The following Fedora 19 Security updates need testing: Age URL 159 https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glance-2013.1.4-1.fc19 96 https://admin.fedoraproject.org/updates/FEDORA-2013-24023/varnish-3.0.5-1.fc19 77 https://admin.fedoraproject.org/updates/FEDORA-2014-0797/libinfinity-0.5.5-1.fc19 50 https://admin.fedoraproject.org/updates/FEDORA-2014-2260/NetworkManager-ssh-0.9.2-0.2.20140209git46247c2.fc19 42 https://admin.fedoraproject.org/updates/FEDORA-2014-2710/zabbix-2.0.11-2.fc19 18 https://admin.fedoraproject.org/updates/FEDORA-2014-3839/udisks-1.0.4-12.fc19 12 https://admin.fedoraproject.org/updates/FEDORA-2014-4180/tigervnc-1.3.0-10.fc19 11 https://admin.fedoraproject.org/updates/FEDORA-2014-4208/ca-certificates-2013.1.97-1.fc19 11 https://admin.fedoraproject.org/updates/FEDORA-2014-4210/openstack-keystone-2013.1.5-2.fc19 7 https://admin.fedoraproject.org/updates/FEDORA-2014-4330/seamonkey-2.25-1.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-4424/xen-4.2.4-3.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-4454/perl-Authen-Captcha-1.024-1.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-4426/xalan-j2-2.7.1-22.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-4438/libyaml-0.1.6-1.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-4511/mediawiki-1.21.8-1.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-4462/munin-2.0.20-1.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-4517/perl-YAML-LibYAML-0.41-4.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4603/php-ZendFramework-1.12.5-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4636/php-ZendFramework2-2.2.6-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4676/a2ps-4.14-23.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4665/kernel-3.13.8-100.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4711/cups-filters-1.0.41-6.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4720/mod_security-2.7.5-3.fc19 The following Fedora 19 Critical Path updates have yet to be approved: Age URL 107 https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmarks-15-5.fc19 33 https://admin.fedoraproject.org/updates/FEDORA-2014-3245/testdisk-6.14-2.fc19.1,ntfs-3g-2014.2.15-1.fc19 12 https://admin.fedoraproject.org/updates/FEDORA-2014-4110/pango-1.34.1-3.fc19 12 https://admin.fedoraproject.org/updates/FEDORA-2014-4180/tigervnc-1.3.0-10.fc19 11 https://admin.fedoraproject.org/updates/FEDORA-2014-4216/selinux-policy-3.12.1-74.23.fc19 10 https://admin.fedoraproject.org/updates/FEDORA-2014-4228/nss-util-3.16.0-1.fc19,nss-softokn-3.16.0-1.fc19,nss-3.16.0-1.fc19 8 https://admin.fedoraproject.org/updates/FEDORA-2014-4292/xorg-x11-drv-synaptics-1.7.4-3.fc19 7 https://admin.fedoraproject.org/updates/FEDORA-2014-3970/kde-workspace-4.11.7-6.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-4384/cups-1.6.4-4.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-4486/ibus-1.5.6-2.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4692/bash-4.2.46-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4665/kernel-3.13.8-100.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4635/libvpx-1.3.0-4.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4624/xdg-utils-1.1.0-0.21.rc2.fc19 The following builds have been pushed to Fedora 19 updates-testing bacula-5.2.13-18.fc19 bash-4.2.46-1.fc19 cinnamon-2.0.14-16.fc19 cinnamon-session-2.0.6-1.fc19 cups-filters-1.0.41-6.fc19 esniper-2.29.0-1.fc19 iperf3-3.0.3-2.fc19 mate-desktop-1.6.2-2.fc19 mate-file-manager-1.6.4-2.fc19 mod_security-2.7.5-3.fc19 nodejs-jade-1.3.0-3.fc19 nodejs-supertest-0.9.0-1.fc19 subnetcalc-2.2.1-1.fc19 uglify-js-2.4.13-3.fc19 vdsm-4.13.4-0.fc19 xsane-0.999-11.fc19 yagf-0.9.3.1-1.fc19 Details about builds: ================================================================================ bacula-5.2.13-18.fc19 (FEDORA-2014-4726) Cross platform network backup for Linux, Unix, Mac and Windows -------------------------------------------------------------------------------- Update Information: Fix Nagios plugin directory dependency. -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Simone Caronni <negativo17@xxxxxxxxx> - 5.2.13-18 - Add missing requirement for Nagios plugin folder. - Update queryfile patch. - Update man pages patch. -------------------------------------------------------------------------------- ================================================================================ bash-4.2.46-1.fc19 (FEDORA-2014-4692) The GNU Bourne Again shell -------------------------------------------------------------------------------- Update Information: Bash upstream released an official patchlevel fixing regresions introduced in patchlevel 32. -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Ondrej Oprala <ooprala@xxxxxxxxxx> - 4.2.46-1 - Patchlevel 46 -------------------------------------------------------------------------------- ================================================================================ cinnamon-2.0.14-16.fc19 (FEDORA-2014-4712) Window management and application launching for GNOME -------------------------------------------------------------------------------- Update Information: - Fix cheese issue. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 2 2014 Leigh Scott <leigh123linux@xxxxxxxxxxxxxx> - 2.0.14-16 - add patch to disable xinput for cinnamon only (bz 873434) -------------------------------------------------------------------------------- References: [ 1 ] Bug #873434 - When cheese 3.6.1 is started the screen is black https://bugzilla.redhat.com/show_bug.cgi?id=873434 -------------------------------------------------------------------------------- ================================================================================ cinnamon-session-2.0.6-1.fc19 (FEDORA-2014-4712) Cinnamon session manager -------------------------------------------------------------------------------- Update Information: - Fix cheese issue. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 2 2014 Leigh Scott <leigh123linux@xxxxxxxxxxxxxx> - 2.0.6-1 - update to 2.0.6 - readd Br pangox-compat-devel for epel - add upstream fix for clutter xinput (bz 873434) * Mon Jan 13 2014 Leigh Scott <leigh123linux@xxxxxxxxxxxxxx> - 2.0.5-2 - make changes for epel7 -------------------------------------------------------------------------------- References: [ 1 ] Bug #873434 - When cheese 3.6.1 is started the screen is black https://bugzilla.redhat.com/show_bug.cgi?id=873434 -------------------------------------------------------------------------------- ================================================================================ cups-filters-1.0.41-6.fc19 (FEDORA-2014-4711) OpenPrinting CUPS filters and backends -------------------------------------------------------------------------------- Update Information: Update fixes remote command injection vulnerability in cups-browsed. This update removes unused pdftoopvp and urftopdf filters. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 2 2014 Jiri Popelka <jpopelka@xxxxxxxxxx> - 1.0.41-6 - Remote command injection in cups-browsed (bug #1083327). * Tue Mar 11 2014 Jiri Popelka <jpopelka@xxxxxxxxxx> - 1.0.41-5 - Don't ship pdftoopvp (#1027557) and urftopdf (#1002947). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1083326 - cups-filters: remote command injection in cups-browsed https://bugzilla.redhat.com/show_bug.cgi?id=1083326 -------------------------------------------------------------------------------- ================================================================================ esniper-2.29.0-1.fc19 (FEDORA-2014-4706) A lightweight console application for sniping eBay auctions -------------------------------------------------------------------------------- Update Information: This is a major update to fix bugs #647 .. #656 caused by ebay's changes to the login and bid pages. http://sourceforge.net/p/esniper/bugs/ -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 2 2014 Volker Fröhlich <volker27@xxxxxx> - 2.29.0-1 - New upstream release * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.28.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ iperf3-3.0.3-2.fc19 (FEDORA-2014-4721) Measurement tool for TCP/UDP bandwidth performance -------------------------------------------------------------------------------- Update Information: Moved static library to devel section only -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 2 2014 Susant Sahani <ssahani@xxxxxxxxxx> 3.0.3-2 - Moved static library to devel section only . * Sun Mar 30 2014 Susant Sahani <ssahani@xxxxxxxxxx> 3.0.3-1 - Update to 3.0.3 and added devel rpm support -------------------------------------------------------------------------------- ================================================================================ mate-desktop-1.6.2-2.fc19 (FEDORA-2014-4693) Shared code for mate-panel, mate-session, mate-file-manager, etc -------------------------------------------------------------------------------- Update Information: remove caja-autostart delay -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.6.2-2 - use modern 'make install' macro - remove caja-autostart gsettings override - move gtk-docs to -devel subpackage -------------------------------------------------------------------------------- ================================================================================ mate-file-manager-1.6.4-2.fc19 (FEDORA-2014-4693) File manager for MATE -------------------------------------------------------------------------------- Update Information: remove caja-autostart delay -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.6.4-2 - add upstream patch for fixing x-caja-windows issue - end of a long story :) - add remove-ck-usage upstream patch - don't use caja-autostart script anymore - switch back to matesession usage * Fri Mar 14 2014 Wolfgang Ulbrich <chat-to-me@xxxxxxxxx> - 1.6.4-1 - update to 1.6.4 release - remove non existent COPYING-DOCS file - add missing update-desktop-database rpm scriptlets - use modern 'make install' macro - clean spec file from using tabs and 'macro in comment' -------------------------------------------------------------------------------- ================================================================================ mod_security-2.7.5-3.fc19 (FEDORA-2014-4720) Security module for the Apache HTTP Server -------------------------------------------------------------------------------- Update Information: Fix Chunked string case sensitive issue (CVE-2013-5705, RHBZ #1082904 #1082905 #1082906) -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Athmane Madjoudj <athmane@xxxxxxxxxxxxxxxxx> 2.7.5-3 - Fix Chunked string case sensitive issue (CVE-2013-5705, RHBZ #1082904 #1082905 #1082906) * Sat Aug 3 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 2.7.5-2 - Perl 5.18 rebuild * Tue Jul 30 2013 Athmane Madjoudj <athmane@xxxxxxxxxxxxxxxxx> 2.7.5-1 - Update to 2.7.5 * Thu Jul 18 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 2.7.4-2 - Perl 5.18 rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1082904 - CVE-2013-5705 mod_security: bypass of intended rules via chunked requests https://bugzilla.redhat.com/show_bug.cgi?id=1082904 -------------------------------------------------------------------------------- ================================================================================ nodejs-jade-1.3.0-3.fc19 (FEDORA-2014-4730) Jade template engine for Node.js -------------------------------------------------------------------------------- Update Information: introduce symlink to /usr/bin/jade-nodejs -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Jamie Nguyen <jamielinux@xxxxxxxxxxxxxxxxx> - 1.3.0-3 - include _bindir/jade-nodejs -------------------------------------------------------------------------------- References: [ 1 ] Bug #1082964 - no commandline jade https://bugzilla.redhat.com/show_bug.cgi?id=1082964 -------------------------------------------------------------------------------- ================================================================================ nodejs-supertest-0.9.0-1.fc19 (FEDORA-2014-4705) A superagent driven library for testing HTTP servers -------------------------------------------------------------------------------- Update Information: initial package -------------------------------------------------------------------------------- ================================================================================ subnetcalc-2.2.1-1.fc19 (FEDORA-2014-4696) An IPv4/IPv6 Subnet Calculator -------------------------------------------------------------------------------- Update Information: IPv6 support fixed. -------------------------------------------------------------------------------- ChangeLog: * Sat Mar 15 2014 Christopher Meng <rpm@xxxxxxxx> - 2.2.1-1 - Update to 2.2.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1082322 - subnetcalc-2.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1082322 -------------------------------------------------------------------------------- ================================================================================ uglify-js-2.4.13-3.fc19 (FEDORA-2014-4714) JavaScript parser, mangler/compressor and beautifier toolkit -------------------------------------------------------------------------------- Update Information: pretrans script should run in js-uglify subpackage (#1082946) port to new multi-version and browser JavaScript guidelines -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 1 2014 Jamie Nguyen <jamielinux@xxxxxxxxxxxxxxxxx> - 2.4.13-3 - pretrans script should run in js-uglify subpackage (#1082946) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1082946 - Update from uglify-js-common to js-uglify fails https://bugzilla.redhat.com/show_bug.cgi?id=1082946 [ 2 ] Bug #1055177 - uglify-js should be using the proper system for packaging multiple npm versions https://bugzilla.redhat.com/show_bug.cgi?id=1055177 -------------------------------------------------------------------------------- ================================================================================ vdsm-4.13.4-0.fc19 (FEDORA-2014-4717) Virtual Desktop Server Manager -------------------------------------------------------------------------------- Update Information: vdsm-4.13.4 for ovirt-3.3.5 -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 2 2014 Douglas Schilling Landgraf <dougsland@xxxxxxxxxx> - 4.13.4 - vdsm-4.13.4 for ovirt-3.3.5 -------------------------------------------------------------------------------- ================================================================================ xsane-0.999-11.fc19 (FEDORA-2014-4132) X Window System front-end for the SANE scanner interface -------------------------------------------------------------------------------- Update Information: This update fixes a crash that could occur when receiving signals in short succession. Additionally, it fixes issues found during source code analysis. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 2 2014 Nils Philippsen <nils@xxxxxxxxxx> - 0.999-11 - fix coverity patch: ensure directories exist instead of indiscriminately attempting to create them (#1079586) * Wed Mar 19 2014 Nils Philippsen <nils@xxxxxxxxxx> - 0.999-10 - fix signal handling (#1073698) - fix issues found during static analysis that don't require far-reaching refactoring * Mon Sep 23 2013 Nils Philippsen <nils@xxxxxxxxxx> - 0.999-7 - get rid of ancient compat cruft - build against lcms2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1073698 - [abrt] xsane: sane_dll_close(): xsane killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1073698 [ 2 ] Bug #1079586 - xsane starts with a lot of error messages, and doesn't load saved configuration parameters https://bugzilla.redhat.com/show_bug.cgi?id=1079586 -------------------------------------------------------------------------------- ================================================================================ yagf-0.9.3.1-1.fc19 (FEDORA-2014-4718) Graphical front-end for cuneiform -------------------------------------------------------------------------------- Update Information: New 0.9.3.1 version. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 2 2014 Dmitrij S. Kryzhevich <krege@xxxxxxx> 0.9.3.1-1 - Update to 0.9.3.1. * Sat Feb 22 2014 Dmitrij S. Kryzhevich <krege@xxxxxxx> 0.9.3-1 - Update to 0.9.3. - Fix prev. bogus dates (Thu -> Tue). * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.9.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
