The following Fedora 19 Security updates need testing: Age URL 256 https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glance-2... 69 https://admin.fedoraproject.org/updates/FEDORA-2014-5896/nrpe-2.15-2.fc19 58 https://admin.fedoraproject.org/updates/FEDORA-2014-6233/dpkg-1.16.14-1.fc19 49 https://admin.fedoraproject.org/updates/FEDORA-2014-6553/chicken-4.8.0.6-2.f... 47 https://admin.fedoraproject.org/updates/FEDORA-2014-6597/drupal7-views-3.8-1... 26 https://admin.fedoraproject.org/updates/FEDORA-2014-7322/thunderbird-24.6.0-... 20 https://admin.fedoraproject.org/updates/FEDORA-2014-7496/readline-6.2-8.fc19 18 https://admin.fedoraproject.org/updates/FEDORA-2014-7570/asterisk-11.10.2-2.... 18 https://admin.fedoraproject.org/updates/FEDORA-2014-6774/claws-mail-3.10.1-1... 18 https://admin.fedoraproject.org/updates/FEDORA-2014-7610/perl-Email-Address-... 13 https://admin.fedoraproject.org/updates/FEDORA-2014-7716/python-simplejson-3... 12 https://admin.fedoraproject.org/updates/FEDORA-2014-7772/python-2.7.5-13.fc1... 9 https://admin.fedoraproject.org/updates/FEDORA-2014-7889/zarafa-7.1.10-1.fc1... 9 https://admin.fedoraproject.org/updates/FEDORA-2014-7939/lzo-2.08-1.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-8035/python3-3.3.2-9.fc1... 6 https://admin.fedoraproject.org/updates/FEDORA-2014-7997/ansible-1.6.6-1.fc1... 6 https://admin.fedoraproject.org/updates/FEDORA-2014-8034/docker-io-1.0.0-6.f... 5 https://admin.fedoraproject.org/updates/FEDORA-2014-7645/couchdb-1.6.0-6.fc1... 4 https://admin.fedoraproject.org/updates/FEDORA-2014-8107/pnp4nagios-0.6.22-2... 4 https://admin.fedoraproject.org/updates/FEDORA-2014-8089/rubygem-activerecor... 4 https://admin.fedoraproject.org/updates/FEDORA-2014-8112/lz4-r119-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-8178/kernel-3.14.11-100.... 0 https://admin.fedoraproject.org/updates/FEDORA-2014-8176/krb5-1.11.3-22.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-8218/ocsinventory-2.0.5-... 0 https://admin.fedoraproject.org/updates/FEDORA-2014-8223/libXfont-1.4.8-1.fc...
The following Fedora 19 Critical Path updates have yet to be approved: Age URL 205 https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmarks-1... 131 https://admin.fedoraproject.org/updates/FEDORA-2014-3245/testdisk-6.14-2.fc1... 13 https://admin.fedoraproject.org/updates/FEDORA-2014-7735/gcc-4.8.3-1.fc19,li... 12 https://admin.fedoraproject.org/updates/FEDORA-2014-7772/python-2.7.5-13.fc1... 9 https://admin.fedoraproject.org/updates/FEDORA-2014-7906/libtasn1-3.7-1.fc19 9 https://admin.fedoraproject.org/updates/FEDORA-2014-7939/lzo-2.08-1.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-8025/shared-mime-info-1.... 5 https://admin.fedoraproject.org/updates/FEDORA-2014-8079/xorg-x11-xauth-1.0.... 5 https://admin.fedoraproject.org/updates/FEDORA-2014-8047/nss-3.16.2-1.fc19,n... 0 https://admin.fedoraproject.org/updates/FEDORA-2014-8207/yum-3.4.3-152.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-8223/libXfont-1.4.8-1.fc... 0 https://admin.fedoraproject.org/updates/FEDORA-2014-8202/fontconfig-2.10.93-... 0 https://admin.fedoraproject.org/updates/FEDORA-2014-8176/krb5-1.11.3-22.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-8178/kernel-3.14.11-100....
The following builds have been pushed to Fedora 19 updates-testing
libXfont-1.4.8-1.fc19 nx-libs-3.5.0.27-1.fc19 ocsinventory-2.0.5-8.fc19 perl-IO-Socket-IP-0.30-2.fc19 perl-Module-Package-Au-2-1.fc19 qpid-proton-0.7-3.fc19 se-sandbox-runner-1.6.12-1.fc19 yum-3.4.3-152.fc19
Details about builds:
================================================================================ libXfont-1.4.8-1.fc19 (FEDORA-2014-8223) X.Org X11 libXfont runtime library -------------------------------------------------------------------------------- Update Information:
- libXfont 1.4.8 (rhbz#1100441) - Fixes: CVE-2014-0209, CVE-2014-0210, CVE-2014-0211 (rhbz#1097397)
-------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 9 2014 Hans de Goede hdegoede@redhat.com - 1.4.8-1 - libXfont 1.4.8 (rhbz#1100441) - Fixes: CVE-2014-0209, CVE-2014-0210, CVE-2014-0211 (rhbz#1097397) * Mon Jun 9 2014 Adam Jackson ajax@redhat.com 1.4.7-2 - Fix FTBFS against new fontproto * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.4.7-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1096593 - CVE-2014-0209 libXfont: integer overflow of allocations in font metadata file parsing https://bugzilla.redhat.com/show_bug.cgi?id=1096593 [ 2 ] Bug #1096597 - CVE-2014-0210 libXfont: unvalidated length fields when parsing xfs protocol replies https://bugzilla.redhat.com/show_bug.cgi?id=1096597 [ 3 ] Bug #1096601 - CVE-2014-0211 libXfont: integer overflows calculating memory needs for xfs replies https://bugzilla.redhat.com/show_bug.cgi?id=1096601 --------------------------------------------------------------------------------
================================================================================ nx-libs-3.5.0.27-1.fc19 (FEDORA-2014-8213) NX X11 protocol compression libraries -------------------------------------------------------------------------------- Update Information:
Update to 3.5.0.27:
- Add kernel socket namespace support. Fixes failing nxproxy/nxagent execution on systems where pam_namespace.so is in use. - Fix xkeyboard-2.6 incompatibility issues. (Maybe not all of them, so please report back...). - Fix PPC64 support. (Thanks to Mihai Moldovan for digging into this!!!) - New option: -state <statefile>. More accurately detect the current session state via an external status file. This is part of the bugfix for X2Go BTS issue #302. - Allow clipboard={none,client,server,both} as NX option. - Plus some minor issues
-------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 7 2014 Orion Poplawski orion@cora.nwra.com - 3.5.0.27-1 - Update to 3.5.0.27 - Drop aarch64 patch applied upstream * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 3.5.0.24-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Wed May 7 2014 Orion Poplawski orion@cora.nwra.com - 3.5.0.24-2 - Add patch for aarch64 support attempt * Wed May 7 2014 Orion Poplawski orion@cora.nwra.com - 3.5.0.24-1 - Update to 3.5.0.24 - Drop format patch applied upstream * Tue May 6 2014 Orion Poplawski orion@cora.nwra.com - 3.5.0.23-1 - Update to 3.5.0.23 - Drop ppc64 and imake patches applied upstream * Fri Jan 24 2014 Orion Poplawski orion@cora.nwra.com - 3.5.0.22-3 - Add patch to fix imake build - Add patch to fix -Werror=format-security build * Fri Jan 24 2014 Orion Poplawski orion@cora.nwra.com - 3.5.0.22-2 - Set compile flags properly on arm and ppc64 - Add patch to fix ppc64 build --------------------------------------------------------------------------------
================================================================================ ocsinventory-2.0.5-8.fc19 (FEDORA-2014-8218) Open Computer and Software Inventory Next Generation -------------------------------------------------------------------------------- Update Information:
Upstream XSS security fix for CVE-2014-4722 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 9 2014 Remi Collet remi@fedoraproject.org - 2.0.5-8 - XSS security fix for CVE-2014-4722 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1117205 - CVE-2014-4722 ocsinventory: multiple stored XSS vulnerabilities https://bugzilla.redhat.com/show_bug.cgi?id=1117205 --------------------------------------------------------------------------------
================================================================================ perl-IO-Socket-IP-0.30-2.fc19 (FEDORA-2014-8224) Drop-in replacement for IO::Socket::INET supporting both IPv4 and IPv6 -------------------------------------------------------------------------------- Update Information:
The 0.30-2 release fixes multihoming, especially with IO::Socket::SSL, really. This release fixes connect to multihomed peer in case IO::Socket::IP is sub-classed. -------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 9 2014 Petr Pisar ppisar@redhat.com - 0.30-2 - Fix multihomed SSL (bug #1116600) * Mon Jul 7 2014 Petr Pisar ppisar@redhat.com - 0.30-1 - 0.30 bump -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1116600 - perl-IO-Socket-IP-0.30 is available https://bugzilla.redhat.com/show_bug.cgi?id=1116600 --------------------------------------------------------------------------------
================================================================================ perl-Module-Package-Au-2-1.fc19 (FEDORA-2014-8221) Reusable Module::Install bits -------------------------------------------------------------------------------- Update Information:
New package: Reusable Module::Install bits -------------------------------------------------------------------------------- References:
[ 1 ] Bug #886192 - Review Request: perl-Module-Package-Au - Reusable Module::Install bits https://bugzilla.redhat.com/show_bug.cgi?id=886192 --------------------------------------------------------------------------------
================================================================================ qpid-proton-0.7-3.fc19 (FEDORA-2014-8229) A high performance, lightweight messaging library -------------------------------------------------------------------------------- Update Information:
Removed intra-package comments which cause error messages on package uninstall. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jul 8 2014 Darryl L. Pierce dpierce@redhat.com - 0.7-3 - Removed intra-package comments which cause error messages on package uninstall. * Sun Jun 8 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.7-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ se-sandbox-runner-1.6.12-1.fc19 (FEDORA-2014-8211) Qt wrapper for SELinux Sandbox -------------------------------------------------------------------------------- Update Information:
fixed building a list of included path; fixed setting a working directories & their SELinux labels; -------------------------------------------------------------------------------- ChangeLog:
* Tue Jul 8 2014 Fl@sh kaperang07@gmail.com - 1.6.12-1 - version updated; --------------------------------------------------------------------------------
================================================================================ yum-3.4.3-152.fc19 (FEDORA-2014-8207) RPM package installer/updater/manager -------------------------------------------------------------------------------- Update Information:
- Copy packages in/out of an installroot, for no downloads creating containers. - A few cleanups for the fs sub-command UI. - Add spec requires for fs sub-command. - Fix yum.conf file saving for filters. - Fix repo-pkgs check-update not showing any updates. - Fix ValueError when /var/lib/yum/groups/installed is empty. BZ 971307 - Fix 'yum updateinfo list all new-packages' traceback. BZ 1072945 - Make yum quit when an invalid option is provided with --setopt. - No error for refilter cleanup, rm dirs. and eat all errors. BZ 1062959. - Use get_uuid_obj() instead of get_uuid(), to help out ostree. - Make utils.get_process_info() respect executable names with spaces. - Fix traceback when history files don't exist and user is not root. - Fix storing objects directly in the yumdb. - Don't store uuid as var_uuid, or we create it all the time. - Fix dumping xml for suggests/etc. - Fix for weird anaconda C NULL exception traceback. BZ 1058297. - Fix apkgs setup for removing packages. BZ 1019960. - Fix typo, so we can find the suggests/etc. tables. - Change 'size' option to 'maxsize' in yum.logrotate. BZ 1005879. - Mask st_mode to fix verifying permissions for ghost files. BZ 1045415. - normpath() file URIs. BZ 1009499. - Add bash completion for fs. - Fix summary for yum fs command. BZ 1086461. - Check /usr for writability before running a transaction. - Add repo= arguments to almost all RepoError raises, so we don't print unknown. - Add/fix upgrade-minimal typos from man page. - Replace vars in include lines in .repo files. BZ 977380. - Make --setopt handle spaces properly. BZ 1094373 - Fix traceback when the history dir is empty. BZ 875610 - Add missing import for rpm, when override_install_langs isn't set. - Workaround the TypeError in filterdeps(). BZ 1108625 - Read FS yumvars before yum.conf setup, and reread if installroot changed. - Call systemd Inhibit, to inhibit shutdowns during transactions. BZ 1109930. - Have check provides check directly against the rpm index, and then quit. - Read env vars in readStartupConfig() to make them work in yum.conf. BZ 1102575 - Add rules for naming files in /etc/yum/vars to yum.conf man page. -------------------------------------------------------------------------------- ChangeLog:
* Wed Jun 18 2014 James Antill <james at fedoraproject.org> - 3.4.3-152 - update to latest HEAD - Workaround the TypeError in _filter_deps(). BZ 1108625 * Mon Jun 16 2014 James Antill <james at fedoraproject.org> - 3.4.3-151 - update to latest HEAD - Read FS yumvars before yum.conf setup, and reread if installroot changed. - Call systemd Inhibit, to inhibit shutdowns during transactions. BZ 1109930. - Have check provides check directly against the rpm index, and then quit. - Read env vars in readStartupConfig() to make them work in yum.conf. BZ 1102575 - Add rules for naming files in /etc/yum/vars to yum.conf man page. * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 3.4.3-149 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Wed May 21 2014 James Antill <james at fedoraproject.org> - 3.4.3-148 - update to latest HEAD - Check /usr for writability before running a transaction. - Add repo= arguments to almost all RepoError raises, so we don't print unknown. - Add/fix upgrade-minimal typos from man page. - Replace vars in include lines in .repo files. BZ 977380. - Make --setopt handle spaces properly. BZ 1094373 - Fix traceback when the history dir is empty. BZ 875610 * Tue Apr 15 2014 James Antill <james at fedoraproject.org> - 3.4.3-146 - update to latest HEAD - Fix for weird anaconda C NULL exception traceback. BZ 1058297. - Add bash completion for fs. - Fix summary for yum fs command. BZ 1086461. * Tue Apr 8 2014 James Antill <james at fedoraproject.org> - 3.4.3-145 - update to latest HEAD - Fix for weird anaconda C NULL exception traceback. BZ 1058297. - Fix apkgs setup for removing packages. BZ 1019960. - Fix typo, so we can find the suggests/etc. tables. - Change 'size' option to 'maxsize' in yum.logrotate. BZ 1005879. - Mask st_mode to fix verifying permissions for ghost files. BZ 1045415. - normpath() file URIs. BZ 1009499. * Tue Mar 25 2014 James Antill <james at fedoraproject.org> - 3.4.3-144 - update to latest HEAD - Fix dumping xml for suggests/etc. * Mon Mar 24 2014 James Antill <james at fedoraproject.org> - 3.4.3-143 - update to latest HEAD - Fix storing objects directly in the yumdb. - Don't store uuid as var_uuid, or we create it all the time. * Mon Mar 24 2014 James Antill <james at fedoraproject.org> - 3.4.3-142 - update to latest HEAD - No error for refilter cleanup, rm dirs. and eat all errors. BZ 1062959. - Use get_uuid_obj() instead of get_uuid(), to help out ostree. - Make utils.get_process_info() respect executable names with spaces. - Fix traceback when history files don't exist and user is not root. * Mon Mar 10 2014 Valentina Mukhamedzhanova vmukhame@redhat.com - 3.4.3-141 - update to latest HEAD - Fix repo-pkgs check-update not showing any updates. - Fix ValueError when /var/lib/yum/groups/installed is empty. BZ 971307 - Fix 'yum updateinfo list all new-packages' traceback. BZ 1072945 - Make yum quit when an invalid option is provided with --setopt. * Sun Feb 23 2014 James Antill <james at fedoraproject.org> - 3.4.3-140 - update to latest HEAD - Fix yum.conf file saving for filters. * Fri Feb 21 2014 James Antill <james at fedoraproject.org> - 3.4.3-139 - update to latest HEAD - Copy packages in/out of an installroot, for no downloads creating containers. - A few cleanups for the fs sub-command UI. - Add spec requires for fs sub-command. * Tue Feb 18 2014 James Antill <james at fedoraproject.org> - 3.4.3-138 - update to latest HEAD - Workaround for weird mash issue, probably. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #971307 - [abrt] yum-3.4.3-91.fc19: igroups.py:92:_read_pkg_grps:ValueError: invalid literal for int() with base 10: '' https://bugzilla.redhat.com/show_bug.cgi?id=971307 [ 2 ] Bug #1072945 - [abrt] yum: yumcommands.py:3841:list_show_pkgs:KeyError: '0install' https://bugzilla.redhat.com/show_bug.cgi?id=1072945 [ 3 ] Bug #1019960 - [abrt] yum-3.4.3-111.fc19: yumcommands.py:3678:doCommand:TypeError: 'NoneType' object is not iterable https://bugzilla.redhat.com/show_bug.cgi?id=1019960 [ 4 ] Bug #1009499 - yum complicates config URIs needlessly, leading to strange error messages https://bugzilla.redhat.com/show_bug.cgi?id=1009499 [ 5 ] Bug #1058297 - SystemError: error return without exception set https://bugzilla.redhat.com/show_bug.cgi?id=1058297 [ 6 ] Bug #1086461 - yum help output for fs duplicates that for fssnapshot https://bugzilla.redhat.com/show_bug.cgi?id=1086461 [ 7 ] Bug #1072121 - [abrt] yum: yumcommands.py:4619:_fs_filters:NameError: global name 'rpm' is not defined https://bugzilla.redhat.com/show_bug.cgi?id=1072121 [ 8 ] Bug #1048714 - erase not part of auto completion of yum https://bugzilla.redhat.com/show_bug.cgi?id=1048714 [ 9 ] Bug #1102575 - Environment variable substitution in yum.conf doesn't work https://bugzilla.redhat.com/show_bug.cgi?id=1102575 [ 10 ] Bug #1108625 - [abrt] yum: packages.py:1422:_filter_deps:TypeError: zip argument #2 must support iteration https://bugzilla.redhat.com/show_bug.cgi?id=1108625 [ 11 ] Bug #1109930 - RFE: take systemd inhibitor lock while doing operations that shouldn't be interrupted by shutdown https://bugzilla.redhat.com/show_bug.cgi?id=1109930 --------------------------------------------------------------------------------