Fedora 19 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 19 Security updates need testing:
 Age  URL
 125  https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glance-2013.1.4-1.fc19
  62  https://admin.fedoraproject.org/updates/FEDORA-2013-24023/varnish-3.0.5-1.fc19
  44  https://admin.fedoraproject.org/updates/FEDORA-2014-0797/libinfinity-0.5.5-1.fc19
  16  https://admin.fedoraproject.org/updates/FEDORA-2014-2239/python-tahrir-0.5.1-1.fc19
  16  https://admin.fedoraproject.org/updates/FEDORA-2014-2253/python-tahrir-0.5.2-1.fc19
  16  https://admin.fedoraproject.org/updates/FEDORA-2014-2260/NetworkManager-ssh-0.9.2-0.2.20140209git46247c2.fc19
  14  https://admin.fedoraproject.org/updates/FEDORA-2014-2445/augeas-1.2.0-1.fc19
  14  https://admin.fedoraproject.org/updates/FEDORA-2014-2439/maradns-2.0.09-1.fc19
   8  https://admin.fedoraproject.org/updates/FEDORA-2014-2710/zabbix-2.0.11-2.fc19
   6  https://admin.fedoraproject.org/updates/FEDORA-2014-2876/file-5.11-12.fc19
   6  https://admin.fedoraproject.org/updates/FEDORA-2014-2862/xen-4.2.4-2.fc19
   6  https://admin.fedoraproject.org/updates/FEDORA-2014-2967/openldap-2.4.39-2.fc19
   6  https://admin.fedoraproject.org/updates/FEDORA-2014-2869/easy-rsa-2.2.2-1.fc19
   6  https://admin.fedoraproject.org/updates/FEDORA-2014-2825/postgresql-9.2.7-1.fc19
   4  https://admin.fedoraproject.org/updates/FEDORA-2014-2998/perl-CGI-Application-4.50-7.fc19
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-3192/freeradius-2.2.3-7.fc19
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-3232/rubygem-actionpack-3.2.13-5.fc19
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-3253/v8-3.14.5.10-6.fc19


The following Fedora 19 Critical Path updates have yet to be approved:
 Age URL
  73  https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmarks-15-5.fc19
  13  https://admin.fedoraproject.org/updates/FEDORA-2014-2544/libusb-0.1.5-3.fc19
  10  https://admin.fedoraproject.org/updates/FEDORA-2014-2668/wavpack-4.70.0-1.fc19
   8  https://admin.fedoraproject.org/updates/FEDORA-2014-2734/kdelibs-4.11.5-2.fc19
   6  https://admin.fedoraproject.org/updates/FEDORA-2014-2901/keyutils-1.5.9-1.fc19
   6  https://admin.fedoraproject.org/updates/FEDORA-2014-2967/openldap-2.4.39-2.fc19
   6  https://admin.fedoraproject.org/updates/FEDORA-2014-2849/libreport-2.1.12-3.fc19
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-3052/langtable-0.0.24-1.fc19
   3  https://admin.fedoraproject.org/updates/FEDORA-2014-3030/selinux-policy-3.12.1-74.19.fc19
   2  https://admin.fedoraproject.org/updates/FEDORA-2014-3142/curl-7.29.0-14.fc19
   2  https://admin.fedoraproject.org/updates/FEDORA-2014-3133/firefox-27.0.1-1.fc19
   2  https://admin.fedoraproject.org/updates/FEDORA-2014-3103/hwdata-0.261-1.fc19
   2  https://admin.fedoraproject.org/updates/FEDORA-2014-3134/krb5-1.11.3-21.fc19
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-3243/cryptsetup-1.6.4-1.fc19
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-3178/audit-2.3.4-1.fc19
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-3245/testdisk-6.14-2.fc19.1,ntfs-3g-2014.2.15-1.fc19
   0  https://admin.fedoraproject.org/updates/FEDORA-2014-3179/kde-workspace-4.11.6-3.fc19


