The following Fedora 19 Security updates need testing: Age URL 102 https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glance-2013.1.4-1.fc19 47 https://admin.fedoraproject.org/updates/FEDORA-2013-23592/rubygem-actionpack-3.2.13-3.fc19 39 https://admin.fedoraproject.org/updates/FEDORA-2013-24023/varnish-3.0.5-1.fc19 24 https://admin.fedoraproject.org/updates/FEDORA-2014-0621/graphviz-2.30.1-12.fc19 20 https://admin.fedoraproject.org/updates/FEDORA-2014-0797/libinfinity-0.5.5-1.fc19 7 https://admin.fedoraproject.org/updates/FEDORA-2014-1734/quassel-0.9.2-1.fc19 7 https://admin.fedoraproject.org/updates/FEDORA-2014-1648/lightdm-gtk-1.6.1-3.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-1802/mediawiki-1.21.5-1.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-1795/socat-1.7.2.3-1.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-1766/libpng12-1.2.50-4.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-1754/libpng10-1.0.60-6.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-1807/ikiwiki-3.20140125-1.fc19 4 https://admin.fedoraproject.org/updates/FEDORA-2014-1817/libyaml-0.1.4-6.fc19 4 https://admin.fedoraproject.org/updates/FEDORA-2014-1828/ghdl-0.31-1.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-1864/curl-7.29.0-13.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-1883/zarafa-7.1.8-1.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-1916/chrony-1.29.1-1.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-1955/tpp-1.3.1-17.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-1910/ibus-chewing-1.4.10.1-1.fc19 1 https://admin.fedoraproject.org/updates/FEDORA-2014-1972/fwsnort-1.6.4-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-1999/pidgin-2.10.9-1.fc19 The following Fedora 19 Critical Path updates have yet to be approved: Age URL 50 https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmarks-15-5.fc19 13 https://admin.fedoraproject.org/updates/FEDORA-2014-1324/firefox-26.0-6.fc19 12 https://admin.fedoraproject.org/updates/FEDORA-2014-1368/krb5-1.11.3-19.fc19 11 https://admin.fedoraproject.org/updates/FEDORA-2014-1438/libtool-2.4.2-23.fc19 11 https://admin.fedoraproject.org/updates/FEDORA-2014-1451/pango-1.34.1-2.fc19 10 https://admin.fedoraproject.org/updates/FEDORA-2014-1524/procps-ng-3.3.8-11.fc19 8 https://admin.fedoraproject.org/updates/FEDORA-2014-1599/libgsf-1.14.29-1.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-1860/linux-firmware-20140131-34.gitd7f8a7c8.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-1864/curl-7.29.0-13.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-1874/abrt-2.1.12-1.fc19,libreport-2.1.12-1.fc19,abrt-java-connector-1.0.8-1.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-1879/ibus-1.5.5-2.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-1958/livecd-tools-19.9-1.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-1916/chrony-1.29.1-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-2022/gupnp-tools-0.8.9-1.fc19,gupnp-av-0.12.5-1.fc19,gupnp-0.20.10-1.fc19,gssdp-0.14.7-1.fc19 The following builds have been pushed to Fedora 19 updates-testing aprsdigi-3.5.1-2.fc19 bcfg2-1.3.3-4.fc19 ffcall-1.10-14.20120424cvs.fc19 groonga-3.1.2-1.fc19 gssdp-0.14.7-1.fc19 gupnp-0.20.10-1.fc19 gupnp-av-0.12.5-1.fc19 gupnp-tools-0.8.9-1.fc19 httpie-0.8.0-1.fc19 mozilla-adblockplus-2.4.1-1.fc19 mysql-connector-python-1.1.5-1.fc19 perl-Email-Address-List-0.04-1.fc19 perl-No-Worries-1.1-1.fc19 php-tcpdf-6.0.059-1.fc19 pidgin-2.10.9-1.fc19 publican-4.0.0-0.1.fc19 python-celery-3.0.15-6.fc19 rubygem-sequel-4.7.0-2.fc19 Details about builds: ================================================================================ aprsdigi-3.5.1-2.fc19 (FEDORA-2014-1995) AX.25 Automatic Position Reporting System -------------------------------------------------------------------------------- Update Information: Initial import (#1016089). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1016089 - Review Request: aprsdigi - AX.25 Automatic Position Reporting System aprsdigi and aprsmon https://bugzilla.redhat.com/show_bug.cgi?id=1016089 -------------------------------------------------------------------------------- ================================================================================ bcfg2-1.3.3-4.fc19 (FEDORA-2014-2019) A configuration management system -------------------------------------------------------------------------------- Update Information: EPEL7 updates; EPEL5 bcfg2-web pkg disabled -------------------------------------------------------------------------------- ChangeLog: * Sat Feb 1 2014 John Morris <john@xxxxxxxxxxx> - 1.3.3-4 - Disable bcfg2-web package on EL5; bz #1058427 - Disable %check on EL7; missing EPEL deps - BR: systemd to pick up _unitdir macro * Mon Jan 27 2014 Sol Jerome <sol.jerome@xxxxxxxxx> - 1.3.3-4 - Fix BuildRequires for EPEL7's Django - Remove unnecessary client-side lxml dependency - Add Django dependency for bcfg2-web (the web package *does* require Django for the database) - Fix OS detection for RHEL7 initscripts -------------------------------------------------------------------------------- References: [ 1 ] Bug #1058427 - Add bcfg2 package to EPEL7 https://bugzilla.redhat.com/show_bug.cgi?id=1058427 -------------------------------------------------------------------------------- ================================================================================ ffcall-1.10-14.20120424cvs.fc19 (FEDORA-2014-2023) Libraries for foreign function call interfaces -------------------------------------------------------------------------------- Update Information: This update moves the RPM macro file from /etc/rpm to /usr/lib/rpm/macros.d. There are no other changes. -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 3 2014 Jerry James <loganjerry@xxxxxxxxx> - 1.10-14.20120424cvs - Update location of rpm macro file for rpm >= 4.11 -------------------------------------------------------------------------------- ================================================================================ groonga-3.1.2-1.fc19 (FEDORA-2014-2005) An Embeddable Fulltext Search Engine -------------------------------------------------------------------------------- Update Information: Update to 3.1.2. See http://groonga.org/docs/news.html#release-3-1-2 -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 3 2014 HAYASHI Kentaro <hayashi@xxxxxxxxxxxxxx> - 3.1.2-1 - new upstream release. * Tue Dec 31 2013 HAYASHI Kentaro <hayashi@xxxxxxxxxxxxxx> - 3.1.1-1 - new upstream release. -------------------------------------------------------------------------------- ================================================================================ gssdp-0.14.7-1.fc19 (FEDORA-2014-2022) Resource discovery and announcement over SSDP -------------------------------------------------------------------------------- Update Information: gssdp-0.14.7 ============ - Add mising function declaration. gupnp-0.20.10 ============= Changes since 0.20.9: - Make sure ResourceFactory creates proxies with the correct GType. - Make it possible to unsubscribe from a service proxy during a call-back. - Disable managed RootDevices on WL change in addition to ControlPoints. Bugs fixed in this release: - https://bugzilla.gnome.org/show_bug.cgi?id=678701 - https://bugzilla.gnome.org/show_bug.cgi?id=690400 - https://bugzilla.gnome.org/show_bug.cgi?id=711332 gnupg-av-0.12.5 =============== Changes since 0.12.4: - Fix name of cleartext-size property. - Fix creation of pv namespace in DIDLLite parser. - Check for empty mandatory tags in UpdateObject. Bugs fixed in this release: - https://bugzilla.gnome.org/show_bug.cgi?id=705522 - https://bugzilla.gnome.org/show_bug.cgi?id=719377 gupnp-tools-0.8.9 ================= Changes since 0.8.8: - Make DIDL-Lite dialog work when closed with "X". - Make UniversalCP behave nicer in busy networks where a lot of devices