The following Fedora 18 Security updates need testing: Age URL 28 https://admin.fedoraproject.org/updates/FEDORA-2013-21875/389-ds-base-1.3.0.... 14 https://admin.fedoraproject.org/updates/FEDORA-2013-22949/net-snmp-5.7.2-7.f... 11 https://admin.fedoraproject.org/updates/FEDORA-2013-23122/firefox-26.0-2.fc1... 11 https://admin.fedoraproject.org/updates/FEDORA-2013-23140/python-setuptools-... 9 https://admin.fedoraproject.org/updates/FEDORA-2013-23291/thunderbird-24.2.0... 7 https://admin.fedoraproject.org/updates/FEDORA-2013-23378/openttd-1.3.3-1.fc... 7 https://admin.fedoraproject.org/updates/FEDORA-2013-23401/v8-3.14.5.10-3.fc1... 5 https://admin.fedoraproject.org/updates/FEDORA-2013-23466/xen-4.2.3-12.fc18 4 https://admin.fedoraproject.org/updates/FEDORA-2013-23504/quagga-0.99.21-6.f... 2 https://admin.fedoraproject.org/updates/FEDORA-2013-23591/seamonkey-2.23-1.f... 2 https://admin.fedoraproject.org/updates/FEDORA-2013-23646/perl-Proc-Daemon-0... 2 https://admin.fedoraproject.org/updates/FEDORA-2013-23575/ca-certificates-20... 2 https://admin.fedoraproject.org/updates/FEDORA-2013-23662/rubygem-actionpack... 2 https://admin.fedoraproject.org/updates/FEDORA-2013-23663/ibus-chewing-1.4.4... 2 https://admin.fedoraproject.org/updates/FEDORA-2013-23678/gnupg-1.4.16-2.fc1...
The following Fedora 18 Critical Path updates have yet to be approved: Age URL 315 https://admin.fedoraproject.org/updates/FEDORA-2013-2192/nautilus-3.6.3-5.fc... 11 https://admin.fedoraproject.org/updates/FEDORA-2013-23140/python-setuptools-... 9 https://admin.fedoraproject.org/updates/FEDORA-2013-23291/thunderbird-24.2.0... 9 https://admin.fedoraproject.org/updates/FEDORA-2013-23312/dracut-029-1.fc18.... 9 https://admin.fedoraproject.org/updates/FEDORA-2013-23306/abrt-2.1.10-1.fc18... 9 https://admin.fedoraproject.org/updates/FEDORA-2013-23297/libfm-1.1.4-1.fc18 7 https://admin.fedoraproject.org/updates/FEDORA-2013-23381/cryptsetup-1.6.3-1... 1 https://admin.fedoraproject.org/updates/FEDORA-2013-23716/selinux-policy-3.1...
The following builds have been pushed to Fedora 18 updates-testing
NLopt-2.4.1-1.fc18 aime-7.20131209-1.fc18 libnet-1.1.6-7.fc18 lightdm-1.4.5-3.fc18 lyx-2.0.7-1.fc18 mate-power-manager-1.6.3-1.fc18 mate-settings-daemon-1.6.2-1.fc18 ngrep-1.45-15.git20131221.16ba99a.fc18 nomacs-1.6.2-1.fc18 proftpd-1.3.4d-5.fc18 rubygem-mixlib-cli-1.4.0-1.fc18 rubygem-mixlib-config-2.1.0-1.fc18 scap-security-guide-0.1.4-1.fc18 vifir-0.9-21.fc18
Details about builds:
================================================================================ NLopt-2.4.1-1.fc18 (FEDORA-2013-23834) Open-Source library for nonlinear optimization -------------------------------------------------------------------------------- Update Information:
new upstream release: v2.4.1 -------------------------------------------------------------------------------- ChangeLog:
* Fri Dec 20 2013 Björn Esser bjoern.esser@gmail.com - 2.4.1-1 - new upstream release: v2.4.1 - adapted %{source0} to match %{name} - changed `%global lc_name` to `%define lc_name`, because of globbing problems - use `tr` instead of shell-builtin for `%define lc_name` - move `README.md` only if existing * Fri Dec 20 2013 Björn Esser bjoern.esser@gmail.com - 2.4-3.git20130903.35e6377 - made %clean-target conditional on el5 - restructured spec-file for quick switching between snapshot and release - moved package-specific macros to the corresponding subpackage --------------------------------------------------------------------------------
================================================================================ aime-7.20131209-1.fc18 (FEDORA-2013-23842) An application embeddable programming language interpreter -------------------------------------------------------------------------------- Update Information:
New version. -------------------------------------------------------------------------------- ChangeLog:
* Sat Dec 21 2013 Christopher Meng rpm@cicku.me - 7.20131209-1 - Update to 7.20131209 * Fri Oct 11 2013 Christopher Meng rpm@cicku.me - 6.20130921-1 - Update to 6.20130921 --------------------------------------------------------------------------------
================================================================================ libnet-1.1.6-7.fc18 (FEDORA-2013-23775) C library for portable packet creation and injection -------------------------------------------------------------------------------- Update Information:
- Run autoreconf to recognize aarch64 (#925813) - Conditionalized usage of %{_lib} vs %{_libdir} for RHEL < 7 - Tight run-time dependencies between sub-packages via %{?_isa} -------------------------------------------------------------------------------- ChangeLog:
* Fri Dec 20 2013 Robert Scheck robert@fedoraproject.org 1.1.6-7 - Run autoreconf to recognize aarch64 (#925813) - Conditionalized usage of %{_lib} vs %{_libdir} for RHEL < 7 - Tight run-time dependencies between sub-packages via %{?_isa} * Sat Aug 3 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.1.6-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Thu Feb 14 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.1.6-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #925813 - libnet: Does not support aarch64 in f19 and rawhide https://bugzilla.redhat.com/show_bug.cgi?id=925813 --------------------------------------------------------------------------------
================================================================================ lightdm-1.4.5-3.fc18 (FEDORA-2013-23816) Lightweight Display Manager -------------------------------------------------------------------------------- Update Information:
Fix scriptlet error -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 11 2013 Rex Dieter rdieter@fedoraproject.org 1.4.5-3 - sync scriptlets with f20+ branch (#1029006) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1029006 - Error in PREUN scriptlet in rpm package lightdm-1.4.0-2.fc18.armv6hl https://bugzilla.redhat.com/show_bug.cgi?id=1029006 --------------------------------------------------------------------------------
================================================================================ lyx-2.0.7-1.fc18 (FEDORA-2013-23789) WYSIWYM (What You See Is What You Mean) document processor -------------------------------------------------------------------------------- Update Information:
Latest stable update. For further details see http://www.lyx.org/announce/2_0_7.txt -------------------------------------------------------------------------------- ChangeLog:
* Sat Dec 21 2013 José Matos jamatos@fedoraproject.org - 2.0.7-1 - update to 2.0.7 * Sat Aug 3 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.0.6-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Sat Jul 27 2013 pmachata@redhat.com - 2.0.6-2 - Rebuild for boost 1.54.0 --------------------------------------------------------------------------------
================================================================================ mate-power-manager-1.6.3-1.fc18 (FEDORA-2013-23833) MATE power management service -------------------------------------------------------------------------------- Update Information:
- updated to 1.6.3 release -------------------------------------------------------------------------------- ChangeLog:
* Fri Dec 20 2013 Wolfgang Ulbrich chat-to-me@raveit.de - 1.6.3-1 - updated to 1.6.3 release - fix build, add mate-power-manager_set-DISABLE_DEPRECATED-to-an-empty-string.patch - remove BR mate-keyring-devel - fix bogus date in %changelog --------------------------------------------------------------------------------
================================================================================ mate-settings-daemon-1.6.2-1.fc18 (FEDORA-2013-23798) MATE Desktop settings daemon -------------------------------------------------------------------------------- Update Information:
- update to 1.6.2 release -------------------------------------------------------------------------------- ChangeLog:
* Fri Dec 20 2013 Wolfgang Ulbrich chat-to-me@raveit.de - 1.6.2-1 - update to 1.6.2 release --------------------------------------------------------------------------------
================================================================================ ngrep-1.45-15.git20131221.16ba99a.fc18 (FEDORA-2013-23762) Network layer grep tool -------------------------------------------------------------------------------- Update Information:
- Checkout from official repo(BZ#1044630). - Remove patch for system pcre as configure script can handle it now. - Add format security check fix due to dumb GCC. -------------------------------------------------------------------------------- ChangeLog:
* Sat Dec 21 2013 Christopher Meng rpm@cicku.me - 1.45-15.git20131221.16ba99a - Checkout from official repo(BZ#1044630). - Remove patch for system pcre as configure script can handle it now. - Add format security check fix due to dumb GCC. * Mon Aug 26 2013 Christopher Meng rpm@cicku.me - 1.45-14 - SPEC Cleanup. - AArch64 support(BZ#926232). * Sat Aug 3 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.45-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Thu Feb 14 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.45-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1044630 - ngrep completely broken with latest libpcap 1.5 snapshot https://bugzilla.redhat.com/show_bug.cgi?id=1044630 --------------------------------------------------------------------------------
================================================================================ nomacs-1.6.2-1.fc18 (FEDORA-2013-23839) Lightweight image viewer -------------------------------------------------------------------------------- Update Information:
Version bump. -------------------------------------------------------------------------------- ChangeLog:
* Fri Dec 20 2013 TI_Eugene ti.eugene@gmail.com 1.6.2-1 - Version bump. * Tue Dec 3 2013 Rex Dieter rdieter@fedoraproject.org - 1.6.0.2-2 - rebuild (exiv2) --------------------------------------------------------------------------------
================================================================================ proftpd-1.3.4d-5.fc18 (FEDORA-2013-23806) Flexible, stable and highly-configurable FTP server -------------------------------------------------------------------------------- Update Information:
This update adds 3072-bit, 7680-bit and 8192-bit Diffie-Hellman group parameters, needed for support of some ciphers such as aes-256-ctr. -------------------------------------------------------------------------------- ChangeLog:
* Fri Dec 20 2013 Paul Howarth paul@city-fan.org 1.3.4d-5 - Fix support for 8192-bit DH parameters (#1044586) - Add 3072-bit and 7680-bit DH parameters (upstream bug 4002) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1044586 - proftpd does not ship 8192 bit dh parameter https://bugzilla.redhat.com/show_bug.cgi?id=1044586 --------------------------------------------------------------------------------
================================================================================ rubygem-mixlib-cli-1.4.0-1.fc18 (FEDORA-2013-23829) Simple Ruby mix-in for CLI interfaces -------------------------------------------------------------------------------- Update Information:
Update to 1.4.0 (bz#1038983) -------------------------------------------------------------------------------- ChangeLog:
* Fri Dec 20 2013 Julian C. Dunn jdunn@aquezada.com - 1.4.0-1 - Update to 1.4.0 (bz#1038983) * Sun Aug 4 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.3.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Fri Mar 8 2013 Josef Stribny jstribny@redhat.com - 1.3.0-3 - Rebuild for https://fedoraproject.org/wiki/Features/Ruby_2.0.0 * Thu Feb 14 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.3.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1038983 - rubygem-mixlib-cli-1.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1038983 --------------------------------------------------------------------------------
================================================================================ rubygem-mixlib-config-2.1.0-1.fc18 (FEDORA-2013-23778) Simple Ruby config mix-in -------------------------------------------------------------------------------- Update Information:
Upgrade to 2.1.0 (bz#1038984) -------------------------------------------------------------------------------- ChangeLog:
* Fri Dec 20 2013 Julian C. Dunn jdunn@aquezada.com - 2.1.0-1 - Upgrade to 2.1.0 (bz#1038984) * Sun Sep 15 2013 Julian C. Dunn jdunn@aquezada.com - 2.0.0-1 - Upgrade to 2.0.0 (bz#1012369) * Sun Aug 4 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.1.2-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Fri Mar 8 2013 Josef Stribny jstribny@redhat.com - 1.1.2-5 - Rebuild for https://fedoraproject.org/wiki/Features/Ruby_2.0.0 * Thu Feb 14 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.1.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1038984 - rubygem-mixlib-config-2.1.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1038984 --------------------------------------------------------------------------------
================================================================================ scap-security-guide-0.1.4-1.fc18 (FEDORA-2013-23779) Security guidance and baselines in SCAP formats -------------------------------------------------------------------------------- Update Information:
Rebase to upstream 0.1.4 version (includes fix for RH BZ#1040335)
-------------------------------------------------------------------------------- ChangeLog:
* Fri Dec 20 2013 Jan iankko Lieskovsky jlieskov@redhat.com 0.1.4-1 - Fix remediation for sshd set keepalive (ClientAliveCountMax) and move it to /shared - Add shared remediations for sshd disable empty passwords and sshd set idle timeout - Shared remediation for sshd disable root login - Add empty -compat subpackage to ensure backward-compatibility with openscap-content and firstaidkit-plugin-openscap packages (RH BZ#1040335) - OVAL check for sshd disable root login - Fix typo in OVAL check for sshd disable empty passwords - OVAL check for sshd disable empty passwords - Unselect no shelllogin for systemaccounts rule from being run by default - Rename XCCDF rules - Revert Set up Fedora release name and CPE based on build system properties - Shared OVAL check for Verify that Shared Library Files Have Root Ownership - Shared OVAL check for Verify that System Executables Have Restrictive Permissions - Shared OVAL check for Verify that System Executables Have Root Ownership - Shared OVAL check for Verify that Shared Library Files Have Restrictive Permissions - Fix remediation for Disable Prelinking rule - OVAL check and remediation for sshd's ClientAliveCountMax rule - OVAL check for sshd's ClientAliveInterval rule - Include descriptions for permissions section, and rules for checking permissions and ownership of shared library files and system executables - Disable selected rules by default - Add remediation for Disable Prelinking rule - Adjust service-enable-macro, service-disable-macro XSLT transforms definition to evaluate to proper systemd syntax - Fix service_ntpd_enabled OVAL check make validate to pass again - Include patch from Šimon Lukašík to obsolete openscap-content package (RH BZ#1028706) - Add OVAL check to test if there's is remote NTP server configured for time data - Add system settings section for the guide (to track system wide hardening configurations) - Include disable prelink rule and OVAL check for it - Initial OVAL check if ntpd service is enabled. Add package_installed OVAL templating directory structure and functionality. - Include services section, and XCCDF description for selected ntpd's sshd's service rules - Include remediations for login.defs' based password minimum, maximum and warning age rules - Include directory structure to support remediations - Add SCAP "replace or append pattern value in text file based on variable" remediation script generator - Add remediation for "Set Password Minimum Length in login.defs" rule * Mon Nov 18 2013 Jan iankko Lieskovsky jlieskov@redhat.com 0.1.3-1 - Update versioning scheme - move fedorassgrelease to be part of upstream version. Rename it to fedorassgversion to avoid name collision with Fedora package release. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1040335 - opescap should provide openscap-content and firstaidkit-plugin-openscap in the package https://bugzilla.redhat.com/show_bug.cgi?id=1040335 --------------------------------------------------------------------------------
================================================================================ vifir-0.9-21.fc18 (FEDORA-2013-23758) A viewer for electronic aviation charts -------------------------------------------------------------------------------- Update Information:
* Sat Dec 21 2013 Fabian Affolter mail@fabian-affolter.ch - 0.9-21 - Remove poppler dep (rhbz#1043506) * Thu Nov 28 2013 Fabian Affolter mail@fabian-affolter.ch - 0.9-20 - Rebuild for libgps -------------------------------------------------------------------------------- ChangeLog:
* Sat Dec 21 2013 Fabian Affolter mail@fabian-affolter.ch - 0.9-21 - Remove poppler dep (rhbz#1043506) * Thu Nov 28 2013 Fabian Affolter mail@fabian-affolter.ch - 0.9-20 - Rebuild for libgps * Mon Aug 19 2013 Marek Kasik mkasik@redhat.com - 0.9-19 - Rebuild (poppler-0.24.0) * Sun Aug 4 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.9-18 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Sun Jun 30 2013 Bruno Wolff III bruno@wolff.to - 0.9-17 - Rebuild for poppler soname bump * Wed Jun 26 2013 Fabian Affolter mail@fabian-affolter.ch - 0.9-16 - Rebuild poppler * Fri Feb 15 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.9-15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Fri Jan 18 2013 Marek Kasik mkasik@redhat.com - 0.9-14 - Rebuild (poppler-0.22.0) * Sat Nov 10 2012 Fabian Affolter mail@fabian-affolter.ch - 0.9-13 - Rebuild for F19 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1043506 - Vifir doesn't need poppler https://bugzilla.redhat.com/show_bug.cgi?id=1043506 --------------------------------------------------------------------------------