The following Fedora 19 Security updates need testing:
Age URL
106
https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glanc...
51
https://admin.fedoraproject.org/updates/FEDORA-2013-23592/rubygem-actionp...
43
https://admin.fedoraproject.org/updates/FEDORA-2013-24023/varnish-3.0.5-1...
28
https://admin.fedoraproject.org/updates/FEDORA-2014-0621/graphviz-2.30.1-...
24
https://admin.fedoraproject.org/updates/FEDORA-2014-0797/libinfinity-0.5....
11
https://admin.fedoraproject.org/updates/FEDORA-2014-1734/quassel-0.9.2-1....
11
https://admin.fedoraproject.org/updates/FEDORA-2014-1648/lightdm-gtk-1.6....
10
https://admin.fedoraproject.org/updates/FEDORA-2014-1795/socat-1.7.2.3-1....
10
https://admin.fedoraproject.org/updates/FEDORA-2014-1766/libpng12-1.2.50-...
7
https://admin.fedoraproject.org/updates/FEDORA-2014-1864/curl-7.29.0-13.fc19
7
https://admin.fedoraproject.org/updates/FEDORA-2014-1883/zarafa-7.1.8-1.fc19
6
https://admin.fedoraproject.org/updates/FEDORA-2014-1916/chrony-1.29.1-1....
6
https://admin.fedoraproject.org/updates/FEDORA-2014-1955/tpp-1.3.1-17.fc19
6
https://admin.fedoraproject.org/updates/FEDORA-2014-1910/ibus-chewing-1.4...
5
https://admin.fedoraproject.org/updates/FEDORA-2014-1972/fwsnort-1.6.4-1....
4
https://admin.fedoraproject.org/updates/FEDORA-2014-1999/pidgin-2.10.9-1....
3
https://admin.fedoraproject.org/updates/FEDORA-2014-2051/xulrunner-27.0-1...
2
https://admin.fedoraproject.org/updates/FEDORA-2014-2083/thunderbird-24.3...
2
https://admin.fedoraproject.org/updates/FEDORA-2014-2071/icedtea-web-1.4....
2
https://admin.fedoraproject.org/updates/FEDORA-2014-2140/python-gnupg-0.3...
2
https://admin.fedoraproject.org/updates/FEDORA-2014-2123/lighttpd-1.4.34-...
0
https://admin.fedoraproject.org/updates/FEDORA-2014-2183/apache-commons-f...
0
https://admin.fedoraproject.org/updates/FEDORA-2014-2188/xen-4.2.3-15.fc19
The following Fedora 19 Critical Path updates have yet to be approved:
Age URL
54
https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmark...
17
https://admin.fedoraproject.org/updates/FEDORA-2014-1324/firefox-26.0-6.fc19
12
https://admin.fedoraproject.org/updates/FEDORA-2014-1599/libgsf-1.14.29-1...
7
https://admin.fedoraproject.org/updates/FEDORA-2014-1860/linux-firmware-2...
7
https://admin.fedoraproject.org/updates/FEDORA-2014-1874/abrt-2.1.12-1.fc...
7
https://admin.fedoraproject.org/updates/FEDORA-2014-1879/ibus-1.5.5-2.fc19
6
https://admin.fedoraproject.org/updates/FEDORA-2014-1958/livecd-tools-19....
6
https://admin.fedoraproject.org/updates/FEDORA-2014-1916/chrony-1.29.1-1....
4
https://admin.fedoraproject.org/updates/FEDORA-2014-2022/gupnp-tools-0.8....
3
https://admin.fedoraproject.org/updates/FEDORA-2014-2066/perl-threads-sha...
2
https://admin.fedoraproject.org/updates/FEDORA-2014-2084/perl-threads-1.9...
2
https://admin.fedoraproject.org/updates/FEDORA-2014-2083/thunderbird-24.3...
2
https://admin.fedoraproject.org/updates/FEDORA-2014-0752/firewalld-0.3.9....
0
https://admin.fedoraproject.org/updates/FEDORA-2014-2208/krb5-1.11.3-20.fc19
0
https://admin.fedoraproject.org/updates/FEDORA-2014-2163/kernel-3.12.10-2...
0
https://admin.fedoraproject.org/updates/FEDORA-2014-2053/kde-workspace-4....
The following builds have been pushed to Fedora 19 updates-testing
duply-1.6.0-1.fc19
ghdl-0.31-2.fc19
krb5-1.11.3-20.fc19
leiningen-1.7.1-7.fc19
libpng10-1.0.61-1.fc19
mingw-speex-1.2-0.16.rc1.fc19
nwchem-6.3.2-7.fc19
python-Rtree-0.7.0-5.fc19
se-sandbox-runner-1.6.8-2.fc19
squid-3.2.13-2.fc19
unifont-6.3.20140204-1.fc19
Details about builds:
================================================================================
duply-1.6.0-1.fc19 (FEDORA-2014-2198)
Wrapper for duplicity
--------------------------------------------------------------------------------
Update Information:
Update to the latest stable version.
Changes in 1.6.0:
- support gs backend
- support dropbox backend
- add gpg-agent support to gpg test routines
- autoenable --use-agent if passwords were not defined in config
- GPG_OPTS are now honored everywhere, keyrings or complete gpg homedir can thus be
configured to be located anywhere
- always import both secret and public key if avail from config profile
- new explanatory comments in initial exclude file
- bugfix 7: Duply only imports one key at a time
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 28 2014 Thomas Moschny <thomas.moschny(a)gmx.de> - 1.6.0-1
- Update to 1.6.0.
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
1.5.11-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
ghdl-0.31-2.fc19 (FEDORA-2014-2212)
A VHDL simulator, using the GCC technology
--------------------------------------------------------------------------------
Update Information:
update to 0.31 release; now comes with a standards compliant math library
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 1 2014 Thomas Sailer <t.sailer(a)alumni.ethz.ch> - 0.31-2
- update to release 0.31
--------------------------------------------------------------------------------
================================================================================
krb5-1.11.3-20.fc19 (FEDORA-2014-2208)
The Kerberos network authentication system
--------------------------------------------------------------------------------
Update Information:
This update adds proposed patches to allow the ksu command to make proper use of
credentials stored in DIR: or KEYRING: caches, and to create caches in the location
specified in the "default_ccache_name" setting in /etc/krb5.conf.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 31 2014 Nalin Dahyabhai <nalin(a)redhat.com> - 1.11.3-20
- add currently-proposed changes to teach ksu about credential cache
collections and the default_ccache_name setting (#1015559,#1026099)
* Fri Jan 31 2014 Nalin Dahyabhai <nalin(a)redhat.com>
- drop patch to add additional access() checks to ksu - they add to breakage
when non-FILE: caches are in use (#1026099), shouldn't be resulting in any
benefit, and clash with proposed changes to fix its cache handling
--------------------------------------------------------------------------------
================================================================================
leiningen-1.7.1-7.fc19 (FEDORA-2014-2215)
Clojure project automation tool
--------------------------------------------------------------------------------
Update Information:
This update adds a missing runtime requirement on plexus-container-default.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 7 2014 William Benton <willb(a)redhat.com> - 1.7.1-7
- adds dependency on plexus-container-default; fixes bz1008699
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1008699 - 'lein repl' doesn't work after 'yum install
leiningen'
https://bugzilla.redhat.com/show_bug.cgi?id=1008699
--------------------------------------------------------------------------------
================================================================================
libpng10-1.0.61-1.fc19 (FEDORA-2014-2211)
Old version of libpng, needed to run old binaries
--------------------------------------------------------------------------------
Update Information:
Current cumulative bug-fix update from upstream. Only minor issues, as noted in the
changelog.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 7 2014 Paul Howarth <paul(a)city-fan.org> 1.0.61-1
- update to 1.0.61
- ignore, with a warning, out-of-range value of num_trans in png_set_tRNS()
- replaced AM_CONFIG_HEADER(config.h) with AC_CONFIG_HEADERS([config.h]) in
configure.ac
- changed default value of PNG_USER_CACHE_MAX from 0 to 32767 in pngconf.h
- avoid a possible memory leak in contrib/gregbook/readpng.c
- revised libpng.3 so that "doclifter" can process it
- changed '"%s"m' to '"%s" m' in png_debug macros to
improve portability
among compilers
- rebuilt the configure scripts with autoconf-2.69 and automake-1.14.1
- removed potentially misleading warning from png_check_IHDR()
- quiet set-but-not-used warnings in pngset.c
- quiet an uninitialized memory warning from VC2013 in png_get_png()
- quiet unused variable warnings from clang by porting PNG_UNUSED() from
libpng-1.4.6
- added -DZ_SOLO to CFLAGS in contrib/pngminim/*/makefile
- added an #ifdef PNG_FIXED_POINT_SUPPORTED/#endif in pngset.c
- drop upstreamed aarch64 patch
- drop patch for CVE-2013-6954, which only actually affected libpng versions
1.6.1 to 1.6.7
--------------------------------------------------------------------------------
================================================================================
mingw-speex-1.2-0.16.rc1.fc19 (FEDORA-2014-2213)
Voice compression format (codec)
--------------------------------------------------------------------------------
Update Information:
Speex is a patent-free compression format designed especially for speech. It is
specialized for voice communications at low bit-rates in the 2-45 kbps range. Possible
applications include Voice over IP (VoIP), Internet audio streaming, audio books, and
archiving of speech data (e.g. voice mail). This is the MinGW version.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1062291 - Review Request: mingw-speex - Voice compression format (codec)
https://bugzilla.redhat.com/show_bug.cgi?id=1062291
--------------------------------------------------------------------------------
================================================================================
nwchem-6.3.2-7.fc19 (FEDORA-2014-2193)
Delivering High-Performance Computational Chemistry to Science
--------------------------------------------------------------------------------
Update Information:
Delivering High-Performance Computational Chemistry to Science
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #984605 - Review Request: nwchem - Delivering High-Performance Computational
Chemistry
https://bugzilla.redhat.com/show_bug.cgi?id=984605
--------------------------------------------------------------------------------
================================================================================
python-Rtree-0.7.0-5.fc19 (FEDORA-2014-2201)
Python wrapper of the spatialindex library
--------------------------------------------------------------------------------
Update Information:
Due to the wrong use of find_library() this module erroneously expected to find an
unversioned library. Importing the rtree module resulted in failure, previous to this
update.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 8 2014 Volker Fröhlich <volker27(a)gmx.at> - 0.7.0-5
- Remove hard-coded library extension (BZ#1001840)
- Ignore harmless test failure to fix FTBFS
- Remove obsolete version requirements
* Sun Aug 4 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.7.0-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> -
0.7.0-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1001840 - python-Rtree fails with wrong SONAME
https://bugzilla.redhat.com/show_bug.cgi?id=1001840
--------------------------------------------------------------------------------
================================================================================
se-sandbox-runner-1.6.8-2.fc19 (FEDORA-2014-2196)
Qt wrapper for SELinux Sandbox
--------------------------------------------------------------------------------
Update Information:
reimplemented JobList;
reimplemented shredding;
some improvements;
reimplemented JobList;
reimplemented shredding;
some improvements;
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 8 2014 Fl@sh <kaperang07(a)gmail.com> - 1.6.8-2
- added a condition to the selinux-policy-sandbox requirement;
- release updated;
* Fri Feb 7 2014 Fl@sh <kaperang07(a)gmail.com> - 1.6.8-1
- added selinux-policy-sandbox to R;
- version updated;
* Wed Jan 22 2014 Fl@sh <kaperang07(a)gmail.com> - 1.4.7-1
- added sandbox-runner-data to R;
- removed hicolor-icon-theme, oxygen-icon-theme from R;
- removed Icon_Cache ScriptletSnippets;
- removed unnecessary %files path;
- version updated;
--------------------------------------------------------------------------------
================================================================================
squid-3.2.13-2.fc19 (FEDORA-2014-2205)
The Squid proxy caching server
--------------------------------------------------------------------------------
Update Information:
This update fixes issues with building of helpers.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 7 2014 Michal Luscon <mluscon(a)redhat.com> - 7:3.2.13-2
- Fixed: building of helpers
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1058107 - regression - squid rpm no longer includes ldap group support
https://bugzilla.redhat.com/show_bug.cgi?id=1058107
--------------------------------------------------------------------------------
================================================================================
unifont-6.3.20140204-1.fc19 (FEDORA-2014-2202)
Tools and glyph descriptions in a very simple text format
--------------------------------------------------------------------------------
Update Information:
Update to new upstream version
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 7 2014 Zbigniew Jędrzejewski-Szmek <zbyszek(a)in.waw.pl> - 6.3.20140204-1
- Update to new upstream version
* Sun Feb 2 2014 Zbigniew Jędrzejewski-Szmek <zbyszek(a)in.waw.pl> - 6.3.20140202-1
- Update to new upstream version
--------------------------------------------------------------------------------