The following builds have been pushed to Fedora 19 updates-testing

    NetworkManager-l2tp-0.9.8.6-1.fc19
    arm-none-eabi-newlib-2.1.0-2.fc19
    audit-2.3.4-1.fc19
    bcfg2-1.3.3-5.fc19
    byobu-5.73-3.fc19
    cryptsetup-1.6.4-1.fc19
    docker-io-0.8.1-1.fc19
    freeradius-2.2.3-7.fc19
    gfal2-2.5.5-1.fc19
    ghc-shakespeare-js-1.1.2.1-1.fc19
    ibus-anthy-1.5.5-2.fc19
    kde-workspace-4.11.6-3.fc19
    libaccounts-glib-1.16-1.fc19
    libaccounts-qt-1.11-1.fc19
    libqb-0.17.0-1.fc19
    libtcd-2.2.6-1.fc19
    marble-4.11.5-2.fc19
    ntfs-3g-2014.2.15-1.fc19
    perl-File-Slurp-Tiny-0.003-3.fc19
    perl-Module-Extract-Namespaces-1.02-3.fc19
    python-croniter-0.3.4-2.fc19
    python-pep8-1.4.6-2.fc19
    retrace-server-1.11-1.fc19
    rubygem-actionpack-3.2.13-5.fc19
    rubygem-coderay-1.1.0-1.fc19
    rubygem-gettext-3.1.1-1.fc19
    scap-security-guide-0.1.5-1.fc19
    sparse-0.5.0-1.fc19
    testdisk-6.14-2.fc19.1
    tmux-1.9a-2.fc19
    tofrodos-1.7.13-2.fc19
    tumbler-0.1.30-1.fc19
    v8-3.14.5.10-6.fc19
    xfdashboard-0.1.4-2.fc19
    yumex-3.0.14-1.fc19
    zorba-2.9.1-4.fc19

Details about builds:


================================================================================
 NetworkManager-l2tp-0.9.8.6-1.fc19 (FEDORA-2014-3204)
 NetworkManager VPN plugin for l2tp
--------------------------------------------------------------------------------
Update Information:

updated to 0.9.8.6
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 27 2014 Ivan Romanov <drizt@xxxxxxx> - 0.9.8.6-1
- updated to 0.9.8.6
--------------------------------------------------------------------------------


================================================================================
 arm-none-eabi-newlib-2.1.0-2.fc19 (FEDORA-2014-3219)
 C library intended for use on arm-none-eabi embedded systems
--------------------------------------------------------------------------------
Update Information:

enable libnosys
--------------------------------------------------------------------------------
ChangeLog:

--------------------------------------------------------------------------------


================================================================================
 audit-2.3.4-1.fc19 (FEDORA-2014-3178)
 User space tools for 2.6 kernel auditing
--------------------------------------------------------------------------------
Update Information:

In audisp-remote, fix retry logic for temporary network failures. Audit event parsing bug fixes for search and reporting tools. Update translation tables for the 3.14 kernel.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 27 2014 Steve Grubb <sgrubb@xxxxxxxxxx> 2.3.4-1
- New upstream bugfix/enhancement release
--------------------------------------------------------------------------------


================================================================================
 bcfg2-1.3.3-5.fc19 (FEDORA-2014-3225)
 A configuration management system
--------------------------------------------------------------------------------
Update Information:

Rebuild for release 5, which re-enables unit tests on the EPEL7 branch.  It should be a no-op for other distros.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 26 2014 John Morris <john@xxxxxxxxxxx> - 1.3.3-5
- EL7:  Re-add deps and re-enable %check script; bz #1058427
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1058427 - Add bcfg2 package to EPEL7
        https://bugzilla.redhat.com/show_bug.cgi?id=1058427
--------------------------------------------------------------------------------


================================================================================
 byobu-5.73-3.fc19 (FEDORA-2014-3241)
 Light-weight, configurable window manager built upon GNU screen
--------------------------------------------------------------------------------
Update Information:

fix for :
bg#1058747 - multiple sourcing of tmux/tmuxrc
bg#1069419 - tmux backend does not remove date and time even if deselected in byobu-config 
various upstream patches
Update to version 5.73
Update to version 5.73
update to latest version
Update to latest version + bugfixes from fedora
update to latest version
Update to latest version + bugfixes from fedora
various upstream patches
Update to version 5.73
Update to version 5.73
update to latest version
Update to latest version + bugfixes from fedora
update to latest version
Update to latest version + bugfixes from fedora
various upstream patches
Update to version 5.73
Update to version 5.73
update to latest version
Update to latest version + bugfixes from fedora
update to latest version
Update to latest version + bugfixes from fedora
various upstream patches
Update to version 5.73
Update to version 5.73
update to latest version
Update to latest version + bugfixes from fedora
update to latest version
Update to latest version + bugfixes from fedora
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 27 2014 Jan Klepek <jan.klepek at, gmail.com> - 5.73-3
- various upstream patches
* Wed Feb 26 2014 Jan Klepek <jan.klepek at, gmail.com> - 5.73-2
- various upstream patches
* Tue Feb 18 2014 Jan Klepek <jan.klepek at, gmail.com> - 5.73-1
- Update to latest release
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1058747 - Byobu sources $BYOBU_CONFIG_DIR/.tmux.conf twice
        https://bugzilla.redhat.com/show_bug.cgi?id=1058747
  [ 2 ] Bug #1069419 - Byobu with tmux backend does not remove date and time even if deselected in byobu-config
        https://bugzilla.redhat.com/show_bug.cgi?id=1069419
  [ 3 ] Bug #1055258 - byobu-5.73 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1055258
--------------------------------------------------------------------------------


