The following Fedora 18 Security updates need testing: Age URL 224 https://admin.fedoraproject.org/updates/FEDORA-2013-0416/fedora-business-cards-1-0.1.beta1.fc18 138 https://admin.fedoraproject.org/updates/FEDORA-2013-4823/microcode_ctl-2.0-3.fc18 122 https://admin.fedoraproject.org/updates/FEDORA-2013-6117/eucalyptus-3.2.2-1.fc18 34 https://admin.fedoraproject.org/updates/FEDORA-2013-13131/livecd-tools-18.17-1.fc18 18 https://admin.fedoraproject.org/updates/FEDORA-2013-14005/zabbix-2.0.6-3.fc18 5 https://admin.fedoraproject.org/updates/FEDORA-2013-14786/nmap-6.40-1.fc18 5 https://admin.fedoraproject.org/updates/FEDORA-2013-14774/acpid-2.0.19-5.fc18 5 https://admin.fedoraproject.org/updates/FEDORA-2013-14794/filezilla-3.7.3-1.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-14902/python-virtualenv-1.10.1-1.fc18 2 https://admin.fedoraproject.org/updates/FEDORA-2013-14930/drupal7-entity-1.2-1.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-15013/poppler-0.20.2-16.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-14985/php-5.4.18-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-15036/ssmtp-2.64-9.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-15072/glibc-2.16-34.fc18 The following Fedora 18 Critical Path updates have yet to be approved: Age URL 192 https://admin.fedoraproject.org/updates/FEDORA-2013-2192/nautilus-3.6.3-5.fc18 8 https://admin.fedoraproject.org/updates/FEDORA-2013-14660/gdisk-0.8.7-1.fc18 8 https://admin.fedoraproject.org/updates/FEDORA-2013-14661/libfm-1.1.1-2.fc18,pcmanfm-1.1.1-2.fc18 5 https://admin.fedoraproject.org/updates/FEDORA-2013-14827/pcmanfm-1.1.2-1.fc18 5 https://admin.fedoraproject.org/updates/FEDORA-2013-14839/libfm-1.1.2-1.fc18 5 https://admin.fedoraproject.org/updates/FEDORA-2013-14695/mdadm-3.2.6-21.fc18 5 https://admin.fedoraproject.org/updates/FEDORA-2013-14691/libtiff-4.0.3-7.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-15013/poppler-0.20.2-16.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-15035/libvdpau-0.7-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-15085/system-config-date-1.10.6-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-15072/glibc-2.16-34.fc18 The following builds have been pushed to Fedora 18 updates-testing 389-adminutil-1.1.18-1.fc18 cloc-1.60-1.fc18 compat-gtkhtml314-3.32.2-4.fc18 glibc-2.16-34.fc18 gtk-smooth-engine-2.14.3-2.fc18 idris-0.9.4.1-1.fc18 libvdpau-0.7-1.fc18 mate-themes-extras-1.6.3-1.fc18 mozilla-https-everywhere-3.4.1-1.fc18 opensips-1.9.1-1.fc18 python-beautifulsoup4-4.3.1-1.fc18 python-paste-deploy-1.5.0-10.fc18 rubygem-rr-1.1.2-2.fc18 rubygem-test-unit-rr-1.0.3-1.fc18 scribus-1.4.3-1.fc18 sphinxtrain-1.0.8-8.fc18 ssmtp-2.64-9.fc18 sugar-measure-49-1.fc18 system-config-date-1.10.6-1.fc18 ugene-1.12.2-1.fc18 urdfdom-headers-0.2.3-1.fc18 Details about builds: ================================================================================ 389-adminutil-1.1.18-1.fc18 (FEDORA-2013-15027) Utility library for 389 administration -------------------------------------------------------------------------------- Update Information: mem leak, compiler warnings This relase fixes 2 bugs in login and bind. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 19 2013 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.18-1 - ee1ef81 add Eclipse generated files - Ticket #47486 - compiler warnings in adminutil, admin, dsgw - 77fd77a fix mem leak in admldapBuildInfoSSL when there is no password * Fri Apr 19 2013 Noriko Hosoi <nhosoi@xxxxxxxxxx> - 1.1.17-1 -bump version to 1.1.17 Resolves: Bug 856089 - slapi_ldap_bind() doesn't check bind results (Ticket 479 - Console logins fail intermittenly) Resolves: Bug 905266 - BIND operation result not checked properly in admin server and adminutil -------------------------------------------------------------------------------- ================================================================================ cloc-1.60-1.fc18 (FEDORA-2013-15037) Count lines of code -------------------------------------------------------------------------------- Update Information: Latest upstream release -------------------------------------------------------------------------------- ChangeLog: * Sat Aug 17 2013 Ricky Elrod <codeblock@xxxxxxxxxxxxxxxxx> - 1.60-1 - Update to upstream 1.60. - Don't create a directory in %setup. - Fix rpmlint warning. * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.58-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Wed Jul 17 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 1.58-6 - Perl 5.18 rebuild * Mon Jul 1 2013 Ricky Elrod <codeblock@xxxxxxxxxxxxxxxxx> - 1.58-5 - Rebuild on Rawhide for bz #927211. -------------------------------------------------------------------------------- ================================================================================ compat-gtkhtml314-3.32.2-4.fc18 (FEDORA-2013-15086) GtkHTML library -------------------------------------------------------------------------------- Update Information: First build of compat package for gtkhtml, to support the return of gnotime. -------------------------------------------------------------------------------- References: [ 1 ] Bug #985916 - Review Request: compat-gtkhtml314 - GtkHTML library https://bugzilla.redhat.com/show_bug.cgi?id=985916 -------------------------------------------------------------------------------- ================================================================================ glibc-2.16-34.fc18 (FEDORA-2013-15072) The GNU libc libraries -------------------------------------------------------------------------------- Update Information: glibc security update: CVE-2013-2207 glibc (pt_chown): Improper pseudotty ownership and permissions changes when granting access to the slave pseudoterminal The fix may break chroots if their devpts was not mounted correctly. Fix is to mount the devpts correctly with gid=5. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 19 2013 Siddhesh Poyarekar <siddhesh@xxxxxxxxxx> - 2.16-34 - Disable pt_chown (#984829, CVE-2013-2207). -------------------------------------------------------------------------------- References: [ 1 ] Bug #976408 - CVE-2013-2207 glibc (pt_chown): Improper pseudotty ownership and permissions changes when granting access to the slave pseudoterminal https://bugzilla.redhat.com/show_bug.cgi?id=976408 -------------------------------------------------------------------------------- ================================================================================ gtk-smooth-engine-2.14.3-2.fc18 (FEDORA-2013-15082) The Smooth engine for GTK+-2.0 -------------------------------------------------------------------------------- Update Information: initial package for fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #998214 - Review Request: gtk-smooth-engine - The Smooth engine for GTK+-2.0 https://bugzilla.redhat.com/show_bug.cgi?id=998214 -------------------------------------------------------------------------------- ================================================================================ idris-0.9.4.1-1.fc18 (FEDORA-2013-15056) Functional Programming Language with Dependent Types -------------------------------------------------------------------------------- Update Information: See http://www.idris-lang.org/ -------------------------------------------------------------------------------- References: [ 1 ] Bug #947819 - Review Request: idris - Functional Programming Language with Dependent Types https://bugzilla.redhat.com/show_bug.cgi?id=947819 -------------------------------------------------------------------------------- ================================================================================ libvdpau-0.7-1.fc18 (FEDORA-2013-15035) Wrapper library for the Video Decode and Presentation API -------------------------------------------------------------------------------- Update Information: Update to 0.7 Add support for prime -------------------------------------------------------------------------------- ChangeLog: * Sat Aug 3 2013 Simone Caronni <negativo17@xxxxxxxxx> - 0.7-1 - Update to 0.7; adds prime support. * Wed Jul 31 2013 Simone Caronni <negativo17@xxxxxxxxx> - 0.6-2 - Enable documentation by default. - Clean up spec file a bit; remove el5 tags. - Let %doc find the proper location for the documentation. * Mon Feb 4 2013 Nicolas Chauvet <kwizart@xxxxxxxxx> - 0.6-1 - Update to 0.6 -------------------------------------------------------------------------------- ================================================================================ mate-themes-extras-1.6.3-1.fc18 (FEDORA-2013-15048) Extra gtk-2/3 themes for gtk based desktops -------------------------------------------------------------------------------- Update Information: initial package for fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #998219 - Review Request: mate-themes-extras - GTK-2/3 themes for GTK based desktops https://bugzilla.redhat.com/show_bug.cgi?id=998219 -------------------------------------------------------------------------------- ================================================================================ mozilla-https-everywhere-3.4.1-1.fc18 (FEDORA-2013-15076) HTTPS/HSTS enforcement extension for Mozilla Firefox and SeaMonkey -------------------------------------------------------------------------------- Update Information: - MANY changes since last update. -- See https://www.eff.org/files/Changelog.txt -- for details -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 19 2013 Russell Golden <niveusluna@xxxxxxxxxxxxxx> - 3.4.1-1 - Update to upstream 3.4.1. There were a lot of changes since the last update. -- See https://www.eff.org/files/Changelog.txt for details. -------------------------------------------------------------------------------- ================================================================================ opensips-1.9.1-1.fc18 (FEDORA-2013-15066) Open Source SIP Server -------------------------------------------------------------------------------- Update Information: * Ver. 1.9.1 -------------------------------------------------------------------------------- ChangeLog: * Tue Aug 20 2013 Peter Lemenkov <lemenkov@xxxxxxxxx> - 1.9.1-1 - Ver. 1.9.1 * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.8.2-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Wed Jul 17 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 1.8.2-7 - Perl 5.18 rebuild * Wed Mar 13 2013 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.8.2-6 - rebuild for new librabbitmq * Mon Mar 4 2013 Thomas Spura <tomspur@xxxxxxxxxxxxxxxxx> - 1.8.2-5 - Fix Berk(e)ley typo in summary * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.8.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #850248 - Introduce new systemd-rpm macros in opensips spec file https://bugzilla.redhat.com/show_bug.cgi?id=850248 [ 2 ] Bug #955184 - opensips package should be built with PIE flags https://bugzilla.redhat.com/show_bug.cgi?id=955184 -------------------------------------------------------------------------------- ================================================================================ python-beautifulsoup4-4.3.1-1.fc18 (FEDORA-2013-15030) HTML/XML parser for quick-turnaround applications like screen-scraping -------------------------------------------------------------------------------- Update Information: Update to latest upstream release beautilfulsoup 4.3.1. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 19 2013 Terje Rosten <terje.rosten@xxxxxxx> - 4.3.1-1 - 4.3.1 * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 4.2.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #996463 - python-beautifulsoup4-4.3.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=996463 -------------------------------------------------------------------------------- ================================================================================ python-paste-deploy-1.5.0-10.fc18 (FEDORA-2013-15052) Load, configure, and compose WSGI applications and servers -------------------------------------------------------------------------------- Update Information: Fix typo in python3 conditional. python3 subpackage. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 19 2013 Ralph Bean <rbean@xxxxxxxxxx> - 1.5.0-10 - Fix typo in with_python3 conditional; patch from Tomas Dabašinskas. * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.5.0-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #970434 - Typo in spec file https://bugzilla.redhat.com/show_bug.cgi?id=970434 -------------------------------------------------------------------------------- ================================================================================ rubygem-rr-1.1.2-2.fc18 (FEDORA-2013-15087) RR (Double Ruby) is a test double framework -------------------------------------------------------------------------------- Update Information: rr is upgraded to 1.1.2. Currently just require'ing rr module does not work due to missing VERSION file. This new rpm will fix this issue. test-unit-rr is upgraded to 1.0.3 to work correctly with new rr. -------------------------------------------------------------------------------- ChangeLog: * Sun Aug 18 2013 Guillermo Gómez <guillermo.gomez@xxxxxxxxx> - 1.1.2-2 - Test suited removed temporarily - New doc files added - CREDITS.md file added * Sun Aug 18 2013 Guillermo Gómez <guillermo.gomez@xxxxxxxxx> - 1.1.2-1 - Updated version 1.1.2 * Thu Aug 15 2013 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 1.0.5-3 - Don't kill VERSION file to make rr really work (bug 993490) * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #993490 - require "rr" does not work due to missing VERSION file https://bugzilla.redhat.com/show_bug.cgi?id=993490 -------------------------------------------------------------------------------- ================================================================================ rubygem-test-unit-rr-1.0.3-1.fc18 (FEDORA-2013-15087) Test::Unit::RR - RR adapter for Test::Unit -------------------------------------------------------------------------------- Update Information: rr is upgraded to 1.1.2. Currently just require'ing rr module does not work due to missing VERSION file. This new rpm will fix this issue. test-unit-rr is upgraded to 1.0.3 to work correctly with new rr. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 19 2013 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 1.0.3-1 - 1.0.3 * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0.2-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Wed Feb 27 2013 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 1.0.2-5 - F-19: Rebuild for ruby 2.0.0 * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #993490 - require "rr" does not work due to missing VERSION file https://bugzilla.redhat.com/show_bug.cgi?id=993490 -------------------------------------------------------------------------------- ================================================================================ scribus-1.4.3-1.fc18 (FEDORA-2013-15083) DeskTop Publishing application written in Qt -------------------------------------------------------------------------------- Update Information: - update to 1.4.3 - http://wiki.scribus.net/canvas/1.4.3_Release -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 19 2013 Dan Horák <dan[at]danny.cz> - 1.4.3-1 - update to 1.4.3 (#990030) -------------------------------------------------------------------------------- References: [ 1 ] Bug #990030 - scribus-1.4.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=990030 -------------------------------------------------------------------------------- ================================================================================ sphinxtrain-1.0.8-8.fc18 (FEDORA-2013-15089) Acoustic model trainer for CMU's Sphinx tools -------------------------------------------------------------------------------- Update Information: This updates fixes several places in perl code where sphinxtrain assumes that it has files installed under /usr/lib. Those files are actually under /usr/lib64 on 64-bit systems. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 19 2013 Jerry JUames <loganjerry@xxxxxxxxx> - 1.0.8-8 - Find library files on 64-bit systems (bz 997986) * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0.8-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Wed Jul 17 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 1.0.8-6 - Perl 5.18 rebuild * Fri Mar 29 2013 Jerry James <loganjerry@xxxxxxxxx> - 1.0.8-5 - Add -largefile patch for large file support -------------------------------------------------------------------------------- References: [ 1 ] Bug #997986 - [abrt] sphinxtrain-1.0.8-5.fc19: sphinxtrain:34:setup:IOError: [Errno 2] No such file or directory: '/usr/lib/sphinxtrain/etc/sphinx_train.cfg' https://bugzilla.redhat.com/show_bug.cgi?id=997986 -------------------------------------------------------------------------------- ================================================================================ ssmtp-2.64-9.fc18 (FEDORA-2013-15036) Extremely simple MTA to get mail off the system to a Mailhub -------------------------------------------------------------------------------- Update Information: Use a corrected patch to validate server certificates Removes world read access from the configuration file thus prohibiting reading of password stored inside it. Removes world read access from the configuration file thus prohibiting reading of password stored inside it. -------------------------------------------------------------------------------- ChangeLog: * Tue Aug 20 2013 Manuel "lonely wolf" Wolfshant <wolfy@xxxxxxxxxxxxxxxxx> - 2.64-9 - replace TLS patch with a corrected one. thanks Till Maas for the fix * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.64-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #864894 - ssmtp: Does not validate server certificates when using TLS connection https://bugzilla.redhat.com/show_bug.cgi?id=864894 -------------------------------------------------------------------------------- ================================================================================ sugar-measure-49-1.fc18 (FEDORA-2013-15031) Measure for Sugar -------------------------------------------------------------------------------- Update Information: Version 49 release Version 48 release Version 48 release -------------------------------------------------------------------------------- ChangeLog: * Tue Aug 20 2013 Kalpa Welivitigoda <callkalpa@xxxxxxxxx> 49-1 - Release 49 * Sun Aug 18 2013 Kalpa Welivitigoda <callkalpa@xxxxxxxxx> 48-1 - Release 48 * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 47-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ system-config-date-1.10.6-1.fc18 (FEDORA-2013-15085) A graphical interface for modifying system date and time -------------------------------------------------------------------------------- Update Information: This release contains updated translations. -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 17 2013 Nils Philippsen <nils@xxxxxxxxxx> - 1.10.6-1 - pull updated translations (#950571) -------------------------------------------------------------------------------- References: [ 1 ] Bug #950571 - Simplified Chinese translation should be updated https://bugzilla.redhat.com/show_bug.cgi?id=950571 -------------------------------------------------------------------------------- ================================================================================ ugene-1.12.2-1.fc18 (FEDORA-2013-15075) Integrated bioinformatics toolkit -------------------------------------------------------------------------------- Update Information: This is patch release that contains several major bug fixes and minor interface improvements requested by users The full list of changes done in this release can be found in our bug tracker https://ugene.unipro.ru/tracker/browse/UGENE-2015?jql=project%20%3D%20UGENE%20AND%20fixVersion%20%3D%20%221.12.2%22%20AND%20resolution%20is%20not%20EMPTY -------------------------------------------------------------------------------- ChangeLog: * Tue Aug 20 2013 Yulia Algaer <yalgaer@xxxxxxxxx> 1.12.2-1 - Upstream version change -------------------------------------------------------------------------------- ================================================================================ urdfdom-headers-0.2.3-1.fc18 (FEDORA-2013-15062) The URDF (U-Robot Description Format) headers -------------------------------------------------------------------------------- Update Information: Here is where you give an explanation of your update. -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 19 2013 Rich Mattes <richmattes@xxxxxxxxx> - 0.2.3-1 - Update to release 0.2.3 - Move upstream to github -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
