Fedora 17 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 17 Security updates need testing:
 Age  URL
 377  https://admin.fedoraproject.org/updates/FEDORA-2012-10269/revelation-0.4.14-1.fc17
 189  https://admin.fedoraproject.org/updates/FEDORA-2013-0455/fedora-business-cards-1-0.1.beta1.fc17
 117  https://admin.fedoraproject.org/updates/FEDORA-2013-4234/stunnel-4.55-1.fc17
 112  https://admin.fedoraproject.org/updates/FEDORA-2013-4501/libxslt-1.1.28-1.fc17
 109  https://admin.fedoraproject.org/updates/FEDORA-2013-4581/libuser-0.57.6-2.fc17
  42  https://admin.fedoraproject.org/updates/FEDORA-2013-10121/subversion-1.7.10-1.fc17
  32  https://admin.fedoraproject.org/updates/FEDORA-2013-10940/tomcat6-6.0.37-1.fc17
  24  https://admin.fedoraproject.org/updates/FEDORA-2013-11568/curl-7.24.0-10.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-12745/seamonkey-2.19-1.fc17
   4  https://admin.fedoraproject.org/updates/FEDORA-2013-12354/php-5.4.17-2.fc17
   4  https://admin.fedoraproject.org/updates/FEDORA-2013-12967/openjpa-2.2.0-3.fc17
   2  https://admin.fedoraproject.org/updates/FEDORA-2013-13018/libzrtpcpp-2.3.4-1.fc17,ortp-0.20.0-5.fc17,twinkle-1.4.2-19.fc17.1
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-13180/icu-4.8.1.1-6.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-13202/fdupes-1.51-1.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-13213/python-pip-1.3.1-4.fc17


The following Fedora 17 Critical Path updates have yet to be approved:
 Age URL
 137  https://admin.fedoraproject.org/updates/FEDORA-2013-3304/libvpx-1.2.0-1.fc17
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-13129/livecd-tools-17.18-1.fc17
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-13082/selinux-policy-3.10.0-171.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-13149/qtwebkit-2.3.2-1.fc17


The following builds have been pushed to Fedora 17 updates-testing

    fdupes-1.51-1.fc17
    icu-4.8.1.1-6.fc17
    java-dirq-1.4-1.fc17
    libstoragemgmt-0.0.21-1.fc17
    python-pip-1.3.1-4.fc17
    qtwebkit-2.3.2-1.fc17

Details about builds:


================================================================================
 fdupes-1.51-1.fc17 (FEDORA-2013-13202)
 Finds duplicate files in a given set of directories
--------------------------------------------------------------------------------
Update Information:

Upstream
* Added support for 64-bit file offsets on 32-bit systems.
* Using tty for interactive input instead of regular stdin. This is to allow  feeding filenames via stdin in future versions of fdupes without breaking interactive deletion feature.
* Fixed some typos in --help.
* Turned C++ style comments into C style comments.
* Update to latest upstream release.
Package
* Added patch to fix security bugs BZ#865591 & 865592.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jul 16 2013 Richard Shaw <hobbes1069@xxxxxxxxx> - 1.51-1
- Update to latest upstream release.
- Fixes security bugs BZ#865591 & 865592.
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.50-0.7.PR2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.50-0.6.PR2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #865591 - fdupes: possible file linking of files with different owner/group/permissions
        https://bugzilla.redhat.com/show_bug.cgi?id=865591
--------------------------------------------------------------------------------


================================================================================
 icu-4.8.1.1-6.fc17 (FEDORA-2013-13180)
 International Components for Unicode
--------------------------------------------------------------------------------
Update Information:

Resolves various flaws in Layout Engine font processing.
Supports aarch64 as 64-bit platform in icu-config.sh wrapper.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jul 17 2013 Eike Rathke <erack@xxxxxxxxxx> - 4.8.1.1-6
- Resolves: rhbz#966141 various flaws in Layout Engine font processing
- Resolves: rhbz#966077 aarch64 support for icu-config.sh wrapper
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #952656 - CVE-2013-2419 ICU: Layout Engine font processing errors (JDK 2D, 8001031)
        https://bugzilla.redhat.com/show_bug.cgi?id=952656
  [ 2 ] Bug #952708 - CVE-2013-2383 ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004986)
        https://bugzilla.redhat.com/show_bug.cgi?id=952708
  [ 3 ] Bug #952709 - CVE-2013-2384 ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004987)
        https://bugzilla.redhat.com/show_bug.cgi?id=952709
  [ 4 ] Bug #952711 - CVE-2013-1569 ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004994)
        https://bugzilla.redhat.com/show_bug.cgi?id=952711
--------------------------------------------------------------------------------


================================================================================
 java-dirq-1.4-1.fc17 (FEDORA-2013-13219)
 Directory based queue
--------------------------------------------------------------------------------
Update Information:

Update to upstream version.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jul 16 2013 Massimo Paladin <massimo.paladin@xxxxxxxxx> - 1.4-1
- Updating to latest version.
--------------------------------------------------------------------------------


================================================================================
 libstoragemgmt-0.0.21-1.fc17 (FEDORA-2013-13153)
 Storage array management library
--------------------------------------------------------------------------------
Update Information:

New upstream release.
New upstream release.
Upstream update.
Upstream update.
New upstream release.
Upstream update.
Upstream update.
New upstream release.
Upstream update.
Upstream update.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jul 16 2013 Tony Asleson <tasleson@xxxxxxxxxx> 0.0.21-1
- New upstream release
- Put plug-ins in separate sub packages
- Don't include IBM plug-in on RHEL > 6, missing paramiko
* Tue May 28 2013 Tony Asleson <tasleson@xxxxxxxxxx> - 0.0.20-1
- New upstream release
- Separate package for python libraries
- Make timestamps match on version.py in library
- Add python-paramiko requirement for IBM plug-in
* Mon Apr 22 2013 Tony Asleson <tasleson@xxxxxxxxxx> - 0.0.19-1
- New upstream release
--------------------------------------------------------------------------------


================================================================================
 python-pip-1.3.1-4.fc17 (FEDORA-2013-13213)
 A tool for installing and managing Python packages
--------------------------------------------------------------------------------
Update Information:

Fix potential DOS with specially crafted malicious SSL certs.
Backing out rename of pip binary to fix #958377 and updating package summary to match upstream's description.
Backing out rename of pip binary to fix #958377 and updating package summary to match upstream's description.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jul 16 2013 Toshio Kuratomi <toshio@xxxxxxxxxxxxxxxxx> - 1.3.1-4
- Fix for CVE 2013-2099
* Thu May 23 2013 Tim Flink <tflink@xxxxxxxxxxxxxxxxx> - 1.3.1-3
- undo python2 executable rename to python-pip. fixes #958377
- fix summary to match upstream
* Mon May  6 2013 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> - 1.3.1-2
- Fix main package Summary, it's for Python 2, not 3 (#877401)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #963260 - CVE-2013-2098 CVE-2013-2099 python: ssl.match_hostname() DoS via certificates with specially crafted hostname wildcard patterns
        https://bugzilla.redhat.com/show_bug.cgi?id=963260
--------------------------------------------------------------------------------


================================================================================
 qtwebkit-2.3.2-1.fc17 (FEDORA-2013-13149)
 Qt WebKit bindings
--------------------------------------------------------------------------------
Update Information:

New upstream bugfix release, see also http://blogs.kde.org/2013/07/17/qtwebkit-232-and-qtwebkit-qt-51
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jul 11 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.3.2-1
- qtwebkit-2.3.2
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test





[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux