The following Fedora 19 Security updates need testing: Age URL 101 https://admin.fedoraproject.org/updates/FEDORA-2013-5801/mantis-1.2.15-1.fc1... 56 https://admin.fedoraproject.org/updates/FEDORA-2013-9715/heat-jeos-9-1.fc19 8 https://admin.fedoraproject.org/updates/FEDORA-2013-13143/owncloud-4.5.13-1.... 8 https://admin.fedoraproject.org/updates/FEDORA-2013-13176/fdupes-1.51-1.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2013-13244/novnc-0.4-7.fc19,o... 6 https://admin.fedoraproject.org/updates/FEDORA-2013-13258/xlockmore-5.43-1.f... 6 https://admin.fedoraproject.org/updates/FEDORA-2013-13297/rubygem-passenger-... 4 https://admin.fedoraproject.org/updates/FEDORA-2013-13332/ghc-xmonad-contrib... 2 https://admin.fedoraproject.org/updates/FEDORA-2013-13484/WebCalendar-1.2.7-... 2 https://admin.fedoraproject.org/updates/FEDORA-2013-13523/openttd-1.3.2-0.2.... 1 https://admin.fedoraproject.org/updates/FEDORA-2013-13468/squid-3.2.13-1.fc1... 0 https://admin.fedoraproject.org/updates/FEDORA-2013-13617/perl-Proc-ProcessT... 0 https://admin.fedoraproject.org/updates/FEDORA-2013-13620/gksu-polkit-0.0.3-... 0 https://admin.fedoraproject.org/updates/FEDORA-2013-13678/libgcrypt-1.5.3-1.... 0 https://admin.fedoraproject.org/updates/FEDORA-2013-13696/subversion-1.7.11-... 0 https://admin.fedoraproject.org/updates/FEDORA-2013-13698/python-keystonecli...
The following builds have been pushed to Fedora 19 updates-testing
NetworkManager-openvpn-0.9.8.2-3.fc19 NetworkManager-pptp-0.9.8.2-3.fc19 NetworkManager-vpnc-0.9.8.2-2.fc19 SDL-1.2.15-10.fc19 dogtag-pki-10.0.4-1.fc19 dogtag-pki-theme-10.0.4-1.fc19 gnome-themes-standard-3.8.3-1.fc19 groonga-3.0.6-1.fc19 guacamole-client-0.8.2-2.fc19 guacamole-server-0.8.2-1.fc19 gweled-0.9.1-7.20130725bzr91.fc19 hivex-1.3.8-1.fc19 ibus-1.5.3-1.fc19 ike-2.2.1-2.fc19 irqbalance-1.0.5-4.fc19 jackson-annotations-2.2.2-2.fc19 jackson-core-2.2.2-2.fc19 lfcbase-1.5.6-1.fc19 libgcrypt-1.5.3-1.fc19 libhbalinux-1.0.16-2.fc19 libhtp-0.5.6-1.fc19 libssh-0.5.5-1.fc19 libuv-0.10.13-1.fc19 lvm2-2.02.98-10.fc19 man-pages-de-0.5-10.fc19 mate-system-monitor-1.6.0-2.fc19 nodejs-0.10.14-1.fc19 openlmi-providers-0.0.25-3.fc19 ovirt-node-3.0.0-5.0.fc19 pki-console-10.0.4-1.fc19 pki-core-10.0.4-1.fc19 pki-ra-10.0.4-1.fc19 pki-tps-10.0.4-1.fc19 python-cffi-0.6-3.fc19 python-keystoneclient-0.2.3-5.fc19 python-pyphen-0.7-3.fc19 satyr-0.5-2.fc19 sblim-cmpi-syslog-0.9.0-1.fc19 sphinx-2.0.8-2.fc19 subversion-1.7.11-1.fc19 systemtap-2.3-1.fc19 unhide-1.0-10.fc19.20121229 wesnoth-1.10.6-4.fc19
Details about builds:
================================================================================ NetworkManager-openvpn-0.9.8.2-3.fc19 (FEDORA-2013-13722) NetworkManager VPN plugin for OpenVPN -------------------------------------------------------------------------------- Update Information:
This update fixes installing NetworkManager-openvpn-gnome package on update. -------------------------------------------------------------------------------- ChangeLog:
* Fri Jul 26 2013 Jiří Klimeš jklimes@redhat.com - 1:0.9.8.2-3 - Fixing Obsoletes to ensure NetworkManager-openvpn-gnome installs on update (rh #988131) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #988131 - The file libnm-openvpn-properties.so is missing on rpm package. https://bugzilla.redhat.com/show_bug.cgi?id=988131 --------------------------------------------------------------------------------
================================================================================ NetworkManager-pptp-0.9.8.2-3.fc19 (FEDORA-2013-13713) NetworkManager VPN plugin for PPTP -------------------------------------------------------------------------------- Update Information:
This update fixes installing NetworkManager-pptp-gnome package on update. -------------------------------------------------------------------------------- ChangeLog:
* Fri Jul 26 2013 Jiří Klimeš jklimes@redhat.com - 1:0.9.8.2-3 - Fixing Obsoletes to ensure NetworkManager-pptp-gnome installs on update (rh #986368) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #986368 - nm-applet vpn pptp configuration is not visible https://bugzilla.redhat.com/show_bug.cgi?id=986368 --------------------------------------------------------------------------------
================================================================================ NetworkManager-vpnc-0.9.8.2-2.fc19 (FEDORA-2013-13705) NetworkManager VPN plugin for vpnc -------------------------------------------------------------------------------- Update Information:
This update fixes installing NetworkManager-vpnc-gnome package on update. -------------------------------------------------------------------------------- ChangeLog:
* Fri Jul 26 2013 Jiří Klimeš jklimes@redhat.com - 1:0.9.8.2-2 - Fixing Obsoletes to ensure NetworkManager-vpnc-gnome installs on update (rh #983632) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #983632 - nm-applet VPN config is gone https://bugzilla.redhat.com/show_bug.cgi?id=983632 --------------------------------------------------------------------------------
================================================================================ SDL-1.2.15-10.fc19 (FEDORA-2013-13669) A cross-platform multimedia library -------------------------------------------------------------------------------- Update Information:
This release adds support for aRts, EsounD, and NAS audio outputs. -------------------------------------------------------------------------------- ChangeLog:
* Fri Jul 26 2013 Petr Pisar ppisar@redhat.com - 1.2.15-10 - Add esound and arts support (bug #851349) - Add NAS support -------------------------------------------------------------------------------- References:
[ 1 ] Bug #851349 - arts and esound BRs https://bugzilla.redhat.com/show_bug.cgi?id=851349 --------------------------------------------------------------------------------
================================================================================ dogtag-pki-10.0.4-1.fc19 (FEDORA-2013-13716) Dogtag Public Key Infrastructure (PKI) Suite -------------------------------------------------------------------------------- Update Information:
Trac Ticket 694 - create 10.0.4-1 builds -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 25 2013 Ade Lee alee@redhat.com 10.0.4-1 - Change release number for official release * Wed Jun 26 2013 Ade Lee alee@redhat.com 10.0.4-0.1 - Roll release to next version --------------------------------------------------------------------------------
================================================================================ dogtag-pki-theme-10.0.4-1.fc19 (FEDORA-2013-13676) Certificate System - Dogtag PKI Theme Components -------------------------------------------------------------------------------- Update Information:
Trac Ticket 694 - create 10.0.4-1 builds -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 25 2013 Ade Lee alee@redhat.com 10.0.4-1 - Change release number for official release * Wed Jun 26 2013 Ade Lee alee@redhat.com 10.0.4-0.1 - Roll release to next version --------------------------------------------------------------------------------
================================================================================ gnome-themes-standard-3.8.3-1.fc19 (FEDORA-2013-13477) Standard themes for GNOME applications -------------------------------------------------------------------------------- Update Information:
This update adds a few missing high-contrast icons for applications. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 25 2013 Matthias Clasen mclasen@redhat.com - 3.8.3-1 - Update to 3.8.3 * Mon Jul 22 2013 Matthias Clasen mclasen@redhat.com - 3.8.2-1 - Update to 3.8.2 --------------------------------------------------------------------------------
================================================================================ groonga-3.0.6-1.fc19 (FEDORA-2013-13691) An Embeddable Fulltext Search Engine -------------------------------------------------------------------------------- Update Information:
Update to 3.0.6 -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 29 2013 HAYASHI Kentaro hayashi@clear-code.com - 3.0.6-1 - new upstream release. --------------------------------------------------------------------------------
================================================================================ guacamole-client-0.8.2-2.fc19 (FEDORA-2013-13687) Server-side Java components that form the Guacamole application -------------------------------------------------------------------------------- Update Information:
Updated Guacamole with printing support on RDP plugin and VNC repeater support. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #985814 - Review Request: guacamole-client - Server-side Java components that form the Guacamole application https://bugzilla.redhat.com/show_bug.cgi?id=985814 [ 2 ] Bug #985818 - Review Request: guacamole-server - Server-side native components that form the Guacamole proxy https://bugzilla.redhat.com/show_bug.cgi?id=985818 --------------------------------------------------------------------------------
================================================================================ guacamole-server-0.8.2-1.fc19 (FEDORA-2013-13687) Server-side native components that form the Guacamole proxy -------------------------------------------------------------------------------- Update Information:
Updated Guacamole with printing support on RDP plugin and VNC repeater support. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #985814 - Review Request: guacamole-client - Server-side Java components that form the Guacamole application https://bugzilla.redhat.com/show_bug.cgi?id=985814 [ 2 ] Bug #985818 - Review Request: guacamole-server - Server-side native components that form the Guacamole proxy https://bugzilla.redhat.com/show_bug.cgi?id=985818 --------------------------------------------------------------------------------
================================================================================ gweled-0.9.1-7.20130725bzr91.fc19 (FEDORA-2013-13664) Swapping gem game -------------------------------------------------------------------------------- Update Information:
Update to bzr checkout to correct sound issue. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 25 2013 Jon Ciesla limburgher@gmail.com - 0.9.1-7.20130725bzr91 - Fix dates. - Update to bzr checkout to correct sound issue. --------------------------------------------------------------------------------
================================================================================ hivex-1.3.8-1.fc19 (FEDORA-2013-13727) Read and write Windows Registry binary hive files -------------------------------------------------------------------------------- Update Information:
Contains a fix for keys that use li-records for subkeys. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 25 2013 Richard W.M. Jones rjones@redhat.com - 1.3.8-1 - New upstream version 1.3.8. - Fixes handling of keys which use ri-records, for both reading and writing (RHBZ#717583, RHBZ#987463). - Remove upstream patch. - Rebase dirs patch against new upstream sources. - Rebase ruby patch against new upstream sources. - Modernize the RPM spec file. - Fix .gitignore. * Wed Jul 17 2013 Petr Pisar ppisar@redhat.com - 1.3.7-8 - Perl 5.18 rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #717583 - hivex fails to parse W2K3 x64 hive, returning ENOTSUP because ri-record offset does not point to lf/lh https://bugzilla.redhat.com/show_bug.cgi?id=717583 [ 2 ] Bug #987463 - Cannot add a child to a node that uses ri-records (hivex_node_add_child: Assertion `old_offs != 0' failed.) https://bugzilla.redhat.com/show_bug.cgi?id=987463 --------------------------------------------------------------------------------
================================================================================ ibus-1.5.3-1.fc19 (FEDORA-2013-13720) Intelligent Input Bus for Linux OS -------------------------------------------------------------------------------- Update Information:
This update adds Norwegian keyboard layout and also creates the system cache of /var/cache/ibus/bus/registry with ibus command during the post install. % ibus read-cache --help -------------------------------------------------------------------------------- ChangeLog:
--------------------------------------------------------------------------------
================================================================================ ike-2.2.1-2.fc19 (FEDORA-2013-13670) Shrew Soft VPN Client For Linux -------------------------------------------------------------------------------- Update Information:
fix broken logrotate -------------------------------------------------------------------------------- ChangeLog:
* Fri Jul 26 2013 maci maci@satgnu.net - 2.2.1-2 - fix #974283 - Bad logrotate config file * Wed Jun 5 2013 Marcel Wysocki maci@satgnu.net - 2.2.1-1 - update to 2.2.1 - use systemd macros (fedora 18+) - remove obsolete patch - spec cleanups -------------------------------------------------------------------------------- References:
[ 1 ] Bug #974283 - Bad logrotate config file https://bugzilla.redhat.com/show_bug.cgi?id=974283 --------------------------------------------------------------------------------
================================================================================ irqbalance-1.0.5-4.fc19 (FEDORA-2013-13730) IRQ balancing daemon -------------------------------------------------------------------------------- Update Information:
irqbalance was built in hardened mode to enhance its security Block irqbalance from running in virt environments -------------------------------------------------------------------------------- ChangeLog:
* Fri Jul 26 2013 Petr Holasek pholasek@redhat.com - 2:1.0.5-3 - Hardened build -------------------------------------------------------------------------------- References:
[ 1 ] Bug #983612 - no hardended build https://bugzilla.redhat.com/show_bug.cgi?id=983612 [ 2 ] Bug #975474 - add ConditionVirtualization to service file https://bugzilla.redhat.com/show_bug.cgi?id=975474 --------------------------------------------------------------------------------
================================================================================ jackson-annotations-2.2.2-2.fc19 (FEDORA-2013-13690) Core annotations for Jackson data processor -------------------------------------------------------------------------------- Update Information:
Initial import (#986165). -------------------------------------------------------------------------------- References:
[ 1 ] Bug #986165 - Review Request: jackson-annotations - Core annotations for Jackson data processor https://bugzilla.redhat.com/show_bug.cgi?id=986165 --------------------------------------------------------------------------------
================================================================================ jackson-core-2.2.2-2.fc19 (FEDORA-2013-13699) Core part of Jackson -------------------------------------------------------------------------------- Update Information:
Initial import (#986170). -------------------------------------------------------------------------------- References:
[ 1 ] Bug #986170 - Review Request: jackson-core - Core part of Jackson https://bugzilla.redhat.com/show_bug.cgi?id=986170 --------------------------------------------------------------------------------
================================================================================ lfcbase-1.5.6-1.fc19 (FEDORA-2013-13677) Lemke Foundation Classes -------------------------------------------------------------------------------- Update Information:
New version. -------------------------------------------------------------------------------- ChangeLog:
* Fri Jul 26 2013 Christopher Meng rpm@cicku.me - 1.5.6-1 - New release. --------------------------------------------------------------------------------
================================================================================ libgcrypt-1.5.3-1.fc19 (FEDORA-2013-13678) A general-purpose cryptography library -------------------------------------------------------------------------------- Update Information:
Minor update from upstream fixing a moderate impact security issue. -------------------------------------------------------------------------------- ChangeLog:
* Fri Jul 26 2013 Tomáš Mráz tmraz@redhat.com 1.5.3-1 - new upstream version fixing cache side-channel attack on RSA private keys * Thu Jun 20 2013 Tomáš Mráz tmraz@redhat.com 1.5.2-3 - silence false error detected by valgrind (#968288) * Thu Apr 25 2013 Tomáš Mráz tmraz@redhat.com 1.5.2-2 - silence strict aliasing warning in Rijndael - apply UsrMove - spec file cleanups -------------------------------------------------------------------------------- References:
[ 1 ] Bug #988589 - GnuPG susceptible to Yarom/Falkner flush+reload cache side-channel attack https://bugzilla.redhat.com/show_bug.cgi?id=988589 --------------------------------------------------------------------------------
================================================================================ libhbalinux-1.0.16-2.fc19 (FEDORA-2013-13689) FC-HBAAPI implementation using scsi_transport_fc interfaces -------------------------------------------------------------------------------- Update Information:
Fix an old bogus date in the changelog. -------------------------------------------------------------------------------- ChangeLog:
* Fri Jul 26 2013 Petr Šabata contyk@redhat.com - 1.0.16-2 - Fix a bogus date in changelog * Tue Jun 4 2013 Petr Šabata contyk@redhat.com - 1.0.16-1 - 1.0.16 bump --------------------------------------------------------------------------------
================================================================================ libhtp-0.5.6-1.fc19 (FEDORA-2013-13710) Security-aware parser for the HTTP protocol and the related bits and pieces -------------------------------------------------------------------------------- Update Information:
This is the latest tagged version from upstream.
See [the changelog](https://github.com/ironbee/libhtp/blob/0.5.6/ChangeLog) for the list of changes. -------------------------------------------------------------------------------- ChangeLog:
* Fri Jul 26 2013 Mathieu Bridon bochecha@fedoraproject.org - 0.5.6-1 - New upstream release: 0.5.6. --------------------------------------------------------------------------------
================================================================================ libssh-0.5.5-1.fc19 (FEDORA-2013-13673) A library implementing the SSH2 protocol (0xbadc0de version) -------------------------------------------------------------------------------- Update Information:
Update to libssh 0.5.5 Add EPEL 5 support and enable Doxygen documentation. -------------------------------------------------------------------------------- ChangeLog:
* Fri Jul 26 2013 - Andreas Schneider asn@redhat.com - 0.5.5-1 - Update to 0.5.5. - Clenup the spec file. * Thu Jul 18 2013 Simone Caronni negativo17@gmail.com - 0.5.4-5 - Add EPEL 5 support. - Add Debian patches to enable Doxygen documentation. --------------------------------------------------------------------------------
================================================================================ libuv-0.10.13-1.fc19 (FEDORA-2013-13679) Platform layer for node.js -------------------------------------------------------------------------------- Update Information:
2013.07.25, Version 0.10.14 (Stable)
* os: Don't report negative times in cpu info (Ben Noordhuis)
* fs: Handle large UID and GID (Ben Noordhuis)
* url: Fix edge-case when protocol is non-lowercase (Shuan Wang)
* doc: Streams API Doc Rewrite (isaacs)
* node: call MakeDomainCallback in all domain cases (Trevor Norris)
* crypto: fix memory leak in LoadPKCS12 (Fedor Indutny)
* libuv: unix, windows: fix uv_fs_chown() function prototype (Ben Noordhuis) -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 25 2013 T.C. Hollingsworth tchollingsworth@gmail.com - 1:0.10.13-1 - new upstream release 0.10.13 https://github.com/joyent/libuv/blob/v0.10.13/ChangeLog --------------------------------------------------------------------------------
================================================================================ lvm2-2.02.98-10.fc19 (FEDORA-2013-13665) Userland logical volume management tools -------------------------------------------------------------------------------- Update Information:
This update fixes a bug which caused the 'devices/global_filter' lvm.conf setting to be ignored on 'pvscan --cache <device>' call that is responsible for updating the LVM metadata daemon (lvmetad). When lvmetad is used (global/use_lvmetad=1), the 'pvscan --cache <device>' is called automatically for each relevant udev event and as a consequence this bug caused the lvmetad to keep information about devices that should have been filtered. Such information was provided to LVM commands then, hence bypassing the global_filter. The update also fixes a segfault on incorrectly specified global_filter.
This update also changes severity of messages coming from lvm2-activation-generator systemd generator that is responsible for activating the LVM volumes if lvmetad is not used. Now, LOG_ERR syslog severity is issued only if an error occurs, but only LOG_DEBUG if it's an informative/debug message (e.g. "LVM: Activation generator successfully completed."). -------------------------------------------------------------------------------- ChangeLog:
* Fri Jul 26 2013 Peter Rajnoha prajnoha@redhat.com - 2.02.98-10 - Respect lvmetad global filter in pvscan --cache with a device. - Fix segfault if devices/global_filter is not specified correctly. - Use LOG_DEBUG/ERR msg severity instead default for lvm2-activation-generator. - Do not include /lib/udev and /lib/udev/rules.d in device-mapper package. - Fix some incorrect changelog dates. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #986534 - LVM: Logical Volume autoactivation/generator messages in dmesg https://bugzilla.redhat.com/show_bug.cgi?id=986534 [ 2 ] Bug #986954 - LVM2 commands in F19 started to report "No device found for PV ..." if global_filter is used https://bugzilla.redhat.com/show_bug.cgi?id=986954 --------------------------------------------------------------------------------
================================================================================ man-pages-de-0.5-10.fc19 (FEDORA-2013-13711) German man pages from the Linux Documentation Project -------------------------------------------------------------------------------- Update Information:
Fix directory ownership. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 25 2013 Adel Gadllah adel.gadllah@gmail.com - 0.5-10 - Really fix directory ownership * Thu Jul 25 2013 Adel Gadllah adel.gadllah@gmail.com - 0.5-9 - Fix directory ownership -------------------------------------------------------------------------------- References:
[ 1 ] Bug #569392 - Wrong directory ownership https://bugzilla.redhat.com/show_bug.cgi?id=569392 --------------------------------------------------------------------------------
================================================================================ mate-system-monitor-1.6.0-2.fc19 (FEDORA-2013-13694) Process and resource monitor -------------------------------------------------------------------------------- Update Information:
- add upstream patch to fix rhbz (#888696) - add upstream patch to add manpages -------------------------------------------------------------------------------- ChangeLog:
* Fri Jul 26 2013 Wolfgang Ulbrich chat-to-me@raveit.de - 1.6.0-2 - add upstream patch to fix rhbz (#888696) - add upstream patch to add manpages - clean up BRs - use hardlink to save space by linking identical images in translated docs - remove --with-gnome find language flag - remove needless gsettings convert file --------------------------------------------------------------------------------
================================================================================ nodejs-0.10.14-1.fc19 (FEDORA-2013-13679) JavaScript runtime -------------------------------------------------------------------------------- Update Information:
2013.07.25, Version 0.10.14 (Stable)
* os: Don't report negative times in cpu info (Ben Noordhuis)
* fs: Handle large UID and GID (Ben Noordhuis)
* url: Fix edge-case when protocol is non-lowercase (Shuan Wang)
* doc: Streams API Doc Rewrite (isaacs)
* node: call MakeDomainCallback in all domain cases (Trevor Norris)
* crypto: fix memory leak in LoadPKCS12 (Fedor Indutny)
* libuv: unix, windows: fix uv_fs_chown() function prototype (Ben Noordhuis) -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 25 2013 T.C. Hollingsworth tchollingsworth@gmail.com - 0.10.14-1 - new upstream release 0.10.14 http://blog.nodejs.org/2013/07/25/node-v0-10-14-stable/ --------------------------------------------------------------------------------
================================================================================ openlmi-providers-0.0.25-3.fc19 (FEDORA-2013-13702) Set of basic CIM providers -------------------------------------------------------------------------------- Update Information:
Rebuild for konkretcmpi-0.9.1 Again add registration of 05_LMI_Qualifiers.mof -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 15 2013 Jan Synáček jsynacek@redhat.com - 0.0.25-3 - Rebuild against new konkretcmpi - Really fix the compilation against new konkretcmpi * Fri Jun 28 2013 Roman Rakus rrakus@redhat.com - 0.0.25-2 - Againg add registration of 05_LMI_Qualifiers.mof -------------------------------------------------------------------------------- References:
[ 1 ] Bug #973233 - sfcbd process SEGV on openlmi lmiusers request https://bugzilla.redhat.com/show_bug.cgi?id=973233 --------------------------------------------------------------------------------
================================================================================ ovirt-node-3.0.0-5.0.fc19 (FEDORA-2013-13726) The oVirt Node daemons/scripts -------------------------------------------------------------------------------- Update Information:
Update to latest upstream -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 25 2013 Mike Burns mburns@redhat.com 3.0.0-5.0 - rebase to 3.0.0 upstream * Thu Feb 28 2013 Fabian Deutsch fabiand@fedoraproject.org - 2.6.1-1 - Update to upstream 2.6.1 release - Drop anyterm, krb5-workstation dependencies --------------------------------------------------------------------------------
================================================================================ pki-console-10.0.4-1.fc19 (FEDORA-2013-13682) Certificate System - PKI Console -------------------------------------------------------------------------------- Update Information:
Trac Ticket 694 - create 10.0.4-1 builds -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 25 2013 Ade Lee alee@redhat.com 10.0.4-1 - Change release number for official release * Wed Jun 26 2013 Ade Lee alee@redhat.com 10.0.4-0.1 - Roll release to next version --------------------------------------------------------------------------------
================================================================================ pki-core-10.0.4-1.fc19 (FEDORA-2013-13703) Certificate System - PKI Core Components -------------------------------------------------------------------------------- Update Information:
Trac Ticket 694 - create 10.0.4-1 builds -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 25 2013 Ade Lee alee@redhat.com 10.0.4-1 - Change release number for official release * Wed Jul 24 2013 Matthew Harmsen mharmsen@redhat.com 10.0.4-0.4 - Bugzilla Bug #986506 - Need to determine RPM packages to be excluded from compose . . . (exclude pki-kra, pki-ocsp, and pki-tks from rhel 7) * Wed Jul 17 2013 Endi S. Dewata edewata@redhat.com 10.0.4-0.3 - Added man pages for upgrade tools. - Cleaned up the code to install man pages. * Tue Jul 9 2013 Ade Lee alee@redhat.com 10.0.4-0.2 - Bugzilla Bug 973224 - resteasy-base must be split into subpackages to simplify dependencies * Wed Jun 26 2013 Ade Lee alee@redhat.com 10.0.4-0.1 - Roll release to next version --------------------------------------------------------------------------------
================================================================================ pki-ra-10.0.4-1.fc19 (FEDORA-2013-13723) Certificate System - Registration Authority -------------------------------------------------------------------------------- Update Information:
Trac Ticket 694 - create 10.0.4-1 builds -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 25 2013 Ade Lee alee@redhat.com 10.0.4-1 - Change release number for official release * Thu Jul 11 2013 Ade Lee alee@redhat.com 10.0.4-0.2 - Add systemd build requirement to fix build failures in f19 * Wed Jun 26 2013 Ade Lee alee@redhat.com 10.0.4-0.1 - Roll release to next version --------------------------------------------------------------------------------
================================================================================ pki-tps-10.0.4-1.fc19 (FEDORA-2013-13686) Certificate System - Token Processing System -------------------------------------------------------------------------------- Update Information:
Trac Ticket 694 - create 10.0.4-1 builds -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 25 2013 Ade Lee alee@redhat.com 10.0.4-1 - Change release number for official release * Thu Jul 11 2013 Ade Lee alee@redhat.com 10.0.4-0.2 - Add systemd build requirement to fix build failures in f19 * Wed Jun 26 2013 Ade Lee alee@redhat.com 10.0.4-0.1 - Roll release to next version --------------------------------------------------------------------------------
================================================================================ python-cffi-0.6-3.fc19 (FEDORA-2013-13681) Foreign Function Interface for Python to call C code -------------------------------------------------------------------------------- Update Information:
Foreign Function Interface for Python to call C code -------------------------------------------------------------------------------- References:
[ 1 ] Bug #986712 - Review Request: python-cffi - Foreign Function Interface for Python to call C code https://bugzilla.redhat.com/show_bug.cgi?id=986712 --------------------------------------------------------------------------------
================================================================================ python-keystoneclient-0.2.3-5.fc19 (FEDORA-2013-13698) Client library for OpenStack Identity API -------------------------------------------------------------------------------- Update Information:
Selective backports from stable/grizzly:
* Ec2Signer: Initial support for v4 signature verification. * Default signing_dir to secure temp dir. * Fix memcache encryption middleware. (CVE-2013-2166, CVE-2013-2167) * Check token expiry. (CVE-2013-2104) -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 25 2013 Jakub Ruzicka jruzicka@redhat.com 0.2.3-5 - Ec2Signer: Initial support for v4 signature verification. - Default signing_dir to secure temp dir. - Fix memcache encryption middleware. (CVE-2013-2166, CVE-2013-2167) * Tue May 28 2013 Jakub Ruzicka jruzicka@redhat.com 0.2.3-4 - Check token expiry. (CVE-2013-2104) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #974271 - CVE-2013-2166 CVE-2013-2167 python-keystoneclient: middleware memcache encryption and signing bypass https://bugzilla.redhat.com/show_bug.cgi?id=974271 [ 2 ] Bug #965852 - CVE-2013-2104 OpenStack Keystone: Missing expiration check in Keystone PKI token validation https://bugzilla.redhat.com/show_bug.cgi?id=965852 --------------------------------------------------------------------------------
================================================================================ python-pyphen-0.7-3.fc19 (FEDORA-2013-13675) Pure Python module to hyphenate text -------------------------------------------------------------------------------- Update Information:
Pure Python module to hyphenate text -------------------------------------------------------------------------------- References:
[ 1 ] Bug #986634 - Review Request: python-pyphen - Pure Python module to hyphenate text https://bugzilla.redhat.com/show_bug.cgi?id=986634 --------------------------------------------------------------------------------
================================================================================ satyr-0.5-2.fc19 (FEDORA-2013-13733) Tools to create anonymous, machine-friendly problem reports -------------------------------------------------------------------------------- Update Information:
This update adds the ability to generate core stacktraces from GDB output. This update adds the ability to generate core stacktraces from GDB output. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 25 2013 Martin Milata mmilata@redhat.com 0.5-2 - Remove libunwind dependency altogether, always use GDB for unwinding. * Thu Jul 25 2013 Jakub Filak jfilak@redhat.com 0.5-1 - Added function that creates core stacktrace from GDB output. Several bugfixes. * Tue Jul 9 2013 Martin Milata mmilata@redhat.com 0.4-2 - Fix failing tests (failure manifests only on s390x) --------------------------------------------------------------------------------
================================================================================ sblim-cmpi-syslog-0.9.0-1.fc19 (FEDORA-2013-13712) SBLIM syslog instrumentation -------------------------------------------------------------------------------- Update Information:
Rebase to latest upstream version just for cleaniness, changes are very tiny against recent packages, mostly compatibility fixes for older distros. -------------------------------------------------------------------------------- ChangeLog:
* Fri Jul 26 2013 Tomas Bzatek tbzatek@redhat.com - 0.9.0-1 - Update to sblim-cmpi-syslog-0.9.0 --------------------------------------------------------------------------------
================================================================================ sphinx-2.0.8-2.fc19 (FEDORA-2013-13728) Free open-source SQL full-text search engine -------------------------------------------------------------------------------- Update Information:
enable-id64 flag for 64-bit builds -------------------------------------------------------------------------------- ChangeLog:
* Fri Jul 26 2013 Christof Damian christof@damian.net - 2.0.8-2 - --enable-id64 flag for 64-bit builds -------------------------------------------------------------------------------- References:
[ 1 ] Bug #978577 - ./configure needs to be run with the --enable-id64 flag for 64-bit builds https://bugzilla.redhat.com/show_bug.cgi?id=978577 --------------------------------------------------------------------------------
================================================================================ subversion-1.7.11-1.fc19 (FEDORA-2013-13696) A Modern Concurrent Version Control System -------------------------------------------------------------------------------- Update Information:
This update includes the latest release of Apache Subversion 1.7, version 1.7.11. This fixes a security vulnerability in mod_dav_svn:
Subversion's mod_dav_svn Apache HTTPD server module will trigger an assertion on some requests made against a revision root. This can lead to a DoS. If assertions are disabled it will trigger a read overflow which may cause a segmentation fault or undefined behavior. Commit access is required to exploit this. (CVE-2013-4131) -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 25 2013 Joe Orton jorton@redhat.com - 1.7.11-1 - update to 1.7.11 - use full relro in mod_dav_svn build (#973694) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #986194 - CVE-2013-4131 subversion: DoS (assertion failure, crash) in mod_dav_svn when handling certain MOVE, COPY, or DELETE HTTP requests https://bugzilla.redhat.com/show_bug.cgi?id=986194 --------------------------------------------------------------------------------
================================================================================ systemtap-2.3-1.fc19 (FEDORA-2013-13734) Programmable system-wide instrumentation system -------------------------------------------------------------------------------- Update Information:
SystemTap release 2.3: improved pass-2 error messages, runtime preprocessor conditionals, global module variable visibility, internal improvements, colorized error messages, uprobe pre-filtering, re-written regular expression support -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 25 2013 David Smith dsmith@redhat.com - 2.3 - Upstream release. --------------------------------------------------------------------------------
================================================================================ unhide-1.0-10.fc19.20121229 (FEDORA-2013-13717) Tool to find hidden processes and TCP/UDP ports from rootkits -------------------------------------------------------------------------------- Update Information:
New upstream release with many fixes given in changelog file. -------------------------------------------------------------------------------- ChangeLog:
* Fri Jul 26 2013 Parag <paragn AT fedoraproject DOT org> - 1.0-10.20121229 - Update to new version -------------------------------------------------------------------------------- References:
[ 1 ] Bug #984776 - New version request https://bugzilla.redhat.com/show_bug.cgi?id=984776 [ 2 ] Bug #974638 - Outdated package https://bugzilla.redhat.com/show_bug.cgi?id=974638 --------------------------------------------------------------------------------
================================================================================ wesnoth-1.10.6-4.fc19 (FEDORA-2013-13732) Turn-based strategy game with a fantasy theme -------------------------------------------------------------------------------- Update Information:
Fix for man page ownership. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 25 2013 Jon Ciesla limburgher@gmail.com - 1.10.6-4 - Fix man page ownership, BZ 958465. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #988456 - wesnoth-data owns some man page directories https://bugzilla.redhat.com/show_bug.cgi?id=988456 --------------------------------------------------------------------------------