The following Fedora 19 Security updates need testing: Age URL 80 https://admin.fedoraproject.org/updates/FEDORA-2013-14814/python-glanceclien... 36 https://admin.fedoraproject.org/updates/FEDORA-2013-17836/davfs2-1.4.7-3.fc1... 23 https://admin.fedoraproject.org/updates/FEDORA-2013-18794/phpMyAdmin-3.5.8.2... 15 https://admin.fedoraproject.org/updates/FEDORA-2013-19262/quassel-0.9.1-1.fc... 8 https://admin.fedoraproject.org/updates/FEDORA-2013-19985/mod_nss-1.0.8-24.f... 8 https://admin.fedoraproject.org/updates/FEDORA-2013-19997/openstack-glance-2... 8 https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glance-2... 5 https://admin.fedoraproject.org/updates/FEDORA-2013-20202/mantis-1.2.15-3.fc... 5 https://admin.fedoraproject.org/updates/FEDORA-2013-20155/python-backports-s... 4 https://admin.fedoraproject.org/updates/FEDORA-2013-20260/rubygem-ruby-openi... 3 https://admin.fedoraproject.org/updates/FEDORA-2013-20373/openstack-keystone... 3 https://admin.fedoraproject.org/updates/FEDORA-2013-20340/spice-0.12.4-3.fc1... 2 https://admin.fedoraproject.org/updates/FEDORA-2013-20443/poppler-0.22.1-5.f... 0 https://admin.fedoraproject.org/updates/FEDORA-2013-20555/xen-4.2.3-7.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2013-20547/kernel-3.11.6-201....
The following Fedora 19 Critical Path updates have yet to be approved: Age URL 11 https://admin.fedoraproject.org/updates/FEDORA-2013-19749/langtable-0.0.17-1... 10 https://admin.fedoraproject.org/updates/FEDORA-2013-19787/openldap-2.4.36-4.... 3 https://admin.fedoraproject.org/updates/FEDORA-2013-20355/colord-1.0.4-1.fc1... 2 https://admin.fedoraproject.org/updates/FEDORA-2013-20438/plymouth-0.8.9-0.2... 2 https://admin.fedoraproject.org/updates/FEDORA-2013-20443/poppler-0.22.1-5.f... 0 https://admin.fedoraproject.org/updates/FEDORA-2013-20547/kernel-3.11.6-201.... 0 https://admin.fedoraproject.org/updates/FEDORA-2013-20487/acl-2.2.51-10.fc19
The following builds have been pushed to Fedora 19 updates-testing
VirtualGL-2.3.3-1.fc19 anki-2.0.16-1.fc19 ghc-MonadRandom-0.1.12-1.fc19 kernel-3.11.6-201.fc19 mate-applets-1.6.1-6.fc19 mlmmj-1.2.18.0-2.fc19 nfacct-1.0.1-1.fc19 php-pear-phing-2.6.1-1.fc19 php-pecl-mongo-1.4.4-1.fc19 php-swift-Swift-5.0.2-1.fc19 python-keyring-3.1-1.fc19 rubygem-opengl-0.8.0-2.fc19 rubygem-riddle-1.5.9-1.fc19 rubygem-ruby-opengl-0.60.1-14.fc19 texstudio-2.6.4-1.fc19 wireshark-1.10.3-1.fc19 xen-4.2.3-7.fc19
Details about builds:
================================================================================ VirtualGL-2.3.3-1.fc19 (FEDORA-2013-20548) A toolkit for displaying OpenGL applications to thin clients -------------------------------------------------------------------------------- Update Information:
Update to version 2.3.3. Fixes launching setuid root binaries in VGL. -------------------------------------------------------------------------------- ChangeLog:
* Sat Nov 2 2013 Gary Gatling gsgatlin@eos.ncsu.edu - 2.3.3-1 - Update to 2.3.3. * Tue Aug 6 2013 Gary Gatling gsgatlin@eos.ncsu.edu - 2.3.2-7 - Fix (#993894) unversioned docdir change for f20. * Sat Aug 3 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.3.2-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ anki-2.0.16-1.fc19 (FEDORA-2013-20540) Flashcard program for using space repetition learning -------------------------------------------------------------------------------- Update Information:
Update to new bugfix upstream release 2.0.16.
