Fedora 19 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 19 Security updates need testing:
 Age  URL
  96  https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glance-2013.1.4-1.fc19
  41  https://admin.fedoraproject.org/updates/FEDORA-2013-23592/rubygem-actionpack-3.2.13-3.fc19
  33  https://admin.fedoraproject.org/updates/FEDORA-2013-24023/varnish-3.0.5-1.fc19
  19  https://admin.fedoraproject.org/updates/FEDORA-2014-0574/flite-1.3-20.fc19
  18  https://admin.fedoraproject.org/updates/FEDORA-2014-0621/graphviz-2.30.1-12.fc19
  17  https://admin.fedoraproject.org/updates/FEDORA-2014-0719/openjpeg-1.5.1-8.fc19
  14  https://admin.fedoraproject.org/updates/FEDORA-2014-0797/libinfinity-0.5.5-1.fc19
  13  https://admin.fedoraproject.org/updates/FEDORA-2014-0946/libmicrohttpd-0.9.33-1.fc19
  13  https://admin.fedoraproject.org/updates/FEDORA-2014-0934/memcached-1.4.17-1.fc19
  12  https://admin.fedoraproject.org/updates/FEDORA-2014-1004/ibus-chewing-1.4.6-1.fc19
  10  https://admin.fedoraproject.org/updates/FEDORA-2014-1100/nss-3.15.4-1.fc19,nss-softokn-3.15.4-1.fc19,nss-util-3.15.4-1.fc19
   6  https://admin.fedoraproject.org/updates/FEDORA-2014-1377/moodle-2.4.8-1.fc19
   5  https://admin.fedoraproject.org/updates/FEDORA-2014-1475/mupdf-1.1-5.fc19
   4  https://admin.fedoraproject.org/updates/FEDORA-2014-1559/xen-4.2.3-14.fc19
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-1560/mingw-openssl-1.0.1e-5.fc19
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-1734/quassel-0.9.2-1.fc19
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-1516/openstack-nova-2013.1.4-6.fc19
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-1648/lightdm-gtk-1.6.1-3.fc19
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-1802/mediawiki-1.21.5-1.fc19
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-1795/socat-1.7.2.3-1.fc19
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-1766/libpng12-1.2.50-4.fc19
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-1754/libpng10-1.0.60-6.fc19
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-1807/ikiwiki-3.20140125-1.fc19
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-1772/tpp-1.3.1-16.fc19


The following Fedora 19 Critical Path updates have yet to be approved:
 Age URL
  44  https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmarks-15-5.fc19
  13  https://admin.fedoraproject.org/updates/FEDORA-2014-0946/libmicrohttpd-0.9.33-1.fc19
  11  https://admin.fedoraproject.org/updates/FEDORA-2014-0752/firewalld-0.3.9.2-1.fc19
  10  https://admin.fedoraproject.org/updates/FEDORA-2014-1151/hwdata-0.260-1.fc19
  10  https://admin.fedoraproject.org/updates/FEDORA-2014-1100/nss-3.15.4-1.fc19,nss-softokn-3.15.4-1.fc19,nss-util-3.15.4-1.fc19
   8  https://admin.fedoraproject.org/updates/FEDORA-2014-1255/tigervnc-1.3.0-8.fc19
   8  https://admin.fedoraproject.org/updates/FEDORA-2014-1281/abattis-cantarell-fonts-0.0.15-1.fc19,caribou-0.4.13-1.fc19,dconf-0.16.1-1.fc19,file-roller-3.8.4-1.fc19,glib2-2.36.4-1.fc19,gmime-2.6.19-1.fc19,gnome-chess-3.8.5-1.fc19,gnome-color-manager-3.8.4-1.fc19,gnome-icon-theme-symbolic-3.8.3-1.fc19,gnome-mahjongg-3.8.1-1.fc19,gnome-mines-3.8.2-1.fc19,gnome-nibbles-3.8.1-1.fc19,gnome-robots-3.8.2-1.fc19,gnome-settings-daemon-3.8.6.1-1.fc19,iagno-3.8.3-1.fc19,json-glib-0.16.2-1.fc19,libgdata-0.13.4-1.fc19,libgee-0.10.5-1.fc19,libgtop2-2.28.5-1.fc19,libgweather-3.8.3-1.fc19,libnotify-0.7.6-1.fc19,libpeas-1.8.1-1.fc19,libsoup-2.42.3.1-1.fc19,libwnck3-3.4.7-1.fc19,nautilus-sendto-3.8.1-1.fc19,nemiver-0.9.5-1.fc19,orca-3.8.2-1.fc19,tali-3.8.2-1.fc19,swell-foop-3.8.2-1.fc19,vte3-0.34.9-1.fc19,vinagre-3.8.3-1.fc19
   7  https://admin.fedoraproject.org/updates/FEDORA-2014-1324/firefox-26.0-6.fc19
   6  https://admin.fedoraproject.org/updates/FEDORA-2014-1368/krb5-1.11.3-19.fc19
   6  https://admin.fedoraproject.org/updates/FEDORA-2014-1385/yum-3.4.3-132.fc19
   5  https://admin.fedoraproject.org/updates/FEDORA-2014-1438/libtool-2.4.2-23.fc19
   5  https://admin.fedoraproject.org/updates/FEDORA-2014-1451/pango-1.34.1-2.fc19
   4  https://admin.fedoraproject.org/updates/FEDORA-2014-1524/procps-ng-3.3.8-11.fc19
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-1564/libvorbis-1.3.4-1.fc19
   2  https://admin.fedoraproject.org/updates/FEDORA-2014-1599/libgsf-1.14.29-1.fc19
   1  https://admin.fedoraproject.org/updates/FEDORA-2014-1728/kernel-3.12.9-200.fc19


