The following Fedora 18 Security updates need testing: Age URL 233 https://admin.fedoraproject.org/updates/FEDORA-2013-6117/eucalyptus-3.2.2-1.fc18 79 https://admin.fedoraproject.org/updates/FEDORA-2013-17195/spice-gtk-0.18-3.fc18 76 https://admin.fedoraproject.org/updates/FEDORA-2013-17431/thunderbird-17.0.9-1.fc18 73 https://admin.fedoraproject.org/updates/FEDORA-2013-17635/wireshark-1.10.2-4.fc18 72 https://admin.fedoraproject.org/updates/FEDORA-2013-17853/davfs2-1.4.7-3.fc18 15 https://admin.fedoraproject.org/updates/FEDORA-2013-21875/389-ds-base-1.3.0.9-1.fc18 9 https://admin.fedoraproject.org/updates/FEDORA-2013-22315/ruby-1.9.3.484-32.fc18 9 https://admin.fedoraproject.org/updates/FEDORA-2013-22313/subversion-1.7.14-1.fc18 7 https://admin.fedoraproject.org/updates/FEDORA-2013-22456/seamonkey-2.22.1-1.fc18 7 https://admin.fedoraproject.org/updates/FEDORA-2013-22497/ganglia-3.6.0-3.fc18 5 https://admin.fedoraproject.org/updates/FEDORA-2013-22607/nbd-3.5-1.fc18 5 https://admin.fedoraproject.org/updates/FEDORA-2013-22606/maradns-2.0.07d-1.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-22686/tuxcut-5.0-15.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-22771/gimp-2.8.10-4.fc18 3 https://admin.fedoraproject.org/updates/FEDORA-2013-22786/mod_nss-1.0.8-27.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-22949/net-snmp-5.7.2-7.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-22866/xen-4.2.3-11.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-22929/dcraw-9.19-4.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-22899/ufraw-0.19.2-10.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-22986/munin-2.0.18-2.fc18 0 https://admin.fedoraproject.org/updates/FEDORA-2013-22993/munin-2.0.19-1.fc18 The following Fedora 18 Critical Path updates have yet to be approved: Age URL 302 https://admin.fedoraproject.org/updates/FEDORA-2013-2192/nautilus-3.6.3-5.fc18 11 https://admin.fedoraproject.org/updates/FEDORA-2013-22215/taglib-1.9.1-2.fc18 11 https://admin.fedoraproject.org/updates/FEDORA-2013-22253/kde-settings-4.9-22.fc18 9 https://admin.fedoraproject.org/updates/FEDORA-2013-22299/fedora-bookmarks-15-4.fc18 7 https://admin.fedoraproject.org/updates/FEDORA-2013-22457/libbluray-0.4.0-2.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-22690/libfm-1.1.3-1.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-22918/opus-1.1-1.fc18 1 https://admin.fedoraproject.org/updates/FEDORA-2013-22917/colord-1.0.5-1.fc18 The following builds have been pushed to Fedora 18 updates-testing GitPython-0.3.2-0.6.RC1.fc18 atoum-0-0.5.gita68f365.fc18 glite-lbjp-common-gsoap-plugin-3.2.10-2.fc18 kdevelop-4.6.0-1.fc18 kdevelop-php-1.6.0-1.fc18 kdevplatform-1.6.0-1.fc18 libvmime-0.9.2-0.9.20120406git.fc18 mate-themes-extras-1.6.7-1.fc18 munin-2.0.18-2.fc18 munin-2.0.19-1.fc18 nodejs-grunt-0.4.1-2.fc18 php-Slim-2.4.0-1.fc18 php-Smarty-3.1.15-1.fc18 qpdfview-0.4.7-1.fc18 quiterss-0.14.1-1.fc18 zarafa-7.1.7-1.fc18 Details about builds: ================================================================================ GitPython-0.3.2-0.6.RC1.fc18 (FEDORA-2013-23018) Python Git Library -------------------------------------------------------------------------------- Update Information: add support for gpg signed commits -------------------------------------------------------------------------------- ChangeLog: * Sat Dec 7 2013 Dennis Gilmore <dennis@xxxxxxxx> - 0.3.2-0.6-RC1 - apply patch from Igor Gnatenko for bz#1010706 * Fri Aug 2 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.3.2-0.5.RC1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Wed Feb 13 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.3.2-0.4.RC1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1010706 - [PATCH] Work with GPG signed git commits https://bugzilla.redhat.com/show_bug.cgi?id=1010706 -------------------------------------------------------------------------------- ================================================================================ atoum-0-0.5.gita68f365.fc18 (FEDORA-2013-22999) PHP Unit Testing framework -------------------------------------------------------------------------------- Update Information: Last upstream commit -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 8 2013 Johan Cwiklinski <johan AT x-tnd DOT be> - 0.0.5.gita68f365 - Last upstream commit -------------------------------------------------------------------------------- ================================================================================ glite-lbjp-common-gsoap-plugin-3.2.10-2.fc18 (FEDORA-2013-22997) Plugin for gSoap to use glite-security-gss as the communication layer -------------------------------------------------------------------------------- Update Information: glite-security-gsoap-plugin is plugin for gSoap providing secured communication via GSS, as well as strict timing control of all operations via glite-security-gss. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1036311 - Review Request: glite-lbjp-common-gsoap-plugin - Plugin for gSoap to use glite-security-gss as the communication layer https://bugzilla.redhat.com/show_bug.cgi?id=1036311 -------------------------------------------------------------------------------- ================================================================================ kdevelop-4.6.0-1.fc18 (FEDORA-2013-23000) Integrated Development Environment for C++/C -------------------------------------------------------------------------------- Update Information: KDevelop 4.6.0 release. -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 8 2013 Jan Grulich <jgrulich@xxxxxxxxxx> - 9:4.6.0-1 - Update to 4.6.0 * Wed Nov 27 2013 Jan Grulich <jgrulich@xxxxxxxxxx> - 9:4.5.90-1 - Update to 4.5.90 * Mon Nov 18 2013 Jan Grulich <jgrulich@xxxxxxxxxx> - 9:4.5.80-1 - Update to 4.5.80 -------------------------------------------------------------------------------- ================================================================================ kdevelop-php-1.6.0-1.fc18 (FEDORA-2013-23000) Php language and documentation plugins for KDevelop -------------------------------------------------------------------------------- Update Information: KDevelop 4.6.0 release. -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 8 2013 Jan Grulich <jgrulich@xxxxxxxxxx> - 1.6.0-1 - Update to 1.6.0 * Wed Nov 27 2013 Jan Grulich <jgrulich@xxxxxxxxxx> - 1.5.90-1 - Update to 1.5.90 * Mon Nov 18 2013 Jan Grulich <jgrulich@xxxxxxxxxx> - 1.5.80-1 - Update to 1.5.80 -------------------------------------------------------------------------------- ================================================================================ kdevplatform-1.6.0-1.fc18 (FEDORA-2013-23000) Libraries for use by KDE development tools -------------------------------------------------------------------------------- Update Information: KDevelop 4.6.0 release. -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 8 2013 Jan Grulich <jgrulich@xxxxxxxxxx> - 1.6.0-1 - Update to 1.6.0 * Wed Nov 27 2013 Jan Grulich <jgrulich@xxxxxxxxxx> - 1.5.90-1 - Update to 1.5.90 * Mon Nov 18 2013 Jan Grulich <jgrulich@xxxxxxxxxx> - 1.5.80-1 - Update to 1.5.80 -------------------------------------------------------------------------------- ================================================================================ libvmime-0.9.2-0.9.20120406git.fc18 (FEDORA-2013-23001) Powerful library for MIME messages and Internet messaging services -------------------------------------------------------------------------------- Update Information: - Switch to GIT 20120406 (#1008068) - Added virtual provides libvmime(abi) and libvmime(api) for other packages as libvmime 0.9.2 does still not ensure any API/ABI compatibility for years now -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 8 2013 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 0.9.2-0.9.20120406git - Downgrade to GIT 20120406 (#1008068) - Added virtual provides libvmime(abi) and libvmime(api) for other packages as libvmime 0.9.2 does still not ensure any API/ABI compatibility for years now -------------------------------------------------------------------------------- References: [ 1 ] Bug #1008068 - after updrade zarafa from 7.0.13 to 7.1.15 it no longer possible to send emails https://bugzilla.redhat.com/show_bug.cgi?id=1008068 -------------------------------------------------------------------------------- ================================================================================ mate-themes-extras-1.6.7-1.fc18 (FEDORA-2013-23013) Extra gtk-2/3 themes for gtk based desktops -------------------------------------------------------------------------------- Update Information: - update to 1.6.7 - gtk2, syncronize panel-applets menus - several improvements in themes -------------------------------------------------------------------------------- ChangeLog: * Sat Dec 7 2013 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.6.7-1 - update to 1.6.7 - fix GnomishBeige theme - syncronize panel-applets menus, Faience and Faience-Ocre * Sat Dec 7 2013 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.6.6-1 - update to 1.6.6 - gtk2, syncronize panel-applets menus - several improvements in themes -------------------------------------------------------------------------------- ================================================================================ munin-2.0.18-2.fc18 (FEDORA-2013-22986) Network-wide graphing framework (grapher/gatherer) -------------------------------------------------------------------------------- Update Information: Upstream update to 2.0.18, fixes CVE-2013-6359 -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 8 2013 drjohnson1@xxxxxxxxx - 2.0.18-2 - Modifying hostname require for f21 * Sat Dec 7 2013 drjohnson1@xxxxxxxxx - 2.0.18-1 - BZ# 1037890,1037889,1037888: CVE-2013-6359 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1037888 - CVE-2013-6048 CVE-2013-6359 munin: two denial of service flaws fixed in 2.0.18 https://bugzilla.redhat.com/show_bug.cgi?id=1037888 -------------------------------------------------------------------------------- ================================================================================ munin-2.0.19-1.fc18 (FEDORA-2013-22993) Network-wide graphing framework (grapher/gatherer) -------------------------------------------------------------------------------- Update Information: Upstream update to 2.0.19, fixes CVE-2013-6359 -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 8 2013 drjohnson1@xxxxxxxxx - 2.0.19-1 - Upstream to 2.0.19 * Sun Dec 8 2013 drjohnson1@xxxxxxxxx - 2.0.18-2 - Modifying hostname require for f21 * Sat Dec 7 2013 drjohnson1@xxxxxxxxx - 2.0.18-1 - BZ# 1037890,1037889,1037888: CVE-2013-6359 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1037888 - CVE-2013-6048 CVE-2013-6359 munin: two denial of service flaws fixed in 2.0.18 https://bugzilla.redhat.com/show_bug.cgi?id=1037888 -------------------------------------------------------------------------------- ================================================================================ nodejs-grunt-0.4.1-2.fc18 (FEDORA-2013-22994) Grunt is a JavaScript library used for automation and running tasks -------------------------------------------------------------------------------- Update Information: Initial package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #977128 - Review Request: nodejs-grunt - The JavaScript Task Runner https://bugzilla.redhat.com/show_bug.cgi?id=977128 -------------------------------------------------------------------------------- ================================================================================ php-Slim-2.4.0-1.fc18 (FEDORA-2013-22988) PHP micro framework -------------------------------------------------------------------------------- Update Information: New upstream release -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 8 2013 Johan Cwiklinski <johan AT x-tnd DOT be> - 2.4.0-1 - New upstream release -------------------------------------------------------------------------------- ================================================================================ php-Smarty-3.1.15-1.fc18 (FEDORA-2013-22991) Template/Presentation Framework for PHP -------------------------------------------------------------------------------- Update Information: New upstream release -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 8 2013 Johan Cwiklinski <johan AT x-tnd DOT be> - 3.1.15-1 - Last upstream release -------------------------------------------------------------------------------- ================================================================================ qpdfview-0.4.7-1.fc18 (FEDORA-2013-22995) Tabbed PDF Viewer -------------------------------------------------------------------------------- Update Information: Version bump. -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 8 2013 TI_Eugene <ti.eugene@xxxxxxxxx> 0.4.7-1 - Version bump -------------------------------------------------------------------------------- ================================================================================ quiterss-0.14.1-1.fc18 (FEDORA-2013-23009) RSS/Atom aggregator -------------------------------------------------------------------------------- Update Information: Version bump. -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 8 2013 TI_Eugene <ti.eugene@xxxxxxxxx> - 0.14.1-1 - Version bump - phonon-devel BR added -------------------------------------------------------------------------------- ================================================================================ zarafa-7.1.7-1.fc18 (FEDORA-2013-23003) Open Source Edition of the Zarafa Collaboration Platform -------------------------------------------------------------------------------- Update Information: Zarafa Collaboration Platform 7.1.7 final [42779] ================================================= Backend ------- - ZCP-11572: /var/lib/zarafa/client not automatically created - ZCP-11778: zarafa-dagent requests php53 on SLES 10 instead of php5 - ZCP-11780: zarafa-search requests poppler-tools on SLES 10 instead of xpdf-tools - ZCP-11795: zarafa-set-oof does not work if subject is not being updated WebAccess --------- - ZCP-11770: Languages in webaccess are missing - ZCP-11776: Languages in webaccess are not fully set Zarafa Collaboration Platform 7.1.6 final [42710] ================================================= General ------- * This release is a maintenance release. This release has its focus on supporting new environments as well as resolving customer reported issues. * Additionally, this release is the first to officially support MySQL 5.6 as new database version. * Zarafa also introduced a new technique to eliminate forwarding rules to generate mail loops. * Updates and fixes to utilities such as MSR and zarafa-set-oof have been included as well. * A new DoS protection mechanism to block IMAP clients which are recurringly hitting zarafa-gateway after 20 failed IMAP commands was introduced: The new "imap_max_fail_commands" parameter has been introduced, which allows this setting to be set higher during migration scenarios. Backend ------- - ZCP-9973: zarafa-dagent does not have the option --ignore-unknown-config-option - ZCP-10273: Possible mail loop using redirect or forwarding rules - ZCP-11245: Support for fallback locales (such as dialect variants) - ZCP-11282: msr force_source option does not work on public store - ZCP-11376: Do not reconnect LDAP on server errors - ZCP-11500: Script zarafa-mailbox-permissions crash on missing folder - ZCP-11541: zarafa-set-oof does not support SSL - ZCP-11554: HTML formatted MR is shown wrong on receiver site - ZCP-11565: Mail with invalid charset cannot be delivered - ZCP-11575: Zarafa licensed does not send hosted report if report folder is unavailable - ZCP-11580: Zarafa-dagent fails to deliver to distribution list when a user has no home server in a multiserver environment - ZCP-11592: zarafa-backup/zarafa-gateway wrongly prints errors about empty rtf body to stderr - ZCP-11597: Mail sent to distribution list returns incorrect bounce email - ZCP-11600: Dagent is sending blacklisted properties through TNEF which is not accepted by exchange - ZCP-11610: zarafa-gateway POP3 UIDL violates max length specification of RFC 1939 - ZCP-11613: Support MySQL 5.6 - don't use uses have_innodb which is deprecated/removed - ZCP-11614: zarafa-mailbox-permissions UTF-8 redirection problem - ZCP-11616: zarafa-fsck not UTF-8 safe - ZCP-11621: zarafa-search should continue on a MAPI_E_NOT_FOUND - ZCP-11633: Let IMAP failure limit be configurable (IMAP migrations) - ZCP-11648: Purge softdelete shows unclear message when server is already purging - ZCP-11649: zarafa-msr-verify prints incorrect information - ZCP-11654: Create documentation for extended logging in man page - ZCP-11656: Document config setting in the manpage: default_sort_locale_id (server.cfg) - ZCP-11658: mr-accept breaks with php 5.4 - ZCP-11660: zarafa-msr failed with an apparent programming error - ZCP-11662: (host|speed)optimization of db-calc-storesize - ZCP-11672: Don't override CFLAGS at compile time - ZCP-11673: ./configure --enable-embedded-mysql not fully honored - ZCP-11719: Zarafa-server dies after an attempt to write mapi properties containing "NAN" as a value - ZCP-11721: Do not cache LDAP DNs at cache time, otherwise LDAP moddn does not let users login - ZCP-11727: Loop of GetChanges:663 unexpected null pointer indicates problem in sync - ZCP-11732: Support SUSE Linux Enterprise Server with PHP 5.3 (SP2/SP3) - ZCP-11735: MS TNEF fails with PT_MV_STRING8 Archiver -------- - ARCH-309: Archiver should not use hyphen in database name - ZCP-10679: ECArchiveAwareMsgStore::GetArchiveStore leaks memory - ZCP-11631: Zarafa archiver helper scripts give traceback on invalid parameters - ZCP-11764: Crash on opening stubbed archive message WebAccess --------- - ZCP-11722: tokenizer broken in webaccess for NR.### kind of strings -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 8 2013 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 7.1.7-1 - Upgrade to 7.1.7 (#1008068) - Added dependency from gateway and spooler to python-MAPI - Added requirements to virtual libvmime ABI/API provides -------------------------------------------------------------------------------- References: [ 1 ] Bug #1008068 - after updrade zarafa from 7.0.13 to 7.1.15 it no longer possible to send emails https://bugzilla.redhat.com/show_bug.cgi?id=1008068 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test