The following Fedora 19 Security updates need testing: Age URL 383 https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glance-2013.1.4-1.fc19 195 https://admin.fedoraproject.org/updates/FEDORA-2014-5896/nrpe-2.15-2.fc19 146 https://admin.fedoraproject.org/updates/FEDORA-2014-7496/readline-6.2-8.fc19 64 https://admin.fedoraproject.org/updates/FEDORA-2014-10366/icecream-1.0.1-8.20140822git.fc19 63 https://admin.fedoraproject.org/updates/FEDORA-2014-10640/libreoffice-4.1.6.2-8.fc19 48 https://admin.fedoraproject.org/updates/FEDORA-2014-11544/drupal6-6.33-1.fc19 41 https://admin.fedoraproject.org/updates/FEDORA-2014-12057/krb5-1.11.3-29.fc19 27 https://admin.fedoraproject.org/updates/FEDORA-2014-13047/libxml2-2.9.1-2.fc19 27 https://admin.fedoraproject.org/updates/FEDORA-2014-13018/deluge-1.3.10-1.fc19 17 https://admin.fedoraproject.org/updates/FEDORA-2014-13551/wpa_supplicant-2.0-12.fc19 12 https://admin.fedoraproject.org/updates/FEDORA-2014-14066/php-sabredav-Sabre_VObject-2.1.4-1.fc19,php-sabredav-Sabre_HTTP-1.7.11-1.fc19,php-sabredav-Sabre_CalDAV-1.7.9-1.fc19,php-sabredav-Sabre_DAVACL-1.7.9-1.fc19,php-sabredav-Sabre_CardDAV-1.7.9-2.fc19,php-sabredav-Sabre_DAV-1.7.13-1.fc19,owncloud-5.0.17-2.fc19 12 https://admin.fedoraproject.org/updates/FEDORA-2014-14068/kernel-3.14.23-100.fc19 8 https://admin.fedoraproject.org/updates/FEDORA-2014-14266/python-2.7.5-15.fc19 8 https://admin.fedoraproject.org/updates/FEDORA-2014-14237/claws-mail-plugins-3.11.1-1.fc19,claws-mail-3.11.1-2.fc19,libetpan-1.6-1.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-13702/konversation-1.5.1-1.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-14359/curl-7.29.0-25.fc19 4 https://admin.fedoraproject.org/updates/FEDORA-2014-14498/python-requests-kerberos-0.6-1.fc19 3 https://admin.fedoraproject.org/updates/FEDORA-2014-14564/qpid-cpp-0.26-12.fc19 2 https://admin.fedoraproject.org/updates/FEDORA-2014-14699/drupal7-ckeditor-1.16-2.fc19 1 https://admin.fedoraproject.org/updates/FEDORA-2014-14738/gnutls-3.1.20-6.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14838/avr-binutils-2.24-2.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14865/kde-workspace-4.11.14-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14874/arm-none-eabi-binutils-cs-2014.05.28-2.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14912/polarssl-1.2.12-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14980/python-pillow-2.0.0-16.gitd1c6db8.fc19
The following Fedora 19 Critical Path updates have yet to be approved: Age URL 331 https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmarks-15-5.fc19 257 https://admin.fedoraproject.org/updates/FEDORA-2014-3245/testdisk-6.14-2.fc19.1,ntfs-3g-2014.2.15-1.fc19 12 https://admin.fedoraproject.org/updates/FEDORA-2014-14068/kernel-3.14.23-100.fc19 12 https://admin.fedoraproject.org/updates/FEDORA-2014-14047/qtwebkit-2.3.4-1.fc19 8 https://admin.fedoraproject.org/updates/FEDORA-2014-14266/python-2.7.5-15.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-14359/curl-7.29.0-25.fc19 4 https://admin.fedoraproject.org/updates/FEDORA-2014-14516/pcre-8.32-11.fc19 4 https://admin.fedoraproject.org/updates/FEDORA-2014-14505/unzip-6.0-12.fc19 1 https://admin.fedoraproject.org/updates/FEDORA-2014-14738/gnutls-3.1.20-6.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14807/device-mapper-persistent-data-0.4.1-2.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14846/pciutils-3.3.0-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-14865/kde-workspace-4.11.14-1.fc19 The following builds have been pushed to Fedora 19 updates-testing FoXlibf-4.1.2-1.fc19 arm-none-eabi-binutils-cs-2014.05.28-2.fc19 avr-binutils-2.24-2.fc19 createrepo_c-0.7.4-1.fc19 device-mapper-persistent-data-0.4.1-2.fc19 drupal7-drush_language-1.3-1.fc19 drupal7-l10n_update-1.1-1.fc19 elk-2.3.22-10.fc19 gpaw-0.10.0.11364-7.fc19 kde-workspace-4.11.14-1.fc19 libHX-3.22-1.fc19 lis-1.5.11-1.fc19 love-0.9.1-1.fc19 mozilla-noscript-2.6.9.3-1.fc19 nodejs-nsp-audit-shrinkwrap-1.0.0-1.fc19 pciutils-3.3.0-1.fc19 perl-MCE-1.520-1.fc19 perl-PerlIO-utf8_strict-0.005-1.fc19 perl-Rose-DB-Object-0.813-4.fc19 php-channel-phpseclib-1.3-1.fc19 php-phpseclib-crypt-aes-0.3.9-1.fc19 php-phpseclib-crypt-base-0.3.9-1.fc19 php-phpseclib-crypt-blowfish-0.3.9-2.fc19 php-phpseclib-crypt-des-0.3.9-2.fc19 php-phpseclib-crypt-hash-0.3.9-1.fc19 php-phpseclib-crypt-random-0.3.9-1.fc19 php-phpseclib-crypt-rc4-0.3.9-2.fc19 php-phpseclib-crypt-rijndael-0.3.9-2.fc19 php-phpseclib-crypt-rsa-0.3.9-1.fc19 php-phpseclib-crypt-tripledes-0.3.9-2.fc19 php-phpseclib-crypt-twofish-0.3.9-2.fc19 php-phpseclib-math-biginteger-0.3.9-1.fc19 php-phpseclib-net-sftp-0.3.9-1.fc19 php-phpseclib-net-ssh2-0.3.9-1.fc19 php-phpunit-PHPUnit-3.7.34-2.fc19 php-theseer-autoload-1.16.0-2.fc19 pjproject-2.3-5.fc19 polarssl-1.2.12-1.fc19 python-pillow-2.0.0-16.gitd1c6db8.fc19 rubygem-test-unit-notify-1.0.4-1.fc19 screen-4.1.0-0.17.20120314git3c2946.fc19 supertux-0.3.4-1.fc19 tcalc-1.3-1.fc19 tor-0.2.5.10-1.fc19 torsocks-2.0.0-2.fc19 wxGTK3-3.0.2-2.fc19 xpa-2.1.15-2.fc19 Details about builds: ================================================================================ FoXlibf-4.1.2-1.fc19 (FEDORA-2014-14884) A Fortran XML Library -------------------------------------------------------------------------------- Update Information: FoXlibf-4.1.