The following Fedora 19 Security updates need testing: Age URL 195 https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glance-2013.1.4-1.fc19 24 https://admin.fedoraproject.org/updates/FEDORA-2014-5024/smb4k-1.1.1-2.fc19 20 https://admin.fedoraproject.org/updates/FEDORA-2014-5308/srm-1.2.13-1.fc19 9 https://admin.fedoraproject.org/updates/FEDORA-2014-5759/cups-filters-1.0.53-1.fc19 7 https://admin.fedoraproject.org/updates/FEDORA-2014-5896/nrpe-2.15-2.fc19 7 https://admin.fedoraproject.org/updates/FEDORA-2014-5903/miniupnpc-1.9-1.fc19,megaglest-3.9.1-2.fc19,0ad-0.0.15-4.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-5938/rxvt-unicode-9.20-1.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-5941/xen-4.2.4-4.fc19 5 https://admin.fedoraproject.org/updates/FEDORA-2014-5974/python-fmn-web-0.2.4-3.fc19 5 https://admin.fedoraproject.org/updates/FEDORA-2014-5948/python-fedora-0.3.34-1.fc19 5 https://admin.fedoraproject.org/updates/FEDORA-2014-5984/php-5.5.12-1.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-6028/mingw-qt-4.8.6-1.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-5999/mingw-qt5-qtbase-5.2.1-3.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-6046/cifs-utils-6.3-2.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-6083/qt-4.8.6-5.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-6127/rubygem-actionpack-3.2.13-6.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-6167/kernel-3.14.3-100.fc19 The following Fedora 19 Critical Path updates have yet to be approved: Age URL 143 https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmarks-15-5.fc19 69 https://admin.fedoraproject.org/updates/FEDORA-2014-3245/testdisk-6.14-2.fc19.1,ntfs-3g-2014.2.15-1.fc19 12 https://admin.fedoraproject.org/updates/FEDORA-2014-5620/abrt-2.2.1-1.fc19,libreport-2.2.2-2.fc19 11 https://admin.fedoraproject.org/updates/FEDORA-2014-5665/curl-7.29.0-18.fc19 8 https://admin.fedoraproject.org/updates/FEDORA-2014-5809/xorg-x11-drv-synaptics-1.7.4-9.fc19 7 https://admin.fedoraproject.org/updates/FEDORA-2014-5818/libssh2-1.4.3-7.fc19 7 https://admin.fedoraproject.org/updates/FEDORA-2014-5867/kde-workspace-4.11.9-2.fc19 7 https://admin.fedoraproject.org/updates/FEDORA-2014-5448/ibus-1.5.7-1.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-6047/gupnp-0.20.11-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-6179/nss-softokn-3.16.1-1.fc19,nspr-4.10.5-1.fc19,nss-util-3.16.1-1.fc19,nss-3.16.1-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-6167/kernel-3.14.3-100.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-6113/xorg-x11-drv-evdev-2.8.4-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-6075/selinux-policy-3.12.1-74.26.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-6126/policycoreutils-2.1.14-46.8.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-6083/qt-4.8.6-5.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-5590/libcap-ng-0.7.4-1.fc19 The following builds have been pushed to Fedora 19 updates-testing drupal7-7.28-1.fc19 freeradius-2.2.5-1.fc19 jmol-14.0.13-2.fc19 kcm_systemd-0.6.1-1.fc19 kernel-3.14.3-100.fc19 lcgdm-dav-0.14.1-2.fc19 log4c-1.2.4-2.fc19 nodejs-grunt-contrib-uglify-0.4.0-3.fc19 nodejs-grunt-init-0.3.1-1.fc19 nodejs-maxmin-0.2.0-1.fc19 nspr-4.10.5-1.fc19 nss-3.16.1-1.fc19 nss-softokn-3.16.1-1.fc19 nss-util-3.16.1-1.fc19 perl-Thread-SigMask-0.004-1.fc19 python-ethtool-0.11-1.fc19 python-txws-0.9-1.fc19 qpid-cpp-0.26-3.fc19 sx-2.17-1.fc19 wqy-microhei-fonts-0.2.0-0.13.beta.fc19 Details about builds: ================================================================================ drupal7-7.28-1.fc19 (FEDORA-2014-6148) An open-source content-management platform -------------------------------------------------------------------------------- Update Information: Minor upstream bugfixes. https://drupal.org/drupal-7.28-release-notes -------------------------------------------------------------------------------- ChangeLog: * Thu May 8 2014 Jon Ciesla <limburgher@xxxxxxxxx> - 7.28-1 - 7.28, BZ 1095618. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1095618 - drupal7-7.28 is available https://bugzilla.redhat.com/show_bug.cgi?id=1095618 -------------------------------------------------------------------------------- ================================================================================ freeradius-2.2.5-1.fc19 (FEDORA-2014-6147) High-performance and highly configurable free RADIUS server -------------------------------------------------------------------------------- Update Information: Upgrade to upstream 2.2.5 release. Upstream ChangeLog entry follows. Feature improvements * Update dictionary.terena. * expose server version via %v. Patch from Alan Buxey. * Forbid running with vulnerable versions of OpenSSL. See "allow_vulnerable_openssl" in the "security" subsection of "radiusd.conf" * Catch underlying "heartbleed" problem, so that nothing bad happens even when using a vulnerable version of OpenSSL. * Add dictionary.zte Bug fixes * Minor changes to build on Sun. * Print non-ASCII characters as octal in linelog. Closes #578 * close stdout in daemon mode. * Fix zombie period calculation. Closes #579 -------------------------------------------------------------------------------- ChangeLog: * Thu May 8 2014 Nikolai Kondrashov <Nikolai.Kondrashov@xxxxxxxxxx> - 2.2.5-1 - Upgrade to upstream 2.2.5 release. See /usr/share/doc/freeradius-2.2.5/ChangeLog for details -------------------------------------------------------------------------------- ================================================================================ jmol-14.0.13-2.fc19 (FEDORA-2014-6169) An open-source Java viewer for chemical structures in 3D -------------------------------------------------------------------------------- Update Information: Don't bundle external libraries (BZ #1095315). -------------------------------------------------------------------------------- ChangeLog: * Wed May 7 2014 Susi Lehtola <jussilehtola@xxxxxxxxxxxxxxxxx> - 14.0.13-2 - Don't bundle external libraries (BZ #1095315). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1095315 - jmol: Embeds classes from icedtea-web https://bugzilla.redhat.com/show_bug.cgi?id=1095315 -------------------------------------------------------------------------------- ================================================================================ kcm_systemd-0.6.1-1.fc19 (FEDORA-2014-6151) Systemd control module for KDE -------------------------------------------------------------------------------- Update Information: New package kcm_systemd - Systemd control module for KDE Systemd control module for KDE. It provides a graphical frontend for the systemd daemon, which allows for viewing and controlling systemd units, as well as modifying configuration files. In integrates in the System Settings dialog in KDE. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1085130 - Review Request: kcm_systemd - Systemd control module for KDE https://bugzilla.redhat.com/show_bug.cgi?id=1085130 -------------------------------------------------------------------------------- ================================================================================ kernel-3.14.3-100.fc19 (FEDORA-2014-6167) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 3.14.3 stable rebase contains support for new hardware, some new features, and a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog: * Thu May 8 2014 Justin M. Forbes <jforbes@xxxxxxxxxxxxxxxxx> - 3.14.3-100 - Linux v3.14.3 * Sat May 3 2014 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> - Add patch to fix HID rmi driver from Benjamin Tissoires (rhbz 1090161) * Wed Apr 30 2014 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> - CVE-2014-3122: mm: fix locking DoS issue (rhbz 1093084 1093076) - Enable CONFIG_MEMORY_HOTPLUG (rhbz 1092948) * Fri Apr 25 2014 Hans de Goede <hdegoede@xxxxxxxxxx> - Add synaptics min-max quirk for ThinkPad Edge E431 (rhbz#1089689) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1093076 - CVE-2014-3122 Kernel: mm: try_to_unmap_cluster() should lock_page() before mlocking https://bugzilla.redhat.com/show_bug.cgi?id=1093076 -------------------------------------------------------------------------------- ================================================================================ lcgdm-dav-0.14.1-2.fc19 (FEDORA-2014-6166) HTTP/DAV front end to the DPM/LFC services -------------------------------------------------------------------------------- Update Information: Upstream patch: fix for mod_lcgdm_disk context leaking -------------------------------------------------------------------------------- ChangeLog: * Thu May 8 2014 Alejandro Alvarez <aalvarez@xxxxxxx> - 0.14.1-2 - Upstream patch: fix for mod_lcgdm_disk context leaking -------------------------------------------------------------------------------- ================================================================================ log4c-1.2.4-2.fc19 (FEDORA-2014-6174) Library for logging application messages -------------------------------------------------------------------------------- Update Information: Fix library reinitialization (bug #1095366). -------------------------------------------------------------------------------- ChangeLog: * Thu May 8 2014 František Dvořák <valtri@xxxxxxxxxx> - 1.2.4-2 - Patch to fix library reinitialization (bug #1095366) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1095366 - double free or corruption with multiple log4c_init and log4c_fini https://bugzilla.redhat.com/show_bug.cgi?id=1095366 -------------------------------------------------------------------------------- ================================================================================ nodejs-grunt-contrib-uglify-0.4.0-3.fc19 (FEDORA-2014-6178) Minify files with UglifyJS -------------------------------------------------------------------------------- Update Information: Initial package. -------------------------------------------------------------------------------- ================================================================================ nodejs-grunt-init-0.3.1-1.fc19 (FEDORA-2014-6160) Generate project scaffolding from a template when using Grunt -------------------------------------------------------------------------------- Update Information: Initial package. -------------------------------------------------------------------------------- ================================================================================ nodejs-maxmin-0.2.0-1.fc19 (FEDORA-2014-6178) Get pretty output of the original, minified gzipped size of a string/buffer -------------------------------------------------------------------------------- Update Information: Initial package. -------------------------------------------------------------------------------- ================================================================================ nspr-4.10.5-1.fc19 (FEDORA-2014-6179) Netscape Portable Runtime -------------------------------------------------------------------------------- Update Information: Update to nss-3.16.1 and nspr-4.10.5 For a description of new functionality and notable fixes refer to https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.16.1_release_notes For best results, specially when using development packages, update all packages at once. -------------------------------------------------------------------------------- ChangeLog: * Wed May 7 2014 Elio Maldonado <emaldona@xxxxxxxxxx> - 4.10.4-2 - Update to NSPR_4_10_5_RTM -------------------------------------------------------------------------------- References: [ 1 ] Bug #1075702 - ECC decode refactoring needed to build OpenJDK SunEC provider for ECC support https://bugzilla.redhat.com/show_bug.cgi?id=1075702 [ 2 ] Bug #1094702 - nss-3.16.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1094702 -------------------------------------------------------------------------------- ================================================================================ nss-3.16.1-1.fc19 (FEDORA-2014-6179) Network Security Services -------------------------------------------------------------------------------- Update Information: Update to nss-3.16.1 and nspr-4.10.5 For a description of new functionality and notable fixes refer to https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.16.1_release_notes For best results, specially when using development packages, update all packages at once. -------------------------------------------------------------------------------- ChangeLog: * Tue May 6 2014 Elio Maldonado <emaldona@xxxxxxxxxx> - 3.16.1-1 - Update to nss-3.16.1 - Update the iquote patch on account of the rebase - Improve test error detection in the %section - Resolves: Bug 1094702 - nss-3.16.1 is available -------------------------------------------------------------------------------- References: [ 1 ] Bug #1075702 - ECC decode refactoring needed to build OpenJDK SunEC provider for ECC support https://bugzilla.redhat.com/show_bug.cgi?id=1075702 [ 2 ] Bug #1094702 - nss-3.16.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1094702 -------------------------------------------------------------------------------- ================================================================================ nss-softokn-3.16.1-1.fc19 (FEDORA-2014-6179) Network Security Services Softoken Module -------------------------------------------------------------------------------- Update Information: Update to nss-3.16.1 and nspr-4.10.5 For a description of new functionality and notable fixes refer to https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.16.1_release_notes For best results, specially when using development packages, update all packages at once. -------------------------------------------------------------------------------- ChangeLog: * Wed May 7 2014 Elio Maldonado <emaldona@xxxxxxxxxx> - 3.16.1-1 - Update to nss-3.16.1 - Resolves: Bug 1094702 - nss-3.16.1 is available -------------------------------------------------------------------------------- References: [ 1 ] Bug #1075702 - ECC decode refactoring needed to build OpenJDK SunEC provider for ECC support https://bugzilla.redhat.com/show_bug.cgi?id=1075702 [ 2 ] Bug #1094702 - nss-3.16.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1094702 -------------------------------------------------------------------------------- ================================================================================ nss-util-3.16.1-1.fc19 (FEDORA-2014-6179) Network Security Services Utilities Library -------------------------------------------------------------------------------- Update Information: Update to nss-3.16.1 and nspr-4.10.5 For a description of new functionality and notable fixes refer to https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.16.1_release_notes For best results, specially when using development packages, update all packages at once. -------------------------------------------------------------------------------- ChangeLog: * Wed May 7 2014 Elio Maldonado <emaldona@xxxxxxxxxx> - 3.16.1-1 - Update to nss-3.16.1 - Resolves: Bug 1094702 - nss-3.16.1 is available -------------------------------------------------------------------------------- References: [ 1 ] Bug #1075702 - ECC decode refactoring needed to build OpenJDK SunEC provider for ECC support https://bugzilla.redhat.com/show_bug.cgi?id=1075702 [ 2 ] Bug #1094702 - nss-3.16.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1094702 -------------------------------------------------------------------------------- ================================================================================ perl-Thread-SigMask-0.004-1.fc19 (FEDORA-2014-6162) Thread specific signal masks -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- References: [ 1 ] Bug #1087379 - Review Request: perl-Thread-SigMask - Thread specific signal masks https://bugzilla.redhat.com/show_bug.cgi?id=1087379 -------------------------------------------------------------------------------- ================================================================================ python-ethtool-0.11-1.fc19 (FEDORA-2014-6177) Ethernet settings python bindings -------------------------------------------------------------------------------- Update Information: Updated to the lastest python-ethtool-0.11 release -------------------------------------------------------------------------------- ChangeLog: * Thu May 8 2014 David Sommerseth <davids@xxxxxxxxxx> - 0.11-1 - Updated to the lastest python-ethtool-0.11 release, which incorporates all these additional patches and improves libnl3 connection error checking. * Mon Apr 7 2014 David Sommerseth <davids@xxxxxxxxxx> - 0.10-6 - Removed the never close netlink patch - Added a patch which will ensure it will open a valid socket in open_netlink() * Wed Apr 2 2014 David Sommerseth <davids@xxxxxxxxxx> - 0.10-5 - Update patch 8 - to also never close the netlink socket * Wed Apr 2 2014 David Sommerseth <davids@xxxxxxxxxx> - 0.10-4 - Added patch 8 - to see of FD_CLOEXEC impacts vdsm * Tue Apr 1 2014 David Sommerseth <davids@xxxxxxxxxx> - 0.10-3 - Added patch 6 and 7, to improve error handling. Will be removed when released upstream * Thu Mar 20 2014 David Sommerseth <davids@xxxxxxxxxx> - 0.10-2 - Added patch 1, 2, 4 and 5; they have not appeared in an upstream release yet * Thu Jan 9 2014 David Sommerseth <davids@xxxxxxxxxx> - 0.10-1 - Updated to v0.10 -------------------------------------------------------------------------------- ================================================================================ python-txws-0.9-1.fc19 (FEDORA-2014-6145) Twisted WebSockets wrapper -------------------------------------------------------------------------------- Update Information: Fix protocol handling for chrome users. -------------------------------------------------------------------------------- ChangeLog: * Thu May 8 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.9-1 - Protocol fixes to help support users on chrome. - Added a disabled python3 subpackage for the future. - Modernized python2 macros. * Tue Jan 28 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.8-2 - Patch to drop vcversioner for building in koji. * Tue Jan 28 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.8-1 - Latest upstream. * Tue Jan 14 2014 Ralph Bean <rbean@xxxxxxxxxx> - 0.7.1-4 - Update deps to use more specific twisted subpackages. * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.7.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1095658 - python-txws-0.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1095658 -------------------------------------------------------------------------------- ================================================================================ qpid-cpp-0.26-3.fc19 (FEDORA-2014-6159) Libraries for Qpid C++ client applications -------------------------------------------------------------------------------- Update Information: Changed qpid-cpp-server-ha to use systemd macros for pre/post/postun -------------------------------------------------------------------------------- ChangeLog: * Wed May 7 2014 Darryl L. Pierce <dpierce@xxxxxxxxxx> - 0.26-3 - Changed qpid-cpp-server-ha to use systemd macros for pre/post/postun - Resoves: BZ#1094928 * Fri Feb 21 2014 Darryl L. Pierce <dpierce@xxxxxxxxxx> - 0.26-2 - QPID-5499: Fix for building with -Werror=format-security enabled. - * This was previously for files include in qpid-cpp-client-devel. * Thu Feb 20 2014 Darryl L. Pierce <dpierce@xxxxxxxxxx> - 0.26-1 - Rebased on Qpid 0.26. - Updated qpid-cpp-server-ha to be a systemd service. - Removed qpid-cpp-server dependency on qpid-cpp-server-store. - * The package was mistakenly including store libraries. - Added BR for gcc-c++. - Removed -n option from all subpackages. - Removed clean and check sections. - Updated package to use systemd macros correctly. - Removed unnecessary BRs. - Cleaned up the deletes after the build finishes. * Wed Jan 22 2014 Darryl L. Pierce <dpierce@xxxxxxxxxx> - 0.24-9 - Set qpidd service to start after the network service. - QPID-5499: Updated the Swig descriptors. - Resolves: BZ#1055660 - Resolves: BZ#1037295 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1094928 - qpid-cpp: script and/or trigger should not directly enable systemd units https://bugzilla.redhat.com/show_bug.cgi?id=1094928 -------------------------------------------------------------------------------- ================================================================================ sx-2.17-1.fc19 (FEDORA-2014-6158) Tool to extract reports and run plug-ins against those extracted reports -------------------------------------------------------------------------------- Update Information: Update to new upstream release, sx-2.17 -------------------------------------------------------------------------------- ChangeLog: * Mon May 5 2014 Pierguido Lambri <plambri@xxxxxxxxxxxxxxxxx> - 2.17-1 - Update to sx-2.17 (BZ#1094375) - Fix some parsing issues of strings in logger and strings when formatting tables. - Fixed an error that was thrown if user did not have privledges for user configuration directory that would be created. - Added check to make sure that fsck option is not enabled on GFS/GFS2 filesystems. - The cluster services are no longer printed to a file and now a total counted in printed in summary. - Add ip to bonding output in networking plugin. - Add check for quromd section that is not running master_wins && 2 nodes with no heuristics. - It detects broadcast, but multicast configured on RHEL4. - Detects if quorum disk did not have heuristics configured when not using master_wins mode on RHEL 5. - Added multiple evaluations for correctly configured quorum disk. - Check to verify that if fence_scsi is used on virtual machines that iscsi is used on all shared storage. - Added unfence check to see if fence agent supports that tag. - Changed the cluster boot up services summary to a table. - Add checks and summary information on pacemaker cluster. - Added new option (-t) so that timestamp could be set. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1095801 - Update to sx-2.17 https://bugzilla.redhat.com/show_bug.cgi?id=1095801 -------------------------------------------------------------------------------- ================================================================================ wqy-microhei-fonts-0.2.0-0.13.beta.fc19 (FEDORA-2014-6172) Compact Chinese fonts derived from Droid -------------------------------------------------------------------------------- Update Information: Increase wqy-microhei-fonts priority. -------------------------------------------------------------------------------- ChangeLog: * Wed May 7 2014 Peng Wu <pwu@xxxxxxxxxx> - 0.2.0-0.13.beta - Increase fontconfig conf file priority * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.2.0-0.12.beta - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
