The following Fedora 19 Security updates need testing: Age URL 101 https://admin.fedoraproject.org/updates/FEDORA-2013-5801/mantis-1.2.15-1.fc19 56 https://admin.fedoraproject.org/updates/FEDORA-2013-9715/heat-jeos-9-1.fc19 8 https://admin.fedoraproject.org/updates/FEDORA-2013-13143/owncloud-4.5.13-1.fc19 8 https://admin.fedoraproject.org/updates/FEDORA-2013-13176/fdupes-1.51-1.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2013-13244/novnc-0.4-7.fc19,openstack-nova-2013.1.2-4.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2013-13258/xlockmore-5.43-1.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2013-13297/rubygem-passenger-3.0.21-4.fc19 4 https://admin.fedoraproject.org/updates/FEDORA-2013-13332/ghc-xmonad-contrib-0.11.2-1.fc19,ghc-X11-1.6.1.1-1.fc19,xmonad-0.11-4.fc19,ghc-X11-xft-0.3.1-10.fc19,bluetile-0.6-18.fc19,xmobar-0.18-1.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2013-13484/WebCalendar-1.2.7-1.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2013-13523/openttd-1.3.2-0.2.RC1.fc19,pyicu-1.5-2.fc19,fontmatrix-0.9.99-12.r1218.fc19,libreoffice-4.1.0.3-2.fc19,icu-50.1.2-7.fc19 1 https://admin.fedoraproject.org/updates/FEDORA-2013-13468/squid-3.2.13-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2013-13617/perl-Proc-ProcessTable-0.48-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2013-13620/gksu-polkit-0.0.3-8.gitf8ce834c.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2013-13678/libgcrypt-1.5.3-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2013-13696/subversion-1.7.11-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2013-13698/python-keystoneclient-0.2.3-5.fc19 The following builds have been pushed to Fedora 19 updates-testing NetworkManager-openvpn-0.9.8.2-3.fc19 NetworkManager-pptp-0.9.8.2-3.fc19 NetworkManager-vpnc-0.9.8.2-2.fc19 SDL-1.2.15-10.fc19 dogtag-pki-10.0.4-1.fc19 dogtag-pki-theme-10.0.4-1.fc19 gnome-themes-standard-3.8.3-1.fc19 groonga-3.0.6-1.fc19 guacamole-client-0.8.2-2.fc19 guacamole-server-0.8.2-1.fc19 gweled-0.9.1-7.20130725bzr91.fc19 hivex-1.3.8-1.fc19 ibus-1.5.3-1.fc19 ike-2.2.1-2.fc19 irqbalance-1.0.5-4.fc19 jackson-annotations-2.2.2-2.fc19 jackson-core-2.2.2-2.fc19 lfcbase-1.5.6-1.fc19 libgcrypt-1.5.3-1.fc19 libhbalinux-1.0.16-2.fc19 libhtp-0.5.6-1.fc19 libssh-0.5.5-1.fc19 libuv-0.10.13-1.fc19 lvm2-2.02.98-10.fc19 man-pages-de-0.5-10.fc19 mate-system-monitor-1.6.0-2.fc19 nodejs-0.10.14-1.fc19 openlmi-providers-0.0.25-3.fc19 ovirt-node-3.0.0-5.0.fc19 pki-console-10.0.4-1.fc19 pki-core-10.0.4-1.fc19 pki-ra-10.0.4-1.fc19 pki-tps-10.0.4-1.fc19 python-cffi-0.6-3.fc19 python-keystoneclient-0.2.3-5.fc19 python-pyphen-0.7-3.fc19 satyr-0.5-2.fc19 sblim-cmpi-syslog-0.9.0-1.fc19 sphinx-2.0.8-2.fc19 subversion-1.7.11-1.fc19 systemtap-2.3-1.fc19 unhide-1.0-10.fc19.20121229 wesnoth-1.10.6-4.fc19 Details about builds: ================================================================================ NetworkManager-openvpn-0.9.8.2-3.fc19 (FEDORA-2013-13722) NetworkManager VPN plugin for OpenVPN -------------------------------------------------------------------------------- Update Information: This update fixes installing NetworkManager-openvpn-gnome package on update. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 26 2013 Jiří Klimeš <jklimes@xxxxxxxxxx> - 1:0.9.8.2-3 - Fixing Obsoletes to ensure NetworkManager-openvpn-gnome installs on update (rh #988131) -------------------------------------------------------------------------------- References: [ 1 ] Bug #988131 - The file libnm-openvpn-properties.so is missing on rpm package. https://bugzilla.redhat.com/show_bug.cgi?id=988131 -------------------------------------------------------------------------------- ================================================================================ NetworkManager-pptp-0.9.8.2-3.fc19 (FEDORA-2013-13713) NetworkManager VPN plugin for PPTP -------------------------------------------------------------------------------- Update Information: This update fixes installing NetworkManager-pptp-gnome package on update. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 26 2013 Jiří Klimeš <jklimes@xxxxxxxxxx> - 1:0.9.8.2-3 - Fixing Obsoletes to ensure NetworkManager-pptp-gnome installs on update (rh #986368) -------------------------------------------------------------------------------- References: [ 1 ] Bug #986368 - nm-applet vpn pptp configuration is not visible https://bugzilla.redhat.com/show_bug.cgi?id=986368 -------------------------------------------------------------------------------- ================================================================================ NetworkManager-vpnc-0.9.8.2-2.fc19 (FEDORA-2013-13705) NetworkManager VPN plugin for vpnc -------------------------------------------------------------------------------- Update Information: This update fixes installing NetworkManager-vpnc-gnome package on update. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 26 2013 Jiří Klimeš <jklimes@xxxxxxxxxx> - 1:0.9.8.2-2 - Fixing Obsoletes to ensure NetworkManager-vpnc-gnome installs on update (rh #983632) -------------------------------------------------------------------------------- References: [ 1 ] Bug #983632 - nm-applet VPN config is gone https://bugzilla.redhat.com/show_bug.cgi?id=983632 -------------------------------------------------------------------------------- ================================================================================ SDL-1.2.15-10.fc19 (FEDORA-2013-13669) A cross-platform multimedia library -------------------------------------------------------------------------------- Update Information: This release adds support for aRts, EsounD, and NAS audio outputs. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 26 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 1.2.15-10 - Add esound and arts support (bug #851349) - Add NAS support -------------------------------------------------------------------------------- References: [ 1 ] Bug #851349 - arts and esound BRs https://bugzilla.redhat.com/show_bug.cgi?id=851349 -------------------------------------------------------------------------------- ================================================================================ dogtag-pki-10.0.4-1.fc19 (FEDORA-2013-13716) Dogtag Public Key Infrastructure (PKI) Suite -------------------------------------------------------------------------------- Update Information: Trac Ticket 694 - create 10.0.4-1 builds -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-1 - Change release number for official release * Wed Jun 26 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-0.1 - Roll release to next version -------------------------------------------------------------------------------- ================================================================================ dogtag-pki-theme-10.0.4-1.fc19 (FEDORA-2013-13676) Certificate System - Dogtag PKI Theme Components -------------------------------------------------------------------------------- Update Information: Trac Ticket 694 - create 10.0.4-1 builds -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-1 - Change release number for official release * Wed Jun 26 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-0.1 - Roll release to next version -------------------------------------------------------------------------------- ================================================================================ gnome-themes-standard-3.8.3-1.fc19 (FEDORA-2013-13477) Standard themes for GNOME applications -------------------------------------------------------------------------------- Update Information: This update adds a few missing high-contrast icons for applications. -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 Matthias Clasen <mclasen@xxxxxxxxxx> - 3.8.3-1 - Update to 3.8.3 * Mon Jul 22 2013 Matthias Clasen <mclasen@xxxxxxxxxx> - 3.8.2-1 - Update to 3.8.2 -------------------------------------------------------------------------------- ================================================================================ groonga-3.0.6-1.fc19 (FEDORA-2013-13691) An Embeddable Fulltext Search Engine -------------------------------------------------------------------------------- Update Information: Update to 3.0.6 -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 29 2013 HAYASHI Kentaro <hayashi@xxxxxxxxxxxxxx> - 3.0.6-1 - new upstream release. -------------------------------------------------------------------------------- ================================================================================ guacamole-client-0.8.2-2.fc19 (FEDORA-2013-13687) Server-side Java components that form the Guacamole application -------------------------------------------------------------------------------- Update Information: Updated Guacamole with printing support on RDP plugin and VNC repeater support. -------------------------------------------------------------------------------- References: [ 1 ] Bug #985814 - Review Request: guacamole-client - Server-side Java components that form the Guacamole application https://bugzilla.redhat.com/show_bug.cgi?id=985814 [ 2 ] Bug #985818 - Review Request: guacamole-server - Server-side native components that form the Guacamole proxy https://bugzilla.redhat.com/show_bug.cgi?id=985818 -------------------------------------------------------------------------------- ================================================================================ guacamole-server-0.8.2-1.fc19 (FEDORA-2013-13687) Server-side native components that form the Guacamole proxy -------------------------------------------------------------------------------- Update Information: Updated Guacamole with printing support on RDP plugin and VNC repeater support. -------------------------------------------------------------------------------- References: [ 1 ] Bug #985814 - Review Request: guacamole-client - Server-side Java components that form the Guacamole application https://bugzilla.redhat.com/show_bug.cgi?id=985814 [ 2 ] Bug #985818 - Review Request: guacamole-server - Server-side native components that form the Guacamole proxy https://bugzilla.redhat.com/show_bug.cgi?id=985818 -------------------------------------------------------------------------------- ================================================================================ gweled-0.9.1-7.20130725bzr91.fc19 (FEDORA-2013-13664) Swapping gem game -------------------------------------------------------------------------------- Update Information: Update to bzr checkout to correct sound issue. -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 Jon Ciesla <limburgher@xxxxxxxxx> - 0.9.1-7.20130725bzr91 - Fix dates. - Update to bzr checkout to correct sound issue. -------------------------------------------------------------------------------- ================================================================================ hivex-1.3.8-1.fc19 (FEDORA-2013-13727) Read and write Windows Registry binary hive files -------------------------------------------------------------------------------- Update Information: Contains a fix for keys that use li-records for subkeys. -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 Richard W.M. Jones <rjones@xxxxxxxxxx> - 1.3.8-1 - New upstream version 1.3.8. - Fixes handling of keys which use ri-records, for both reading and writing (RHBZ#717583, RHBZ#987463). - Remove upstream patch. - Rebase dirs patch against new upstream sources. - Rebase ruby patch against new upstream sources. - Modernize the RPM spec file. - Fix .gitignore. * Wed Jul 17 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 1.3.7-8 - Perl 5.18 rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #717583 - hivex fails to parse W2K3 x64 hive, returning ENOTSUP because ri-record offset does not point to lf/lh https://bugzilla.redhat.com/show_bug.cgi?id=717583 [ 2 ] Bug #987463 - Cannot add a child to a node that uses ri-records (hivex_node_add_child: Assertion `old_offs != 0' failed.) https://bugzilla.redhat.com/show_bug.cgi?id=987463 -------------------------------------------------------------------------------- ================================================================================ ibus-1.5.3-1.fc19 (FEDORA-2013-13720) Intelligent Input Bus for Linux OS -------------------------------------------------------------------------------- Update Information: This update adds Norwegian keyboard layout and also creates the system cache of /var/cache/ibus/bus/registry with ibus command during the post install. % ibus read-cache --help -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- ================================================================================ ike-2.2.1-2.fc19 (FEDORA-2013-13670) Shrew Soft VPN Client For Linux -------------------------------------------------------------------------------- Update Information: fix broken logrotate -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 26 2013 maci <maci@xxxxxxxxxx> - 2.2.1-2 - fix #974283 - Bad logrotate config file * Wed Jun 5 2013 Marcel Wysocki <maci@xxxxxxxxxx> - 2.2.1-1 - update to 2.2.1 - use systemd macros (fedora 18+) - remove obsolete patch - spec cleanups -------------------------------------------------------------------------------- References: [ 1 ] Bug #974283 - Bad logrotate config file https://bugzilla.redhat.com/show_bug.cgi?id=974283 -------------------------------------------------------------------------------- ================================================================================ irqbalance-1.0.5-4.fc19 (FEDORA-2013-13730) IRQ balancing daemon -------------------------------------------------------------------------------- Update Information: irqbalance was built in hardened mode to enhance its security Block irqbalance from running in virt environments -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 26 2013 Petr Holasek <pholasek@xxxxxxxxxx> - 2:1.0.5-3 - Hardened build -------------------------------------------------------------------------------- References: [ 1 ] Bug #983612 - no hardended build https://bugzilla.redhat.com/show_bug.cgi?id=983612 [ 2 ] Bug #975474 - add ConditionVirtualization to service file https://bugzilla.redhat.com/show_bug.cgi?id=975474 -------------------------------------------------------------------------------- ================================================================================ jackson-annotations-2.2.2-2.fc19 (FEDORA-2013-13690) Core annotations for Jackson data processor -------------------------------------------------------------------------------- Update Information: Initial import (#986165). -------------------------------------------------------------------------------- References: [ 1 ] Bug #986165 - Review Request: jackson-annotations - Core annotations for Jackson data processor https://bugzilla.redhat.com/show_bug.cgi?id=986165 -------------------------------------------------------------------------------- ================================================================================ jackson-core-2.2.2-2.fc19 (FEDORA-2013-13699) Core part of Jackson -------------------------------------------------------------------------------- Update Information: Initial import (#986170). -------------------------------------------------------------------------------- References: [ 1 ] Bug #986170 - Review Request: jackson-core - Core part of Jackson https://bugzilla.redhat.com/show_bug.cgi?id=986170 -------------------------------------------------------------------------------- ================================================================================ lfcbase-1.5.6-1.fc19 (FEDORA-2013-13677) Lemke Foundation Classes -------------------------------------------------------------------------------- Update Information: New version. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 26 2013 Christopher Meng <rpm@xxxxxxxx> - 1.5.6-1 - New release. -------------------------------------------------------------------------------- ================================================================================ libgcrypt-1.5.3-1.fc19 (FEDORA-2013-13678) A general-purpose cryptography library -------------------------------------------------------------------------------- Update Information: Minor update from upstream fixing a moderate impact security issue. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 26 2013 Tomáš Mráz <tmraz@xxxxxxxxxx> 1.5.3-1 - new upstream version fixing cache side-channel attack on RSA private keys * Thu Jun 20 2013 Tomáš Mráz <tmraz@xxxxxxxxxx> 1.5.2-3 - silence false error detected by valgrind (#968288) * Thu Apr 25 2013 Tomáš Mráz <tmraz@xxxxxxxxxx> 1.5.2-2 - silence strict aliasing warning in Rijndael - apply UsrMove - spec file cleanups -------------------------------------------------------------------------------- References: [ 1 ] Bug #988589 - GnuPG susceptible to Yarom/Falkner flush+reload cache side-channel attack https://bugzilla.redhat.com/show_bug.cgi?id=988589 -------------------------------------------------------------------------------- ================================================================================ libhbalinux-1.0.16-2.fc19 (FEDORA-2013-13689) FC-HBAAPI implementation using scsi_transport_fc interfaces -------------------------------------------------------------------------------- Update Information: Fix an old bogus date in the changelog. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 26 2013 Petr Šabata <contyk@xxxxxxxxxx> - 1.0.16-2 - Fix a bogus date in changelog * Tue Jun 4 2013 Petr Šabata <contyk@xxxxxxxxxx> - 1.0.16-1 - 1.0.16 bump -------------------------------------------------------------------------------- ================================================================================ libhtp-0.5.6-1.fc19 (FEDORA-2013-13710) Security-aware parser for the HTTP protocol and the related bits and pieces -------------------------------------------------------------------------------- Update Information: This is the latest tagged version from upstream. See [the changelog](https://github.com/ironbee/libhtp/blob/0.5.6/ChangeLog) for the list of changes. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 26 2013 Mathieu Bridon <bochecha@xxxxxxxxxxxxxxxxx> - 0.5.6-1 - New upstream release: 0.5.6. -------------------------------------------------------------------------------- ================================================================================ libssh-0.5.5-1.fc19 (FEDORA-2013-13673) A library implementing the SSH2 protocol (0xbadc0de version) -------------------------------------------------------------------------------- Update Information: Update to libssh 0.5.5 Add EPEL 5 support and enable Doxygen documentation. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 26 2013 - Andreas Schneider <asn@xxxxxxxxxx> - 0.5.5-1 - Update to 0.5.5. - Clenup the spec file. * Thu Jul 18 2013 Simone Caronni <negativo17@xxxxxxxxx> - 0.5.4-5 - Add EPEL 5 support. - Add Debian patches to enable Doxygen documentation. -------------------------------------------------------------------------------- ================================================================================ libuv-0.10.13-1.fc19 (FEDORA-2013-13679) Platform layer for node.js -------------------------------------------------------------------------------- Update Information: 2013.07.25, Version 0.10.14 (Stable) * os: Don't report negative times in cpu info (Ben Noordhuis) * fs: Handle large UID and GID (Ben Noordhuis) * url: Fix edge-case when protocol is non-lowercase (Shuan Wang) * doc: Streams API Doc Rewrite (isaacs) * node: call MakeDomainCallback in all domain cases (Trevor Norris) * crypto: fix memory leak in LoadPKCS12 (Fedor Indutny) * libuv: unix, windows: fix uv_fs_chown() function prototype (Ben Noordhuis) -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 T.C. Hollingsworth <tchollingsworth@xxxxxxxxx> - 1:0.10.13-1 - new upstream release 0.10.13 https://github.com/joyent/libuv/blob/v0.10.13/ChangeLog -------------------------------------------------------------------------------- ================================================================================ lvm2-2.02.98-10.fc19 (FEDORA-2013-13665) Userland logical volume management tools -------------------------------------------------------------------------------- Update Information: This update fixes a bug which caused the 'devices/global_filter' lvm.conf setting to be ignored on 'pvscan --cache <device>' call that is responsible for updating the LVM metadata daemon (lvmetad). When lvmetad is used (global/use_lvmetad=1), the 'pvscan --cache <device>' is called automatically for each relevant udev event and as a consequence this bug caused the lvmetad to keep information about devices that should have been filtered. Such information was provided to LVM commands then, hence bypassing the global_filter. The update also fixes a segfault on incorrectly specified global_filter. This update also changes severity of messages coming from lvm2-activation-generator systemd generator that is responsible for activating the LVM volumes if lvmetad is not used. Now, LOG_ERR syslog severity is issued only if an error occurs, but only LOG_DEBUG if it's an informative/debug message (e.g. "LVM: Activation generator successfully completed."). -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 26 2013 Peter Rajnoha <prajnoha@xxxxxxxxxx> - 2.02.98-10 - Respect lvmetad global filter in pvscan --cache with a device. - Fix segfault if devices/global_filter is not specified correctly. - Use LOG_DEBUG/ERR msg severity instead default for lvm2-activation-generator. - Do not include /lib/udev and /lib/udev/rules.d in device-mapper package. - Fix some incorrect changelog dates. -------------------------------------------------------------------------------- References: [ 1 ] Bug #986534 - LVM: Logical Volume autoactivation/generator messages in dmesg https://bugzilla.redhat.com/show_bug.cgi?id=986534 [ 2 ] Bug #986954 - LVM2 commands in F19 started to report "No device found for PV ..." if global_filter is used https://bugzilla.redhat.com/show_bug.cgi?id=986954 -------------------------------------------------------------------------------- ================================================================================ man-pages-de-0.5-10.fc19 (FEDORA-2013-13711) German man pages from the Linux Documentation Project -------------------------------------------------------------------------------- Update Information: Fix directory ownership. -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 Adel Gadllah <adel.gadllah@xxxxxxxxx> - 0.5-10 - Really fix directory ownership * Thu Jul 25 2013 Adel Gadllah <adel.gadllah@xxxxxxxxx> - 0.5-9 - Fix directory ownership -------------------------------------------------------------------------------- References: [ 1 ] Bug #569392 - Wrong directory ownership https://bugzilla.redhat.com/show_bug.cgi?id=569392 -------------------------------------------------------------------------------- ================================================================================ mate-system-monitor-1.6.0-2.fc19 (FEDORA-2013-13694) Process and resource monitor -------------------------------------------------------------------------------- Update Information: - add upstream patch to fix rhbz (#888696) - add upstream patch to add manpages -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 26 2013 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.6.0-2 - add upstream patch to fix rhbz (#888696) - add upstream patch to add manpages - clean up BRs - use hardlink to save space by linking identical images in translated docs - remove --with-gnome find language flag - remove needless gsettings convert file -------------------------------------------------------------------------------- ================================================================================ nodejs-0.10.14-1.fc19 (FEDORA-2013-13679) JavaScript runtime -------------------------------------------------------------------------------- Update Information: 2013.07.25, Version 0.10.14 (Stable) * os: Don't report negative times in cpu info (Ben Noordhuis) * fs: Handle large UID and GID (Ben Noordhuis) * url: Fix edge-case when protocol is non-lowercase (Shuan Wang) * doc: Streams API Doc Rewrite (isaacs) * node: call MakeDomainCallback in all domain cases (Trevor Norris) * crypto: fix memory leak in LoadPKCS12 (Fedor Indutny) * libuv: unix, windows: fix uv_fs_chown() function prototype (Ben Noordhuis) -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 T.C. Hollingsworth <tchollingsworth@xxxxxxxxx> - 0.10.14-1 - new upstream release 0.10.14 http://blog.nodejs.org/2013/07/25/node-v0-10-14-stable/ -------------------------------------------------------------------------------- ================================================================================ openlmi-providers-0.0.25-3.fc19 (FEDORA-2013-13702) Set of basic CIM providers -------------------------------------------------------------------------------- Update Information: Rebuild for konkretcmpi-0.9.1 Again add registration of 05_LMI_Qualifiers.mof -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 15 2013 Jan Synáček <jsynacek@xxxxxxxxxx> - 0.0.25-3 - Rebuild against new konkretcmpi - Really fix the compilation against new konkretcmpi * Fri Jun 28 2013 Roman Rakus <rrakus@xxxxxxxxxx> - 0.0.25-2 - Againg add registration of 05_LMI_Qualifiers.mof -------------------------------------------------------------------------------- References: [ 1 ] Bug #973233 - sfcbd process SEGV on openlmi lmiusers request https://bugzilla.redhat.com/show_bug.cgi?id=973233 -------------------------------------------------------------------------------- ================================================================================ ovirt-node-3.0.0-5.0.fc19 (FEDORA-2013-13726) The oVirt Node daemons/scripts -------------------------------------------------------------------------------- Update Information: Update to latest upstream -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 Mike Burns <mburns@xxxxxxxxxx> 3.0.0-5.0 - rebase to 3.0.0 upstream * Thu Feb 28 2013 Fabian Deutsch <fabiand@xxxxxxxxxxxxxxxxx> - 2.6.1-1 - Update to upstream 2.6.1 release - Drop anyterm, krb5-workstation dependencies -------------------------------------------------------------------------------- ================================================================================ pki-console-10.0.4-1.fc19 (FEDORA-2013-13682) Certificate System - PKI Console -------------------------------------------------------------------------------- Update Information: Trac Ticket 694 - create 10.0.4-1 builds -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-1 - Change release number for official release * Wed Jun 26 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-0.1 - Roll release to next version -------------------------------------------------------------------------------- ================================================================================ pki-core-10.0.4-1.fc19 (FEDORA-2013-13703) Certificate System - PKI Core Components -------------------------------------------------------------------------------- Update Information: Trac Ticket 694 - create 10.0.4-1 builds -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-1 - Change release number for official release * Wed Jul 24 2013 Matthew Harmsen <mharmsen@xxxxxxxxxx> 10.0.4-0.4 - Bugzilla Bug #986506 - Need to determine RPM packages to be excluded from compose . . . (exclude pki-kra, pki-ocsp, and pki-tks from rhel 7) * Wed Jul 17 2013 Endi S. Dewata <edewata@xxxxxxxxxx> 10.0.4-0.3 - Added man pages for upgrade tools. - Cleaned up the code to install man pages. * Tue Jul 9 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-0.2 - Bugzilla Bug 973224 - resteasy-base must be split into subpackages to simplify dependencies * Wed Jun 26 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-0.1 - Roll release to next version -------------------------------------------------------------------------------- ================================================================================ pki-ra-10.0.4-1.fc19 (FEDORA-2013-13723) Certificate System - Registration Authority -------------------------------------------------------------------------------- Update Information: Trac Ticket 694 - create 10.0.4-1 builds -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-1 - Change release number for official release * Thu Jul 11 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-0.2 - Add systemd build requirement to fix build failures in f19 * Wed Jun 26 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-0.1 - Roll release to next version -------------------------------------------------------------------------------- ================================================================================ pki-tps-10.0.4-1.fc19 (FEDORA-2013-13686) Certificate System - Token Processing System -------------------------------------------------------------------------------- Update Information: Trac Ticket 694 - create 10.0.4-1 builds -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-1 - Change release number for official release * Thu Jul 11 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-0.2 - Add systemd build requirement to fix build failures in f19 * Wed Jun 26 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-0.1 - Roll release to next version -------------------------------------------------------------------------------- ================================================================================ python-cffi-0.6-3.fc19 (FEDORA-2013-13681) Foreign Function Interface for Python to call C code -------------------------------------------------------------------------------- Update Information: Foreign Function Interface for Python to call C code -------------------------------------------------------------------------------- References: [ 1 ] Bug #986712 - Review Request: python-cffi - Foreign Function Interface for Python to call C code https://bugzilla.redhat.com/show_bug.cgi?id=986712 -------------------------------------------------------------------------------- ================================================================================ python-keystoneclient-0.2.3-5.fc19 (FEDORA-2013-13698) Client library for OpenStack Identity API -------------------------------------------------------------------------------- Update Information: Selective backports from stable/grizzly: * Ec2Signer: Initial support for v4 signature verification. * Default signing_dir to secure temp dir. * Fix memcache encryption middleware. (CVE-2013-2166, CVE-2013-2167) * Check token expiry. (CVE-2013-2104) -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 Jakub Ruzicka <jruzicka@xxxxxxxxxx> 0.2.3-5 - Ec2Signer: Initial support for v4 signature verification. - Default signing_dir to secure temp dir. - Fix memcache encryption middleware. (CVE-2013-2166, CVE-2013-2167) * Tue May 28 2013 Jakub Ruzicka <jruzicka@xxxxxxxxxx> 0.2.3-4 - Check token expiry. (CVE-2013-2104) -------------------------------------------------------------------------------- References: [ 1 ] Bug #974271 - CVE-2013-2166 CVE-2013-2167 python-keystoneclient: middleware memcache encryption and signing bypass https://bugzilla.redhat.com/show_bug.cgi?id=974271 [ 2 ] Bug #965852 - CVE-2013-2104 OpenStack Keystone: Missing expiration check in Keystone PKI token validation https://bugzilla.redhat.com/show_bug.cgi?id=965852 -------------------------------------------------------------------------------- ================================================================================ python-pyphen-0.7-3.fc19 (FEDORA-2013-13675) Pure Python module to hyphenate text -------------------------------------------------------------------------------- Update Information: Pure Python module to hyphenate text -------------------------------------------------------------------------------- References: [ 1 ] Bug #986634 - Review Request: python-pyphen - Pure Python module to hyphenate text https://bugzilla.redhat.com/show_bug.cgi?id=986634 -------------------------------------------------------------------------------- ================================================================================ satyr-0.5-2.fc19 (FEDORA-2013-13733) Tools to create anonymous, machine-friendly problem reports -------------------------------------------------------------------------------- Update Information: This update adds the ability to generate core stacktraces from GDB output. This update adds the ability to generate core stacktraces from GDB output. -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 Martin Milata <mmilata@xxxxxxxxxx> 0.5-2 - Remove libunwind dependency altogether, always use GDB for unwinding. * Thu Jul 25 2013 Jakub Filak <jfilak@xxxxxxxxxx> 0.5-1 - Added function that creates core stacktrace from GDB output. Several bugfixes. * Tue Jul 9 2013 Martin Milata <mmilata@xxxxxxxxxx> 0.4-2 - Fix failing tests (failure manifests only on s390x) -------------------------------------------------------------------------------- ================================================================================ sblim-cmpi-syslog-0.9.0-1.fc19 (FEDORA-2013-13712) SBLIM syslog instrumentation -------------------------------------------------------------------------------- Update Information: Rebase to latest upstream version just for cleaniness, changes are very tiny against recent packages, mostly compatibility fixes for older distros. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 26 2013 Tomas Bzatek <tbzatek@xxxxxxxxxx> - 0.9.0-1 - Update to sblim-cmpi-syslog-0.9.0 -------------------------------------------------------------------------------- ================================================================================ sphinx-2.0.8-2.fc19 (FEDORA-2013-13728) Free open-source SQL full-text search engine -------------------------------------------------------------------------------- Update Information: enable-id64 flag for 64-bit builds -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 26 2013 Christof Damian <christof@xxxxxxxxxx> - 2.0.8-2 - --enable-id64 flag for 64-bit builds -------------------------------------------------------------------------------- References: [ 1 ] Bug #978577 - ./configure needs to be run with the --enable-id64 flag for 64-bit builds https://bugzilla.redhat.com/show_bug.cgi?id=978577 -------------------------------------------------------------------------------- ================================================================================ subversion-1.7.11-1.fc19 (FEDORA-2013-13696) A Modern Concurrent Version Control System -------------------------------------------------------------------------------- Update Information: This update includes the latest release of Apache Subversion 1.7, version 1.7.11. This fixes a security vulnerability in mod_dav_svn: Subversion's mod_dav_svn Apache HTTPD server module will trigger an assertion on some requests made against a revision root. This can lead to a DoS. If assertions are disabled it will trigger a read overflow which may cause a segmentation fault or undefined behavior. Commit access is required to exploit this. (CVE-2013-4131) -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 Joe Orton <jorton@xxxxxxxxxx> - 1.7.11-1 - update to 1.7.11 - use full relro in mod_dav_svn build (#973694) -------------------------------------------------------------------------------- References: [ 1 ] Bug #986194 - CVE-2013-4131 subversion: DoS (assertion failure, crash) in mod_dav_svn when handling certain MOVE, COPY, or DELETE HTTP requests https://bugzilla.redhat.com/show_bug.cgi?id=986194 -------------------------------------------------------------------------------- ================================================================================ systemtap-2.3-1.fc19 (FEDORA-2013-13734) Programmable system-wide instrumentation system -------------------------------------------------------------------------------- Update Information: SystemTap release 2.3: improved pass-2 error messages, runtime preprocessor conditionals, global module variable visibility, internal improvements, colorized error messages, uprobe pre-filtering, re-written regular expression support -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 David Smith <dsmith@xxxxxxxxxx> - 2.3 - Upstream release. -------------------------------------------------------------------------------- ================================================================================ unhide-1.0-10.fc19.20121229 (FEDORA-2013-13717) Tool to find hidden processes and TCP/UDP ports from rootkits -------------------------------------------------------------------------------- Update Information: New upstream release with many fixes given in changelog file. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 26 2013 Parag <paragn AT fedoraproject DOT org> - 1.0-10.20121229 - Update to new version -------------------------------------------------------------------------------- References: [ 1 ] Bug #984776 - New version request https://bugzilla.redhat.com/show_bug.cgi?id=984776 [ 2 ] Bug #974638 - Outdated package https://bugzilla.redhat.com/show_bug.cgi?id=974638 -------------------------------------------------------------------------------- ================================================================================ wesnoth-1.10.6-4.fc19 (FEDORA-2013-13732) Turn-based strategy game with a fantasy theme -------------------------------------------------------------------------------- Update Information: Fix for man page ownership. -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 Jon Ciesla <limburgher@xxxxxxxxx> - 1.10.6-4 - Fix man page ownership, BZ 958465. -------------------------------------------------------------------------------- References: [ 1 ] Bug #988456 - wesnoth-data owns some man page directories https://bugzilla.redhat.com/show_bug.cgi?id=988456 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
