The following Fedora 18 Security updates need testing: Age URL 217 https://admin.fedoraproject.org/updates/FEDORA-2013-6117/eucalyptus-3.2.2-1.fc18 64 https://admin.fedoraproject.org/updates/FEDORA-2013-17195/spice-gtk-0.18-3.fc18 60 https://admin.fedoraproject.org/updates/FEDORA-2013-17431/thunderbird-17.0.9-1.fc18 58 https://admin.fedoraproject.org/updates/FEDORA-2013-17635/wireshark-1.10.2-4.fc18 56 https://admin.fedoraproject.org/updates/FEDORA-2013-17853/davfs2-1.4.7-3.fc18 55 https://admin.fedoraproject.org/updates/FEDORA-2013-17912/chicken-4.8.0.4-4.fc18 7 https://admin.fedoraproject.org/updates/FEDORA-2013-21415/python3-3.3.0-5.fc18 7 https://admin.fedoraproject.org/updates/FEDORA-2013-20817/python-djblets-0.7.23-1.fc18,ReviewBoard-1.7.18-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-21822/kernel-3.11.9-100.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-21875/389-ds-base-1.3.0.9-1.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-21851/xen-4.2.3-9.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-21874/mediawiki-1.19.9-1.fc18 The following Fedora 18 Critical Path updates have yet to be approved: Age URL 287 https://admin.fedoraproject.org/updates/FEDORA-2013-2192/nautilus-3.6.3-5.fc18 11 https://admin.fedoraproject.org/updates/FEDORA-2013-21084/perl-5.16.3-245.fc18 2 https://admin.fedoraproject.org/updates/FEDORA-2013-21783/unzip-6.0-11.fc18 2 https://admin.fedoraproject.org/updates/FEDORA-2013-21776/soprano-2.9.4-2.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-21825/gvfs-1.14.2-5.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-21847/sane-backends-1.0.24-7.fc18 The following builds have been pushed to Fedora 18 updates-testing 389-adminutil-1.1.19-1.fc18 389-ds-base-1.3.0.9-1.fc18 anki-2.0.18-1.fc18 ansible-1.4-1.fc18 gq-1.3.4-19.fc18 gvfs-1.14.2-5.fc18 hplip-3.13.11-2.fc18 ibus-typing-booster-1.2.7-1.fc18 kde-plasma-nm-0.9.3.2-1.fc18 kernel-3.11.9-100.fc18 kscreen-1.0.2-1.fc18 lhapdf-5.9.1-2.fc18 libkscreen-1.0.2-1.fc18 lnav-0.6.2-1.fc18 mate-desktop-1.6.2-0.11.git81c245b.fc18 mate-user-share-1.6.1-0.3.git77a6040.fc18 mediawiki-1.19.9-1.fc18 moserial-3.0.8-1.fc18 perl-local-lib-1.008010-2.fc18 php-Pimple-1.1.0-4.fc18 php-pecl-http-2.0.0-1.fc18 php-pecl-yaml-1.1.1-1.fc18 php-tcpdf-6.0.047-1.fc18 python-jira-0.13-3.fc18 reposurgeon-2.42-1.fc18 salt-0.17.2-2.fc18 sane-backends-1.0.24-7.fc18 spring-95.0-2.fc18 springlobby-0.169-7.fc18 wondershaper-1.2.1-2.fc18 xen-4.2.3-9.fc18 Details about builds: ================================================================================ 389-adminutil-1.1.19-1.fc18 (FEDORA-2013-21845) Utility library for 389 administration -------------------------------------------------------------------------------- Update Information: Ticket #47415 "Manage certificates" crashes admin server mem leak, compiler warnings This relase fixes 2 bugs in login and bind. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 20 2013 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.19-1 - Ticket #47415 "Manage certificates" crashes admin server - 8647ad8 fix compiler warnings - enhancements to test ticket 47415 * Mon Aug 19 2013 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.1.18-1 - ee1ef81 add Eclipse generated files - Ticket #47486 - compiler warnings in adminutil, admin, dsgw - 77fd77a fix mem leak in admldapBuildInfoSSL when there is no password * Fri Apr 19 2013 Noriko Hosoi <nhosoi@xxxxxxxxxx> - 1.1.17-1 -bump version to 1.1.17 Resolves: Bug 856089 - slapi_ldap_bind() doesn't check bind results (Ticket 479 - Console logins fail intermittenly) Resolves: Bug 905266 - BIND operation result not checked properly in admin server and adminutil -------------------------------------------------------------------------------- ================================================================================ 389-ds-base-1.3.0.9-1.fc18 (FEDORA-2013-21875) 389 Directory Server (base) -------------------------------------------------------------------------------- Update Information: Each release has bug fixes in addition to the CVE fix -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 21 2013 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.3.0.9-1 - Ticket #47605 CVE-2013-4485: DoS due to improper handling of ger attr searches - Ticket #47596 attrcrypt fails to find unlocked key - Ticket #47585 Replication Failures related to skipped entries due to cleaned rids - Ticket 47577 - crash when removing entries from cache - ad64367 Coverity Fixes - Ticket 47329 - Improve slapi_back_transaction_begin() return code when transactions are not available - Ticket #47550 logconv: failed logins: Use of uninitialized value in numeric comparison at logconv.pl line 949 - Ticket #47551 logconv: -V does not produce unindexed search report - Ticket 47517 - fix memory leaks in ldaputil.c nad ldbm_delete.c - Ticket #422 - 389-ds-base - Can't call method "getText" - aa19f9a Coverity fixes - 12023, 12024, and 12025 - Ticket 47533 logconv: some stats do not work across server restarts - Ticket #47501 logconv.pl uses /var/tmp for BDB temp files - Ticket 47520 - Fix various issues with logconv.pl - Ticket #47387 - improve logconv.pl performance with large access logs - Ticket 47354 - Indexed search are logged with 'notes=U' in the access logs - Ticket 47461 - logconv.pl - Use of comma-less variable list is deprecated - Ticket 47447 - logconv.pl man page missing -m,-M,-B,-D - Ticket #47348 - add etimes to per second/minute stats - Ticket #47341 - logconv.pl -m time calculation is wrong - Ticket #47336 - logconv.pl -m not working for all stats - Ticket 611 - logconv.pl missing stats for StartTLS, LDAPI, and AUTOBIND - TIcket 419 - logconv.pl - improve memory management - Ticket 471 - logconv.pl tool removes the access logs contents if "-M" is not correctly used - Ticket 539 - logconv.pl should handle microsecond timing - Ticket #47504 idlistscanlimit per index/type/value - Ticket #47516 replication stops with excessive clock skew -------------------------------------------------------------------------------- References: [ 1 ] Bug #1024552 - CVE-2013-4485 389-ds-base: DoS due to improper handling of ger attr searches https://bugzilla.redhat.com/show_bug.cgi?id=1024552 -------------------------------------------------------------------------------- ================================================================================ anki-2.0.18-1.fc18 (FEDORA-2013-21849) Flashcard program for using space repetition learning -------------------------------------------------------------------------------- Update Information: Update to new bugfix upstream release 2.0.18. Minor bug fixes Please see http://www.ankisrs.net/docs/changes.html for details. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 20 2013 Christian Krause <chkr@xxxxxxxxxxxxxxxxx> - 2.0.18-1 - Update to new upstream version 2.0.18 (BZ 1027704) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1027704 - anki-2.0.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=1027704 -------------------------------------------------------------------------------- ================================================================================ ansible-1.4-1.fc18 (FEDORA-2013-21824) SSH-based configuration management, deployment, and task execution system -------------------------------------------------------------------------------- Update Information: Update to 1.4 upstream version with tons of new modules and bugfixes. See http://blog.ansibleworks.com/2013/11/21/ansible-1-4-released/ and https://github.com/ansible/ansible/blob/devel/CHANGELOG.md for more information. -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 21 2013 Kevin Fenzi <kevin@xxxxxxxxx> 1.4-1 - Update to 1.4 -------------------------------------------------------------------------------- ================================================================================ gq-1.3.4-19.fc18 (FEDORA-2013-21651) Graphical LDAP directory browser and editor -------------------------------------------------------------------------------- Update Information: Add patch to fix crashing issue due to bug in error chain code and some other places. -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 21 2013 Terje Røsten <terje.rosten@xxxxxxx> - 1.34-19 - Try to avoid some more crash bugs. * Mon Nov 11 2013 Terje Røsten <terje.rosten@xxxxxxx> - 1.34-18 - Add errorchain patch * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3.4-17 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Fri Apr 12 2013 Jon Ciesla <limburgher@xxxxxxxxx> - 1.3.4-16 - Drop desktop vendor tag. * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3.4-15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #520342 - crash when browsing LDAP server https://bugzilla.redhat.com/show_bug.cgi?id=520342 [ 2 ] Bug #1028771 - [abrt] gq-1.3.4-16.fc19: vsnprintf: Process /usr/bin/gq was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=1028771 [ 3 ] Bug #925484 - gq: Does not support aarch64 in f19 and rawhide https://bugzilla.redhat.com/show_bug.cgi?id=925484 -------------------------------------------------------------------------------- ================================================================================ gvfs-1.14.2-5.fc18 (FEDORA-2013-21825) Backends for the gio framework in GLib -------------------------------------------------------------------------------- Update Information: Fix dav input output error. -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 22 2013 Ondrej Holy <oholy@xxxxxxxxxx> - 1.14.2-5 - Fix dav input output error (#919767) -------------------------------------------------------------------------------- References: [ 1 ] Bug #919767 - gvfs and webdav input output error https://bugzilla.redhat.com/show_bug.cgi?id=919767 -------------------------------------------------------------------------------- ================================================================================ hplip-3.13.11-2.fc18 (FEDORA-2013-21827) HP Linux Imaging and Printing Project -------------------------------------------------------------------------------- Update Information: New upstream release which adds support for new printers and fixes several bugs. -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 21 2013 Jiri Popelka <jpopelka@xxxxxxxxxx> - 3.13.11-2 - create /usr/lib/tmpfiles.d/hplip.conf (bug #1015831). * Wed Nov 6 2013 Jiri Popelka <jpopelka@xxxxxxxxxx> - 3.13.11-1 - 3.13.11 * Tue Oct 15 2013 Jaromír Končický <jkoncick@xxxxxxxxxx> - 3.13.10-1 - 3.13.10: 8 patches applied upstream, big changes in tmp and log dirs, removed hp-mkuri - Fixed Incorrect IEEE 1284 MFG value for LaserJet Professional P1102 (bug #1018826). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1015831 - [abrt] hplip-3.13.9-2.fc19: hpfax:258:<module>:OSError: [Errno 2] No such file or directory: '/var/run/hplip/hpfax-pipe-99' https://bugzilla.redhat.com/show_bug.cgi?id=1015831 -------------------------------------------------------------------------------- ================================================================================ ibus-typing-booster-1.2.7-1.fc18 (FEDORA-2013-21880) A typing booster engine for the IBus platform -------------------------------------------------------------------------------- Update Information: Don’t strip characters with Unicode category “Cf” (Other, format) from tokens Commit candidate clicked on with the mouse; Change wording of the option to show the total number of candidates -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 20 2013 Mike FABIAN <mfabian@xxxxxxxxxx> - 1.2.7-1 - Don’t strip characters with Unicode category “Cf” (Other, format) from tokens (Resolves: rhbz#1032504) * Thu Nov 14 2013 Mike FABIAN <mfabian@xxxxxxxxxx> - 1.2.6-1 - Change wording of the option to show the total number of candidates (Resolves: rhbz#1029748) - Commit candidate clicked on with the mouse (Resolves: rhbz#1029822) - Use direct input also for IBus.InputPurpose.PIN - remove unused und superfluous arguments of constructor of Hunspell class - Add some transliteration options to .conf files which had only native keyboard enabled -------------------------------------------------------------------------------- References: [ 1 ] Bug #1032504 - [ml_IN][ibus-typing-booster][F20] - 200D does not get committed in user db when it comes at the end https://bugzilla.redhat.com/show_bug.cgi?id=1032504 [ 2 ] Bug #1029748 - Bit confusing label in preference windows https://bugzilla.redhat.com/show_bug.cgi?id=1029748 [ 3 ] Bug #1029822 - mouse selection and pagination numbering issue for ibus-typing-booster https://bugzilla.redhat.com/show_bug.cgi?id=1029822 -------------------------------------------------------------------------------- ================================================================================ kde-plasma-nm-0.9.3.2-1.fc18 (FEDORA-2013-21885) Plasma applet written in QML for managing network connections -------------------------------------------------------------------------------- Update Information: Plasma-nm 0.9.3.2 release. -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 21 2013 Jan Grulich <jgrulich@xxxxxxxxxx> - 0.9.3.2-1 - Update to 0.9.3.2 * Wed Oct 30 2013 Jan Grulich <jgrulich@xxxxxxxxxx> - 0.9.3.1-6 - add some upstream fixes and changes -------------------------------------------------------------------------------- ================================================================================ kernel-3.11.9-100.fc18 (FEDORA-2013-21822) The Linux kernel -------------------------------------------------------------------------------- Update Information: The stable 3.11.9 update contains a number of important fixes across the tree. The 3.11.8 stable update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 20 2013 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> - 3.11.9-100 - Linux v3.11.9 * Mon Nov 18 2013 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> - Add patch to fix rhel5.9 KVM guests (rhbz 967652) - Add patch to fix crash from slab when using md-raid mirrors (rhbz 1031086) - Add patches from Pierre Ossman to fix 24Hz/24p radeon audio (rhbz 1010679) - Add patch to fix ALX phy issues after resume (rhbz 1011362) - Fix ipv6 sit panic with packet size > mtu (from Michele Baldessari) (rbhz 1015905) * Thu Nov 14 2013 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> - CVE-2013-4563: net: large udp packet over IPv6 over UFO-enabled device with TBF qdisc panic (rhbz 1030015 1030017) * Wed Nov 13 2013 Justin M. Forbes <jforbes@xxxxxxxxxxxxxxxxx> - 3.11.8-100 - Linux v3.11.8 * Sat Nov 9 2013 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> - Add patch from Daniel Stone to avoid high order allocations in evdev - Add qxl backport fixes from Dave Airlie -------------------------------------------------------------------------------- References: [ 1 ] Bug #1030015 - CVE-2013-4563 kernel: net: large udp packet over IPv6 over UFO-enabled device with TBF qdisc panic https://bugzilla.redhat.com/show_bug.cgi?id=1030015 -------------------------------------------------------------------------------- ================================================================================ kscreen-1.0.2-1.fc18 (FEDORA-2013-21898) KDE Display Management software -------------------------------------------------------------------------------- Update Information: KScreen 1.0.2 -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 20 2013 Dan Vrátil <dvratil@xxxxxxxxxx> 1:1.0.2-1 - kscreen 1:1.0.2-1 -------------------------------------------------------------------------------- ================================================================================ lhapdf-5.9.1-2.fc18 (FEDORA-2013-21859) Les Houches Accord PDF Interface -------------------------------------------------------------------------------- Update Information: Rerun swig code generation for better security. -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 21 2013 Mattias Ellert <mattias.ellert@xxxxxxxxxxxx> - 5.9.1-2 - Remove bundled swig generated sources -------------------------------------------------------------------------------- ================================================================================ libkscreen-1.0.2-1.fc18 (FEDORA-2013-21898) Display configuration library -------------------------------------------------------------------------------- Update Information: KScreen 1.0.2 -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 20 2013 Dan Vrátil <dvratil@xxxxxxxxxx> - 1:1.0.2-1 - libkscreen 1.0.2 -------------------------------------------------------------------------------- ================================================================================ lnav-0.6.2-1.fc18 (FEDORA-2013-21858) A curses-based tool for viewing and analyzing log files -------------------------------------------------------------------------------- Update Information: Word-wrap support. -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 21 2013 Christopher Meng <rpm@xxxxxxxx> - 0.6.2-1 - New upstream release. * Thu Sep 12 2013 Christopher Meng <rpm@xxxxxxxx> - 0.6.1-1 - New upstream release. - Add python BR for environ detection. * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.5.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ mate-desktop-1.6.2-0.11.git81c245b.fc18 (FEDORA-2013-21830) Shared code for mate-panel, mate-session, mate-file-manager, etc -------------------------------------------------------------------------------- Update Information: - use Menta-Blue as default theme in fedora 20, change gesettings overrides -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 21 2013 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.6.2-0.11.git81c245b - use Menta-Blue as default theme in fedora 20, change gesettings overrides * Tue Nov 19 2013 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.6.2-0.10.git81c245b - add gsettings overrides again for caja f20 * Thu Nov 14 2013 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.6.2-0.9.git81c245b - use Menta-Blue as default theme in fedora 20, change gesettings overrides * Tue Nov 12 2013 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.6.2-0.8.git81c245b - let caja starts with mate-session-manager for > f19 - adjust mate-fedora gesettings override file * Sat Oct 19 2013 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.6.2-0.7.git81c245b - switch to gnome-keyring for > f19 * Fri Oct 18 2013 Dan Mashal <dan.mashal@xxxxxxxxxxxxxxxxx> - 1.6.2.-0.6.git81c245b - Fix typo -------------------------------------------------------------------------------- ================================================================================ mate-user-share-1.6.1-0.3.git77a6040.fc18 (FEDORA-2013-21889) Mate user file sharing -------------------------------------------------------------------------------- Update Information: - add runtime require obex-data-server -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 21 2013 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.6.1-0.3.git77a6040 - do not use download dir for incoming bluetooth downloads if mate-bluetooth - isn't installed, rhbz #(1031307) -------------------------------------------------------------------------------- ================================================================================ mediawiki-1.19.9-1.fc18 (FEDORA-2013-21874) A wiki engine -------------------------------------------------------------------------------- Update Information: * Kevin Israel (Wikipedia user PleaseStand) identified and reported two vectors for injecting Javascript in CSS that bypassed MediaWiki's blacklist (CVE-2013-4567, CVE-2013-4568). <https://bugzilla.wikimedia.org/show_bug.cgi?id=55332> * Internal review while debugging a site issue discovered that MediaWiki and the CentralNotice extension were incorrectly setting cache headers when a user was autocreated, causing the user's session cookies to be cached, and returned to other users (CVE-2013-4572). <https://bugzilla.wikimedia.org/show_bug.cgi?id=53032> Additionally, the following extensions have been updated to fix security issues: * CleanChanges: MediaWiki steward Teles reported that revision-deleted IP's are not correctly hidden when this extension is used (CVE-2013-4569). <https://bugzilla.wikimedia.org/show_bug.cgi?id=54294> * ZeroRatedMobileAccess: Tomasz Chlebowski reported an XSS vulnerability (CVE-2013-4573). <https://bugzilla.wikimedia.org/show_bug.cgi?id=55991> * CentralAuth: MediaWiki developer Platonides reported a login CSRF in CentralAuth (CVE-2012-5394). <https://bugzilla.wikimedia.org/show_bug.cgi?id=40747> -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 19 2013 Michael Cronenworth <mike@xxxxxxxxxx> - 1.19.9-1 - New upstream release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1030987 - CVE-2013-4567 CVE-2013-4568 CVE-2013-4572 mediawiki: security releases 1.21.3, 1.20.8, and 1.19.9 https://bugzilla.redhat.com/show_bug.cgi?id=1030987 -------------------------------------------------------------------------------- ================================================================================ moserial-3.0.8-1.fc18 (FEDORA-2013-21872) Serial terminal for the gnome desktop -------------------------------------------------------------------------------- Update Information: Update to latest upstream release moserial 3.0.8. -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 21 2013 Terje Rosten <terje.rosten@xxxxxxx> - 3.0.8-1 - 3.0.8 * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.0.7-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.0.7-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #926168 - moserial: Does not support aarch64 in f19 and rawhide https://bugzilla.redhat.com/show_bug.cgi?id=926168 -------------------------------------------------------------------------------- ================================================================================ perl-local-lib-1.008010-2.fc18 (FEDORA-2013-21811) Create and use a local lib/ for perl modules -------------------------------------------------------------------------------- Update Information: This release fixes login script for C shell. -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 21 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 1.008010-2 - Fix setting undefined variable in CSH (bug #1033018) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1033018 - syntax error in /etc/profile.d/perl-homedir.csh (perl-local-lib/perl-homedir) https://bugzilla.redhat.com/show_bug.cgi?id=1033018 -------------------------------------------------------------------------------- ================================================================================ php-Pimple-1.1.0-4.fc18 (FEDORA-2013-21526) A simple dependency injection container for PHP -------------------------------------------------------------------------------- Update Information: Updated to 1.1.0 1.0.2 to 1.1.0 changes: https://github.com/fabpot/Pimple/compare/v1.0.2...v1.1.0 -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 21 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 1.1.0-4 - Reverted invalid PSR-0 - Updated %check to use PHPUnit's "--include-path" option * Fri Nov 15 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 1.1.0-3 - Updated description with note about PSR-0 and legacy compatibility * Fri Nov 15 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 1.1.0-2 - Updated file location for PSR-0 compliance * Fri Nov 15 2013 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 1.1.0-1 - Updated to 1.1.0 - php-common => php(language) * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1030925 - php-Pimple-1.1.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1030925 -------------------------------------------------------------------------------- ================================================================================ php-pecl-http-2.0.0-1.fc18 (FEDORA-2013-21904) Extended HTTP support -------------------------------------------------------------------------------- Update Information: Final Version 2.0.0 (stable) is released. Only minor bugfix from previous beta. -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 22 2013 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.0.0-1 - update to 2.0.0 (stable) - install doc in pecl doc_dir - install tests in pecl test_dir (in devel) - spec cleanups, and EPEL-6 compatibility * Tue Aug 20 2013 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.0.0-0.18.beta5 - update to 2.0.0 beta5 - requires propro and raphf extensions * Fri Mar 22 2013 Remi Collet <rcollet@xxxxxxxxxx> - 2.0.0-0.16.beta4 - rebuild for http://fedoraproject.org/wiki/Features/Php55 * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.0.0-0.15.beta4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Sun Dec 30 2012 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 2.0.0-0.14.beta4 - update to 2.0.0beta4 -------------------------------------------------------------------------------- ================================================================================ php-pecl-yaml-1.1.1-1.fc18 (FEDORA-2013-21873) Support for YAML 1.1 serialization using the LibYAML library -------------------------------------------------------------------------------- Update Information: This update to the YAML extension contains a number of bug fixes (including several crashers), and adds an implementation of yaml_emit_file() that was mistakenly never enabled. The full Changelog can be viewed here: http://pecl.php.net/package-changelog.php?package=yaml&release=1.1.1 -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 20 2013 Theodore Lee <theo148@xxxxxxxxx> - 1.1.1-1 - Update to upstream 1.1.1 release * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.1.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Fri Mar 22 2013 Remi Collet <rcollet@xxxxxxxxxx> - 1.1.0-4 - rebuild for http://fedoraproject.org/wiki/Features/Php55 * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.1.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ php-tcpdf-6.0.047-1.fc18 (FEDORA-2013-21841) PHP class for generating PDF documents -------------------------------------------------------------------------------- Update Information: 6.0.047 (2013-11-19) - SVG support was extended to support some nested defs. 6.0.046 (2013-11-17) - preg_replace_callback functions were replaced to improve memory performances. 6.0.045 (2013-11-17) - Bug #862 "Parsing error on flate filter" was fixed. 6.0.044 (2013-11-10) - Bug #857 "Undefined offset error" was fixed. - The uniord method now uses a static cache to improve performances (thanks to Mathieu Masseboeuf for the sugegstion). - Two bugs in the TCPDF_FONTS class were fixed. 6.0.043 (2013-10-29) - Bug #854 "CSS instruction display" was fixed. -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 21 2013 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 6.0.047-1 - update to 6.0.047 -------------------------------------------------------------------------------- ================================================================================ python-jira-0.13-3.fc18 (FEDORA-2013-21815) A library to ease use of the JIRA 5 REST APIs. -------------------------------------------------------------------------------- Update Information: Patch out mimetype detection. Initial packaging. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1025368 - Review Request: python-jira - A library to ease use of the JIRA 5 REST APIs. https://bugzilla.redhat.com/show_bug.cgi?id=1025368 -------------------------------------------------------------------------------- ================================================================================ reposurgeon-2.42-1.fc18 (FEDORA-2013-21836) SCM Repository Manipulation Tool -------------------------------------------------------------------------------- Update Information: - Prevented crash when tagifying a mixed-branch commit.- svn_no_autoignores -> svn_noautoignores.- Ignore single-rev mergeinfos in Subversion, they're cherry-picks. -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 21 2013 Christopher Meng <rpm@xxxxxxxx> - 2.42-1 - Prevented crash when tagifying a mixed-branch commit. - svn_no_autoignores -> svn_noautoignores. - Ignore single-rev mergeinfos in Subversion, they're cherry-picks. * Sat Nov 9 2013 Christopher Meng <rpm@xxxxxxxx> - 2.41-1 - Fixed a fatal bug when reading any symlink from a live Subversion repo. - Added svn_no_autoignores option. -------------------------------------------------------------------------------- ================================================================================ salt-0.17.2-2.fc18 (FEDORA-2013-21837) A parallel remote execution system -------------------------------------------------------------------------------- Update Information: Patched to fix pkgrepo.managed regression. -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 19 2013 Erik Johnson <erik@xxxxxxxxxxxxx> - 0.17.2-2 - Patched to fix pkgrepo.managed regression * Mon Nov 18 2013 Erik Johnson <erik@xxxxxxxxxxxxx> - 0.17.2-1 - Update to bugfix release 0.17.2 -------------------------------------------------------------------------------- ================================================================================ sane-backends-1.0.24-7.fc18 (FEDORA-2013-21847) Scanner access software -------------------------------------------------------------------------------- Update Information: New upstream version with these changes: * Significant enhancements to pixma, genesys, kodakaio, fujitsu, canon_dr. * Minor updates, bugfixes or scanners added in several backends. * 51 new scanner models supported. * USB support improvements. * Documentation updates. * Bugfixes. Additionally, this update configures USB devices through udev hwdb instead of individual rules which should speed up device recognition and a crash in the pixma backend that occurred if hostnames of networked scanners were too long, various issues found during a static code scan and a bug in the udev rules where SCSI devices didn't get the correct permissions for logged in users. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 20 2013 Nils Philippsen <nils@xxxxxxxxxx> - 1.0.24-7 - set correct permissions for SCSI devices (#1028549) * Thu Nov 7 2013 Nils Philippsen <nils@xxxxxxxxxx> - 1.0.24-6 - epson: don't leak memory if realloc() fails * Thu Nov 7 2013 Nils Philippsen <nils@xxxxxxxxxx> - 1.0.24-5 - fix issues found during static code check * Tue Oct 29 2013 Nils Philippsen <nils@xxxxxxxxxx> - 1.0.24-4 - fix crash in pixma driver (#1021653) * Thu Oct 24 2013 Nils Philippsen <nils@xxxxxxxxxx> - 1.0.24-3 - generate hwdb files correctly (#1018565) * Wed Oct 16 2013 Nils Philippsen <nils@xxxxxxxxxx> - 1.0.24-2 - update udev hwdb on installation/removal * Wed Oct 9 2013 Nils Philippsen <nils@xxxxxxxxxx> - 1.0.24-1 - version 1.0.24 - use (hopefully stable) Alioth download URL - update udev patch, remove obsolete patches - use udev hwdb instead of huge rulesets -------------------------------------------------------------------------------- References: [ 1 ] Bug #1028549 - System Can't Claim SCSI Scanner https://bugzilla.redhat.com/show_bug.cgi?id=1028549 [ 2 ] Bug #1021653 - xsane crashing with new sane-backends https://bugzilla.redhat.com/show_bug.cgi?id=1021653 [ 3 ] Bug #1018565 - scanimage detects sm3840 only for root https://bugzilla.redhat.com/show_bug.cgi?id=1018565 -------------------------------------------------------------------------------- ================================================================================ spring-95.0-2.fc18 (FEDORA-2013-21835) Multiplayer, 3D realtime strategy combat game -------------------------------------------------------------------------------- Update Information: - Version 95.0, major spring/springlobby upstream release. - Remove EFX patch - applied upstream. - Switch to ExclusiveArch. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 20 2013 Gilboa Davara <gilboad [AT] gmail [DOT] com> - 95.0-1 - Switch to ExclusiveArch. * Mon Nov 18 2013 Gilboa Davara <gilboad [AT] gmail [DOT] com> - 95.0-1 - Version 95.0, major spring/springlobby upstream release. - Remove EFX patch - applied upstream. * Mon Nov 18 2013 Dave Airlie <airlied@xxxxxxxxxx> - 94.1-7 - rebuilt for GLEW 1.10 * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 94.1-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Mon Jul 29 2013 Dennis Gilmore <dennis@xxxxxxxx> - 94.1-5 - Exclude arm it needs porting bz#989837 * Sat Jul 27 2013 pmachata@xxxxxxxxxx - 94.1-4 - Rebuild for boost 1.54.0 -------------------------------------------------------------------------------- ================================================================================ springlobby-0.169-7.fc18 (FEDORA-2013-21866) A lobby client for the spring RTS game engine -------------------------------------------------------------------------------- Update Information: - Switch to ExclusiveArch. - Missing dependencies added (#1000755). -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 20 2013 Gilboa Davara <gilboad [AT] gmail [DOT] com> - 0.169-7 - Switch to ExclusiveArch. * Mon Nov 18 2013 Gilboa Davara <gilboad [AT] gmail [DOT] com> - 0.169-6 - Exclude ARM. - Missing dependencies added (#1000755). - Changelog date cleanup. * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.169-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Sun Jul 28 2013 Petr Machata <pmachata@xxxxxxxxxx> - 0.169-4 - Rebuild for boost 1.54.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1000755 - missing dependencies https://bugzilla.redhat.com/show_bug.cgi?id=1000755 -------------------------------------------------------------------------------- ================================================================================ wondershaper-1.2.1-2.fc18 (FEDORA-2013-21806) Simple Network Shaper -------------------------------------------------------------------------------- Update Information: Simple network shaper -------------------------------------------------------------------------------- References: [ 1 ] Bug #1018498 - Review Request: wondershaper(NG) - Simple network shaper https://bugzilla.redhat.com/show_bug.cgi?id=1018498 -------------------------------------------------------------------------------- ================================================================================ xen-4.2.3-9.fc18 (FEDORA-2013-21851) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: Insufficient TLB flushing in VT-d (iommu) code -------------------------------------------------------------------------------- ChangeLog: * Thu Nov 21 2013 Michael Young <m.a.young@xxxxxxxxxxxx> - 4.2.3-9 - Insufficient TLB flushing in VT-d (iommu) code [XSA-78, CVE-2013-6375] (#1033149) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1033138 - CVE-2013-6375 xen: Insufficient TLB flushing in VT-d (iommu) code https://bugzilla.redhat.com/show_bug.cgi?id=1033138 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
