The following Fedora 18 Security updates need testing: Age URL 199 https://admin.fedoraproject.org/updates/FEDORA-2013-0416/fedora-business-cards-1-0.1.beta1.fc18 132 https://admin.fedoraproject.org/updates/FEDORA-2013-3935/puppet-3.1.1-1.fc18 126 https://admin.fedoraproject.org/updates/FEDORA-2013-4243/stunnel-4.55-1.fc18 112 https://admin.fedoraproject.org/updates/FEDORA-2013-4823/microcode_ctl-2.0-3.fc18 97 https://admin.fedoraproject.org/updates/FEDORA-2013-6117/eucalyptus-3.2.2-1.fc18 33 https://admin.fedoraproject.org/updates/FEDORA-2013-10713/openstack-keystone-2012.2.4-5.fc18 9 https://admin.fedoraproject.org/updates/FEDORA-2013-13131/livecd-tools-18.17-1.fc18 8 https://admin.fedoraproject.org/updates/FEDORA-2013-13166/fdupes-1.51-1.fc18 8 https://admin.fedoraproject.org/updates/FEDORA-2013-13164/owncloud-4.5.13-1.fc18 6 https://admin.fedoraproject.org/updates/FEDORA-2013-13234/rubygem-passenger-3.0.21-4.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-13388/ghc-xmonad-contrib-0.11-1.1.fc18,bluetile-0.6-13.fc18 2 https://admin.fedoraproject.org/updates/FEDORA-2013-13454/WebCalendar-1.2.7-1.fc18 2 https://admin.fedoraproject.org/updates/FEDORA-2013-13479/openttd-1.3.0-2.fc18,pyicu-1.4-2.fc18,fontmatrix-0.9.99-9.r1218.fc18,libreoffice-3.6.7.2-3.fc18,icu-49.1.1-10.fc18 2 https://admin.fedoraproject.org/updates/FEDORA-2013-13518/kde-workspace-4.10.5-3.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-13493/squid-3.2.13-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-13616/gksu-polkit-0.0.3-8.gitf8ce834c.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-13635/perl-Proc-ProcessTable-0.48-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-13671/libgcrypt-1.5.3-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-13672/subversion-1.7.11-1.fc18.1 The following Fedora 18 Critical Path updates have yet to be approved: Age URL 167 https://admin.fedoraproject.org/updates/FEDORA-2013-2192/nautilus-3.6.3-5.fc18 47 https://admin.fedoraproject.org/updates/FEDORA-2013-10428/NetworkManager-0.9.8.2-1.fc18,network-manager-applet-0.9.8.2-1.fc18 13 https://admin.fedoraproject.org/updates/FEDORA-2013-12922/device-mapper-persistent-data-0.2.1-1.fc18 13 https://admin.fedoraproject.org/updates/FEDORA-2013-12915/sane-backends-1.0.23-13.fc18 11 https://admin.fedoraproject.org/updates/FEDORA-2013-12979/squashfs-tools-4.3-0.18.gitaae0aff4.fc18 10 https://admin.fedoraproject.org/updates/FEDORA-2013-13016/opus-1.0.3-1.fc18 10 https://admin.fedoraproject.org/updates/FEDORA-2013-13024/emacs-24.2-20.fc18 9 https://admin.fedoraproject.org/updates/FEDORA-2013-13131/livecd-tools-18.17-1.fc18 8 https://admin.fedoraproject.org/updates/FEDORA-2013-13171/soprano-2.9.3-1.fc18 8 https://admin.fedoraproject.org/updates/FEDORA-2013-13208/shared-desktop-ontologies-0.11.0-1.fc18 6 https://admin.fedoraproject.org/updates/FEDORA-2013-13230/chrony-1.28-1.fc18 2 https://admin.fedoraproject.org/updates/FEDORA-2013-13502/nss-util-3.15.1-1.fc18,nss-softokn-3.15.1-1.fc18,nss-3.15.1-1.fc18 2 https://admin.fedoraproject.org/updates/FEDORA-2013-13518/kde-workspace-4.10.5-3.fc18 2 https://admin.fedoraproject.org/updates/FEDORA-2013-13479/openttd-1.3.0-2.fc18,pyicu-1.4-2.fc18,fontmatrix-0.9.99-9.r1218.fc18,libreoffice-3.6.7.2-3.fc18,icu-49.1.1-10.fc18 2 https://admin.fedoraproject.org/updates/FEDORA-2013-13462/exempi-2.2.1-1.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-13571/telepathy-glib-0.20.4-1.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-13551/xorg-x11-drv-intel-2.21.12-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-13700/ibus-1.5.3-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-13671/libgcrypt-1.5.3-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-13668/hunspell-1.3.2-13.