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1104289 - Review Request: FoXlibf - A Fortran XML Library https://bugzilla.redhat.com/show_bug.cgi?id=1104289 -------------------------------------------------------------------------------- ================================================================================ arm-none-eabi-binutils-cs-2014.05.28-2.fc19 (FEDORA-2014-14874) GNU Binutils for cross-compilation for arm-none-eabi target -------------------------------------------------------------------------------- Update Information: - fix directory traversal vulnerability (#1162657) - fix CVE-2014-8501: out-of-bounds write when parsing specially crafted PE executable - fix CVE-2014-8502: heap overflow in objdump - fix CVE-2014-8503: stack overflow in objdump when parsing specially crafted ihex file - fix CVE-2014-8504: stack overflow in the SREC parser -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 12 2014 Michal Hlavinka <mhlav...@redhat.com> - 2014.05.28-2 - fix directory traversal vulnerability (#1162657) - fix CVE-2014-8501: out-of-bounds write when parsing specially crafted PE executable - fix CVE-2014-8502: heap overflow in objdump - fix CVE-2014-8503: stack overflow in objdump when parsing specially crafted ihex file - fix CVE-2014-8504: stack overflow in the SREC parser -------------------------------------------------------------------------------- References: [ 1 ] Bug #1162655 - binutils: directory traversal vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=1162655 [ 2 ] Bug #1162594 - CVE-2014-8502 binutils: heap overflow in objdump https://bugzilla.redhat.com/show_bug.cgi?id=1162594 [ 3 ] Bug #1162621 - CVE-2014-8504 binutils: stack overflow in the SREC parser https://bugzilla.redhat.com/show_bug.cgi?id=1162621 [ 4 ] Bug #1162570 - CVE-2014-8501 binutils: out-of-bounds write when parsing specially crafted PE executable https://bugzilla.redhat.com/show_bug.cgi?id=1162570 -------------------------------------------------------------------------------- ================================================================================ avr-binutils-2.24-2.fc19 (FEDORA-2014-14838) Cross Compiling GNU binutils targeted at avr -------------------------------------------------------------------------------- Update Information: - fix directory traversal vulnerability - fix CVE-2014-8501: out-of-bounds write when parsing specially crafted PE executable - fix CVE-2014-8502: heap overflow in objdump - fix CVE-2014-8503: stack overflow in objdump when parsing specially crafted ihex file - fix CVE-2014-8504: stack overflow in the SREC parser -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 12 2014 Michal Hlavinka <mhlav...@redhat.com> - 1:2.24-2 - fix directory traversal vulnerability (#1162657) - fix CVE-2014-8501: out-of-bounds write when parsing specially crafted PE executable - fix CVE-2014-8502: heap overflow in objdump - fix CVE-2014-8503: stack overflow in objdump when parsing specially crafted ihex file - fix CVE-2014-8504: stack overflow in the SREC parser * Wed Aug 13 2014 Michal Hlavinka <mhlav...@redhat.com> - 1:2.24-1 - updated to 2.24 * Mon Feb 3 2014 Michal Hlavinka <mhlav...@redhat.com> - 1:2.23.2-4 - avr-binutils may be affected by libiberty CVE (#1059362) * Tue Aug 13 2013 Michal Hlavinka <mhlav...@redhat.com> - 1:2.23.2-3 - fix tex again * Sat Aug 3 2013 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 1:2.23.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Mon Jun 24 2013 Michal Hlavinka <mhlav...@redhat.com> - 1:2.23.2-1 - updated to 2.23.2 * Tue Jun 18 2013 Jaromir Capik <jca...@redhat.com> - 1:2.23.1-4 - autoreconf -vif doesn't work -> patching for aarch64 support (#925061) * Fri Apr 19 2013 Michal Hlavinka <mhlav...@redhat.com> - 1:2.23.1-3 - fix aarch64 support (#925061) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1162655 - binutils: directory traversal vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=1162655 [ 2 ] Bug #1162594 - CVE-2014-8502 binutils: heap overflow in objdump https://bugzilla.redhat.com/show_bug.cgi?id=1162594 [ 3 ] Bug #1162570 - CVE-2014-8501 binutils: out-of-bounds write when parsing specially crafted PE executable https://bugzilla.redhat.com/show_bug.cgi?id=1162570 [ 4 ] Bug #1162621 - CVE-2014-8504 binutils: stack overflow in the SREC parser https://bugzilla.redhat.com/show_bug.cgi?id=1162621 -------------------------------------------------------------------------------- ================================================================================ createrepo_c-0.7.4-1.fc19 (FEDORA-2014-14804) Creates a common metadata repository -------------------------------------------------------------------------------- Update Information: createrepo_c, mergerepo_c: Follow redirs by default while downloading remote repos Update to 0.7.1 Update to 0.7.0 -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 11 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.7.4-1 - createrepo_c, mergerepo_c: Follow redirs by default while downloading remote repos - mergerepo_c: Fix segfault when a package without sourcerpm is part of metadata and --koji option is used * Mon Nov 10 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.7.3-1 - xml_parser: Add file path into error messages - Refactor: Replace g_error() with g_critical() (RhBug: 1162102) * Thu Nov 6 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.7.2-1 - createrepo_c: New option --local-sqlite * Fri Oct 31 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.7.1-1 - Mergerepo: Fix mergerepo - Mergerepo: Add some debugging of metadata read. * Mon Oct 20 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.7.0-1 - deltarpms: Update module to work with current version of drpm - mergerepo_c: Add --omit-baseurl option - craterepo_c: Gen empty repo if empty pkglist is used - Docs: Output python docs to separate directory - Several small fixes * Tue Aug 12 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.6.1-1 - updateinfo: Use Python datetime objects in python bindings * Tue Aug 5 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.6.0-1 - Support for updateinfo.xml manipulation (including Python bindings) * Fri Jul 18 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.5.0-1 - Experimental delta rpm (DRPM) support (Disabled in Fedora build). * Thu Jun 26 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.4.1-1 - Initialize threads correctly on old versions of GLib2 (RhBug: 1108787) - Do not print log domain (get rid off C_CREATEREPOLIB prefix in log messages) - Implements support for --cachedir - New option --retain-old-md-by-age - Few small API changes * Tue May 6 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.4.0-1 - Change default behavior of repodata files handling. (RhBug: 1094539) See: https://github.com/Tojaj/createrepo_c/wiki/New-File-Handling By default, createrepo leaves old groupfiles (comps files) in the repodata/ directory during update. Createrepo_c did the same thing but the version 0.4.0 changes this behaviour. * Thu Apr 10 2014 Tomas Mlcoch <tmlcoch at redhat.com> - 0.3.1-2 - Support for weak and rich dependecies -------------------------------------------------------------------------------- ================================================================================ device-mapper-persistent-data-0.4.1-2.fc19 (FEDORA-2014-14807) Device-mapper Persistent Data Tools -------------------------------------------------------------------------------- Update Information: Resolves: bz#1159466 New upstream version -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 12 2014 Heinz Mauelshagen <hei...@redhat.com> - 0.4.1-2 - Resolves: bz#1159466 * Tue Oct 28 2014 Heinz Mauelshagen <hei...@redhat.com> - 0.4.1-1 - New upstream version - Manual header additions/fixes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1159466 - device-mapper-persistent-data-debuginfo-0.4.1-1 is empty https://bugzilla.redhat.com/show_bug.cgi?id=1159466 -------------------------------------------------------------------------------- ================================================================================ drupal7-drush_language-1.3-1.fc19 (FEDORA-2014-14877) Drush language commands -------------------------------------------------------------------------------- Update Information: ## [7.x-1.3](https://www.drupal.org/node/2369947) * Issue #2361607 by gurvan: Adding language-prefix command -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 12 2014 Shawn Iwinski <shawn.iwin...@gmail.com> - 1.3-1 - Updated to 1.3 (BZ #1163125) - Removed RPM README b/c it only explained common Drupal workflow - %license usage * Sat Jun 7 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 1.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Sat Aug 3 2013 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 1.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1163125 - drupal7-drush_language-1.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1163125 -------------------------------------------------------------------------------- ================================================================================ drupal7-l10n_update-1.1-1.fc19 (FEDORA-2014-14881) Provides automatic downloads and updates for translations -------------------------------------------------------------------------------- Update Information: ## [7.x-1.1](https://www.drupal.org/node/2372331) * Issue #2310489 by Sutharsan | hass: Fixed Notice: Undefined index: meta/link/script/img in end(). * Issue #2304137 by lmeurs: Fixed "Notice: Use of undefined constant L10N_UPDATE_DEFAULT_TRANSLATION_PATH". * Issue #2280483 by Sutharsan: Missing update status info when updates are disabled. * Issue #2237959 by René-Marc Simard: Fixed Collapsible project titles not working if only one language defined. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 12 2014 Shawn Iwinski <shawn.iwin...@gmail.com> - 1.1-1 - Updated to 1.1 (BZ #1163121) - Removed RPM README b/c it only explained common Drupal workflow - %license usage * Sat Jun 7 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 1.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1163121 - drupal7-l10n_update-1.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1163121 -------------------------------------------------------------------------------- ================================================================================ elk-2.3.22-10.fc19 (FEDORA-2014-14812) FP-LAPW Code -------------------------------------------------------------------------------- Update Information: mpich version 3 on el6 build against new openmpi on fc21 + epel7 package -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 23 2014 Marcin Dulak <marcin.du...