================================================================================
 cryptsetup-1.6.4-1.fc19 (FEDORA-2014-3243)
 A utility for setting up encrypted disks
--------------------------------------------------------------------------------
Update Information:

Update to 1.6.4 version, see Release Notes https://www.kernel.org/pub/linux/utils/cryptsetup/v1.6/v1.6.4-ReleaseNotes
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 27 2014 Milan Broz <gmazyland@xxxxxxxxx> - 1.6.4-1
- Update to cryptsetup 1.6.4.
* Tue Jan  7 2014 Ondrej Kozina <okozina@xxxxxxxxxx> - 1.6.3-2
- remove useless hmac checksum
--------------------------------------------------------------------------------


================================================================================
 docker-io-0.8.1-1.fc19 (FEDORA-2014-3249)
 Automates deployment of containerized applications
--------------------------------------------------------------------------------
Update Information:

Bug 1066841 - upstream version bump to v0.8.1
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 19 2014 Lokesh Mandvekar <lsm5@xxxxxxxxxx> - 0.8.1-1
- Bug 1066841 - upstream version bump to v0.8.1
- use sysvinit files from upstream contrib
- BR golang >= 1.2-7
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1066841 - docker-io-0.8.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1066841
--------------------------------------------------------------------------------


================================================================================
 freeradius-2.2.3-7.fc19 (FEDORA-2014-3192)
 High-performance and highly configurable free RADIUS server
--------------------------------------------------------------------------------
Update Information:

Fix stack-based buffer overflow flaw in rlm_pap module: long password hashes used by the PAP module can cause a buffer overflow which may terminate the server.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb 21 2014 Nikolai Kondrashov <Nikolai.Kondrashov@xxxxxxxxxx> - 2.2.3-7
- Fix CVE-2014-2015 "freeradius: stack-based buffer overflow flaw in rlm_pap
  module"
- resolves: bug#1066984 (fedora 1066763)
* Tue Jan 14 2014 John Dennis <jdennis@xxxxxxxxxx> - 2.2.3-6
- Upgrade to upstream 2.2.3 release
  See /usr/share/doc/freeradius-2.2.3/ChangeLog for details
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1070427 - CVE-2014-2015 freeradius: stack-based buffer overflow flaw in rlm_pap module [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1070427
--------------------------------------------------------------------------------


================================================================================
 gfal2-2.5.5-1.fc19 (FEDORA-2014-3213)
 Grid file access library 2.0
--------------------------------------------------------------------------------
Update Information:

Release 2.5.5 of GFAL2
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 26 2014 Adrien Devresse <adevress at cern.ch> - 2.5.5-1
- Release 2.5.5 of GFAL2
--------------------------------------------------------------------------------


================================================================================
 ghc-shakespeare-js-1.1.2.1-1.fc19 (FEDORA-2014-3174)
 Compile-time variable interpolation for Javascript
--------------------------------------------------------------------------------
Update Information:

Compile-time variable interpolation for Javascript
- http://hackage.haskell.org/package/shakespeare-js
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #986641 - Review Request: ghc-shakespeare-js - Compile-time variable interpolation for Javascript
        https://bugzilla.redhat.com/show_bug.cgi?id=986641
--------------------------------------------------------------------------------


================================================================================
 ibus-anthy-1.5.5-2.fc19 (FEDORA-2014-3193)
 The Anthy engine for IBus input platform
--------------------------------------------------------------------------------
Update Information:

This update enables property icon for input mode on non-GNONE.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 27 2014 Takao Fujiwara <tfujiwar@xxxxxxxxxx> - 1.5.5-2
- Updated ibus-anthy-HEAD.patch to enable property icon.
--------------------------------------------------------------------------------


