The following Fedora 17 Security updates need testing: Age URL 330 https://admin.fedoraproject.org/updates/FEDORA-2012-10269/revelation-0.4.14-... 142 https://admin.fedoraproject.org/updates/FEDORA-2013-0455/fedora-business-car... 71 https://admin.fedoraproject.org/updates/FEDORA-2013-4174/glibc-2.15-59.fc17 70 https://admin.fedoraproject.org/updates/FEDORA-2013-4234/stunnel-4.55-1.fc17 69 https://admin.fedoraproject.org/updates/FEDORA-2013-4296/tomcat6-6.0.36-1.fc... 65 https://admin.fedoraproject.org/updates/FEDORA-2013-4501/libxslt-1.1.28-1.fc... 62 https://admin.fedoraproject.org/updates/FEDORA-2013-4581/libuser-0.57.6-2.fc... 50 https://admin.fedoraproject.org/updates/FEDORA-2013-5349/389-ds-base-1.2.11.... 43 https://admin.fedoraproject.org/updates/FEDORA-2013-5967/xorg-x11-server-1.1... 15 https://admin.fedoraproject.org/updates/FEDORA-2013-8284/thunderbird-17.0.6-... 8 https://admin.fedoraproject.org/updates/FEDORA-2013-8953/openjpeg-1.4-15.fc1... 6 https://admin.fedoraproject.org/updates/FEDORA-2013-9170/slock-1.1-3.fc17 6 https://admin.fedoraproject.org/updates/FEDORA-2013-9116/transifex-client-0.... 6 https://admin.fedoraproject.org/updates/FEDORA-2013-9111/livecd-tools-17.17-... 6 https://admin.fedoraproject.org/updates/FEDORA-2013-9138/xorg-x11-drv-opench... 5 https://admin.fedoraproject.org/updates/FEDORA-2013-9258/pki-tps-9.0.11-1.fc... 3 https://admin.fedoraproject.org/updates/FEDORA-2013-9518/mod_security-2.7.3-... 3 https://admin.fedoraproject.org/updates/FEDORA-2013-9505/socat-1.7.2.2-1.fc1... 3 https://admin.fedoraproject.org/updates/FEDORA-2013-9522/cgit-0.9.2-1.fc17 1 https://admin.fedoraproject.org/updates/FEDORA-2013-9622/mediawiki-1.19.7-1.... 1 https://admin.fedoraproject.org/updates/FEDORA-2013-9628/bzr-2.5.1-11.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-9771/rubygem-passenger-3... 0 https://admin.fedoraproject.org/updates/FEDORA-2013-9774/mingw-gnutls-2.12.2... 0 https://admin.fedoraproject.org/updates/FEDORA-2013-9799/gnutls-2.12.23-2.fc... 0 https://admin.fedoraproject.org/updates/FEDORA-2013-9798/LibRaw-0.14.8-2.fc1...
The following Fedora 17 Critical Path updates have yet to be approved: Age URL 282 https://admin.fedoraproject.org/updates/FEDORA-2012-12509/PackageKit-0.7.6-1... 90 https://admin.fedoraproject.org/updates/FEDORA-2013-3304/libvpx-1.2.0-1.fc17 12 https://admin.fedoraproject.org/updates/FEDORA-2013-8581/clutter-1.10.8-2.fc... 8 https://admin.fedoraproject.org/updates/FEDORA-2013-8916/kwebkitpart-1.3.2-2... 6 https://admin.fedoraproject.org/updates/FEDORA-2013-9111/livecd-tools-17.17-... 3 https://admin.fedoraproject.org/updates/FEDORA-2013-9510/notification-daemon... 1 https://admin.fedoraproject.org/updates/FEDORA-2013-9641/polkit-0.104-7.fc17 0 https://admin.fedoraproject.org/updates/FEDORA-2013-9799/gnutls-2.12.23-2.fc... 0 https://admin.fedoraproject.org/updates/FEDORA-2013-9705/perl-threads-1.87-1... 0 https://admin.fedoraproject.org/updates/FEDORA-2013-9123/kernel-3.9.4-100.fc...
The following builds have been pushed to Fedora 17 updates-testing
LibRaw-0.14.8-2.fc17 cabal-rpm-0.8.0-1.fc17 csslint-0.9.10-1.fc17 gnutls-2.12.23-2.fc17 ibus-kkc-1.5.13-1.fc17 kernel-3.9.4-100.fc17 libindicator-12.10.1-1.fc17 libkkc-0.2.3-1.fc17 mingw-gnutls-2.12.23-2.fc17 oxygen-gtk2-1.3.4-1.fc17 oxygen-gtk3-1.1.4-1.fc17 rubygem-passenger-3.0.21-1.fc17 shinken-1.4-1.fc17 sugar-ruler-31-1.fc17
Details about builds:
================================================================================ LibRaw-0.14.8-2.fc17 (FEDORA-2013-9798) Library for reading RAW files obtained from digital photo cameras -------------------------------------------------------------------------------- Update Information:
Fix for CVE-2013-2126, double-free flaw when handling damaged full-color in Foveon and sRAW files. Latest upstream, corrects gcc 4.8 issues. -------------------------------------------------------------------------------- ChangeLog:
* Wed May 29 2013 Jon Ciesla limburgher@gmail.com - 0.14.8-2 - Patch for double free, CVE-2013-2126, BZ 968387. * Wed May 29 2013 Jon Ciesla limburgher@gmail.com - 0.14.8-1 - Latest upstream, fixes gcc 4.8 issues. * Thu Apr 11 2013 Jon Ciesla limburgher@gmail.com - 0.14.7-4 - Revert prior patch. * Thu Apr 11 2013 Jon Ciesla limburgher@gmail.com - 0.14.7-3 - Patch for segfault, BZ 948628. * Wed Feb 13 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.14.7-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Mon Nov 26 2012 Jon Ciesla limburgher@gmail.com - 0.14.7-1 - New upstream 0.14.7 * Wed Jul 18 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.14.6-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Sat Jun 2 2012 Siddhesh Poyarekar siddhesh.poyarekar@gmail.com - 0.14.6-2 - Use lcms2. * Sat Jun 2 2012 Siddhesh Poyarekar siddhesh.poyarekar@gmail.com - 0.14.6-1 - New upstream 0.14.6 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #968387 - LibRaw various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=968387 --------------------------------------------------------------------------------
================================================================================ cabal-rpm-0.8.0-1.fc17 (FEDORA-2013-9770) RPM package creator for Haskell Cabal-based packages -------------------------------------------------------------------------------- Update Information:
Version 0.8.0 follows the new updated Fedora Haskell Packaging Guidelines -------------------------------------------------------------------------------- ChangeLog:
* Fri May 31 2013 Jens Petersen petersen@redhat.com - 0.8.0-1 - use simplified Fedora Haskell Packaging macros approved by Fedora Packaging Committee (https://fedorahosted.org/fpc/ticket/194) * Wed Apr 3 2013 Jens Petersen petersen@redhat.com - 0.7.1-2 - better require cabal-install --------------------------------------------------------------------------------
================================================================================ csslint-0.9.10-1.fc17 (FEDORA-2013-9786) Detecting potential problems in CSS code -------------------------------------------------------------------------------- Update Information:
Upstream 0.9.10. -------------------------------------------------------------------------------- ChangeLog:
* Fri May 31 2013 Guillaume Kulakowski <guillaume DOT kulakowski AT fedoraproject DOT org> - 0.9.10-1 - Upstream 0.9.10 * Wed Feb 13 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.9.8-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Wed Jul 18 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.9.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ gnutls-2.12.23-2.fc17 (FEDORA-2013-9799) A TLS protocol implementation -------------------------------------------------------------------------------- Update Information:
Important security update - possible DoS of both client and server.
-------------------------------------------------------------------------------- ChangeLog:
* Fri May 31 2013 Tomas Mraz tmraz@redhat.com 2.12.23-2 - fix CVE-2013-2116 - regression from the TLS-CBC timing attack fix (#966754) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #966754 - CVE-2013-2116 gnutls: out of bounds read in _gnutls_ciphertext2compressed (GNUTLS-SA-2013-2) https://bugzilla.redhat.com/show_bug.cgi?id=966754 --------------------------------------------------------------------------------
================================================================================ ibus-kkc-1.5.13-1.fc17 (FEDORA-2013-9777) Japanese Kana Kanji input method for ibus -------------------------------------------------------------------------------- Update Information:
new upstream release -------------------------------------------------------------------------------- ChangeLog:
* Wed May 15 2013 Daiki Ueno dueno@redhat.com - 1.5.13-1 - new upstream release * Thu May 9 2013 Daiki Ueno dueno@redhat.com - 1.5.12-1 - new upstream release * Thu May 2 2013 Daiki Ueno dueno@redhat.com - 1.5.11-2 - specify IBus version when configure * Wed May 1 2013 Daiki Ueno dueno@redhat.com - 1.5.11-1 - new upstream release --------------------------------------------------------------------------------
================================================================================ kernel-3.9.4-100.fc17 (FEDORA-2013-9123) The Linux kernel -------------------------------------------------------------------------------- Update Information:
Rebase to 3.9.4 now that 3.8 is no longer maintained. -------------------------------------------------------------------------------- ChangeLog:
* Fri May 24 2013 Justin M. Forbes jforbes@redhat.com - 3.9.4-100 - Linux v3.9.4 * Fri May 24 2013 Josh Boyer jwboyer@redhat.com - Add patch to quiet irq remapping failures (rhbz 948262) * Thu May 23 2013 Josh Boyer jwboyer@redhat.com - Fix oops from incorrect rfkill set in hp-wmi (rhbz 964367) * Wed May 22 2013 Peter Robinson pbrobinson@fedoraproject.org - Update ARM configs for 3.9 * Wed May 22 2013 Justin M. Forbes jforbes@redhat.com - Initial 3.9.3 rebase - Don't remove headers explicitly exported via UAPI (rhbz 959467) - Fix config-local usage (rhbz 950841) * Wed May 22 2013 Josh Boyer jwboyer@redhat.com - Fix memcmp error in iwlwifi --------------------------------------------------------------------------------
================================================================================ libindicator-12.10.1-1.fc17 (FEDORA-2013-9778) Shared functions for Ayatana indicators -------------------------------------------------------------------------------- Update Information:
Update to 12.10.1. -------------------------------------------------------------------------------- ChangeLog:
* Thu May 30 2013 Eduardo Echeverria echevemaster@gmail.com - 12.10.1-1 - Update to 12.10.1 - Add GTK2 support * Thu Feb 14 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.4.94-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Thu Jul 19 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.4.94-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ libkkc-0.2.3-1.fc17 (FEDORA-2013-9777) Japanese Kana Kanji conversion library -------------------------------------------------------------------------------- Update Information:
new upstream release -------------------------------------------------------------------------------- ChangeLog:
* Wed May 15 2013 Daiki Ueno dueno@redhat.com - 0.2.3-1 - new upstream release * Wed May 8 2013 Daiki Ueno dueno@redhat.com - 0.2.2-1 - new upstream release * Wed May 1 2013 Daiki Ueno dueno@redhat.com - 0.2.1-1 - new upstream release * Wed May 1 2013 Daiki Ueno dueno@redhat.com - 0.2.0-2 - synch with the latest upstream git master * Tue Apr 30 2013 Daiki Ueno dueno@redhat.com - 0.2.0-1 - new upstream release --------------------------------------------------------------------------------
================================================================================ mingw-gnutls-2.12.23-2.fc17 (FEDORA-2013-9774) MinGW GnuTLS TLS/SSL encryption library -------------------------------------------------------------------------------- Update Information:
Fix for CVE-2013-2116. -------------------------------------------------------------------------------- ChangeLog:
* Thu May 30 2013 Michael Cronenworth mike@cchtml.com - 2.12.23-2 - Fix CVE-2013-2116 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #966754 - CVE-2013-2116 gnutls: out of bounds read in _gnutls_ciphertext2compressed (GNUTLS-SA-2013-2) https://bugzilla.redhat.com/show_bug.cgi?id=966754 --------------------------------------------------------------------------------
================================================================================ oxygen-gtk2-1.3.4-1.fc17 (FEDORA-2013-9781) Oxygen GTK+2 theme -------------------------------------------------------------------------------- Update Information:
oxygen-gtk2 1.3.4, oxygen-gtk3 1.1.4
Fixes include:
- a crash due to the use of g_spawn_command_line_sync for some versions of gtk - better detection of empty areas for window grabbing
https://projects.kde.org/news/222 -------------------------------------------------------------------------------- ChangeLog:
* Fri May 31 2013 Alexey Kurov nucleo@fedoraproject.org - 1.3.4-1 - oxygen-gtk2-1.3.4 * Mon Apr 22 2013 Alexey Kurov nucleo@fedoraproject.org - 1.3.3-1 - oxygen-gtk2-1.3.3 --------------------------------------------------------------------------------
================================================================================ oxygen-gtk3-1.1.4-1.fc17 (FEDORA-2013-9781) Oxygen GTK+3 theme -------------------------------------------------------------------------------- Update Information:
oxygen-gtk2 1.3.4, oxygen-gtk3 1.1.4
Fixes include:
- a crash due to the use of g_spawn_command_line_sync for some versions of gtk - better detection of empty areas for window grabbing
https://projects.kde.org/news/222 -------------------------------------------------------------------------------- ChangeLog:
* Fri May 31 2013 Alexey Kurov nucleo@fedoraproject.org - 1:1.1.4-1 - oxygen-gtk3-1.1.4 * Mon Apr 22 2013 Alexey Kurov nucleo@fedoraproject.org - 1:1.1.3-1 - oxygen-gtk3-1.1.3 --------------------------------------------------------------------------------
================================================================================ rubygem-passenger-3.0.21-1.fc17 (FEDORA-2013-9771) Passenger Ruby web application server -------------------------------------------------------------------------------- Update Information:
Update to version 3.0.21 - Fix for CVE-2013-2119 -------------------------------------------------------------------------------- ChangeLog:
* Thu May 30 2013 Troy Dawson tdawson@redhat.com - 3.0.21-1 - Update to version 3.0.21 - Fix for CVE-2013-2119 * Thu May 16 2013 Troy Dawson tdawson@redhat.com - 3.0.19-4 - Fix to make agents work on F19+ * Wed Mar 13 2013 Troy Dawson tdawson@redhat.com - 3.0.19-3 - Fix to make it build/install on F19+ - Added patch105 * Thu Feb 14 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 3.0.19-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Sun Jan 20 2013 Orion Poplawski orion@cora.nwra.com - 3.0.19-1 - Update to 3.0.19 * Wed Sep 19 2012 Orion Poplawski orion@cora.nwra.com - 3.0.17-3 - Drop dependency on rubygem(file-tail), no longer needed -------------------------------------------------------------------------------- References:
[ 1 ] Bug #968930 - CVE-2013-2119 rubygem-passenger: incorrect temporary file usage [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=968930 --------------------------------------------------------------------------------
================================================================================ shinken-1.4-1.fc17 (FEDORA-2013-9779) Python Monitoring tool -------------------------------------------------------------------------------- Update Information:
update version 1.4 -------------------------------------------------------------------------------- ChangeLog:
* Mon May 27 2013 David Hannequin david.hannequin@gmail.com - 1.4-1 - Update from upstream. --------------------------------------------------------------------------------
================================================================================ sugar-ruler-31-1.fc17 (FEDORA-2013-9775) Simple collection of measurement tools -------------------------------------------------------------------------------- Update Information:
Version 31 release -------------------------------------------------------------------------------- ChangeLog:
* Fri May 31 2013 Kalpa Welivitigoda callkalpa@gmail.com - 31-1 - Release 31 * Sun May 26 2013 Peter Robinson pbrobinson@fedoraproject.org 29 - Release 29 * Fri Feb 15 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 27-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Sun Jan 13 2013 Kalpa Welivitigoda callkalpa@gmail.com - 27-1 - new upstream 27 release * Tue Jan 8 2013 Kalpa Welivitigoda callkalpa@gmail.com - 25-1 - new upstream 25 release * Sat Dec 29 2012 Kalpa Welivitigoda callkalpa@gmail.com - 24-1 - new upstream 24 release * Fri Nov 2 2012 Kalpa Welivitigoda callkalpa@gmail.com - 23-2 - changed to require: sugar >= 0.97.6 * Tue Oct 30 2012 Kalpa Welivitigoda callkalpa@gmail.com - 23-1 - new upstream 23 release * Sat Oct 27 2012 Kalpa Welivitigoda callkalpa@gmail.com - 21-1 - new upstream 21 release - gtk3 port * Sat Jul 21 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 19-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild --------------------------------------------------------------------------------