Fedora 18 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 18 Security updates need testing:
 Age  URL
  28  https://admin.fedoraproject.org/updates/FEDORA-2013-21875/389-ds-base-1.3.0.9-1.fc18
  14  https://admin.fedoraproject.org/updates/FEDORA-2013-22949/net-snmp-5.7.2-7.fc18
  11  https://admin.fedoraproject.org/updates/FEDORA-2013-23122/firefox-26.0-2.fc18,xulrunner-26.0-1.fc18
  11  https://admin.fedoraproject.org/updates/FEDORA-2013-23140/python-setuptools-0.6.49-1.fc18
   9  https://admin.fedoraproject.org/updates/FEDORA-2013-23291/thunderbird-24.2.0-2.fc18
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-23378/openttd-1.3.3-1.fc18
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-23401/v8-3.14.5.10-3.fc18
   5  https://admin.fedoraproject.org/updates/FEDORA-2013-23466/xen-4.2.3-12.fc18
   4  https://admin.fedoraproject.org/updates/FEDORA-2013-23504/quagga-0.99.21-6.fc18
   2  https://admin.fedoraproject.org/updates/FEDORA-2013-23591/seamonkey-2.23-1.fc18
   2  https://admin.fedoraproject.org/updates/FEDORA-2013-23646/perl-Proc-Daemon-0.14-9.fc18
   2  https://admin.fedoraproject.org/updates/FEDORA-2013-23575/ca-certificates-2013.1.95-1.fc18
   2  https://admin.fedoraproject.org/updates/FEDORA-2013-23662/rubygem-actionpack-3.2.8-4.fc18
   2  https://admin.fedoraproject.org/updates/FEDORA-2013-23663/ibus-chewing-1.4.4-1.fc18
   2  https://admin.fedoraproject.org/updates/FEDORA-2013-23678/gnupg-1.4.16-2.fc18


The following Fedora 18 Critical Path updates have yet to be approved:
 Age URL
 315  https://admin.fedoraproject.org/updates/FEDORA-2013-2192/nautilus-3.6.3-5.fc18
  11  https://admin.fedoraproject.org/updates/FEDORA-2013-23140/python-setuptools-0.6.49-1.fc18
   9  https://admin.fedoraproject.org/updates/FEDORA-2013-23291/thunderbird-24.2.0-2.fc18
   9  https://admin.fedoraproject.org/updates/FEDORA-2013-23312/dracut-029-1.fc18.3
   9  https://admin.fedoraproject.org/updates/FEDORA-2013-23306/abrt-2.1.10-1.fc18,libreport-2.1.10-1.fc18,satyr-0.12-1.fc18
   9  https://admin.fedoraproject.org/updates/FEDORA-2013-23297/libfm-1.1.4-1.fc18
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-23381/cryptsetup-1.6.3-1.fc18
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-23716/selinux-policy-3.11.1-108.fc18


The following builds have been pushed to Fedora 18 updates-testing

    NLopt-2.4.1-1.fc18
    aime-7.20131209-1.fc18
    libnet-1.1.6-7.fc18
    lightdm-1.4.5-3.fc18
    lyx-2.0.7-1.fc18
    mate-power-manager-1.6.3-1.fc18
    mate-settings-daemon-1.6.2-1.fc18
    ngrep-1.45-15.git20131221.16ba99a.fc18
    nomacs-1.6.2-1.fc18
    proftpd-1.3.4d-5.fc18
    rubygem-mixlib-cli-1.4.0-1.fc18
    rubygem-mixlib-config-2.1.0-1.fc18
    scap-security-guide-0.1.4-1.fc18
    vifir-0.9-21.fc18

Details about builds:


================================================================================
 NLopt-2.4.1-1.fc18 (FEDORA-2013-23834)
 Open-Source library for nonlinear optimization
--------------------------------------------------------------------------------
Update Information:

new upstream release: v2.4.1
--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec 20 2013 Björn Esser <bjoern.esser@xxxxxxxxx> - 2.4.1-1
- new upstream release: v2.4.1
- adapted %{source0} to match %{name}
- changed `%global lc_name` to `%define lc_name`, because of globbing problems
- use `tr` instead of shell-builtin for `%define lc_name`
- move `README.md` only if existing
* Fri Dec 20 2013 Björn Esser <bjoern.esser@xxxxxxxxx> - 2.4-3.git20130903.35e6377
- made %clean-target conditional on el5
- restructured spec-file for quick switching between snapshot and release
- moved package-specific macros to the corresponding subpackage
--------------------------------------------------------------------------------


================================================================================
 aime-7.20131209-1.fc18 (FEDORA-2013-23842)
 An application embeddable programming language interpreter
--------------------------------------------------------------------------------
Update Information:

New version.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Dec 21 2013 Christopher Meng <rpm@xxxxxxxx> - 7.20131209-1
- Update to 7.20131209
* Fri Oct 11 2013 Christopher Meng <rpm@xxxxxxxx> - 6.20130921-1
- Update to 6.20130921
--------------------------------------------------------------------------------


================================================================================
 libnet-1.1.6-7.fc18 (FEDORA-2013-23775)
 C library for portable packet creation and injection
--------------------------------------------------------------------------------
Update Information:

- Run autoreconf to recognize aarch64 (#925813)
- Conditionalized usage of %{_lib} vs %{_libdir} for RHEL < 7
- Tight run-time dependencies between sub-packages via %{?_isa}
--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec 20 2013 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 1.1.6-7
- Run autoreconf to recognize aarch64 (#925813)
- Conditionalized usage of %{_lib} vs %{_libdir} for RHEL < 7
- Tight run-time dependencies between sub-packages via %{?_isa}
* Sat Aug  3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.1.6-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.1.6-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #925813 - libnet: Does not support aarch64 in f19 and rawhide
        https://bugzilla.redhat.com/show_bug.cgi?id=925813
--------------------------------------------------------------------------------


================================================================================
 lightdm-1.4.5-3.fc18 (FEDORA-2013-23816)
 Lightweight Display Manager
--------------------------------------------------------------------------------
Update Information:

Fix scriptlet error
--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 11 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.4.5-3
- sync scriptlets with f20+ branch (#1029006)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1029006 - Error in PREUN scriptlet in rpm package lightdm-1.4.0-2.fc18.armv6hl
        https://bugzilla.redhat.com/show_bug.cgi?id=1029006
--------------------------------------------------------------------------------


================================================================================
 lyx-2.0.7-1.fc18 (FEDORA-2013-23789)
 WYSIWYM (What You See Is What You Mean) document processor
--------------------------------------------------------------------------------
Update Information:

Latest stable update. For further details see http://www.lyx.org/announce/2_0_7.txt
--------------------------------------------------------------------------------
ChangeLog:

* Sat Dec 21 2013 José Matos <jamatos@xxxxxxxxxxxxxxxxx> - 2.0.7-1
- update to 2.0.7
* Sat Aug  3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.0.6-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Sat Jul 27 2013 pmachata@xxxxxxxxxx - 2.0.6-2
- Rebuild for boost 1.54.0
--------------------------------------------------------------------------------


================================================================================
 mate-power-manager-1.6.3-1.fc18 (FEDORA-2013-23833)
 MATE power management service
--------------------------------------------------------------------------------
Update Information:

- updated to 1.6.3 release
--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec 20 2013 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.6.3-1
- updated to 1.6.3 release
- fix build, add  mate-power-manager_set-DISABLE_DEPRECATED-to-an-empty-string.patch
- remove BR mate-keyring-devel
- fix bogus date in %changelog
--------------------------------------------------------------------------------


================================================================================
 mate-settings-daemon-1.6.2-1.fc18 (FEDORA-2013-23798)
 MATE Desktop settings daemon
--------------------------------------------------------------------------------
Update Information:

- update to 1.6.2 release
--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec 20 2013 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.6.2-1
- update to 1.6.2 release
--------------------------------------------------------------------------------


================================================================================
 ngrep-1.45-15.git20131221.16ba99a.fc18 (FEDORA-2013-23762)
 Network layer grep tool
--------------------------------------------------------------------------------
Update Information:

- Checkout from official repo(BZ#1044630).
- Remove patch for system pcre as configure script can handle it now.
- Add format security check fix due to dumb GCC.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Dec 21 2013 Christopher Meng <rpm@xxxxxxxx> - 1.45-15.git20131221.16ba99a
- Checkout from official repo(BZ#1044630).
- Remove patch for system pcre as configure script can handle it now.
- Add format security check fix due to dumb GCC.
* Mon Aug 26 2013 Christopher Meng <rpm@xxxxxxxx> - 1.45-14
- SPEC Cleanup.
- AArch64 support(BZ#926232).
* Sat Aug  3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.45-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.45-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1044630 - ngrep completely broken with latest libpcap 1.5 snapshot
        https://bugzilla.redhat.com/show_bug.cgi?id=1044630
--------------------------------------------------------------------------------


================================================================================
 nomacs-1.6.2-1.fc18 (FEDORA-2013-23839)
 Lightweight image viewer
--------------------------------------------------------------------------------
Update Information:

Version bump.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec 20 2013 TI_Eugene <ti.eugene@xxxxxxxxx> 1.6.2-1
- Version bump.
* Tue Dec  3 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> - 1.6.0.2-2
- rebuild (exiv2)
--------------------------------------------------------------------------------


================================================================================
 proftpd-1.3.4d-5.fc18 (FEDORA-2013-23806)
 Flexible, stable and highly-configurable FTP server
--------------------------------------------------------------------------------
Update Information:

This update adds 3072-bit, 7680-bit and 8192-bit Diffie-Hellman group parameters, needed for support of some ciphers such as aes-256-ctr.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec 20 2013 Paul Howarth <paul@xxxxxxxxxxxx> 1.3.4d-5
- Fix support for 8192-bit DH parameters (#1044586)
- Add 3072-bit and 7680-bit DH parameters (upstream bug 4002)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1044586 - proftpd does not ship 8192 bit dh parameter
        https://bugzilla.redhat.com/show_bug.cgi?id=1044586
--------------------------------------------------------------------------------


================================================================================
 rubygem-mixlib-cli-1.4.0-1.fc18 (FEDORA-2013-23829)
 Simple Ruby mix-in for CLI interfaces
--------------------------------------------------------------------------------
Update Information:

Update to 1.4.0 (bz#1038983)
--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec 20 2013 Julian C. Dunn <jdunn@xxxxxxxxxxxx> - 1.4.0-1
- Update to 1.4.0 (bz#1038983)
* Sun Aug  4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Fri Mar  8 2013 Josef Stribny <jstribny@xxxxxxxxxx> - 1.3.0-3
- Rebuild for https://fedoraproject.org/wiki/Features/Ruby_2.0.0
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1038983 - rubygem-mixlib-cli-1.4.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1038983
--------------------------------------------------------------------------------


================================================================================
 rubygem-mixlib-config-2.1.0-1.fc18 (FEDORA-2013-23778)
 Simple Ruby config mix-in
--------------------------------------------------------------------------------
Update Information:

Upgrade to 2.1.0 (bz#1038984)
--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec 20 2013 Julian C. Dunn <jdunn@xxxxxxxxxxxx> - 2.1.0-1
- Upgrade to 2.1.0 (bz#1038984)
* Sun Sep 15 2013 Julian C. Dunn <jdunn@xxxxxxxxxxxx> - 2.0.0-1
- Upgrade to 2.0.0 (bz#1012369)
* Sun Aug  4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.1.2-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Fri Mar  8 2013 Josef Stribny <jstribny@xxxxxxxxxx> - 1.1.2-5
- Rebuild for https://fedoraproject.org/wiki/Features/Ruby_2.0.0
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.1.2-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1038984 - rubygem-mixlib-config-2.1.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1038984
--------------------------------------------------------------------------------


================================================================================
 scap-security-guide-0.1.4-1.fc18 (FEDORA-2013-23779)
 Security guidance and baselines in SCAP formats
--------------------------------------------------------------------------------
Update Information:

Rebase to upstream 0.1.4 version (includes fix for RH BZ#1040335)

--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec 20 2013 Jan iankko Lieskovsky <jlieskov@xxxxxxxxxx> 0.1.4-1
- Fix remediation for sshd set keepalive (ClientAliveCountMax) and move
  it to /shared
- Add shared remediations for sshd disable empty passwords and
  sshd set idle timeout
- Shared remediation for sshd disable root login
- Add empty -compat subpackage to ensure backward-compatibility with
  openscap-content and firstaidkit-plugin-openscap packages (RH BZ#1040335)
- OVAL check for sshd disable root login
- Fix typo in OVAL check for sshd disable empty passwords
- OVAL check for sshd disable empty passwords
- Unselect no shelllogin for systemaccounts rule from being run by default
- Rename XCCDF rules
- Revert Set up Fedora release name and CPE based on build system properties
- Shared OVAL check for Verify that Shared Library Files Have Root Ownership
- Shared OVAL check for Verify that System Executables Have Restrictive Permissions
- Shared OVAL check for Verify that System Executables Have Root Ownership
- Shared OVAL check for Verify that Shared Library Files Have Restrictive
  Permissions
- Fix remediation for Disable Prelinking rule
- OVAL check and remediation for sshd's ClientAliveCountMax rule
- OVAL check for sshd's ClientAliveInterval rule
- Include descriptions for permissions section, and rules for checking
  permissions and ownership of shared library files and system executables
- Disable selected rules by default
- Add remediation for Disable Prelinking rule
- Adjust service-enable-macro, service-disable-macro XSLT transforms
  definition to evaluate to proper systemd syntax
- Fix service_ntpd_enabled OVAL check make validate to pass again
- Include patch from Šimon Lukašík to obsolete openscap-content
  package (RH BZ#1028706)
- Add OVAL check to test if there's is remote NTP server configured for
  time data
- Add system settings section for the guide (to track system wide
  hardening configurations)
- Include disable prelink rule and OVAL check for it
- Initial OVAL check if ntpd service is enabled. Add package_installed
  OVAL templating directory structure and functionality.
- Include services section, and XCCDF description for selected ntpd's
  sshd's service rules
- Include remediations for login.defs' based password minimum, maximum and
  warning age rules
- Include directory structure to support remediations
- Add SCAP "replace or append pattern value in text file based on variable"
  remediation script generator
- Add remediation for "Set Password Minimum Length in login.defs" rule
* Mon Nov 18 2013 Jan iankko Lieskovsky <jlieskov@xxxxxxxxxx> 0.1.3-1
- Update versioning scheme - move fedorassgrelease to be part of
  upstream version. Rename it to fedorassgversion to avoid name collision
  with Fedora package release.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1040335 - opescap should provide openscap-content and firstaidkit-plugin-openscap in the package
        https://bugzilla.redhat.com/show_bug.cgi?id=1040335
--------------------------------------------------------------------------------


================================================================================
 vifir-0.9-21.fc18 (FEDORA-2013-23758)
 A viewer for electronic aviation charts
--------------------------------------------------------------------------------
Update Information:

* Sat Dec 21 2013 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 0.9-21
- Remove poppler dep (rhbz#1043506)
* Thu Nov 28 2013 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 0.9-20
- Rebuild for libgps
--------------------------------------------------------------------------------
ChangeLog:

* Sat Dec 21 2013 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 0.9-21
- Remove poppler dep (rhbz#1043506)
* Thu Nov 28 2013 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 0.9-20
- Rebuild for libgps
* Mon Aug 19 2013 Marek Kasik <mkasik@xxxxxxxxxx> - 0.9-19
- Rebuild (poppler-0.24.0)
* Sun Aug  4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.9-18
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Sun Jun 30 2013 Bruno Wolff III <bruno@xxxxxxxx> - 0.9-17
- Rebuild for poppler soname bump
* Wed Jun 26 2013 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 0.9-16
- Rebuild poppler
* Fri Feb 15 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.9-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Fri Jan 18 2013 Marek Kasik <mkasik@xxxxxxxxxx> - 0.9-14
- Rebuild (poppler-0.22.0)
* Sat Nov 10 2012 Fabian Affolter <mail@xxxxxxxxxxxxxxxxxx> - 0.9-13
- Rebuild for F19
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1043506 - Vifir doesn't need poppler
        https://bugzilla.redhat.com/show_bug.cgi?id=1043506
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test





[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux