The following Fedora 17 Security updates need testing: Age URL 289 https://admin.fedoraproject.org/updates/FEDORA-2012-10269/revelation-0.4.14-1.fc17 101 https://admin.fedoraproject.org/updates/FEDORA-2013-0455/fedora-business-cards-1-0.1.beta1.fc17 71 https://admin.fedoraproject.org/updates/FEDORA-2013-2143/rubygem-rdoc-3.12-5.fc17 67 https://admin.fedoraproject.org/updates/FEDORA-2013-2315/rubygem-rack-1.4.0-4.fc17 30 https://admin.fedoraproject.org/updates/FEDORA-2013-4174/glibc-2.15-59.fc17 29 https://admin.fedoraproject.org/updates/FEDORA-2013-4234/stunnel-4.55-1.fc17 28 https://admin.fedoraproject.org/updates/FEDORA-2013-4296/tomcat6-6.0.36-1.fc17 24 https://admin.fedoraproject.org/updates/FEDORA-2013-4501/libxslt-1.1.28-1.fc17 21 https://admin.fedoraproject.org/updates/FEDORA-2013-4581/libuser-0.57.6-2.fc17 16 https://admin.fedoraproject.org/updates/FEDORA-2013-4827/haproxy-1.4.23-1.fc17 9 https://admin.fedoraproject.org/updates/FEDORA-2013-5440/php-geshi-1.0.8.11-3.fc17 9 https://admin.fedoraproject.org/updates/FEDORA-2013-5349/389-ds-base-1.2.11.21-1.fc17 8 https://admin.fedoraproject.org/updates/FEDORA-2013-5546/plexus-archiver-2.3-1.fc17 7 https://admin.fedoraproject.org/updates/FEDORA-2013-5610/curl-7.24.0-7.fc17 7 https://admin.fedoraproject.org/updates/FEDORA-2013-5623/phpMyAdmin-3.5.8-1.fc17 5 https://admin.fedoraproject.org/updates/FEDORA-2013-5756/pdns-recursor-3.5-1.fc17 4 https://admin.fedoraproject.org/updates/FEDORA-2013-5833/mantis-1.2.15-1.fc17 3 https://admin.fedoraproject.org/updates/FEDORA-2013-5967/xorg-x11-server-1.12.4-7.fc17 1 https://admin.fedoraproject.org/updates/FEDORA-2013-6107/php-twig-Twig-1.12.3-1.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-6170/mediawiki-1.19.5-1.fc17
The following Fedora 17 Critical Path updates have yet to be approved: Age URL 241 https://admin.fedoraproject.org/updates/FEDORA-2012-12509/PackageKit-0.7.6-1.fc17 70 https://admin.fedoraproject.org/updates/FEDORA-2013-2163/policycoreutils-2.1.13-27.3.fc17 49 https://admin.fedoraproject.org/updates/FEDORA-2013-3304/libvpx-1.2.0-1.fc17 30 https://admin.fedoraproject.org/updates/FEDORA-2013-4140/audit-2.2.3-2.fc17 11 https://admin.fedoraproject.org/updates/FEDORA-2013-5287/libogg-1.3.0-5.fc17 11 https://admin.fedoraproject.org/updates/FEDORA-2013-5288/python-pycurl-7.19.0-11.1.fc17 9 https://admin.fedoraproject.org/updates/FEDORA-2013-5476/perl-5.14.4-225.fc17 9 https://admin.fedoraproject.org/updates/FEDORA-2013-5353/abrt-2.1.3-2.fc17,libreport-2.1.3-1.fc17 7 https://admin.fedoraproject.org/updates/FEDORA-2013-5610/curl-7.24.0-7.fc17 5 https://admin.fedoraproject.org/updates/FEDORA-2013-5724/ncurses-5.9-10.20130413.fc17 1 https://admin.fedoraproject.org/updates/FEDORA-2013-6034/kernel-3.8.8-100.fc17 The following builds have been pushed to Fedora 17 updates-testing mediawiki-1.19.5-1.fc17 perl-Devel-PatchPerl-0.84-1.fc17 salt-0.14.1-1.fc17 ultimaker-marlin-firmware-12.12-0.5.RC1.fc17 xscreensaver-5.21-3.fc17 Details about builds: ================================================================================ mediawiki-1.19.5-1.fc17 (FEDORA-2013-6170) A wiki engine -------------------------------------------------------------------------------- Update Information: *An internal review discovered that specially crafted Lua function names could lead to XSS. https://bugzilla.wikimedia.org/show_bug.cgi?id=46084 *Daniel Franke reported that during SVG parsing, MediaWiki failed to prevent XML external entity (XXE) processing. This could lead to local file disclosure, or potentially remote command execution in environments that have enabled expect:// handling. https://bugzilla.wikimedia.org/show_bug.cgi?id=46859 *Internal review also discovered that Special:Import, and Extension:RSS failed to prevent XML external entity (XXE) processing. https://bugzilla.wikimedia.org/show_bug.cgi?id=47251 -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 17 2013 Michael Cronenworth <m...