The following Fedora 17 Security updates need testing: Age URL 379 https://admin.fedoraproject.org/updates/FEDORA-2012-10269/revelation-0.4.14-1.fc17 192 https://admin.fedoraproject.org/updates/FEDORA-2013-0455/fedora-business-cards-1-0.1.beta1.fc17 119 https://admin.fedoraproject.org/updates/FEDORA-2013-4234/stunnel-4.55-1.fc17 114 https://admin.fedoraproject.org/updates/FEDORA-2013-4501/libxslt-1.1.28-1.fc17 111 https://admin.fedoraproject.org/updates/FEDORA-2013-4581/libuser-0.57.6-2.fc17 44 https://admin.fedoraproject.org/updates/FEDORA-2013-10121/subversion-1.7.10-1.fc17 34 https://admin.fedoraproject.org/updates/FEDORA-2013-10940/tomcat6-6.0.37-1.fc17 26 https://admin.fedoraproject.org/updates/FEDORA-2013-11568/curl-7.24.0-10.fc17 9 https://admin.fedoraproject.org/updates/FEDORA-2013-12745/seamonkey-2.19-1.fc17 6 https://admin.fedoraproject.org/updates/FEDORA-2013-12354/php-5.4.17-2.fc17 6 https://admin.fedoraproject.org/updates/FEDORA-2013-12967/openjpa-2.2.0-3.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2013-13018/libzrtpcpp-2.3.4-1.fc17,ortp-0.20.0-5.fc17,twinkle-1.4.2-19.fc17.1 2 https://admin.fedoraproject.org/updates/FEDORA-2013-13180/icu-4.8.1.1-6.fc17 2 https://admin.fedoraproject.org/updates/FEDORA-2013-13202/fdupes-1.51-1.fc17 2 https://admin.fedoraproject.org/updates/FEDORA-2013-13213/python-pip-1.3.1-4.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-13252/moodle-2.2.11-1.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-13231/rubygem-passenger-3.0.21-4.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-13292/libreoffice-3.5.7.2-13.fc17 The following Fedora 17 Critical Path updates have yet to be approved: Age URL 139 https://admin.fedoraproject.org/updates/FEDORA-2013-3304/libvpx-1.2.0-1.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2013-13129/livecd-tools-17.18-1.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2013-13082/selinux-policy-3.10.0-171.fc17 2 https://admin.fedoraproject.org/updates/FEDORA-2013-13149/qtwebkit-2.3.2-1.fc17 The following builds have been pushed to Fedora 17 updates-testing gnome-chemistry-utils-0.14.2-4.fc17 gnumeric-1.12.4-1.fc17 goffice-0.10.4-1.fc17 libreoffice-3.5.7.2-13.fc17 mate-panel-1.6.1-2.fc17 mate-screensaver-1.6.0-2.fc17 moodle-2.2.11-1.fc17 nagios-plugins-openmanage-3.7.10-1.fc17 nmon-14h-4.fc17 resiprocate-1.8.11-1.fc17 rubygem-passenger-3.0.21-4.fc17 Details about builds: ================================================================================ gnome-chemistry-utils-0.14.2-4.fc17 (FEDORA-2013-13294) A set of chemical utilities -------------------------------------------------------------------------------- Update Information: This is an update to the latest upstream releases of gnumeric and goffice: * https://projects.gnome.org/gnumeric/announcements/1.12/gnumeric-1.12.4.shtml -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 17 2013 Julian Sikorski <belegdol@xxxxxxxxxxxxxxxxx> - 0.14.2-4 - Rebuilt for gnumeric-1.12.4 -------------------------------------------------------------------------------- ================================================================================ gnumeric-1.12.4-1.fc17 (FEDORA-2013-13294) Spreadsheet program for GNOME -------------------------------------------------------------------------------- Update Information: This is an update to the latest upstream releases of gnumeric and goffice: * https://projects.gnome.org/gnumeric/announcements/1.12/gnumeric-1.12.4.shtml -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 17 2013 Julian Sikorski <belegdol@xxxxxxxxxxxxxxxxx> - 1:1.12.4-1 - Updated to 1.12.4 -------------------------------------------------------------------------------- ================================================================================ goffice-0.10.4-1.fc17 (FEDORA-2013-13294) G Office support libraries -------------------------------------------------------------------------------- Update Information: This is an update to the latest upstream releases of gnumeric and goffice: * https://projects.gnome.org/gnumeric/announcements/1.12/gnumeric-1.12.4.shtml -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 17 2013 Julian Sikorski <belegdol@xxxxxxxxxxxxxxxxx> - 0.10.4-1 - Updated to 0.10.4 -------------------------------------------------------------------------------- ================================================================================ libreoffice-3.5.7.2-13.fc17 (FEDORA-2013-13292) Free Software Productivity Suite -------------------------------------------------------------------------------- Update Information: Implements the virtual LEFontInstance::getFontTable(LETag, size_t &length) method as per http://site.icu-project.org/download/51#TOC-Known-Issues -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 17 2013 Eike Rathke <erack@xxxxxxxxxx> - 1:3.5.7.2-13 - Related: rhbz#966141 adapt to ICU patch 10107 -------------------------------------------------------------------------------- References: [ 1 ] Bug #966141 - CVE-2013-2419 CVE-2013-2383 CVE-2013-2384 CVE-2013-1569 icu various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=966141 -------------------------------------------------------------------------------- ================================================================================ mate-panel-1.6.1-2.fc17 (FEDORA-2013-13284) MATE Desktop panel applets -------------------------------------------------------------------------------- Update Information: update to new release 1.6.1 -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 19 2013 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.6.1-2 - update panel-default-layout.dist for caja-1.6.2 * Thu Jul 18 2013 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.6.1-1 - update to 1.6.1 - add upstream patch to fix partially - https://github.com/mate-desktop/mate-panel/issues/111 - remove needless BR gsettings-desktop-schemas-devel -------------------------------------------------------------------------------- References: [ 1 ] Bug #952006 - [abrt] mate-panel-1.5.6-1.fc18: g_settings_is_writable: Process /usr/bin/mate-panel was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=952006 [ 2 ] Bug #970957 - [abrt] mate-panel-1.5.6-1.fc18: g_type_check_instance_is_a: Process /usr/bin/mate-panel was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=970957 -------------------------------------------------------------------------------- ================================================================================ mate-screensaver-1.6.0-2.fc17 (FEDORA-2013-13233) MATE Screensaver -------------------------------------------------------------------------------- Update Information: fix idle activation time -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 17 2013 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.6.0-2 - add upstream patch to fix idle activation time - remove unrecognized configure options --with-libgl - clean up runtime requires - add pam and systemd configure flags - remove gsettings convert file -------------------------------------------------------------------------------- References: [ 1 ] Bug #985068 - MATE power management does not work as Gnome3's. https://bugzilla.redhat.com/show_bug.cgi?id=985068 -------------------------------------------------------------------------------- ================================================================================ moodle-2.2.11-1.fc17 (FEDORA-2013-13252) A Course Management System -------------------------------------------------------------------------------- Update Information: Latest upstream release for this branch. Correct unbundling of php-pear-HTML-Quickform. Fix for: MSA-13-0025: XSS vulnerability in YUI library MSA-13-0026: Personal information leak in IMS-LTI CVE-2013-2242 MSA-13-0027: Access issue in Chat module CVE-2013-2243 MSA-13-0028: Answer information revealed in Lesson activity CVE-2013-2244 MSA-13-0029: XSS risk in conditional activities CVE-2013-2245 MSA-13-0030: Information leak through RSS CVE-2013-2246 MSA-13-0031: Personal information leak in Feedback activity -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 18 2013 Jon Ciesla <limburgher@xxxxxxxxx> - 2.2.11-1 - Latest upstream, patch for multiple CVEs. - Fix Quickform. -------------------------------------------------------------------------------- References: [ 1 ] Bug #947252 - Moodle does not work because PHP error: Cannot redeclare class dml_exception https://bugzilla.redhat.com/show_bug.cgi?id=947252 [ 2 ] Bug #985652 - moodle: CVE-2013-2242 CVE-2013-2243 CVE-2013-2244 CVE-2013-2245 CVE-2013-2246 moodle: upstream 2.5.1, 2.4.5, 2.3.8, 2.2.11 security fixes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=985652 -------------------------------------------------------------------------------- ================================================================================ nagios-plugins-openmanage-3.7.10-1.fc17 (FEDORA-2013-13302) Nagios plugin to monitor hardware health on Dell servers -------------------------------------------------------------------------------- Update Information: Update to release 3.7.10, which fixes documentation URLs in the HTML output to reflect the new layout on Dell's website, adds a new option "--vdisk-critical" to make all alerts for virtual disks appear as critical, and fixes a bug with the option "--only servicetag" -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 19 2013 Trond Hasle Amundsen <t.h.amundsen@xxxxxxxxxxx> - 3.7.10-1 - Upstream release 3.7.10 -------------------------------------------------------------------------------- ================================================================================ nmon-14h-4.fc17 (FEDORA-2013-13279) Nigel's performance Monitor for Linux -------------------------------------------------------------------------------- Update Information: Small bugfix. -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 18 2013 Palle Ravn <ravnzon@xxxxxxxxx> 14h-4 - Update to version 14h -------------------------------------------------------------------------------- References: [ 1 ] Bug #981392 - nmon-14h is available https://bugzilla.redhat.com/show_bug.cgi?id=981392 -------------------------------------------------------------------------------- ================================================================================ resiprocate-1.8.11-1.fc17 (FEDORA-2013-13307) SIP and TURN stacks, with SIP proxy and TURN server implementations -------------------------------------------------------------------------------- Update Information: Fix various issues, including an annoying startup bug when CommandPort and IPv6 are both enabled -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- ================================================================================ rubygem-passenger-3.0.21-4.fc17 (FEDORA-2013-13231) Passenger Ruby web application server -------------------------------------------------------------------------------- Update Information: Fix for CVE-2013-4136 (#985634) -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 18 2013 Troy Dawson <tdawson@xxxxxxxxxx> - 3.0.21-4 - Fix for CVE-2013-4136 (#985634) * Fri Jun 21 2013 Troy Dawson <tdawson@xxxxxxxxxx> - 3.0.21-3 - Putting the agents back to where they originally were * Fri Jun 21 2013 Troy Dawson <tdawson@xxxxxxxxxx> - 3.0.21-2 - Remove Rakefile (only used for building) (#976843) -------------------------------------------------------------------------------- References: [ 1 ] Bug #985633 - CVE-2013-4136 rubygem-passenger: insecure temporary directory usage due to reuse of existing server instance directories https://bugzilla.redhat.com/show_bug.cgi?id=985633 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