@gmail.com> - 2.3.22-10 - mpich version 3 on EL6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1155076 - elk-mpich2 broke on rhel 6.6 update https://bugzilla.redhat.com/show_bug.cgi?id=1155076 -------------------------------------------------------------------------------- ================================================================================ gpaw-0.10.0.11364-7.fc19 (FEDORA-2014-14806) A grid-based real-space PAW method DFT code -------------------------------------------------------------------------------- Update Information: epel7 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 23 2014 Marcin Dulak <marcin.du...@gmail.com> - 0.10.0.11364-7 - mpich version 3 in EL6 - use atlas on aarch64 - ppc64 on EL7 * Sat Aug 16 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 0.10.0.11364-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ kde-workspace-4.11.14-1.fc19 (FEDORA-2014-14865) KDE Workspace -------------------------------------------------------------------------------- Update Information: New security fix release, privilege escalation issue, see also https://www.kde.org/info/security/advisory-20141106-1.txt -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 11 2014 Rex Dieter <rdie...@fedoraproject.org> 4.11.14-1 - 4.11.14 * Thu Oct 16 2014 Rex Dieter <rdie...@fedoraproject.org> 4.11.13-2 - -libs: make kde-style-oxygen dep unversioned - enable kscreen support for el7 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1163778 - CVE-2014-8651 kde-workspace: arbitrary code execution and local privilege escalation https://bugzilla.redhat.com/show_bug.cgi?id=1163778 -------------------------------------------------------------------------------- ================================================================================ libHX-3.22-1.fc19 (FEDORA-2014-14879) Useful collection of routines for C and C++ programming -------------------------------------------------------------------------------- Update Information: Update to new release -------------------------------------------------------------------------------- ChangeLog: * Sun Nov 9 2014 Till Maas <opensou...@till.name> - 3.22-1 - Update to latest release - Add source code verification - Harden build * Sun Aug 17 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 3.18-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 3.18-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ lis-1.5.11-1.fc19 (FEDORA-2014-14981) A library for solving linear equations and eigenvalue problems -------------------------------------------------------------------------------- Update Information: Update to 1.5.11 Update to 1.5.4 Update to 1.5.2 Update to 1.4.67 Update to 1.4.64 Update to 1.4.63 Update to 1.4.62 -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 12 2014 Florian Lehner <d...@der-flo.net> - 1.5.11-1 - Update to 1.5.11 * Tue Nov 4 2014 Florian Lehner <d...@der-flo.net> - 1.5.4-1 - Update to 1.5.4 * Sat Nov 1 2014 Florian Lehner <d...@der-flo.net> - 1.5.2-1 - Update to 1.5.2 * Tue Oct 28 2014 Florian Lehner <d...@der-flo.net> - 1.4.67-1 - Update to 1.4.67 * Mon Oct 27 2014 Florian Lehner <d...@der-flo.net> - 1.4.66-1 - Update to 1.4.66 * Tue Oct 21 2014 Florian Lehner <d...@der-flo.net> - 1.4.64-1 - Update to 1.4.64 * Mon Oct 20 2014 Florian Lehner <d...@der-flo.net> - 1.4.63-1 - Update to 1.4.63 * Sat Oct 18 2014 Florian Lehner <d...@der-flo.net> - 1.4.62-1 - Update to 1.4.62 -------------------------------------------------------------------------------- ================================================================================ love-0.9.1-1.fc19 (FEDORA-2014-14913) A free 2D game engine which enables easy game creation in Lua -------------------------------------------------------------------------------- Update Information: Update to 0.9.1 -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 12 2014 Jeremy Newton <alexjn...@hotmail.com> - 0.9.1-1 - Update to 0.9.1 -------------------------------------------------------------------------------- ================================================================================ mozilla-noscript-2.6.9.3-1.fc19 (FEDORA-2014-14930) JavaScript white list extension for Mozilla Firefox -------------------------------------------------------------------------------- Update Information: Update to latest version. For full changelog see: http://noscript.net/changelog -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 11 2014 Thomas Spura <toms...@fedoraproject.org> - 2.6.9.3-1 - update to 2.6.9.3 (#1124181,#1162797) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1162797 - mozilla-noscript is outdated https://bugzilla.redhat.com/show_bug.cgi?id=1162797 [ 2 ] Bug #1124181 - mozilla-noscript-2.6.9.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1124181 -------------------------------------------------------------------------------- ================================================================================ nodejs-nsp-audit-shrinkwrap-1.0.0-1.fc19 (FEDORA-2014-14907) Audits a shrinkwrap file against the NSP module vulnerability database -------------------------------------------------------------------------------- Update Information: Initial packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #1144666 - Review Request: nodejs-nsp-audit-shrinkwrap - Audits a shrinkwrap file against the Node Security Project module vulnerability database https://bugzilla.redhat.com/show_bug.cgi?id=1144666 -------------------------------------------------------------------------------- ================================================================================ pciutils-3.3.0-1.fc19 (FEDORA-2014-14846) PCI bus related utilities -------------------------------------------------------------------------------- Update Information: * Device names exported by BIOS are displayed on Linux. * On Linux systems, HWDB is used to look up device names when our ID database gives no match. (More precisely, HWDB is consulted after local pci.ids, but before using network to query online pci.ids.) * Added experimental back-end for OS X / Darwin. Thanks to Richard Yao for providing it. * Filters now support matching by device class. Original patch by Matthew Wilcox, wrappers for ABI compatibility by me. * Interrupt Pin and Interrupt Line registers are displayed for bridge devices, too. * Several portability bugs have been fixed. * Several typos have been fixed. Also, use of questionable constructs in man pages has been reduced. * PCIe link capabilities now include the ASPMOptComp bit. * The "CRS Software Visibility" bit is now decoded properly. * Updated pci.ids to the current snapshot of the database. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 12 2014 Michal Hlavinka <mhlav...@redhat.com> - 3.3.0-1 - updated to 3.3.0 - updated to 3.3.0 - updated to 3.3.0 - updated to 3.3.0 -------------------------------------------------------------------------------- ================================================================================ perl-MCE-1.520-1.fc19 (FEDORA-2014-14954) Many-core Engine for Perl providing parallel processing capabilities -------------------------------------------------------------------------------- Update Information: Many-core Engine (MCE) for Perl helps enable a new level of performance by maximizing all available cores. MCE spawns a pool of workers and therefore does not fork a new process per each element of data. Instead, MCE follows a bank queuing model. Imagine the line being the data and bank-tellers the parallel workers. MCE enhances that model by adding the ability to chunk the next n elements from the input stream to the next available worker. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1162531 - Review Request: perl-MCE - Many-core Engine for Perl providing parallel processing capabilities https://bugzilla.redhat.com/show_bug.cgi?id=1162531 -------------------------------------------------------------------------------- ================================================================================ perl-PerlIO-utf8_strict-0.005-1.fc19 (FEDORA-2014-14977) Fast and correct UTF-8 I/O -------------------------------------------------------------------------------- Update Information: This release improves portability on old perl. We deliver this relase only to provide recent version number. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 12 2014 Petr Pisar <ppi...@redhat.com> - 0.005-1 - 0.005 bump -------------------------------------------------------------------------------- References: [ 1 ] Bug #1163280 - perl-PerlIO-utf8_strict-0.005 is available https://bugzilla.redhat.com/show_bug.cgi?id=1163280 -------------------------------------------------------------------------------- ================================================================================ perl-Rose-DB-Object-0.813-4.fc19 (FEDORA-2014-14926) Extensible, high performance object-relational mapper (ORM) -------------------------------------------------------------------------------- Update Information: Update to upstream version 0.813 -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 12 2014 Bill Pemberton <wf...@worldbroken.com> - 0.813-4 - update release to 4 * Wed Nov 12 2014 Bill Pemberton <wf...@worldbroken.com> - 0.813-3 - Update to version 0.813 - This version has several bug and documentation fixes. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1163291 - perl-Rose-DB-Object-0.813 is available https://bugzilla.redhat.com/show_bug.cgi?id=1163291 -------------------------------------------------------------------------------- ================================================================================ php-channel-phpseclib-1.3-1.fc19 (FEDORA-2014-14965) Adds the phpseclib channel to PEAR -------------------------------------------------------------------------------- Update Information: This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7. -------------------------------------------------------------------------------- ================================================================================ php-phpseclib-crypt-aes-0.3.9-1.fc19 (FEDORA-2014-14965) Pure-PHP implementation of AES -------------------------------------------------------------------------------- Update Information: This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7. -------------------------------------------------------------------------------- ================================================================================ php-phpseclib-crypt-base-0.3.9-1.fc19 (FEDORA-2014-14965) Base class for phpseclib cipher implementations -------------------------------------------------------------------------------- Update Information: This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7. -------------------------------------------------------------------------------- ================================================================================ php-phpseclib-crypt-blowfish-0.3.9-2.fc19 (FEDORA-2014-14965) Pure-PHP implementation of Blowfish -------------------------------------------------------------------------------- Update Information: This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7. -------------------------------------------------------------------------------- ================================================================================ php-phpseclib-crypt-des-0.3.9-2.fc19 (FEDORA-2014-14965) Pure-PHP implementation of DES -------------------------------------------------------------------------------- Update Information: This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7. -------------------------------------------------------------------------------- ================================================================================ php-phpseclib-crypt-hash-0.3.9-1.fc19 (FEDORA-2014-14965) Pure-PHP implementations of keyed HMACs and hashing functions -------------------------------------------------------------------------------- Update Information: This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7. -------------------------------------------------------------------------------- ================================================================================ php-phpseclib-crypt-random-0.3.9-1.fc19 (FEDORA-2014-14965) Random Number Generator -------------------------------------------------------------------------------- Update Information: This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7. -------------------------------------------------------------------------------- ================================================================================ php-phpseclib-crypt-rc4-0.3.9-2.fc19 (FEDORA-2014-14965) Pure-PHP implementation of RC4 -------------------------------------------------------------------------------- Update Information: This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7. -------------------------------------------------------------------------------- ================================================================================ php-phpseclib-crypt-rijndael-0.3.9-2.fc19 (FEDORA-2014-14965) Pure-PHP implementation of Rijndael -------------------------------------------------------------------------------- Update Information: This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7. -------------------------------------------------------------------------------- ================================================================================ php-phpseclib-crypt-rsa-0.3.9-1.fc19 (FEDORA-2014-14965) Pure-PHP PKCS#1 (v2.1) compliant implementation of RSA -------------------------------------------------------------------------------- Update Information: This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7. -------------------------------------------------------------------------------- ================================================================================ php-phpseclib-crypt-tripledes-0.3.9-2.fc19 (FEDORA-2014-14965) Pure-PHP implementation of Triple DES -------------------------------------------------------------------------------- Update Information: This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7. -------------------------------------------------------------------------------- ================================================================================ php-phpseclib-crypt-twofish-0.3.9-2.fc19 (FEDORA-2014-14965) Pure-PHP implementation of Twofish -------------------------------------------------------------------------------- Update Information: This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7. -------------------------------------------------------------------------------- ================================================================================ php-phpseclib-math-biginteger-0.3.9-1.fc19 (FEDORA-2014-14965) Pure-PHP arbitrary precision integer arithmetic library -------------------------------------------------------------------------------- Update Information: This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7. -------------------------------------------------------------------------------- ================================================================================ php-phpseclib-net-sftp-0.3.9-1.fc19 (FEDORA-2014-14965) Pure-PHP implementation of SFTP -------------------------------------------------------------------------------- Update Information: This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7. -------------------------------------------------------------------------------- ================================================================================ php-phpseclib-net-ssh2-0.3.9-1.fc19 (FEDORA-2014-14965) Pure-PHP implementation of SSHv2 -------------------------------------------------------------------------------- Update Information: This update provides phpseclib for Fedora 19. It will be needed when ownCloud is updated to 6 and/or 7. -------------------------------------------------------------------------------- ================================================================================ php-phpunit-PHPUnit-3.7.34-2.fc19 (FEDORA-2014-14901) The PHP Unit Testing framework -------------------------------------------------------------------------------- Update Information: * disable colors when output is not a tty * define date.timezone to avoid warning * Update to 3.7.34 -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 12 2014 Remi Collet <r...