@cchtml.com> - 1.19.5-1 - New upstream release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #953666 - CVE-2013-1951 mediawiki: security releases 1.20.4 and 1.19.5 https://bugzilla.redhat.com/show_bug.cgi?id=953666 -------------------------------------------------------------------------------- ================================================================================ perl-Devel-PatchPerl-0.84-1.fc17 (FEDORA-2013-6165) Patch perl source à la Devel::PPPort's buildperl.pl -------------------------------------------------------------------------------- Update Information: This update includes an updated linux hints file. -------------------------------------------------------------------------------- ChangeLog: * Fri Apr 19 2013 Iain Arnell <iarn...@gmail.com> 0.84-1 - update to latest upstream version - drop IPC::Cmd dependency * Tue Feb 19 2013 Iain Arnell <iarn...@gmail.com> 0.78-1 - update to latest upstream version * Thu Feb 14 2013 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 0.76-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ salt-0.14.1-1.fc17 (FEDORA-2013-6156) A parallel remote execution system -------------------------------------------------------------------------------- Update Information: upstream patch release 0.14.1 and unit test fixes -------------------------------------------------------------------------------- ChangeLog: * Fri Apr 19 2013 Clint Savage <her...@gmail.com> - 0.14.1-1 - Update to upstream patch release 0.14.1 -------------------------------------------------------------------------------- ================================================================================ ultimaker-marlin-firmware-12.12-0.5.RC1.fc17 (FEDORA-2013-6176) Ultimaker firmware for the 3D printer -------------------------------------------------------------------------------- Update Information: package now includes both boudrates Ultimaker firmware for the 3D printer -------------------------------------------------------------------------------- References: [ 1 ] Bug #905681 - Review Request: ultimaker-marlin-firmware - Ultimaker firmware for the 3D printer https://bugzilla.redhat.com/show_bug.cgi?id=905681 -------------------------------------------------------------------------------- ================================================================================ xscreensaver-5.21-3.fc17 (FEDORA-2013-6160) X screen saver and locker -------------------------------------------------------------------------------- Update Information: Some issues are found on several hacks shipped in xscreensaver. Also an issue was reported that when installing gss rpms xscreensaver hacks appears in desktop entry. This new rpm will fix these issues. -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 21 2013 Mamoru TASAKA <mtas...@fedoraproject.org> - 1:5.21-3 - Fix the iteration number for pentomino mode in polyominoes (bug 954077) - Convert maxlife option from 5.20- for fireworkx (bug 953916) - Fix broken Name entry for desktop file of GL hacks (bug 953558) - Add OnlyShownIn entry for desktop files (bug 953558) -------------------------------------------------------------------------------- References: [ 1 ] Bug #954077 - [abrt] xscreensaver-extras-5.21-2.fc19: make_one_sided_pentomino: Process /usr/libexec/xscreensaver/polyominoes was killed by signal 11 (SIGSEGV) https://bugzilla.redhat.com/show_bug.cgi?id=954077 [ 2 ] Bug #953916 - [abrt] xscreensaver-extras-5.21-2.fc18: rnd: Process /usr/libexec/xscreensaver/fireworkx was killed by signal 8 (SIGFPE) https://bugzilla.redhat.com/show_bug.cgi?id=953916 [ 3 ] Bug #953558 - Xfce-Panel adds Xscreensaver-Plugins into Panelsection 'Other' (German: Sonstiges) https://bugzilla.redhat.com/show_bug.cgi?id=953558 -------------------------------------------------------------------------------- -- test mailing list test@lists.fedoraproject.org To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
