The following Fedora 19 Security updates need testing: Age URL 80 https://admin.fedoraproject.org/updates/FEDORA-2013-14814/python-glanceclient-0.9.0-3.fc19 36 https://admin.fedoraproject.org/updates/FEDORA-2013-17836/davfs2-1.4.7-3.fc19 23 https://admin.fedoraproject.org/updates/FEDORA-2013-18794/phpMyAdmin-3.5.8.2-1.fc19 15 https://admin.fedoraproject.org/updates/FEDORA-2013-19262/quassel-0.9.1-1.fc19 8 https://admin.fedoraproject.org/updates/FEDORA-2013-19985/mod_nss-1.0.8-24.fc19 8 https://admin.fedoraproject.org/updates/FEDORA-2013-19997/openstack-glance-2013.1.4-2.fc19 8 https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glance-2013.1.4-1.fc19 5 https://admin.fedoraproject.org/updates/FEDORA-2013-20202/mantis-1.2.15-3.fc19 5 https://admin.fedoraproject.org/updates/FEDORA-2013-20155/python-backports-ssl_match_hostname-3.4.0.2-1.fc19 4 https://admin.fedoraproject.org/updates/FEDORA-2013-20260/rubygem-ruby-openid-2.3.0-3.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2013-20373/openstack-keystone-2013.1.4-2.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2013-20340/spice-0.12.4-3.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2013-20443/poppler-0.22.1-5.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2013-20555/xen-4.2.3-7.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2013-20547/kernel-3.11.6-201.fc19 The following Fedora 19 Critical Path updates have yet to be approved: Age URL 11 https://admin.fedoraproject.org/updates/FEDORA-2013-19749/langtable-0.0.17-1.fc19 10 https://admin.fedoraproject.org/updates/FEDORA-2013-19787/openldap-2.4.36-4.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2013-20355/colord-1.0.4-1.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2013-20438/plymouth-0.8.9-0.2013.03.26.1.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2013-20443/poppler-0.22.1-5.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2013-20547/kernel-3.11.6-201.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2013-20487/acl-2.2.51-10.fc19 The following builds have been pushed to Fedora 19 updates-testing VirtualGL-2.3.3-1.fc19 anki-2.0.16-1.fc19 ghc-MonadRandom-0.1.12-1.fc19 kernel-3.11.6-201.fc19 mate-applets-1.6.1-6.fc19 mlmmj-1.2.18.0-2.fc19 nfacct-1.0.1-1.fc19 php-pear-phing-2.6.1-1.fc19 php-pecl-mongo-1.4.4-1.fc19 php-swift-Swift-5.0.2-1.fc19 python-keyring-3.1-1.fc19 rubygem-opengl-0.8.0-2.fc19 rubygem-riddle-1.5.9-1.fc19 rubygem-ruby-opengl-0.60.1-14.fc19 texstudio-2.6.4-1.fc19 wireshark-1.10.3-1.fc19 xen-4.2.3-7.fc19 Details about builds: ================================================================================ VirtualGL-2.3.3-1.fc19 (FEDORA-2013-20548) A toolkit for displaying OpenGL applications to thin clients -------------------------------------------------------------------------------- Update Information: Update to version 2.3.3. Fixes launching setuid root binaries in VGL. -------------------------------------------------------------------------------- ChangeLog: * Sat Nov 2 2013 Gary Gatling <gsgatlin@xxxxxxxxxxxx> - 2.3.3-1 - Update to 2.3.3. * Tue Aug 6 2013 Gary Gatling <gsgatlin@xxxxxxxxxxxx> - 2.3.2-7 - Fix (#993894) unversioned docdir change for f20. * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.3.2-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ anki-2.0.16-1.fc19 (FEDORA-2013-20540) Flashcard program for using space repetition learning -------------------------------------------------------------------------------- Update Information: Update to new bugfix upstream release 2.0.16. Minor bug fixes Please see http://www.ankisrs.net/docs/changes.html for details. -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 1 2013 Christian Krause <chkr@xxxxxxxxxxxxxxxxx> - 2.0.16-1 - Update to new upstream version 2.0.16 -------------------------------------------------------------------------------- ================================================================================ ghc-MonadRandom-0.1.12-1.fc19 (FEDORA-2013-20550) Random-number generation monad -------------------------------------------------------------------------------- Update Information: New release -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 1 2013 Shakthi Kannan <shakthimaan [AT] fedoraproject dot org> - 0.1.12-1 - Updated to new upstream 0.1.12 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1016212 - ghc-MonadRandom-0.1.