The following Fedora 19 Security updates need testing: Age URL 252 https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glance-2013.1.4-1.fc19 64 https://admin.fedoraproject.org/updates/FEDORA-2014-5896/nrpe-2.15-2.fc19 54 https://admin.fedoraproject.org/updates/FEDORA-2014-6233/dpkg-1.16.14-1.fc19 44 https://admin.fedoraproject.org/updates/FEDORA-2014-6553/chicken-4.8.0.6-2.fc19 42 https://admin.fedoraproject.org/updates/FEDORA-2014-6597/drupal7-views-3.8-1.fc19 22 https://admin.fedoraproject.org/updates/FEDORA-2014-7333/ReviewBoard-1.7.26-2.fc19,python-django-evolution-0.6.9-4.fc19 22 https://admin.fedoraproject.org/updates/FEDORA-2014-7322/thunderbird-24.6.0-1.fc19 15 https://admin.fedoraproject.org/updates/FEDORA-2014-7496/readline-6.2-8.fc19 14 https://admin.fedoraproject.org/updates/FEDORA-2014-7570/asterisk-11.10.2-2.fc19 13 https://admin.fedoraproject.org/updates/FEDORA-2014-6774/claws-mail-3.10.1-1.fc19,claws-mail-plugins-3.10.0-1.fc19,libetpan-1.5-1.fc19 13 https://admin.fedoraproject.org/updates/FEDORA-2014-7610/perl-Email-Address-1.905-1.fc19 11 https://admin.fedoraproject.org/updates/FEDORA-2014-7654/samba-4.0.19-1.fc19 9 https://admin.fedoraproject.org/updates/FEDORA-2014-7716/python-simplejson-3.5.3-1.fc19 8 https://admin.fedoraproject.org/updates/FEDORA-2014-7782/php-5.5.14-1.fc19 8 https://admin.fedoraproject.org/updates/FEDORA-2014-7772/python-2.7.5-13.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-7849/cacti-0.8.8b-7.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-7877/kernel-3.14.9-100.fc19 5 https://admin.fedoraproject.org/updates/FEDORA-2014-7889/zarafa-7.1.10-1.fc19 4 https://admin.fedoraproject.org/updates/FEDORA-2014-7939/lzo-2.08-1.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-8035/python3-3.3.2-9.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-7997/ansible-1.6.6-1.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-8034/docker-io-1.0.0-6.fc19 1 https://admin.fedoraproject.org/updates/FEDORA-2014-7645/couchdb-1.6.0-6.fc19,erlang-ibrowse-4.0.1-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-8107/pnp4nagios-0.6.22-2.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-8089/rubygem-activerecord-3.2.13-2.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-8112/lz4-r119-1.fc19 The following Fedora 19 Critical Path updates have yet to be approved: Age URL 200 https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmarks-15-5.fc19 126 https://admin.fedoraproject.org/updates/FEDORA-2014-3245/testdisk-6.14-2.fc19.1,ntfs-3g-2014.2.15-1.fc19 11 https://admin.fedoraproject.org/updates/FEDORA-2014-7654/samba-4.0.19-1.fc19 9 https://admin.fedoraproject.org/updates/FEDORA-2014-7735/gcc-4.8.3-1.fc19,libtool-2.4.2-24.fc19,gcc-python-plugin-0.12-16.fc19,dragonegg-3.3-2.fc19 8 https://admin.fedoraproject.org/updates/FEDORA-2014-7772/python-2.7.5-13.fc19 4 https://admin.fedoraproject.org/updates/FEDORA-2014-7906/libtasn1-3.7-1.fc19 4 https://admin.fedoraproject.org/updates/FEDORA-2014-7939/lzo-2.08-1.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-8025/shared-mime-info-1.1-6.fc19 1 https://admin.fedoraproject.org/updates/FEDORA-2014-8079/xorg-x11-xauth-1.0.9-1.fc19 1 https://admin.fedoraproject.org/updates/FEDORA-2014-8047/nss-3.16.2-1.fc19,nss-softokn-3.16.2-1.fc19,nss-util-3.16.2-1.fc19 The following builds have been pushed to Fedora 19 updates-testing ceph-0.81.0-4.fc19 csdiff-1.0.6-1.fc19 csmock-1.0.11-1.fc19 lz4-r119-1.fc19 macchanger-1.7.0-3.fc19 perl-Test-TCP-2.06-1.fc19 perl-Time-ParseDate-2013.1113-2.fc19 php-doctrine-cache-1.3.0-4.fc19 php-doctrine-collections-1.2-3.fc19 php-doctrine-inflector-1.0-4.20131221gita81c334.fc19 php-doctrine-lexer-1.0-4.20131220gitf12a5f7.fc19 pnp4nagios-0.6.22-2.fc19 pragha-1.2.2-1.fc19 qpid-cpp-0.26-10.fc19 rubygem-activerecord-3.2.13-2.fc19 terminology-0.6.1-1.fc19 Details about builds: ================================================================================ ceph-0.81.0-4.fc19 (FEDORA-2014-8097) User space components of the Ceph file system -------------------------------------------------------------------------------- Update Information: upstream ceph.spec file ceph-0.81.0 -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 4 2014 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - 0.81.0-4 - upstream ceph.spec file * Tue Jul 1 2014 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - 0.81.0-3 - upstream ceph.spec file * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.81.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Thu Jun 5 2014 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - el6 ppc64 likewise for tcmalloc, merge from origin/el6 * Thu Jun 5 2014 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - el6 ppc64 does not have gperftools, merge from origin/el6 * Thu Jun 5 2014 Kaleb S. KEITHLEY <kkeithle[at]redhat.com> - 0.81.0-1 - ceph-0.81.0 * Wed Jun 4 2014 Peter Robinson <pbrobinson@xxxxxxxxxxxxxxxxx> 0.80.1-5 - gperftools now available on aarch64/ppc64 * Fri May 23 2014 Petr Machata <pmachata@xxxxxxxxxx> - 0.80.1-4 - Rebuild for boost 1.55.0 * Fri May 23 2014 David Tardon <dtardon@xxxxxxxxxx> - 0.80.1-3 - rebuild for boost 1.55.0 -------------------------------------------------------------------------------- ================================================================================ csdiff-1.0.6-1.fc19 (FEDORA-2014-8102) Non-interactive tools for processing code scan results in plain-text -------------------------------------------------------------------------------- Update Information: update to latest upstream bugfix release -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 19 2014 Kamil Dudka <kdudka@xxxxxxxxxx> 1.0.6-1 - update to latest upstream bugfix release * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0.4-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Fri May 23 2014 Petr Machata <pmachata@xxxxxxxxxx> - 1.0.4-2 - Rebuild for boost 1.55.0 * Mon Mar 17 2014 Kamil Dudka <kdudka@xxxxxxxxxx> 1.0.4-1 - update to latest upstream -------------------------------------------------------------------------------- ================================================================================ csmock-1.0.11-1.fc19 (FEDORA-2014-8102) A mock wrapper for Static Analysis tools -------------------------------------------------------------------------------- Update Information: update to latest upstream bugfix release -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 4 2014 Kamil Dudka <kdudka@xxxxxxxxxx> 1.0.11-1 - update to latest upstream bugfix release * Thu Jun 19 2014 Kamil Dudka <kdudka@xxxxxxxxxx> 1.0.10-1 - update to latest upstream bugfix release -------------------------------------------------------------------------------- ================================================================================ lz4-r119-1.fc19 (FEDORA-2014-8112) Extremely fast compression algorithm -------------------------------------------------------------------------------- Update Information: - New release - Fixed a high Address allocation issue in 32-bits mode. - New release r118 - Fixed packaging issues. - install libraries under %{_libdir} directory. - New release r118 - Fixed packaging issues. - install libraries under %{_libdir} directory. - New release r118 - Fixed packaging issues. - install libraries under %{_libdir} directory. - New release r118 - Fixed packaging issues. - install libraries under %{_libdir} directory. -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 3 2014 pjp <pjp@xxxxxxxxxxxxxxxxx> - r119-1 - new release - Fixed a high Address allocation issue in 32-bits mode. * Sat Jun 28 2014 pjp <pjp@xxxxxxxxxxxxxxxxx> - r118-1 - new release - install libraries under appropriate _libdir directories. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1113430 - Packaging issues https://bugzilla.redhat.com/show_bug.cgi?id=1113430 -------------------------------------------------------------------------------- ================================================================================ macchanger-1.7.0-3.fc19 (FEDORA-2014-8090) An utility for viewing/manipulating the MAC address of network interfaces -------------------------------------------------------------------------------- Update Information: Update to upstream version 1.7.0: - Package license change from GPLv2+ to GPLv3+ - New upstream version integrates patches from Fedora 1.6.0 packages - OUI vendor list update -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 4 2014 Tomas Hoger <thoger@xxxxxxxxxxxxxxxxx> - 1.7.0-3 - Format string fix to actually build with -Werror * Fri Jul 4 2014 Tomas Hoger <thoger@xxxxxxxxxxxxxxxxx> - 1.7.0-2 - Build package with -Werror * Fri Jul 4 2014 Tomas Hoger <thoger@xxxxxxxxxxxxxxxxx> - 1.7.0-1 - Update to upstream 1.7.0 - Licence change from GPLv2+ to GPLv3+ https://github.com/alobbs/macchanger/issues/3#issuecomment-31526964 - Upstream sources are now on github, no more signatures :-( - Dropped patches - fixes applied upstream: 1.6.0-dynamic-lists.diff 1.6.0-dev-name-overflow.diff 1.6.0-endding.diff 1.6.0-doc-cleanup.diff 1.6.0-bia-fix.diff 1.6.0-show-default.diff - New patche for 1.7.0: 1.7.0-seed-source.diff - keep preferring /dev/urandom as seed source * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.6.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.6.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Mon Apr 1 2013 Tomas Hoger <thoger@xxxxxxxxxxxxxxxxx> - 1.6.0-1 - Update to upstream 1.6.0 (RHBZ#928256) - Dropped patches - fixes applied upstream: 1.5.0-OUI-list-update.diff 1.5.0-man-update.diff 1.5.0-random-seed.diff 1.5.0-exit-code.diff 1.5.0-formatstr-warning.diff 1.5.0-permanent-mac.diff - Patches updated for 1.6.0: 1.6.0-dynamic-lists.diff 1.6.0-dev-name-overflow.diff 1.6.0-endding.diff - New patches for 1.6.0: 1.6.0-bia-fix.diff - fix regression from new --bia option https://github.com/alobbs/macchanger/issues/1 1.6.0-show-default.diff - change default action to --show https://github.com/alobbs/macchanger/issues/4 1.6.0-doc-cleanup.diff - documentation cleanup - Add GPLv2 text, no longer included in 1.6.0 upstream sources. - texinfo BuildRequires is no longer temporary, as upstream tarball does not include .info any more and it needs to be built at compile time. - Use verbose build output (make V=1). -------------------------------------------------------------------------------- ================================================================================ perl-Test-TCP-2.06-1.fc19 (FEDORA-2014-8108) Testing TCP program -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 3 2014 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 2.06-1 - Upstream update. - Remove Test-TCP-2.02-Wait-infinitely-if-max_wait-is-negative.patch (Patch was incorporated by upstream). * Mon Jun 30 2014 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 2.05-1 - Upstream update. - Reflect upstream having switched to ExtUtils::MakeMaker. - Rework deps. -------------------------------------------------------------------------------- ================================================================================ perl-Time-ParseDate-2013.1113-2.fc19 (FEDORA-2014-8101) Perl modules for parsing dates and times -------------------------------------------------------------------------------- Update Information: perl-Time-ParseDate: initial submission -------------------------------------------------------------------------------- References: [ 1 ] Bug #1067003 - Review Request: perl-Time-ParseDate - Perl modules for parsing dates and time https://bugzilla.redhat.com/show_bug.cgi?id=1067003 -------------------------------------------------------------------------------- ================================================================================ php-doctrine-cache-1.3.0-4.fc19 (FEDORA-2014-8106) Doctrine Cache -------------------------------------------------------------------------------- Update Information: RPM-only release: * Added `php-composer(doctrine/cache)` virtual provide * Added option to build without tests ("`--without tests`") -------------------------------------------------------------------------------- ChangeLog: * Fri Jun 20 2014 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> - 1.3.0-4 - Added php-composer(%{composer_vendor}/%{composer_project}) virtual provide - Removed %{summary_base} - Added option to build without tests * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ php-doctrine-collections-1.2-3.fc19 (FEDORA-2014-8113) Collections abstraction library -------------------------------------------------------------------------------- Update Information: RPM-only release: * Added `php-composer(doctrine/collections)` virtual provide * Added option to build without tests ("`--without tests`") -------------------------------------------------------------------------------- ChangeLog: * Fri Jun 20 2014 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> - 1.2-3 - Added php-composer(%{composer_vendor}/%{composer_project}) virtual provide - Added option to build without tests ("--without tests") * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ php-doctrine-inflector-1.0-4.20131221gita81c334.fc19 (FEDORA-2014-8119) Common string manipulations with regard to casing and singular/plural rules -------------------------------------------------------------------------------- Update Information: RPM-only release: * Added `php-composer(doctrine/inflector)` virtual provide * Added option to build without tests ("`--without tests`") -------------------------------------------------------------------------------- ChangeLog: * Fri Jun 20 2014 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> - 1.0-4.20131221gita81c334 - Added php-composer(%{composer_vendor}/%{composer_project}) virtual provide - Added option to build without tests ("--without tests") * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0-3.20131221gita81c334 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ php-doctrine-lexer-1.0-4.20131220gitf12a5f7.fc19 (FEDORA-2014-8105) Base library for a lexer that can be used in top-down, recursive descent parsers -------------------------------------------------------------------------------- Update Information: RPM-only release: * Added `php-composer(doctrine/lexer)` virtual provide -------------------------------------------------------------------------------- ChangeLog: * Fri Jun 20 2014 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> - 1.0-4.20131220gitf12a5f7 - Added php-composer(%{composer_vendor}/%{composer_project}) virtual provide * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0-3.20131220gitf12a5f7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ pnp4nagios-0.6.22-2.fc19 (FEDORA-2014-8107) Nagios performance data analysis tool -------------------------------------------------------------------------------- Update Information: Fix three URL Cross-Site Scripting Vulnerabilities. Update to upstream (fixes XSS flaw in an error page) Update to upstream (fixes XSS flaw in an error page) -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 4 2014 Ján ONDREJ (SAL) <ondrejj(at)salstar.sk> - 0.6.22-2 - Fix two URL Cross-Site Scripting Vulnerabilities (bz#1115983) * Thu Jul 3 2014 Ján ONDREJ (SAL) <ondrejj(at)salstar.sk> - 0.6.22-1 - Update to upstream (fixes XSS flaw in an error page - bz#1115770) * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.6.21-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.6.21-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Wed Jul 17 2013 Petr Pisar <ppisar@xxxxxxxxxx> - 0.6.21-3 - Perl 5.18 rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1115983 - pnp4nagios: Two URL Cross-Site Scripting Vulnerabilities https://bugzilla.redhat.com/show_bug.cgi?id=1115983 [ 2 ] Bug #1115770 - pnp4nagios: cross-site scripting flaw in an error page https://bugzilla.redhat.com/show_bug.cgi?id=1115770 -------------------------------------------------------------------------------- ================================================================================ pragha-1.2.2-1.fc19 (FEDORA-2014-8095) Lightweight GTK+ music manager -------------------------------------------------------------------------------- Update Information: This update fixes two potential crashes in the application. -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 3 2014 Christoph Wickert <cwickert@xxxxxxxxxxxxxxxxx> - 1.2.2-1 - Update to 1.2.2 (fixes #1079743 and #1094542) * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1079743 - [abrt] pragha: pragha_application_get_backend(): pragha killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1079743 [ 2 ] Bug #1094542 - [abrt] pragha: pragha_backend_get_state(): pragha killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1094542 -------------------------------------------------------------------------------- ================================================================================ qpid-cpp-0.26-10.fc19 (FEDORA-2014-8115) Libraries for Qpid C++ client applications -------------------------------------------------------------------------------- Update Information: Parameterized ldconfig location based on RHEL/Fedora release. -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 3 2014 Darryl L. Pierce <dpierce@xxxxxxxxxx> - 0.28-10 - Parameterized ldconfig location based on RHEL/Fedora release. -------------------------------------------------------------------------------- ================================================================================ rubygem-activerecord-3.2.13-2.fc19 (FEDORA-2014-8089) Implements the ActiveRecord pattern for ORM -------------------------------------------------------------------------------- Update Information: Fix for CVE-2014-3482: SQL injection vulnerability in 'bitstring' quoting -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 3 2014 Josef Stribny <jstribny@xxxxxxxxxx> - 1:3.2.13-2 - Fix for CVE-2014-3482 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1115775 - CVE-2014-3482 rubygem-activerecord: SQL injection vulnerability in 'bitstring' quoting [fedora-19] https://bugzilla.redhat.com/show_bug.cgi?id=1115775 -------------------------------------------------------------------------------- ================================================================================ terminology-0.6.1-1.fc19 (FEDORA-2014-8103) EFL based terminal emulator -------------------------------------------------------------------------------- Update Information: Primary change is power saving. Full changelog: Changes since 0.6.0: -------------------- Additions: * Add .tga images to recognized files Improvements: * Improve power consumption Fixes: * Fix issues with the teamwork modules and popups Fixes numerous issues with terminology. -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 4 2014 Conrad Meyer <cemeyer@xxxxxx> - 0.6.1-1 - Update to 0.6.1 * Thu Jul 3 2014 Conrad Meyer <cemeyer@xxxxxx> - 0.6.0-1 - Update to 0.6.0 for numerous bugfixes, including the annoying T627 (https://phab.enlightenment.org/T627) * Sun Jun 8 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.4.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