Minor bug fixes
Please see http://www.ankisrs.net/docs/changes.html for details. -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 1 2013 Christian Krause chkr@fedoraproject.org - 2.0.16-1 - Update to new upstream version 2.0.16 --------------------------------------------------------------------------------
================================================================================ ghc-MonadRandom-0.1.12-1.fc19 (FEDORA-2013-20550) Random-number generation monad -------------------------------------------------------------------------------- Update Information:
New release -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 1 2013 Shakthi Kannan <shakthimaan [AT] fedoraproject dot org> - 0.1.12-1 - Updated to new upstream 0.1.12 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1016212 - ghc-MonadRandom-0.1.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=1016212 --------------------------------------------------------------------------------
================================================================================ kernel-3.11.6-201.fc19 (FEDORA-2013-20547) The Linux kernel -------------------------------------------------------------------------------- Update Information:
Various bug and CVE fixes. -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 1 2013 Josh Boyer jwboyer@fedoraproject.org - 3.11.6-201 - Revert blocking patches causing systemd to crash on resume (rhbz 1010603) - CVE-2013-4348 net: deadloop path in skb_flow_dissect (rhbz 1007939 1025647) * Thu Oct 31 2013 Josh Boyer jwboyer@fedoraprorject.org - Fix display regression on Dell XPS 13 machines (rhbz 995782) * Tue Oct 29 2013 Josh Boyer jwboyer@fedoraproject.org - Fix plaintext auth regression in cifs (rhbz 1011621) * Fri Oct 25 2013 Josh Boyer jwboyer@fedoraproject.org - CVE-2013-4470 net: memory corruption with UDP_CORK and UFO (rhbz 1023477 1023495) - Add touchpad support for Dell XT2 (rhbz 1023413) * Tue Oct 22 2013 Josh Boyer jwboyer@fedoraproject.org - Add patch to fix warning in tcp_fastretrans_alert (rhbz 989251) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1007939 - CVE-2013-4348 kernel: net: deadloop path in skb_flow_dissect() https://bugzilla.redhat.com/show_bug.cgi?id=1007939 [ 2 ] Bug #1023477 - CVE-2013-4470 Kernel: net: memory corruption with UDP_CORK and UFO https://bugzilla.redhat.com/show_bug.cgi?id=1023477 --------------------------------------------------------------------------------
================================================================================ mate-applets-1.6.1-6.fc19 (FEDORA-2013-20546) MATE Desktop panel applets -------------------------------------------------------------------------------- Update Information:
- disable upower BR > f20, until we know to handle upower-1.0 -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 1 2013 Wolfgang Ulbrich chat-to-me@raveit.de - 1.6.1-6 - disable upower BR > f20, until we know to handle upower-1.0 * Sat Aug 3 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.6.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ mlmmj-1.2.18.0-2.fc19 (FEDORA-2013-20554) A simple and slim mailing list manager inspired by ezmlm -------------------------------------------------------------------------------- Update Information:
New RPM. -------------------------------------------------------------------------------- ChangeLog:
* Sat Oct 26 2013 Christopher Meng rpm@cicku.me - 1.2.18.0-2 - Filter out wrong dependencies. * Fri Aug 9 2013 Christopher Meng rpm@cicku.me - 1.2.18.0-1 - Resubmit the package. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #995933 - Re-Review Request: mlmmj - A simple and slim mailing list manager inspired by ezmlm https://bugzilla.redhat.com/show_bug.cgi?id=995933 --------------------------------------------------------------------------------
================================================================================ nfacct-1.0.1-1.fc19 (FEDORA-2013-20542) Command line tool to create/retrieve/delete accounting objects -------------------------------------------------------------------------------- Update Information:
new version of nfacct -------------------------------------------------------------------------------- ChangeLog:
--------------------------------------------------------------------------------
================================================================================ php-pear-phing-2.6.1-1.fc19 (FEDORA-2013-20541) A project build system based on Apache Ant -------------------------------------------------------------------------------- Update Information:
upstream 2.6.1 -------------------------------------------------------------------------------- ChangeLog:
* Sat Nov 2 2013 Christof Damian christof@damian.net - 2.6.1-1 - upstream 2.6.1 * Sun Aug 4 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.5.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #999512 - php-pear-phing-2.6.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=999512 --------------------------------------------------------------------------------
================================================================================ php-pecl-mongo-1.4.4-1.fc19 (FEDORA-2013-20552) PHP MongoDB database driver -------------------------------------------------------------------------------- Update Information:
upstream 1.4.4 -------------------------------------------------------------------------------- ChangeLog:
* Sat Nov 2 2013 Christof Damian christof@damian.net - 1.4.4-1 - upstream 1.4.4 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #997844 - php-pecl-mongo-1.4.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=997844 --------------------------------------------------------------------------------