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=1016212 -------------------------------------------------------------------------------- ================================================================================ kernel-3.11.6-201.fc19 (FEDORA-2013-20547) The Linux kernel -------------------------------------------------------------------------------- Update Information: Various bug and CVE fixes. -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 1 2013 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> - 3.11.6-201 - Revert blocking patches causing systemd to crash on resume (rhbz 1010603) - CVE-2013-4348 net: deadloop path in skb_flow_dissect (rhbz 1007939 1025647) * Thu Oct 31 2013 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxxx> - Fix display regression on Dell XPS 13 machines (rhbz 995782) * Tue Oct 29 2013 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> - Fix plaintext auth regression in cifs (rhbz 1011621) * Fri Oct 25 2013 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> - CVE-2013-4470 net: memory corruption with UDP_CORK and UFO (rhbz 1023477 1023495) - Add touchpad support for Dell XT2 (rhbz 1023413) * Tue Oct 22 2013 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> - Add patch to fix warning in tcp_fastretrans_alert (rhbz 989251) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1007939 - CVE-2013-4348 kernel: net: deadloop path in skb_flow_dissect() https://bugzilla.redhat.com/show_bug.cgi?id=1007939 [ 2 ] Bug #1023477 - CVE-2013-4470 Kernel: net: memory corruption with UDP_CORK and UFO https://bugzilla.redhat.com/show_bug.cgi?id=1023477 -------------------------------------------------------------------------------- ================================================================================ mate-applets-1.6.1-6.fc19 (FEDORA-2013-20546) MATE Desktop panel applets -------------------------------------------------------------------------------- Update Information: - disable upower BR > f20, until we know to handle upower-1.0 -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 1 2013 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.6.1-6 - disable upower BR > f20, until we know to handle upower-1.0 * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.6.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ mlmmj-1.2.18.0-2.fc19 (FEDORA-2013-20554) A simple and slim mailing list manager inspired by ezmlm -------------------------------------------------------------------------------- Update Information: New RPM. -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 26 2013 Christopher Meng <rpm@xxxxxxxx> - 1.2.18.0-2 - Filter out wrong dependencies. * Fri Aug 9 2013 Christopher Meng <rpm@xxxxxxxx> - 1.2.18.0-1 - Resubmit the package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #995933 - Re-Review Request: mlmmj - A simple and slim mailing list manager inspired by ezmlm https://bugzilla.redhat.com/show_bug.cgi?id=995933 -------------------------------------------------------------------------------- ================================================================================ nfacct-1.0.1-1.fc19 (FEDORA-2013-20542) Command line tool to create/retrieve/delete accounting objects -------------------------------------------------------------------------------- Update Information: new version of nfacct -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- ================================================================================ php-pear-phing-2.6.1-1.fc19 (FEDORA-2013-20541) A project build system based on Apache Ant -------------------------------------------------------------------------------- Update Information: upstream 2.6.1 -------------------------------------------------------------------------------- ChangeLog: * Sat Nov 2 2013 Christof Damian <christof@xxxxxxxxxx> - 2.6.1-1 - upstream 2.6.1 * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.5.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #999512 - php-pear-phing-2.6.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=999512 -------------------------------------------------------------------------------- ================================================================================ php-pecl-mongo-1.4.4-1.fc19 (FEDORA-2013-20552) PHP MongoDB database driver -------------------------------------------------------------------------------- Update Information: upstream 1.4.4 -------------------------------------------------------------------------------- ChangeLog: * Sat Nov 2 2013 Christof Damian <christof@xxxxxxxxxx> - 1.4.4-1 - upstream 1.4.4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #997844 - php-pecl-mongo-1.4.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=997844 -------------------------------------------------------------------------------- ================================================================================ php-swift-Swift-5.0.2-1.fc19 (FEDORA-2013-20535) Free Feature-rich PHP Mailer -------------------------------------------------------------------------------- Update Information: upstream 5.0.2 -------------------------------------------------------------------------------- ChangeLog: * Sat Nov 2 2013 Christof Damian <christof@xxxxxxxxxx> - 5.0.2-1 - upstream 5.0.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1003388 - php-swift-Swift-5.0.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1003388 -------------------------------------------------------------------------------- ================================================================================ python-keyring-3.1-1.fc19 (FEDORA-2013-20551) Python library to access the system keyring service -------------------------------------------------------------------------------- Update Information: Update to version 3.1 -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 22 2013 rtnpro <rtnpro@xxxxxxxxx> - 3.1-1 - Bump to version 3.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1007354 - Please update this package ASAP https://bugzilla.redhat.com/show_bug.cgi?id=1007354 -------------------------------------------------------------------------------- ================================================================================ rubygem-opengl-0.8.0-2.fc19 (FEDORA-2013-20549) An OpenGL wrapper for Ruby -------------------------------------------------------------------------------- Update Information: This is a new package. -------------------------------------------------------------------------------- ================================================================================ rubygem-riddle-1.5.9-1.fc19 (FEDORA-2013-20536) An API for Sphinx, written in and for Ruby -------------------------------------------------------------------------------- Update Information: New package. A Ruby API and configuration helper for the Sphinx search service. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1025100 - Review Request: rubygem-riddle - An API for Sphinx, written in and for Ruby https://bugzilla.redhat.com/show_bug.cgi?id=1025100 -------------------------------------------------------------------------------- ================================================================================ rubygem-ruby-opengl-0.60.1-14.fc19 (FEDORA-2013-20543) OpenGL Interface for Ruby -------------------------------------------------------------------------------- Update Information: Current rpm being shipped on Fedora contained some files with license unclear. With this rpm such files are removed. -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 1 2013 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 0.60.1-14 - Remove files with unclear licenses * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.60.1-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ texstudio-2.6.4-1.fc19 (FEDORA-2013-20538) A feature-rich editor for LaTeX documents -------------------------------------------------------------------------------- Update Information: - update to version 2.6.4 - for more details, have a look at http://sourceforge.net/projects/texstudio/files/texstudio/TeXstudio%202.6.4/ -------------------------------------------------------------------------------- ChangeLog: * Sat Nov 2 2013 Johannes Lips <hannes@xxxxxxxxxxxxxxxxx> 2.6.4-1 - Update to latest upstream version 2.6.4 * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.6.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1023703 - Update TeXstudio to version 2.6.4 https://bugzilla.redhat.com/show_bug.cgi?id=1023703 -------------------------------------------------------------------------------- ================================================================================ wireshark-1.10.3-1.fc19 (FEDORA-2013-20533) Network traffic analyzer -------------------------------------------------------------------------------- Update Information: * Ver. 1.10.3 -------------------------------------------------------------------------------- ChangeLog: * Sat Nov 2 2013 Peter Lemenkov <lemenkov@xxxxxxxxx> - 1.10.3-1 - Ver. 1.10.3 - Dropped upsteamed patch no. 13 -------------------------------------------------------------------------------- ================================================================================ xen-4.2.3-7.fc19 (FEDORA-2013-20555) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: Lock order reversal between page allocation and grant table locks ocaml xenstored mishandles oversized message replies systemd changes to allow oxenstored to be used instead of xenstored -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 1 2013 Michael Young <m.a.young@xxxxxxxxxxxx> - 4.2.3-7 - Lock order reversal between page allocation and grant table locks [XSA-73, CVE-2013-4494] * Tue Oct 29 2013 Michael Young <m.a.young@xxxxxxxxxxxx> - 4.2.3-6 - ocaml xenstored mishandles oversized message replies [XSA-72, CVE-2013-4416] (#1024450) * Fri Oct 25 2013 Michael Young <m.a.young@xxxxxxxxxxxx> - 4.2.3-5 - systemd changes to allow oxenstored to be used instead of xenstored (#1022640) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1017875 - CVE-2013-4416 xen: ocaml xenstored mishandles oversized message replies (XSA-72) https://bugzilla.redhat.com/show_bug.cgi?id=1017875 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