================================================================================
 kde-workspace-4.11.6-3.fc19 (FEDORA-2014-3179)
 KDE Workspace
--------------------------------------------------------------------------------
Update Information:

fix broken suspend/resume with systemd >= 209 (kdebug#331403)
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 26 2014 Lukáš Tinkl <ltinkl@xxxxxxxxxx> 4.11.6-3
- fix broken suspend/resume with systemd >= 209 (kdebug331403)
--------------------------------------------------------------------------------


================================================================================
 libaccounts-glib-1.16-1.fc19 (FEDORA-2014-3164)
 Accounts framework for Linux and POSIX based platforms
--------------------------------------------------------------------------------
Update Information:

Update libaccounts-glib and libaccounts-qt to latest upstream release.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 26 2014 Daniel Vrátil <dvratil@xxxxxxxxxx> - 1.16-1
- Latest upstream release
- disable unit-tets on F19 (check on F19 is too old)
* Sat Aug  3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.8-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 libaccounts-qt-1.11-1.fc19 (FEDORA-2014-3164)
 Accounts framework Qt bindings
--------------------------------------------------------------------------------
Update Information:

Update libaccounts-glib and libaccounts-qt to latest upstream release.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 26 2014 Daniel Vrátil <dvratil@xxxxxxxxxx> - 1.11-1
- Upodate to 1.11
* Sat Dec 14 2013 Michael Schwendt <mschwendt@xxxxxxxxxxxxxxxxx> - 1.6-4
- Fix duplicate documentation (#1001255)
- Add %?_isa to -devel base package dep
- Remove %defattr
* Sat Aug  3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.6-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 libqb-0.17.0-1.fc19 (FEDORA-2014-3173)
 An IPC library for high performance servers
--------------------------------------------------------------------------------
Update Information:

Rebase v0.17.0
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 19 2014 David Vossel <dvossel@xxxxxxxxxx> - 0.17.0-1
Fix: build: Allow 'make rpm' to work with lightweight tags for release candidates
Fix: spec: reference correct url in spec file
Doc: update broken doxygen link to something that exists
Bump version to 0.17.0
Low: ipc_socket: further optimize max msg size calculations for fbsd portability tests
Low: ipc_socket: Allow socket max msg size to be calculated more accurately
Fix: fixes travis compile time error
Low: tests: Fixes compile time issue with make check
High: ipcs: Prevent ipc server use after free.
Low: ipc: Remove ipc connection reference given to dispatch functions
High: ipc: Fixes memory leak in server connection accept when client partially connects
IPC: Increase the listen backlog of IPC server
Low: ipcs: Clarifications to the ipcs server callback documentation.
Fix rb.test to avoid overwriting memory during reading.
Low: example: Update client/server example to use server enforced buffer size
Low: Client side buffer retrieval regression test
Feature: New api function to retrieve client buffer size
Low: check_ipc.c: Verify server enforced buffer sizes work
Feature: Enforce buffer size limits on the server side
Low: regession tests for regex log filters
Feature: Filter logs using regex patter on function, format, or filename
ipc_setup: Set SO_PASSCRED on listener socket
Fix: log: Filtering by function and file must match exactly, no substring matches
Low: blackbox: Abort blackbox logging on ringbuffer overwrite reclaim error
High: ipcs: Api function allowing server to retrieve client connection's ipc buffer size
Low: ringbuffer: Abort during chunk reclaim if OVERWRITE flag is set and reclaim fails.
High: blackbox: unique blackbox ringbuffer files per pid
Low: ipc_socket: Fixes fd leak in socket ipc client disconnection
Use sizeof to get the correct size of the sockaddr_un sun_path member in a portable way. Fixes corosync on Mac OS X.
Detect the max signal value that can be used using NSIG macro
Avoid double-decrement of level->todo
--------------------------------------------------------------------------------


================================================================================
 libtcd-2.2.6-1.fc19 (FEDORA-2014-3170)
 Tide Constituent Database Library
--------------------------------------------------------------------------------
Update Information:

New version 2.2.6 is released.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 26 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 2.2.6-1
- 2.2.6
* Sat Aug  3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.2.5-5.r3.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 marble-4.11.5-2.fc19 (FEDORA-2014-3254)
 Virtual globe and world atlas
--------------------------------------------------------------------------------
Update Information:

This update fixes Marble to use the current API for the geonames.org web services, making the Wikipedia, weather, postal codes and earthquakes services work again.

See https://bugs.kde.org/show_bug.cgi?id=331004 for details.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 27 2014 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> - 1:4.11.5-2
- apply upstream fix for geonames.org API change (kde#331004)
--------------------------------------------------------------------------------


================================================================================
 ntfs-3g-2014.2.15-1.fc19 (FEDORA-2014-3245)
 Linux NTFS userspace driver
--------------------------------------------------------------------------------
Update Information:

Update to the latest stable ntfs-3g code.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 26 2014 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> 2:2014.2.15-1
- update to 2014.2.15
* Sat Aug  3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2:2013.1.13-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #895431 - ntfs-3g-2014.2.15 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=895431
--------------------------------------------------------------------------------


================================================================================
 perl-File-Slurp-Tiny-0.003-3.fc19 (FEDORA-2014-3195)
 A simple, sane and efficient file slurper
--------------------------------------------------------------------------------
Update Information:

This is the first Fedora/EPEL release of perl-File-Slurp-Tiny.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1064995 - Review Request: perl-File-Slurp-Tiny - A simple, sane and efficient file slurper
        https://bugzilla.redhat.com/show_bug.cgi?id=1064995
--------------------------------------------------------------------------------


================================================================================
 perl-Module-Extract-Namespaces-1.02-3.fc19 (FEDORA-2014-3205)
 Extract the package declarations from a module
--------------------------------------------------------------------------------
Update Information:

This is the first Fedora/EPEL release of perl-Module-Extract-Namespaces.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1069797 - Review Request: perl-Module-Extract-Namespaces - Extract the package declarations from a module
        https://bugzilla.redhat.com/show_bug.cgi?id=1069797
--------------------------------------------------------------------------------


================================================================================
 python-croniter-0.3.4-2.fc19 (FEDORA-2014-3246)
 Iteration for datetime object with cron like format
--------------------------------------------------------------------------------
Update Information:

- Iteration for datetime object with cron like format
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1068644 - Review Request: python-croniter - Iteration for datetime object with cron like format
        https://bugzilla.redhat.com/show_bug.cgi?id=1068644
--------------------------------------------------------------------------------


================================================================================
 python-pep8-1.4.6-2.fc19 (FEDORA-2014-3188)
 Python style guide checker
--------------------------------------------------------------------------------
Update Information:

rename py3 version of pep8 to python3-pep8 (rhbz#1060408)
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 26 2014 Matthias Runge <mrunge@xxxxxxxxxx> -1.4.6-2
- rename py3 version of pep8 to python3-pep8 (rhbz#1060408)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1060408 - Missing %{_bindir}/python3-pep8
        https://bugzilla.redhat.com/show_bug.cgi?id=1060408
--------------------------------------------------------------------------------


================================================================================
 retrace-server-1.11-1.fc19 (FEDORA-2014-3156)
 Application for remote coredump analysis
--------------------------------------------------------------------------------
Update Information:

update to 1.11
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 27 2014 Michal Toman <mtoman@xxxxxxxxxx> 1.11-1
- do not die trying to chmod a hardling
- do not hardlink unpacked vmcores
- print command line formatted correctly
- allow submitting vmcores with spaces in file name
- do not run makedumpfile when not necessary
- allow to specify kernel VRA with custom cores
- do not require the trailing slash in task manager URL
- do not kill retrace-server-cleanup when retrace_log does not exist
- cache kernel version into task directory
- add support for ppc64, s390x
- include floating point registers in userspace backtraces
- execute ABRT's exploitability plugin if available
--------------------------------------------------------------------------------


================================================================================
 rubygem-actionpack-3.2.13-5.fc19 (FEDORA-2014-3232)
 Web-flow and rendering framework putting the VC in MVC
--------------------------------------------------------------------------------
Update Information:

This fixes Ruby on Rails 3.2.17 security issues:

- CVE-2014-0081
- CVE-2014-0082

Includes security patches for:

- CVE-2013-6417 - Incomplete fix to CVE-2013-0155 (Unsafe Query Generation Risk)
- CVE-2013-4491 - Reflective XSS Vulnerability in Ruby on Rails
- CVE-2013-6415 - XSS Vulnerability in number_to_currency
- CVE-2013-6414 - Denial of Service Vulnerability in Action View
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 26 2014 Josef Stribny <jstribny@xxxxxxxxxx> - 1:3.2.13-5
- Fix CVE-2014-0081 and CVE-2014-0082
--------------------------------------------------------------------------------


================================================================================
 rubygem-coderay-1.1.0-1.fc19 (FEDORA-2014-3159)
 Fast syntax highlighter engine for many programming languages
--------------------------------------------------------------------------------
Update Information:

- update to new version (1.0.1)

--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 27 2014 Jan Klepek <jan.klepek at, gmail.com> - 1.1.0-1
- update to new version
* Mon Aug 19 2013 Jan Klepek <jan.klepek at, gmail.com> - 1.0.7-1
- update to new version
* Sun Aug  4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0.6-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #834993 - rubygem-coderay-1.1.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=834993
--------------------------------------------------------------------------------


================================================================================
 rubygem-gettext-3.1.1-1.fc19 (FEDORA-2014-3233)
 RubyGem of Localization Library and Tools for Ruby
--------------------------------------------------------------------------------
Update Information:

New version 3.1.1 is released.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 27 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 3.1.1-1
- 3.1.1
--------------------------------------------------------------------------------


================================================================================
 scap-security-guide-0.1.5-1.fc19 (FEDORA-2014-3187)
 Security guidance and baselines in SCAP formats
--------------------------------------------------------------------------------
Update Information:

Update to upstream 0.1.5 version.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 27 2014 Jan iankko Lieskovsky <jlieskov@xxxxxxxxxx> 0.1.5-1
- Fix fedora-srpm and fedora-rpm Make targets to work again
- Include RHEL-6 and RHEL-7 datastream files to support remote RHEL system scans
- EOL for Fedora 18 support
- Include Fedora datastream file for remote Fedora system scans
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1070906 - [RFE] Generate datastream output format for Fedora SCAP content too (necessary for remote system scans)
        https://bugzilla.redhat.com/show_bug.cgi?id=1070906
--------------------------------------------------------------------------------


================================================================================
 sparse-0.5.0-1.fc19 (FEDORA-2014-3185)
 A semantic parser of source files
--------------------------------------------------------------------------------
Update Information:

This updates sparse to the latest upstream release.

--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 26 2014 Jeff Layton <jlayton@xxxxxxxxxx> - 0.5.0-1
- update to v0.5.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1070485 - sparse 0.4.5-rc1 as shipped in Fedora is way too noisy on the kernel
        https://bugzilla.redhat.com/show_bug.cgi?id=1070485
--------------------------------------------------------------------------------


================================================================================
 testdisk-6.14-2.fc19.1 (FEDORA-2014-3245)
 Tool to check and undelete partition, PhotoRec recovers lost files
--------------------------------------------------------------------------------
Update Information:

Update to the latest stable ntfs-3g code.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 27 2014 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 6.14-2.1
- rebuild for new ntfs-3g
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #895431 - ntfs-3g-2014.2.15 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=895431
--------------------------------------------------------------------------------


================================================================================
 tmux-1.9a-2.fc19 (FEDORA-2014-3252)
 A terminal multiplexer
--------------------------------------------------------------------------------
Update Information:

Fix rhbz #1069950, upstream [tmux:tickets] #105
New upstream release 1.9a
New upstream release 1.9
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 26 2014 Filipe Rosset <rosset.filipe@xxxxxxxxx> 1.9a-2
- Fix rhbz #1069950, upstream [tmux:tickets] #105
* Sun Feb 23 2014 Filipe Rosset <rosset.filipe@xxxxxxxxx> 1.9a-1
- New upstream release 1.9a
* Sat Feb 22 2014 Filipe Rosset <rosset.filipe@xxxxxxxxx> 1.9-1
- New upstream release 1.9
- Fix rhbz #1067860
* Sun Aug  4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.8-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1069950 - tmux 1.9a instantly segfaults with MALLOC_CHECK_=2
        https://bugzilla.redhat.com/show_bug.cgi?id=1069950
  [ 2 ] Bug #1067860 - [RFE]: Please update the RPM scriptlet based on the new guideline
        https://bugzilla.redhat.com/show_bug.cgi?id=1067860
  [ 3 ] Bug #1067908 - tmux-1.9 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1067908
--------------------------------------------------------------------------------


================================================================================
 tofrodos-1.7.13-2.fc19 (FEDORA-2014-3166)
 Converts text files between MSDOS and Unix file formats
--------------------------------------------------------------------------------
Update Information:

Wheels reinvented like unix2dos.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1063140 - Review Request: tofrodos - Converts text files between MSDOS and Unix file formats
        https://bugzilla.redhat.com/show_bug.cgi?id=1063140
--------------------------------------------------------------------------------


================================================================================
 tumbler-0.1.30-1.fc19 (FEDORA-2014-3157)
 D-Bus service for applications to request thumbnails
--------------------------------------------------------------------------------
Update Information:

Update to 0.1.30. Minor bugfixes and translation updates.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 26 2014 Kevin Fenzi <kevin@xxxxxxxxx> 0.1.30-1
- Update to 0.1.30
* Sun Aug  4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.1.29-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1070201 - tumbler-0.1.30 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1070201
--------------------------------------------------------------------------------


================================================================================
 v8-3.14.5.10-6.fc19 (FEDORA-2014-3253)
 JavaScript Engine
--------------------------------------------------------------------------------
Update Information:

Common Vulnerabilities and Exposures assigned an identifier CVE-2013-6650 to
the following vulnerability:

Name: CVE-2013-6650

URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6650

The StoreBuffer::ExemptPopularPages function in store-buffer.cc in
Google V8 before 3.22.24.16, as used in Google Chrome before
32.0.1700.102, allows remote attackers to cause a denial of service
(memory corruption) or possibly have unspecified other impact via
vectors that trigger incorrect handling of "popular pages."
--------------------------------------------------------------------------------
ChangeLog:

* Mon Feb 24 2014 Tomas Hrcka <thrcka@xxxxxxxxxx> - 1:3.14.5.10-6
- Backport fix for incorrect handling of popular pages (RHBZ#1059070; CVE-2013-6640)
* Fri Feb 14 2014 T.C. Hollingsworth <tchollingsworth@xxxxxxxxx> - 1:3.14.5.10-5
- rebuild for icu-52
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1059070 - CVE-2013-6650 v8: incorrect handling of popular pages
        https://bugzilla.redhat.com/show_bug.cgi?id=1059070
--------------------------------------------------------------------------------


================================================================================
 xfdashboard-0.1.4-2.fc19 (FEDORA-2014-3190)
 GNOME shell like dashboard for Xfce
--------------------------------------------------------------------------------
Update Information:

Patch for enabling workspace switching added
Update to version 0.1.4. This release also provides support for themes
--------------------------------------------------------------------------------
ChangeLog:

* Tue Feb 25 2014 Mukundan Ragavan <nonamedotc@xxxxxxxxxxxxxxxxx> - 0.1.4-2
- Patch for enabling workspace switching added
- Upstream bug - issue#1 on github
* Mon Feb 24 2014 Mukundan Ragavan <nonamedotc@xxxxxxxxxxxxxxxxx> - 0.1.4-1
- Updated to the latest upstream version
- Includes theming support (provides a default theme)
--------------------------------------------------------------------------------


================================================================================
 yumex-3.0.14-1.fc19 (FEDORA-2014-3236)
 Yum Extender graphical package management tool
--------------------------------------------------------------------------------
Update Information:

Fix blank dialog on second time yumex is processing some actions
--------------------------------------------------------------------------------
ChangeLog:

* Tue Feb 25 2014 Tim Lauridsen <timlau@xxxxxxxxxxxxxxxxx> 3.0.14-1
- bumped version to 3.0.14
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1023746 - Yumex Blanks Dialog On Second Process
        https://bugzilla.redhat.com/show_bug.cgi?id=1023746
--------------------------------------------------------------------------------


================================================================================
 zorba-2.9.1-4.fc19 (FEDORA-2014-3235)
 General purpose XQuery processor implemented in C++
--------------------------------------------------------------------------------
Update Information:

- fix strtok(NULL, ...) on armv7hl and aarch64 (and ppc64 and s390x...)
--------------------------------------------------------------------------------
ChangeLog:

* Tue Feb 25 2014 Kyle McMartin <kyle@xxxxxxxxxx> - 2.9.1-4
- fix strtok(NULL, ...) on armv7hl and aarch64 (and ppc64 and s390x...)
* Sun Aug  4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.9.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Tue Jul 30 2013 Petr Machata <pmachata@xxxxxxxxxx> - 2.9.1-2
- Rebuild for boost 1.54.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1069294 - zorba fails to build for ARM
        https://bugzilla.redhat.com/show_bug.cgi?id=1069294
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test





[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux