The following Fedora 19 Security updates need testing: Age URL 125 https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glance-2013.1.4-1.fc19 62 https://admin.fedoraproject.org/updates/FEDORA-2013-24023/varnish-3.0.5-1.fc19 44 https://admin.fedoraproject.org/updates/FEDORA-2014-0797/libinfinity-0.5.5-1.fc19 16 https://admin.fedoraproject.org/updates/FEDORA-2014-2239/python-tahrir-0.5.1-1.fc19 16 https://admin.fedoraproject.org/updates/FEDORA-2014-2253/python-tahrir-0.5.2-1.fc19 16 https://admin.fedoraproject.org/updates/FEDORA-2014-2260/NetworkManager-ssh-0.9.2-0.2.20140209git46247c2.fc19 14 https://admin.fedoraproject.org/updates/FEDORA-2014-2445/augeas-1.2.0-1.fc19 14 https://admin.fedoraproject.org/updates/FEDORA-2014-2439/maradns-2.0.09-1.fc19 8 https://admin.fedoraproject.org/updates/FEDORA-2014-2710/zabbix-2.0.11-2.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-2876/file-5.11-12.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-2862/xen-4.2.4-2.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-2967/openldap-2.4.39-2.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-2869/easy-rsa-2.2.2-1.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-2825/postgresql-9.2.7-1.fc19 4 https://admin.fedoraproject.org/updates/FEDORA-2014-2998/perl-CGI-Application-4.50-7.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-3192/freeradius-2.2.3-7.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-3232/rubygem-actionpack-3.2.13-5.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-3253/v8-3.14.5.10-6.fc19 The following Fedora 19 Critical Path updates have yet to be approved: Age URL 73 https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmarks-15-5.fc19 13 https://admin.fedoraproject.org/updates/FEDORA-2014-2544/libusb-0.1.5-3.fc19 10 https://admin.fedoraproject.org/updates/FEDORA-2014-2668/wavpack-4.70.0-1.fc19 8 https://admin.fedoraproject.org/updates/FEDORA-2014-2734/kdelibs-4.11.5-2.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-2901/keyutils-1.5.9-1.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-2967/openldap-2.4.39-2.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-2849/libreport-2.1.12-3.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-3052/langtable-0.0.24-1.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-3030/selinux-policy-3.12.1-74.19.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-3142/curl-7.29.0-14.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-3133/firefox-27.0.1-1.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-3103/hwdata-0.261-1.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-3134/krb5-1.11.3-21.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-3243/cryptsetup-1.6.4-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-3178/audit-2.3.4-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-3245/testdisk-6.14-2.fc19.1,ntfs-3g-2014.2.15-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-3179/kde-workspace-4.11.6-3.fc19 The following builds have been pushed to Fedora 19 updates-testing NetworkManager-l2tp-0.9.8.6-1.fc19 arm-none-eabi-newlib-2.1.0-2.fc19 audit-2.3.4-1.fc19 bcfg2-1.3.3-5.fc19 byobu-5.73-3.fc19 cryptsetup-1.6.4-1.fc19 docker-io-0.8.1-1.fc19 freeradius-2.2.3-7.fc19 gfal2-2.5.5-1.fc19 ghc-shakespeare-js-1.1.2.1-1.fc19 ibus-anthy-1.5.5-2.fc19 kde-workspace-4.11.6-3.fc19 libaccounts-glib-1.16-1.fc19 libaccounts-qt-1.11-1.fc19 libqb-0.17.0-1.fc19 libtcd-2.2.6-1.fc19 marble-4.11.5-2.fc19 ntfs-3g-2014.2.15-1.fc19 perl-File-Slurp-Tiny-0.003-3.fc19 perl-Module-Extract-Namespaces-1.02-3.fc19 python-croniter-0.3.4-2.fc19 python-pep8-1.4.6-2.fc19 retrace-server-1.11-1.fc19 rubygem-actionpack-3.2.13-5.fc19 rubygem-coderay-1.1.0-1.fc19 rubygem-gettext-3.1.1-1.fc19 scap-security-guide-0.1.5-1.fc19 sparse-0.5.0-1.fc19 testdisk-6.14-2.fc19.1 tmux-1.9a-2.fc19 tofrodos-1.7.13-2.fc19 tumbler-0.1.30-1.fc19 v8-3.14.5.10-6.fc19 xfdashboard-0.1.4-2.fc19 yumex-3.0.14-1.fc19 zorba-2.9.1-4.fc19 Details about builds: ================================================================================ NetworkManager-l2tp-0.9.8.6-1.fc19 (FEDORA-2014-3204) NetworkManager VPN plugin for l2tp -------------------------------------------------------------------------------- Update Information: updated to 0.9.8.6 -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 27 2014 Ivan Romanov <drizt@xxxxxxx> - 0.9.8.6-1 - updated to 0.9.8.6 -------------------------------------------------------------------------------- ================================================================================ arm-none-eabi-newlib-2.1.0-2.fc19 (FEDORA-2014-3219) C library intended for use on arm-none-eabi embedded systems -------------------------------------------------------------------------------- Update Information: enable libnosys -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- ================================================================================ audit-2.3.4-1.fc19 (FEDORA-2014-3178) User space tools for 2.6 kernel auditing -------------------------------------------------------------------------------- Update Information: In audisp-remote, fix retry logic for temporary network failures. Audit event parsing bug fixes for search and reporting tools. Update translation tables for the 3.14 kernel. -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 27 2014 Steve Grubb <sgrubb@xxxxxxxxxx> 2.3.4-1 - New upstream bugfix/enhancement release -------------------------------------------------------------------------------- ================================================================================ bcfg2-1.3.3-5.fc19 (FEDORA-2014-3225) A configuration management system -------------------------------------------------------------------------------- Update Information: Rebuild for release 5, which re-enables unit tests on the EPEL7 branch. It should be a no-op for other distros. -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 26 2014 John Morris <john@xxxxxxxxxxx> - 1.3.3-5 - EL7: Re-add deps and re-enable %check script; bz #1058427 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1058427 - Add bcfg2 package to EPEL7 https://bugzilla.redhat.com/show_bug.cgi?id=1058427 -------------------------------------------------------------------------------- ================================================================================ byobu-5.73-3.fc19 (FEDORA-2014-3241) Light-weight, configurable window manager built upon GNU screen -------------------------------------------------------------------------------- Update Information: fix for : bg#1058747 - multiple sourcing of tmux/tmuxrc bg#1069419 - tmux backend does not remove date and time even if deselected in byobu-config various upstream patches Update to version 5.73 Update to version 5.73 update to latest version Update to latest version + bugfixes from fedora update to latest version Update to latest version + bugfixes from fedora various upstream patches Update to version 5.73 Update to version 5.73 update to latest version Update to latest version + bugfixes from fedora update to latest version Update to latest version + bugfixes from fedora various upstream patches Update to version 5.73 Update to version 5.73 update to latest version Update to latest version + bugfixes from fedora update to latest version Update to latest version + bugfixes from fedora various upstream patches Update to version 5.73 Update to version 5.73 update to latest version Update to latest version + bugfixes from fedora update to latest version Update to latest version + bugfixes from fedora -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 27 2014 Jan Klepek <jan.klepek at, gmail.com> - 5.73-3 - various upstream patches * Wed Feb 26 2014 Jan Klepek <jan.klepek at, gmail.com> - 5.73-2 - various upstream patches * Tue Feb 18 2014 Jan Klepek <jan.klepek at, gmail.com> - 5.73-1 - Update to latest release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1058747 - Byobu sources $BYOBU_CONFIG_DIR/.tmux.conf twice https://bugzilla.redhat.com/show_bug.cgi?id=1058747 [ 2 ] Bug #1069419 - Byobu with tmux backend does not remove date and time even if deselected in byobu-config https://bugzilla.redhat.com/show_bug.cgi?id=1069419 [ 3 ] Bug #1055258 - byobu-5.73 is available https://bugzilla.redhat.com/show_bug.cgi?id=1055258 -------------------------------------------------------------------------------- ================================================================================ cryptsetup-1.6.4-1.fc19 (FEDORA-2014-3243) A utility for setting up encrypted disks -------------------------------------------------------------------------------- Update Information: Update to 1.6.4 version, see Release Notes https://www.kernel.org/pub/linux/utils/cryptsetup/v1.6/v1.6.4-ReleaseNotes -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 27 2014 Milan Broz <gmazyland@xxxxxxxxx> - 1.6.4-1 - Update to cryptsetup 1.6.4. * Tue Jan 7 2014 Ondrej Kozina <okozina@xxxxxxxxxx> - 1.6.3-2 - remove useless hmac checksum -------------------------------------------------------------------------------- ================================================================================ docker-io-0.8.1-1.fc19 (FEDORA-2014-3249) Automates deployment of containerized applications -------------------------------------------------------------------------------- Update Information: Bug 1066841 - upstream version bump to v0.8.1 -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 19 2014 Lokesh Mandvekar <lsm5@xxxxxxxxxx> - 0.8.1-1 - Bug 1066841 - upstream version bump to v0.8.1 - use sysvinit files from upstream contrib - BR golang >= 1.2-7 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1066841 - docker-io-0.8.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1066841 -------------------------------------------------------------------------------- ================================================================================ freeradius-2.2.3-7.fc19 (FEDORA-2014-3192) High-performance and highly configurable free RADIUS server -------------------------------------------------------------------------------- Update Information: Fix stack-based buffer overflow flaw in rlm_pap module: long password hashes used by the PAP module can cause a buffer overflow which may terminate the server. -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 21 2014 Nikolai Kondrashov <Nikolai.Kondrashov@xxxxxxxxxx> - 2.2.3-7 - Fix CVE-2014-2015 "freeradius: stack-based buffer overflow flaw in rlm_pap module" - resolves: bug#1066984 (fedora 1066763) * Tue Jan 14 2014 John Dennis <jdennis@xxxxxxxxxx> - 2.2.3-6 - Upgrade to upstream 2.2.3 release See /usr/share/doc/freeradius-2.2.3/ChangeLog for details -------------------------------------------------------------------------------- References: [ 1 ] Bug #1070427 - CVE-2014-2015 freeradius: stack-based buffer overflow flaw in rlm_pap module [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1070427 -------------------------------------------------------------------------------- ================================================================================ gfal2-2.5.5-1.fc19 (FEDORA-2014-3213) Grid file access library 2.0 -------------------------------------------------------------------------------- Update Information: Release 2.5.5 of GFAL2 -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 26 2014 Adrien Devresse <adevress at cern.ch> - 2.5.5-1 - Release 2.5.5 of GFAL2 -------------------------------------------------------------------------------- ================================================================================ ghc-shakespeare-js-1.1.2.1-1.fc19 (FEDORA-2014-3174) Compile-time variable interpolation for Javascript -------------------------------------------------------------------------------- Update Information: Compile-time variable interpolation for Javascript - http://hackage.haskell.org/package/shakespeare-js -------------------------------------------------------------------------------- References: [ 1 ] Bug #986641 - Review Request: ghc-shakespeare-js - Compile-time variable interpolation for Javascript https://bugzilla.redhat.com/show_bug.cgi?id=986641 -------------------------------------------------------------------------------- ================================================================================ ibus-anthy-1.5.5-2.fc19 (FEDORA-2014-3193) The Anthy engine for IBus input platform -------------------------------------------------------------------------------- Update Information: This update enables property icon for input mode on non-GNONE. -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 27 2014 Takao Fujiwara <tfujiwar@xxxxxxxxxx> - 1.5.5-2 - Updated ibus-anthy-HEAD.patch to enable property icon. -------------------------------------------------------------------------------- ================================================================================ kde-workspace-4.11.6-3.fc19 (FEDORA-2014-3179) KDE Workspace -------------------------------------------------------------------------------- Update Information: fix broken suspend/resume with systemd >= 209 (kdebug#331403) -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 26 2014 Lukáš Tinkl <ltinkl@xxxxxxxxxx> 4.11.6-3 - fix broken suspend/resume with systemd >= 209 (kdebug331403) -------------------------------------------------------------------------------- ================================================================================ libaccounts-glib-1.16-1.fc19 (FEDORA-2014-3164) Accounts framework for Linux and POSIX based platforms -------------------------------------------------------------------------------- Update Information: Update libaccounts-glib and libaccounts-qt to latest upstream release. -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 26 2014 Daniel Vrátil <dvratil@xxxxxxxxxx> - 1.16-1 - Latest upstream release - disable unit-tets on F19 (check on F19 is too old) * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ libaccounts-qt-1.11-1.fc19 (FEDORA-2014-3164) Accounts framework Qt bindings -------------------------------------------------------------------------------- Update Information: Update libaccounts-glib and libaccounts-qt to latest upstream release. -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 26 2014 Daniel Vrátil <dvratil@xxxxxxxxxx> - 1.11-1 - Upodate to 1.11 * Sat Dec 14 2013 Michael Schwendt <mschwendt@xxxxxxxxxxxxxxxxx> - 1.6-4 - Fix duplicate documentation (#1001255) - Add %?_isa to -devel base package dep - Remove %defattr * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.6-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ libqb-0.17.0-1.fc19 (FEDORA-2014-3173) An IPC library for high performance servers -------------------------------------------------------------------------------- Update Information: Rebase v0.17.0 -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 19 2014 David Vossel <dvossel@xxxxxxxxxx> - 0.17.0-1 Fix: build: Allow 'make rpm' to work with lightweight tags for release candidates Fix: spec: reference correct url in spec file Doc: update broken doxygen link to something that exists Bump version to 0.17.0 Low: ipc_socket: further optimize max msg size calculations for fbsd portability tests Low: ipc_socket: Allow socket max msg size to be calculated more accurately Fix: fixes travis compile time error Low: tests: Fixes compile time issue with make check High: ipcs: Prevent ipc server use after free. Low: ipc: Remove ipc connection reference given to dispatch functions High: ipc: Fixes memory leak in server connection accept when client partially connects IPC: Increase the listen backlog of IPC server Low: ipcs: Clarifications to the ipcs server callback documentation. Fix rb.test to avoid overwriting memory during reading. Low: example: Update client/server example to use server enforced buffer size Low: Client side buffer retrieval regression test Feature: New api function to retrieve client buffer size Low: check_ipc.c: Verify server enforced buffer sizes work Feature: Enforce buffer size limits on the server side Low: regession tests for regex log filters Feature: Filter logs using regex patter on function, format, or filename ipc_setup: Set SO_PASSCRED on listener socket Fix: log: Filtering by function and file must match exactly, no substring matches Low: blackbox: Abort blackbox logging on ringbuffer overwrite reclaim error High: ipcs: Api function allowing server to retrieve client connection's ipc buffer size Low: ringbuffer: Abort during chunk reclaim if OVERWRITE flag is set and reclaim fails. High: blackbox: unique blackbox ringbuffer files per pid Low: ipc_socket: Fixes fd leak in socket ipc client disconnection Use sizeof to get the correct size of the sockaddr_un sun_path member in a portable way. Fixes corosync on Mac OS X. Detect the max signal value that can be used using NSIG macro Avoid double-decrement of level->todo -------------------------------------------------------------------------------- ================================================================================ libtcd-2.2.6-1.fc19 (FEDORA-2014-3170) Tide Constituent Database Library -------------------------------------------------------------------------------- Update Information: New version 2.2.6 is released. -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 26 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 2.2.6-1 - 2.2.6 * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.2.5-5.r3.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ marble-4.11.5-2.fc19 (FEDORA-2014-3254) Virtual globe and world atlas -------------------------------------------------------------------------------- Update Information: This update fixes Marble to use the current API for the geonames.org web services, making the Wikipedia, weather, postal codes and earthquakes services work again. See https://bugs.kde.org/show_bug.cgi?id=331004 for details. -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 27 2014 Kevin Kofler <Kevin@xxxxxxxxxxxxxxxx> - 1:4.11.5-2 - apply upstream fix for geonames.org API change (kde#331004) -------------------------------------------------------------------------------- ================================================================================ ntfs-3g-2014.2.15-1.fc19 (FEDORA-2014-3245) Linux NTFS userspace driver -------------------------------------------------------------------------------- Update Information: Update to the latest stable ntfs-3g code. -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 26 2014 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> 2:2014.2.15-1 - update to 2014.2.15 * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2:2013.1.13-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #895431 - ntfs-3g-2014.2.15 is available https://bugzilla.redhat.com/show_bug.cgi?id=895431 -------------------------------------------------------------------------------- ================================================================================ perl-File-Slurp-Tiny-0.003-3.fc19 (FEDORA-2014-3195) A simple, sane and efficient file slurper -------------------------------------------------------------------------------- Update Information: This is the first Fedora/EPEL release of perl-File-Slurp-Tiny. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1064995 - Review Request: perl-File-Slurp-Tiny - A simple, sane and efficient file slurper https://bugzilla.redhat.com/show_bug.cgi?id=1064995 -------------------------------------------------------------------------------- ================================================================================ perl-Module-Extract-Namespaces-1.02-3.fc19 (FEDORA-2014-3205) Extract the package declarations from a module -------------------------------------------------------------------------------- Update Information: This is the first Fedora/EPEL release of perl-Module-Extract-Namespaces. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1069797 - Review Request: perl-Module-Extract-Namespaces - Extract the package declarations from a module https://bugzilla.redhat.com/show_bug.cgi?id=1069797 -------------------------------------------------------------------------------- ================================================================================ python-croniter-0.3.4-2.fc19 (FEDORA-2014-3246) Iteration for datetime object with cron like format -------------------------------------------------------------------------------- Update Information: - Iteration for datetime object with cron like format -------------------------------------------------------------------------------- References: [ 1 ] Bug #1068644 - Review Request: python-croniter - Iteration for datetime object with cron like format https://bugzilla.redhat.com/show_bug.cgi?id=1068644 -------------------------------------------------------------------------------- ================================================================================ python-pep8-1.4.6-2.fc19 (FEDORA-2014-3188) Python style guide checker -------------------------------------------------------------------------------- Update Information: rename py3 version of pep8 to python3-pep8 (rhbz#1060408) -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 26 2014 Matthias Runge <mrunge@xxxxxxxxxx> -1.4.6-2 - rename py3 version of pep8 to python3-pep8 (rhbz#1060408) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1060408 - Missing %{_bindir}/python3-pep8 https://bugzilla.redhat.com/show_bug.cgi?id=1060408 -------------------------------------------------------------------------------- ================================================================================ retrace-server-1.11-1.fc19 (FEDORA-2014-3156) Application for remote coredump analysis -------------------------------------------------------------------------------- Update Information: update to 1.11 -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 27 2014 Michal Toman <mtoman@xxxxxxxxxx> 1.11-1 - do not die trying to chmod a hardling - do not hardlink unpacked vmcores - print command line formatted correctly - allow submitting vmcores with spaces in file name - do not run makedumpfile when not necessary - allow to specify kernel VRA with custom cores - do not require the trailing slash in task manager URL - do not kill retrace-server-cleanup when retrace_log does not exist - cache kernel version into task directory - add support for ppc64, s390x - include floating point registers in userspace backtraces - execute ABRT's exploitability plugin if available -------------------------------------------------------------------------------- ================================================================================ rubygem-actionpack-3.2.13-5.fc19 (FEDORA-2014-3232) Web-flow and rendering framework putting the VC in MVC -------------------------------------------------------------------------------- Update Information: This fixes Ruby on Rails 3.2.17 security issues: - CVE-2014-0081 - CVE-2014-0082 Includes security patches for: - CVE-2013-6417 - Incomplete fix to CVE-2013-0155 (Unsafe Query Generation Risk) - CVE-2013-4491 - Reflective XSS Vulnerability in Ruby on Rails - CVE-2013-6415 - XSS Vulnerability in number_to_currency - CVE-2013-6414 - Denial of Service Vulnerability in Action View -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 26 2014 Josef Stribny <jstribny@xxxxxxxxxx> - 1:3.2.13-5 - Fix CVE-2014-0081 and CVE-2014-0082 -------------------------------------------------------------------------------- ================================================================================ rubygem-coderay-1.1.0-1.fc19 (FEDORA-2014-3159) Fast syntax highlighter engine for many programming languages -------------------------------------------------------------------------------- Update Information: - update to new version (1.0.1) -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 27 2014 Jan Klepek <jan.klepek at, gmail.com> - 1.1.0-1 - update to new version * Mon Aug 19 2013 Jan Klepek <jan.klepek at, gmail.com> - 1.0.7-1 - update to new version * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0.6-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #834993 - rubygem-coderay-1.1.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=834993 -------------------------------------------------------------------------------- ================================================================================ rubygem-gettext-3.1.1-1.fc19 (FEDORA-2014-3233) RubyGem of Localization Library and Tools for Ruby -------------------------------------------------------------------------------- Update Information: New version 3.1.1 is released. -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 27 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 3.1.1-1 - 3.1.1 -------------------------------------------------------------------------------- ================================================================================ scap-security-guide-0.1.5-1.fc19 (FEDORA-2014-3187) Security guidance and baselines in SCAP formats -------------------------------------------------------------------------------- Update Information: Update to upstream 0.1.5 version. -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 27 2014 Jan iankko Lieskovsky <jlieskov@xxxxxxxxxx> 0.1.5-1 - Fix fedora-srpm and fedora-rpm Make targets to work again - Include RHEL-6 and RHEL-7 datastream files to support remote RHEL system scans - EOL for Fedora 18 support - Include Fedora datastream file for remote Fedora system scans -------------------------------------------------------------------------------- References: [ 1 ] Bug #1070906 - [RFE] Generate datastream output format for Fedora SCAP content too (necessary for remote system scans) https://bugzilla.redhat.com/show_bug.cgi?id=1070906 -------------------------------------------------------------------------------- ================================================================================ sparse-0.5.0-1.fc19 (FEDORA-2014-3185) A semantic parser of source files -------------------------------------------------------------------------------- Update Information: This updates sparse to the latest upstream release. -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 26 2014 Jeff Layton <jlayton@xxxxxxxxxx> - 0.5.0-1 - update to v0.5.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1070485 - sparse 0.4.5-rc1 as shipped in Fedora is way too noisy on the kernel https://bugzilla.redhat.com/show_bug.cgi?id=1070485 -------------------------------------------------------------------------------- ================================================================================ testdisk-6.14-2.fc19.1 (FEDORA-2014-3245) Tool to check and undelete partition, PhotoRec recovers lost files -------------------------------------------------------------------------------- Update Information: Update to the latest stable ntfs-3g code. -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 27 2014 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 6.14-2.1 - rebuild for new ntfs-3g -------------------------------------------------------------------------------- References: [ 1 ] Bug #895431 - ntfs-3g-2014.2.15 is available https://bugzilla.redhat.com/show_bug.cgi?id=895431 -------------------------------------------------------------------------------- ================================================================================ tmux-1.9a-2.fc19 (FEDORA-2014-3252) A terminal multiplexer -------------------------------------------------------------------------------- Update Information: Fix rhbz #1069950, upstream [tmux:tickets] #105 New upstream release 1.9a New upstream release 1.9 -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 26 2014 Filipe Rosset <rosset.filipe@xxxxxxxxx> 1.9a-2 - Fix rhbz #1069950, upstream [tmux:tickets] #105 * Sun Feb 23 2014 Filipe Rosset <rosset.filipe@xxxxxxxxx> 1.9a-1 - New upstream release 1.9a * Sat Feb 22 2014 Filipe Rosset <rosset.filipe@xxxxxxxxx> 1.9-1 - New upstream release 1.9 - Fix rhbz #1067860 * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.8-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1069950 - tmux 1.9a instantly segfaults with MALLOC_CHECK_=2 https://bugzilla.redhat.com/show_bug.cgi?id=1069950 [ 2 ] Bug #1067860 - [RFE]: Please update the RPM scriptlet based on the new guideline https://bugzilla.redhat.com/show_bug.cgi?id=1067860 [ 3 ] Bug #1067908 - tmux-1.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1067908 -------------------------------------------------------------------------------- ================================================================================ tofrodos-1.7.13-2.fc19 (FEDORA-2014-3166) Converts text files between MSDOS and Unix file formats -------------------------------------------------------------------------------- Update Information: Wheels reinvented like unix2dos. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1063140 - Review Request: tofrodos - Converts text files between MSDOS and Unix file formats https://bugzilla.redhat.com/show_bug.cgi?id=1063140 -------------------------------------------------------------------------------- ================================================================================ tumbler-0.1.30-1.fc19 (FEDORA-2014-3157) D-Bus service for applications to request thumbnails -------------------------------------------------------------------------------- Update Information: Update to 0.1.30. Minor bugfixes and translation updates. -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 26 2014 Kevin Fenzi <kevin@xxxxxxxxx> 0.1.30-1 - Update to 0.1.30 * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.1.29-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1070201 - tumbler-0.1.30 is available https://bugzilla.redhat.com/show_bug.cgi?id=1070201 -------------------------------------------------------------------------------- ================================================================================ v8-3.14.5.10-6.fc19 (FEDORA-2014-3253) JavaScript Engine -------------------------------------------------------------------------------- Update Information: Common Vulnerabilities and Exposures assigned an identifier CVE-2013-6650 to the following vulnerability: Name: CVE-2013-6650 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6650 The StoreBuffer::ExemptPopularPages function in store-buffer.cc in Google V8 before 3.22.24.16, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors that trigger incorrect handling of "popular pages." -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 24 2014 Tomas Hrcka <thrcka@xxxxxxxxxx> - 1:3.14.5.10-6 - Backport fix for incorrect handling of popular pages (RHBZ#1059070; CVE-2013-6640) * Fri Feb 14 2014 T.C. Hollingsworth <tchollingsworth@xxxxxxxxx> - 1:3.14.5.10-5 - rebuild for icu-52 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1059070 - CVE-2013-6650 v8: incorrect handling of popular pages https://bugzilla.redhat.com/show_bug.cgi?id=1059070 -------------------------------------------------------------------------------- ================================================================================ xfdashboard-0.1.4-2.fc19 (FEDORA-2014-3190) GNOME shell like dashboard for Xfce -------------------------------------------------------------------------------- Update Information: Patch for enabling workspace switching added Update to version 0.1.4. This release also provides support for themes -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 25 2014 Mukundan Ragavan <nonamedotc@xxxxxxxxxxxxxxxxx> - 0.1.4-2 - Patch for enabling workspace switching added - Upstream bug - issue#1 on github * Mon Feb 24 2014 Mukundan Ragavan <nonamedotc@xxxxxxxxxxxxxxxxx> - 0.1.4-1 - Updated to the latest upstream version - Includes theming support (provides a default theme) -------------------------------------------------------------------------------- ================================================================================ yumex-3.0.14-1.fc19 (FEDORA-2014-3236) Yum Extender graphical package management tool -------------------------------------------------------------------------------- Update Information: Fix blank dialog on second time yumex is processing some actions -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 25 2014 Tim Lauridsen <timlau@xxxxxxxxxxxxxxxxx> 3.0.14-1 - bumped version to 3.0.14 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1023746 - Yumex Blanks Dialog On Second Process https://bugzilla.redhat.com/show_bug.cgi?id=1023746 -------------------------------------------------------------------------------- ================================================================================ zorba-2.9.1-4.fc19 (FEDORA-2014-3235) General purpose XQuery processor implemented in C++ -------------------------------------------------------------------------------- Update Information: - fix strtok(NULL, ...) on armv7hl and aarch64 (and ppc64 and s390x...) -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 25 2014 Kyle McMartin <kyle@xxxxxxxxxx> - 2.9.1-4 - fix strtok(NULL, ...) on armv7hl and aarch64 (and ppc64 and s390x...) * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.9.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Tue Jul 30 2013 Petr Machata <pmachata@xxxxxxxxxx> - 2.9.1-2 - Rebuild for boost 1.54.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1069294 - zorba fails to build for ARM https://bugzilla.redhat.com/show_bug.cgi?id=1069294 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
