The following Fedora 19 Security updates need testing: Age URL 145 https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glance-2013.1.4-1.fc19 82 https://admin.fedoraproject.org/updates/FEDORA-2013-24023/varnish-3.0.5-1.fc19 63 https://admin.fedoraproject.org/updates/FEDORA-2014-0797/libinfinity-0.5.5-1.fc19 36 https://admin.fedoraproject.org/updates/FEDORA-2014-2260/NetworkManager-ssh-0.9.2-0.2.20140209git46247c2.fc19 33 https://admin.fedoraproject.org/updates/FEDORA-2014-2439/maradns-2.0.09-1.fc19 28 https://admin.fedoraproject.org/updates/FEDORA-2014-2710/zabbix-2.0.11-2.fc19 26 https://admin.fedoraproject.org/updates/FEDORA-2014-2825/postgresql-9.2.7-1.fc19 11 https://admin.fedoraproject.org/updates/FEDORA-2014-3589/file-5.11-13.fc19 7 https://admin.fedoraproject.org/updates/FEDORA-2014-3771/cups-filters-1.0.41-5.fc19 7 https://admin.fedoraproject.org/updates/FEDORA-2014-3782/jansson-2.6-1.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-3812/springframework-security-3.1.6-1.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-3791/libmodplug-0.8.8.5-1.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-3815/samba-4.0.16-1.fc19 4 https://admin.fedoraproject.org/updates/FEDORA-2014-3947/lighttpd-1.4.35-1.fc19 4 https://admin.fedoraproject.org/updates/FEDORA-2014-3891/perltidy-20130922-1.fc19 4 https://admin.fedoraproject.org/updates/FEDORA-2014-3839/udisks-1.0.4-12.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4081/v8-3.14.5.10-7.fc19 The following Fedora 19 Critical Path updates have yet to be approved: Age URL 93 https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmarks-15-5.fc19 19 https://admin.fedoraproject.org/updates/FEDORA-2014-3245/testdisk-6.14-2.fc19.1,ntfs-3g-2014.2.15-1.fc19 13 https://admin.fedoraproject.org/updates/FEDORA-2014-3450/bind-9.9.3-15.P2.fc19 11 https://admin.fedoraproject.org/updates/FEDORA-2014-3605/abrt-2.2.0-1.fc19,libreport-2.2.0-1.fc19 11 https://admin.fedoraproject.org/updates/FEDORA-2014-3619/ibus-1.5.6-1.fc19 9 https://admin.fedoraproject.org/updates/FEDORA-2014-3340/gdisk-0.8.10-2.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-3815/samba-4.0.16-1.fc19 4 https://admin.fedoraproject.org/updates/FEDORA-2014-3855/procps-ng-3.3.8-12.fc19 4 https://admin.fedoraproject.org/updates/FEDORA-2014-3840/libosinfo-0.2.9-1.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-3970/kde-workspace-4.11.7-4.fc19 1 https://admin.fedoraproject.org/updates/FEDORA-2014-3996/lcms2-2.6-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4090/thunderbird-24.4.0-1.fc19,firefox-28.0-2.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4071/nspr-4.10.4-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4059/fftw-3.3.4-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4058/audit-2.3.5-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4079/linux-firmware-20140317-35.gitdec41bce.fc19 The following builds have been pushed to Fedora 19 updates-testing SDL2-2.0.3-1.fc19 bodhi-0.9.9-1.fc19 fedora-packager-0.5.10.3-1.fc19 firefox-28.0-2.fc19 glyphicons-halflings-fonts-3.1.0-2.20140211git728067b.fc19 lv2-artyfx-plugins-1.1-0.1.20140317git1dc4f00.fc19 nginx-1.4.7-1.fc19 nodejs-async-0.2.10-1.fc19 openscap-1.0.6-1.fc19 python-html5lib-0.999-2.fc19 thunderbird-24.4.0-1.fc19 v8-3.14.5.10-7.fc19 wdiff-1.2.1-2.fc19 Details about builds: ================================================================================ SDL2-2.0.3-1.fc19 (FEDORA-2014-4094) A cross-platform multimedia library -------------------------------------------------------------------------------- Update Information: 2.0.3 upstream release 2.0.2 upstream release; enable wayland backend -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 19 2014 Igor Gnatenko <i.gnatenko.brain@xxxxxxxxx> - 2.0.3-1 - 2.0.3 upstream release * Sat Mar 8 2014 Igor Gnatenko <i.gnatenko.brain@xxxxxxxxx> - 2.0.2-1 - 2.0.2 upstream release - Enable wayland backend -------------------------------------------------------------------------------- References: [ 1 ] Bug #1077635 - SDL2-2.0.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1077635 -------------------------------------------------------------------------------- ================================================================================ bodhi-0.9.9-1.fc19 (FEDORA-2014-4082) A modular framework that facilitates publishing software updates -------------------------------------------------------------------------------- Update Information: **Summary of major changes** * Reset the karma to 0 when new builds are added to an existing update (Mathieu Bridon) https://fedorahosted.org/fesco/ticket/1238 https://fedorahosted.org/bodhi/ticket/388 * Disable karma automatism upon AutoQA test failures (Luke Macken) https://fedorahosted.org/fesco/ticket/1242 https://github.com/fedora-infra/bodhi/issues/36 * Do not trigger the stablekarma threshold if the update is being pushed (Luke Macken) https://fedorahosted.org/bodhi/ticket/649 * Prefix the updateinfo file with its hash in the repo metadata (Mathieu Bridon) https://github.com/fedora-infra/bodhi/pull/35 * Fixed a bug in querying the RPM changelogs, which are used in the update announcement (Mathieu Bridon) https://github.com/fedora-infra/bodhi/pull/38 -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 14 2014 Luke Macken <lmacken@xxxxxxxxxx> - 0.9.9-1 - Update to 0.9.9 * Wed Feb 19 2014 Luke Macken <lmacken@xxxxxxxxxx> - 0.9.8-2 - Remove the python-simplejson requirement (#1060234) -------------------------------------------------------------------------------- ================================================================================ fedora-packager-0.5.10.3-1.fc19 (FEDORA-2014-4093) Tools for setting up a fedora maintainer environment -------------------------------------------------------------------------------- Update Information: Fix fedora-burn-yubikey to work properly with slot 2 -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 18 2014 Nick Bebout <nb@xxxxxxxxxxxxxxxxx> - 0.5.10.3-1 - fix fedora-burn-yubikey script to work with slot 2 * Thu Dec 5 2013 Denis Gilmore <dennis@xxxxxxxx> - 0.5.10.2-1 - update to 0.5.10.2 - drop sparc support * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.5.10.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ firefox-28.0-2.fc19 (FEDORA-2014-4090) Mozilla Firefox Web browser -------------------------------------------------------------------------------- Update Information: New upstream version - Firefox 28.0, Thunderbird 24.4.0. It needs a new nspr-4.10.4 package, so please give karma to those updates: https://admin.fedoraproject.org/updates/FEDORA-2014-4071/nspr-4.10.4-1.fc19 https://admin.fedoraproject.org/updates/FEDORA-2014-4067/nspr-4.10.4-1.fc20 Thanks! -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 19 2014 Martin Stransky <stransky@xxxxxxxxxx> - 28.0-2 - NSS version up, disable arm for now * Tue Mar 18 2014 Martin Stransky <stransky@xxxxxxxxxx> - 28.0-1 - Update to 28.0 * Thu Mar 6 2014 Martin Stransky <stransky@xxxxxxxxxx> - 27.0.1-2 - Removed needless build patch -------------------------------------------------------------------------------- ================================================================================ glyphicons-halflings-fonts-3.1.0-2.20140211git728067b.fc19 (FEDORA-2014-4098) Precisely prepared monochromatic icons and symbols -------------------------------------------------------------------------------- Update Information: A new iconic font designed for web applications. -------------------------------------------------------------------------------- ================================================================================ lv2-artyfx-plugins-1.1-0.1.20140317git1dc4f00.fc19 (FEDORA-2014-4101) A collection of LV2 RT plugins -------------------------------------------------------------------------------- Update Information: This 1.1 release of OpenAV's ArtyFx plugins introduces three new effects. Refer to http://openavproductions.com/artyfx/ for details on the new Satma, Kuiza and Della plugins -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 19 2014 Brendan Jones <brendan.jones.it@xxxxxxxxx> 1.1-0.1.git - 1.1 Update, new plugins -------------------------------------------------------------------------------- ================================================================================ nginx-1.4.7-1.fc19 (FEDORA-2014-4104) A high performance web server and reverse proxy server -------------------------------------------------------------------------------- Update Information: Update to upstream release 1.4.7. A heap memory buffer overflow was found in the ngx_http_spdy_module, potentially resulting in arbitrary code execution, but this does not affect nginx on Fedora/EPEL. A bug in the "fastcgi_next_upstream" directive was also resolved with this update. * http://nginx.org/en/CHANGES-1.4 -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 18 2014 Jamie Nguyen <jamielinux@xxxxxxxxxxxxxxxxx> - 1:1.4.7-1 - update to upstream release 1.4.7 -------------------------------------------------------------------------------- ================================================================================ nodejs-async-0.2.10-1.fc19 (FEDORA-2014-4089) Higher-order functions and common patterns for asynchronous code -------------------------------------------------------------------------------- Update Information: This update resolves an incompatibility when this module is used with IE10 via browserify and resolves some issues with documentation and examples. -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 18 2014 Zbigniew Jędrzejewski-Szmek <zbyszek@xxxxxxxxx> - 0.2.10-1 - update to upstream release 0.2.10 (#1057505) * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.9-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1057505 - [PATCH] nodejs-async-0.2.10 is available https://bugzilla.redhat.com/show_bug.cgi?id=1057505 -------------------------------------------------------------------------------- ================================================================================ openscap-1.0.6-1.fc19 (FEDORA-2014-4095) Set of open source libraries enabling integration of the SCAP line of standards -------------------------------------------------------------------------------- Update Information: upgrade upgrade -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 19 2014 Šimon Lukašík <slukasik@xxxxxxxxxx> - 1.0.6-1 - upgrade * Fri Mar 14 2014 Šimon Lukašík <slukasik@xxxxxxxxxx> - 1.0.5-1 - upgrade -------------------------------------------------------------------------------- ================================================================================ python-html5lib-0.999-2.fc19 (FEDORA-2014-4097) A python based HTML parser/tokenizer -------------------------------------------------------------------------------- Update Information: "six" module is a runtime requirement -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 12 2014 Dan Scott <dan@xxxxxxxxxxxxxx> - 0.999-2 - "six" module is a runtime requirement * Sat Mar 1 2014 Praveen Kumar <kumarpraveen.nitdgp@xxxxxxxxx> 0.999-1 - Added epoch information * Wed Feb 26 2014 Dan Scott <dan@xxxxxxxxxxxxxx> - 0.999-1 - Updated for new version - Fixed bogus dates in changelog * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0b2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Mon Jul 8 2013 Praveen Kumar <kumarpraveen.nitdgp@xxxxxxxxx> - 1.0b2-2 - Updated python3 support which accidently removed from previous revision. * Mon Jul 8 2013 Praveen Kumar <kumarpraveen.nitdgp@xxxxxxxxx> - 1.0b2-1 - Updated new source -------------------------------------------------------------------------------- References: [ 1 ] Bug #1075783 - python-html5lib requires six module https://bugzilla.redhat.com/show_bug.cgi?id=1075783 -------------------------------------------------------------------------------- ================================================================================ thunderbird-24.4.0-1.fc19 (FEDORA-2014-4090) Mozilla Thunderbird mail/newsgroup client -------------------------------------------------------------------------------- Update Information: New upstream version - Firefox 28.0, Thunderbird 24.4.0. It needs a new nspr-4.10.4 package, so please give karma to those updates: https://admin.fedoraproject.org/updates/FEDORA-2014-4071/nspr-4.10.4-1.fc19 https://admin.fedoraproject.org/updates/FEDORA-2014-4067/nspr-4.10.4-1.fc20 Thanks! -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 18 2014 Jan Horak <jhorak@xxxxxxxxxx> - 24.4.0-1 - Update to 24.4.0 -------------------------------------------------------------------------------- ================================================================================ v8-3.14.5.10-7.fc19 (FEDORA-2014-4081) JavaScript Engine -------------------------------------------------------------------------------- Update Information: Common Vulnerabilities and Exposures assigned an identifier CVE-2014-1704 to the following vulnerability: URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1704 Multiple unspecified vulnerabilities in Google V8 before 3.23.17.18, as used in Google Chrome before 33.0.1750.149, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Only one vulnerability in this CVE affects v8-3.14.5.10 in Fedora. This update fixes the vulnerability involving unsigned integer arithmetic. -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 18 2014 T.C. Hollingsworth <tchollingsworth@xxxxxxxxx> - 1:3.14.5.10-7 - backport fix for unsigned integer arithmetic (RHBZ#1077136; CVE-2014-1704) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1077136 - CVE-2014-1704 v8: multiple vulnerabilities in v8 fixed in Google Chrome version 33.0.1750.149 https://bugzilla.redhat.com/show_bug.cgi?id=1077136 -------------------------------------------------------------------------------- ================================================================================ wdiff-1.2.1-2.fc19 (FEDORA-2014-4099) A front-end to GNU diff -------------------------------------------------------------------------------- Update Information: Updated to latest version -------------------------------------------------------------------------------- ChangeLog: * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.2.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Thu Mar 14 2013 Praveen Kumar <kumarpraveen.nitdgp@xxxxxxxxx> 1.2.1-1 - New release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1077596 - mdiff crash https://bugzilla.redhat.com/show_bug.cgi?id=1077596 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