appear/disappear/reappear. Bugs fixed in this release: - https://bugzilla.gnome.org/show_bug.cgi?id=722245 - https://bugzilla.gnome.org/show_bug.cgi?id=723172 Added/updated translations - cs, courtesy of Marek ÄŒernocký - sr, courtesy of МироÑлав Ðиколић - sr@latin, courtesy of Miroslav Nikolić -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 4 2014 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> 0.14.7-1 - 0.14.7 release - http://ftp.gnome.org/pub/GNOME/sources/gssdp/0.14/gssdp-0.14.7.news * Sun Nov 3 2013 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> 0.14.6-1 - 0.14.6 release - http://ftp.gnome.org/pub/GNOME/sources/gssdp/0.14/gssdp-0.14.6.news -------------------------------------------------------------------------------- ================================================================================ gupnp-0.20.10-1.fc19 (FEDORA-2014-2022) A framework for creating UPnP devices & control points -------------------------------------------------------------------------------- Update Information: gssdp-0.14.7 ============ - Add mising function declaration. gupnp-0.20.10 ============= Changes since 0.20.9: - Make sure ResourceFactory creates proxies with the correct GType. - Make it possible to unsubscribe from a service proxy during a call-back. - Disable managed RootDevices on WL change in addition to ControlPoints. Bugs fixed in this release: - https://bugzilla.gnome.org/show_bug.cgi?id=678701 - https://bugzilla.gnome.org/show_bug.cgi?id=690400 - https://bugzilla.gnome.org/show_bug.cgi?id=711332 gnupg-av-0.12.5 =============== Changes since 0.12.4: - Fix name of cleartext-size property. - Fix creation of pv namespace in DIDLLite parser. - Check for empty mandatory tags in UpdateObject. Bugs fixed in this release: - https://bugzilla.gnome.org/show_bug.cgi?id=705522 - https://bugzilla.gnome.org/show_bug.cgi?id=719377 gupnp-tools-0.8.9 ================= Changes since 0.8.8: - Make DIDL-Lite dialog work when closed with "X". - Make UniversalCP behave nicer in busy networks where a lot of devices appear/disappear/reappear. Bugs fixed in this release: - https://bugzilla.gnome.org/show_bug.cgi?id=722245 - https://bugzilla.gnome.org/show_bug.cgi?id=723172 Added/updated translations - cs, courtesy of Marek ÄŒernocký - sr, courtesy of МироÑлав Ðиколић - sr@latin, courtesy of Miroslav Nikolić -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 4 2014 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> 0.20.10-1 - 0.20.10 release - http://ftp.gnome.org/pub/GNOME/sources/gupnp/0.20/gupnp-0.20.10.news -------------------------------------------------------------------------------- ================================================================================ gupnp-av-0.12.5-1.fc19 (FEDORA-2014-2022) A collection of helpers for building UPnP AV applications -------------------------------------------------------------------------------- Update Information: gssdp-0.14.7 ============ - Add mising function declaration. gupnp-0.20.10 ============= Changes since 0.20.9: - Make sure ResourceFactory creates proxies with the correct GType. - Make it possible to unsubscribe from a service proxy during a call-back. - Disable managed RootDevices on WL change in addition to ControlPoints. Bugs fixed in this release: - https://bugzilla.gnome.org/show_bug.cgi?id=678701 - https://bugzilla.gnome.org/show_bug.cgi?id=690400 - https://bugzilla.gnome.org/show_bug.cgi?id=711332 gnupg-av-0.12.5 =============== Changes since 0.12.4: - Fix name of cleartext-size property. - Fix creation of pv namespace in DIDLLite parser. - Check for empty mandatory tags in UpdateObject. Bugs fixed in this release: - https://bugzilla.gnome.org/show_bug.cgi?id=705522 - https://bugzilla.gnome.org/show_bug.cgi?id=719377 gupnp-tools-0.8.9 ================= Changes since 0.8.8: - Make DIDL-Lite dialog work when closed with "X". - Make UniversalCP behave nicer in busy networks where a lot of devices appear/disappear/reappear. Bugs fixed in this release: - https://bugzilla.gnome.org/show_bug.cgi?id=722245 - https://bugzilla.gnome.org/show_bug.cgi?id=723172 Added/updated translations - cs, courtesy of Marek ÄŒernocký - sr, courtesy of МироÑлав Ðиколић - sr@latin, courtesy of Miroslav Nikolić -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 4 2014 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> 0.12.5-1 - 0.12.5 release - http://ftp.gnome.org/pub/GNOME/sources/gupnp-av/0.12/gupnp-av-0.12.5.news * Mon Nov 18 2013 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> 0.12.4-1 - 0.12.4 release - http://ftp.gnome.org/pub/GNOME/sources/gupnp-av/0.12/gupnp-av-0.12.4.news * Wed Oct 16 2013 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> 0.12.3-1 - 0.12.3 release - http://ftp.gnome.org/pub/GNOME/sources/gupnp-av/0.12/gupnp-av-0.12.3.news * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.12.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ gupnp-tools-0.8.9-1.fc19 (FEDORA-2014-2022) A collection of dev tools utilising GUPnP and GTK+ -------------------------------------------------------------------------------- Update Information: gssdp-0.14.7 ============ - Add mising function declaration. gupnp-0.20.10 ============= Changes since 0.20.9: - Make sure ResourceFactory creates proxies with the correct GType. - Make it possible to unsubscribe from a service proxy during a call-back. - Disable managed RootDevices on WL change in addition to ControlPoints. Bugs fixed in this release: - https://bugzilla.gnome.org/show_bug.cgi?id=678701 - https://bugzilla.gnome.org/show_bug.cgi?id=690400 - https://bugzilla.gnome.org/show_bug.cgi?id=711332 gnupg-av-0.12.5 =============== Changes since 0.12.4: - Fix name of cleartext-size property. - Fix creation of pv namespace in DIDLLite parser. - Check for empty mandatory tags in UpdateObject. Bugs fixed in this release: - https://bugzilla.gnome.org/show_bug.cgi?id=705522 - https://bugzilla.gnome.org/show_bug.cgi?id=719377 gupnp-tools-0.8.9 ================= Changes since 0.8.8: - Make DIDL-Lite dialog work when closed with "X". - Make UniversalCP behave nicer in busy networks where a lot of devices appear/disappear/reappear. Bugs fixed in this release: - https://bugzilla.gnome.org/show_bug.cgi?id=722245 - https://bugzilla.gnome.org/show_bug.cgi?id=723172 Added/updated translations - cs, courtesy of Marek ÄŒernocký - sr, courtesy of МироÑлав Ðиколић - sr@latin, courtesy of Miroslav Nikolić -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 4 2014 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> 0.8.9-1 - Update to 0.8.9 - http://ftp.gnome.org/pub/GNOME/sources/gupnp-tools/0.8/gupnp-tools-0.8.9.news * Mon Nov 11 2013 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> 0.8.8-1 - Update to 0.8.8 - http://ftp.gnome.org/pub/GNOME/sources/gupnp-tools/0.8/gupnp-tools-0.8.8.news -------------------------------------------------------------------------------- ================================================================================ httpie-0.8.0-1.fc19 (FEDORA-2014-2003) A Curl-like tool for humans -------------------------------------------------------------------------------- Update Information: Latest upstream release. -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 31 2014 Ricky Elrod <codeblock@xxxxxxxxxxxxxxxxx> - 0.8.0-1 - Latest upstream release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1057992 - httpie-0.8.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1057992 -------------------------------------------------------------------------------- ================================================================================ mozilla-adblockplus-2.4.1-1.fc19 (FEDORA-2014-2026) Adblocking extension for Mozilla Firefox, Thunderbird, and SeaMonkey -------------------------------------------------------------------------------- Update Information: - This release introduces support for the Australis theme that will be introduced in future Firefox versions. - Default icon location is the navigation toolbar again (add-on bar is going away). - Fixed image preview in the list of blockable items (forum topic). - Fixed: Changes to Adblock Plus options didn’t always persist. -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 4 2014 Russell Golden <niveusluna@xxxxxxxxxxxxxx> - 2.4.1-1 - This release introduces support for the Australis theme that will be introduced in future Firefox versions. - Default icon location is the navigation toolbar again (add-on bar is going away). - Fixed image preview in the list of blockable items (forum topic). - Fixed keyboard shortcut on Mac OS X (Control key was used instead of Command). - Fixed: Changes to Adblock Plus options didn’t always persist. -------------------------------------------------------------------------------- ================================================================================ mysql-connector-python-1.1.5-1.fc19 (FEDORA-2014-1994) MySQL Connector for Python 2 -------------------------------------------------------------------------------- Update Information: Version 1.1.5 (2014-01-31) * BUG#17857712: Added fixes to use CPY with Django 1.6 * BUG#18040042: Fixed clearing session with pooled connection * BUG#17826833: Fixed executemany for INSERT with no VALUES-clause * BUG#17573172: Added support for access modes for START TRANSACTION * BUG#18054810: Fixed output of pylint to include msg_id * BUG#17889076: Fixed error handling for unittests.py using -t option * BUG#17780576: Added support for utf8mb4 character set * BUG#17958420: Fix error handling parse_column_count() -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 4 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.1.5-1 - version 1.1.5 GA http://dev.mysql.com/doc/relnotes/connector-python/en/news-1-1-5.html -------------------------------------------------------------------------------- ================================================================================ perl-Email-Address-List-0.04-1.fc19 (FEDORA-2014-2029) RFC close address list parsing -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- ================================================================================ perl-No-Worries-1.1-1.fc19 (FEDORA-2014-1996) Perl coding without worries -------------------------------------------------------------------------------- Update Information: Update to upstream version, rhbz #1054233. -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 31 2014 Massimo Paladin <massimo.paladin@xxxxxxxxx> 1.1-1 - Updating to upstream 1.1, rhbz #1054233. * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Thu Jul 25 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 1.0-2 - Perl 5.18 rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1054233 - Upgrade to new upstream version https://bugzilla.redhat.com/show_bug.cgi?id=1054233 -------------------------------------------------------------------------------- ================================================================================ php-tcpdf-6.0.059-1.fc19 (FEDORA-2014-2027) PHP class for generating PDF documents -------------------------------------------------------------------------------- Update Information: 6.0.059 (2014-02-03) * SVG 'use' support was imporved. 6.0.058 (2014-01-31) * Bug #886 "Bugs with SVG using <defs> and <use>" was fixed. 6.0.057 (2014-01-26) * Bug #883 "Parsing error" was fixed. 6.0.056 (2014-01-25) * The automatic cache folder selection now works also with some restricted hosting environments. * CSS text-transform property is now supported (requires the multibyte string library for php) - see examle n. 061 (Thanks to Walter Ferraz). * Bug #884 "Parsing error prev tag looking for" was fixed. 