The following Fedora 19 Security updates need testing: Age URL 112 https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glance-2013.1.4-1.fc19 57 https://admin.fedoraproject.org/updates/FEDORA-2013-23592/rubygem-actionpack-3.2.13-3.fc19 49 https://admin.fedoraproject.org/updates/FEDORA-2013-24023/varnish-3.0.5-1.fc19 31 https://admin.fedoraproject.org/updates/FEDORA-2014-0797/libinfinity-0.5.5-1.fc19 17 https://admin.fedoraproject.org/updates/FEDORA-2014-1734/quassel-0.9.2-1.fc19 12 https://admin.fedoraproject.org/updates/FEDORA-2014-1916/chrony-1.29.1-1.fc19 12 https://admin.fedoraproject.org/updates/FEDORA-2014-1910/ibus-chewing-1.4.10.1-1.fc19 9 https://admin.fedoraproject.org/updates/FEDORA-2014-2083/thunderbird-24.3.0-1.fc19 8 https://admin.fedoraproject.org/updates/FEDORA-2014-2140/python-gnupg-0.3.6-1.fc19 7 https://admin.fedoraproject.org/updates/FEDORA-2014-2183/apache-commons-fileupload-1.3-5.fc19 7 https://admin.fedoraproject.org/updates/FEDORA-2014-2188/xen-4.2.3-15.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-2239/python-tahrir-0.5.1-1.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-2253/python-tahrir-0.5.2-1.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-2261/perl-Capture-Tiny-0.24-1.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-2324/seamonkey-2.24-1.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-2260/NetworkManager-ssh-0.9.2-0.2.20140209git46247c2.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-2387/numpy-1.7.2-8.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-2340/xstream-1.3.1-5.1.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-2341/libgadu-1.12.0-0.3.rc2.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-2445/augeas-1.2.0-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-2506/lighttpd-1.4.34-3.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-2534/oath-toolkit-2.4.1-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-2439/maradns-2.0.09-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-2484/drupal6-ctools-1.11-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-2468/imapsync-1.584-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-2588/gnutls-3.1.20-3.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-2578/drupal7-ctools-1.4-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-2556/kernel-3.12.11-200.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-2565/mingw-gnutls-3.1.21-1.fc19 The following Fedora 19 Critical Path updates have yet to be approved: Age URL 60 https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmarks-15-5.fc19 23 https://admin.fedoraproject.org/updates/FEDORA-2014-1324/firefox-26.0-6.fc19 12 https://admin.fedoraproject.org/updates/FEDORA-2014-1958/livecd-tools-19.9-1.fc19 12 https://admin.fedoraproject.org/updates/FEDORA-2014-1916/chrony-1.29.1-1.fc19 10 https://admin.fedoraproject.org/updates/FEDORA-2014-2022/gupnp-tools-0.8.9-1.fc19,gupnp-av-0.12.5-1.fc19,gupnp-0.20.10-1.fc19,gssdp-0.14.7-1.fc19 8 https://admin.fedoraproject.org/updates/FEDORA-2014-0752/firewalld-0.3.9.3-1.fc19 7 https://admin.fedoraproject.org/updates/FEDORA-2014-2053/kde-workspace-4.11.6-2.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-2208/krb5-1.11.3-20.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-1255/tigervnc-1.3.0-9.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-2346/sqlite-3.8.3-1.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-2337/libreport-2.1.12-2.fc19,abrt-2.1.12-2.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-2556/kernel-3.12.11-200.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-2588/gnutls-3.1.20-3.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-2544/libusb-0.1.5-3.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-2446/libvpx-1.3.0-3.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-2541/yum-3.4.3-135.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-2498/rpm-4.11.2-1.fc19 The following builds have been pushed to Fedora 19 updates-testing debootstrap-1.0.59-1.fc19 docker-io-0.8.0-3.fc19 drupal7-ctools-1.4-1.fc19 drupal7-date_ical-3.1-1.fc19 emacs-auctex-11.87-7.fc19 gitflow-0.4.2.20120723git53e9c76-4.fc19 gnutls-3.1.20-3.fc19 kernel-3.12.11-200.fc19 libusb-0.1.5-3.fc19 mingw-gnutls-3.1.21-1.fc19 ocaml-xmlm-1.2.0-3.fc19 orthanc-0.7.3-1.fc19 perl-Class-MethodMaker-2.20-1.fc19 php-twig-ctwig-1.15.1-1.fc19 python-fedmsg-meta-fedora-infrastructure-0.2.7-1.fc19 ripright-0.9-1.fc19 rubygem-domain_name-0.5.16-1.fc19 rubygem-gettext-3.1.0-1.fc19 tcpcopy-0.9.7-2.fc19 tomoe-0.6.0-28.fc19 Details about builds: ================================================================================ debootstrap-1.0.59-1.fc19 (FEDORA-2014-2573) Debian GNU/Linux bootstrapper -------------------------------------------------------------------------------- Update Information: new upstream release new upstream release new upstream release -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 14 2014 Jan Vcelak <jvcelak@xxxxxxxxxxxxxxxxx> 1.0.59-1 - new upstream release: + install ca-certificates as well as apt-transport-https for https installations * Wed Feb 12 2014 Jan Vcelak <jvcelak@xxxxxxxxxxxxxxxxx> 1.0.58-1 - new upstream release: + install apt-transport-https when installing over HTTPS * Sun Feb 9 2014 Jan Vcelak <jvcelak@xxxxxxxxxxxxxxxxx> 1.0.57-1 - new upstream release: + Ubuntu trusty as a symlink to gutsy + when debian-archive-keyring is not available, use the main mirror with https + separate installation of base-passwd and base-files + pkgdetails_perl: fix percentage sign interpretation -------------------------------------------------------------------------------- References: [ 1 ] Bug #1065278 - debootstrap-1.0.59 is available https://bugzilla.redhat.com/show_bug.cgi?id=1065278 [ 2 ] Bug #1064180 - debootstrap-1.0.58 is available https://bugzilla.redhat.com/show_bug.cgi?id=1064180 [ 3 ] Bug #1022656 - debootstrap-1.0.57 is available https://bugzilla.redhat.com/show_bug.cgi?id=1022656 -------------------------------------------------------------------------------- ================================================================================ docker-io-0.8.0-3.fc19 (FEDORA-2014-2582) Automates deployment of containerized applications -------------------------------------------------------------------------------- Update Information: Remove unneeded sysctl settings in initscript ignore btrfs for rhel7 and clones for now upstream version bump, fix bad filenames in scriptlets -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 13 2014 Adam Miller <maxamillion@xxxxxxxxxxxxxxxxx> - 0.8.0-3 - Remove unneeded sysctl settings in initscript https://github.com/dotcloud/docker/pull/4125 * Sat Feb 8 2014 Lokesh Mandvekar <lsm5@xxxxxxxxxx> - 0.8.0-2 - ignore btrfs for rhel7 and clones for now - include vim syntax highlighting from contrib/syntax/vim * Wed Feb 5 2014 Lokesh Mandvekar <lsm5@xxxxxxxxxx> - 0.8.0-1 - upstream version bump - don't use btrfs for rhel6 and clones (yet) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1062177 - docker-io-0.8.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1062177 [ 2 ] Bug #1059743 - bad filenames in rpm scriptlets https://bugzilla.redhat.com/show_bug.cgi?id=1059743 -------------------------------------------------------------------------------- ================================================================================ drupal7-ctools-1.4-1.fc19 (FEDORA-2014-2578) This suite is primarily a set of APIs and tools for other Drupal modules -------------------------------------------------------------------------------- Update Information: - Update to upstream 1.4 release for bug and security fixes - Upstream changelog for this release is available at https://drupal.org/node/2194551 -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 14 2014 Peter Borsa <peter.borsa@xxxxxxxxx> - 1.4-1 - Update to upstream 1.4 release for bug and security fixes - Upstream changelog for this release is available at https://drupal.org/node/2194551 * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1064864 - drupal6-ctools: access bypass issues https://bugzilla.redhat.com/show_bug.cgi?id=1064864 -------------------------------------------------------------------------------- ================================================================================ drupal7-date_ical-3.1-1.fc19 (FEDORA-2014-2547) Allows creation of an iCal feed in Views -------------------------------------------------------------------------------- Update Information: - Update to upstream 3.1 release for bug fixes - Upstream changelog for this release is available at https://drupal.org/node/2188221 -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 14 2014 Peter Borsa <peter.borsa@xxxxxxxxx> - 3.1-1 - Update to upstream 3.1 release for bug fixes - Upstream changelog for this release is available at https://drupal.org/node/2188221 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1061061 - drupal7-date_ical-3.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1061061 -------------------------------------------------------------------------------- ================================================================================ emacs-auctex-11.87-7.fc19 (FEDORA-2014-2555) Enhanced TeX modes for Emacs -------------------------------------------------------------------------------- Update Information: This update installs the preview style files in the correct place. -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 12 2014 Jonathan G. Underwood <jonathan.underwood@xxxxxxxxx> - 11.87-7 - Really Fix up installation location of doc files * Thu Feb 6 2014 Jonathan G. Underwood <jonathan.underwood@xxxxxxxxx> - 11.87-6 - Fix up installation location of doc files * Thu Feb 6 2014 Jonathan G. Underwood <jonathan.underwood@xxxxxxxxx> - 11.87-5 - Move preview files to be installed under %{_datadir}/texlive/texmf-dist (BZ 995544) * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 11.87-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #995544 - tex-preview not installed in texmf-dist tree https://bugzilla.redhat.com/show_bug.cgi?id=995544 -------------------------------------------------------------------------------- ================================================================================ gitflow-0.4.2.20120723git53e9c76-4.fc19 (FEDORA-2014-2548) Extensions providing operations for V. Driessen's branching model -------------------------------------------------------------------------------- Update Information: Add bash completion for git flow subcommands. -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 13 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.4.2.20120723git53e9c76-4 - Include bash completion. * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.4.2.20120723git53e9c76-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1056059 - package gitflow bash completion as well https://bugzilla.redhat.com/show_bug.cgi?id=1056059 -------------------------------------------------------------------------------- ================================================================================ gnutls-3.1.20-3.fc19 (FEDORA-2014-2588) A TLS protocol implementation -------------------------------------------------------------------------------- Update Information: Fixes CVE-2014-1959 -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 14 2014 Nikos Mavrogiannopoulos <nmav@xxxxxxxxxx> 3.1.20-3 - Fix CVE-2014-1959 (#1065094) * Mon Feb 3 2014 Nikos Mavrogiannopoulos <nmav@xxxxxxxxxx> 3.1.20-1 - new upstream release - Fixed issue with gnutls.info not being available - Compile with trousers - Pulled fix from upstream for illegal supported-ecc extension (#1060411) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1065092 - CVE-2014-1959 gnutls: certificate verification flaw (GNUTLS-SA-2014-1) https://bugzilla.redhat.com/show_bug.cgi?id=1065092 -------------------------------------------------------------------------------- ================================================================================ kernel-3.12.11-200.fc19 (FEDORA-2014-2556) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 3.12.11 stable update contains a number of important fixes across the tree. The 3.12.10 stable update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 13 2014 Justin M. Forbes <jforbes@xxxxxxxxxxxxxxxxx> - 3.12.11-200 - Linux v3.12.11 * Wed Feb 12 2014 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> - Add patch to fix list corruption from pinctrl (rhbz 1051918) - Fix cgroup destroy oops (rhbz 1045755) - Fix backtrace in amd_e400_idle (rhbz 1031296) - CVE-2014-1874 SELinux: local denial of service (rhbz 1062356 1062507) * Thu Feb 6 2014 Justin M. Forbes <jforbes@xxxxxxxxxxxxxxxxx> - 3.12.10-200 - Linux v3.12.10 * Wed Feb 5 2014 Justin M. Forbes <jforbes@xxxxxxxxxxxxxxxxx> - fix resume issues on Renesas chips in Samsung laptops (rhbz 950630) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1062356 - CVE-2014-1874 Kernel: SELinux: local denial-of-service https://bugzilla.redhat.com/show_bug.cgi?id=1062356 -------------------------------------------------------------------------------- ================================================================================ libusb-0.1.5-3.fc19 (FEDORA-2014-2544) A library which allows userspace access to USB devices -------------------------------------------------------------------------------- Update Information: - Revert atexit call of libusb_exit, this breaks the use of libusb-compat in dl-opened plugins -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 13 2014 Hans de Goede <hdegoede@xxxxxxxxxx> - 0.1.5-3 - Revert atexit patch (rhbz#1003193) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1038566 - Remove atexit call of libusb_exit, this breaks the use of libusb-compat in plugins https://bugzilla.redhat.com/show_bug.cgi?id=1038566 -------------------------------------------------------------------------------- ================================================================================ mingw-gnutls-3.1.21-1.fc19 (FEDORA-2014-2565) MinGW GnuTLS TLS/SSL encryption library -------------------------------------------------------------------------------- Update Information: Version 3.1.21 (released 2014-02-13) * libgnutls: Tolerate servers that sent the SUPPORTED ECC extension. * libgnutls: Reduced the TLS and DTLS version requirements for all ciphersuites that are not GCM. * libgnutls: When two initial keywords are specified then treat the second as having the '+' modifier. * libgnutls: Fixed bug that prevented the rejection of v1 intermediate CA certificates. Reported and investigated by Suman Jana. -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 13 2014 Michael Cronenworth <mike@xxxxxxxxxx> - 3.1.21-1 - Update to 3.1.21 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1065092 - CVE-2014-1959 gnutls: certificate verification flaw (GNUTLS-SA-2014-1) https://bugzilla.redhat.com/show_bug.cgi?id=1065092 -------------------------------------------------------------------------------- ================================================================================ ocaml-xmlm-1.2.0-3.fc19 (FEDORA-2014-2403) A streaming XML codec -------------------------------------------------------------------------------- Update Information: Initial Fedora release of ocaml-xmlm, a streaming XML codec -------------------------------------------------------------------------------- References: [ 1 ] Bug #1055395 - Review Request: ocaml-xmlm - A streaming XML codec https://bugzilla.redhat.com/show_bug.cgi?id=1055395 -------------------------------------------------------------------------------- ================================================================================ orthanc-0.7.3-1.fc19 (FEDORA-2014-2577) RESTful DICOM server for healthcare and medical research -------------------------------------------------------------------------------- Update Information: New upstream version of Orthanc -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 14 2014 Sebastien Jodogne <s.jodogne@xxxxxxxxx> 0.7.3-1 - New upstream version -------------------------------------------------------------------------------- ================================================================================ perl-Class-MethodMaker-2.20-1.fc19 (FEDORA-2014-2596) Perl module for creating generic object-oriented methods -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 13 2014 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 2.20-1 - Upstream update. - Minor spec cleanup. -------------------------------------------------------------------------------- ================================================================================ php-twig-ctwig-1.15.1-1.fc19 (FEDORA-2014-2551) Extension to improve performance of Twig -------------------------------------------------------------------------------- Update Information: * fixed a C extension crash when accessing defined but uninitialized property. -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 14 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 1.15.1-1 - Update to 1.15.1 -------------------------------------------------------------------------------- ================================================================================ python-fedmsg-meta-fedora-infrastructure-0.2.7-1.fc19 (FEDORA-2014-2593) Metadata providers for Fedora Infrastructure's fedmsg deployment -------------------------------------------------------------------------------- Update Information: Handle secondary koji instances. -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 13 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.2.7-1 - Bugfix to that last release. * Thu Feb 13 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.2.6-1 - Latest upstream. - Handle secondary koji instances. - Other bugfixes -------------------------------------------------------------------------------- ================================================================================ ripright-0.9-1.fc19 (FEDORA-2014-2574) A minimal CD ripper -------------------------------------------------------------------------------- Update Information: A minimal CD ripper. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1057418 - Review Request: ripright - A minimal CD ripper https://bugzilla.redhat.com/show_bug.cgi?id=1057418 -------------------------------------------------------------------------------- ================================================================================ rubygem-domain_name-0.5.16-1.fc19 (FEDORA-2014-2595) Domain Name manipulation library for Ruby -------------------------------------------------------------------------------- Update Information: New version 0.5.16 is released. -------------------------------------------------------------------------------- ChangeLog: * Sat Feb 15 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 0.5.16-1 - 0.5.16 -------------------------------------------------------------------------------- ================================================================================ rubygem-gettext-3.1.0-1.fc19 (FEDORA-2014-2552) RubyGem of Localization Library and Tools for Ruby -------------------------------------------------------------------------------- Update Information: New version 3.1.0 is released. -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 10 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 3.1.0-1 - 3.1.0 -------------------------------------------------------------------------------- ================================================================================ tcpcopy-0.9.7-2.fc19 (FEDORA-2014-2564) An online request replication tool -------------------------------------------------------------------------------- Update Information: Update to 0.9.7 -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 14 2014 Christopher Meng <rpm@xxxxxxxx> - 0.9.7-2 - Rebuild with more features(pcap) * Fri Feb 14 2014 Christopher Meng <rpm@xxxxxxxx> - 0.9.7-1 - Update to 0.9.7 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1064806 - tcpcopy-0.9.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1064806 -------------------------------------------------------------------------------- ================================================================================ tomoe-0.6.0-28.fc19 (FEDORA-2014-2567) Handwritten input system for Japanese and Chinese -------------------------------------------------------------------------------- Update Information: Fixes skip code license issue -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 14 2014 Peng Wu <pwu@xxxxxxxxxx> - 0.6.0-28 - Add comments * Wed Feb 12 2014 Peng Wu <pwu@xxxxxxxxxx> - 0.6.0-27 - Fixes skip code license issue (rhbz#969415) * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.6.0-26 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #969415 - tomoe includes non-free contents https://bugzilla.redhat.com/show_bug.cgi?id=969415 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
