The following Fedora 19 Security updates need testing: Age URL 77 https://admin.fedoraproject.org/updates/FEDORA-2013-19262/quassel-0.9.1-1.fc19 69 https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glance-2013.1.4-1.fc19 27 https://admin.fedoraproject.org/updates/FEDORA-2013-22919/net-snmp-5.7.2-13.fc19 14 https://admin.fedoraproject.org/updates/FEDORA-2013-23592/rubygem-actionpack-3.2.13-3.fc19 14 https://admin.fedoraproject.org/updates/FEDORA-2013-23622/ibus-chewing-1.4.4-1.fc19 13 https://admin.fedoraproject.org/updates/FEDORA-2013-23722/libjpeg-turbo-1.2.90-3.fc19 10 https://admin.fedoraproject.org/updates/FEDORA-2013-23922/nss-3.15.3.1-1.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2013-24023/varnish-3.0.5-1.fc19 5 https://admin.fedoraproject.org/updates/FEDORA-2013-24079/mingw-openjpeg-1.5.1-7.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2013-24119/asterisk-11.7.0-1.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2013-24114/libsrtp-1.4.4-9.20101004cvs.fc19 1 https://admin.fedoraproject.org/updates/FEDORA-2014-0020/goffice-0.10.9-1.fc19,gnumeric-1.12.9-1.fc19,gnome-chemistry-utils-0.14.5-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-0136/python-libcloud-0.13.3-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-0094/rubygem-will_paginate-3.0.4-2.fc19 The following Fedora 19 Critical Path updates have yet to be approved: Age URL 43 https://admin.fedoraproject.org/updates/FEDORA-2013-21772/unzip-6.0-11.fc19 18 https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmarks-15-5.fc19 13 https://admin.fedoraproject.org/updates/FEDORA-2013-23706/crontabs-1.11-7.20130830git.fc19 13 https://admin.fedoraproject.org/updates/FEDORA-2013-23691/selinux-policy-3.12.1-74.16.fc19 13 https://admin.fedoraproject.org/updates/FEDORA-2013-23727/libdvdnav-4.2.1-1.fc19,libdvdread-4.2.1-1.fc19 13 https://admin.fedoraproject.org/updates/FEDORA-2013-23739/krb5-1.11.3-18.fc19 13 https://admin.fedoraproject.org/updates/FEDORA-2013-23722/libjpeg-turbo-1.2.90-3.fc19 12 https://admin.fedoraproject.org/updates/FEDORA-2013-23760/llvm-3.3-4.fc19 11 https://admin.fedoraproject.org/updates/FEDORA-2013-23871/libbluray-0.5.0-2.fc19 10 https://admin.fedoraproject.org/updates/FEDORA-2013-23922/nss-3.15.3.1-1.fc19 5 https://admin.fedoraproject.org/updates/FEDORA-2013-24072/tracker-0.16.2-3.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-0158/perl-Encode-2.54-2.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-0051/libldb-1.1.16-4.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-0039/gnutls-3.1.18-3.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-0062/hwdata-0.259-1.fc19 The following builds have been pushed to Fedora 19 updates-testing darktable-1.4-1.fc19 dovecot-2.2.10-1.fc19 drupal7-7.25-1.fc19 gimp-elsamuko-24-2.fc19 glances-1.7.2-1.fc19 glusterfs-3.4.2-1.fc19 haveged-1.8-0.fc19 kde-plasma-nm-0.9.3.2-3.fc19 nx-libs-3.5.0.21-5.fc19 parcellite-1.1.7-2.fc19 perl-Encode-2.54-2.fc19 php-sabre-dav-1.8.7-1.fc19 php-sabre-vobject-2.1.3-1.fc19 python-libcloud-0.13.3-1.fc19 quiterss-0.14.2-1.fc19 xfig-3.2.5-38.b.fc19 Details about builds: ================================================================================ darktable-1.4-1.fc19 (FEDORA-2014-0126) Utility to organize and develop raw images -------------------------------------------------------------------------------- Update Information: New darktable stable release 1.4 -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 1 2014 Edouard Bourguignon <madko@xxxxxxxxxxx> - 1.4-1 - Upgrade to 1.4 * Mon Dec 2 2013 Edouard Bourguignon <madko@xxxxxxxxxxx> - 1.4-0.1.rc1 - Upgrade to 1.4~rc1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1025748 - Darktable's background process is not closed after UI is closed https://bugzilla.redhat.com/show_bug.cgi?id=1025748 -------------------------------------------------------------------------------- ================================================================================ dovecot-2.2.10-1.fc19 (FEDORA-2014-0144) Secure imap and pop3 server -------------------------------------------------------------------------------- Update Information: * auth: passdb/userdb dict rewrite to support much more complex setups. See doc/example-config/dovecot-dict-auth.conf.ext. The old settings will continue to work. * auth: Added userdb result_success/failure/tempfail and skip settings, similar to passdb's. See http://wiki2.dovecot.org/UserDatabase * imap: Implemented SETQUOTA command for admin user when quota_set is configured. See http://master.wiki2.dovecot.org/Quota/Configuration * quota: Support "*" and "?" wildcards in mailbox names in quota_rules * mysql: Added ssl_verify_server_cert=no|yes parameter. This currently defaults to "no" to make sure nothing breaks, but likely will become "yes" in Dovecot v2.3. * ldap: Added blocking=yes setting to use auth worker processes for ldap lookups. This is a workaround for now to be able to use multiple simultaneous LDAP connections. * pop3c+dsync performance improvements * quota-status: quota_grace was ignored * ldap: Fixed memory leak with auth_bind=yes and without auth_bind_userdn. * imap: Don't send HIGHESTMODSEQ anymore on SELECT/EXAMINE when CONDSTORE/QRESYNC has never before been enabled for the mailbox. * imap: Fixes to handling mailboxes without permanent modseqs. (When [NOMODSEQ] is returned by SELECT, mainly with in-memory indexes.) * imap: Various fixes to METADATA support. * stats plugin: Processes that only temporarily dropped privileges (e.g. indexer-worker) may have been logging errors about not being able to open /proc/self/io. -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 2 2014 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 1:2.2.10-1 - dovecot updated to 2.2.10 - quota-status: quota_grace was ignored - ldap: Fixed memory leak with auth_bind=yes and without auth_bind_userdn. - imap: Don't send HIGHESTMODSEQ anymore on SELECT/EXAMINE when CONDSTORE/QRESYNC has never before been enabled for the mailbox. - imap: Fixes to handling mailboxes without permanent modseqs. (When [NOMODSEQ] is returned by SELECT, mainly with in-memory indexes.) - imap: Various fixes to METADATA support. - stats plugin: Processes that only temporarily dropped privileges (e.g. indexer-worker) may have been logging errors about not being able to open /proc/self/io. -------------------------------------------------------------------------------- ================================================================================ drupal7-7.25-1.fc19 (FEDORA-2014-0141) An open-source content-management platform -------------------------------------------------------------------------------- Update Information: Latest upstream. https://drupal.org/drupal-7.25-release-notes -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 3 2014 Jon Ciesla <limburgher@xxxxxxxxx> - 7.25-1 - 7.25, BZ 1048114. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1048114 - drupal7-7.25 is available https://bugzilla.redhat.com/show_bug.cgi?id=1048114 -------------------------------------------------------------------------------- ================================================================================ gimp-elsamuko-24-2.fc19 (FEDORA-2014-0125) Script collection for the GIMP -------------------------------------------------------------------------------- Update Information: New GIMP scripts. -------------------------------------------------------------------------------- References: [ 1 ] Bug #924682 - Review Request: gimp-elsamuko - Elsamukos script collection for the GIMP https://bugzilla.redhat.com/show_bug.cgi?id=924682 -------------------------------------------------------------------------------- ================================================================================ glances-1.7.2-1.fc19 (FEDORA-2014-0166) CLI curses based monitoring tool -------------------------------------------------------------------------------- Update Information: Upgrade to 1.7.2 -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 12 2013 Edouard Bourguignon <madko@xxxxxxxxxxx> - 1.7.2-1 - Update to 1.7.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1025996 - glances-1.7.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1025996 -------------------------------------------------------------------------------- ================================================================================ glusterfs-3.4.2-1.fc19 (FEDORA-2014-0139) Cluster File System -------------------------------------------------------------------------------- Update Information: GlusterFS 3.4.2 GA Update to glusterFS-3.4.2qa5 * include gfapi.py and the .../python*/site-packages/gluster/ -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 3 2014 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - 3.5.0-1 - GlusterFS 3.4.2 GA * Wed Dec 25 2013 Niels de Vos <ndevos@xxxxxxxxxx> - 3.4.2-0.1qa5 - GlusterFS 3.4.2 QA5, glusterfs-3.4.2-0.1qa5 - Correct source URL to automatic release location * Fri Dec 20 2013 Niels de Vos <ndevos@xxxxxxxxxx> - Include .../site-packages/gluster/gfapi.py in glusterfs-api * Thu Dec 19 2013 Niels de Vos <ndevos@xxxxxxxxxx> - Include the .../site-packages/gluster/__init__.py file by default, skip EL-5 and earlier (#1045123) * Tue Dec 17 2013 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - 3.4.2-0.1qa4 - GlusterFS 3.4.2 QA4 , glusterfs-3.4.2-0.1qa4 * Fri Dec 6 2013 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - 3.5.0-0.1qa3 - GlusterFS 3.5.0 QA3 , glusterfs-3.5.0-0.1qa3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1045123 - Latest Fedora 3.4.1 RPM does not install python gluster directory https://bugzilla.redhat.com/show_bug.cgi?id=1045123 -------------------------------------------------------------------------------- ================================================================================ haveged-1.8-0.fc19 (FEDORA-2014-0127) A Linux entropy source using the HAVEGE algorithm -------------------------------------------------------------------------------- Update Information: Fix of systemd issue. Update to version 1.8 -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 3 2014 Jirka Hladky <hladky.jiri@xxxxxxxxx> - 1.8-0 - Updated to the version 1.8 - Improvement to systemd service file - Fixed exit status * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.7-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1046493 - failed state at stop service https://bugzilla.redhat.com/show_bug.cgi?id=1046493 -------------------------------------------------------------------------------- ================================================================================ kde-plasma-nm-0.9.3.2-3.fc19 (FEDORA-2014-0146) Plasma applet written in QML for managing network connections -------------------------------------------------------------------------------- Update Information: Some upstream fixes -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 3 2014 Jan Grulich <jgrulich@xxxxxxxxxx> - 0.9.3.2-3 - More upstream fixes * Thu Jan 2 2014 Jan Grulich <jgrulich@xxxxxxxxxx> - 0.9.3.2-2 - Pickup some upstream fixes -------------------------------------------------------------------------------- ================================================================================ nx-libs-3.5.0.21-5.fc19 (FEDORA-2014-0123) NX X11 protocol compression libraries -------------------------------------------------------------------------------- Update Information: Provide /usr/share/X11/xkb/keymap.dir so nxagent can find keymap dir (bug #1033876) -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 3 2014 Orion Poplawski <orion@xxxxxxxxxxxxx> - 3.5.0.21-5 - Provide /usr/share/X11/xkb/keymap.dir so nxagent can find keymap dir (bug #1033876) * Thu Oct 10 2013 Orion Poplawski <orion@xxxxxxxxxxxxx> - 3.5.0.21-4 - Do not build/ship unneeded xlib18n libs -------------------------------------------------------------------------------- ================================================================================ parcellite-1.1.7-2.fc19 (FEDORA-2013-22485) A lightweight GTK+ clipboard manager -------------------------------------------------------------------------------- Update Information: This update fixes a problem with two duplicate action keys, several translation issues and a crash that occurred when right-clicking empty lines in the history. -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 3 2014 Christoph Wickert <cwickert@xxxxxxxxxxxxxxxxx> - 1.1.7-2 - Add 6 upstream patches to fix three segfaults (#1038899 is one of them), case-sensitive search, search-as-you-type and updates Russian translations * Wed Oct 16 2013 Christoph Wickert <cwickert@xxxxxxxxxxxxxxxxx> - 1.1.7-1 - Update to 1.1.7 (#1019649) -------------------------------------------------------------------------------- References: [ 1 ] Bug #913586 - [abrt] parcellite-1.1.4-1.fc18: _dbus_abort: Process /usr/bin/parcellite was killed by signal 6 (SIGABRT) https://bugzilla.redhat.com/show_bug.cgi?id=913586 [ 2 ] Bug #949190 - [abrt] parcellite-1.1.4-1.fc18: g_malloc0: Process /usr/bin/parcellite was killed by signal 5 (SIGTRAP) https://bugzilla.redhat.com/show_bug.cgi?id=949190 [ 3 ] Bug #1019649 - parcellite-1.1.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1019649 [ 4 ] Bug #1038899 - [abrt] parcellite-1.1.7-1.fc19: set_keys_from_prefs: Process /usr/bin/parcellite was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=1038899 -------------------------------------------------------------------------------- ================================================================================ perl-Encode-2.54-2.fc19 (FEDORA-2014-0158) Character encodings in Perl -------------------------------------------------------------------------------- Update Information: Passing non-string argument to decode_utf8() returned random data. This release fixes it to return stringified value of the argument. -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 3 2014 Petr Pisar <ppisar@xxxxxxxxxx> - 2.54-2 - Stringify all decode_utf8() arguments (bug #1048134) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1048134 - decode_utf8() returns gibberish on non-string value https://bugzilla.redhat.com/show_bug.cgi?id=1048134 -------------------------------------------------------------------------------- ================================================================================ php-sabre-dav-1.8.7-1.fc19 (FEDORA-2014-0160) WebDAV Framework for PHP -------------------------------------------------------------------------------- Update Information: What is SabreDAV SabreDAV allows you to easily add WebDAV support to a PHP application. SabreDAV is meant to cover the entire standard, and attempts to allow integration using an easy to understand API. Feature list: * Fully WebDAV compliant * Supports Windows XP, Windows Vista, Mac OS/X, DavFSv2, Cadaver, Netdrive, Open Office, and probably more. * Passing all Litmus tests. * Supporting class 1, 2 and 3 Webdav servers. * Locking support. * Custom property support. * CalDAV (tested with Evolution, iCal, iPhone and Lightning). * CardDAV (tested with OS/X addressbook, the iOS addressbook and Evolution). * Over 97% unittest code coverage. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1047551 - Review Request: php-sabre-dav - WebDAV Framework for PHP https://bugzilla.redhat.com/show_bug.cgi?id=1047551 -------------------------------------------------------------------------------- ================================================================================ php-sabre-vobject-2.1.3-1.fc19 (FEDORA-2014-0145) Library to parse and manipulate iCalendar and vCard objects -------------------------------------------------------------------------------- Update Information: The VObject library allows you to easily parse and manipulate iCalendar and vCard objects using PHP. The goal of the VObject library is to create a very complete library, with an easy to use API. This project is a spin-off from SabreDAV, where it has been used for several years. The VObject library has 100% unittest coverage. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1047532 - Review Request: php-sabre-vobject - Library to parse and manipulate iCalendar and vCard objects https://bugzilla.redhat.com/show_bug.cgi?id=1047532 -------------------------------------------------------------------------------- ================================================================================ python-libcloud-0.13.3-1.fc19 (FEDORA-2014-0136) A Python library to address multiple cloud provider APIs -------------------------------------------------------------------------------- Update Information: Security Fix - BUG: 1047867 1047868 -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 3 2014 Daniel Bruno <dbruno@xxxxxxxxxxxxxxxxx> - 0.13.3-1 - Security Fix - BUG: 1047867 1047868 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1047867 - CVE-2013-6480 python-libcloud: doesn't send scrub_data query parameter when destroying a DigitalOcean node https://bugzilla.redhat.com/show_bug.cgi?id=1047867 -------------------------------------------------------------------------------- ================================================================================ quiterss-0.14.2-1.fc19 (FEDORA-2014-0165) RSS/Atom aggregator -------------------------------------------------------------------------------- Update Information: Version bump. -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 3 2014 TI_Eugene <ti.eugene@xxxxxxxxx> - 0.14.2-1 - Version bump -------------------------------------------------------------------------------- ================================================================================ xfig-3.2.5-38.b.fc19 (FEDORA-2014-0163) An X Window System tool for drawing basic vector graphics -------------------------------------------------------------------------------- Update Information: Fix crash when creating lines with linestyle 3 -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 3 2014 Michal Srb <msrb@xxxxxxxxxx> - 3.2.5-38.b - Fix crash when creating lines with linestyle 3 - Resolves: rhbz#1023744 (Thanks to Maurizio Paolini and David Kaufmann) * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.2.5-37.b - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1023744 - xfig crashes when creating lines with linestyle 4 https://bugzilla.redhat.com/show_bug.cgi?id=1023744 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
