The following Fedora 19 Security updates need testing: Age URL 279 https://admin.fedoraproject.org/updates/FEDORA-2013-19963/openstack-glance-2... 91 https://admin.fedoraproject.org/updates/FEDORA-2014-5896/nrpe-2.15-2.fc19 71 https://admin.fedoraproject.org/updates/FEDORA-2014-6553/chicken-4.8.0.6-2.f... 69 https://admin.fedoraproject.org/updates/FEDORA-2014-6597/drupal7-views-3.8-1... 42 https://admin.fedoraproject.org/updates/FEDORA-2014-7496/readline-6.2-8.fc19 41 https://admin.fedoraproject.org/updates/FEDORA-2014-7570/asterisk-11.10.2-2.... 40 https://admin.fedoraproject.org/updates/FEDORA-2014-6774/claws-mail-3.10.1-1... 40 https://admin.fedoraproject.org/updates/FEDORA-2014-7610/perl-Email-Address-... 31 https://admin.fedoraproject.org/updates/FEDORA-2014-7939/lzo-2.08-1.fc19 26 https://admin.fedoraproject.org/updates/FEDORA-2014-8089/rubygem-activerecor... 18 https://admin.fedoraproject.org/updates/FEDORA-2014-8328/python-bottle-0.12.... 18 https://admin.fedoraproject.org/updates/FEDORA-2014-8332/transmission-2.84-1... 15 https://admin.fedoraproject.org/updates/FEDORA-2014-8443/mosquitto-1.3.2-1.f... 12 https://admin.fedoraproject.org/updates/FEDORA-2014-8564/dpkg-1.16.15-1.fc19 9 https://admin.fedoraproject.org/updates/FEDORA-2014-8176/krb5-1.11.3-24.fc19 8 https://admin.fedoraproject.org/updates/FEDORA-2014-8352/cups-1.6.4-7.fc19 8 https://admin.fedoraproject.org/updates/FEDORA-2014-8771/ReviewBoard-1.7.27-... 6 https://admin.fedoraproject.org/updates/FEDORA-2014-8803/exim-4.80.1-4.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-8809/thunderbird-24.7.0-... 5 https://admin.fedoraproject.org/updates/FEDORA-2014-8904/ansible-1.6.10-1.fc... 4 https://admin.fedoraproject.org/updates/FEDORA-2014-8919/bugzilla-4.2.10-1.f... 1 https://admin.fedoraproject.org/updates/FEDORA-2014-9005/kernel-3.14.14-100.... 1 https://admin.fedoraproject.org/updates/FEDORA-2014-8972/libndp-1.4-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-9057/httpd-2.4.10-1.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-9087/drupal7-date-2.8-1.... 0 https://admin.fedoraproject.org/updates/FEDORA-2014-9037/pixman-0.30.0-4.fc1... 0 https://admin.fedoraproject.org/updates/FEDORA-2014-9073/tor-0.2.4.23-1.fc19
The following Fedora 19 Critical Path updates have yet to be approved: Age URL 227 https://admin.fedoraproject.org/updates/FEDORA-2013-22326/fedora-bookmarks-1... 153 https://admin.fedoraproject.org/updates/FEDORA-2014-3245/testdisk-6.14-2.fc1... 9 https://admin.fedoraproject.org/updates/FEDORA-2014-8176/krb5-1.11.3-24.fc19 8 https://admin.fedoraproject.org/updates/FEDORA-2014-8761/systemd-204-20.fc19 8 https://admin.fedoraproject.org/updates/FEDORA-2014-8352/cups-1.6.4-7.fc19 6 https://admin.fedoraproject.org/updates/FEDORA-2014-8809/thunderbird-24.7.0-... 5 https://admin.fedoraproject.org/updates/FEDORA-2014-8910/qt5-qtbase-5.3.1-5.... 3 https://admin.fedoraproject.org/updates/FEDORA-2014-8924/ibus-1.5.7-6.fc19 1 https://admin.fedoraproject.org/updates/FEDORA-2014-8970/koji-1.9.0-4.fc19 0 https://admin.fedoraproject.org/updates/FEDORA-2014-9037/pixman-0.30.0-4.fc1...
