Fedora 20 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Mon Dec 1 19:09:03 UTC 2014
The following Fedora 20 Security updates need testing:
Age URL
59 https://admin.fedoraproject.org/updates/FEDORA-2014-11969/krb5-1.11.5-16.fc20
16 https://admin.fedoraproject.org/updates/FEDORA-2014-15108/mantis-1.2.17-4.fc20
16 https://admin.fedoraproject.org/updates/FEDORA-2014-14963/avr-binutils-2.24-3.fc20
16 https://admin.fedoraproject.org/updates/FEDORA-2014-14833/arm-none-eabi-binutils-cs-2014.05.28-3.fc20
16 https://admin.fedoraproject.org/updates/FEDORA-2014-15130/kwebkitpart-1.3.4-5.fc20
13 https://admin.fedoraproject.org/updates/FEDORA-2014-15244/wireshark-1.10.11-1.fc20
12 https://admin.fedoraproject.org/updates/FEDORA-2014-15371/rubygem-actionpack-4.0.0-5.fc20
12 https://admin.fedoraproject.org/updates/FEDORA-2014-15379/nodejs-0.10.33-1.fc20,libuv-0.10.29-1.fc20
10 https://admin.fedoraproject.org/updates/FEDORA-2014-15489/rubygem-sprockets-2.8.2-5.fc20
6 https://admin.fedoraproject.org/updates/FEDORA-2014-15701/teeworlds-0.6.3-1.fc20
6 https://admin.fedoraproject.org/updates/FEDORA-2014-15709/asterisk-11.14.1-1.fc20
4 https://admin.fedoraproject.org/updates/FEDORA-2014-15847/libksba-1.3.2-1.fc20
4 https://admin.fedoraproject.org/updates/FEDORA-2014-15841/hivex-1.3.8-4.fc20
4 https://admin.fedoraproject.org/updates/FEDORA-2014-15812/graphviz-2.34.0-10.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-16048/couchdb-1.6.1-4.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-15995/xen-4.3.3-6.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-16003/mariadb-5.5.40-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-16016/util-linux-2.24.2-2.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-16033/mediawiki-1.23.7-1.fc20
The following Fedora 20 Critical Path updates have yet to be approved:
Age URL
13 https://admin.fedoraproject.org/updates/FEDORA-2014-15326/pycairo-1.10.0-1.fc20
9 https://admin.fedoraproject.org/updates/FEDORA-2014-15523/gdb-7.7.1-22.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-16022/gnutls-3.1.28-2.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-16032/libpcap-1.5.3-3.fc20
The following builds have been pushed to Fedora 20 updates-testing
ansible-1.8.1-1.fc20
armadillo-4.550.0-1.fc20
couchdb-1.6.1-4.fc20
ddd-3.3.12-20.fc20
docker-io-1.3.2-3.git353ff40.fc20
docker-registry-0.9.0-1.fc20
fail2ban-0.9.1-1.fc20
gedit-valencia-0.8.0-1.fc20
gnutls-3.1.28-2.fc20
golang-github-Sirupsen-logrus-0.6.0-1.fc20
icecream-1.0.1-9.20140822git.fc20
icedtea-web-1.5.2-0.fc20
imapsync-1.607-1.fc20
julia-0.3.3-1.fc20
libpcap-1.5.3-3.fc20
libreoffice-4.2.7.2-11.fc20
libykneomgr-0.1.6-1.fc20
lis-1.5.24-1.fc20
liveusb-creator-3.13.1-1.fc20
mariadb-5.5.40-1.fc20
mate-panel-1.8.1-2.fc20
mate-themes-extras-3.10.3-1.fc20
mediawiki-1.23.7-1.fc20
mingw-orc-0.4.22-1.fc20
munin-2.0.25-1.fc20
nodejs-handlebars-2.0.0-2.fc20
pam_mount-2.14-4.fc20
perl-Fsdb-2.53-1.fc20
perl-Net-Pcap-Easy-1.4209-1.fc20
perl-Net-Whois-Raw-2.76-1.fc20
perl-Parse-EDID-1.0.6-3.fc20
perl-Plack-Middleware-FixMissingBodyInRedirect-0.12-1.fc20
php-aws-sdk-2.7.6-1.fc20
phpMyAdmin-4.2.13-1.fc20
pyparsing-2.0.3-1.fc20
python-aiohttp-0.10.2-1.fc20
python-larch-1.20131130-1.fc20
python-pymemcache-1.2.5-2.fc20
python-tooz-0.9-1.fc20
rlwrap-0.42-1.fc20
sip-redirect-0.2.0-1.fc20
supermin-5.1.9-3.fc20
unzip-6.0-14.fc20
util-linux-2.24.2-2.fc20
xen-4.3.3-6.fc20
xpa-2.1.15-3.fc20
Details about builds:
================================================================================
ansible-1.8.1-1.fc20 (FEDORA-2014-16004)
SSH-based configuration management, deployment, and task execution system
--------------------------------------------------------------------------------
Update Information:
Update to 1.8.1
Update to 1.8
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 27 2014 Kevin Fenzi <kevin at scrye.com> 1.8.1-1
- Update to 1.8.1
* Tue Nov 25 2014 Kevin Fenzi <kevin at scrye.com> 1.8-2
- Rebase el6 patch
* Tue Nov 25 2014 Kevin Fenzi <kevin at scrye.com> 1.8-1
- Update to 1.8
* Thu Oct 9 2014 Toshio Kuratomi <toshio at fedoraproject.org> - 1.7.2-2
- Add /usr/bin/ansible to the rhel6 newer pycrypto patch
--------------------------------------------------------------------------------
================================================================================
armadillo-4.550.0-1.fc20 (FEDORA-2014-15989)
Fast C++ matrix library with interfaces to LAPACK and ATLAS
--------------------------------------------------------------------------------
Update Information:
Version 4.550 (Singapore Sling Deluxe)
* added matrix exponential function: expmat()
* faster .log_p() and .avg_log_p() functions in the gmm_diag class when compiling with OpenMP enabled
* faster handling of in-place addition/subtraction of expressions with an outer product
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 28 2014 José Matos <jamatos at fedoraproject.org> - 4.550.0-1
- update to 4.550.0
--------------------------------------------------------------------------------
================================================================================
couchdb-1.6.1-4.fc20 (FEDORA-2014-16048)
A document database server, accessible via a RESTful JSON API
--------------------------------------------------------------------------------
Update Information:
* Fix CVE-2010-5312 couchdb: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option (rhbz #1166767)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 27 2014 Peter Lemenkov <lemenkov at gmail.com> - 1.6.1-4
- Fix CVE-2010-5312 couchdb: jquery-ui: XSS vulnerability in jQuery.ui.dialog
title option (rhbz #1166767)
* Fri Nov 14 2014 Peter Lemenkov <lemenkov at gmail.com> - 1.6.1-3
- Fix systemd unit file permissions (755 -> 644)
- Remove EL5,EL6 support
* Tue Nov 4 2014 Peter Lemenkov <lemenkov at gmail.com> - 1.6.1-2
- Rebuild for Erlang 17.3.3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1166041 - CVE-2010-5312 jquery-ui: XSS vulnerability in jQuery.ui.dialog title option
https://bugzilla.redhat.com/show_bug.cgi?id=1166041
--------------------------------------------------------------------------------
================================================================================
ddd-3.3.12-20.fc20 (FEDORA-2014-16036)
GUI for several command-line debuggers
--------------------------------------------------------------------------------
Update Information:
fix missing dependency
--------------------------------------------------------------------------------
ChangeLog:
* Sat Nov 29 2014 Andy Grover <agrover at redhat.com> - 3.3.12-20
- Add Requires for xorg-x11-apps, for rhbz #1169011
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.3.12-19
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1169011 - ddd missing dependency
https://bugzilla.redhat.com/show_bug.cgi?id=1169011
--------------------------------------------------------------------------------
================================================================================
docker-io-1.3.2-3.git353ff40.fc20 (FEDORA-2014-16006)
Automates deployment of containerized applications
--------------------------------------------------------------------------------
Update Information:
Resolves: rhbz#1169035, rhbz#1169151
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 30 2014 Lokesh Mandvekar <lsm5 at fedoraproject.org> - 1.3.2-3.git353ff40
- Resolves: rhbz#1169035, rhbz#1169151
- bring back golang deps (except libcontainer)
* Tue Nov 25 2014 Lokesh Mandvekar <lsm5 at fedoraproject.org> - 1.3.2-2
- install sources skipped prior
* Tue Nov 25 2014 Lokesh Mandvekar <lsm5 at fedoraproject.org> - 1.3.2-1
- Resolves: rhbz#1167642 - Update to upstream v1.3.2
- Resolves: rhbz#1167505, rhbz#1167507 - CVE-2014-6407
- Resolves: rhbz#1167506 - CVE-2014-6408
- use vendor/ dir for golang deps for this NVR (fix deps soon after)
* Wed Nov 19 2014 Lokesh Mandvekar <lsm5 at fedoraproject.org> - 1.3.1-3
- Resolves: rhbz#1165615
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1169035 - Docker-io-1.3.2 needs device-mapper-libs-1.02.90 but in fact it is not in Fedora 20 repository
https://bugzilla.redhat.com/show_bug.cgi?id=1169035
[ 2 ] Bug #1169151 - docker run fails with 'finalize namespace setup user setgid operation not supported'
https://bugzilla.redhat.com/show_bug.cgi?id=1169151
--------------------------------------------------------------------------------
================================================================================
docker-registry-0.9.0-1.fc20 (FEDORA-2014-15992)
Registry server for Docker
--------------------------------------------------------------------------------
Update Information:
Resolves: rhbz#1163120 - update to upstream v0.9.0
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 26 2014 Lokesh Mandvekar <lsm5 at fedoraproject.org> - 0.9.0-1
- Resolves: rhbz#1163120 - update to upstream v0.9.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1163120 - docker-registry-0.9.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1163120
--------------------------------------------------------------------------------
================================================================================
fail2ban-0.9.1-1.fc20 (FEDORA-2014-15988)
Ban IPs that make too many password failures
--------------------------------------------------------------------------------
Update Information:
- Update to 0.9.1:
Refactoring (IMPORTANT -- Please review your setup and configuration):
iptables-common.conf replaced iptables-blocktype.conf (iptables-blocktype.local should still be read) and now also provides defaults for the chain, port, protocol and name tags
Fixes:
start of file2ban aborted (on slow hosts, systemd considers the server has been timed out and kills him), see gh-824
UTF-8 fixes in pure-ftp thanks to Johannes Weberhofer. Closes gh-806.
systemd backend error on bad utf-8 in python3
badips.py action error when logging HTTP error raised with badips request
fail2ban-regex failed to work in python3 due to space/tab mix
recidive regex samples incorrect log level
journalmatch for recidive incorrect PRIORITY
loglevel couldn't be changed in fail2ban.conf
Handle case when no sqlite library is available for persistent database
Only reban once per IP from database on fail2ban restart
Nginx filter to support missing server_name. Closes gh-676
fail2ban-regex assertion error caused by miscount missed lines with multiline regex
Fix actions failing to execute for Python 3.4.0. Workaround for http://bugs.python.org/issue21207
Database now returns persistent bans on restart (bantime < 0)
Recursive action tags now fully processed. Fixes issue with bsd-ipfw action
Fixed TypeError with "ipfailures" and "ipjailfailures" action tags. Thanks Serg G. Brester
Correct times for non-timezone date times formats during DST
Pass a copy of, not original, aInfo into actions to avoid side-effects
Per-distribution paths to the exim's main log
Ignored IPs are no longer banned when being restored from persistent database
Manually unbanned IPs are now removed from persistent database, such they wont be banned again when Fail2Ban is restarted
Pass "bantime" parameter to the actions in default jail's action definition(s)
filters.d/sieve.conf - fixed typo in _daemon. Thanks Jisoo Park
cyrus-imap -- also catch also failed logins via secured (imaps/pop3s). Regression was introduced while strengthening failregex in 0.8.11 (bd175f) Debian bug #755173
postfix-sasl - added journalmatch. Thanks Luc Maisonobe
postfix* - match with a new daemon string (postfix/submission/smtpd). Closes gh-804 . Thanks Paul Traina
apache - added filter for AH01630 client denied by server configuration.
New features:
New filters:
monit Thanks Jason H Martin
directadmin Thanks niorg
apache-shellshock Thanks Eugene Hopkinson (SlowRiot)
New actions:
symbiosis-blacklist-allports for Bytemark symbiosis firewall
fail2ban-client can fetch the running server version
Added Cloudflare API action
Enhancements
Start performance of fail2ban-client (and tests) increased, start time and cpu usage rapidly reduced. Introduced a shared storage logic, to bypass reading lots of config files (see gh-824). Thanks to Joost Molenaar for good catch (reported gh-820).
Fail2ban-regex - add print-all-matched option. Closes gh-652
Suppress fail2ban-client warnings for non-critical config options
Match non "Bye Bye" disconnect messages for sshd locked account regex
courier-smtp filter:
match lines with user names
match lines containing "535 Authentication failed" attempts
Add <chain> tag to iptables-ipsets
Realign fail2ban log output with white space to improve readability. Does not affect SYSLOG output
Log unhandled exceptions
cyrus-imap: catch "user not found" attempts
Add support for Portsentry
- Fix php-url-fopen logpath
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 28 2014 Orion Poplawski <orion at cora.nwra.com> - 0.9.1-1
- Update to 0.9.1 (bug #1169024)
- Fix php-url-fopen logpath (bug #1169026)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1169024 - Please upgrade to fail2ban 0.9.1
https://bugzilla.redhat.com/show_bug.cgi?id=1169024
[ 2 ] Bug #1169026 - fail2ban jail.conf needs to list multiple log paths in logpath on multiple lines
https://bugzilla.redhat.com/show_bug.cgi?id=1169026
--------------------------------------------------------------------------------
================================================================================
gedit-valencia-0.8.0-1.fc20 (FEDORA-2014-15993)
A gedit plugin providing lightweight Vala IDE
--------------------------------------------------------------------------------
Update Information:
Latest upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 26 2014 Michel Alexandre Salim <salimma at fedoraproject.org> - 0.8.0-1
- Update to 0.8.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1066848 - gedit-valencia-0.8.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1066848
[ 2 ] Bug #1064190 - gedit-valencia-0.5.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1064190
--------------------------------------------------------------------------------
================================================================================
gnutls-3.1.28-2.fc20 (FEDORA-2014-16022)
A TLS protocol implementation
--------------------------------------------------------------------------------
Update Information:
Addresses regression with rehandshakes introduced in 3.1.27
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 28 2014 Nikos Mavrogiannopoulos <nmav at redhat.com> - 3.1.28-2
- Addresses regression with rehandshakes introduced in 3.1.27 (#1168942)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1168942 - gnutls 3.1.27 breaks use of GNUTLS_E_GOT_APPLICATION_DATA
https://bugzilla.redhat.com/show_bug.cgi?id=1168942
--------------------------------------------------------------------------------
================================================================================
golang-github-Sirupsen-logrus-0.6.0-1.fc20 (FEDORA-2014-16010)
Structured logger for Go
--------------------------------------------------------------------------------
Update Information:
Update to 0.6.0
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 30 2014 Lokesh Mandvekar <lsm5 at fedoraproject.org> - 0.6.0-1
- Update to 0.6.0
--------------------------------------------------------------------------------
================================================================================
icecream-1.0.1-9.20140822git.fc20 (FEDORA-2014-16001)
Distributed compiler
--------------------------------------------------------------------------------
Update Information:
This update relaxes the SELinux policy for icecc-scheduler to be able to determine broadcast addresses.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 27 2014 Michal Schmidt <mschmidt at redhat.com> - 1.0.1-9.20140822git
- selinux: allow the scheduler to read state via netlink route sockets
- Fixes: rhbz#1162321
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1162321 - SELinux is preventing /usr/sbin/icecc-scheduler from 'nlmsg_read' accesses on the netlink_route_socket .
https://bugzilla.redhat.com/show_bug.cgi?id=1162321
--------------------------------------------------------------------------------
================================================================================
icedtea-web-1.5.2-0.fc20 (FEDORA-2014-15996)
Additional Java components for OpenJDK - Java browser plug-in and Web Start implementation
--------------------------------------------------------------------------------
Update Information:
update to upstream 1.5.2
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 27 2014 Jiri Vanek <jvanek at redhat.com> 1.5.2-0
- update to upstream 1.5.2
--------------------------------------------------------------------------------
================================================================================
imapsync-1.607-1.fc20 (FEDORA-2014-15998)
Tool to migrate email between IMAP servers
--------------------------------------------------------------------------------
Update Information:
Update to 1.607
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 26 2014 Nick Bebout <nb at fedoraproject.org> - 1.607-1
- Upgrade to 1.607
--------------------------------------------------------------------------------
================================================================================
julia-0.3.3-1.fc20 (FEDORA-2014-16019)
High-level, high-performance dynamic language for technical computing
--------------------------------------------------------------------------------
Update Information:
New upstream release.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 30 2014 Milan Bouchet-Valat <nalimilan at club.fr> - 0.3.3-1
- New upstream release.
- Bump libuv to follow upstream.
- Don't BuildRequire: llvm-static
* Tue Oct 28 2014 Milan Bouchet-Valat <nalimilan at club.fr> - 0.3.2-2
- Trigger rebuild to use LLVM 3.5.
--------------------------------------------------------------------------------
================================================================================
libpcap-1.5.3-3.fc20 (FEDORA-2014-16032)
A system-independent interface for user-level packet capture
--------------------------------------------------------------------------------
Update Information:
Don't crash when trying to filter on interface with NFLOG link layer type (#1147600)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 27 2014 Michal Sekletar <msekleta at redhat.com> - 14:1.5.3-3
- don't crash when trying to filter on interface with NFLOG link layer type (#1147600)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1147600 - [abrt] wireshark-gnome: gen_linktype(): wireshark killed by SIGABRT
https://bugzilla.redhat.com/show_bug.cgi?id=1147600
--------------------------------------------------------------------------------
================================================================================
libreoffice-4.2.7.2-11.fc20 (FEDORA-2014-16000)
Free Software Productivity Suite
--------------------------------------------------------------------------------
Update Information:
Don't create duplicate Mirrored props which can lead to creating odp files which cannot be reopened
Fix reported abrt crash with NULL pView
Resolves: rhbz#1167250 Crash in clipboard code
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 27 2014 Caolán McNamara <caolanm at redhat.com> - 1:4.2.7.2-11
- Resolves: fdo#84043 don't create duplicate Mirrored props
- Resolves: rhbz#1165444 abrt crash with NULL pView
* Wed Nov 26 2014 Eike Rathke <erack at redhat.com> - 1:4.2.7.2-10
- Resolves: rhbz#1167250 Crash in clipboard code
- Resolves: rhbz#1164898 and various other Calc sorting issues
- see also fdo#85215, fdo#83765, fdo#79441
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1165444 - [abrt] libreoffice-core: EditView::GetFieldUnderMousePointer(): soffice.bin killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1165444
[ 2 ] Bug #1167250 - [abrt] libreoffice-core: set(): soffice.bin killed by SIGABRT
https://bugzilla.redhat.com/show_bug.cgi?id=1167250
[ 3 ] Bug #1164898 - column sort on calculated value incorrect
https://bugzilla.redhat.com/show_bug.cgi?id=1164898
--------------------------------------------------------------------------------
================================================================================
libykneomgr-0.1.6-1.fc20 (FEDORA-2014-16039)
YubiKey NEO CCID Manager C Library
--------------------------------------------------------------------------------
Update Information:
Update to 0.1.6
--------------------------------------------------------------------------------
ChangeLog:
* Wed Sep 17 2014 Andy Lutomirski <luto at mit.edu> - 0.1.6-1
- Update to 0.1.6
--------------------------------------------------------------------------------
================================================================================
lis-1.5.24-1.fc20 (FEDORA-2014-16029)
A library for solving linear equations and eigenvalue problems
--------------------------------------------------------------------------------
Update Information:
Update to 1.5.24
Update to 1.5.22
Update to 1.5.13
Update to 1.5.11
Update to 1.5.4
Update to 1.5.2
Update to 1.4.67
Update to 1.4.64
Update to 1.4.63
Update to 1.4.62
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 27 2014 Florian Lehner <dev at der-flo.net> - 1.5.24-1
- Update to 1.5.24
* Wed Nov 26 2014 Florian Lehner <dev at der-flo.net> - 1.5.23-1
- Update to 1.5.23
* Tue Nov 25 2014 Florian Lehner <dev at der-flo.net> - 1.5.22-1
- Update to 1.5.22
* Fri Nov 21 2014 Florian Lehner <dev at der-flo.net> - 1.5.19-1
- Update to 1.5.19
* Fri Nov 21 2014 Florian Lehner <dev at der-flo.net> - 1.5.18-1
- Update to 1.5.18
* Sat Nov 15 2014 Florian Lehner <dev at der-flo.net> - 1.5.13-1
- Update to 1.5.13
* Wed Nov 12 2014 Florian Lehner <dev at der-flo.net> - 1.5.11-1
- Update to 1.5.11
* Tue Nov 4 2014 Florian Lehner <dev at der-flo.net> - 1.5.4-1
- Update to 1.5.4
* Sat Nov 1 2014 Florian Lehner <dev at der-flo.net> - 1.5.2-1
- Update to 1.5.2
* Tue Oct 28 2014 Florian Lehner <dev at der-flo.net> - 1.4.67-1
- Update to 1.4.67
* Mon Oct 27 2014 Florian Lehner <dev at der-flo.net> - 1.4.66-1
- Update to 1.4.66
* Tue Oct 21 2014 Florian Lehner <dev at der-flo.net> - 1.4.64-1
- Update to 1.4.64
* Mon Oct 20 2014 Florian Lehner <dev at der-flo.net> - 1.4.63-1
- Update to 1.4.63
* Sat Oct 18 2014 Florian Lehner <dev at der-flo.net> - 1.4.62-1
- Update to 1.4.62
--------------------------------------------------------------------------------
================================================================================
liveusb-creator-3.13.1-1.fc20 (FEDORA-2014-15980)
A liveusb creator
--------------------------------------------------------------------------------
Update Information:
* Support a new installation mode that uses `dd` to copy the iso directly to the device. This method tends to be more reliable than the non-destructive approach.
* Added a new `--dd` command-line option
* DVD iso support with the 'overwrite device' method
* Improved UI layout
* Added AppData metadata
* The `--calculcate-liveos-checksum` now works on Linux
* Fixed the code that automatically populates the available releases
* Switched to use polkit on Linux instead of consolehelper for authentication
* Translation updates
* Improved error handling
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 27 2014 Luke Macken <lmacken at redhat.com> - 3.13.1-1
- Latest upstream release
* Thu Nov 27 2014 Gene Czarcinski <gczarcinski at gmail.com> 3.13.0-2
- convert to using polkit (pkexec) instead of consolehelper
* Wed Nov 26 2014 Luke Macken <lmacken at redhat.com> - 3.13.0-1
- Latest upstream release with bug fixes and interface improvements.
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.12.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Fri Feb 21 2014 Luke Macken <lmacken at redhat.com> 3.12.1-1
- Update to 3.12.1 with more translations
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1096460 - [abrt] liveusb-creator: grabber.py:1727:_do_grab:URLGrabError: [Errno 14] curl#7 - "Failed to connect to 2a02:6b8::183: Сеть недоступна"
https://bugzilla.redhat.com/show_bug.cgi?id=1096460
[ 2 ] Bug #995258 - Cannot install Fedora 19 on MacBook pro
https://bugzilla.redhat.com/show_bug.cgi?id=995258
[ 3 ] Bug #1006270 - [abrt] liveusb-creator-3.11.8-3.fc19: creator.py:362:get_liveos:TypeError: unsupported operand type(s) for +: 'NoneType' and 'str'
https://bugzilla.redhat.com/show_bug.cgi?id=1006270
[ 4 ] Bug #1033489 - [abrt] liveusb-creator-3.11.8-3.fc19: creator.py:341:delete_liveos:UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 12: ordinal not in range(128)
https://bugzilla.redhat.com/show_bug.cgi?id=1033489
[ 5 ] Bug #1044309 - [abrt] liveusb-creator: gui.py:470:status:TypeError: QTextEdit.append(QString): argument 1 has unexpected type 'int'
https://bugzilla.redhat.com/show_bug.cgi?id=1044309
[ 6 ] Bug #1045692 - [abrt] liveusb-creator: gui.py:80:__init__:LiveUSBError: Unknown release: RFRemix 20 i686 XFCE
https://bugzilla.redhat.com/show_bug.cgi?id=1045692
[ 7 ] Bug #1057640 - [abrt] liveusb-creator: creator.py:732:get_free_bytes:OSError: [Errno 2] File o directory non esistente: '/run/media/lorenzo/F28B-8137'
https://bugzilla.redhat.com/show_bug.cgi?id=1057640
[ 8 ] Bug #1089453 - [abrt] liveusb-creator: linux_dialog.py:10:<module>:ImportError: /usr/lib/python2.7/site-packages/PyQt4/QtCore.so: undefined symbol: _ZTI13QStateMachine
https://bugzilla.redhat.com/show_bug.cgi?id=1089453
[ 9 ] Bug #1098725 - [abrt] liveusb-creator: creator.py:341:delete_liveos:UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 21: ordinal not in range(128)
https://bugzilla.redhat.com/show_bug.cgi?id=1098725
[ 10 ] Bug #1101288 - Created F20 liveusb boot problem
https://bugzilla.redhat.com/show_bug.cgi?id=1101288
[ 11 ] Bug #1120893 - unable to boot supermicro X10ssl-f and C7Z87
https://bugzilla.redhat.com/show_bug.cgi?id=1120893
[ 12 ] Bug #1149782 - liveusb-creator creates non-booting Live USB
https://bugzilla.redhat.com/show_bug.cgi?id=1149782
[ 13 ] Bug #1154779 - [abrt] liveusb-creator: python2.7 killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1154779
[ 14 ] Bug #1156489 - liveusb-creator for Windows (Win 8.1) produces not bootable usb media
https://bugzilla.redhat.com/show_bug.cgi?id=1156489
[ 15 ] Bug #1160979 - Trying to boot from USB just says "No OS found", or something like that
https://bugzilla.redhat.com/show_bug.cgi?id=1160979
[ 16 ] Bug #1161867 - Create a F20-DVD work but USB fail to boot
https://bugzilla.redhat.com/show_bug.cgi?id=1161867
[ 17 ] Bug #1164589 - Fedora Live unable to boot from USB 3.0 device
https://bugzilla.redhat.com/show_bug.cgi?id=1164589
[ 18 ] Bug #537577 - Ability to build LiveUSB from within a LiveDVD/CD
https://bugzilla.redhat.com/show_bug.cgi?id=537577
[ 19 ] Bug #1044243 - Installing from USB has wrong file paths
https://bugzilla.redhat.com/show_bug.cgi?id=1044243
[ 20 ] Bug #1054465 - [abrt] liveusb-creator: creator.py:362:get_liveos:TypeError: unsupported operand type(s) for +: 'NoneType' and 'str'
https://bugzilla.redhat.com/show_bug.cgi?id=1054465
[ 21 ] Bug #1145813 - RFE: use polkit instead of consolehelper
https://bugzilla.redhat.com/show_bug.cgi?id=1145813
--------------------------------------------------------------------------------
================================================================================
mariadb-5.5.40-1.fc20 (FEDORA-2014-16003)
A community developed branch of MySQL
--------------------------------------------------------------------------------
Update Information:
This is an update that fixes all issues described at https://mariadb.com/kb/en/mariadb/development/changelogs/mariadb-5540-changelog and also couple of security issues.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Oct 14 2014 Honza Horak <hhorak at redhat.com> - 1:5.5.40-1
- Rebase to 5.5.40
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1153461 - CVE-2014-4287 mysql: unspecified vulnerability related to SERVER:CHARACTER SETS (CPU October 2014)
https://bugzilla.redhat.com/show_bug.cgi?id=1153461
[ 2 ] Bug #1153462 - CVE-2014-6463 mysql: unspecified vulnerability related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML (CPU October 2014)
https://bugzilla.redhat.com/show_bug.cgi?id=1153462
[ 3 ] Bug #1153463 - CVE-2014-6464 mysql: unspecified vulnerability related to SERVER:INNODB DML FOREIGN KEYS (CPU October 2014)
https://bugzilla.redhat.com/show_bug.cgi?id=1153463
[ 4 ] Bug #1153464 - CVE-2014-6469 mysql: unspecified vulnerability related to SERVER:OPTIMIZER (CPU October 2014)
https://bugzilla.redhat.com/show_bug.cgi?id=1153464
[ 5 ] Bug #1153467 - CVE-2014-6484 mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)
https://bugzilla.redhat.com/show_bug.cgi?id=1153467
[ 6 ] Bug #1153489 - CVE-2014-6505 mysql: unspecified vulnerability related to SERVER:MEMORY STORAGE ENGINE (CPU October 2014)
https://bugzilla.redhat.com/show_bug.cgi?id=1153489
[ 7 ] Bug #1153490 - CVE-2014-6507 mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)
https://bugzilla.redhat.com/show_bug.cgi?id=1153490
[ 8 ] Bug #1153491 - CVE-2014-6520 mysql: unspecified vulnerability related to SERVER:DDL (CPU October 2014)
https://bugzilla.redhat.com/show_bug.cgi?id=1153491
[ 9 ] Bug #1153493 - CVE-2014-6530 mysql: unspecified vulnerability related to CLIENT:MYSQLDUMP (CPU October 2014)
https://bugzilla.redhat.com/show_bug.cgi?id=1153493
[ 10 ] Bug #1153494 - CVE-2014-6551 mysql: unspecified vulnerability related to CLIENT:MYSQLADMIN (CPU October 2014)
https://bugzilla.redhat.com/show_bug.cgi?id=1153494
[ 11 ] Bug #1153495 - CVE-2014-6555 mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)
https://bugzilla.redhat.com/show_bug.cgi?id=1153495
[ 12 ] Bug #1153496 - CVE-2014-6559 mysql: unspecified vulnerability related to C API SSL CERTIFICATE HANDLING (CPU October 2014)
https://bugzilla.redhat.com/show_bug.cgi?id=1153496
[ 13 ] Bug #1153497 - CVE-2014-6564 mysql: unspecified vulnerability related to SERVER:INNODB FULLTEXT SEARCH DML (CPU October 2014)
https://bugzilla.redhat.com/show_bug.cgi?id=1153497
--------------------------------------------------------------------------------
================================================================================
mate-panel-1.8.1-2.fc20 (FEDORA-2014-16015)
MATE Desktop panel and applets
--------------------------------------------------------------------------------
Update Information:
- fix rhbz (#1023604)
- timezone fix
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 28 2014 Wolfgang Ulbrich <chat-to-me at raveit.de> - 1.8.1-2
- fix rhbz (#1023604)
- timezone fix
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1023604 - [abrt] mate-panel-1.6.1-4.fc20: container_child_background_set: Process /usr/bin/mate-panel was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=1023604
--------------------------------------------------------------------------------
================================================================================
mate-themes-extras-3.10.3-1.fc20 (FEDORA-2014-15985)
Extra gtk-2/3 themes for gtk based desktops
--------------------------------------------------------------------------------
Update Information:
- better support for CSD applications
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 30 2014 Wolfgang Ulbrich <chat-to-me at raveit.de> - 3.14.3-1
- update to 3.10.3
--------------------------------------------------------------------------------
================================================================================
mediawiki-1.23.7-1.fc20 (FEDORA-2014-16033)
A wiki engine
--------------------------------------------------------------------------------
Update Information:
http://www.mediawiki.org/wiki/Release_notes/1.23#MediaWiki_1.23.7
* (bug 66776, bug 71478) SECURITY: User PleaseStand reported a way to inject code into API clients that used format=php to process pages that underwent flash policy mangling. This was fixed along with improving how the mangling was done for format=json, and allowing sites to disable the mangling using $wgMangleFlashPolicy.
* (bug 70901) SECURITY: User Jackmcbarn reported that the ability to update the content model for a page could allow an unprivileged attacker to edit another user's common.js under certain circumstances. The user right "editcontentmodel" was added, and is needed to change a revision's content model.
* (bug 71111) SECURITY: User PleaseStand reported that on wikis that allow raw HTML, it is not safe to preview wikitext coming from an untrusted source such as a cross-site request. Thus add an edit token to the form, and when raw HTML is allowed, ensure the token is provided before showing the preview. This check is not performed on wikis that both allow raw HTML and anonymous editing, since there are easier ways to exploit that scenario.
* (bug 72222) SECURITY: Do not show log action when the entry is revdeleted with DELETED_ACTION. NOTICE: this may be reverted in a future release pending a public RFC about the desired functionality. This issue was reported by user Bawolff.
* (bug 71621) Make allowing site-wide styles on restricted special pages a config option.
* (bug 42723) Added updated version history from 1.19.2 to 1.22.13
* $wgMangleFlashPolicy was added to make MediaWiki's mangling of anything that might be a flash policy directive configurable.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 28 2014 Michael Cronenworth <mike at cchtml.com> - 1.23.7-1
- Update to 1.23.7
- Release notes: http://www.mediawiki.org/wiki/Release_notes/1.23#MediaWiki_1.23.7
--------------------------------------------------------------------------------
================================================================================
mingw-orc-0.4.22-1.fc20 (FEDORA-2014-15994)
Cross compiled Oil Run-time Compiler
--------------------------------------------------------------------------------
Update Information:
0.4.22
======
Maintenance release:
* Handle NOCONFIGURE=1 in autogen.sh (Colin Walters)
* Some memory leak fixes in the compiler (Sebastian Dröge, Thiago Santos)
* Fixes for compiler warnings on Win64 (Edward Hervey)
* Properly detect CPU features on Android in non-debug build (Jan Schmidt)
* Use Android logging system instead of stderr for debug output (Jan Schmidt)
0.4.21
======
Maintenance release:
* Add libtool versioning to the linker flags again. This was accidentially removed in 0.4.20 but should not cause any problems on platforms other than OS X (Sebastian Dröge)
0.4.20
======
Maintenance release:
* Fix list corruption when splitting code memory chunks, causing crashes when allocating a lot of code memory and trying to free it later (Tim-Philipp Müller)
* Add some extra checks for the number of variables used in ORC code to prevent overflows and crashes in the compiler (Vincent Penquerc'h)
* Various compiler warnings, coverity warnings and static code analysis fixes (Sebastian Dröge)
0.4.19
======
Maintenance release:
* Fix out-of-tree builds (Edward Hervey)
* Fix many memory leaks, compiler warnings and coverity warnings (Tim-Philipp Müller, Olivier Crête, Todd Agulnick, Sebastian Dröge, Vincent Penquerc'h, Edward Hervey)
* Documentation fix for mulhsw, mulhuw (William Manley)
0.4.18
======
Maintenance release:
* Important bugfix in reading constants from bytecode. (Tim-Philipp Müller and Sebastian Dröge)
* Documentation and code cleanup (Stefan Sauer)
* Fix cache flushing on iOS (Andoni Morales Alastruey)
0.4.17
======
Maintenance release:
* Merged known distro patches.
* Added MIPS backend (Guillaume Emont).
* Disabled ARM backend because of poor coverage.
* Added bytecode parsing and writing. This can be used instead of manual creation of OrcPrograms.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 28 2014 Michael Cronenworth <mike at cchtml.com> - 0.4.22-1
- Updated to 0.4.22
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.4.16-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1168988 - Update mingw-orc
https://bugzilla.redhat.com/show_bug.cgi?id=1168988
--------------------------------------------------------------------------------
================================================================================
munin-2.0.25-1.fc20 (FEDORA-2014-16013)
Network-wide graphing framework (grapher/gatherer)
--------------------------------------------------------------------------------
Update Information:
Upstream released 2.0.25
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 25 2014 "D. Johnson" <fenris02 at fedoraproject.org> - 2.0.25-1
- Upstream released 2.0.25
--------------------------------------------------------------------------------
================================================================================
nodejs-handlebars-2.0.0-2.fc20 (FEDORA-2014-15991)
Mustache extension for Node.js
--------------------------------------------------------------------------------
Update Information:
Mustache extension for Node.js.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1123537 - Review Request: nodejs-handlebars - Mustache extension for Node.js
https://bugzilla.redhat.com/show_bug.cgi?id=1123537
--------------------------------------------------------------------------------
================================================================================
pam_mount-2.14-4.fc20 (FEDORA-2014-16005)
A PAM module that can mount volumes for a user session
--------------------------------------------------------------------------------
Update Information:
- Fix problems with selinux and unmounting (support utab)
- Handle newer mount versions
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 28 2014 Till Maas <opensource at till.name> - 2.14-4
- Remove usage of deprecated -p0 mount option (#1167684)
- Support utab (#1161601)
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.14-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Fri Jun 6 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.14-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1167684 - pam_mount does not mount anything: invalid option -- 'p'
https://bugzilla.redhat.com/show_bug.cgi?id=1167684
[ 2 ] Bug #1161601 - selinux breaks pam_mount umounting from gdm
https://bugzilla.redhat.com/show_bug.cgi?id=1161601
--------------------------------------------------------------------------------
================================================================================
perl-Fsdb-2.53-1.fc20 (FEDORA-2014-16044)
A set of commands for manipulating flat-text databases from the shell
--------------------------------------------------------------------------------
Update Information:
update to 2.53 release
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 26 2014 John Heidemann <johnh at isi.edu> 2.53-1
- See http://www.isi.edu/~johnh/SOFTWARE/FSDB/
--------------------------------------------------------------------------------
================================================================================
perl-Net-Pcap-Easy-1.4209-1.fc20 (FEDORA-2014-15979)
Convenience functions to make Net::Pcap easier to use
--------------------------------------------------------------------------------
Update Information:
Initial release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1166982 - Review Request: perl-Net-Pcap-Easy - Convenience functions to make Net::Pcap easier to use
https://bugzilla.redhat.com/show_bug.cgi?id=1166982
--------------------------------------------------------------------------------
================================================================================
perl-Net-Whois-Raw-2.76-1.fc20 (FEDORA-2014-16028)
Get Whois information for domains
--------------------------------------------------------------------------------
Update Information:
Initial release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1166984 - Review Request: perl-Net-Whois-Raw - Get Whois information for domains
https://bugzilla.redhat.com/show_bug.cgi?id=1166984
--------------------------------------------------------------------------------
================================================================================
perl-Parse-EDID-1.0.6-3.fc20 (FEDORA-2014-16007)
Extended display identification data (EDID) parser
--------------------------------------------------------------------------------
Update Information:
new package
--------------------------------------------------------------------------------
================================================================================
perl-Plack-Middleware-FixMissingBodyInRedirect-0.12-1.fc20 (FEDORA-2014-16008)
Plack::Middleware which sets body for redirect response, if it's not already set
--------------------------------------------------------------------------------
Update Information:
Initial release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1166923 - Review Request: perl-Plack-Middleware-FixMissingBodyInRedirect - Plack::Middleware which sets body for redirect response, if it's not already set
https://bugzilla.redhat.com/show_bug.cgi?id=1166923
--------------------------------------------------------------------------------
================================================================================
php-aws-sdk-2.7.6-1.fc20 (FEDORA-2014-16023)
Amazon Web Services framework for PHP
--------------------------------------------------------------------------------
Update Information:
## 2.7.6 - 2014-11-20
* Added support for AWS KMS integration to the Amazon Redshift Client.
* Fixed cn-north-1 endpoint for AWS Identity and Access Management.
* Updated `S3Client::getBucketLocation` method to work cross-region regardless of the region's signature requirements.
* Fixed an issue with the DynamoDbClient that allows it to work better with with DynamoDB Local.
## 2.7.5 - 2014-11-13
* Added support for AWS Lambda.
* Added support for event notifications to the Amazon S3 client.
* Fixed an issue with S3 pre-signed URLs when using Signature V4.
## 2.7.4 - 2014-11-12
* Added support for the AWS Key Management Service (AWS KMS).
* Added support for AWS CodeDeploy.
* Added support for AWS Config.
* Added support for AWS KMS encryption to the Amazon S3 client.
* Added support for AWS KMS encryption to the Amazon EC2 client.
* Added support for Amazon CloudWatch Logs delivery to the AWS CloudTrail client.
* Added the GetTemplateSummary operation to the AWS CloudFormation client.
* Fixed an issue with sending signature version 4 Amazon S3 requests that contained a 0 length body.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 25 2014 Shawn Iwinski <shawn.iwinski at gmail.com> - 2.7.6-1
- Updated to 2.7.6 (BZ #1164158)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1164158 - php-aws-sdk-2.7.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1164158
--------------------------------------------------------------------------------
================================================================================
phpMyAdmin-4.2.13-1.fc20 (FEDORA-2014-16027)
Handle the administration of MySQL over the World Wide Web
--------------------------------------------------------------------------------
Update Information:
phpMyAdmin 4.2.13.0 (2014-11-30)
================================
- Query history not being deleted
- db/table query string parameters no longer work
- Unseen messages in tracking
- Tracking report export as SQL dump does not work
- Syntax error during db_copy operation
- SELECT permission issues with relations and restricted access
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 30 2014 Robert Scheck <robert at fedoraproject.org> 4.2.13-1
- Upgrade to 4.2.13
--------------------------------------------------------------------------------
================================================================================
pyparsing-2.0.3-1.fc20 (FEDORA-2014-16046)
An object-oriented approach to text processing
--------------------------------------------------------------------------------
Update Information:
This is a bug fix release.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 28 2014 José Matos <jamatos at fedoraproject.org> - 2.0.3-1
- update to 2.0.3
- include the whole documentation set
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.0.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Wed May 14 2014 Bohuslav Kabrda <bkabrda at redhat.com> - 2.0.1-2
- Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4
--------------------------------------------------------------------------------
================================================================================
python-aiohttp-0.10.2-1.fc20 (FEDORA-2014-16034)
A Python HTTP client/server for asyncio
--------------------------------------------------------------------------------
Update Information:
Update to lastest upstream release 0.10.2
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 26 2014 Fabian Affolter <mail at fabian-affolter.ch> - 0.10.2-1
- Update to lastest upstream release 0.10.2
--------------------------------------------------------------------------------
================================================================================
python-larch-1.20131130-1.fc20 (FEDORA-2014-16002)
Python B-tree library
--------------------------------------------------------------------------------
Update Information:
* Serious bug fixed: the "KeyError" crash for reference counts. This
was false memory use optimisation, which triggered a rare bug in
related code. Repeatable test case by Rob Kendrick, and helpful
analysis by Itamar Turing-Trauring.
* Serious bug fixed: another "node missing" bug. This crash was
caused by a bug that overwrote on-disk reference count groups
with zeroes. Repeatable test case by Rob Kendrick.
* Fixes to fsck from Antoine Brenner.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 27 2014 Michel Alexandre Salim <salimma at fedoraproject.org> - 1.20131130-1
- Update to 1.20131130
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1036606 - python-larch-1.20131130 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1036606
--------------------------------------------------------------------------------
================================================================================
python-pymemcache-1.2.5-2.fc20 (FEDORA-2014-16050)
A comprehensive, fast, pure Python memcached client
--------------------------------------------------------------------------------
Update Information:
Packaged pymemcache library
--------------------------------------------------------------------------------
================================================================================
python-tooz-0.9-1.fc20 (FEDORA-2014-16042)
Coordination library for distributed systems
--------------------------------------------------------------------------------
Update Information:
Rebased on 0.9 upstream.
--------------------------------------------------------------------------------
================================================================================
rlwrap-0.42-1.fc20 (FEDORA-2014-16018)
Wrapper for GNU readline
--------------------------------------------------------------------------------
Update Information:
* Added --mirror-arguments (-U) option
* several bug fixes, see CHANGES
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 27 2014 Michel Alexandre Salim <salimma at fedoraproject.org> - 0.42-1
- Update to 0.42
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1136042 - RFE - Please build an EPEL7 release of rlwrap
https://bugzilla.redhat.com/show_bug.cgi?id=1136042
[ 2 ] Bug #1164466 - rlwrap-0.42 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1164466
--------------------------------------------------------------------------------
================================================================================
sip-redirect-0.2.0-1.fc20 (FEDORA-2014-16035)
Tiny IPv4 and IPv6 SIP redirect server written in Perl
--------------------------------------------------------------------------------
Update Information:
sip-redirect 0.2.0
==================
- Changed hard requirement for IPv6 support for perl Socket6 to either perl Socket >= 1.95 or perl Socket6
- Updated the copy of the GNU GPLv2 to reflect new FSF address
- Added support for systemd alternatively to classic initscript
- Ignore spaces around separator characters in configuration file
--------------------------------------------------------------------------------
ChangeLog:
* Sat Nov 29 2014 Robert Scheck <robert at fedoraproject.org> 0.2.0-1
- Upgrade to 0.2.0
* Sun Jun 8 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.1.2-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
supermin-5.1.9-3.fc20 (FEDORA-2014-16038)
Tool for creating supermin appliances
--------------------------------------------------------------------------------
Update Information:
Upstream patch for RHBZ#1168409.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 26 2014 Richard W.M. Jones <rjones at redhat.com> - 5.1.9-3
- Upstream patch for RHBZ#1155586 / RHBZ#1168409.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1168409 - [abrt] supermin: ext2_copy_file(): supermin killed by SIGABRT
https://bugzilla.redhat.com/show_bug.cgi?id=1168409
--------------------------------------------------------------------------------
================================================================================
unzip-6.0-14.fc20 (FEDORA-2014-16041)
A utility for unpacking zip files
--------------------------------------------------------------------------------
Update Information:
- Fix unitialized reads, reported in valgrind, see bug #558738.
- Fix fix broken -X option (keep original user) - never worked before- added patch and option -DIZ_HAVE_UXUIDGID for compilation. See bug #1139053.
Fix wrong output data due to memcpy() overlap.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 27 2014 Petr Stodulka <pstodulk at redhat.com> - 6.0-14
- Fix unitialized reads (#558738)
- Fix fix broken -X option - never worked before. Added -DIZ_HAVE_UXUIDGID
option for compilation.
(#935202)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1139053 - The -X option to unzip has never worked on Unix/Linux.
https://bugzilla.redhat.com/show_bug.cgi?id=1139053
[ 2 ] Bug #558738 - Valgrind reports uninitialized reads in unzip
https://bugzilla.redhat.com/show_bug.cgi?id=558738
[ 3 ] Bug #1161325 - unzip reports crc error and produces incorrect output
https://bugzilla.redhat.com/show_bug.cgi?id=1161325
--------------------------------------------------------------------------------
================================================================================
util-linux-2.24.2-2.fc20 (FEDORA-2014-16016)
A collection of basic system utilities
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2014-9114
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 27 2014 Karel Zak <kzak at redhat.com> 2.24.2-2
- fix #1168490 - CVE-2014-9114 util-linux: command injection flaw in blkid
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1168485 - CVE-2014-9114 util-linux: command injection flaw in blkid
https://bugzilla.redhat.com/show_bug.cgi?id=1168485
--------------------------------------------------------------------------------
================================================================================
xen-4.3.3-6.fc20 (FEDORA-2014-15995)
Xen is a virtual machine monitor
--------------------------------------------------------------------------------
Update Information:
Excessive checking in compatibility mode hypercall argument translation,
Insufficient bounding of "REP MOVS" to MMIO emulated inside the hypervisor,
fix segfaults and failures in xl migrate --debug
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 27 2014 Michael Young <m.a.young at durham.ac.uk> - 4.3.3-6
- Excessive checking in compatibility mode hypercall argument translation
[XSA-111, CVE-2014-8866]
- Insufficient bounding of "REP MOVS" to MMIO emulated inside the hypervisor
[XSA-112, CVE-2014-8867]
- fix segfaults and failures in xl migrate --debug (#1166461)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1166461 - migrate --debug option can lead to Segmentation fault (core dumped)
https://bugzilla.redhat.com/show_bug.cgi?id=1166461
--------------------------------------------------------------------------------
================================================================================
xpa-2.1.15-3.fc20 (FEDORA-2014-16043)
The X Public Access messaging system
--------------------------------------------------------------------------------
Update Information:
xpa now requires xpa-libs, as it should; fixed wrong tcl version
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 27 2014 Sergio Pascual <sergiopr at fedoraproject.org> - 2.1.15-3
- Fix race condition, tools were built before the shared library
* Thu Nov 27 2014 Sergio Pascual <sergiopr at fedoraproject.org> - 2.1.15-2.1
- tcl in f20 is 8.5 (rh bz #1168544)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1168544 - xpa-2.1.15-2 requires unavailable tcl-8.6
https://bugzilla.redhat.com/show_bug.cgi?id=1168544
--------------------------------------------------------------------------------
More information about the test
mailing list