.18.0-3.fc19 (FEDORA-2013-12376) Plugins and extensions for building Eclipse plugins and OSGI bundles with Maven -------------------------------------------------------------------------------- Update Information: Make it find osgi bundles in _jnidir. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 5 2013 Alexander Kurtakov <akurtako@xxxxxxxxxx> 0.18.0-3 - Use _jnidir too when building local p2 repo. -------------------------------------------------------------------------------- ================================================================================ tzdata-2013c-2.fc19 (FEDORA-2013-12429) Timezone data -------------------------------------------------------------------------------- Update Information: - Morocco will observe Daylight Saving starting on July 7. - The period of Daylight Saving Time in Israel was extended until last Sunday in October -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 4 2013 Petr Machata <pmachata@xxxxxxxxxx> - 2013c-2 - Update descriptions in iso3166.tab; make Jerusalem coordinates in zone.tab more precise (0001-Adjust-commentary-to-try-to-defuse-recent-issues-som.patch) - Update local mean time for Jerusalem to match more-precise longitude (0002-asia-Asia-Jerusalem-Fix-LMT-to-match-more-precise-lo.patch) - Move Morocco's midsummer 2013 transitions (0003-Move-Morocco-s-midsummer-2013-transitions.patch) - Israel now falls back on the last Sunday of October (0004-Israel-now-falls-back-on-the-last-Sunday-of-October.patch) -------------------------------------------------------------------------------- ================================================================================ uim-1.8.6-1.fc19 (FEDORA-2013-12442) A multilingual input method library -------------------------------------------------------------------------------- Update Information: New upstream release -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 5 2013 Akira TAGOH <tagoh@xxxxxxxxxx> - 1.8.6-1 - New upstream release. (#981433) -------------------------------------------------------------------------------- References: [ 1 ] Bug #981433 - uim-1.8.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=981433 -------------------------------------------------------------------------------- ================================================================================ xsane-0.999-3.fc19 (FEDORA-2013-12382) X Window System front-end for the SANE scanner interface -------------------------------------------------------------------------------- Update Information: This update fixes a bug where xsane failed to change working directories and scans ended up in wrong locations. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 5 2013 Nils Philippsen <nils@xxxxxxxxxx> - 0.999-3 - fix no-file-selected patch: change working directories (#621778, fix by Pavel Polischouk) * Thu Jun 27 2013 Nils Philippsen <nils@xxxxxxxxxx> - 0.999-2 - ensure correct autoconf patch is used -------------------------------------------------------------------------------- References: [ 1 ] Bug #621778 - xsane fails to change "working-directory" resulting in scans saved in wrong locations (and other fun with file names) https://bugzilla.redhat.com/show_bug.cgi?id=621778 -------------------------------------------------------------------------------- ================================================================================ zeroinstall-injector-2.3-1.fc19 (FEDORA-2013-12414) The Zero Install Injector (0launch) -------------------------------------------------------------------------------- Update Information: Enhancements: - upstream now ships an experimental OCaml front-end, this is not yet enabled - Add fish-shell command completion - Allow relative files in <archive> and <file> for local feeds. This makes it easy to test feeds before passing them to 0repo. Bug fixes: - Better handling of default="" in <environment> bindings. This now specifies that the default should be "", overriding any system default. - Fixed --refresh with "download" and "run" for apps. - Updated ssl_match_hostname based on latest bug-fixes. This fix is intended to fix a denial-of-service attack, which doesn't really matter to 0install, but we might as well have the latest version. CVE-2013-2099 - Better error when the <rename> source does not exist. - Allow selecting local archives even in offline mode. - Support the use of the system store with recipes. This is especially important now that we treat all downloads as recipes! - Removed old zeroinstall-add.desktop file. Changes for APIs we depend on - Cope with more PyGObject API changes. Based on patch in http://twistedmatrix.com/trac/ticket/6369 - Keep gobject and glib separate. Sometimes we need GLib, sometimes we need GObject. - Updates to avoid PyGIDeprecationWarning. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 5 2013 Michel Salim <salimma@xxxxxxxxxxxxxxxxx> - 2.3-1 - Update to 2.3 * Mon May 6 2013 Michel Salim <salimma@xxxxxxxxxxxxxxxxx> - 2.2-1 - Update to 2.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #958834 - zeroinstall-injector-2.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=958834 [ 2 ] Bug #966273 - CVE-2013-2098 CVE-2013-2099 python: ssl.match_hostname() DoS via certificates with specially crafted hostname wildcard patterns [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=966273 [ 3 ] Bug #966274 - CVE-2013-2098 CVE-2013-2099 python: ssl.match_hostname() DoS via certificates with specially crafted hostname wildcard patterns [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=966274 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test