The following Fedora 18 Security updates need testing: Age URL 213 https://admin.fedoraproject.org/updates/FEDORA-2013-0416/fedora-business-cards-1-0.1.beta1.fc18 127 https://admin.fedoraproject.org/updates/FEDORA-2013-4823/microcode_ctl-2.0-3.fc18 112 https://admin.fedoraproject.org/updates/FEDORA-2013-6117/eucalyptus-3.2.2-1.fc18 24 https://admin.fedoraproject.org/updates/FEDORA-2013-13131/livecd-tools-18.17-1.fc18 14 https://admin.fedoraproject.org/updates/FEDORA-2013-13672/subversion-1.7.11-1.fc18.1 10 https://admin.fedoraproject.org/updates/FEDORA-2013-13900/python-keystoneclient-0.2.0-2.fc18 8 https://admin.fedoraproject.org/updates/FEDORA-2013-13922/httpd-2.4.6-2.fc18 8 https://admin.fedoraproject.org/updates/FEDORA-2013-13940/gnupg-1.4.14-1.fc18 8 https://admin.fedoraproject.org/updates/FEDORA-2013-14005/zabbix-2.0.6-3.fc18 6 https://admin.fedoraproject.org/updates/FEDORA-2013-14205/v8-3.14.5.10-2.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-14261/smokeping-2.6.9-1.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-14355/samba-4.0.8-1.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-14362/spice-0.12.4-1.fc18 2 https://admin.fedoraproject.org/updates/FEDORA-2013-14423/hylafax+-5.5.4-1.fc18 2 https://admin.fedoraproject.org/updates/FEDORA-2013-14419/firefox-23.0-1.fc18,xulrunner-23.0-2.fc18,thunderbird-17.0.8-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-14281/putty-0.62-7.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-14454/cacti-0.8.8b-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-14510/strongswan-5.1.0-2.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-14539/chrony-1.29-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-14488/libtommath-0.42.0-2.fc18,libtomcrypt-1.17-20.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-14568/seamonkey-2.20-1.fc18 The following Fedora 18 Critical Path updates have yet to be approved: Age URL 182 https://admin.fedoraproject.org/updates/FEDORA-2013-2192/nautilus-3.6.3-5.fc18 13 https://admin.fedoraproject.org/updates/FEDORA-2013-13756/make-3.82-15.fc18 8 https://admin.fedoraproject.org/updates/FEDORA-2013-13939/koji-1.8.0-2.fc18 8 https://admin.fedoraproject.org/updates/FEDORA-2013-13970/audit-2.3.2-1.fc18 7 https://admin.fedoraproject.org/updates/FEDORA-2013-14164/device-mapper-persistent-data-0.2.3-1.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-14248/spherical-cow-kde-theme-18.0.3-1.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-14262/cryptsetup-1.6.2-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-14539/chrony-1.29-1.fc18 The following builds have been pushed to Fedora 18 updates-testing akonadi-1.10.2-1.fc18 canl-c-2.1.2-1.fc18 chrony-1.29-1.fc18 dblatex-0.3.4-8.fc18 gmpy-1.17-1.fc18 licq-1.7.1-4.fc18 mate-utils-1.6.0-7.fc18 open-vm-tools-9.2.3-6.fc18 oz-0.11.0-2.fc18 python-ctrldaemon-0.2-1.fc18 python-django-memcached-pool-0.4.1-3.fc18 python-pefile-1.2.10_123-1.fc18 python-tahrir-0.3.0-1.fc18 python-waitress-0.8.5-2.fc18 salt-0.16.2-1.fc18 seamonkey-2.20-1.fc18 Details about builds: ================================================================================ akonadi-1.10.2-1.fc18 (FEDORA-2013-14548) PIM Storage Service -------------------------------------------------------------------------------- Update Information: Akonadi 1.10.2 -------------------------------------------------------------------------------- ChangeLog: * Sun Jul 28 2013 dvratil@xxxxxxxxxx - 1.10.2-1 - 1.10.2 * Sat Jul 27 2013 pmachata@xxxxxxxxxx - 1.10.1-2 - Rebuild for boost 1.54.0 * Thu Jul 25 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.10.1-1 - akonadi-1.10.1 - mysql_conf_timestamp 20130607 * Sat Jul 13 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.10.0-1 - 1.10.0 * Thu Jun 27 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.9.80-1 - 1.9.80 -------------------------------------------------------------------------------- ================================================================================ canl-c-2.1.2-1.fc18 (FEDORA-2013-14531) EMI Common Authentication library - bindings for C -------------------------------------------------------------------------------- Update Information: This is a hotfix for a bug whereby the type of proxy to sign whas erroneously hard-coded to a single value for different types of proxies, most importantly affecting RFC proxies. -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 8 2013 František Dvořák <valtri@xxxxxxxxxx> - 2.1.2-1 - New upstream version - Proper perl usage - Added README file * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.1.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ chrony-1.29-1.fc18 (FEDORA-2013-14539) An NTP client/server -------------------------------------------------------------------------------- Update Information: This update fixes two security vulnerabilities: a crash when processing crafted commands (CVE-2012-4502) and uninitialized data sent in command replies (CVE-2012-4503). -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 8 2013 Miroslav Lichvar <mlichvar@xxxxxxxxxx> 1.29-1 - update to 1.29 (CVE-2012-4502, CVE-2012-4503) * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.28-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #846392 - CVE-2012-4502 CVE-2012-4503 chrony: Two security flaws fixed in chrony-1.29 release https://bugzilla.redhat.com/show_bug.cgi?id=846392 -------------------------------------------------------------------------------- ================================================================================ dblatex-0.3.4-8.fc18 (FEDORA-2013-14538) DocBook to LaTeX/ConTeXt Publishing -------------------------------------------------------------------------------- Update Information: correct licene tag -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 8 2013 Michael J Gruber <mjg@xxxxxxxxxxxxxxxxx> - 0.3.4-8 - Merge in licensing changes from Stanislav Ochotnicky <sochotnicky@xxxxxxxxxx>: -* Mon Jul 29 2013 Stanislav Ochotnicky <sochotnicky@xxxxxxxxxx> - 0.3.4-8 -- Add Public Domain license and licensing comment -* Mon Jul 29 2013 Stanislav Ochotnicky <sochotnicky@xxxxxxxxxx> - 0.3.4-7 -- Add DMIT, GPLv2 and LPPL licenses -- Fix space and tab mixing -- Cleanup old spec file parts * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.3.4-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #988820 - dblatex: incorrect license tag https://bugzilla.redhat.com/show_bug.cgi?id=988820 -------------------------------------------------------------------------------- ================================================================================ gmpy-1.17-1.fc18 (FEDORA-2013-14573) A Python interface to the GNU Multiple Precision Arithmetic Library -------------------------------------------------------------------------------- Update Information: fix extension api compatibility for python 3.3 -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 9 2013 Michael J Gruber <mjg@xxxxxxxxxxxxxxxxx> - 1.17-1 - sync with upstream bugfix release 1.17 * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.16-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #989936 - gmpy-1.17 is available https://bugzilla.redhat.com/show_bug.cgi?id=989936 -------------------------------------------------------------------------------- ================================================================================ licq-1.7.1-4.fc18 (FEDORA-2013-14547) A graphical ICQ Client for Linux -------------------------------------------------------------------------------- Update Information: Add support for jabber. New upstream release. Fix deadlock. new upstream release -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 5 2013 Christopher Meng <rpm@xxxxxxxx> - 1.7.1-4 - Add devel package. - Add missing BRs for jabber support(BZ#977150). * Sat Jul 27 2013 pmachata@xxxxxxxxxx - 1.7.1-3 - Rebuild for boost 1.54.0 * Wed Jul 17 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 1.7.1-2 - Perl 5.18 rebuild * Sun Jun 2 2013 François Cami <fcami@xxxxxxxxxxxxxxxxx> - 1.7.1-1 - New upstream release. * Thu Apr 25 2013 Jon Ciesla <limburgher@xxxxxxxxx> - 1.7.0-7 - Drop desktop vendor tag. * Sun Feb 10 2013 Denis Arnaud <denis.arnaud_fedora@xxxxxxx> - 1.7.0-6 - Rebuild for Boost-1.53.0 * Sat Feb 9 2013 Denis Arnaud <denis.arnaud_fedora@xxxxxxx> - 1.7.0-5 - Rebuild for Boost-1.53.0 * Sat Jan 12 2013 François Cami <fcami@xxxxxxxxxxxxxxxxx> - 1.7.0-4 - add sox as requirement. * Sat Jan 12 2013 François Cami <fcami@xxxxxxxxxxxxxxxxx> - 1.7.0-3 - Fix deadlock, RHBZ #894247. Thanks to flynd. * Sat Jan 12 2013 François Cami <fcami@xxxxxxxxxxxxxxxxx> - 1.7.0-2 - Not public - test deadlock fix. * Wed Jan 9 2013 François Cami <fcami@xxxxxxxxxxxxxxxxx> - 1.7.0-1 - New upstream release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #977150 - Licq not works in F18 https://bugzilla.redhat.com/show_bug.cgi?id=977150 [ 2 ] Bug #894247 - Lockup on connect with 1.7.0 https://bugzilla.redhat.com/show_bug.cgi?id=894247 -------------------------------------------------------------------------------- ================================================================================ mate-utils-1.6.0-7.fc18 (FEDORA-2013-14561) MATE utility programs -------------------------------------------------------------------------------- Update Information: - runtime require mate-desktop-libs for mate-search-tool - and main package, fix rhbz #988278 -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 8 2013 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.6.0-7 - runtime require mate-desktop-libs for mate-search-tool - and main package, fix rhbz #988278 * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.6.0-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #988278 - [abrt] mate-search-tool-1.6.0-5.fc18: g_settings_set_property: Process /usr/bin/mate-search-tool was killed by signal 5 (SIGTRAP) https://bugzilla.redhat.com/show_bug.cgi?id=988278 -------------------------------------------------------------------------------- ================================================================================ open-vm-tools-9.2.3-6.fc18 (FEDORA-2013-14577) Open VMware Tools for virtual machines hosted on VMware -------------------------------------------------------------------------------- Update Information: Fixes for removing unused stuff and adding relro support, remove Fedora 17 support (EOL). -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 9 2013 Simone Caronni <negativo17@xxxxxxxxx> - 9.2.3-7 - Added options for hardening build (bug 990549). - Excluded unwanted file mount.vmhgfs from packaging (bug 990547). - Removed deprecated key "Encoding" from "Desktop Entry" (bug 990552). - Removed Fedora 17 support (EOL). * Tue Jun 4 2013 Richard W.M. Jones <rjones@xxxxxxxxxx> - 9.2.3-6 - Add BR gcc-c++. -------------------------------------------------------------------------------- References: [ 1 ] Bug #990547 - mount.vmhgfs should not be packaged https://bugzilla.redhat.com/show_bug.cgi?id=990547 [ 2 ] Bug #990549 - vmtoolsd is built with only partial RELRO https://bugzilla.redhat.com/show_bug.cgi?id=990549 [ 3 ] Bug #990552 - warning: key "Encoding" in group "Desktop Entry" is deprecated https://bugzilla.redhat.com/show_bug.cgi?id=990552 -------------------------------------------------------------------------------- ================================================================================ oz-0.11.0-2.fc18 (FEDORA-2013-14555) Library and utilities for automated guest OS installs -------------------------------------------------------------------------------- Update Information: Fix ICICLE generation with extra elements (see https://github.com/clalancette/oz/pull/105). -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 8 2013 Chris Lalancette <clalancette@xxxxxxxxx> - 0.11.0-2 - Add in the upstream patch that fixes ICICLE generation with extra elements -------------------------------------------------------------------------------- ================================================================================ python-ctrldaemon-0.2-1.fc18 (FEDORA-2013-14570) Service command wrapper for Python -------------------------------------------------------------------------------- Update Information: Service command wrapper for Python. -------------------------------------------------------------------------------- References: [ 1 ] Bug #991836 - python-ctrldaemon - Service command wrapper for Python https://bugzilla.redhat.com/show_bug.cgi?id=991836 -------------------------------------------------------------------------------- ================================================================================ python-django-memcached-pool-0.4.1-3.fc18 (FEDORA-2013-14545) A Memcached Pool for Django -------------------------------------------------------------------------------- Update Information: A Memcached Pool for Django. -------------------------------------------------------------------------------- References: [ 1 ] Bug #985190 - Review Request: python-django-memcached-pool - A Memcached Pool for Django https://bugzilla.redhat.com/show_bug.cgi?id=985190 -------------------------------------------------------------------------------- ================================================================================ python-pefile-1.2.10_123-1.fc18 (FEDORA-2013-14574) Python module for working with Portable Executable files -------------------------------------------------------------------------------- Update Information: New version. -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 8 2013 Christopher Meng <rpm@xxxxxxxx> - 1.2.10_123-1 - Update to new version. -------------------------------------------------------------------------------- ================================================================================ python-tahrir-0.3.0-1.fc18 (FEDORA-2013-14542) A pyramid app for issuing your own Open Badges -------------------------------------------------------------------------------- Update Information: JSON API. Limit relative leaderboard. Emit fedmsg messages. Misc bugfixes. Users can opt out. Websockets on the frontpage. More facelifting. More cosmetic surgery. Facelift marathon. Reorganize avatars around openid. -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 9 2013 Ralph Bean <rbean@xxxxxxxxxx> - 0.3.0-1 - Add JSON API from Ricky Elrod. - Some CSS fixups. * Mon Aug 5 2013 Ralph Bean <rbean@xxxxxxxxxx> - 0.2.9-1 - Limit the relative leaderboard to only 5 people instead of 10. - Emit fedmsg messages when invitations are claimed. * Thu Aug 1 2013 Ralph Bean <rbean@xxxxxxxxxx> - 0.2.8-1 - Fix a login user-creation bug. - Fix trailing comma on tags. - Fix trailing slash on emails. * Thu Aug 1 2013 Ralph Bean <rbean@xxxxxxxxxx> - 0.2.7-1 - Reorganize avatars around openid identifiers for ease-of-use. * Tue Jul 30 2013 Ralph Bean <rbean@xxxxxxxxxx> - 0.2.6-1 - More facelifting. - Ability for users to opt-out. * Thu Jul 18 2013 Ralph Bean <rbean@xxxxxxxxxx> - 0.2.5-3 - Remove version constraint on python-moksha-wsgi. It is behaving oddly. * Thu Jul 18 2013 Ralph Bean <rbean@xxxxxxxxxx> - 0.2.5-2 - python-dateutil is singular, not plural. * Thu Jul 18 2013 Ralph Bean <rbean@xxxxxxxxxx> - 0.2.5-1 - More facelifting. - Websocket updates for the frontpage. * Tue Jul 16 2013 Ralph Bean <rbean@xxxxxxxxxx> - 0.2.3-2 - Added requirement on python-docutils. * Tue Jul 16 2013 Ralph Bean <rbean@xxxxxxxxxx> - 0.2.3-1 - Latest upstream with more botox. * Thu Jul 11 2013 Ralph Bean <rbean@xxxxxxxxxx> - 0.2.2-2 - Added requirement for python-dogpile-cache * Wed Jul 10 2013 Ralph Bean <rbean@xxxxxxxxxx> - 0.2.2-1 - Latest upstream with more cosmetic surgery. * Wed Jul 3 2013 Ralph Bean <rbean@xxxxxxxxxx> - 0.2.1-1 - Remove old patch (shipped with upstream now). - More facelift stuff in progress. * Mon Jul 1 2013 Ralph Bean <rbean@xxxxxxxxxx> - 0.2.0-2 - Add requirement on python-qrcode. * Wed Jun 26 2013 Ralph Bean <rbean@xxxxxxxxxx> - 0.2.0-1 - Massive facelift. * Thu Jun 13 2013 Ralph Bean <rbean@xxxxxxxxxx> - 0.1.9-3 - Conditionalize sqlalchemy forward compat package for epel6. -------------------------------------------------------------------------------- ================================================================================ python-waitress-0.8.5-2.fc18 (FEDORA-2013-14540) Waitress WSGI server -------------------------------------------------------------------------------- Update Information: Install docs in unversioned dir. -------------------------------------------------------------------------------- ChangeLog: * Wed Aug 7 2013 Lorenzo Gil Sanchez <lorenzo.gil.sanchez@xxxxxxxxx> - 0.8.5-2 - Update description to use the new Fedora 20 _pkgdocdir macro, which is also defined for backwards cmompatibility -------------------------------------------------------------------------------- References: [ 1 ] Bug #994065 - python-waitress possibly affected by F-20 unversioned docdir change https://bugzilla.redhat.com/show_bug.cgi?id=994065 -------------------------------------------------------------------------------- ================================================================================ salt-0.16.2-1.fc18 (FEDORA-2013-14546) A parallel remote execution system -------------------------------------------------------------------------------- Update Information: moving to 0.16.2 -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 8 2013 Clint Savage <herlo1@xxxxxxxxx> - 0.16.2-1 - Update to patch release 0.16.2 * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.16.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ seamonkey-2.20-1.fc18 (FEDORA-2013-14568) Web browser, e-mail, news, IRC client, HTML editor -------------------------------------------------------------------------------- Update Information: Update to 2.20 Fix various security issues, see http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html for more info -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 8 2013 Dmitry Butskoy <Dmitry@xxxxxxxxxxxx> 2.20-1 - update to 2.20 * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.19-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Mon Jul 15 2013 Dmitry Butskoy <Dmitry@xxxxxxxxxxxx> 2.19-2 - implement separate switches for system/native nspr, nss and libvpx -------------------------------------------------------------------------------- References: [ 1 ] Bug #994971 - seamonkey-2.20 is available https://bugzilla.redhat.com/show_bug.cgi?id=994971 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