6.0.055 (2014-01-15) * Bug #880 "Error detecting hX tags (h1,h2..)" was fixed * Bug #879 "Thead on the second page inherits style of previous tr" was fixed 6.0.054 (2014-01-13) * Bug #877 "Parenteses causing corrupt text" was fixed. -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 4 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 6.0.059-1 - update to 6.0.059 -------------------------------------------------------------------------------- ================================================================================ pidgin-2.10.9-1.fc19 (FEDORA-2014-1999) A Gtk+ based multiprotocol instant messaging client -------------------------------------------------------------------------------- Update Information: Update to 2.10.9 -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 3 2014 Dan Mashal <dan.mashal@xxxxxxxxxxxxxxxxx> 2.10.9-1 - Update to 2.10.9 * Thu Sep 26 2013 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 2.10.7-9 - add explicit avahi build deps * Thu Aug 8 2013 Jan Synáček <jsynacek@xxxxxxxxxx> - 2.10.7-8 - Remove versioned docdirs, BZ 994039 * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.10.7-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Thu Aug 1 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 2.10.7-6 - Perl 5.18 rebuild * Fri Jul 19 2013 Orion Poplawski <orion@xxxxxxxxxxxxx> - 2.10.7-5 - Fix setting -fstack-protector on F20+, use -fstack-protector-strong there - Filter out provides from plugins * Wed Jul 17 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 2.10.7-4 - Perl 5.18 rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1056473 - CVE-2012-6152 pidgin: DoS when decoding non-UTF-8 strings in Yahoo protocol plugin https://bugzilla.redhat.com/show_bug.cgi?id=1056473 [ 2 ] Bug #1056479 - CVE-2013-6477 pidgin: DoS when handling timestamps in the XMPP plugin https://bugzilla.redhat.com/show_bug.cgi?id=1056479 [ 3 ] Bug #1056904 - CVE-2013-6478 pidgin: DoS when rendering long URLs https://bugzilla.redhat.com/show_bug.cgi?id=1056904 [ 4 ] Bug #1056907 - CVE-2013-6479 pidgin: DoS when parsing certain HTTP response headers https://bugzilla.redhat.com/show_bug.cgi?id=1056907 [ 5 ] Bug #1056908 - CVE-2013-6481 pidgin: DoS caused due to OOB read in Yahoo protocol plugin https://bugzilla.redhat.com/show_bug.cgi?id=1056908 [ 6 ] Bug #1056913 - CVE-2013-6482 pidgin: DoS via multiple null pointer dereferences in MSN protocol plugin https://bugzilla.redhat.com/show_bug.cgi?id=1056913 [ 7 ] Bug #1056978 - CVE-2013-6483 pidgin: Possible spoofing using iq replies in XMPP protocol plugin https://bugzilla.redhat.com/show_bug.cgi?id=1056978 [ 8 ] Bug #1057481 - CVE-2013-6484 pidgin: DoS via specially-crafted stun messages https://bugzilla.redhat.com/show_bug.cgi?id=1057481 [ 9 ] Bug #1057484 - CVE-2013-6485 pidgin: Heap-based buffer overflow when parsing chunked HTTP responses https://bugzilla.redhat.com/show_bug.cgi?id=1057484 [ 10 ] Bug #1057489 - CVE-2013-6487 pidgin: Heap-based buffer overflow in Gadu-Gadu protocol plugin https://bugzilla.redhat.com/show_bug.cgi?id=1057489 [ 11 ] Bug #1057490 - CVE-2013-6489 pidgin: Heap-based buffer overflow in MXit emoticon parsing https://bugzilla.redhat.com/show_bug.cgi?id=1057490 [ 12 ] Bug #1057498 - CVE-2013-6490 pidgin: Heap-based buffer overflow in SIMPLE protocol plugin https://bugzilla.redhat.com/show_bug.cgi?id=1057498 [ 13 ] Bug #1057502 - CVE-2014-0020 pidgin: DoS in IRC protocol plugin due to arguement parsing https://bugzilla.redhat.com/show_bug.cgi?id=1057502 -------------------------------------------------------------------------------- ================================================================================ publican-4.0.0-0.1.fc19 (FEDORA-2014-2018) Common files and scripts for publishing with DocBook XML -------------------------------------------------------------------------------- Update Information: New upstream with many enhancements and fixes: - Support DocBook 5 as input format. BZ #1005042 - Fix duplicate first author in PDF. BZ #996351 - Include DocBook 5-compatible templates. BZ #697366 - Fix UTF8 issue in ~/.publican.cfg. BZ #987325 - Replace abstract and subtitle xsl. BZ #953675 - Change Cover page font. BZ #1006134 - Fix TOC leader in PDF. BZ #1006056 - Fix PDF Legal Notice trademarks & formatting. BZ #970851 - Fix keyword lable showing in PDF when there are no keywords. BZ #1007146 - Indicate whether a translation is older in the web GUI. BZ #889031 - Include time in update_date. BZ #979846 - Support web site navigation for books without HTML. BZ #885916 - Support ascending Revision History. BZ #999578 - Add ability to compy installed brand web content to another site. BZ #967664 - Fix PDF example.properties template. BZ #999586 - Fix PUG PDF format for OpenSuse. BZ #999581 - Simplify highlight error message. BZ #987059 - Add css styles for table sizes. BZ #1005640 - Tidy up Build.PL for better CPAN support. BZ #999259 - Fix image path for icon.svg. BZ #1011222 - Fix print_unused not handling include from higher directories. BZ #1004955 - Fix SVG fallback to PNG. BZ #990823 - Fix subtitle font size. BZ #987431 - Support grouping of books within a version. BZ #901560 - Remove bold from titles in Indic scripts. BZ #1006135 - Overhaul EPUB, basic CSS, harcode chunking, fix errors. BZ #883159 - Fix duplicate file listing in EPUB. BZ #875119 - Fix objects in EPUB not in catalog. BZ #875125 - Fix duplicate ID's in EPUBs. BZ #875116 - Fix ConfigData not being reset after testing on all platforms. BZ #999427 - Fix links to step not functioning. BZ #1009015 - Support GIT for distributed sets. BZ #864226 - Fix Build.PL not handling .mo files. BZ #1016421 - Bold and Center titlepage edition. BZ #1017548 - Fix broken use of pushd in Build.PL. BZ #1018608 - Remove XML from spec file abstract. BZ #1018796 - Fix UTF8 in publican.cfg not being handled. BZ #1020059 - Fix Indic PDF build on F19. BZ #1018024 - Fix UTF8 encoding for title in Revision_History.xml BZ #1020570 - Fix browser not detecting UTF8 on HTML5 files with .html extension. BZ #1018659 - Fix styling of DB4 example, package, & option. Remove html.longdesc.embed xsl. BZ #1023248 - Fix UTF8 in Groups.xml. BZ #1022575 - Add translations for "Edition" BZ# 1007141 - Add translations for "English is newer" BZ #889031 - Fix broken or-IN translation. - Update DB4 CSS steps, stepalts, OLs, term. BZ #1026173 - Remove chunk override from html.xsl. BZ #1026563 - Fix path to POD. BZ #1026563 - Update CLI translations - Various fixes to Common Content + update Common Content translation. BZ #1027248 - Update and correct Debian installation instructions. BZ #1013934 - Correct OpenSUSE installation instructions. BZ #1000534 - Add Docker installation instructions. BZ #1015943 - Clarify where relative paths are used in brand instructions - BZ #1028815 - Update and clarify translation instructions BZ #1021287 - Expose glossterm in PO files to support sortas attribute. BZ #1030591 - Add report action to print readability statistics. BZ #1031364 - Change comment in syntax highlight to light grey. BZ #1030718 - Document use of "sortas" for indexes and glossaries in PUG - Fix newline in translation affecting output. BZ #1036150 -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 18 2013 Rüdiger Landmann <rlandmann@xxxxxxxxxx> 4.0.0-0.1 - (Build)Require FOP instead of wkhtmltopdf for Fedora * Wed Dec 18 2013 Rüdiger Landmann <rlandmann@xxxxxxxxxx> 4.0.0-0 - Support DocBook 5 as input format. BZ #1005042 - Fix duplicate first author in PDF. BZ #996351 - Include DocBook 5-compatible templates. BZ #697366 - Fix UTF8 issue in ~/.publican.cfg. BZ #987325 - Replace abstract and subtitle xsl. BZ #953675 - Change Cover page font. BZ #1006134 - Fix TOC leader in PDF. BZ #1006056 - Fix PDF Legal Notice trademarks & formatting. BZ #970851 - Fix keyword lable showing in PDF when there are no keywords. BZ #1007146 - Indicate whether a translation is older in the web GUI. BZ #889031 - Include time in update_date. BZ #979846 - Support web site navigation for books without HTML. BZ #885916 - Support ascending Revision History. BZ #999578 - Add ability to compy installed brand web content to another site. BZ #967664 - Fix PDF example.properties template. BZ #999586 - Fix PUG PDF format for OpenSuse. BZ #999581 - Simplify highlight error message. BZ #987059 - Add css styles for table sizes. BZ #1005640 - Tidy up Build.PL for better CPAN support. BZ #999259 - Fix image path for icon.svg. BZ #1011222 - Fix print_unused not handling include from higher directories. BZ #1004955 - Fix SVG fallback to PNG. BZ #990823 - Fix subtitle font size. BZ #987431 - Support grouping of books within a version. BZ #901560 - Remove bold from titles in Indic scripts. BZ #1006135 - Overhaul EPUB, basic CSS, harcode chunking, fix errors. BZ #883159 - Fix duplicate file listing in EPUB. BZ #875119 - Fix objects in EPUB not in catalog. BZ #875125 - Fix duplicate ID's in EPUBs. BZ #875116 - Fix ConfigData not being reset after testing on all platforms. BZ #999427 - Fix links to step not functioning. BZ #1009015 - Support GIT for distributed sets. BZ #864226 - Fix Build.PL not handling .mo files. BZ #1016421 - Bold and Center titlepage edition. BZ #1017548 - Fix broken use of pushd in Build.PL. BZ #1018608 - Remove XML from spec file abstract. BZ #1018796 - Fix UTF8 in publican.cfg not being handled. BZ #1020059 - Fix Indic PDF build on F19. BZ #1018024 - Fix UTF8 encoding for title in Revision_History.xml BZ #1020570 - Fix browser not detecting UTF8 on HTML5 files with .html extension. BZ #1018659 - Fix styling of DB4 example, package, & option. Remove html.longdesc.embed xsl. BZ #1023248 - Fix UTF8 in Groups.xml. BZ #1022575 - Add translations for "Edition" BZ# 1007141 - Add translations for "English is newer" BZ #889031 - Fix broken or-IN translation. - Update DB4 CSS steps, stepalts, OLs, term. BZ #1026173 - Remove chunk override from html.xsl. BZ #1026563 - Fix path to POD. BZ #1026563 - Update CLI translations - Various fixes to Common Content + update Common Content translation. BZ #1027248 - Update and correct Debian installation instructions. BZ #1013934 - Correct OpenSUSE installation instructions. BZ #1000534 - Add Docker installation instructions. BZ #1015943 - Clarify where relative paths are used in brand instructions - BZ #1028815 - Update and clarify translation instructions BZ #1021287 - Expose glossterm in PO files to support sortas attribute. BZ #1030591 - Add report action to print readability statistics. BZ #1031364 - Change comment in syntax highlight to light grey. BZ #1030718 - Document use of "sortas" for indexes and glossaries in PUG - Fix newline in translation affecting output. BZ #1036150 * Fri Oct 4 2013 Jeff Fearn <jfearn@xxxxxxxxxx> 3.9.9-0 - Publican 4.0 RC1 -------------------------------------------------------------------------------- ================================================================================ python-celery-3.0.15-6.fc19 (FEDORA-2014-2008) Distributed Task Queue -------------------------------------------------------------------------------- Update Information: python-billiard-2.7.3.34 is sufficient, too (rhbz#1059460) -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 3 2014 Matthias Runge <mrunge@xxxxxxxxxx> - 3.0.15-6 - python-billiard-2.7.3.34 is sufficient, too (rhbz#1059460) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1059460 - python-celery requires wrong version of python-billiard https://bugzilla.redhat.com/show_bug.cgi?id=1059460 -------------------------------------------------------------------------------- ================================================================================ rubygem-sequel-4.7.0-2.fc19 (FEDORA-2014-2038) The Database Toolkit for Ruby -------------------------------------------------------------------------------- Update Information: update to sequel 4.7.0 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
