The following Fedora 19 Security updates need testing: Age URL 322 https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glance-2013.1.4-1.fc19 134 https://admin.fedoraproject.org/updates/FEDORA-2014-5896/nrpe-2.15-2.fc19 85 https://admin.fedoraproject.org/updates/FEDORA-2014-7496/readline-6.2-8.fc19 84 https://admin.fedoraproject.org/updates/FEDORA-2014-7570/asterisk-11.10.2-2.fc19 83 https://admin.fedoraproject.org/updates/FEDORA-2014-6774/claws-mail-3.10.1-1.fc19,claws-mail-plugins-3.10.0-1.fc19,libetpan-1.5-1.fc19 83 https://admin.fedoraproject.org/updates/FEDORA-2014-7610/perl-Email-Address-1.905-1.fc19 74 https://admin.fedoraproject.org/updates/FEDORA-2014-7939/lzo-2.08-1.fc19 51 https://admin.fedoraproject.org/updates/FEDORA-2014-8771/ReviewBoard-1.7.27-1.fc19 36 https://admin.fedoraproject.org/updates/FEDORA-2014-9162/xulrunner-31.0-1.fc19 28 https://admin.fedoraproject.org/updates/FEDORA-2014-9427/pipelight-0.2.7.3-3.fc19 22 https://admin.fedoraproject.org/updates/FEDORA-2014-9602/polkit-qt-0.112.0-1.fc19 22 https://admin.fedoraproject.org/updates/FEDORA-2014-9619/ca-certificates-2014.2.1-1.0.fc19 15 https://admin.fedoraproject.org/updates/FEDORA-2014-9830/glibc-2.17-21.fc19 15 https://admin.fedoraproject.org/updates/FEDORA-2014-9703/cups-1.6.4-10.fc19 14 https://admin.fedoraproject.org/updates/FEDORA-2014-9624/GraphicsMagick-1.3.20-3.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-10491/torque-3.0.4-4.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-10359/procmail-3.22-36.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-10366/icecream-1.0.1-8.20140822git.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-10649/xerces-j2-2.11.0-15.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-10569/kernel-3.14.18-100.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-10628/pdns-recursor-3.6.1-1.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-10640/libreoffice-4.1.6.2-8.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-10714/curl-7.29.0-23.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-10746/not-yet-commons-ssl-0.3.15-2.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-10787/mod_gnutls-0.5.10-13.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-10794/squid-3.3.13-2.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-10784/python-oauth2-1.5.211-7.fc19 The following Fedora 19 Critical Path updates have yet to be approved: Age URL 270 https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmarks-15-5.fc19 196 https://admin.fedoraproject.org/updates/FEDORA-2014-3245/testdisk-6.14-2.fc19.1,ntfs-3g-2014.2.15-1.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-10326/elfutils-0.160-1.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-10441/libbluray-0.6.2-1.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-10359/procmail-3.22-36.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-10478/firefox-32.0-1.fc19,xulrunner-32.0-1.fc19,thunderbird-31.1.0-1.fc19,thunderbird-lightning-3.3-3.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-10569/kernel-3.14.18-100.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-10788/gcc-4.8.3-7.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-10714/curl-7.29.0-23.fc19 The following builds have been pushed to Fedora 19 updates-testing gcc-4.8.3-7.fc19 ikiwiki-3.20140831-1.fc19 mod_gnutls-0.5.10-13.fc19 orthanc-0.8.3-1.fc19 python-oauth2-1.5.211-7.fc19 squid-3.3.13-2.fc19 xscreensaver-5.30-1.fc19 Details about builds: ================================================================================ gcc-4.8.3-7.fc19 (FEDORA-2014-10788) Various compilers (C, C++, Objective-C, Java, ...) -------------------------------------------------------------------------------- Update Information: This update should fix bugs that could cause miscompilation of the Linux kernel with -g, among many other fixed bugs. -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 11 2014 Jakub Jelinek <jakub@xxxxxxxxxx> 4.8.3-7 - update from the 4.8 branch - fix ppc32 libgo.so.4 to avoid RWE PT_GNU_STACK * Wed Sep 10 2014 Jakub Jelinek <jakub@xxxxxxxxxx> 4.8.3-6 - update from the 4.8 branch (#1140019) - PRs c++/58714, c++/59823, c++/59956, c++/60241, c++/60361, c++/61959, c/61271, debug/55794, debug/60655, debug/61923, fortran/61999, fortran/62214, fortran/62270, ipa/61986, ipa/62015, libgfortran/62188, libstdc++/58962, libstdc++/61946, middle-end/61010, middle-end/61045, middle-end/62103, rtl-optimization/62004, rtl-optimization/62030, target/61996, target/62038, target/62195, testsuite/56194, tree-optimization/60196, tree-optimization/60707, tree-optimization/61452, tree-optimization/62073, tree-optimization/62075, tree-optimization/63189 * Thu Aug 21 2014 Richard Henderson <rth@xxxxxxxxxx> 4.8.3-5 - backport aarch64 unwind info improvements (#1132636) * Fri Aug 1 2014 Jakub Jelinek <jakub@xxxxxxxxxx> 4.8.3-4 - update from the 4.8 branch - PRs fortran/61780, libobjc/61920, target/47230, tree-optimization/61375, tree-optimization/61964 - fix libgfortran overflows on allocation (CVE-2014-5044) - backport ibm-ldouble performance improvements (#1090620) * Wed Jul 30 2014 Jakub Jelinek <jakub@xxxxxxxxxx> 4.8.3-3 - on ppc64le use -mtune=power8 by default (#1123484) * Thu Jul 17 2014 Jakub Jelinek <jakub@xxxxxxxxxx> 4.8.3-2 - update from the 4.8 branch - PRs c++/61500, c++/61539, c++/61647, fortran/58883, fortran/61459, middle-end/53590, rtl-optimization/61801, target/61542, target/61586, tree-optimization/61306, tree-optimization/61684 - for rhel 7.1 keep the old 4.8.2 pathnames and use 4.8.3 symlinks - merge in aarch64 support (#1070290) - small improvements on s390x for z196 and later (#1088542) - make sure OpenMP outlined artificial functions have DW_AT_name (#844959) -------------------------------------------------------------------------------- ================================================================================ ikiwiki-3.20140831-1.fc19 (FEDORA-2014-10798) A wiki compiler -------------------------------------------------------------------------------- Update Information: Update to the latest stable version. ikiwiki 3.20140831 released with these changes: * Make --no-gettime work in initial build. Closes: http://bugs.debian.org/755075 -------------------------------------------------------------------------------- ChangeLog: * Fri Sep 5 2014 Thomas Moschny <thomas.moschny@xxxxxx> - 3.20140831-1 - Update to 3.20140831. * Fri Aug 29 2014 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 3.20140815-2 - Perl 5.20 rebuild -------------------------------------------------------------------------------- ================================================================================ mod_gnutls-0.5.10-13.fc19 (FEDORA-2014-10787) GnuTLS module for the Apache HTTP server -------------------------------------------------------------------------------- Update Information: config change to use system policy (rhbz#1109115) -------------------------------------------------------------------------------- ChangeLog: * Fri Sep 12 2014 Jiri Kastner <jkastner@xxxxxxxxxx> - 0.5.10-13 - config change to use system policy (rhbz#1109115) * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.5.10-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.5.10-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Thu Jan 23 2014 Joe Orton <jorton@xxxxxxxxxx> - 0.5.10-10 - fix _httpd_mmn expansion in absence of httpd-devel * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.5.10-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1109115 - Use the system crypto policy unless otherwise specified https://bugzilla.redhat.com/show_bug.cgi?id=1109115 -------------------------------------------------------------------------------- ================================================================================ orthanc-0.8.3-1.fc19 (FEDORA-2014-10792) RESTful DICOM server for healthcare and medical research -------------------------------------------------------------------------------- Update Information: New upstream version -------------------------------------------------------------------------------- ChangeLog: * Fri Sep 12 2014 Sebastien Jodogne <s.jodogne@xxxxxxxxx> 0.8.3-1 - New upstream version * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.8.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ python-oauth2-1.5.211-7.fc19 (FEDORA-2014-10784) Python support for improved oauth -------------------------------------------------------------------------------- Update Information: Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski. -------------------------------------------------------------------------------- ChangeLog: * Fri Sep 12 2014 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 1.5.211-7 - Fix CVE-2013-4346 and CVE-2013-4347 (thanks to Philippe Makowski) * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.5.211-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.5.211-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1007746 - CVE-2013-4346 python-oauth2: _check_signature() ignores the nonce value when validating signed urls https://bugzilla.redhat.com/show_bug.cgi?id=1007746 [ 2 ] Bug #1007758 - CVE-2013-4347 python-oauth2: Uses poor PRNG in nonce https://bugzilla.redhat.com/show_bug.cgi?id=1007758 -------------------------------------------------------------------------------- ================================================================================ squid-3.3.13-2.fc19 (FEDORA-2014-10794) The Squid proxy caching server -------------------------------------------------------------------------------- Update Information: This updated fixes CVE-2014-6270. -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 11 2014 Michal Luscon <mluscon@xxxxxxxxxx> - 7:3.3.13-2 - Fixed: CVE-2014-6270 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1139967 - CVE-2014-6270 squid: off-by-one error in snmpHandleUdp() leading to a bss-based buffer overflow https://bugzilla.redhat.com/show_bug.cgi?id=1139967 -------------------------------------------------------------------------------- ================================================================================ xscreensaver-5.30-1.fc19 (FEDORA-2014-10793) X screen saver and locker -------------------------------------------------------------------------------- Update Information: New version 5.30 is released. Some array index oversize fixes detected by gcc49 sanitizer -------------------------------------------------------------------------------- ChangeLog: * Fri Sep 12 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 1:5.30-1 - Update to 5.30 * Sat Sep 6 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 1:5.29-3 - Remove GtkDialog:has-separator usage to suppress warning for xscreensaver-demo on Fedora 21 and above * Thu Sep 4 2014 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 1:5.29-2 - gcc49 sanitizer array elements oversize fixes - Make parallel build actually work * Mon Aug 18 2014 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1:5.29-1.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