The following builds have been pushed to Fedora 19 updates-testing

    ghc-7.4.2-11.2.fc19
    homerun-1.2.0-1.fc19
    ikiwiki-3.20140125-1.fc19
    libpng10-1.0.60-6.fc19
    libpng12-1.2.50-4.fc19
    mediawiki-1.21.5-1.fc19
    mingw-freeimage-3.15.4-3.fc19
    ocaml-cppo-0.9.3-2.fc19
    ocserv-0.3.0-2.fc19
    pcp-3.8.12-1.fc19
    perl-DBD-Pg-2.19.3-4.fc19
    perl-DBD-SQLite-1.37-5.fc19
    perl-Throwable-0.102080-11.fc19
    perl-URI-Title-1.86-7.fc19
    pocl-0.9-1.fc19
    python-django-longerusername-0.4-4.20130204gite4e85d7d.fc19
    python-txzmq-0.7.0-1.fc19
    python-virtualenvwrapper-4.2-1.fc19
    rubygem-isolate-3.2.4-1.fc19
    socat-1.7.2.3-1.fc19
    sslsplit-0.4.8-1.fc19
    surfraw-2.2.9-1.fc19
    tpp-1.3.1-16.fc19
    wireshark-1.10.5-3.fc19
    x2goclient-4.0.1.3-3.fc19

Details about builds:


================================================================================
 ghc-7.4.2-11.2.fc19 (FEDORA-2014-1791)
 Glasgow Haskell Compiler
--------------------------------------------------------------------------------
Update Information:

- fix FFI segfault on i686 related to selinux double-mapping (http://ghc.haskell.org/trac/ghc/ticket/7629)
- build with -O2 on intel arch's using BuildFlavour perf
- enable debuginfo for the C code bits (see #989593)

--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 29 2014 Jens Petersen <petersen@xxxxxxxxxx> - 7.4.2-11.2
- fix segfault on i686 when using ffi double-mapping for selinux (#907515)
  see http://hackage.haskell.org/trac/ghc/ticket/7629
  (thanks Garrett Mitchener for patch committed upstream)
- enable debuginfo for C code bits (#989593)
- build intel arch's with BuildFlavour perf for -O2 (#880135)
* Sat Jul 27 2013 Jóhann B. Guðmundsson <johannbg@xxxxxxxxxxxxxxxxx>
- ghc-doc-index requires crontabs and mark cron file config noreplace
  (http://fedoraproject.org/wiki/Packaging:CronFiles)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #907515 - gtk2hs timer program compiled with ghc 7.4 segfaults on i686
        https://bugzilla.redhat.com/show_bug.cgi?id=907515
  [ 2 ] Bug #880135 - build all packages with ghc -O2
        https://bugzilla.redhat.com/show_bug.cgi?id=880135
--------------------------------------------------------------------------------


================================================================================
 homerun-1.2.0-1.fc19 (FEDORA-2014-1744)
 KDE Application Launcher
--------------------------------------------------------------------------------
Update Information:

Update to latest upstream version.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jan 27 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.2.0-1
- 1.2.0
--------------------------------------------------------------------------------


================================================================================
 ikiwiki-3.20140125-1.fc19 (FEDORA-2014-1807)
 A wiki compiler
--------------------------------------------------------------------------------
Update Information:

Update to the latest stable version.

Changes in ikiwiki 3.20140125:

* inline: Allow overriding the title of the feed. Closes: http://bugs.debian.org/735123 Thanks, Christophe Rhodes
* osm: Escape name parameter. Closes: http://bugs.debian.org/731797

Changes in ikiwiki 3.20140102:

* aggregate: Improve display of post author.
* poll: Fix behavior of poll buttons when inlined.
* Fixed unncessary tight loop hash copy in saveindex where a pointer can be used instead. Can speed up refreshes by nearly 50% in some circumstances.
* Optimized loadindex by caching the page name in the index.
* Added only_committed_changes config setting, which speeds up wiki refresh by querying git to find the files that were changed, rather than looking at the work tree. Not enabled by default as it can break some setups where not all files get committed to git.
* comments: Write pending moderation comments to the transient underlay to avoid conflict with only_committed_changes.
* search: Added google_search option, which makes it search google rather than using the internal xapain database. (googlesearch plugin is too hard to turn on when xapain databases corrupt themselves, which happens all too frequently).
* osm: Remove invalid use of charset on embedded javascript tags. Closes: http://bugs.debian.org/731197
* style.css: Add compatibility definitions for more block-level html5 elements. Closes: http://bugs.debian.org/731199
* aggregrate: Fix several bugs in handling of empty and colliding titles when generating filenames.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jan 25 2014 Thomas Moschny <thomas.moschny@xxxxxx> - 3.20140125-1
- Update to 3.20140125.
* Sat Jan 25 2014 Thomas Moschny <thomas.moschny@xxxxxx> - 3.20140102-1
- Update to 3.20140102.
- Modernize spec file.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1039938 - ikiwiki: osm plugin does not correctly sanitize parameters
        https://bugzilla.redhat.com/show_bug.cgi?id=1039938
--------------------------------------------------------------------------------


================================================================================
 libpng10-1.0.60-6.fc19 (FEDORA-2014-1754)
 Old version of libpng, needed to run old binaries
--------------------------------------------------------------------------------
Update Information:

This update fixes an issue in which an image with a missing or empty palette could cause a crash of a libpng10-using application (CVE-2013-6954).
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jan 23 2014 Paul Howarth <paul@xxxxxxxxxxxx> 1.0.60-6
- handle zero-length PLTE chunk or NULL palette with png_error(), to avoid
  later reading from a NULL pointer (png_ptr->palette) in
  png_do_expand_palette() (CVE-2013-6954)
* Sat Jul 27 2013 Paul Howarth <paul@xxxxxxxxxxxx> 1.0.60-5
- install docs to %{_pkgdocdir} where available
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1045561 - CVE-2013-6954 libpng: unhandled zero-length PLTE chunk or NULL palette
        https://bugzilla.redhat.com/show_bug.cgi?id=1045561
--------------------------------------------------------------------------------


================================================================================
 libpng12-1.2.50-4.fc19 (FEDORA-2014-1766)
 Old version of libpng, needed to run old binaries
--------------------------------------------------------------------------------
Update Information:

Adding patch CVE-2013-6954 (#1056856)
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 29 2014 Petr Hracek <phracek@xxxxxxxxxx> - 1.2.50-4
- Adding patch CVE-2013-6954 (#1056856)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1056856 - CVE-2013-6954 libpng12: libpng: unhandled zero-length PLTE chunk or NULL palette [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1056856
--------------------------------------------------------------------------------


