The following Fedora 19 Security updates need testing: Age URL 109 https://admin.fedoraproject.org/updates/FEDORA-2013-5801/mantis-1.2.15-1.fc19 64 https://admin.fedoraproject.org/updates/FEDORA-2013-9715/heat-jeos-9-1.fc19 12 https://admin.fedoraproject.org/updates/FEDORA-2013-13332/ghc-xmonad-contrib-0.11.2-1.fc19,ghc-X11-1.6.1.1-1.fc19,xmonad-0.11-4.fc19,ghc-X11-xft-0.3.1-10.fc19,bluetile-0.6-18.fc19,xmobar-0.18-1.fc19 4 https://admin.fedoraproject.org/updates/FEDORA-2013-13850/ReviewBoard-1.7.12-1.fc19,python-djblets-0.7.16-1.fc19 4 https://admin.fedoraproject.org/updates/FEDORA-2013-13919/python-keystoneclient-0.2.3-6.fc19 1 https://admin.fedoraproject.org/updates/FEDORA-2013-13994/httpd-2.4.6-2.fc19 1 https://admin.fedoraproject.org/updates/FEDORA-2013-14083/389-ds-base-1.3.1.5-1.fc19 1 https://admin.fedoraproject.org/updates/FEDORA-2013-14106/cxf-2.6.9-1.fc19,jacorb-2.3.1-8.fc19,wss4j-1.6.10-1.fc19 1 https://admin.fedoraproject.org/updates/FEDORA-2013-13975/gnupg-1.4.14-1.fc19 1 https://admin.fedoraproject.org/updates/FEDORA-2013-14029/zabbix-2.0.6-3.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2013-14176/v8-3.14.5.10-2.fc19 The following builds have been pushed to Fedora 19 updates-testing apper-0.8.1-1.fc19 eigen3-3.1.4-1.fc19 glite-lbjp-common-trio-2.3.10-2.fc19 grubby-8.28-1.fc19 gstreamer1-1.0.9-1.fc19 gstreamer1-plugins-bad-free-1.0.9-1.fc19 gstreamer1-plugins-base-1.0.9-1.fc19 gstreamer1-plugins-good-1.0.9-1.fc19 hercules-3.09-1.fc19 libusbx-1.0.16-3.fc19 mate-screensaver-1.6.1-2.fc19 mingw-qt5-qtlocation-5.0.0-0.6.git20130510.f2840834.fc19 nss-3.15.1-3.fc19 opencv-2.4.6.1-1.fc19 openlmi-networking-0.0.9-4.fc19 perl-MooseX-ClassAttribute-0.27-1.fc19 python-django-south-0.8.1-1.fc19 security-menus-1.2.0-1.fc19 supermin-4.1.2-1.fc19 sympy-0.7.3-1.fc19 tito-0.4.17-1.fc19 tycho-0.18.1-4.fc19 tycho-extras-0.18.1-1.fc19 v4l-utils-1.0.0-1.fc19 v8-3.14.5.10-2.fc19 youtube-dl-2013.08.02-1.fc19 Details about builds: ================================================================================ apper-0.8.1-1.fc19 (FEDORA-2013-14208) KDE interface for PackageKit -------------------------------------------------------------------------------- Update Information: New upstream bugfix release, primarily improving function and reliability of QML-based updater applet. See also: http://dantti.wordpress.com/2013/07/30/apper-0-8-1-released/ -------------------------------------------------------------------------------- ChangeLog: * Tue Jul 30 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.8.1-1 - 0.8.1 (final) * Mon Jun 24 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 0.8.1-0.4.20130624 - 0.8.1 20130624 snapshot -------------------------------------------------------------------------------- ================================================================================ eigen3-3.1.4-1.fc19 (FEDORA-2013-14175) A lightweight C++ template library for vector and matrix math -------------------------------------------------------------------------------- Update Information: Update to release 3.1.4, see http://eigen.tuxfamily.org/index.php?title=ChangeLog#Eigen_3.1.4 . -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 2 2013 Sandro Mani <manisandro@xxxxxxxxx> - 3.1.4-1 - Update to release 3.1.4 - spec cleanup -------------------------------------------------------------------------------- ================================================================================ glite-lbjp-common-trio-2.3.10-2.fc19 (FEDORA-2013-14182) Standalone extended implementation of printf and scanf -------------------------------------------------------------------------------- Update Information: Standalone extended implementation of printf and scanf. Provides specialized formatting options used by Logging and Bookkeeping and Job Provenance. -------------------------------------------------------------------------------- References: [ 1 ] Bug #877810 - Review Request: glite-lbjp-common-trio - Extended implementation of printf and scanf for gLite https://bugzilla.redhat.com/show_bug.cgi?id=877810 -------------------------------------------------------------------------------- ================================================================================ grubby-8.28-1.fc19 (FEDORA-2013-14206) Command line tool for updating bootloader configs -------------------------------------------------------------------------------- Update Information: This adds the ability for grubby to deal with grub2's "saved_entry" variables. Test procedure: 1) update grubby to this version 2) create a new grub.cfg as root: grub2-mkconfig -o /path/to/grub/config 3) install a new kernel 4) verify that the grub config still has 'set default=${saved_entry}" 5) verify /boot/grub2/grubenv has saved_entry set to the new kernel -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 2 2013 Peter Jones <pjones@xxxxxxxxxx> - 