The following Fedora 19 Security updates need testing: Age URL 170 https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glance-2013.1.4-1.fc19 107 https://admin.fedoraproject.org/updates/FEDORA-2013-24023/varnish-3.0.5-1.fc19 53 https://admin.fedoraproject.org/updates/FEDORA-2014-2710/zabbix-2.0.11-2.fc19 12 https://admin.fedoraproject.org/updates/FEDORA-2014-4676/a2ps-4.14-23.fc19 11 https://admin.fedoraproject.org/updates/FEDORA-2014-4711/cups-filters-1.0.41-6.fc19 10 https://admin.fedoraproject.org/updates/FEDORA-2014-4745/ansible-1.5.4-1.fc19 5 https://admin.fedoraproject.org/updates/FEDORA-2014-4928/cacti-0.8.8b-5.fc19 5 https://admin.fedoraproject.org/updates/FEDORA-2014-4960/jbigkit-2.0-9.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-5024/smb4k-1.1.1-2.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-5004/httpd-2.4.9-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4975/json-c-0.11-6.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-5028/wordpress-3.8.2-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-5031/elfutils-0.158-3.fc19 The following Fedora 19 Critical Path updates have yet to be approved: Age URL 118 https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmarks-15-5.fc19 45 https://admin.fedoraproject.org/updates/FEDORA-2014-3245/testdisk-6.14-2.fc19.1,ntfs-3g-2014.2.15-1.fc19 12 https://admin.fedoraproject.org/updates/FEDORA-2014-4635/libvpx-1.3.0-4.fc19 8 https://admin.fedoraproject.org/updates/FEDORA-2014-4855/koji-1.9.0-1.fc19 5 https://admin.fedoraproject.org/updates/FEDORA-2014-4934/procps-ng-3.3.8-13.fc19 5 https://admin.fedoraproject.org/updates/FEDORA-2014-4900/libreport-2.2.1-1.fc19 5 https://admin.fedoraproject.org/updates/FEDORA-2014-4915/kde-workspace-4.11.8-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-5031/elfutils-0.158-3.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-4975/json-c-0.11-6.fc19 The following builds have been pushed to Fedora 19 updates-testing ReviewBoard-1.7.24-1.fc19 armadillo-4.200.0-1.fc19 copr-cli-1.32-1.fc19 elfutils-0.158-3.fc19 homerun-1.2.3-1.fc19 httpd-2.4.9-1.fc19 ibus-table-1.5.0.20140409-1.fc19 jd-2.8.8-0.2.beta140329.fc19 json-c-0.11-6.fc19 lcgdm-1.8.8-4.fc19 libcdr-0.0.16-1.fc19 mingw-openssl-1.0.1e-6.fc19 mirall-1.5.3-3.fc19 oxygen-gtk2-1.4.5-1.fc19 perl-Starlet-0.21-2.fc19 pynag-0.8.5-1.fc19 python-djblets-0.7.29-1.fc19 python-pexpect-3.1-1.fc19 rubygem-cairo-1.12.9-1.fc19 rubygem-domain_name-0.5.18-2.fc19 rubygem-hikidoc-0.1.0-1.fc19 rubygem-mini_portile-0.5.3-1.fc19 rubygem-sequel-4.9.0-1.fc19 rubygem-unf-0.1.4-2.fc19 smb4k-1.1.1-2.fc19 supybot-fedora-0.2.14-3.fc19 wine-1.7.16-2.fc19 wordpress-3.8.2-1.fc19 yash-2.36-1.fc19 Details about builds: ================================================================================ ReviewBoard-1.7.24-1.fc19 (FEDORA-2014-4981) Web-based code review tool -------------------------------------------------------------------------------- Update Information: http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.23/ http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.24/ Includes utilities to help automate Github token migration in the wake of the heartbleed vulnerability. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Stephen Gallagher <sgallagh@xxxxxxxxxx> 1.7.24-1 - - New upstream bugfix release 1.7.24 - http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.24 * Wed Apr 9 2014 Stephen Gallagher <sgallagh@xxxxxxxxxx> 1.7.23-1 - New upstream bugfix release 1.7.23 - http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.23 -------------------------------------------------------------------------------- ================================================================================ armadillo-4.200.0-1.fc19 (FEDORA-2014-5032) Fast C++ matrix library with interfaces to LAPACK and ATLAS -------------------------------------------------------------------------------- Update Information: This is latest stable release that features: * faster transpose of sparse matrices * more efficient handling of aliasing during matrix multiplication * faster inverse of matrices marked as diagonal -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 José Matos <jamatos@xxxxxxxxxxxxxxxxx> - 4.200.0-1 - update to 4.200.0 -------------------------------------------------------------------------------- ================================================================================ copr-cli-1.32-1.fc19 (FEDORA-2014-5037) Command line interface for COPR -------------------------------------------------------------------------------- Update Information: Initial release of new package after split of all Copr packages. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1077792 - Review Request: copr-cli - Command line interface for COPR https://bugzilla.redhat.com/show_bug.cgi?id=1077792 -------------------------------------------------------------------------------- ================================================================================ elfutils-0.158-3.fc19 (FEDORA-2014-5031) A collection of utilities and DSOs to handle compiled objects -------------------------------------------------------------------------------- Update Information: Fix CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw. Update to 0.158. Support for aarch64. Unwinder support for i386, x86_64, s390, s390x, ppc and ppc64. Add eu-stack. -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 10 2014 Mark Wielaard <mjw@xxxxxxxxxx> - 0.158-3 - Add elfutils-0.158-CVE-2014-0172.patch (#1085729) * Tue Mar 11 2014 Mark Wielaard <mjw@xxxxxxxxxx> - 0.158-2 - Add elfutils-0.158-mod-e_type.patch. * Mon Jan 6 2014 Mark Wielaard <mjw@xxxxxxxxxx> - 0.158-1 - Update to 0.158. Remove all patches now upstream. Add eu-stack. * Thu Dec 19 2013 Mark Wielaard <mjw@xxxxxxxxxx> - 0.157-4 - Add elfutils-0.157-aarch64-got-special-symbol.patch. - Remove -Werror=format-security from RPM_OPT_FLAGS. * Fri Dec 13 2013 Petr Machata <pmachata@xxxxxxxxxx> - 0.157-3 - Add upstream support for aarch64 * Wed Oct 9 2013 Mark Wielaard <mjw@xxxxxxxxxx> 0.157-2 - Show tests/test-suite.log in build.log when make check fails. * Mon Sep 30 2013 Mark Wielaard <mjw@xxxxxxxxxx> 0.157-1 - Update to 0.157. - Remove elfutils-0.156-abi_cfi-ppc-s390-arm.patch. - Remove elfutils-0.156-et_dyn-kernels.patch. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1085663 - CVE-2014-0172 elfutils: integer overflow, leading to a heap-based buffer overflow in libdw https://bugzilla.redhat.com/show_bug.cgi?id=1085663 -------------------------------------------------------------------------------- ================================================================================ homerun-1.2.3-1.fc19 (FEDORA-2014-5016) KDE Application Launcher -------------------------------------------------------------------------------- Update Information: Homerun update made on master by Rex Dieter -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 8 2014 Rex Dieter <rdieter@xxxxxxxxxxxxxxxxx> 1.2.3-1 - 1.2.3 -------------------------------------------------------------------------------- ================================================================================ httpd-2.4.9-1.fc19 (FEDORA-2014-5004) Apache HTTP Server -------------------------------------------------------------------------------- Update Information: This update contains the latest release of the Apache HTTP Server, version 2.4.9. Numerous bug fixes and minor enhancements are included; for more information see: http://www.apache.org/dist/httpd/CHANGES_2.4.9 -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Jan Kaluza <jkaluza@xxxxxxxxxx> - 2.4.9-1 - update to 2.4.9 - add support for SetHandler + proxy (#1078970) - fix graceful restart using legacy actions - conflict with pre-1.5.0 APR -------------------------------------------------------------------------------- References: [ 1 ] Bug #1077867 - CVE-2013-6438 httpd: mod_dav denial of service via crafted DAV WRITE request https://bugzilla.redhat.com/show_bug.cgi?id=1077867 [ 2 ] Bug #1077871 - CVE-2014-0098 httpd: mod_log_config does not properly handle logging certain cookies resulting in DoS https://bugzilla.redhat.com/show_bug.cgi?id=1077871 -------------------------------------------------------------------------------- ================================================================================ ibus-table-1.5.0.20140409-1.fc19 (FEDORA-2014-4994) The Table engine for IBus platform -------------------------------------------------------------------------------- Update Information: Make toggling pinyin mode with the right shift key work, Make usage of engine name and dconf key consistent, Don’t switch off pinyin mode in clear() Fix a regression caused by the Python3 port in tabcreatedb.py (This fixes the build of ibus-table-chinese) -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Mike FABIAN <mfabian@xxxxxxxxxx> - 1.5.0.20140409-1 - Make toggling pinyin mode with the right shift key work - Don’t try to colour system phrases and user phrases differently in pinyin mode - Resolves: rhbz#1084684 - Don’t switch off pinyin mode in clear() - Make usage of engine name and dconf key consistent * Wed Apr 2 2014 Mike FABIAN <mfabian@xxxxxxxxxx> - 1.5.0.20140402-1 - Fix a regression caused by the Python3 port in tabcreatedb.py (This fixes the build of ibus-table-chinese) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1084684 - [abrt] ibus-table: table.py:670:ap_candidate:TypeError: unorderable types: str() < int() https://bugzilla.redhat.com/show_bug.cgi?id=1084684 -------------------------------------------------------------------------------- ================================================================================ jd-2.8.8-0.2.beta140329.fc19 (FEDORA-2014-5012) A 2ch browser -------------------------------------------------------------------------------- Update Information: New version 2.8.8 beta140329 is released, including rokka handling -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 2.8.8-0.2.beta140329 - 2.8.8 beta140329 * Thu Feb 6 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - Update to the latest trunk -------------------------------------------------------------------------------- ================================================================================ json-c-0.11-6.fc19 (FEDORA-2014-4975) A JSON implementation in C -------------------------------------------------------------------------------- Update Information: Address CVE-2013-6370 and CVE-2013-6371. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Susi Lehtola <jussilehtola@xxxxxxxxxxxxxxxxx> - 0.11-7 - Address CVE-2013-6371 and CVE-2013-6370 (BZ #1085676 and #1085677). - Enabled rdrand support. * Mon Feb 10 2014 Susi Lehtola <jussilehtola@xxxxxxxxxxxxxxxxx> - 0.11-6 - Bump spec. * Sat Dec 21 2013 Ville Skyttä <ville.skytta@xxxxxx> - 0.11-5 - Run test suite during build. - Drop empty NEWS from docs. * Tue Sep 10 2013 Susi Lehtola <jussilehtola@xxxxxxxxxxxxxxxxx> - 0.11-4 - Remove default warning flags so that package builds on EPEL as well. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1032311 - CVE-2013-6371 json-c: hash collision DoS https://bugzilla.redhat.com/show_bug.cgi?id=1032311 [ 2 ] Bug #1032322 - CVE-2013-6370 json-c: buffer overflow if size_t is larger than int https://bugzilla.redhat.com/show_bug.cgi?id=1032322 -------------------------------------------------------------------------------- ================================================================================ lcgdm-1.8.8-4.fc19 (FEDORA-2014-4992) LHC Computing Grid Data Management -------------------------------------------------------------------------------- Update Information: Patches for dpm-listspaces Backported patch for GLOBUS_THREAD_MODEL Update for new upstream release 1.8.8 Update for new upstream release 1.8.8 Backported patch for GLOBUS_THREAD_MODEL Update for new upstream release 1.8.8 Update for new upstream release 1.8.8 -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Alejandro Alvarez <aalvarez@xxxxxxx> - 1.8.8-4 - Patch: LCGDM-1380 and LCGDM-1386 -------------------------------------------------------------------------------- ================================================================================ libcdr-0.0.16-1.fc19 (FEDORA-2014-5033) A library providing ability to interpret and import CorelDRAW drawings -------------------------------------------------------------------------------- Update Information: New upstream release. Adds support for files created by Corel Draw X7. Fixes some bugs related to closed paths with multiple components. -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 10 2014 David Tardon <dtardon@xxxxxxxxxx> - 0.0.16-1 - new upstream release * Wed Apr 9 2014 David Tardon <dtardon@xxxxxxxxxx> - 0.0.15-2 - generate man pages * Sat Apr 5 2014 David Tardon <dtardon@xxxxxxxxxx> - 0.0.15-1 - new upstream release * Thu Feb 13 2014 David Tardon <dtardon@xxxxxxxxxx> - 0.0.14-6 - rebuild for new ICU * Fri Aug 30 2013 David Tardon <dtardon@xxxxxxxxxx> - 0.0.14-5 - Resolves: rhbz#1001251 duplicate documentation files / potentially conflicting * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.0.14-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Tue Jul 30 2013 Petr Machata <pmachata@xxxxxxxxxx> - 0.0.14-3 - Rebuild for boost 1.54.0 * Tue May 21 2013 David Tardon <dtardon@xxxxxxxxxx> - 0.0.14-2 - add public domain to licenses -------------------------------------------------------------------------------- ================================================================================ mingw-openssl-1.0.1e-6.fc19 (FEDORA-2014-4999) MinGW port of the OpenSSL toolkit -------------------------------------------------------------------------------- Update Information: Fixes CVE-2014-0160 (RHBZ #1085066) -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Erik van Pienbroek <epienbro@xxxxxxxxxxxxxxxxx> - 1.0.1e-6 - Synced patches with native openssl-1.0.1e-44.fc21 - Fixes CVE-2014-0160 (RHBZ #1085066) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1085066 - CVE-2014-0160 mingw-openssl: openssl: information disclosure in handling of TLS heartbeat extension packets [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1085066 -------------------------------------------------------------------------------- ================================================================================ mirall-1.5.3-3.fc19 (FEDORA-2014-5023) The ownCloud Client -------------------------------------------------------------------------------- Update Information: Use system qtlockedfile and qtsingleapplication instead of bundled ones Fixed by Ville Skyttä -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 20 2014 Ville Skyttä <ville.skytta@xxxxxx> - 1.5.3-3 - Use system qtlockedfile and qtsingleapplication instead of bundled ones -------------------------------------------------------------------------------- ================================================================================ oxygen-gtk2-1.4.5-1.fc19 (FEDORA-2014-5030) Oxygen GTK+2 theme -------------------------------------------------------------------------------- Update Information: oxygen-gtk2 1.4.5 Improvements include: - fix bluring behind tooltips in KDE on 64 bits machines - improve detection of empty areas for window dragging - re-enabling shadows behind menus and window background for recent libreoffice versions - fix calculation of the tabs area, that was creating infinite repaint loop under certain conditions https://projects.kde.org/news/260 -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 10 2014 Alexey Kurov <nucleo@xxxxxxxxxxxxxxxxx> - 1.4.5-1 - oxygen-gtk2-1.4.5 * Sat Mar 8 2014 Alexey Kurov <nucleo@xxxxxxxxxxxxxxxxx> - 1.4.4-1 - oxygen-gtk2-1.4.4 * Fri Jan 24 2014 Alexey Kurov <nucleo@xxxxxxxxxxxxxxxxx> - 1.4.3-1 - oxygen-gtk2-1.4.3 -------------------------------------------------------------------------------- ================================================================================ perl-Starlet-0.21-2.fc19 (FEDORA-2014-4974) Simple, high-performance PSGI/Plack HTTP server -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 0.21-2 - Add BR: perl(Plack::Test) (RHBZ#1085230). - Minor spec file modernization. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1085230 - perl-Starlet-0.21-1.fc21 FTBFS https://bugzilla.redhat.com/show_bug.cgi?id=1085230 -------------------------------------------------------------------------------- ================================================================================ pynag-0.8.5-1.fc19 (FEDORA-2014-4997) Python modules and utilities for Nagios plugins and configuration -------------------------------------------------------------------------------- Update Information: Updated to latest upstream version -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 10 2014 Tomas Edwardsson <tommi@xxxxxxxxx> 0.8.5-1 - Updated to latest upstream version * Mon Jan 6 2014 Tomas Edwardsson <tommi@xxxxxxxxx> 0.7.0-2 - Update invalid changelog entries -------------------------------------------------------------------------------- ================================================================================ python-djblets-0.7.29-1.fc19 (FEDORA-2014-4981) A collection of useful classes and functions for Django -------------------------------------------------------------------------------- Update Information: http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.23/ http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.24/ Includes utilities to help automate Github token migration in the wake of the heartbleed vulnerability. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Stephen Gallagher <sgallagh@xxxxxxxxxx> 0.7.29-1 - New upstream release 0.7.29 - http://downloads.reviewboard.org/releases/Djblets/0.7/Djblets-0.7.29.NEWS * Fri Feb 21 2014 Stephen Gallagher <sgallagh@xxxxxxxxxx> 0.7.28-2 - Generate requires.txt with values appropriate for Fedora -------------------------------------------------------------------------------- ================================================================================ python-pexpect-3.1-1.fc19 (FEDORA-2014-5017) Unicode-aware Pure Python Expect-like module -------------------------------------------------------------------------------- Update Information: Update to the latest upstream - 3.1. -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 8 2014 Fabian Deutsch <fabiand@xxxxxxxxxxxxxxxxx> - 3.1-1 - Update to 3.1 * Tue Nov 12 2013 Thomas Spura <tomspur@xxxxxxxxxxxxxxxxx> - 3.0-1 - update to 3.0 * Wed Oct 30 2013 Thomas Spura <tomspur@xxxxxxxxxxxxxxxxx> - 3.0-0.1 - new upstream is github/pexpect/pexpect - update to rc3 - build on noarch again - consistently use %{buildroot} everywhere - be more explicit in %files - remove CFLAGS * Thu Sep 5 2013 Andrew McNabb <amcnabb@xxxxxxxxxxx> - 2.5.1-11 - Fix the name of the arm architecture in ExcludeArch * Thu Sep 5 2013 Andrew McNabb <amcnabb@xxxxxxxxxxx> - 2.5.1-10 - Remove noarch because of arm build problems (bug #999174) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1085438 - Update to 3.1 - ACL request https://bugzilla.redhat.com/show_bug.cgi?id=1085438 -------------------------------------------------------------------------------- ================================================================================ rubygem-cairo-1.12.9-1.fc19 (FEDORA-2014-4998) Ruby bindings for cairo -------------------------------------------------------------------------------- Update Information: New version 1.12.9 is released. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 1.12.9-1 - 1.12.9 -------------------------------------------------------------------------------- ================================================================================ rubygem-domain_name-0.5.18-2.fc19 (FEDORA-2014-5009) Domain Name manipulation library for Ruby -------------------------------------------------------------------------------- Update Information: New version 0.5.18 is released. -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 8 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 0.5.18-2 - Support Minitest 5+ * Mon Apr 7 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 0.5.18-1 - 0.5.18 -------------------------------------------------------------------------------- ================================================================================ rubygem-hikidoc-0.1.0-1.fc19 (FEDORA-2014-4993) Text-to-HTML conversion tool for web writers -------------------------------------------------------------------------------- Update Information: New version 0.1.0 is released. -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 10 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 0.1.0-1 - 0.1.0 -------------------------------------------------------------------------------- ================================================================================ rubygem-mini_portile-0.5.3-1.fc19 (FEDORA-2014-5038) Simplistic port-like solution for developers -------------------------------------------------------------------------------- Update Information: New version 0.5.3 is released. -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 7 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 0.5.3-1 - 0.5.3 -------------------------------------------------------------------------------- ================================================================================ rubygem-sequel-4.9.0-1.fc19 (FEDORA-2014-5041) The Database Toolkit for Ruby -------------------------------------------------------------------------------- Update Information: Upgrade to sequel 4.9.0 -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 8 2014 Alejandro Pérez <aeperezt@xxxxxxxxxxxxxxxxx> - 4.9.0-1 - Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1083982 - rubygem-sequel-4.9.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1083982 -------------------------------------------------------------------------------- ================================================================================ rubygem-unf-0.1.4-2.fc19 (FEDORA-2014-5022) Wrapper library to bring Unicode Normalization Form support to Ruby/JRuby -------------------------------------------------------------------------------- Update Information: New version 0.1.4 is released. -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 10 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 0.1.4-2 - Support Minitest 5.x * Wed Apr 9 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 0.1.4-1 - 0.1.4 -------------------------------------------------------------------------------- ================================================================================ smb4k-1.1.1-2.fc19 (FEDORA-2014-5024) The SMB/CIFS Share Browser for KDE -------------------------------------------------------------------------------- Update Information: Update to Smb4K 1.1.1, the first bug fix release of the stable 1.1 branch. This release fixes a crash bug and a potential security issue -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 28 2014 Sérgio Basto <sergio@xxxxxxxxxx> - 1.1.1-2 - Fix internal broken dependencies. * Thu Mar 27 2014 Sérgio Basto <sergio@xxxxxxxxxx> - 1.1.1-1 - Update to Smb4K 1.1.1, the first bug fix release of the stable 1.1 branch. This release fixes a crash bug and a potential security issue (rhbz #1079820) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1079819 - CVE-2014-2581 smb4k: potential credential cache leak fixed in version 1.1.1 https://bugzilla.redhat.com/show_bug.cgi?id=1079819 -------------------------------------------------------------------------------- ================================================================================ supybot-fedora-0.2.14-3.fc19 (FEDORA-2014-5026) Plugin for Supybot to interact with Fedora services -------------------------------------------------------------------------------- Update Information: Include python-arrow. -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.2.14-3 - Requires on python-arrow, because we need it now. * Mon Apr 7 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.2.14-2 - BR on python2-devel for fancy macros. * Mon Apr 7 2014 Ian Weller <iweller@xxxxxxxxxx> - 0.2.14-1 - Version 0.2.14 * Fri Aug 23 2013 Ian Weller <iweller@xxxxxxxxxx> - 0.2.13.1-1 - Bump to version 0.2.13.1 * Fri Aug 23 2013 Ian Weller <iweller@xxxxxxxxxx> - 0.2.13-1 - Bump to version 0.2.13 * Tue Aug 20 2013 Ian Weller <iweller@xxxxxxxxxx> - 0.2.12-1 - Bump to version 0.2.12 * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.11-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ wine-1.7.16-2.fc19 (FEDORA-2014-4977) A compatibility layer for windows applications -------------------------------------------------------------------------------- Update Information: 1.7.16 * More regression test fixes. * String arrays better supported in the IDL compiler. * Initial stubs for DirectX Video Acceleration. * Various bug fixes. 1.7.15 * New Task Scheduler service. * Many regression test fixes. * Support for exception unwinding in VBScript. * Various bug fixes. 1.7.14 * More Task Scheduler support. * Improvements for AVI encoding support. * More VisualBasic interfaces in MSXML. * Support for deflate content encoding in Wininet. * Some fixes for monochrome printers. * Various bug fixes. -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 7 2014 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 1.7.16-2 - explicitly require libpng (fixes rhbz#1085075) * Mon Apr 7 2014 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 1.7.16-1 - version upgrade * Mon Mar 24 2014 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 1.7.15-1 - version upgrade * Sat Mar 8 2014 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de> - 1.7.14-1 - version upgrade -------------------------------------------------------------------------------- References: [ 1 ] Bug #1055315 - wine-1.7.14 is available https://bugzilla.redhat.com/show_bug.cgi?id=1055315 [ 2 ] Bug #1085075 - Wine uses libpng, but the RPM package does not depend on it https://bugzilla.redhat.com/show_bug.cgi?id=1085075 -------------------------------------------------------------------------------- ================================================================================ wordpress-3.8.2-1.fc19 (FEDORA-2014-5028) Blog tool and publishing platform -------------------------------------------------------------------------------- Update Information: Upstream announcement: http://wordpress.org/news/2014/04/wordpress-3-8-2/ -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 9 2014 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 3.8.2-1 - update to 3.8.2 Security Release - fix privilege escalation issue CVE-2014-0165 - fix authentication bypass issue CVE-2014-0166 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1085858 - CVE-2014-0166 wordpress: authentication bypass via forged cookies https://bugzilla.redhat.com/show_bug.cgi?id=1085858 [ 2 ] Bug #1085866 - CVE-2014-0165 wordpress: privilege escalation issue allowing contributors to publish posts https://bugzilla.redhat.com/show_bug.cgi?id=1085866 -------------------------------------------------------------------------------- ================================================================================ yash-2.36-1.fc19 (FEDORA-2014-5014) Yet Another SHell -------------------------------------------------------------------------------- Update Information: New version 2.36 is released. -------------------------------------------------------------------------------- ChangeLog: * Wed Aug 7 2013 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 2.35-2 - Fix broken deps * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.35-1.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