@fedoraproject.org> - 3.7.34-2 - disable colors when output is not a tty - define date.timezone to avoid warning - Update to 3.7.34 -------------------------------------------------------------------------------- ================================================================================ php-theseer-autoload-1.16.0-2.fc19 (FEDORA-2014-14894) A tool and library to generate autoload code -------------------------------------------------------------------------------- Update Information: * define date.timezone in phpab command to avoid warning -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 12 2014 Remi Collet <r...@fedoraproject.org> - 1.16.0-2 - define date.timezone in phpab command to avoid warning -------------------------------------------------------------------------------- ================================================================================ pjproject-2.3-5.fc19 (FEDORA-2014-14873) Libraries for building embedded/non-embedded VoIP applications -------------------------------------------------------------------------------- Update Information: Fix endianness support on ARM platform -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 26 2014 Jared Smith <jsm...@fedoraproject.org> - 2.3-5 - Fix endianness support on ARM platform * Wed Oct 15 2014 Jared Smith <jsm...@fedoraproject.org> - 2.3-3 - Add IPv6 support -------------------------------------------------------------------------------- References: [ 1 ] Bug #1153786 - pjproject on arm should force PJ_IS_LITTLE_ENDIAN https://bugzilla.redhat.com/show_bug.cgi?id=1153786 -------------------------------------------------------------------------------- ================================================================================ polarssl-1.2.12-1.fc19 (FEDORA-2014-14912) Light-weight cryptographic and SSL/TLS library -------------------------------------------------------------------------------- Update Information: - Update to 1.2.12 - CVE-2014-8628 (#1159845) -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 12 2014 Morten Stevens <mstev...@imt-systems.com> - 1.2.12-1 - Update to 1.2.12 - CVE-2014-8628 (#1159845) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1159845 - CVE-2014-8627 CVE-2014-8628 polarssl: various issues fixed in 1.3.9 https://bugzilla.redhat.com/show_bug.cgi?id=1159845 -------------------------------------------------------------------------------- ================================================================================ python-pillow-2.0.0-16.gitd1c6db8.fc19 (FEDORA-2014-14980) Python image processing library -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2014-3007, updated fix for CVE-2014-1932. Followup fix for CVE-2014-1933. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 12 2014 Sandro Mani <manisan...@gmail.com> - 2.0.0-16.gitd1c6db8 - Fix CVE-2014-3007 (rhbz #1163343), update CVE-2014-1933 to fix one more mktemp usage * Mon Nov 10 2014 Sandro Mani <manisan...@gmail.com> - 2.0.0-15.gitd1c6db8 - CVE-2014-1933 followup (https://github.com/python-pillow/Pillow/pull/605) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1094101 - CVE-2014-3007 python-pillow, python-imaging: command injection issue https://bugzilla.redhat.com/show_bug.cgi?id=1094101 [ 2 ] Bug #1063658 - CVE-2014-1932 python-pillow, python-imaging: insecure temporary file creation https://bugzilla.redhat.com/show_bug.cgi?id=1063658 -------------------------------------------------------------------------------- ================================================================================ rubygem-test-unit-notify-1.0.4-1.fc19 (FEDORA-2014-14856) Test::Unit::Notify - A test result notify extension for Test::Unit -------------------------------------------------------------------------------- Update Information: New version 1.0.4 is released. -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 12 2014 Mamoru TASAKA <mtas...@fedoraproject.org> - 1.0.4-1 - 1.0.4 * Wed Aug 13 2014 Mamoru TASAKA <mtas...@fedoraproject.org> - 1.0.3-1 - 1.0.3 * Sun Jun 8 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 1.0.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Sun Aug 4 2013 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 1.0.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ screen-4.1.0-0.17.20120314git3c2946.fc19 (FEDORA-2014-14822) A screen manager that supports multiple logins on one terminal -------------------------------------------------------------------------------- Update Information: comply with http://fedoraproject.org/wiki/Packaging:Tmpfiles.d (#884673) -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 11 2014 Petr Hracek <phra...@redhat.com> - 4.1.0-0.17.20120314git3c2946 - comply with http://fedoraproject.org/wiki/Packaging:Tmpfiles.d (#884673) -------------------------------------------------------------------------------- References: [ 1 ] Bug #884673 - Directory '/var/run/screen' must have mode 777. https://bugzilla.redhat.com/show_bug.cgi?id=884673 -------------------------------------------------------------------------------- ================================================================================ supertux-0.3.4-1.fc19 (FEDORA-2014-14915) Jump'n run like game -------------------------------------------------------------------------------- Update Information: Update to 0.3.4 (#999396) -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 11 2014 David King <amigad...@amigadave.com> - 0.3.4-1 - Update to 0.3.4 (#999396) -------------------------------------------------------------------------------- References: [ 1 ] Bug #999396 - supertux-0.3.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=999396 -------------------------------------------------------------------------------- ================================================================================ tcalc-1.3-1.fc19 (FEDORA-2014-14910) The terminal calculator -------------------------------------------------------------------------------- Update Information: Fixed file reading function -------------------------------------------------------------------------------- References: [ 1 ] Bug #1161340 - Review Request: tcalc - The terminal calculator https://bugzilla.redhat.com/show_bug.cgi?id=1161340 -------------------------------------------------------------------------------- ================================================================================ tor-0.2.5.10-1.fc19 (FEDORA-2014-14931) Anonymizing overlay network for TCP (The onion router) -------------------------------------------------------------------------------- Update Information: update to upstream release 0.2.5.10 -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 27 2014 Jamie Nguyen <jamieli...@fedoraproject.org> - 0.2.5.10-1 - update to upstream release 0.2.5.10 -------------------------------------------------------------------------------- ================================================================================ torsocks-2.0.0-2.fc19 (FEDORA-2014-14850) Use SOCKS-friendly applications with Tor -------------------------------------------------------------------------------- Update Information: Update to 2.0.0 -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 11 2014 Jamie Nguyen <jamieli...@fedoraproject.org> - 2.0.0-2 - remove extraneous files * Tue Nov 11 2014 Jamie Nguyen <jamieli...@fedoraproject.org> - 2.0.0-1 - update to 2.0.0 * Mon Aug 18 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 1.3-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sun Jun 8 2014 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 1.3-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Sun Aug 4 2013 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 1.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1162719 - torsocks-v1 is deprecated, lot of bug, please update to v2. https://bugzilla.redhat.com/show_bug.cgi?id=1162719 -------------------------------------------------------------------------------- ================================================================================ wxGTK3-3.0.2-2.fc19 (FEDORA-2014-14869) GTK port of the wxWidgets GUI library -------------------------------------------------------------------------------- Update Information: Update to 3.0.2, and fixes RH#1124402 Update to 3.0.2 -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 4 2014 Jeremy Newton <alexjn...@hotmail.com> - 3.0.2-2 - Moving things around again, hopefully fixing RH#1124402 - Adding symlinks to avoid breaking things * Tue Nov 4 2014 Jeremy Newton <alexjn...@hotmail.com> - 3.0.2-1 - Update to 3.0.2 * Mon Nov 3 2014 Marcin Juszkiewicz <mjuszkiew...@redhat.com> - 3.0.1-5 - Add aarch64 and ppc64le to list of 64-bit architectures * Tue Sep 30 2014 Jeremy Newton <alexjn...@hotmail.com> - 3.0.1-4 - Add conflict with wxgtk-devel again, temporary fix until it can be resolved * Tue Sep 30 2014 Jeremy Newton <alexjn...@hotmail.com> - 3.0.1-3 - Avoid gtk warnings, fixes RH#1147995 - Moving wxrc and wx-config to libexec instead of renaming - Misc changes and spec error fixes, fixes RH#1124402 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1124402 - Missing wxrc-3.0 and few others issues https://bugzilla.redhat.com/show_bug.cgi?id=1124402 [ 2 ] Bug #1150567 - wxGTK3-3.0.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1150567 -------------------------------------------------------------------------------- ================================================================================ xpa-2.1.15-2.fc19 (FEDORA-2014-14805) The X Public Access messaging system -------------------------------------------------------------------------------- Update Information: The XPA Messaging System -------------------------------------------------------------------------------- -- test mailing list test@lists.fedoraproject.org To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