8.28-1 - More work on grub's "saved_entry" system. Resolves: rhbz#768106 Resolves: rhbz#736188 * Tue Jul 30 2013 Peter Jones <pjones@xxxxxxxxxx> - 8.27-1 - Make grubby understand grub's "saved_entry" system Resolves: rhbz#768106 Resolves: rhbz#736188 - BuildRequire grub2 on appropriate platforms, for the test suite. -------------------------------------------------------------------------------- References: [ 1 ] Bug #768106 - grubby does not support grub2 set default="${saved_entry}" and replaces with "0" https://bugzilla.redhat.com/show_bug.cgi?id=768106 [ 2 ] Bug #736188 - grubby --default-kernel returns empty https://bugzilla.redhat.com/show_bug.cgi?id=736188 -------------------------------------------------------------------------------- ================================================================================ gstreamer1-1.0.9-1.fc19 (FEDORA-2013-14194) GStreamer streaming media framework runtime -------------------------------------------------------------------------------- Update Information: Latest bugfix release. Please refer to following for the list of fixes: http://lists.freedesktop.org/archives/gstreamer-announce/2013-August/000287.html -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 2 2013 Brian Pepple <bpepple@xxxxxxxxxxxxxxxxx> - 1.0.9-1 - Update to 1.0.9. -------------------------------------------------------------------------------- ================================================================================ gstreamer1-plugins-bad-free-1.0.9-1.fc19 (FEDORA-2013-14194) GStreamer streaming media framework "bad" plugins -------------------------------------------------------------------------------- Update Information: Latest bugfix release. Please refer to following for the list of fixes: http://lists.freedesktop.org/archives/gstreamer-announce/2013-August/000287.html -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 2 2013 Brian Pepple <bpepple@xxxxxxxxxxxxxxxxx> - 1.0.9-1 - Update to 1.0.9. - Add libgstmidi to filelist. -------------------------------------------------------------------------------- ================================================================================ gstreamer1-plugins-base-1.0.9-1.fc19 (FEDORA-2013-14194) GStreamer streaming media framework base plugins -------------------------------------------------------------------------------- Update Information: Latest bugfix release. Please refer to following for the list of fixes: http://lists.freedesktop.org/archives/gstreamer-announce/2013-August/000287.html -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 2 2013 Brian Pepple <bpepple@xxxxxxxxxxxxxxxxx> - 1.0.9-1 - Update to 1.0.9. -------------------------------------------------------------------------------- ================================================================================ gstreamer1-plugins-good-1.0.9-1.fc19 (FEDORA-2013-14194) GStreamer plugins with good code and licensing -------------------------------------------------------------------------------- Update Information: Latest bugfix release. Please refer to following for the list of fixes: http://lists.freedesktop.org/archives/gstreamer-announce/2013-August/000287.html -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 2 2013 Brian Pepple <bpepple@xxxxxxxxxxxxxxxxx> - 1.0.9-1 - Update to 1.0.9. -------------------------------------------------------------------------------- ================================================================================ hercules-3.09-1.fc19 (FEDORA-2013-14178) Hercules S/370, ESA/390, and z/Architecture emulator -------------------------------------------------------------------------------- Update Information: update to version 3.09 * Allow regex replacement variables in HAO commands (Roger Bowler) * Prevent duplicate EQID (Gordon Bonorchis) * Permit concurrent read access to printer and punch files (Roger Bowler) * DFP zoned-conversion facility (Roger Bowler) * Execution-hint facility (Roger Bowler) * Miscellaneous-instruction-extensions facility (Roger Bowler) * Load-and-trap facility (Roger Bowler) * Fix for VSAM Extended Format (David "Fish" Trout) * APL\360 2741 patch (Max H. Parke) * Fix interval timer repeating interrupt (Ivan Warren, Kevin Leonard) * Corrections to build procedures (Mike Frysinger, Dan Horak) * Miscellaneous bug fixes (Roger Bowler) -------------------------------------------------------------------------------- ChangeLog: * Tue Jul 30 2013 Dan Horák <dan[at]danny.cz> - 3.09-1 - updated to 3.09 (#989939) * Sat Jun 1 2013 Dan Horák <dan[at]danny.cz> - 3.08.2-2 - fix build on EL-6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #989939 - hercules-3.09 is available https://bugzilla.redhat.com/show_bug.cgi?id=989939 -------------------------------------------------------------------------------- ================================================================================ libusbx-1.0.16-3.fc19 (FEDORA-2013-14192) Library for accessing USB devices -------------------------------------------------------------------------------- Update Information: - New upstream 1.0.16 release - Fix libusb_exit sometimes (race) deadlocking on exit (rhbz#985484) -------------------------------------------------------------------------------- ChangeLog: * Tue Jul 30 2013 Hans de Goede <hdegoede@xxxxxxxxxx> - 1.0.16-3 - Fix another libusb_exit deadlock (rhbz#985484) * Fri Jul 19 2013 Hans de Goede <hdegoede@xxxxxxxxxx> - 1.0.16-2 - Fix libusb_exit sometimes (race) deadlocking on exit (rhbz#985484) * Thu Jul 11 2013 Hans de Goede <hdegoede@xxxxxxxxxx> - 1.0.16-1 - New upstream 1.0.16 final release * Sat Jul 6 2013 Hans de Goede <hdegoede@xxxxxxxxxx> - 1.0.16-0.2.rc3 - New upstream 1.0.16-rc3 release * Mon Jul 1 2013 Hans de Goede <hdegoede@xxxxxxxxxx> - 1.0.16-0.1.rc2 - New upstream 1.0.16-rc2 release -------------------------------------------------------------------------------- References: [ 1 ] Bug #985484 - Deadlock in linux_udev_event_thread_main at os/linux_udev.c:153 https://bugzilla.redhat.com/show_bug.cgi?id=985484 -------------------------------------------------------------------------------- ================================================================================ mate-screensaver-1.6.1-2.fc19 (FEDORA-2013-14201) MATE Screensaver -------------------------------------------------------------------------------- Update Information: - Update to 1.6.1 -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 2 2013 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.6.1-2 - bump version to 1.6.1-2 * Fri Aug 2 2013 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.6.1-1 - Update to 1.6.1 - Drop patches - move doc dir for > f19 -------------------------------------------------------------------------------- ================================================================================ mingw-qt5-qtlocation-5.0.0-0.6.git20130510.f2840834.fc19 (FEDORA-2013-14196) Qt5 for Windows - QtLocation component -------------------------------------------------------------------------------- Update Information: New package -------------------------------------------------------------------------------- References: [ 1 ] Bug #858069 - Review Request: mingw-qt5-qtlocation - Qt5 for Windows - QtLocation component https://bugzilla.redhat.com/show_bug.cgi?id=858069 -------------------------------------------------------------------------------- ================================================================================ nss-3.15.1-3.fc19 (FEDORA-2013-14189) Network Security Services -------------------------------------------------------------------------------- Update Information: Add configuration files man pages. -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 2 2013 Elio Maldonado <emaldona@xxxxxxxxxx> - 3.15.1-3 - Add man page for pkcs11.txt configuration file and cert and key databases - Resolves: rhbz#985114 - Provide man pages for the nss configuration files -------------------------------------------------------------------------------- References: [ 1 ] Bug #985114 - Provide man pages for the nss configuration files https://bugzilla.redhat.com/show_bug.cgi?id=985114 -------------------------------------------------------------------------------- ================================================================================ opencv-2.4.6.1-1.fc19 (FEDORA-2013-14204) Collection of algorithms for computer vision -------------------------------------------------------------------------------- Update Information: Update to 2.4.6.1 -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 24 2013 Nicolas Chauvet <kwizart@xxxxxxxxx> - 2.4.6.1-1 - Update to 2.4.6.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #991552 - Please update to OpenCV 2.4.6 https://bugzilla.redhat.com/show_bug.cgi?id=991552 -------------------------------------------------------------------------------- ================================================================================ openlmi-networking-0.0.9-4.fc19 (FEDORA-2013-14197) CIM providers for network management -------------------------------------------------------------------------------- Update Information: Fix broken dependency on the newer konkretcmpi. -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 2 2013 Tomas Smetana <tsmetana@xxxxxxxxxx> 0.0.9-4 - add patch for the conflicting data types in the autogenerated headers * Fri Aug 2 2013 Tomas Smetana <tsmetana@xxxxxxxxxx> 0.0.9-3 - rebuild for the new konkretcmpi -------------------------------------------------------------------------------- ================================================================================ perl-MooseX-ClassAttribute-0.27-1.fc19 (FEDORA-2013-14207) Declare class attributes Moose-style -------------------------------------------------------------------------------- Update Information: This update fixes compatibility with Moose 2.08 -------------------------------------------------------------------------------- ChangeLog: * Sat Aug 3 2013 Iain Arnell <iarnell@xxxxxxxxx> 0.27-1 - udpate to latest upstream version -------------------------------------------------------------------------------- References: [ 1 ] Bug #986016 - perl-MooseX-ClassAttribute-0.26 broken w/shipped perl-Moose-2.0802 https://bugzilla.redhat.com/show_bug.cgi?id=986016 -------------------------------------------------------------------------------- ================================================================================ python-django-south-0.8.1-1.fc19 (FEDORA-2013-14203) Intelligent schema migrations for Django apps -------------------------------------------------------------------------------- Update Information: Intelligent schema migrations for Django apps -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 2 2013 Luis Bazan <lbazan@xxxxxxxxxxxxxxxxx> - 0.8.1-1 - New Upstream Version - changes dependency to python-django -------------------------------------------------------------------------------- References: [ 1 ] Bug #979894 - python-django-south has even more invalid dependencies https://bugzilla.redhat.com/show_bug.cgi?id=979894 -------------------------------------------------------------------------------- ================================================================================ security-menus-1.2.0-1.fc19 (FEDORA-2013-14198) Menu Structure for the Fedora Security Lab -------------------------------------------------------------------------------- Update Information: * Wed Jul 31 2013 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 1.2.0-1 - Updated to new upstream release 1.2.0 (fixes #981826) -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 31 2013 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 1.2.0-1 - Updated to new upstream release 1.2.0 (fixes #981826) -------------------------------------------------------------------------------- References: [ 1 ] Bug #981826 - XFCE + Security Lab Application Menu Problem https://bugzilla.redhat.com/show_bug.cgi?id=981826 -------------------------------------------------------------------------------- ================================================================================ supermin-4.1.2-1.fc19 (FEDORA-2013-14179) Tool for creating supermin appliances -------------------------------------------------------------------------------- Update Information: New upstream version with fixes for ARM. -------------------------------------------------------------------------------- ChangeLog: * Sat Aug 3 2013 Richard W.M. Jones <rjones@xxxxxxxxxx> - 4.1.2-1 - New upstream version 4.1.2. - Remove patch which is now upstream. -------------------------------------------------------------------------------- ================================================================================ sympy-0.7.3-1.fc19 (FEDORA-2013-14190) A Python library for symbolic mathematics -------------------------------------------------------------------------------- Update Information: See https://github.com/sympy/sympy/wiki/Release-Notes-for-0.7.3 for upstream release notes. -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 2 2013 Jerry James <loganjerry@xxxxxxxxx> - 0.7.3-1 - Update to 0.7.3 - Upstream dropped all tutorial translations - Add graphviz BR for documentation - Sources now distributed from github instead of googlecode -------------------------------------------------------------------------------- ================================================================================ tito-0.4.17-1.fc19 (FEDORA-2013-14183) A tool for managing rpm based git projects -------------------------------------------------------------------------------- Update Information: Fix permissions sources fedpkg modifies. -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 2 2013 Devan Goodwin <dgoodwin@xxxxxxxx> 0.4.17-1 - Fix permissions after a Fedora/Brew build. (dgoodwin@xxxxxxxxxx) - Comment out old nightly releaser. (dgoodwin@xxxxxxxxxx) - add newline to sys.stderr.write (msuchy@xxxxxxxxxx) -------------------------------------------------------------------------------- ================================================================================ tycho-0.18.1-4.fc19 (FEDORA-2013-14180) Plugins and extensions for building Eclipse plugins and OSGI bundles with Maven -------------------------------------------------------------------------------- Update Information: Update to Tycho / Tycho Extras 0.18.1. - Use MavenSession and Plexus to determine state (don't depend on env variables set by mvn-rpmbuild/mvn-local) - skipTychoVersionCheck not needed (done by default) - Properly handle cases where Tycho must resolve Maven artifacts (delegate to XMvn) -------------------------------------------------------------------------------- ChangeLog: * Tue Jul 30 2013 Roland Grunberg <rgrunber@xxxxxxxxxx> - 0.18.1-4 - Improve artifact resolution using XMvn Resolver. (Bug 986900) * Mon Jul 29 2013 Roland Grunberg <rgrunber@xxxxxxxxxx> - 0.18.1-3 - Fix Tycho file locking to work in Fedora. - Skip validateConsistentTychoVersion by default. (Bug 987271) * Wed Jul 24 2013 Roland Grunberg <rgrunber@xxxxxxxxxx> - 0.18.1-2 - Non-bootstrap build. * Wed Jul 24 2013 Roland Grunberg <rgrunber@xxxxxxxxxx> - 0.18.1-1.1 - Use MavenSession and Plexus to determine state. - Fix bootstrap build. * Thu Jul 18 2013 Roland Grunberg <rgrunber@xxxxxxxxxx> 0.18.1-1 - Make changes to ensure intermediary build succeeds. - Remove %Patch6 in favour of call to sed. * Thu Jul 18 2013 Krzysztof Daniel <kdaniel@xxxxxxxxxx> 0.18.1-1 - Update to 0.18.1. * Tue Jul 16 2013 Roland Grunberg <rgrunber@xxxxxxxxxx> - 0.18.0-4 - Look for maven artifacts using XMvn Resolver. -------------------------------------------------------------------------------- References: [ 1 ] Bug #986900 - tycho: Incorrect usage of XMvn https://bugzilla.redhat.com/show_bug.cgi?id=986900 [ 2 ] Bug #987271 - [RFE] tycho: skip version check by default when building packages https://bugzilla.redhat.com/show_bug.cgi?id=987271 -------------------------------------------------------------------------------- ================================================================================ tycho-extras-0.18.1-1.fc19 (FEDORA-2013-14180) Additional plugins for Tycho -------------------------------------------------------------------------------- Update Information: Update to Tycho / Tycho Extras 0.18.1. - Use MavenSession and Plexus to determine state (don't depend on env variables set by mvn-rpmbuild/mvn-local) - skipTychoVersionCheck not needed (done by default) - Properly handle cases where Tycho must resolve Maven artifacts (delegate to XMvn) -------------------------------------------------------------------------------- ChangeLog: * Sun Jul 28 2013 Roland Grunberg <rgrunber@xxxxxxxxxx> 0.18.1-1 - Update to 0.18.1 Release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #986900 - tycho: Incorrect usage of XMvn https://bugzilla.redhat.com/show_bug.cgi?id=986900 [ 2 ] Bug #987271 - [RFE] tycho: skip version check by default when building packages https://bugzilla.redhat.com/show_bug.cgi?id=987271 -------------------------------------------------------------------------------- ================================================================================ v4l-utils-1.0.0-1.fc19 (FEDORA-2013-14174) Utilities for video4linux and DVB devices -------------------------------------------------------------------------------- Update Information: - New upstream release 1.0.0 final - Drop libdvb5 (made private upstream for now) -------------------------------------------------------------------------------- ChangeLog: * Sat Aug 3 2013 Hans de Goede <hdegoede@xxxxxxxxxx> - 1.0.0-1 - New upstream release 1.0.0 final - Drop libdvb5 (made private upstream for now) -------------------------------------------------------------------------------- ================================================================================ v8-3.14.5.10-2.fc19 (FEDORA-2013-14176) JavaScript Engine -------------------------------------------------------------------------------- Update Information: This update fixes an issue with Google V8, as used in Google Chrome before 28.0.1500.95, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." Please note that this issue's impact on Node.js is somewhat lessened since it does not typically execute JavaScript from foreign sources. -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 2 2013 T.C. Hollingsworth <tchollingsworth@xxxxxxxxx> - 1:3.14.5.10-2 - backport fix for remote DoS or unspecified other impact via type confusion (RHBZ#991116; CVE-2013-2882) -------------------------------------------------------------------------------- References: [ 1 ] Bug #991116 - CVE-2013-2882 v8: remote DoS or unspecified other impact via type confusion https://bugzilla.redhat.com/show_bug.cgi?id=991116 -------------------------------------------------------------------------------- ================================================================================ youtube-dl-2013.08.02-1.fc19 (FEDORA-2013-14186) A small command-line program to download online videos -------------------------------------------------------------------------------- Update Information: New version. -------------------------------------------------------------------------------- ChangeLog: * Sat Aug 3 2013 Christopher Meng <rpm@xxxxxxxx> - 2013.08.02-1 - Update to new release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #990505 - youtube-dl-2013.07.31 is available https://bugzilla.redhat.com/show_bug.cgi?id=990505 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
