The following Fedora 18 Security updates need testing: Age URL 228 https://admin.fedoraproject.org/updates/FEDORA-2013-0416/fedora-business-cards-1-0.1.beta1.fc18 141 https://admin.fedoraproject.org/updates/FEDORA-2013-4823/microcode_ctl-2.0-3.fc18 126 https://admin.fedoraproject.org/updates/FEDORA-2013-6117/eucalyptus-3.2.2-1.fc18 38 https://admin.fedoraproject.org/updates/FEDORA-2013-13131/livecd-tools-18.17-1.fc18 22 https://admin.fedoraproject.org/updates/FEDORA-2013-14005/zabbix-2.0.6-3.fc18 9 https://admin.fedoraproject.org/updates/FEDORA-2013-14786/nmap-6.40-1.fc18 9 https://admin.fedoraproject.org/updates/FEDORA-2013-14794/filezilla-3.7.3-1.fc18 7 https://admin.fedoraproject.org/updates/FEDORA-2013-14902/python-virtualenv-1.10.1-1.fc18 6 https://admin.fedoraproject.org/updates/FEDORA-2013-14930/drupal7-entity-1.2-1.fc18 5 https://admin.fedoraproject.org/updates/FEDORA-2013-15013/poppler-0.20.2-16.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-15036/ssmtp-2.64-9.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-15072/glibc-2.16-34.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-15142/drupal7-theme-zen-5.4-1.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-14985/php-5.4.19-1.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-15181/ansible-1.2.3-2.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-15157/perl-Module-Metadata-1.000015-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-15223/roundcubemail-0.9.3-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-15253/php-pear-Auth-OpenID-2.2.2-7.fc18 The following Fedora 18 Critical Path updates have yet to be approved: Age URL 196 https://admin.fedoraproject.org/updates/FEDORA-2013-2192/nautilus-3.6.3-5.fc18 12 https://admin.fedoraproject.org/updates/FEDORA-2013-14660/gdisk-0.8.7-1.fc18 12 https://admin.fedoraproject.org/updates/FEDORA-2013-14661/libfm-1.1.1-2.fc18,pcmanfm-1.1.1-2.fc18 9 https://admin.fedoraproject.org/updates/FEDORA-2013-14695/mdadm-3.2.6-21.fc18 9 https://admin.fedoraproject.org/updates/FEDORA-2013-14691/libtiff-4.0.3-7.fc18 8 https://admin.fedoraproject.org/updates/FEDORA-2013-14827/pcmanfm-1.1.2-1.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-15035/libvdpau-0.7-1.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-15085/system-config-date-1.10.6-1.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-15072/glibc-2.16-34.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-15226/libfm-1.1.2.2-1.fc18 The following builds have been pushed to Fedora 18 updates-testing glances-1.7.1-1.fc18 php-htmLawed-1.1.15-2.fc18 php-pear-Auth-OpenID-2.2.2-7.fc18 python-rhsm-1.10.1-1.fc18 python-rosdep-0.10.21-1.fc18 rabbitmq-server-3.1.5-1.fc18 subscription-manager-1.10.1-1.fc18 tinymce-3.5.8-1.fc18 wordpress-3.6-1.fc18 Details about builds: ================================================================================ glances-1.7.1-1.fc18 (FEDORA-2013-15256) CLI curses based monitoring tool -------------------------------------------------------------------------------- Update Information: Update to 1.7.1 update to 1.7 update to 1.7 update to 1.7 -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 23 2013 Edouard Bourguignon <madko@xxxxxxxxxxx> - 1.7.1-1 - Update to 1.7.1 * Sun Aug 11 2013 Edouard Bourguignon <madko@xxxxxxxxxxx> - 1.7-1 - Update to 1.7 * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.6.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Thu Apr 18 2013 Michel Salim <salimma@xxxxxxxxxxxxxxxxx> - 1.6.1-1 - Update to 1.6.1 * Tue Mar 19 2013 Michel Salim <salimma@xxxxxxxxxxxxxxxxx> - 1.6-2 - On el5, build against python26 stack -------------------------------------------------------------------------------- References: [ 1 ] Bug #999006 - glances-1.7.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=999006 [ 2 ] Bug #995805 - glances-1.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=995805 -------------------------------------------------------------------------------- ================================================================================ php-htmLawed-1.1.15-2.fc18 (FEDORA-2013-15252) PHP code to purify and filter HTML -------------------------------------------------------------------------------- Update Information: Version 1.1.15 - 11 August 2013 * Improved tidying/prettifying functionality -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 23 2013 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.1.15-2 - update to 1.1.15 -------------------------------------------------------------------------------- ================================================================================ php-pear-Auth-OpenID-2.2.2-7.fc18 (FEDORA-2013-15253) PHP OpenID -------------------------------------------------------------------------------- Update Information: Fix for CVE-2013-4701 -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 23 2013 Kevin Fenzi <kevin@xxxxxxxxx> 2.2.2-7 - Patch for CVE-2013-4701 * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.2.2-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Fri Feb 22 2013 Kevin Fenzi <kevin@xxxxxxxxx> 2.2.2-5 - Fixed pear metadata directory location. Fixes FTBFS bug 914351 * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.2.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #999687 - CVE-2013-4701 php-pear-Auth-OpenID: XML External Entity issue allows for reading arbitrary files or excessive resource consumption https://bugzilla.redhat.com/show_bug.cgi?id=999687 -------------------------------------------------------------------------------- ================================================================================ python-rhsm-1.10.1-1.fc18 (FEDORA-2013-15272) A Python library to communicate with a Red Hat Unified Entitlement Platform -------------------------------------------------------------------------------- Update Information: This release includes numerous bug fixes. -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 22 2013 Alex Wood <awood@xxxxxxxxxx> 1.10.1-1 - 997194: fix interpolation of default values (ckozak@xxxxxxxxxx) - bump version to 1.10.x (jesusr@xxxxxxxxxx) - remove 6.5 releaser (jesusr@xxxxxxxxxx) * Wed Aug 14 2013 jesus m. rodriguez <jesusr@xxxxxxxxxx> 1.9.2-1 - remove rhel 5.9, 5.10, 6.3, 6.4 (jesusr@xxxxxxxxxx) - Fedora 17 is at end of life. (awood@xxxxxxxxxx) -------------------------------------------------------------------------------- ================================================================================ python-rosdep-0.10.21-1.fc18 (FEDORA-2013-15251) ROS System Dependency Installer -------------------------------------------------------------------------------- Update Information: Add a requirement on python-catkin_pkg to satisfy rhbz#975896 -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 19 2013 Rich Mattes <richmattes@xxxxxxxxx> - 0.10.21-1 - Update to release 0.10.21 - Depend on python-catkin_pkg (rhbz#975896) * Sat Jun 1 2013 Rich Mattes <richmattes@xxxxxxxxx> - 0.10.18-1.20130601git91fb6852 - Update to release 0.10.18 - Update github source url -------------------------------------------------------------------------------- References: [ 1 ] Bug #975896 - rosdep init fails https://bugzilla.redhat.com/show_bug.cgi?id=975896 -------------------------------------------------------------------------------- ================================================================================ rabbitmq-server-3.1.5-1.fc18 (FEDORA-2013-15260) The RabbitMQ server -------------------------------------------------------------------------------- Update Information: * New Upstream Release - 3.1.5 (bugfix release) -------------------------------------------------------------------------------- ChangeLog: * Sat Aug 24 2013 Peter Lemenkov <lemenkov@xxxxxxxxx> - 3.1.5-1 - New Upstream Release - 3.1.5 (bugfix release) * Wed Aug 7 2013 Peter Lemenkov <lemenkov@xxxxxxxxx> - 3.1.4-1 - New Upstream Release - 3.1.4 (bugfix release) * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.1.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #850289 - Introduce new systemd-rpm macros in rabbitmq-server spec file https://bugzilla.redhat.com/show_bug.cgi?id=850289 [ 2 ] Bug #948651 - contents of rabbitmq-server package different if built from source vs yum -y install rabbitmq-server https://bugzilla.redhat.com/show_bug.cgi?id=948651 [ 3 ] Bug #951518 - rabbitmq-server and ulimit nofile limit. https://bugzilla.redhat.com/show_bug.cgi?id=951518 [ 4 ] Bug #880703 - upgrade rabbitmq-server to include important updates https://bugzilla.redhat.com/show_bug.cgi?id=880703 -------------------------------------------------------------------------------- ================================================================================ subscription-manager-1.10.1-1.fc18 (FEDORA-2013-15272) Tools and libraries for subscription and repository management -------------------------------------------------------------------------------- Update Information: This release includes numerous bug fixes. -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 22 2013 Alex Wood <awood@xxxxxxxxxx> 1.10.1-1 - Adding Fedora 20 branch to releaser. (awood@xxxxxxxxxx) - Subscribe/unsubscribe mirror attach/remove tests (alikins@xxxxxxxxxx) - Revert "990195: remove subscribe options" (alikins@xxxxxxxxxx) - 994620: reword tooltip message (ckozak@xxxxxxxxxx) - 997935: stop making requests after unregister (ckozak@xxxxxxxxxx) - 997740: allow autoheal call more often (ckozak@xxxxxxxxxx) - Prevent name collision over the parent variable in RHEL 5 Firstboot. (awood@xxxxxxxxxx) - 997189: error is now a sys.exc_info() tuple. (awood@xxxxxxxxxx) - self._parent is not defined here. (awood@xxxxxxxxxx) - bump version and remove rhel-6.5 releaser (jesusr@xxxxxxxxxx) - Convert contract selection window to use a MappedListStore. (awood@xxxxxxxxxx) - Stripe rows whenever the My Subs or All Available tabs are shown. (awood@xxxxxxxxxx) - 991165: Refresh row striping after the TreeView is resorted. (awood@xxxxxxxxxx) - Remove unused background attribute in Installed Products tab. (awood@xxxxxxxxxx) - Set background color on progress bar renderer. (awood@xxxxxxxxxx) - No need to set a hint to true in glade then false in code. (awood@xxxxxxxxxx) - Remove duplicate import. (awood@xxxxxxxxxx) - Add a very simple "smoke" test script (alikins@xxxxxxxxxx) - 842402: Re-aligning Subscription Manager Gui (cschevia@xxxxxxxxxx) * Wed Aug 14 2013 jesus m. rodriguez <jesusr@xxxxxxxxxx> 1.9.2-1 - 851321: Refresh/redraw tables after removing subscriptions (cschevia@xxxxxxxxxx) - 974587: allow certs with no content (ckozak@xxxxxxxxxx) - 977920, 983660: manpage updates (dlackey@xxxxxxxxxxxxxx) - 987579: Re-arranged preferences dialog (cschevia@xxxxxxxxxx) - 990195: remove subscribe options (ckozak@xxxxxxxxxx) - 991214: refresh ent dir, catch exception gracefully (ckozak@xxxxxxxxxx) - 991548: Display correct error message for registration failures. (awood@xxxxxxxxxx) - 991580: add rhsmd debug to stdout (ckozak@xxxxxxxxxx) - 993202: fix default config, take advantage of rhsmconfig options (ckozak@xxxxxxxxxx) - 994266: list consumed shows expired bugs (ckozak@xxxxxxxxxx) - 994997: Fix Unknown is_guest during firstboot. (dgoodwin@xxxxxxxxxx) - Changed 'It is' to possessive 'Its' (cschevia@xxxxxxxxxx) - Remove unused WARNING_DAYS variable (ckozak@xxxxxxxxxx) - Bump python-rhsm requires to 1.9.1 for config changes. (dgoodwin@xxxxxxxxxx) - add ondate to status (ckozak@xxxxxxxxxx) - Fedora 17 is at end of life. (awood@xxxxxxxxxx) -------------------------------------------------------------------------------- ================================================================================ tinymce-3.5.8-1.fc18 (FEDORA-2013-15268) Web based Javascript HTML WYSIWYG editor control -------------------------------------------------------------------------------- Update Information: This update provides the latest upstream version of tinymce (all 3.x releases are compatible, newer builds provide only bugfixes and new functionality) and removes a pre-built Flash binary from the package, whose inclusion was contrary to Fedora policy: https://fedoraproject.org/wiki/Packaging:Guidelines#No_inclusion_of_pre-built_binaries_or_libraries . The effect of this removal is that the media embedding plugin will only embed an HTML5 video player; it will not try and use a Flash plugin to provide a player widget if HTML5 video is not possible for the given browser and media type. -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 23 2013 Adam Williamson <awilliam@xxxxxxxxxx> - 3.5.8-1 - bump to latest upstream release - drop pre-build Flash blobs, patch media plugin not to try and use moxieplayer * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.4.3.2-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Fri Feb 15 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.4.3.2-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1000266 - tinymce contains bundled Flash and Shockwave files https://bugzilla.redhat.com/show_bug.cgi?id=1000266 -------------------------------------------------------------------------------- ================================================================================ wordpress-3.6-1.fc18 (FEDORA-2013-15262) Blog tool and publishing platform -------------------------------------------------------------------------------- Update Information: This update provides the latest upstream release of Wordpress, 3.6, with bug fixes and new features. Fedora does not try to stick with old branches of Wordpress as upstream does not support them, instead encouraging all deployments to update to the latest release. It also removes several Flash and Silverlight binaries which the package was previously shipping in pre-compiled form. This is not compatible with Fedora guidelines. It would not be straightforward to compile these during the package build process, so they have had to be removed. The impact of these changes has been documented in the README.fedora file. -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 22 2013 Adam Williamson <awilliam@xxxxxxxxxx> - 3.6.0-1 - update to 3.6.0 - drop pre-compiled Flash and Silverlight binaries - #1000267 * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.5.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1000267 - wordpress contains bundled Flash and Silverlight files https://bugzilla.redhat.com/show_bug.cgi?id=1000267 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test