================================================================================
 mediawiki-1.21.5-1.fc19 (FEDORA-2014-1802)
 A wiki engine
--------------------------------------------------------------------------------
Update Information:

- Update to 1.21.5
- (bug 60339) (CVE-2014-1610) SECURITY: Reported RCE in djvu thumbnailing
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan 28 2014 Patrick Uiterwijk <puiterwijk@xxxxxxxxxx> - 1.21.5-1
- Update to 1.21.5
- (bug 60339) (CVE-2014-1610) SECURITY: Reported RCE in djvu thumbnailing
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1058981 - CVE-2014-1610 mediawiki: remote code execution via uploaded DjVu or PDF files
        https://bugzilla.redhat.com/show_bug.cgi?id=1058981
--------------------------------------------------------------------------------


================================================================================
 mingw-freeimage-3.15.4-3.fc19 (FEDORA-2014-1800)
 MinGW Windows freeimage library
--------------------------------------------------------------------------------
Update Information:

Initial package
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1049546 - Review Request: mingw-freeimage - MinGW Windows freeimage library
        https://bugzilla.redhat.com/show_bug.cgi?id=1049546
--------------------------------------------------------------------------------


================================================================================
 ocaml-cppo-0.9.3-2.fc19 (FEDORA-2014-1789)
 Equivalent of the C preprocessor for OCaml programs
--------------------------------------------------------------------------------
Update Information:

Initial Fedora release of cppo for OCaml
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1055394 - Review Request: ocaml-cppo - Equivalent of the C preprocessor for OCaml programs
        https://bugzilla.redhat.com/show_bug.cgi?id=1055394
--------------------------------------------------------------------------------


================================================================================
 ocserv-0.3.0-2.fc19 (FEDORA-2014-1750)
 OpenConnect SSL VPN server
--------------------------------------------------------------------------------
Update Information:

Generated certificates no longer carry an expiration date.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 29 2014 Nikos Mavrogiannopoulos <nmav@xxxxxxxxxx> - 0.3.0-2
- Generated certificates no longer carry an expiration date.
* Mon Jan 27 2014 Nikos Mavrogiannopoulos <nmav@xxxxxxxxxx> - 0.3.0-1
- Updated to latest upstream version (0.3.0).
- Certificates and private keys are auto-generated.
* Mon Dec 16 2013 Nikos Mavrogiannopoulos <nmav@xxxxxxxxxx> - 0.2.3-1
- Updated to latest upstream version (0.2.3).
- Corrected the chroot directory in config file.
--------------------------------------------------------------------------------


================================================================================
 pcp-3.8.12-1.fc19 (FEDORA-2014-1781)
 System-level performance monitoring and performance management
--------------------------------------------------------------------------------
Update Information:

Resolves SNMP procfs file ICMP line parse issue (BZ 1055818)
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 29 2014 Nathan Scott <nathans@xxxxxxxxxx> - 3.8.12-1
- Resolves SNMP procfs file ICMP line parse issue (BZ 1055818)
- Update to latest PCP sources.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1055818 - pmcd SEGV in linux pmda
        https://bugzilla.redhat.com/show_bug.cgi?id=1055818
--------------------------------------------------------------------------------


================================================================================
 perl-DBD-Pg-2.19.3-4.fc19 (FEDORA-2014-1759)
 A PostgreSQL interface for perl
--------------------------------------------------------------------------------
Update Information:

This release adapts internal tests to PostgreSQL 9.3.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 29 2014 Petr Pisar <ppisar@xxxxxxxxxx> - 2.19.3-4
- Adapt to changes in Postgres 9.3 (bug #1058723)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1058723 - FTBFS: perl-DBD-Pg-2.19.3-5.fc21: tests fail
        https://bugzilla.redhat.com/show_bug.cgi?id=1058723
--------------------------------------------------------------------------------


================================================================================
 perl-DBD-SQLite-1.37-5.fc19 (FEDORA-2014-1743)
 SQLite DBI Driver
--------------------------------------------------------------------------------
Update Information:

This release adjusts internal tests for sqlite-3.8.2.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 29 2014 Petr Pisar <ppisar@xxxxxxxxxx> - 1.37-5
- Fix tests with sqlite >= 3.8.2 (bug #1058709)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1058709 - FTBFS: perl-DBD-SQLite-1.40-2.fc21: tests fail
        https://bugzilla.redhat.com/show_bug.cgi?id=1058709
--------------------------------------------------------------------------------


================================================================================
 perl-Throwable-0.102080-11.fc19 (FEDORA-2014-1797)
 Role for classes that can be thrown
--------------------------------------------------------------------------------
Update Information:

 
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 29 2014 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 0.102080-11
- Remove bogus R: perl(ExtUtils::MakeMaker) (RHBZ #1052853).
- Remove redundant R: perl(Moose).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1052853 - Unnecessary dependencies
        https://bugzilla.redhat.com/show_bug.cgi?id=1052853
--------------------------------------------------------------------------------


================================================================================
 perl-URI-Title-1.86-7.fc19 (FEDORA-2014-1779)
 Get the titles of things on the web in a sensible way
--------------------------------------------------------------------------------
Update Information:

This release fixes the Twitter post extraction feature. Note the optional LWP::Protocol::https module is necessary to use this.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan 28 2014 Petr Šabata <contyk@xxxxxxxxxx> - 1.86-7
- Fix the live test failures (#1058734, rt#92091)
- Minor spec cleanup
* Sun Aug  4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.86-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Wed Jul 24 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 1.86-5
- Perl 5.18 rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1058734 - FTBFS: perl-URI-Title-1.86-6.fc21: tests fail
        https://bugzilla.redhat.com/show_bug.cgi?id=1058734
--------------------------------------------------------------------------------


================================================================================
 pocl-0.9-1.fc19 (FEDORA-2014-1785)
 Portable Computing Language - an OpenCL implementation
--------------------------------------------------------------------------------
Update Information:

This update delivers the latest stable pocl release, including bug fixes and performance optimizations.
Update to the second release candidate of pocl-0.9 with many fixes for real-world applications.
Fix a dependency problem and update to the latest development version.
Fix a dependency problem and update to the latest development version.
Update to the second release candidate of pocl-0.9 with many fixes for real-world applications.
Fix a dependency problem and update to the latest development version.
Fix a dependency problem and update to the latest development version.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 29 2014 Fabian Deutsch <fabiand@xxxxxxxxxxxxxxxxx> - 0.9-1
- Update to 0.9
* Fri Jan 17 2014 Fabian Deutsch <fabiand@xxxxxxxxxxxxxxxxx> - 0.9-0.9.rc2
- Update to 0.9RC2
* Wed Jan 15 2014 Dave Airlie <airlied@xxxxxxxxxx> 0.9-0.8.git20131209.9374f32
- bump for rebuild against llvm 3.4
* Mon Dec  9 2013 Fabian Deutsch <fabiand@xxxxxxxxxxxxxxxxx> - 0.9-0.7.git20131209.9374f32
- Enable LLVM API mode
* Mon Dec  9 2013 Fabian Deutsch <fabiand@xxxxxxxxxxxxxxxxx> - 0.9-0.6.git20131209.7fc5dd0
- Update to a working snapshot
- Drop utlist.h from Makefile
- Set LLC_HOST_CPU to workaround incorrect CPU detection/missing LLVM support
* Mon Nov 11 2013 Fabian Deutsch <fabiand@xxxxxxxxxxxxxxxxx> - 0.9-0.5.git20131111.8a26561
- Fix Requirement
* Mon Nov 11 2013 Fabian Deutsch <fabiand@xxxxxxxxxxxxxxxxx> - 0.9-0.4.git20131111.8a26561
- Add BR on gcc-c++ temporarily
- Update to a newer snapshot
--------------------------------------------------------------------------------


================================================================================
 python-django-longerusername-0.4-4.20130204gite4e85d7d.fc19 (FEDORA-2014-1784)
 Make django auth.user username field longer
--------------------------------------------------------------------------------
Update Information:

Adjust dep to python-django14
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan 28 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.4-4.20130204gite4e85d7d
- Change dep to python-django14 for #950542
* Sun Aug  4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.4-3.20130204gite4e85d7d
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #950542 - Change requires to python-django14
        https://bugzilla.redhat.com/show_bug.cgi?id=950542
--------------------------------------------------------------------------------


================================================================================
 python-txzmq-0.7.0-1.fc19 (FEDORA-2014-1764)
 Twisted bindings for ZeroMQ
--------------------------------------------------------------------------------
Update Information:

Latest upstream
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan 28 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.7.0-1
- Latest upstream.
- Dropped support for older pyzmq.
* Tue Jan 14 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.6.2-3
- Narrow dep down to the twisted-core subpackage.
* Sun Aug  4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.6.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1013546 - python-txzmq-0.7.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1013546
--------------------------------------------------------------------------------


================================================================================
 python-virtualenvwrapper-4.2-1.fc19 (FEDORA-2014-1776)
 Enhancements to virtualenv
--------------------------------------------------------------------------------
Update Information:

Latest upstream http://virtualenvwrapper.readthedocs.org/en/latest/history.html
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan 28 2014 Ralph Bean <rbean@xxxxxxxxxx> - 4.2-1
- Latest upstream
* Wed Dec  4 2013 Ralph Bean <rbean@xxxxxxxxxx> - 4.1.1-2
- BuildRequires on python-pbr
* Wed Dec  4 2013 Ralph Bean <rbean@xxxxxxxxxx> - 4.1.1-1
- Latest upstream.
* Sun Aug  4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 4.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1052209 - python-virtualenvwrapper-4.2 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1052209
--------------------------------------------------------------------------------


================================================================================
 rubygem-isolate-3.2.4-1.fc19 (FEDORA-2014-1777)
 Very simple RubyGems sandbox
--------------------------------------------------------------------------------
Update Information:

New version 3.2.4 is released.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 29 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 3.2.4-1
- 3.2.4
* Sun Aug  4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.2.2-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 socat-1.7.2.3-1.fc19 (FEDORA-2014-1795)
 Bidirectional data relay between two data channels ('netcat++')
--------------------------------------------------------------------------------
Update Information:

Security update for CVE-2014-0019, which fixes a denial of service flaw in socat when using PROXY-CONNECT 
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 29 2014 Paul Wouters <pwouters@xxxxxxxxxx> - 1.7.2.3-1
- Updated to 1.7.2.3 for CVE-2014-0019
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1057746 - CVE-2014-0019 socat: PROXY-CONNECT address overflow
        https://bugzilla.redhat.com/show_bug.cgi?id=1057746
--------------------------------------------------------------------------------


================================================================================
 sslsplit-0.4.8-1.fc19 (FEDORA-2014-1763)
 Transparent and scalable SSL/TLS interception
--------------------------------------------------------------------------------
Update Information:

Rebase to upstream 0.4.8
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 29 2014 Patrick Uiterwijk <puiterwijk@xxxxxxxxxx> - 0.4.8-1
- Rebase to upstream 0.4.8
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1057237 - sslsplit 0.4.8 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1057237
--------------------------------------------------------------------------------


================================================================================
 surfraw-2.2.9-1.fc19 (FEDORA-2014-1765)
 Shell Users Revolutionary Front Rage Against the Web
--------------------------------------------------------------------------------
Update Information:

Update to the latest stable version 2.2.9.

Changes include:

* new elvi: S cisco debcodesearch github gmane jquery mdn mysqldoc oraclesearch pgdoc phpdoc pin wolfram yacy
* Changed elvi: aur deblists duckduckgo google
* Fixed elvi: ask, ctan, deli, genportage, jamendo, javasun, openbsd musicbrainz, rae, slashdot, slinuxdoc
* Removed elvi for dead sites: happypenguin, scroogle, sunonesearch (replaced by oraclesearch)

See http://surfraw.alioth.debian.org/ for the detailed changelog.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan 28 2014 Thomas Moschny <thomas.moschny@xxxxxx> - 2.2.9-1
- Update to 2.2.9.
- Modernize spec file.
* Sun Aug  4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.2.8-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Wed Jul 17 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 2.2.8-7
- Perl 5.18 rebuild
--------------------------------------------------------------------------------


================================================================================
 tpp-1.3.1-16.fc19 (FEDORA-2014-1772)
 A ncurses-based presentation tool
--------------------------------------------------------------------------------
Update Information:

976686, 976687: Don't execute commands with --exec by default (abe@xxxxxxxxxx)
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jan 18 2014 jesus m. rodriguez <jmrodri@xxxxxxxxx> 1.3.1-16
- 976686, 976687: add exec patch to spec file (jmrodri@xxxxxxxxx)
- 976686, 976687: Don't execute commands with --exec by default (abe@xxxxxxxxxx)
* Wed Jan 15 2014 jesus m. rodriguez <jmrodri@xxxxxxxxx> 1.3.1-15
- patch to make it work (jmrodri@xxxxxxxxx)
* Wed Jan 15 2014 jesus m. rodriguez <jesusr@xxxxxxxxxx> 1.3.1-14
- 977368: remove invalid vim-filesystem dependency (maxamillion@xxxxxxxxxxxxxxxxx)
* Sun Aug  4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3.1-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #976686 - CVE-2013-2208 tpp: Possibility of arbitrary code execution when processing untrusted TPP template [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=976686
  [ 2 ] Bug #976687 - CVE-2013-2208 tpp: Possibility of arbitrary code execution when processing untrusted TPP template [epel-6]
        https://bugzilla.redhat.com/show_bug.cgi?id=976687
--------------------------------------------------------------------------------


================================================================================
 wireshark-1.10.5-3.fc19 (FEDORA-2014-1753)
 Network traffic analyzer
--------------------------------------------------------------------------------
Update Information:

- Fixed paths in the desktop-file
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 29 2014 Peter Lemenkov <lemenkov@xxxxxxxxx> - 1.10.5-3
- Fixed paths in the desktop-file (see rhbz #1059188)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1059188 - pcap files are not opened by Wireshark when double-clicked in GNOME Nautilus
        https://bugzilla.redhat.com/show_bug.cgi?id=1059188
--------------------------------------------------------------------------------


================================================================================
 x2goclient-4.0.1.3-3.fc19 (FEDORA-2014-1790)
 X2Go Client application (Qt4)
--------------------------------------------------------------------------------
Update Information:

Add patch to fix libssh password auth issue (bug #1057871)
Update to 4.0.1.3:

- Fix audio for the Linux X2Go Client
- Rework keyboard setup in session profile manager (support for keyboard autodetection now)
- Configurable GSSAPI delegation
- Several translation updates (thanks to the i18n team!!!)
- Restrict access to x2goplugin.html to localhost by default.

- Update to 4.0.1.2:
    - Provide Keywords: key in .desktop file.
    - Store broker HTTPS certificate exceptions in $HOME/.x2go/ssl/exceptions (before: $HOME/ssl/exceptions). (Fixes: #328).
    - Perform sanity checks on data that comes in from X2Go Servers.  Prohibit the execution of arbitrary code via the ~/.bashrc file. (Fixes: #333).
    - Add option --broker-cacertfile. Allow usage of non-system-wide installed (self-signed) SSL certificate chains for https (SSL) session broker connections. (Fixes: #311).
    - Update man page for new --tray-icon cmdline option.
    - Update man page for --broker-url. Explain the syntax of <URL>.
    - Properly handle (=expand) the "~" character in key filenames. (Brought to attention by Eldamir on IRC. Thanks!).
    - Expand tilde operator for all other file paths handed over to X2Go Client via sessions file or cmdline parameter.
    - Syntax fix of x2goclient.desktop file.
    - Test for various file locations of the pulseaudio cookie file.
    - Strip whitespaces off of user name, host name and other strings when loading / saving session profiles. (Fixes: #315).
    - New option --tray-icon. Force showing the tray icon, even for hidden sessions. Also allow creation of .desktop files with --tray-icon optionally being enabled. (Fixes: #316).
    - Update Spanish translation.
    - Support for keys "shadowuser" "shadowdisplay" and "shadowmode" in config file. This allows choosing the default display for shadow sessions.
    - Support for GSSApi(Kerberos 5) authentication. Using ssh/scp commands on Linux and Mac and plink/pscp on Windows.
    - Support for ChallengeResponseAuthentication (Google Authenticator)
    - Additional check if authentication with GSSApi successfull
    - c121b7e2d3d83abdc2d7a29637bc3294e38b2ec3 broke checking if remote command produce only stderr and not stdout. It made x2goclient crash if x2gostartagent send LIMIT error. Current commit fixes this issue.
    - SshMasterConnection should use current user name if no user name is specified in session settings
    - GSSApi(Kerberos 5) authentication for sshproxy and sshbroker
    - Handle SSH host key changes more elegantly and allow user interaction if such a host key change occurs. (Fixes: #241).