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-13612/udisks2-2.0.1-3.fc18 The following builds have been pushed to Fedora 18 updates-testing dogtag-pki-10.0.4-1.fc18 dogtag-pki-theme-10.0.4-1.fc18 guacamole-client-0.8.2-2.fc18 guacamole-server-0.8.2-1.fc18 hunspell-1.3.2-13.fc18 ibus-1.5.3-1.fc18 ike-2.2.1-2.fc18 irqbalance-1.0.3-10.fc18 lfcbase-1.5.6-1.fc18 libgcrypt-1.5.3-1.fc18 libssh-0.5.5-1.fc18 libuv-0.10.13-1.fc18 man-pages-de-0.5-9.fc18 mate-system-monitor-1.6.0-2.fc18 mingw-crt-2.0.999-0.30.trunk.r5969.20130721.fc18 mingw-headers-2.0.999-0.30.trunk.r5969.20130721.fc18 nodejs-0.10.14-1.fc18 openlmi-providers-0.0.25-3.fc18 ovirt-node-3.0.0-5.0.fc18 pki-console-10.0.4-1.fc18 pki-core-10.0.4-1.fc18 pki-ra-10.0.4-1.fc18 pki-tps-10.0.4-1.fc18 python-cffi-0.6-3.fc18 python-pyphen-0.7-3.fc18 satyr-0.5-2.fc18 subversion-1.7.11-1.fc18.1 systemtap-2.3-1.fc18 unhide-1.0-10.fc18.20121229 wesnoth-1.10.6-4.fc18 Details about builds: ================================================================================ dogtag-pki-10.0.4-1.fc18 (FEDORA-2013-13697) Dogtag Public Key Infrastructure (PKI) Suite -------------------------------------------------------------------------------- Update Information: Trac Ticket 694 - create 10.0.4-1 builds -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-1 - Change release number for official release * Wed Jun 26 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-0.1 - Roll release to next version -------------------------------------------------------------------------------- ================================================================================ dogtag-pki-theme-10.0.4-1.fc18 (FEDORA-2013-13666) Certificate System - Dogtag PKI Theme Components -------------------------------------------------------------------------------- Update Information: Trac Ticket 694 - create 10.0.4-1 builds -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-1 - Change release number for official release * Wed Jun 26 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-0.1 - Roll release to next version -------------------------------------------------------------------------------- ================================================================================ guacamole-client-0.8.2-2.fc18 (FEDORA-2013-13714) Server-side Java components that form the Guacamole application -------------------------------------------------------------------------------- Update Information: Updated Guacamole with printing support on RDP plugin and VNC repeater support. -------------------------------------------------------------------------------- References: [ 1 ] Bug #985814 - Review Request: guacamole-client - Server-side Java components that form the Guacamole application https://bugzilla.redhat.com/show_bug.cgi?id=985814 [ 2 ] Bug #985818 - Review Request: guacamole-server - Server-side native components that form the Guacamole proxy https://bugzilla.redhat.com/show_bug.cgi?id=985818 -------------------------------------------------------------------------------- ================================================================================ guacamole-server-0.8.2-1.fc18 (FEDORA-2013-13714) Server-side native components that form the Guacamole proxy -------------------------------------------------------------------------------- Update Information: Updated Guacamole with printing support on RDP plugin and VNC repeater support. -------------------------------------------------------------------------------- References: [ 1 ] Bug #985814 - Review Request: guacamole-client - Server-side Java components that form the Guacamole application https://bugzilla.redhat.com/show_bug.cgi?id=985814 [ 2 ] Bug #985818 - Review Request: guacamole-server - Server-side native components that form the Guacamole proxy https://bugzilla.redhat.com/show_bug.cgi?id=985818 -------------------------------------------------------------------------------- ================================================================================ hunspell-1.3.2-13.fc18 (FEDORA-2013-13668) A spell checker and morphological analyzer library -------------------------------------------------------------------------------- Update Information: Fix layout problems with very long lines in command line hunspell spell checking utility -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 Caolán McNamara <caolanm@xxxxxxxxxx> - 1.3.2-13 - Resolves: rhbz#985052 layout problems with very long lines * Wed Jul 17 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 1.3.2-12 - Perl 5.18 rebuild * Thu Apr 4 2013 Caolán McNamara <caolanm@xxxxxxxxxx> - 1.3.2-11 - Resolves: rhbz#925562 support aarch64 -------------------------------------------------------------------------------- References: [ 1 ] Bug #985052 - layout problems with very long lines https://bugzilla.redhat.com/show_bug.cgi?id=985052 -------------------------------------------------------------------------------- ================================================================================ ibus-1.5.3-1.fc18 (FEDORA-2013-13700) Intelligent Input Bus for Linux OS -------------------------------------------------------------------------------- Update Information: This update adds Norwegian keyboard layout and also creates the system cache of /var/cache/ibus/bus/registry with ibus command during the post install. % ibus read-cache --help -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 11 2013 Takao Fujiwara <tfujiwar@xxxxxxxxxx> - 1.5.3-1 - Bumped to 1.5.3 - Deleted ibus-xx-g-s-disable-preedit.patch as EOL. - Deleted ibus-gjs as EOL. - Removed imsettings-gnome, im-chooser, libgnomekbd dependencies. * Thu Jul 11 2013 Takao Fujiwara <tfujiwar@xxxxxxxxxx> - 1.5.2-8 - Updated ibus-HEAD.patch to delete pyxdg dependencies. * Mon Jun 17 2013 Takao Fujiwara <tfujiwar@xxxxxxxxxx> - 1.5.2-7 - Bug 972328 - Deleted ibus-panel * Mon Jun 17 2013 Takao Fujiwara <tfujiwar@xxxxxxxxxx> - 1.5.2-6 - Bug 972328 - Bring back the dependency of ibus-setup. * Tue Jun 11 2013 Takao Fujiwara <tfujiwar@xxxxxxxxxx> - 1.5.2-5 - Removed dependencies of ibus-setup and ibus-pygtk2 -------------------------------------------------------------------------------- ================================================================================ ike-2.2.1-2.fc18 (FEDORA-2013-13685) Shrew Soft VPN Client For Linux -------------------------------------------------------------------------------- Update Information: fix broken logrotate -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 26 2013 maci <maci@xxxxxxxxxx> - 2.2.1-2 - fix #974283 - Bad logrotate config file * Wed Jun 5 2013 Marcel Wysocki <maci@xxxxxxxxxx> - 2.2.1-1 - update to 2.2.1 - use systemd macros (fedora 18+) - remove obsolete patch - spec cleanups -------------------------------------------------------------------------------- References: [ 1 ] Bug #974283 - Bad logrotate config file https://bugzilla.redhat.com/show_bug.cgi?id=974283 -------------------------------------------------------------------------------- ================================================================================ irqbalance-1.0.3-10.fc18 (FEDORA-2013-13718) IRQ balancing daemon -------------------------------------------------------------------------------- Update Information: irqbalance is now built with hardened gcc options to enhance its security -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 26 2013 Petr Holasek <pholasek@xxxxxxxxxx> - 2:1.0.3-10 - Hardened build #bz983612 -------------------------------------------------------------------------------- References: [ 1 ] Bug #983612 - no hardended build https://bugzilla.redhat.com/show_bug.cgi?id=983612 -------------------------------------------------------------------------------- ================================================================================ lfcbase-1.5.6-1.fc18 (FEDORA-2013-13709) Lemke Foundation Classes -------------------------------------------------------------------------------- Update Information: New version. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 26 2013 Christopher Meng <rpm@xxxxxxxx> - 1.5.6-1 - New release. -------------------------------------------------------------------------------- ================================================================================ libgcrypt-1.5.3-1.fc18 (FEDORA-2013-13671) A general-purpose cryptography library -------------------------------------------------------------------------------- Update Information: Minor update from upstream fixing a moderate impact security issue. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 26 2013 Tomáš Mráz <tmraz@xxxxxxxxxx> 1.5.3-1 - new upstream version fixing cache side-channel attack on RSA private keys -------------------------------------------------------------------------------- References: [ 1 ] Bug #988589 - GnuPG susceptible to Yarom/Falkner flush+reload cache side-channel attack https://bugzilla.redhat.com/show_bug.cgi?id=988589 -------------------------------------------------------------------------------- ================================================================================ libssh-0.5.5-1.fc18 (FEDORA-2013-13725) A library implementing the SSH2 protocol (0xbadc0de version) -------------------------------------------------------------------------------- Update Information: Update to version 0.5.5. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 26 2013 - Andreas Schneider <asn@xxxxxxxxxx> - 0.5.5-1 - Update to 0.5.5. - Clenup the spec file. -------------------------------------------------------------------------------- ================================================================================ libuv-0.10.13-1.fc18 (FEDORA-2013-13706) Platform layer for node.js -------------------------------------------------------------------------------- Update Information: 2013.07.25, Version 0.10.14 (Stable) * os: Don't report negative times in cpu info (Ben Noordhuis) * fs: Handle large UID and GID (Ben Noordhuis) * url: Fix edge-case when protocol is non-lowercase (Shuan Wang) * doc: Streams API Doc Rewrite (isaacs) * node: call MakeDomainCallback in all domain cases (Trevor Norris) * crypto: fix memory leak in LoadPKCS12 (Fedor Indutny) * libuv: unix, windows: fix uv_fs_chown() function prototype (Ben Noordhuis) -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 T.C. Hollingsworth <tchollingsworth@xxxxxxxxx> - 1:0.10.13-1 - new upstream release 0.10.13 https://github.com/joyent/libuv/blob/v0.10.13/ChangeLog -------------------------------------------------------------------------------- ================================================================================ man-pages-de-0.5-9.fc18 (FEDORA-2013-13692) German man pages from the Linux Documentation Project -------------------------------------------------------------------------------- Update Information: Fix directory ownership. -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 Adel Gadllah <adel.gadllah@xxxxxxxxx> - 0.5-9 - Really fix directory ownership -------------------------------------------------------------------------------- References: [ 1 ] Bug #569392 - Wrong directory ownership https://bugzilla.redhat.com/show_bug.cgi?id=569392 -------------------------------------------------------------------------------- ================================================================================ mate-system-monitor-1.6.0-2.fc18 (FEDORA-2013-13688) Process and resource monitor -------------------------------------------------------------------------------- Update Information: - add upstream patch to fix rhbz (#888696) - add upstream patch to add manpages -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 26 2013 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.6.0-2 - add upstream patch to fix rhbz (#888696) - add upstream patch to add manpages - clean up BRs - use hardlink to save space by linking identical images in translated docs - remove --with-gnome find language flag - remove needless gsettings convert file -------------------------------------------------------------------------------- References: [ 1 ] Bug #888696 - [abrt] mate-system-monitor-1.5.0-2.fc18: g_settings_schema_get_value: Process /usr/bin/mate-system-monitor was killed by signal 5 (SIGTRAP) https://bugzilla.redhat.com/show_bug.cgi?id=888696 -------------------------------------------------------------------------------- ================================================================================ mingw-crt-2.0.999-0.30.trunk.r5969.20130721.fc18 (FEDORA-2013-13724) MinGW Windows cross-compiler runtime -------------------------------------------------------------------------------- Update Information: * Update mingw-w64 to a more recent snapshot * Required to build the latest mingw-wine-gecko (and the latest wine itself) * For discussion see https://lists.fedoraproject.org/pipermail/fedora-mingw/2013-July/007073.html -------------------------------------------------------------------------------- ChangeLog: * Sun Jul 21 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.0.999-0.30.trunk.r5969.20130721 - Update to r5969 (20130721 snapshot) - Fixes strnlen issue on Windows XP * Sat Jul 13 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.0.999-0.29.trunk.r5949.20130713 - Update to r5949 (20130713 snapshot) - Dropped InterlockedCompareExchange workaround, issue is resolved upstream (with r5949) * Fri Jun 28 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.0.999-0.28.trunk.r5915.20130628 - Update to r5915 (20130628 snapshot) * Fri Jun 14 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.0.999-0.27.trunk.r5904.20130614 - Update to r5904 (fixes various regressions) * Fri Jun 14 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.0.999-0.26.trunk.r5894.20130614 - Update to r5894 (20130614 snapshot) - Updated instructions to regenerate snapshots (SourceForge has changed their SVN infrastructure) - Workaround regression introduced by r5713 where the symbol InterlockedCompareExchange could get exported in shared libraries by accident * Thu May 30 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.0.999-0.25.trunk.20130530 - Update to 20130530 snapshot * Mon May 20 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.0.999-0.24.trunk.20130520 - Update to 20130520 snapshot * Thu May 9 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.0.999-0.23.trunk.20130509 - Regenerated 20130509 snapshot - Dropped upstreamed vsprintf_s patch * Thu May 9 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.0.999-0.22.trunk.20130509 - Update to 20130509 snapshot -------------------------------------------------------------------------------- ================================================================================ mingw-headers-2.0.999-0.30.trunk.r5969.20130721.fc18 (FEDORA-2013-13724) Win32/Win64 header files -------------------------------------------------------------------------------- Update Information: * Update mingw-w64 to a more recent snapshot * Required to build the latest mingw-wine-gecko (and the latest wine itself) * For discussion see https://lists.fedoraproject.org/pipermail/fedora-mingw/2013-July/007073.html -------------------------------------------------------------------------------- ChangeLog: * Sun Jul 21 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.0.999-0.30.trunk.r5969.20130721 - Update to r5969 (20130721 snapshot) - Resolves mingw-boost failure for the i686 target (regarding Interlocked* symbols) * Sat Jul 13 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.0.999-0.29.trunk.r5949.20130713 - Update to r5949 (20130713 snapshot) * Fri Jun 28 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.0.999-0.28.trunk.r5915.20130628 - Update to r5915 (20130628 snapshot) * Fri Jun 14 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.0.999-0.27.trunk.r5904.20130614 - Update to r5904 (fixes various regressions) * Fri Jun 14 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.0.999-0.26.trunk.r5894.20130614 - Update to r5894 (20130614 snapshot) - Updated instructions to regenerate snapshots (SourceForge has changed their SVN infrastructure) * Thu May 30 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.0.999-0.25.trunk.20130530 - Update to 20130530 snapshot * Mon May 20 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.0.999-0.24.trunk.20130520 - Update to 20130520 snapshot * Thu May 9 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.0.999-0.23.trunk.20130509 - Regenerated 20130509 snapshot - Contains patch from RHBZ #917400 * Thu May 9 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.0.999-0.22.trunk.20130509 - Update to 20130509 snapshot * Sun Apr 28 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.0.999-0.21.trunk.20130428 - Update to 20130428 snapshot - Fixes build regression in gettext regarding asprinf * Thu Apr 25 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.0.999-0.20.trunk.20130425 - Update to 20130425 snapshot * Wed Apr 3 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.0.999-0.19.trunk.20130403 - Update to 20130403 snapshot * Sat Feb 16 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.0.999-0.18.trunk.20130216 - Update to 20130216 snapshot - Includes improved import libraries (for setupapi, cfgmgr32 and others) * Sun Jan 27 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.0.999-0.17.trunk.20130127 - Update to 20130127 snapshot * Sat Jan 5 2013 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 2.0.999-0.16.trunk.20130105 - Update to 20130105 snapshot -------------------------------------------------------------------------------- ================================================================================ nodejs-0.10.14-1.fc18 (FEDORA-2013-13706) JavaScript runtime -------------------------------------------------------------------------------- Update Information: 2013.07.25, Version 0.10.14 (Stable) * os: Don't report negative times in cpu info (Ben Noordhuis) * fs: Handle large UID and GID (Ben Noordhuis) * url: Fix edge-case when protocol is non-lowercase (Shuan Wang) * doc: Streams API Doc Rewrite (isaacs) * node: call MakeDomainCallback in all domain cases (Trevor Norris) * crypto: fix memory leak in LoadPKCS12 (Fedor Indutny) * libuv: unix, windows: fix uv_fs_chown() function prototype (Ben Noordhuis) -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 T.C. Hollingsworth <tchollingsworth@xxxxxxxxx> - 0.10.14-1 - new upstream release 0.10.14 http://blog.nodejs.org/2013/07/25/node-v0-10-14-stable/ -------------------------------------------------------------------------------- ================================================================================ openlmi-providers-0.0.25-3.fc18 (FEDORA-2013-13680) Set of basic CIM providers -------------------------------------------------------------------------------- Update Information: Rebuild for konkretcmpi-0.9.1 Again add registration of 05_LMI_Qualifiers.mof -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 15 2013 Jan Synáček <jsynacek@xxxxxxxxxx> - 0.0.25-3 - Rebuild against new konkretcmpi - Really fix the compilation against new konkretcmpi * Fri Jun 28 2013 Roman Rakus <rrakus@xxxxxxxxxx> - 0.0.25-2 - Againg add registration of 05_LMI_Qualifiers.mof -------------------------------------------------------------------------------- References: [ 1 ] Bug #973233 - sfcbd process SEGV on openlmi lmiusers request https://bugzilla.redhat.com/show_bug.cgi?id=973233 -------------------------------------------------------------------------------- ================================================================================ ovirt-node-3.0.0-5.0.fc18 (FEDORA-2013-13731) The oVirt Node daemons/scripts -------------------------------------------------------------------------------- Update Information: Update to latest upstream -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 Mike Burns <mburns@xxxxxxxxxx> 3.0.0-5.0 - rebase to 3.0.0 upstream * Thu Feb 28 2013 Fabian Deutsch <fabiand@xxxxxxxxxxxxxxxxx> - 2.6.1-1 - Update to upstream 2.6.1 release - Drop anyterm, krb5-workstation dependencies -------------------------------------------------------------------------------- ================================================================================ pki-console-10.0.4-1.fc18 (FEDORA-2013-13684) Certificate System - PKI Console -------------------------------------------------------------------------------- Update Information: Trac Ticket 694 - create 10.0.4-1 builds -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-1 - Change release number for official release * Wed Jun 26 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-0.1 - Roll release to next version -------------------------------------------------------------------------------- ================================================================================ pki-core-10.0.4-1.fc18 (FEDORA-2013-13719) Certificate System - PKI Core Components -------------------------------------------------------------------------------- Update Information: Trac Ticket 694 - create 10.0.4-1 builds -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-1 - Change release number for official release * Wed Jul 24 2013 Matthew Harmsen <mharmsen@xxxxxxxxxx> 10.0.4-0.4 - Bugzilla Bug #986506 - Need to determine RPM packages to be excluded from compose . . . (exclude pki-kra, pki-ocsp, and pki-tks from rhel 7) * Wed Jul 17 2013 Endi S. Dewata <edewata@xxxxxxxxxx> 10.0.4-0.3 - Added man pages for upgrade tools. - Cleaned up the code to install man pages. * Tue Jul 9 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-0.2 - Bugzilla Bug 973224 - resteasy-base must be split into subpackages to simplify dependencies * Wed Jun 26 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-0.1 - Roll release to next version -------------------------------------------------------------------------------- ================================================================================ pki-ra-10.0.4-1.fc18 (FEDORA-2013-13695) Certificate System - Registration Authority -------------------------------------------------------------------------------- Update Information: Trac Ticket 694 - create 10.0.4-1 builds -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-1 - Change release number for official release * Thu Jul 11 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-0.2 - Add systemd build requirement to fix build failures in f19 * Wed Jun 26 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-0.1 - Roll release to next version -------------------------------------------------------------------------------- ================================================================================ pki-tps-10.0.4-1.fc18 (FEDORA-2013-13667) Certificate System - Token Processing System -------------------------------------------------------------------------------- Update Information: Trac Ticket 694 - create 10.0.4-1 builds -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-1 - Change release number for official release * Thu Jul 11 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-0.2 - Add systemd build requirement to fix build failures in f19 * Wed Jun 26 2013 Ade Lee <alee@xxxxxxxxxx> 10.0.4-0.1 - Roll release to next version -------------------------------------------------------------------------------- ================================================================================ python-cffi-0.6-3.fc18 (FEDORA-2013-13708) Foreign Function Interface for Python to call C code -------------------------------------------------------------------------------- Update Information: Foreign Function Interface for Python to call C code -------------------------------------------------------------------------------- References: [ 1 ] Bug #986712 - Review Request: python-cffi - Foreign Function Interface for Python to call C code https://bugzilla.redhat.com/show_bug.cgi?id=986712 -------------------------------------------------------------------------------- ================================================================================ python-pyphen-0.7-3.fc18 (FEDORA-2013-13729) Pure Python module to hyphenate text -------------------------------------------------------------------------------- Update Information: Pure Python module to hyphenate text -------------------------------------------------------------------------------- References: [ 1 ] Bug #986634 - Review Request: python-pyphen - Pure Python module to hyphenate text https://bugzilla.redhat.com/show_bug.cgi?id=986634 -------------------------------------------------------------------------------- ================================================================================ satyr-0.5-2.fc18 (FEDORA-2013-13704) Tools to create anonymous, machine-friendly problem reports -------------------------------------------------------------------------------- Update Information: This update adds the ability to generate core stacktraces from GDB output. This update adds the ability to generate core stacktraces from GDB output. -------------------------------------------------------------------------------- ================================================================================ subversion-1.7.11-1.fc18.1 (FEDORA-2013-13672) A Modern Concurrent Version Control System -------------------------------------------------------------------------------- Update Information: This update includes the latest release of Apache Subversion 1.7, version 1.7.11. Several security vulnerabilities are fixed in this update: Subversion's mod_dav_svn Apache HTTPD server module will trigger an assertion on some requests made against a revision root. This can lead to a DoS. If assertions are disabled it will trigger a read overflow which may cause a segmentation fault or undefined behavior. Commit access is required to exploit this. (CVE-2013-4131) If a filename which contains a newline character (ASCII 0x0a) is committed to a repository using the FSFS format, the resulting revision is corrupt. This can lead to disruption for users of the repository. (CVE-2013-1968) Subversion's contrib/ directory contains two example hook scripts, which use 'svnlook changed' to examine a revision or transaction and then pass those paths as arguments to further 'svnlook' commands, without properly escaping the command-line. (CVE-2013-2088) Subversion's svnserve server process may exit when an incoming TCP connection is closed early in the connection process. This can lead to disruption for users of the server. (CVE-2013-2112) The following client-side bugs were fixed in the 1.7.10 release: * fix 'svn revert' "no such table: revert_list" spurious error * fix 'svn diff' doesn't show some locally added files * fix changelist filtering when --changelist values aren't UTF8 * fix 'svn diff --git' shows wrong copyfrom * fix 'svn diff -x-w' shows wrong changes * fix 'svn blame' sometimes shows every line as modified * fix regression in 'svn status -u' output for externals * fix file permissions change on commit of file with keywords * improve some fatal error messages * fix externals not removed when working copy is made shallow The following server-side bugs are fixed: * fix repository corruption due to newline in filename * fix svnserve exiting when a client connection is aborted * fix svnserve memory use after clear -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 Joe Orton <jorton@xxxxxxxxxx> - 1.7.11-1.1 - use full RELRO for mod_*.so (#973694) * Thu Jul 25 2013 Joe Orton <jorton@xxxxxxxxxx> - 1.7.11-1 - update to 1.7.11 * Mon Jun 3 2013 Joe Orton <jorton@xxxxxxxxxx> - 1.7.10-1 - update to 1.7.10 (#970014) - fix aarch64 build issues (Dennis Gilmore, #926578) * Tue Apr 9 2013 Joe Orton <jorton@xxxxxxxxxx> - 1.7.9-1 - update to 1.7.9 (#948813) -------------------------------------------------------------------------------- References: [ 1 ] Bug #986194 - CVE-2013-4131 subversion: DoS (assertion failure, crash) in mod_dav_svn when handling certain MOVE, COPY, or DELETE HTTP requests https://bugzilla.redhat.com/show_bug.cgi?id=986194 [ 2 ] Bug #970014 - CVE-2013-1968 subversion (FSFS format): Filenames with newline character can lead to revision corruption https://bugzilla.redhat.com/show_bug.cgi?id=970014 [ 3 ] Bug #970027 - CVE-2013-2088 subversion: Improper sanitization of arguments of certain hook scripts might lead to arbitrary code execution https://bugzilla.redhat.com/show_bug.cgi?id=970027 [ 4 ] Bug #970037 - CVE-2013-2112 subversion: Remote DoS due improper handling of early-closing TCP connections https://bugzilla.redhat.com/show_bug.cgi?id=970037 -------------------------------------------------------------------------------- ================================================================================ systemtap-2.3-1.fc18 (FEDORA-2013-13721) Programmable system-wide instrumentation system -------------------------------------------------------------------------------- Update Information: SystemTap release 2.3: improved pass-2 error messages, runtime preprocessor conditionals, global module variable visibility, internal improvements, colorized error messages, uprobe pre-filtering, re-written regular expression support -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 David Smith <dsmith@xxxxxxxxxx> - 2.3 - Upstream release. -------------------------------------------------------------------------------- ================================================================================ unhide-1.0-10.fc18.20121229 (FEDORA-2013-13683) Tool to find hidden processes and TCP/UDP ports from rootkits -------------------------------------------------------------------------------- Update Information: New upstream release with many fixes given in changelog file. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 26 2013 Parag <paragn AT fedoraproject DOT org> - 1.0-10.20121229 - Update to new version * Fri Feb 15 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0-9.20100201 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #984776 - New version request https://bugzilla.redhat.com/show_bug.cgi?id=984776 [ 2 ] Bug #974638 - Outdated package https://bugzilla.redhat.com/show_bug.cgi?id=974638 -------------------------------------------------------------------------------- ================================================================================ wesnoth-1.10.6-4.fc18 (FEDORA-2013-13701) Turn-based strategy game with a fantasy theme -------------------------------------------------------------------------------- Update Information: Fix for man page ownership. -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 25 2013 Jon Ciesla <limburgher@xxxxxxxxx> - 1.10.6-4 - Fix man page ownership, BZ 958465. * Thu Apr 25 2013 Jon Ciesla <limburgher@xxxxxxxxx> - 1.10.6-3 - Add PIE, BZ 955196. * Wed Apr 24 2013 Jon Ciesla <limburgher@xxxxxxxxx> - 1.10.6-2 - Fix for crash, BZ 953327. * Thu Mar 28 2013 Jon Ciesla <limburgher@xxxxxxxxx> - 1.10.6-1 - New upstream maintainance release. * Mon Feb 11 2013 Parag Nemade <paragn AT fedoraproject DOT org> - 1.10.5-5 - Remove vendor tag from desktop file as per https://fedorahosted.org/fesco/ticket/1077 - Cleanup spec as per recently changed packaging guidelines * Sat Feb 9 2013 Denis Arnaud <denis.arnaud_fedora@xxxxxxx> - 1.10.5-4 - Rebuild for Boost-1.53.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #988456 - wesnoth-data owns some man page directories https://bugzilla.redhat.com/show_bug.cgi?id=988456 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test