The following Fedora 18 Security updates need testing: Age URL 186 https://admin.fedoraproject.org/updates/FEDORA-2013-6117/eucalyptus-3.2.2-1.fc18 32 https://admin.fedoraproject.org/updates/FEDORA-2013-17195/spice-gtk-0.18-3.fc18 29 https://admin.fedoraproject.org/updates/FEDORA-2013-17431/thunderbird-17.0.9-1.fc18 26 https://admin.fedoraproject.org/updates/FEDORA-2013-17635/wireshark-1.10.2-4.fc18 25 https://admin.fedoraproject.org/updates/FEDORA-2013-17853/davfs2-1.4.7-3.fc18 24 https://admin.fedoraproject.org/updates/FEDORA-2013-17912/chicken-4.8.0.4-4.fc18 13 https://admin.fedoraproject.org/updates/FEDORA-2013-18647/gnupg-1.4.15-1.fc18 12 https://admin.fedoraproject.org/updates/FEDORA-2013-18802/phpMyAdmin-3.5.8.2-1.fc18 12 https://admin.fedoraproject.org/updates/FEDORA-2013-18774/icu-49.1.1-12.fc18 12 https://admin.fedoraproject.org/updates/FEDORA-2013-18814/gnupg2-2.0.22-1.fc18,libgpg-error-1.11-1.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-19307/GraphicsMagick-1.3.18-2.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-19354/salt-0.17.1-1.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-19271/scipy-0.12.1-1.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-18911/ReviewBoard-1.7.16-2.fc18,python-djblets-0.7.21-1.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-19458/bugzilla-4.2.7-1.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-19452/libguestfs-1.20.12-1.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-19472/python-crypto-2.6.1-1.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-19491/libuv-0.10.18-1.fc18,nodejs-0.10.21-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-19648/mysql-5.5.34-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-19745/roundcubemail-0.9.5-1.fc18 The following Fedora 18 Critical Path updates have yet to be approved: Age URL 255 https://admin.fedoraproject.org/updates/FEDORA-2013-2192/nautilus-3.6.3-5.fc18 13 https://admin.fedoraproject.org/updates/FEDORA-2013-18607/libxklavier-5.4-1.fc18 12 https://admin.fedoraproject.org/updates/FEDORA-2013-18814/gnupg2-2.0.22-1.fc18,libgpg-error-1.11-1.fc18 12 https://admin.fedoraproject.org/updates/FEDORA-2013-18774/icu-49.1.1-12.fc18 8 https://admin.fedoraproject.org/updates/FEDORA-2013-19021/taglib-1.9.1-1.fc18 8 https://admin.fedoraproject.org/updates/FEDORA-2013-19026/python-markupsafe-0.18-1.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-19289/gdisk-0.8.8-1.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-19249/sane-backends-1.0.24-2.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-19292/usbmuxd-1.0.8-10.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-19232/gnome-abrt-0.3.2-1.fc18,abrt-2.1.8-1.fc18,libreport-2.1.8-2.fc18,satyr-0.10-1.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-19268/qtwebkit-2.3.3-1.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-19456/device-mapper-persistent-data-0.2.8-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-19677/kernel-3.11.6-100.fc18 The following builds have been pushed to Fedora 18 updates-testing gnome-colors-icon-theme-5.5.1-6.fc18 gpaste-3.2.2-1.fc18 hyperv-daemons-0-0.3.20131022git.fc18 nsca-2.9.1-8.fc18 python-pkgwat-api-0.10-1.fc18 python-sphinxcontrib-cheeseshop-0.2-1.fc18 roundcubemail-0.9.5-1.fc18 scap-security-guide-0.1-3.fc18 sparse-0.4.5.rc1-2.fc18 tcpcopy-0.9.5-1.fc18 Details about builds: ================================================================================ gnome-colors-icon-theme-5.5.1-6.fc18 (FEDORA-2013-19732) GNOME-Colors icon theme -------------------------------------------------------------------------------- Update Information: GNOME-Colors icon theme -------------------------------------------------------------------------------- References: [ 1 ] Bug #1003009 - Review Request: gnome-colors-icon-theme - GNOME-Colors icon theme https://bugzilla.redhat.com/show_bug.cgi?id=1003009 -------------------------------------------------------------------------------- ================================================================================ gpaste-3.2.2-1.fc18 (FEDORA-2013-19734) Clipboard management system -------------------------------------------------------------------------------- Update Information: ** 3.2.2 ** * “Paste and Pop” is now only “Pop” * Fix SEGV at startup * Fix SEGV when deleting last item of history ** 3.2.1 ** * Performance improvements * Daemon now fully evenmential (no more polling, less power consuption) * GPasteClipboard now has a “owner-change” signal similar to GtkClipboard’s one * Misc. bugfixes * New setting to set the maximum amount of memory used by data in history * FIFO mode has been dropped (lacking design) * g_paste_history_add is now transfer full * Update translations * Fix build with old glib -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 22 2013 Mohamed El Morabity <melmorabity@xxxxxxxxxxxxxxxxx> - 3.2.2-1 - Update to 3.2.2 * Sat Oct 19 2013 Mohamed El Morabity <melmorabity@xxxxxxxxxxxxxxxxx> - 3.2.1-1 - Update to 3.2.1 -------------------------------------------------------------------------------- ================================================================================ hyperv-daemons-0-0.3.20131022git.fc18 (FEDORA-2013-19740) HyperV daemons suite -------------------------------------------------------------------------------- Update Information: - rebase to the latest git snapshot next-20130927 (obtained 2013-10-22) - KVP, VSS: daemon use single buffer for send/recv - KVP: FQDN is obtained on start and cached -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 22 2013 Tomas Hozza <thozza@xxxxxxxxxx> - 0-0.3.20131022git - rebase to the latest git snapshot next-20130927 (obtained 2013-10-22) - KVP, VSS: daemon use single buffer for send/recv - KVP: FQDN is obtained on start and cached -------------------------------------------------------------------------------- ================================================================================ nsca-2.9.1-8.fc18 (FEDORA-2013-19725) Nagios Service Check Acceptor -------------------------------------------------------------------------------- Update Information: Fix systemd unit file. Fix a file conflict between nsca-client and nagios-common. - Rewrite initscript - Add sysconfig file support - Add systemd support (F18+ only) This is the latest release of nsca. This release increases the maximum message size from 512 characters to 4096 characters. The server is backward compatible with older nsca clients (pre 2.9.1) using the 512 characters messages as well as new nsca client (2.9.1+) using the 4096 characters messages. However, please make sure to update the server before updating the clients as the older server cannot handled messages from the newer clients. This is the latest release of nsca. This release increases the maximum message size from 512 characters to 4096 characters. The server is backward compatible with older nsca clients (pre 2.9.1) using the 512 characters messages as well as new nsca client (2.9.1+) using the 4096 characters messages. However, please make sure to update the server before updating the clients as the older server cannot handled messages from the newer clients. This is the latest release of nsca. This release increases the maximum message size from 512 characters to 4096 characters. The server is backward compatible with older nsca clients (pre 2.9.1) using the 512 characters messages as well as new nsca client (2.9.1+) using the 4096 characters messages. However, please make sure to update the server before updating the clients as the older server cannot handled messages from the newer clients. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 10 2013 Xavier Bachelot <xavier@xxxxxxxxxxxx> - 2.9.1-8 - Fix systemd unit file (RHBZ#928248). * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.9.1-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Mon Jun 24 2013 Xavier Bachelot <xavier@xxxxxxxxxxxx> - 2.9.1-6 - Let nsca-client require nagios-common rather than own /etc/nagios (RHBZ#977438). * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.9.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #977438 - nsca-client-2.9.1-4 conflicts with nagios-common-3.5.0-3 https://bugzilla.redhat.com/show_bug.cgi?id=977438 [ 2 ] Bug #928248 - NSCA Daemon can't be started by systemd https://bugzilla.redhat.com/show_bug.cgi?id=928248 -------------------------------------------------------------------------------- ================================================================================ python-pkgwat-api-0.10-1.fc18 (FEDORA-2013-19723) Python API for querying the fedora packages webapp -------------------------------------------------------------------------------- Update Information: Handle exception when stripping xml tags. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 22 2013 Ralph Bean <rbean@xxxxxxxxxx> - 0.10-1 - Latest upstream with some bugfixes. * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.9-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ python-sphinxcontrib-cheeseshop-0.2-1.fc18 (FEDORA-2013-19743) Sphinx extension cheeseshop -------------------------------------------------------------------------------- Update Information: This package adds "Cheese Shop"-functionality to python-sphinx. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1021994 - Review Request: python-sphinxcontrib-cheeseshop - Sphinx extension cheeseshop https://bugzilla.redhat.com/show_bug.cgi?id=1021994 -------------------------------------------------------------------------------- ================================================================================ roundcubemail-0.9.5-1.fc18 (FEDORA-2013-19745) Round Cube Webmail is a browser-based multilingual IMAP client -------------------------------------------------------------------------------- Update Information: Roundcubemail just released new 0.9.5 version with fixes for VCE2013-6172(will be available soon). Hotfix: https://github.com/roundcube/roundcubemail/commit/4109bb26ce.diff Full announcement: -------- We just published new releases which fix a recently reported vulnerability that allows an attacker to overwrite configuration settings using user preferences. This can result in random file access, manipulated SQL queries and even code execution. The latter one only affects versions 0.8.6 and older. Beside the security fix, the 0.9.5 release also includes other minor bug fixes and improvements. Most notably it brings the default spell checker back after Google suspended their public spell checking service. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 22 2013 Jon Ciesla <limburgher@xxxxxxxxx> - 0.9.5-1 - Fix for CVE-2013-6172, BZ 1021735, 1021965. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1021735 - CVE-2013-6172: Vulnerability in handling _session argument of utils/save-prefs [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1021735 [ 2 ] Bug #1021965 - CVE-2013-6172 roundcubemail: vulnerability in handling _session argument of utils/save-prefs [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1021965 -------------------------------------------------------------------------------- ================================================================================ scap-security-guide-0.1-3.fc18 (FEDORA-2013-19752) Security guidance and baselines in SCAP formats -------------------------------------------------------------------------------- Update Information: The scap-security-guide project provides a guide for configuration of the system from the final system's security point of view. The guidance is specified in the Security Content Automation Protocol (SCAP) format and constitutes a catalog of practical hardening advice, linked to government requirements where applicable. The project bridges the gap between generalized policy requirements and specific implementation guidelines. The Fedora system administrator can use the oscap CLI tool from openscap-utils package, or the scap-workbench GUI tool from scap-workbench package to verify that the system conforms to provided guideline. Refer to scap-security-guide(8) manual page for further information. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1018905 - Review Request: scap-security-guide - Security guidance and baselines in SCAP formats https://bugzilla.redhat.com/show_bug.cgi?id=1018905 -------------------------------------------------------------------------------- ================================================================================ sparse-0.4.5.rc1-2.fc18 (FEDORA-2013-19719) A semantic parser of source files -------------------------------------------------------------------------------- Update Information: This update brings sparse up to the latest upstream rc release. It also makes sparse ignore the 'leaf' attribute, silencing warnings like this: /usr/include/stdlib.h:594:28: error: attribute '__leaf__': unknown attribute -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 19 2013 Jeff Layton <jlayton@xxxxxxxxxx> - 0.4.5.rc1-2 - add test patch to silence warnings about __builtin_va_arg_pack() and __builtin_va_arg_pack_len() * Tue Jul 9 2013 Jeff Layton <jlayton@xxxxxxxxxx> - 0.4.5.rc1-1 - update to upstream rc1 release -------------------------------------------------------------------------------- ================================================================================ tcpcopy-0.9.5-1.fc18 (FEDORA-2013-19748) An online request replication tool -------------------------------------------------------------------------------- Update Information: New version. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 22 2013 Christopher Meng <rpm@xxxxxxxx> - 0.9.5-1 - New version. * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.8.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