================================================================================ php-swift-Swift-5.0.2-1.fc19 (FEDORA-2013-20535) Free Feature-rich PHP Mailer -------------------------------------------------------------------------------- Update Information:
upstream 5.0.2 -------------------------------------------------------------------------------- ChangeLog:
* Sat Nov 2 2013 Christof Damian christof@damian.net - 5.0.2-1 - upstream 5.0.2 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1003388 - php-swift-Swift-5.0.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1003388 --------------------------------------------------------------------------------
================================================================================ python-keyring-3.1-1.fc19 (FEDORA-2013-20551) Python library to access the system keyring service -------------------------------------------------------------------------------- Update Information:
Update to version 3.1 -------------------------------------------------------------------------------- ChangeLog:
* Tue Oct 22 2013 rtnpro rtnpro@gmail.com - 3.1-1 - Bump to version 3.1 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1007354 - Please update this package ASAP https://bugzilla.redhat.com/show_bug.cgi?id=1007354 --------------------------------------------------------------------------------
================================================================================ rubygem-opengl-0.8.0-2.fc19 (FEDORA-2013-20549) An OpenGL wrapper for Ruby -------------------------------------------------------------------------------- Update Information:
This is a new package. --------------------------------------------------------------------------------
================================================================================ rubygem-riddle-1.5.9-1.fc19 (FEDORA-2013-20536) An API for Sphinx, written in and for Ruby -------------------------------------------------------------------------------- Update Information:
New package. A Ruby API and configuration helper for the Sphinx search service. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1025100 - Review Request: rubygem-riddle - An API for Sphinx, written in and for Ruby https://bugzilla.redhat.com/show_bug.cgi?id=1025100 --------------------------------------------------------------------------------
================================================================================ rubygem-ruby-opengl-0.60.1-14.fc19 (FEDORA-2013-20543) OpenGL Interface for Ruby -------------------------------------------------------------------------------- Update Information:
Current rpm being shipped on Fedora contained some files with license unclear. With this rpm such files are removed. -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 1 2013 Mamoru TASAKA mtasaka@fedoraproject.org - 0.60.1-14 - Remove files with unclear licenses * Sun Aug 4 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.60.1-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ texstudio-2.6.4-1.fc19 (FEDORA-2013-20538) A feature-rich editor for LaTeX documents -------------------------------------------------------------------------------- Update Information:
- update to version 2.6.4 - for more details, have a look at http://sourceforge.net/projects/texstudio/files/texstudio/TeXstudio%202.6.4/ -------------------------------------------------------------------------------- ChangeLog:
* Sat Nov 2 2013 Johannes Lips hannes@fedoraproject.org 2.6.4-1 - Update to latest upstream version 2.6.4 * Sun Aug 4 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.6.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1023703 - Update TeXstudio to version 2.6.4 https://bugzilla.redhat.com/show_bug.cgi?id=1023703 --------------------------------------------------------------------------------
================================================================================ wireshark-1.10.3-1.fc19 (FEDORA-2013-20533) Network traffic analyzer -------------------------------------------------------------------------------- Update Information:
* Ver. 1.10.3 -------------------------------------------------------------------------------- ChangeLog:
* Sat Nov 2 2013 Peter Lemenkov lemenkov@gmail.com - 1.10.3-1 - Ver. 1.10.3 - Dropped upsteamed patch no. 13 --------------------------------------------------------------------------------
================================================================================ xen-4.2.3-7.fc19 (FEDORA-2013-20555) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information:
Lock order reversal between page allocation and grant table locks ocaml xenstored mishandles oversized message replies systemd changes to allow oxenstored to be used instead of xenstored -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 1 2013 Michael Young m.a.young@durham.ac.uk - 4.2.3-7 - Lock order reversal between page allocation and grant table locks [XSA-73, CVE-2013-4494] * Tue Oct 29 2013 Michael Young m.a.young@durham.ac.uk - 4.2.3-6 - ocaml xenstored mishandles oversized message replies [XSA-72, CVE-2013-4416] (#1024450) * Fri Oct 25 2013 Michael Young m.a.young@durham.ac.uk - 4.2.3-5 - systemd changes to allow oxenstored to be used instead of xenstored (#1022640) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1017875 - CVE-2013-4416 xen: ocaml xenstored mishandles oversized message replies (XSA-72) https://bugzilla.redhat.com/show_bug.cgi?id=1017875 --------------------------------------------------------------------------------