The following builds have been pushed to Fedora 19 updates-testing
anki-2.0.28-1.fc19 cross-gcc-4.9.1-1.fc19 drupal7-date-2.8-1.fc19 drupal7-features-2.1-1.fc19 golang-github-codegangsta-cli-1.1.0-1.fc19 golang-github-tchap-go-patricia-1.0.1-4.fc19 groonga-4.0.4-1.fc19 httpd-2.4.10-1.fc19 mlpack-1.0.9-1.fc19 nicotine+-1.2.16-8.fc19 nomacs-2.0.2-1.fc19 opendkim-2.9.2-1.fc19 packagedb-cli-2.5-1.fc19 perl-App-CSV-0.08-3.fc19 perl-Mail-GnuPG-0.20-1.fc19 php-symfony-icu-1.2.2-1.fc19 phpMyAdmin-4.2.7-1.fc19 pixman-0.30.0-4.fc19 python-httpretty-0.8.3-1.fc19 python-rhsm-1.12.5-1.fc19 retrace-server-1.12-2.fc19 subscription-manager-1.12.11-1.fc19 tor-0.2.4.23-1.fc19
Details about builds:
================================================================================ anki-2.0.28-1.fc19 (FEDORA-2014-9055) Flashcard program for using space repetition learning -------------------------------------------------------------------------------- Update Information:
Update to new bugfix upstream release 2.0.28.
* More reliable media sync. * New default Anki folder is ~/Documents/Anki (Anki will use a previous Anki folder if it exists, please rename it manually if you wish to use the new location.) * Compatibility with new online synchronization protocol version. * Minor enhancements. * Minor bug fixes.
Please see http://www.ankisrs.net/docs/changes.html for details. -------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 30 2014 Christian Krause chkr@fedoraproject.org - 2.0.28-1 - Update to new upstream version 2.0.28 (BZ 1123961) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1123961 - anki-2.0.28 is available https://bugzilla.redhat.com/show_bug.cgi?id=1123961 [ 2 ] Bug #1123655 - Synchronization failure on versions older than 2.0.28 https://bugzilla.redhat.com/show_bug.cgi?id=1123655 --------------------------------------------------------------------------------
================================================================================ cross-gcc-4.9.1-1.fc19 (FEDORA-2014-9045) Cross C compiler -------------------------------------------------------------------------------- Update Information:
Move to 4.9.1 to avoid incorrect stack red-zoning on x86_64 [gcc bz 61904] Add support for nios2 and build libgcc for cris Move to using gcc-4.9 Move to using gcc-4.9 Add support for nios2 and build libgcc for cris Move to using gcc-4.9 Move to using gcc-4.9 -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 28 2014 David Howells dhowells@redhat.com - 4.9.1-1 - Rebase on gcc-4.9.1-2 [gcc BZ 61904 / 61801]. * Fri Jul 18 2014 David Howells dhowells@redhat.com - 4.9.0-4 - Enable libgcc building on cris [gcc BZ 61737]. - Add NIOS2 arch support. * Mon Jul 7 2014 David Howells dhowells@redhat.com - 4.9.0-3 - Enable libgcc building on s390x [BZ 1116185]. * Mon Jun 16 2014 David Howells dhowells@redhat.com - 4.9.0-2 - Rebase on gcc-4.9.0-14. * Mon Jun 16 2014 David Howells dhowells@redhat.com - 4.9.0-1 - Move to gcc-4.9.0. --------------------------------------------------------------------------------
================================================================================ drupal7-date-2.8-1.fc19 (FEDORA-2014-9087) This package contains both the Date module and a Date API module -------------------------------------------------------------------------------- Update Information:
Update to upstream 2.8 release, due to security fix for CVE-2014-5169 -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 31 2014 Jared Smith jsmith@fedoraproject.org 2.8-1 - Update to upstream 2.8 release - This release fixes an XSS issue, CVE-2014-5169 * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.7-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1125283 - CVE-2014-5169 drupal7-date: Cross Site Scripting (XSS) https://bugzilla.redhat.com/show_bug.cgi?id=1125283 --------------------------------------------------------------------------------
================================================================================ drupal7-features-2.1-1.fc19 (FEDORA-2014-9061) Provides feature management for Drupal -------------------------------------------------------------------------------- Update Information:
Update to upstream 2.1 release for bug fixes. For more details, refer to: https://www.drupal.org/node/2311903 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 30 2014 Paul W. Frields stickster@gmail.com - 2.1-1 - Update to upstream 2.1 release for bug fixes * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.0-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1124742 - drupal7-features-2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1124742 --------------------------------------------------------------------------------
================================================================================ golang-github-codegangsta-cli-1.1.0-1.fc19 (FEDORA-2014-9049) Package for building command line apps in Go -------------------------------------------------------------------------------- Update Information:
27ecc97192df1bf053a22b04463f2b51b8b8373e tagged 1.1.0 update to master commit 27ecc97192df1bf053a22b04463f2b51b8b8373e correct cp args -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1114175 - Review Request: golang-github-codegangsta-cli - Package for building command line apps in Go https://bugzilla.redhat.com/show_bug.cgi?id=1114175 --------------------------------------------------------------------------------
================================================================================ golang-github-tchap-go-patricia-1.0.1-4.fc19 (FEDORA-2014-9053) A generic patricia trie implemented in Go -------------------------------------------------------------------------------- Update Information:
Resolves: rhbz#1117562 - package review request -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1117562 - Review Request: golang-github-tchap-go-patricia - A generic patricia trie implemented in Go https://bugzilla.redhat.com/show_bug.cgi?id=1117562 --------------------------------------------------------------------------------
================================================================================ groonga-4.0.4-1.fc19 (FEDORA-2014-9076) An Embeddable Fulltext Search Engine -------------------------------------------------------------------------------- Update Information:
Update to 4.0.4 See http://groonga.org/en/blog/2014/07/29/release.html Update to 4.0.2. See http://groonga.org/en/blog/2014/05/29/release.html -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 31 2014 HAYASHI Kentaro hayashi@clear-code.com - 4.0.4-1 - new upstream release. * Tue Jul 1 2014 HAYASHI Kentaro hayashi@clear-code.com - 4.0.3-1 - new upstream release. * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 4.0.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Fri May 30 2014 HAYASHI Kentaro hayashi@clear-code.com - 4.0.2-1 - new upstream release. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1124156 - groonga-4.0.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1124156 --------------------------------------------------------------------------------
================================================================================ httpd-2.4.10-1.fc19 (FEDORA-2014-9057) Apache HTTP Server -------------------------------------------------------------------------------- Update Information:
This update includes the latest stable release of the Apache HTTP Server, httpd 2.4.10.
http://www.apache.org/dist/httpd/Announcement2.4.html -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 21 2014 Joe Orton jorton@redhat.com - 2.4.10-1 - update to 2.4.10 - expand variables in docdir example configs - create drop directory for systemd snippets (jkaluza) - use 2048-bit RSA key with SHA-256 signature in dummy certificate -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1120596 - CVE-2014-0231 httpd: mod_cgid denial of service https://bugzilla.redhat.com/show_bug.cgi?id=1120596 [ 2 ] Bug #1120599 - CVE-2014-0117 httpd: mod_proxy denial of service https://bugzilla.redhat.com/show_bug.cgi?id=1120599 [ 3 ] Bug #1120601 - CVE-2014-0118 httpd: mod_deflate denial of service https://bugzilla.redhat.com/show_bug.cgi?id=1120601 [ 4 ] Bug #1120603 - CVE-2014-0226 httpd: mod_status heap-based buffer overflow https://bugzilla.redhat.com/show_bug.cgi?id=1120603 --------------------------------------------------------------------------------
================================================================================ mlpack-1.0.9-1.fc19 (FEDORA-2014-9072) Scalable, fast C++ machine learning library -------------------------------------------------------------------------------- Update Information:
Update to latest stable release. -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 28 2014 Ryan Curtin ryan@ratml.org - 1.0.9-1 - Update to latest stable release. * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.0.8-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Fri May 23 2014 Petr Machata pmachata@redhat.com - 1.0.8-3 - Rebuild for boost 1.55.0 --------------------------------------------------------------------------------
================================================================================ nicotine+-1.2.16-8.fc19 (FEDORA-2014-9046) A client for the SoulSeek file sharing network -------------------------------------------------------------------------------- Update Information:
This update enables UPnP support in Nicotine+. It also fixes crashes on filelist scanning with corrupt files. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 31 2014 Mohamed El Morabity melmorabity@fedoraproject.org - 1.2.16-8 - Fix #RHBZ 1009934 - Add python-miniupnpc as Requires for UPnP support - Spec cleanup -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1009934 - [abrt] nicotine+-1.2.16-7.fc19 https://bugzilla.redhat.com/show_bug.cgi?id=1009934 --------------------------------------------------------------------------------
================================================================================ nomacs-2.0.2-1.fc19 (FEDORA-2014-9043) Lightweight image viewer -------------------------------------------------------------------------------- Update Information:
Version bump. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 31 2014 TI_Eugene ti.eugene@gmail.com 2.0.2-1 - Version bump. * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.6.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ opendkim-2.9.2-1.fc19 (FEDORA-2014-9058) A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail -------------------------------------------------------------------------------- Update Information:
Updating to newer upstream source: 2.9.2 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 30 2014 Steve Jenkins steve@stevejenkins.com - 2.9.2-1 - Updated to use newer upstream 2.9.2 source code - Fixed invalid date in changelog * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.9.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #973541 - opendkim-2.9.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=973541 --------------------------------------------------------------------------------
================================================================================ packagedb-cli-2.5-1.fc19 (FEDORA-2014-9083) A CLI for pkgdb -------------------------------------------------------------------------------- Update Information:
Packagedb-cli Release 2.5
* Fix logging (cf rhbz#1123524) * Add the update_critpath -------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 30 2014 Pierre-Yves Chibon pingou@pingoured.fr - 2.5-1 - Update to 2.5 - Fixes https://bugzilla.redhat.com/1123524 (Don't add stream handler to root logger in library) - Add the update_critpath method to pkgdb2client -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1123524 - Don't add stream handler to root logger in library https://bugzilla.redhat.com/show_bug.cgi?id=1123524 --------------------------------------------------------------------------------
================================================================================ perl-App-CSV-0.08-3.fc19 (FEDORA-2014-9065) App::CSV Perl module -------------------------------------------------------------------------------- Update Information:
New package to manage csv files via CLI :) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1062942 - Review Request: perl-App-CSV - The CSV command line Tool https://bugzilla.redhat.com/show_bug.cgi?id=1062942 --------------------------------------------------------------------------------
================================================================================ perl-Mail-GnuPG-0.20-1.fc19 (FEDORA-2014-9048) Process email with GPG -------------------------------------------------------------------------------- Update Information:
-------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 30 2014 Ralf Corsépius corsepiu@fedoraproject.org - 0.20-1 - Upstream update. --------------------------------------------------------------------------------
================================================================================ php-symfony-icu-1.2.2-1.fc19 (FEDORA-2014-9059) Symfony Icu Component -------------------------------------------------------------------------------- Update Information:
Updated to 1.2.2
Git diff: v1.2.1 to v1.2.2: https://github.com/symfony/Icu/compare/v1.2.1...v1.2.2 -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 31 2014 Shawn Iwinski shawn.iwinski@gmail.com - 1.2.2-1 - Updated to 1.2.2 (BZ #1124230) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1124230 - php-symfony-icu-1.1.2/1.2.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1124230 --------------------------------------------------------------------------------
================================================================================ phpMyAdmin-4.2.7-1.fc19 (FEDORA-2014-9067) Handle the administration of MySQL over the World Wide Web -------------------------------------------------------------------------------- Update Information:
phpMyAdmin 4.2.7.0 (2014-07-31) ===============================
- Broken links on home page - Overlap in navigation panel - Action icons not in horizontal order - s_attention.png is missing - Uncaught TypeError: Cannot call method 'substr' of undefined - PMA 4.2.x and HHVM - mysql_doc_template is not defined -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 31 2014 Robert Scheck robert@fedoraproject.org 4.2.7-1 - Upgrade to 4.2.7 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1125363 - phpMyAdmin-4.2.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1125363 --------------------------------------------------------------------------------
================================================================================ pixman-0.30.0-4.fc19 (FEDORA-2014-9037) Pixel manipulation library -------------------------------------------------------------------------------- Update Information:
CVE-2013-6425, added patches from https://bugzilla.redhat.com/show_bug.cgi?id=1043743 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 30 2014 Jared Smith jsmith@fedoraproject.org - 0.30.0-4 - Added patches from https://bugzilla.redhat.com/show_bug.cgi?id=1043743 - These patches address CVE-2013-6425 * Sun Aug 4 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.30.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Thu Jul 4 2013 Karsten Hopp karsten@redhat.com 0.30.0-2 - bump release and rebuild to fix dependencies on PPC -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1037975 - CVE-2013-6425 pixman: integer underflow when handling trapezoids https://bugzilla.redhat.com/show_bug.cgi?id=1037975 --------------------------------------------------------------------------------
================================================================================ python-httpretty-0.8.3-1.fc19 (FEDORA-2014-9093) HTTP request mock tool for Python -------------------------------------------------------------------------------- Update Information:
HTTP request mock tool for Python -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1036755 - Review Request: python-httpretty - HTTP client mock for Python https://bugzilla.redhat.com/show_bug.cgi?id=1036755 --------------------------------------------------------------------------------
================================================================================ python-rhsm-1.12.5-1.fc19 (FEDORA-2014-9091) A Python library to communicate with a Red Hat Unified Entitlement Platform -------------------------------------------------------------------------------- Update Information:
Fix for Bugzilla #1122772 and #1120431 -------------------------------------------------------------------------------- ChangeLog:
* Fri Jul 25 2014 jesus m. rodriguez jesusr@redhat.com 1.12.5-1 - 1120431: Support for complex path matching. (bkearney@redhat.com) * Thu Jul 3 2014 jesus m. rodriguez jesusr@redhat.com 1.12.4-1 - Add required bz flags to tito releasers. (dgoodwin@redhat.com) - Remove pyqver verbose flag. (alikins@redhat.com) - Use tox.ini to setup pep8 for 'make stylish' (alikins@redhat.com) - Update pyqver setup. Set min version of 2.7. (alikins@redhat.com) - Add libcrypto to list of libs to link to. (bcourt@redhat.com) --------------------------------------------------------------------------------
================================================================================ retrace-server-1.12-2.fc19 (FEDORA-2014-9039) Application for remote coredump analysis -------------------------------------------------------------------------------- Update Information:
update to 1.12 -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 31 2014 Michal Toman mtoman@redhat.com 1.12-1 - do not run kmem on vmcores by default - fix group readability of vmcores - add support for lzop compression - add DeleteFailedTaskAfter config option - add arch-based remote execution - add set-success and set-fail actions to retrace-server-interact - add config sanity checks to retrace-server-cleanup --------------------------------------------------------------------------------
================================================================================ subscription-manager-1.12.11-1.fc19 (FEDORA-2014-9091) Tools and libraries for subscription and repository management -------------------------------------------------------------------------------- Update Information:
Fix for Bugzilla #1122772 and #1120431 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jul 30 2014 Alex Wood awood@redhat.com 1.12.11-1 - 1124726: Man page entry for '--no-subscriptions' option (wpoteat@redhat.com) - 1122772: yum repolist now displays warning when appropriate. (csnyder@redhat.com) * Fri Jul 25 2014 jesus m. rodriguez jesusr@redhat.com 1.12.10-1 - Revert "1114132: subman-gui and other tools are disabled in container mode." (jesusr@redhat.com) - Revert "include dirent.h" (jesusr@redhat.com) * Fri Jul 25 2014 jesus m. rodriguez jesusr@redhat.com 1.12.9-1 - include dirent.h (jesusr@redhat.com) * Fri Jul 25 2014 jesus m. rodriguez jesusr@redhat.com 1.12.8-1 - 1039577: simplify reposgui gpgcheck control (ckozak@redhat.com) - 1046132: Makes rhsm-icon slightly less annoying. (csnyder@redhat.com) - 1054632: Adds '7.x' to how to launch section of manual. (csnyder@redhat.com) - 1065158: Prompt for environment on registration when necessary (ckozak@redhat.com) - 1114126: Container mode message is written to stderr (csnyder@redhat.com) - 1114132: subman-gui and other tools are disabled in container mode. (csnyder@redhat.com) - 1115499: Allow enable/disable repos in same command. (dgoodwin@redhat.com) - 1118012: Fixes several typos in man page. (csnyder@redhat.com) - 1121251: rhsm-debug system does not bash-complete for "--no-subscriptions" (wpoteat@redhat.com) - 1121272: fix typo that blocked enabling repos via CLI (ckozak@redhat.com) - cleanup and fix gui pool reselection on refresh (ckozak@redhat.com) - Force subscription-manager yum plugin to respect the managed root (rholy@redhat.com) - Force product-id yum plugin to respect the managed root (rholy@redhat.com) - Display other overrides in the gui (ckozak@redhat.com) * Thu Jul 3 2014 jesus m. rodriguez jesusr@redhat.com 1.12.7-1 - 1114117: Allow subscriptions to be excluded from rhsm-debug data collection (wpoteat@redhat.com) - Remove debugging print line from managerlib (ckozak@redhat.com) * Mon Jun 30 2014 jesus m. rodriguez jesusr@redhat.com 1.12.6-1 - 1022622: Modifies --no-overlap to show pools which provide products not already covered. (csnyder@redhat.com) - Reload ostree_config after updating remotes. (alikins@redhat.com) - Fix iniparse tidy import. (alikins@redhat.com) - Remove noise debug logging. (alikins@redhat.com) - Include 'tls-ca-path' for ostree remote configs. (alikins@redhat.com) - Use iniparse.util.tidy if installed. (alikins@redhat.com) - Fix odd ostree repo config whitespace issues. (alikins@redhat.com) - Always update ostree refspec when adding remotes. (alikins@redhat.com) * Thu Jun 26 2014 Adrian Likins alikins@redhat.com 1.12.5-1 - Merge pull request #978 from candlepin/alikins/ostree_gpg_http (alikins@redhat.com) - Merge pull request #979 from candlepin/csnyder/help_message_identity_force (jmrodri@nc.rr.com) - Use rhsm.baseurl for ostree urls as well. (alikins@redhat.com) - Handle Content.gpg="http://" as gpg-verify=false (alikins@redhat.com) - 1107810: Updates help message for identity --force. (csnyder@redhat.com) - Merge pull request #977 from candlepin/alikins/handle_no_origin (dgoodwin@rm- rf.ca) - Merge pull request #974 from cgwalters/doc-typos (jmrodri@nc.rr.com) - Merge pull request #973 from candlepin/alikins/1112282_cond_ostree_rpm (jmrodri@nc.rr.com) - make has_ostree use macro value NOT hardcoded value. (jesusr@redhat.com) - Handle missing or empty ostree origin file. (alikins@redhat.com) - Fix saving ostree remote configs with gpg set. (alikins@redhat.com) - plugin/ostree: Fix doc typos (walters@verbum.org) - Merge pull request #972 from candlepin/ckozak/fix_custom_fact_log (jmrodri@nc.rr.com) - Merge pull request #968 from candlepin/alikins/setup_py (jmrodri@nc.rr.com) - 1112282: Dont build ostree plugin subpackage < 7 (alikins@redhat.com) - Merge pull request #966 from candlepin/alikins/1108257_rhel_5_workstation_special (c4kofony@gmail.com) - Add required bz flags to tito releaser definition. (dgoodwin@redhat.com) - 1112326: remove extra '/' from custom fact loading error logging (ckozak@redhat.com) - Allow tests to run in any TZ (mstead@redhat.com) - Temp ignore use of subprocess.check_output (alikins@redhat.com) - Add test cases for 'rhel-5-workstation' tags. (alikins@redhat.com) - 1108257: special case prod tag rhel-5-workstation (alikins@redhat.com) - Add a simple setup.py. (alikins@redhat.com) - Merge pull request #965 from candlepin/alikins/good_enthusiasm_pep8 (dgoodwin @rm-rf.ca) - Turn off verbose mode of pyqver. (alikins@redhat.com) - make stylish cleanups for new pep8 (alikins@redhat.com) - Add tox.ini with ignores for pep8 indention (alikins@redhat.com) * Thu Jun 19 2014 Devan Goodwin dgoodwin@rm-rf.ca 1.12.4-1 - Fix broken logging statement in container mode. (dgoodwin@redhat.com) - 1067035: Move Subscription Manager version for better layout (wpoteat@redhat.com) --------------------------------------------------------------------------------
================================================================================ tor-0.2.4.23-1.fc19 (FEDORA-2014-9073) Anonymizing overlay network for TCP (The onion router) -------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2014-5117 -------------------------------------------------------------------------------- ChangeLog:
* Thu Jul 31 2014 Jamie Nguyen jamielinux@fedoraproject.org - 0.2.4.23-1 - update to upstream release 0.2.4.23 - CVE-2014-5117: potential for traffic-confirmation attacks -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1124964 - CVE-2014-5117 tor: potential for traffic-confirmation attacks https://bugzilla.redhat.com/show_bug.cgi?id=1124964 --------------------------------------------------------------------------------