- Update summary and description from upstream
- Split out browser plugin into x2goplugin package
- Add x2goplugin-provider package for apache config
Fix cpu usage after connect with libssh 0.6.0.
Update to 4.0.1.3:

- Fix audio for the Linux X2Go Client
- Rework keyboard setup in session profile manager (support for keyboard autodetection now)
- Configurable GSSAPI delegation
- Several translation updates (thanks to the i18n team!!!)
- Restrict access to x2goplugin.html to localhost by default.

- Update to 4.0.1.2:
    - Provide Keywords: key in .desktop file.
    - Store broker HTTPS certificate exceptions in $HOME/.x2go/ssl/exceptions (before: $HOME/ssl/exceptions). (Fixes: #328).
    - Perform sanity checks on data that comes in from X2Go Servers.  Prohibit the execution of arbitrary code via the ~/.bashrc file. (Fixes: #333).
    - Add option --broker-cacertfile. Allow usage of non-system-wide installed (self-signed) SSL certificate chains for https (SSL) session broker connections. (Fixes: #311).
    - Update man page for new --tray-icon cmdline option.
    - Update man page for --broker-url. Explain the syntax of <URL>.
    - Properly handle (=expand) the "~" character in key filenames. (Brought to attention by Eldamir on IRC. Thanks!).
    - Expand tilde operator for all other file paths handed over to X2Go Client via sessions file or cmdline parameter.
    - Syntax fix of x2goclient.desktop file.
    - Test for various file locations of the pulseaudio cookie file.
    - Strip whitespaces off of user name, host name and other strings when loading / saving session profiles. (Fixes: #315).
    - New option --tray-icon. Force showing the tray icon, even for hidden sessions. Also allow creation of .desktop files with --tray-icon optionally being enabled. (Fixes: #316).
    - Update Spanish translation.
    - Support for keys "shadowuser" "shadowdisplay" and "shadowmode" in config file. This allows choosing the default display for shadow sessions.
    - Support for GSSApi(Kerberos 5) authentication. Using ssh/scp commands on Linux and Mac and plink/pscp on Windows.
    - Support for ChallengeResponseAuthentication (Google Authenticator)
    - Additional check if authentication with GSSApi successfull
    - c121b7e2d3d83abdc2d7a29637bc3294e38b2ec3 broke checking if remote command produce only stderr and not stdout. It made x2goclient crash if x2gostartagent send LIMIT error. Current commit fixes this issue.
    - SshMasterConnection should use current user name if no user name is specified in session settings
    - GSSApi(Kerberos 5) authentication for sshproxy and sshbroker
    - Handle SSH host key changes more elegantly and allow user interaction if such a host key change occurs. (Fixes: #241).

- Update summary and description from upstream
- Split out browser plugin into x2goplugin package
- Add x2goplugin-provider package for apache config
Fix cpu usage after connect with libssh 0.6.0.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan 29 2014 Orion Poplawski <orion@xxxxxxxxxxxxx> - 4.0.1.3-3
- Add patch to fix libssh password auth issue (bug #1057871)
* Wed Jan 22 2014 Orion Poplawski <orion@xxxxxxxxxxxxx> - 4.0.1.3-2
- Add patch to fix libssh timeout issue (bug #1053923)
* Wed Jan 22 2014 Orion Poplawski <orion@xxxxxxxxxxxxx> - 4.0.1.3-1
- Update to 4.0.1.3
- Drop provider patch applied upstream
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1057871 - x2goclient fails to connect with password ("Authentication failed")
        https://bugzilla.redhat.com/show_bug.cgi?id=1057871
  [ 2 ] Bug #1053923 - libssh updaet causes 100% cpu
        https://bugzilla.redhat.com/show_bug.cgi?id=1053923
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test





[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux