Fedora 19 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 19 Security updates need testing:
 Age  URL
  55  https://admin.fedoraproject.org/updates/FEDORA-2013-14029/zabbix-2.0.6-3.fc19
  42  https://admin.fedoraproject.org/updates/FEDORA-2013-14814/python-glanceclient-0.9.0-3.fc19
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-17121/vino-3.8.1-3.fc19
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-17109/spice-gtk-0.20-6.fc19
   4  https://admin.fedoraproject.org/updates/FEDORA-2013-17373/seamonkey-2.21-1.fc19
   3  https://admin.fedoraproject.org/updates/FEDORA-2013-17397/xpdf-3.03-8.fc19
   2  https://admin.fedoraproject.org/updates/FEDORA-2013-17475/glibc-2.17-18.fc19
   2  https://admin.fedoraproject.org/updates/FEDORA-2013-17449/ReviewBoard-1.7.14-1.fc19,python-djblets-0.7.18-1.fc19
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-17618/libvirt-1.0.5.6-2.fc19
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-17661/wireshark-1.10.2-6.fc19
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-17662/rubygems-2.0.10-106.fc19


The following Fedora 19 Critical Path updates have yet to be approved:
 Age URL
  28  https://admin.fedoraproject.org/updates/FEDORA-2013-15459/kbd-1.15.5-7.fc19
   9  https://admin.fedoraproject.org/updates/FEDORA-2013-16926/langtable-0.0.14-1.fc19
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-17035/device-mapper-persistent-data-0.2.7-1.fc19
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-16994/langtable-0.0.15-1.fc19
   4  https://admin.fedoraproject.org/updates/FEDORA-2013-17357/ibus-1.5.4-1.fc19
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-17640/cronie-1.4.10-6.fc19
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-17650/tigervnc-1.3.0-7.fc19
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-17669/man-db-2.6.3-7.fc19
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-17625/NetworkManager-0.9.8.2-9.git20130709.fc19


The following builds have been pushed to Fedora 19 updates-testing

    NetworkManager-0.9.8.2-9.git20130709.fc19
    cronie-1.4.10-6.fc19
    git-cola-1.8.5-1.fc19
    glm-0.9.4.6-2.fc19
    graphite-web-0.9.12-3.fc19
    jetring-0.20-3.fc19
    keyrings-filesystem-1-1.fc19
    libuv-0.10.17-1.fc19
    libvirt-1.0.5.6-2.fc19
    man-db-2.6.3-7.fc19
    mfiler4-1.2.6-1.fc19
    munin-2.0.17-6.fc19
    nemo-extensions-1.8.0-0.3.git3e366de.fc19
    nfs-utils-1.2.8-6.0.fc19
    nodejs-0.10.19-1.fc19
    opensips-1.10.0-1.fc19
    pspp-0.8.1-1.fc19
    python-apsw-3.8.0.r2-1.fc19
    python-bucky-0.2.6-3.fc19
    python-carbon-0.9.12-2.fc19
    python-llfuse-0.39-1.fc19
    qemu-1.4.2-10.fc19
    qt5-qtbase-5.1.1-5.fc19
    rubygems-2.0.10-106.fc19
    shotwell-0.14.1-1.fc19.1
    tigervnc-1.3.0-7.fc19
    virt-manager-0.10.0-2.fc19
    virt-manager-0.10.0-3.fc19
    vpnc-0.5.3-18.svn457.fc19
    wireshark-1.10.2-6.fc19
    xyzsh-1.5.1-1.fc19
    youtube-dl-2013.09.24.2-1.fc19
    yum-langpacks-0.4.1-2.fc19

Details about builds:


================================================================================
 NetworkManager-0.9.8.2-9.git20130709.fc19 (FEDORA-2013-17625)
 Network connection manager and user applications
--------------------------------------------------------------------------------
Update Information:

Re-enables NetworkManager-dispatcher, which the F18->F19 update accidentally disabled
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 24 2013 Dan Winship <danw@xxxxxxxxxx> - 0.9.8.2-9.git20130709
- workaround for dispatcher getting disabled on upgrade (#974811)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #974811 - NetworkManager dispatchers dbus services misconfiguration
        https://bugzilla.redhat.com/show_bug.cgi?id=974811
--------------------------------------------------------------------------------


================================================================================
 cronie-1.4.10-6.fc19 (FEDORA-2013-17640)
 Cron daemon for executing programs at set times
--------------------------------------------------------------------------------
Update Information:

Cron jobs sometimes don't run e.g. when environment is using XDG_RUNTIME_DIR.

Cron daemon unit file should use KillMode=process to kill dependent processes.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Sep 25 2013 Marcela Mašláňová <mmaslano@xxxxxxxxxx> - 1.4.10-6
- some jobs are not executed because not all environment variables are set. rhbz#995590
- cronies systemd script use KillMode=process. rhbz#919290
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #919290 - should cronie's systemd script use "KillMode=process"?
        https://bugzilla.redhat.com/show_bug.cgi?id=919290
  [ 2 ] Bug #995590 - Cron job runs, but doesn't do anything
        https://bugzilla.redhat.com/show_bug.cgi?id=995590
--------------------------------------------------------------------------------


================================================================================
 git-cola-1.8.5-1.fc19 (FEDORA-2013-17638)
 A sleek and powerful git GUI
--------------------------------------------------------------------------------
Update Information:

Let's terminate bugs.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Sep 25 2013 Christopher Meng <rpm@xxxxxxxx> - 1.8.5-1
- Update to 1.8.5(BZ#1011796) with fix for BZ#886826.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1011796 - git-cola-1.8.5 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1011796
  [ 2 ] Bug #886826 - [abrt] git-cola-1.8.0-1.fc18: decorators.py:84:interruptable:OSError: [Errno 2] No such file or directory
        https://bugzilla.redhat.com/show_bug.cgi?id=886826
--------------------------------------------------------------------------------


================================================================================
 glm-0.9.4.6-2.fc19 (FEDORA-2013-17664)
 C++ mathematics library for graphics programming
--------------------------------------------------------------------------------
Update Information:

This update fixes bugs that were fixed upstream
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 24 2013 Joonas Sarajärvi <muep@xxxxxx> - 0.9.4.6-2
- Fix building on ARM
* Tue Sep 24 2013 Joonas Sarajärvi <muep@xxxxxx> - 0.9.4.6-1
- Update to upstream GLM version 0.9.4.6
- Bug fixes
* Tue Aug 20 2013 Joonas Sarajärvi <muep@xxxxxx> - 0.9.4.5-1
- Update to upstream GLM version 0.9.4.5
- Bug fixes
* Sat Aug  3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.9.4.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Sat Jul  6 2013 Joonas Sarajärvi <muep@xxxxxx> - 0.9.4.4-1
- Update to upstream GLM version 0.9.4.4
- Bug fixes
--------------------------------------------------------------------------------


================================================================================
 graphite-web-0.9.12-3.fc19 (FEDORA-2013-17632)
 A Django webapp for enterprise scalable realtime graphing
--------------------------------------------------------------------------------
Update Information:

Tested against ami-05355a6c.
Don't ship js/ext/resources/*.swf (RHBZ#1000253)
Don't ship js/ext/resources/*.swf (RHBZ#1000253)
Don't ship js/ext/resources/*.swf (RHBZ#1000253)
Don't ship js/ext/resources/*.swf (RHBZ#1000253)
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 24 2013 Jonathan Steffan <jsteffan@xxxxxxxxxxxxxxxxx> - 0.9.12-3
- Reorder Requires conditionals to fix amzn1 issues (RHBZ#1007300)
- Ensure python-whisper is also updated
* Tue Sep 17 2013 Jonathan Steffan <jsteffan@xxxxxxxxxxxxxxxxx> - 0.9.12-2
- Don't ship js/ext/resources/*.swf (RHBZ#1000253)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1007300 - Installation on AWS (CentOS) fails
        https://bugzilla.redhat.com/show_bug.cgi?id=1007300
  [ 2 ] Bug #1000253 - graphite-web contains bundled Flash files
        https://bugzilla.redhat.com/show_bug.cgi?id=1000253
--------------------------------------------------------------------------------


================================================================================
 jetring-0.20-3.fc19 (FEDORA-2013-17598)
 GPG keyring maintenance using changesets
--------------------------------------------------------------------------------
Update Information:

Initial package.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1009996 - Review Request: jetring - GPG keyring maintenance using changesets
        https://bugzilla.redhat.com/show_bug.cgi?id=1009996
--------------------------------------------------------------------------------


================================================================================
 keyrings-filesystem-1-1.fc19 (FEDORA-2013-17600)
 Keyrings filesystem layout
--------------------------------------------------------------------------------
Update Information:

Initial package.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1010857 - Review Request: keyrings-filesystem - Keyrings filesystem layout
        https://bugzilla.redhat.com/show_bug.cgi?id=1010857
--------------------------------------------------------------------------------


================================================================================
 libuv-0.10.17-1.fc19 (FEDORA-2013-17619)
 Platform layer for node.js
--------------------------------------------------------------------------------
Update Information:

2013.09.24, node.js Version 0.10.19 (Stable)

* readline: handle input starting with control chars (Eric Schrock)

* configure: add mips-float-abi (soft, hard) option (Andrei Sedoi)

* stream: objectMode transforms allow falsey values (isaacs)

* tls: prevent duplicate values returned from read (Nathan Rajlich)

* tls: NPN protocols are now local to connections (Fedor Indutny)

2013.09.25, libuv Version 0.10.17 (Stable)

* build: remove GCC_WARN_ABOUT_MISSING_NEWLINE (Ben Noordhuis)

* darwin: fix 10.6 build error in fsevents.c (Ben Noordhuis)

--------------------------------------------------------------------------------
ChangeLog:

* Wed Sep 25 2013 T.C. Hollingsworth <tchollingsworth@xxxxxxxxx> - 1:0.10.17-1
- new upstream release 0.10.17
  https://github.com/joyent/libuv/blob/v0.10.17/ChangeLog
--------------------------------------------------------------------------------


================================================================================
 libvirt-1.0.5.6-2.fc19 (FEDORA-2013-17618)
 Library providing a simple virtualization API
--------------------------------------------------------------------------------
Update Information:

* Fix snapshot restore when VM has disabled usb support (bz #1011520)
* Rebased to version 1.0.5.6
* Fix blockjobinfo python API (bz #999077)
* CVE-2013-4311: Insecure polkit usage (bz #1009539, bz #1005332)
* CVE-2013-4296: Invalid free memory stats (bz #1006173, bz #1009667)
* CVE-2013-4291: Supplementary groups handling (bz #1006509, bz #1006511)
* CVE-2013-5651: virBitmapParse out-of-bounds (bz #1006493)
* Fix virsh change-media with block disk type (bz #951192)
* Fix changing VNC listen address (bz #1006697)
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 24 2013 Cole Robinson <crobinso@xxxxxxxxxx> - 1.0.5.6-2
- Fix snapshot restore when VM has disabled usb support (bz #1011520)
* Fri Sep 20 2013 Cole Robinson <crobinso@xxxxxxxxxx> - 1.0.5.6-1
- Rebased to version 1.0.5.6
- Fix blockjobinfo python API (bz #999077)
- CVE-2013-4311: Insecure polkit usage (bz #1009539, bz #1005332)
- CVE-2013-4296: Invalid free memory stats (bz #1006173, bz #1009667)
- CVE-2013-4291: Supplementary groups handling (bz #1006509, bz #1006511)
- CVE-2013-5651: virBitmapParse out-of-bounds (bz #1006493)
- Fix virsh change-media with block disk type (bz #951192)
- Fix changing VNC listen address (bz #1006697)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1005332 - CVE-2013-4311 libvirt: insecure calling of polkit
        https://bugzilla.redhat.com/show_bug.cgi?id=1005332
  [ 2 ] Bug #1006173 - CVE-2013-4296 libvirt: invalid free in remoteDispatchDomainMemoryStats
        https://bugzilla.redhat.com/show_bug.cgi?id=1006173
  [ 3 ] Bug #1006509 - CVE-2013-4291 libvirt: supplementary groups not adjusted correctly when parsing label
        https://bugzilla.redhat.com/show_bug.cgi?id=1006509
  [ 4 ] Bug #1006493 - CVE-2013-5651 libvirt: virBitmapParse out-of-bounds read access
        https://bugzilla.redhat.com/show_bug.cgi?id=1006493
--------------------------------------------------------------------------------


================================================================================
 man-db-2.6.3-7.fc19 (FEDORA-2013-17669)
 Tools for searching and reading man pages
--------------------------------------------------------------------------------
Update Information:

This update fixes man crash when running with '-M' option.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 24 2013 Peter Schiffer <pschiffe@xxxxxxxxxx> - 2.6.3-7
- resolves: #986085
  fixed crash when running man with -M option
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #986085 - [abrt] man-db-2.6.3-6.fc19: main: Process /usr/bin/man was killed by signal 6 (SIGABRT)
        https://bugzilla.redhat.com/show_bug.cgi?id=986085
--------------------------------------------------------------------------------


================================================================================
 mfiler4-1.2.6-1.fc19 (FEDORA-2013-17631)
 2 pane file manager with a embedded shell
--------------------------------------------------------------------------------
Update Information:

New version 1.2.6 is released.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Sep 25 2013 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 1.2.6-1
- 1.2.6
--------------------------------------------------------------------------------


================================================================================
 munin-2.0.17-6.fc19 (FEDORA-2013-17596)
 Network-wide graphing framework (grapher/gatherer)
--------------------------------------------------------------------------------
Update Information:

BZ# 989080 Add a missing requirement on crontabs to spec file
BZ# 993985: munin possibly affected by F-20 unversioned docdir change
Move Net::IP plugins to a subpackage for dep handling
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 24 2013 D. Johnson <fenris02@xxxxxxxxxxxxxxxxx> - 2.0.17-6
- Move Net::IP plugins to a subpackage for dep handling
* Fri Aug 16 2013 D. Johnson <fenris02@xxxxxxxxxxxxxxxxx> - 2.0.17-5
- BZ# 993985: munin possibly affected by F-20 unversioned docdir change
* Sat Aug  3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.0.17-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu Aug  1 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 2.0.17-3
- Perl 5.18 rebuild
* Sat Jul 27 2013 Jóhann B. Guðmundsson <johannbg@xxxxxxxxxxxxxxxxx> - 2.0.17-2
- BZ# 989080 Add a missing requirement on crontabs to spec file
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #989080 - Add a missing requirement on crontabs for the cron job to the spec file
        https://bugzilla.redhat.com/show_bug.cgi?id=989080
  [ 2 ] Bug #993985 - munin possibly affected by F-20 unversioned docdir change
        https://bugzilla.redhat.com/show_bug.cgi?id=993985
--------------------------------------------------------------------------------


================================================================================
 nemo-extensions-1.8.0-0.3.git3e366de.fc19 (FEDORA-2013-17614)
 Extensions for Nemo
--------------------------------------------------------------------------------
Update Information:

new
--------------------------------------------------------------------------------


================================================================================
 nfs-utils-1.2.8-6.0.fc19 (FEDORA-2013-17196)
 NFS utilities and supporting clients and daemons for the kernel NFS server
--------------------------------------------------------------------------------
Update Information:

Updated to latest upstream RC release: nfs-utils-1-2-9-rc6
   * Make mountstats Python 3 compatible
   * Make nfsiostat Python 3 compatible
   * exportfs: test_export shouldn't use invalid uid/gid
   * exportfs: Fix the default authentication flavour setting
   * gssd: don't use tgtname to find our keytab
   * gssd: fix strncmp bug causing client removals
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 24 2013 Steve Dickson <steved@xxxxxxxxxx> 1.2.8-6.0
- Updated to latest upstream RC release: nfs-utils-1-2-9-rc6
* Wed Sep 18 2013 Steve Dickson <steved@xxxxxxxxxx> 1.2.8-5.0
- Updated to latest upstream RC release: nfs-utils-1-2-9-rc5
* Thu Aug 22 2013 Steve Dickson <steved@xxxxxxxxxx> 1.2.8-4.1
- nfs-utils: fix a number of specfile problems
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #985325 - Making nfs-utils Python 3 compatible
        https://bugzilla.redhat.com/show_bug.cgi?id=985325
--------------------------------------------------------------------------------


================================================================================
 nodejs-0.10.19-1.fc19 (FEDORA-2013-17619)
 JavaScript runtime
--------------------------------------------------------------------------------
Update Information:

2013.09.24, node.js Version 0.10.19 (Stable)

* readline: handle input starting with control chars (Eric Schrock)

* configure: add mips-float-abi (soft, hard) option (Andrei Sedoi)

* stream: objectMode transforms allow falsey values (isaacs)

* tls: prevent duplicate values returned from read (Nathan Rajlich)

* tls: NPN protocols are now local to connections (Fedor Indutny)

2013.09.25, libuv Version 0.10.17 (Stable)

* build: remove GCC_WARN_ABOUT_MISSING_NEWLINE (Ben Noordhuis)

* darwin: fix 10.6 build error in fsevents.c (Ben Noordhuis)

--------------------------------------------------------------------------------
ChangeLog:

* Wed Sep 25 2013 T.C. Hollingsworth <tchollingsworth@xxxxxxxxx> - 0.10.19-1
- new upstream release 0.10.19
  http://blog.nodejs.org/2013/09/24/node-v0-10-19-stable/
--------------------------------------------------------------------------------


================================================================================
 opensips-1.10.0-1.fc19 (FEDORA-2013-17607)
 Open Source SIP Server
--------------------------------------------------------------------------------
Update Information:

- Ver. 1.10.0
 - Drop support for Fedora 17 and earlier (still maintain support for EL5)
 - New external module - rest_client
 - New external module - xmlrpc_ng (contains mi_xmlrpc_ng)
 - New internal module - db_cachedb
 - New internal module - mathops
 - Disabled new external module - sngtc (requires a proprietary library)
--------------------------------------------------------------------------------
ChangeLog:

* Wed Sep 25 2013 Peter Lemenkov <lemenkov@xxxxxxxxx> - 1.10.0-1
- Ver. 1.10.0
- Drop support for Fedora 17 and earlier (still maintain support for EL5)
- New external module - rest_client
- New external module - xmlrpc_ng (contains mi_xmlrpc_ng)
- New internal module - db_cachedb
- New internal module - mathops
- Disabled new external module - sngtc (requires a proprietary library)
* Fri Sep  6 2013 Peter Lemenkov <lemenkov@xxxxxxxxx> - 1.9.1-2
- Proper directory for storing tmpfile
--------------------------------------------------------------------------------


================================================================================
 pspp-0.8.1-1.fc19 (FEDORA-2013-17594)
 A program for statistical analysis of sampled data
--------------------------------------------------------------------------------
Update Information:

* Ver. 0.8.1
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 24 2013 Peter Lemenkov <lemenkov@xxxxxxxxx> - 0.8.1-1
- Ver. 0.8.1
* Sun Aug  4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.8.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1011394 - pspp-0.8.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1011394
--------------------------------------------------------------------------------


================================================================================
 python-apsw-3.8.0.r2-1.fc19 (FEDORA-2013-17655)
 Another Python SQLite Wrapper
--------------------------------------------------------------------------------
Update Information:

update to 3.8.0.r2
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 24 2013 Marcel Wysocki <maci@xxxxxxxxxx> - 3.8.0.r2-1
- update to 3.8.0-r2
--------------------------------------------------------------------------------


================================================================================
 python-bucky-0.2.6-3.fc19 (FEDORA-2013-17660)
 CollectD and StatsD adapter for Graphite
--------------------------------------------------------------------------------
Update Information:

Update requires (RHBZ#953834), adding python-setuptools
Add dependency on collectd and update to 0.2.6.
Update to 0.2.6.
Update to 0.2.6.
Update to 0.2.6.
Update to 0.2.6.
Update to 0.2.6.
Add dependency on collectd and update to 0.2.6.
Update to 0.2.6.
Update to 0.2.6.
Update to 0.2.6.
Update to 0.2.6.
Update to 0.2.6.
Add dependency on collectd and update to 0.2.6.
Update to 0.2.6.
Update to 0.2.6.
Update to 0.2.6.
Update to 0.2.6.
Update to 0.2.6.
Add dependency on collectd and update to 0.2.6.
Update to 0.2.6.
Update to 0.2.6.
Update to 0.2.6.
Update to 0.2.6.
Update to 0.2.6.
Add dependency on collectd and update to 0.2.6.
Update to 0.2.6.
Update to 0.2.6.
Update to 0.2.6.
Update to 0.2.6.
Update to 0.2.6.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 24 2013 Jonathan Steffan <jsteffan@xxxxxxxxxxxxxxxxx> - 0.2.6-3
- Update requires (RHBZ#953834), adding python-setuptools
* Thu Sep 19 2013 Jonathan Steffan <jsteffan@xxxxxxxxxxxxxxxxx> - 0.2.6-2
- Update requires (RHBZ#953834)
* Tue Sep 17 2013 Jonathan Steffan <jsteffan@xxxxxxxxxxxxxxxxx> - 0.2.6-1
- Update to 0.2.6
* Sun Aug  4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #953834 - missing dependencies python-setuptools collectd
        https://bugzilla.redhat.com/show_bug.cgi?id=953834
--------------------------------------------------------------------------------


================================================================================
 python-carbon-0.9.12-2.fc19 (FEDORA-2013-17653)
 Back-end data caching and persistence daemon for Graphite
--------------------------------------------------------------------------------
Update Information:

Add strict python-whisper Requires (RHBZ#1010432), Don't cleanup user and user data on package remove (RHBZ#1010430)
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 24 2013 Jonathan Steffan <jsteffan@xxxxxxxxxxxxxxxxx> - 0.9.12-2
- Add strict python-whisper Requires (RHBZ#1010432)
- Don't cleanup user and user data on package remove (RHBZ#1010430)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1010432 - python-carbon-0.9.12 should require python-whisper >= 0.9.12
        https://bugzilla.redhat.com/show_bug.cgi?id=1010432
  [ 2 ] Bug #1010430 - python-carbon deletes user-created data on uninstall; shouldn't per packaging guidelines
        https://bugzilla.redhat.com/show_bug.cgi?id=1010430
--------------------------------------------------------------------------------


================================================================================
 python-llfuse-0.39-1.fc19 (FEDORA-2013-17593)
 Python Bindings for the low-level FUSE API
--------------------------------------------------------------------------------
Update Information:

update to version 0.39
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 24 2013 maci <maci@xxxxxxxxxx> - 0.39-1
- update to 0.39
* Sun Aug  4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.38-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 qemu-1.4.2-10.fc19 (FEDORA-2013-17591)
 QEMU is a FAST! processor emulator
--------------------------------------------------------------------------------
Update Information:

* Require newer ceph-libs to fix symbol error (bz #995883)
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 24 2013 Cole Robinson <crobinso@xxxxxxxxxx> - 2:1.4.2-10
- Require newer ceph-libs to fix symbol error (bz #995883)
--------------------------------------------------------------------------------


================================================================================
 qt5-qtbase-5.1.1-5.fc19 (FEDORA-2013-17615)
 Qt5 - QtBase components
--------------------------------------------------------------------------------
Update Information:

fix big endian builds
--------------------------------------------------------------------------------
ChangeLog:

* Mon Sep 23 2013 Dan Horák <dan[at]danny.cz> - 5.1.1-5
- fix big endian builds
* Wed Sep 11 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 5.1.1-4
- macros.qt5: use newer location, use unexpanded macros
* Sat Sep  7 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 5.1.1-3
- ExcludeArch: ppc64 ppc (#1005482)
* Fri Sep  6 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 5.1.1-2
- BR: pkgconfig(libudev) pkgconfig(xkbcommon) pkgconfig(xcb-xkb)
--------------------------------------------------------------------------------


================================================================================
 rubygems-2.0.10-106.fc19 (FEDORA-2013-17662)
 The Ruby standard for packaging ruby libraries
--------------------------------------------------------------------------------
Update Information:

Previously a security flow was found on rubygems for validating versions with a regular expression which is vulnerable to denial of service due to backtracking. Although this was thought to be fixed in the previous rubygems, the fix was found imcomplete and the imcompleteness is now assigned as  CVE-2013-4363.

A packaging bug was found that a directory was not properly owned.

This new rpm will fix this issue.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Sep 25 2013 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 2.0.10-106
- Update to 2.0.10 (fix for CVE-2013-4363 included)
* Mon Sep 23 2013 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 2.0.9-105
- Update to 2.0.9
- Fix %gem_dir/doc ownership (bug 1008866)
- Patch for CVE-2013-4363
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1008866 - /usr/share/gems/doc ownership
        https://bugzilla.redhat.com/show_bug.cgi?id=1008866
--------------------------------------------------------------------------------


================================================================================
 shotwell-0.14.1-1.fc19.1 (FEDORA-2013-17613)
 A photo organizer for the GNOME desktop
--------------------------------------------------------------------------------
Update Information:

Add patch fixing the video-thumbnailer (rhbz#986574).

Thanks to David Woodhouse.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 24 2013 Thomas Moschny <thomas.moschny@xxxxxx> - 0.14.1-1.1
- Add patch fixing the video-thumbnailer (rhbz#986574),
  thanks to David Woodhouse.
- Fix bogus dates in the %changelog.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #986574 - shotwell-video-thumbnailer requests invalid output format; Imported video files have no thumbnail
        https://bugzilla.redhat.com/show_bug.cgi?id=986574
--------------------------------------------------------------------------------


================================================================================
 tigervnc-1.3.0-7.fc19 (FEDORA-2013-17650)
 A TigerVNC remote display system
--------------------------------------------------------------------------------
Update Information:

This update removes an incorrect patch that caused a modifier key state tracking bug, and also fixes some documentation issues.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 24 2013 Tim Waugh <twaugh@xxxxxxxxxx> 1.3.0-7
- Removed incorrect patch (for unexpected key_is_down). Fixes stuck
  keys bug (bug #989502).
* Thu Sep 19 2013 Tim Waugh <twaugh@xxxxxxxxxx> 1.3.0-6
- Fixed typo in 10-libvnc.conf (bug #1009111).
* Wed Sep 18 2013 Tim Waugh <twaugh@xxxxxxxxxx> 1.3.0-5
- Better fix for PIDFile problem (bug #983232).
* Mon Aug  5 2013 Tim Waugh <twaugh@xxxxxxxxxx> 1.3.0-4
- Fixed doc-related build failure (bug #992790).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #980870 - Man pages and --help output out of sync
        https://bugzilla.redhat.com/show_bug.cgi?id=980870
  [ 2 ] Bug #989502 - tigervnc 1.3.0-3 sort of freezes when typing a "/" slash key
        https://bugzilla.redhat.com/show_bug.cgi?id=989502
  [ 3 ] Bug #1009111 - Error in config file
        https://bugzilla.redhat.com/show_bug.cgi?id=1009111
--------------------------------------------------------------------------------


================================================================================
 virt-manager-0.10.0-2.fc19 (FEDORA-2013-17656)
 Virtual Machine Manager
--------------------------------------------------------------------------------
Update Information:

* Fix parsing rawhide .treeinfo (bz #989162)
* Fix spice with TLS (bz #904295)
* Reduce impact of memory leak (bz #972371)
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 24 2013 Cole Robinson <crobinso@xxxxxxxxxx> - 0.10.0-2
- Fix parsing rawhide .treeinfo (bz #989162)
- Fix spice with TLS (bz #904295)
- Reduce impact of memory leak (bz #972371)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #989162 - virt-install fails when pointed at rawhide tree (invalid literal for int() with base 10: 'rawhide')
        https://bugzilla.redhat.com/show_bug.cgi?id=989162
  [ 2 ] Bug #904295 - virt-manager console doesn't connect to SPICE with TLS
        https://bugzilla.redhat.com/show_bug.cgi?id=904295
  [ 3 ] Bug #972371 - f19 virt-manager consistently leaks memory ( > 1GB in 12 hours)
        https://bugzilla.redhat.com/show_bug.cgi?id=972371
--------------------------------------------------------------------------------


================================================================================
 virt-manager-0.10.0-3.fc19 (FEDORA-2013-17599)
 Virtual Machine Manager
--------------------------------------------------------------------------------
Update Information:

* Make cache=default when adding new disk to existing VM (bz #976925)
--------------------------------------------------------------------------------
ChangeLog:

* Wed Sep 25 2013 Cole Robinson <crobinso@xxxxxxxxxx> - 0.10.0-3
- Make cache=default when adding new disk to existing VM (bz #976925)
* Tue Sep 24 2013 Cole Robinson <crobinso@xxxxxxxxxx> - 0.10.0-2
- Fix parsing rawhide .treeinfo (bz #989162)
- Fix spice with TLS (bz #904295)
- Reduce impact of memory leak (bz #972371)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #976925 - Guest cannot boot if an IDE CDROM device has cache mode set to 'none'
        https://bugzilla.redhat.com/show_bug.cgi?id=976925
--------------------------------------------------------------------------------


================================================================================
 vpnc-0.5.3-18.svn457.fc19 (FEDORA-2013-17610)
 IPSec VPN client compatible with Cisco equipment
--------------------------------------------------------------------------------
Update Information:

Added support for unbound
--------------------------------------------------------------------------------
ChangeLog:

* Mon Sep 23 2013 Paul Wouters <pwouters@xxxxxxxxxx> - 0.5.3-18.svn457
- Add support for dynamically reconfiguring unbound DNS (rhbz#865092)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #865092 - Patch: Add support for unbound to vpnc-script
        https://bugzilla.redhat.com/show_bug.cgi?id=865092
--------------------------------------------------------------------------------


================================================================================
 wireshark-1.10.2-6.fc19 (FEDORA-2013-17661)
 Network traffic analyzer
--------------------------------------------------------------------------------
Update Information:

dumpcap now stores temporary capture files in /var/tmp
* Convert automake/pkgconfig files into patches (better upstream integration)
* Restored category in the *.desktop file
* Install another one necessary header file - frame_data_sequence.h

* Add basic OpenFlow dissector
* Ver. 1.10.2

* Ver. 1.10.1
fix missing ws_symbol_export.h
* Ver. 1.10.2

* Ver. 1.10.1
fix missing ws_symbol_export.h
* Enhance desktop integration (*.desktop and MIME-related files)
* Add basic OpenFlow dissector
* Ver. 1.10.2

* Ver. 1.10.1
fix missing ws_symbol_export.h
* Ver. 1.10.2

* Ver. 1.10.1
fix missing ws_symbol_export.h
* Enhance desktop integration (*.desktop and MIME-related files)
* Add basic OpenFlow dissector
* Ver. 1.10.2

* Ver. 1.10.1
fix missing ws_symbol_export.h
* Ver. 1.10.2

* Ver. 1.10.1
fix missing ws_symbol_export.h
* Ver. 1.10.2
* Various security fixes
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 17 2013 Peter Hatina <phatina@xxxxxxxxxx> - 1.10.2-6
- move default temporary directory to /var/tmp
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #990155 - CVE-2013-4920 wireshark: DoS (application crash) in the P1 dissector (wnpa-sec-2013-42)
        https://bugzilla.redhat.com/show_bug.cgi?id=990155
  [ 2 ] Bug #990156 - CVE-2013-4921 wireshark: Off-by-one (application crash) in the Radiotap dissector (wnpa-sec-2013-43)
        https://bugzilla.redhat.com/show_bug.cgi?id=990156
  [ 3 ] Bug #990157 - CVE-2013-4922 wireshark: Double-free in the DCOM ISystemActivator dissector (wnpa-sec-2013-44)
        https://bugzilla.redhat.com/show_bug.cgi?id=990157
  [ 4 ] Bug #990160 - CVE-2013-4923 wireshark: Memory leak (DoS, memory consumption) in the DCOM ISystemActivator dissector (wnpa-sec-2013-44)
        https://bugzilla.redhat.com/show_bug.cgi?id=990160
  [ 5 ] Bug #990163 - CVE-2013-4924 wireshark: Assertion failure in the DCOM ISystemActivator dissector (wnpa-sec-2013-44)
        https://bugzilla.redhat.com/show_bug.cgi?id=990163
  [ 6 ] Bug #990164 - CVE-2013-4925 wireshark: Integer signedness error in the DCOM ISystemActivator dissector (wnpa-sec-2013-44)
        https://bugzilla.redhat.com/show_bug.cgi?id=990164
  [ 7 ] Bug #990165 - CVE-2013-4926 wireshark: DoS in the DCOM ISystemActivator dissector due improper remaining data to process presence check (wnpa-sec-2013-44)
        https://bugzilla.redhat.com/show_bug.cgi?id=990165
  [ 8 ] Bug #990166 - CVE-2013-4927 wireshark: Integer signedness error in the Bluetooth SDP dissector (wnpa-sec-2013-45)
        https://bugzilla.redhat.com/show_bug.cgi?id=990166
  [ 9 ] Bug #972679 - CVE-2013-4074 wireshark: DoS (crash) in the CAPWAP dissector (wnpa-sec-2013-32)
        https://bugzilla.redhat.com/show_bug.cgi?id=972679
  [ 10 ] Bug #972680 - CVE-2013-4075 wireshark: DoS (crash) in the GMR-1 BCCH dissector (wnpa-sec-2013-33)
        https://bugzilla.redhat.com/show_bug.cgi?id=972680
  [ 11 ] Bug #972681 - CVE-2013-4076 wireshark: Invalid free in the PPP dissector (wnpa-sec-2013-34)
        https://bugzilla.redhat.com/show_bug.cgi?id=972681
  [ 12 ] Bug #972682 - CVE-2013-4077 wireshark: Array index error in the NBAP dissector (wnpa-sec-2013-35)
        https://bugzilla.redhat.com/show_bug.cgi?id=972682
  [ 13 ] Bug #972683 - CVE-2013-4078 wireshark: DoS (infinite loop) in the RDP dissector (wnpa-sec-2013-36)
        https://bugzilla.redhat.com/show_bug.cgi?id=972683
  [ 14 ] Bug #972684 - CVE-2013-4079 wireshark: DoS (infinite loop, application hang) in the GSM CBCH dissector (wnpa-sec-2013-37)
        https://bugzilla.redhat.com/show_bug.cgi?id=972684
  [ 15 ] Bug #972685 - CVE-2013-4080 wireshark: DoS (infinite loop, CPU & memory consumption) in the Assa Abloy R3 dissector (wnpa-sec-2013-38)
        https://bugzilla.redhat.com/show_bug.cgi?id=972685
  [ 16 ] Bug #972686 - CVE-2013-4081 wireshark: DoS (infinite loop) in the HTTP dissector (wnpa-sec-2013-39)
        https://bugzilla.redhat.com/show_bug.cgi?id=972686
  [ 17 ] Bug #972687 - CVE-2013-4082 wireshark: Heap-based buffer overflow in the Ixia IxVeriWave file parser (wnpa-sec-2013-40)
        https://bugzilla.redhat.com/show_bug.cgi?id=972687
  [ 18 ] Bug #972688 - CVE-2013-4083 wireshark: Invalid free in the DCP ETSI dissector (wnpa-sec-2013-41)
        https://bugzilla.redhat.com/show_bug.cgi?id=972688
  [ 19 ] Bug #990167 - CVE-2013-4928 wireshark: Integer signedness error in the Bluetooth OBEX dissector (wnpa-sec-2013-46)
        https://bugzilla.redhat.com/show_bug.cgi?id=990167
  [ 20 ] Bug #990168 - CVE-2013-4929 wireshark: DoS (infinite loop) in the DIS dissector (wnpa-sec-2013-47)
        https://bugzilla.redhat.com/show_bug.cgi?id=990168
  [ 21 ] Bug #990169 - CVE-2013-4930 wireshark: Assertion failure in the DVB-CI dissector (wnpa-sec-2013-48)
        https://bugzilla.redhat.com/show_bug.cgi?id=990169
  [ 22 ] Bug #990170 - CVE-2013-4931 wireshark: DoS (infinite loop) in the GSM RR dissector (wnpa-sec-2013-49)
        https://bugzilla.redhat.com/show_bug.cgi?id=990170
  [ 23 ] Bug #990172 - CVE-2013-4932 wireshark: Multiple array index errors in the GSM A Common dissector (wnpa-sec-2013-50)
        https://bugzilla.redhat.com/show_bug.cgi?id=990172
  [ 24 ] Bug #990175 - CVE-2013-4933 wireshark: DoS (application crash) in the Netmon file parser (wnpa-sec-2013-51)
        https://bugzilla.redhat.com/show_bug.cgi?id=990175
  [ 25 ] Bug #990178 - CVE-2013-4934 wireshark: DoS (application crash) in the Netmon file parser (wnpa-sec-2013-51) (A different flaw than CVE-2013-4933)
        https://bugzilla.redhat.com/show_bug.cgi?id=990178
  [ 26 ] Bug #990179 - CVE-2013-4935 wireshark: DoS (application crash) in the ASN.1 PER dissector (wnpa-sec-2013-52)
        https://bugzilla.redhat.com/show_bug.cgi?id=990179
  [ 27 ] Bug #965111 - wireshark: DoS (infinite loop) in the MySQL dissector (wnpa-sec-2013-30, upstream #8458)
        https://bugzilla.redhat.com/show_bug.cgi?id=965111
  [ 28 ] Bug #965190 - CVE-2013-3559 wireshark: DoS (crash) in the DCP ETSI dissector (wnpa-sec-2013-27, upstream #8231, #8540, #8541)
        https://bugzilla.redhat.com/show_bug.cgi?id=965190
  [ 29 ] Bug #965192 - CVE-2013-3558 wireshark: DoS (crash) in the PPP CCP dissector (wnpa-sec-2013-26, upstream #8638)
        https://bugzilla.redhat.com/show_bug.cgi?id=965192
  [ 30 ] Bug #965193 - CVE-2013-3557 wireshark: DoS (crash) in the ASN.1 BER dissector (wnpa-sec-2013-25, upstream #8599)
        https://bugzilla.redhat.com/show_bug.cgi?id=965193
  [ 31 ] Bug #965194 - CVE-2013-3555 wireshark: DoS (crash) in the GTPv2 dissector (wnpa-sec-2013-24, upstream #8493)
        https://bugzilla.redhat.com/show_bug.cgi?id=965194
  [ 32 ] Bug #965195 - wireshark: DoS (excessive CPU consumption) in the RELOAD dissector (wnpa-sec-2013-23, upstream #8362, #8546)
        https://bugzilla.redhat.com/show_bug.cgi?id=965195
  [ 33 ] Bug #965110 - wireshark: DoS (large loop) in the ETCH dissector (wnpa-sec-2013-31, upstream #8464)
        https://bugzilla.redhat.com/show_bug.cgi?id=965110
  [ 34 ] Bug #965112 - CVE-2013-3562 wireshark: DoS (stack overflow, crash) in the Websocket dissector (wnpa-sec-2013-29, upstream #8448, #8499)
        https://bugzilla.redhat.com/show_bug.cgi?id=965112
  [ 35 ] Bug #965186 - CVE-2013-3560 wireshark: DoS (crash) in the MPEG DSM-CC dissector (wnpa-sec-2013-28, upstream #8481)
        https://bugzilla.redhat.com/show_bug.cgi?id=965186
--------------------------------------------------------------------------------


================================================================================
 xyzsh-1.5.1-1.fc19 (FEDORA-2013-17623)
 Interactive shell and text processing tool
--------------------------------------------------------------------------------
Update Information:

New version 1.5.1 is released.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Sep 25 2013 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 1.5.1-1
- 1.5.1
--------------------------------------------------------------------------------


================================================================================
 youtube-dl-2013.09.24.2-1.fc19 (FEDORA-2013-17663)
 A small command-line program to download online videos
--------------------------------------------------------------------------------
Update Information:

New version.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Sep 25 2013 Christopher Meng <rpm@xxxxxxxx> - 2013.09.24.2-1
- Update to new release(BZ#1011845).
* Sat Sep 21 2013 Christopher Meng <rpm@xxxxxxxx> - 2013.09.20.1-1
- Update to new release(BZ#1009593).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1011845 - youtube-dl-2013.09.24.2 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1011845
--------------------------------------------------------------------------------


================================================================================
 yum-langpacks-0.4.1-2.fc19 (FEDORA-2013-17633)
 Langpacks plugin for yum
--------------------------------------------------------------------------------
Update Information:

Fix issue of yum-langpacks commands that slows down yum runs
--------------------------------------------------------------------------------
ChangeLog:

* Wed Sep 25 2013 Parag Nemade <pnemade AT redhat DOT com> - 0.4.1-2
- Fix issue of yum-langpacks commands that slows down yum runs (rh#1011670)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1011670 - [PATCH] yum-langpackages slows down yum runs a lot, due to langtable and loading groups.
        https://bugzilla.redhat.com/show_bug.cgi?id=1011670
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test





[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux