Fedora 20 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Mon Dec 22 02:42:56 UTC 2014
The following Fedora 20 Security updates need testing:
Age URL
79 https://admin.fedoraproject.org/updates/FEDORA-2014-11969/krb5-1.11.5-16.fc20
32 https://admin.fedoraproject.org/updates/FEDORA-2014-15371/rubygem-actionpack-4.0.0-5.fc20
31 https://admin.fedoraproject.org/updates/FEDORA-2014-15489/rubygem-sprockets-2.8.2-5.fc20
17 https://admin.fedoraproject.org/updates/FEDORA-2014-16250/cpio-2.11-28.fc20
16 https://admin.fedoraproject.org/updates/FEDORA-2014-16357/pyxdg-0.25-5.fc20
14 https://admin.fedoraproject.org/updates/FEDORA-2014-16459/gpgme-1.3.2-5.fc20
9 https://admin.fedoraproject.org/updates/FEDORA-2014-16572/links-2.8-4.fc20
9 https://admin.fedoraproject.org/updates/FEDORA-2014-16626/qemu-1.6.2-12.fc20
9 https://admin.fedoraproject.org/updates/FEDORA-2014-16494/mutt-1.5.23-4.fc20
8 https://admin.fedoraproject.org/updates/FEDORA-2014-16845/resteasy-3.0.6-3.fc20
8 https://admin.fedoraproject.org/updates/FEDORA-2014-16825/asterisk-11.14.2-1.fc20
8 https://admin.fedoraproject.org/updates/FEDORA-2014-16869/docker-io-1.4.0-1.fc20
8 https://admin.fedoraproject.org/updates/FEDORA-2014-16854/freetype-2.5.0-7.fc20
8 https://admin.fedoraproject.org/updates/FEDORA-2014-16932/libhtp-0.5.6-2.fc20
8 https://admin.fedoraproject.org/updates/FEDORA-2014-16838/rpm-4.11.3-2.fc20
6 https://admin.fedoraproject.org/updates/FEDORA-2014-16964/mpfr-3.1.2-5.fc20
4 https://admin.fedoraproject.org/updates/FEDORA-2014-17067/denyhosts-2.6-29.fc20.1
3 https://admin.fedoraproject.org/updates/FEDORA-2014-17107/ettercap-0.8.1-2.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2014-16530/nss-util-3.17.3-1.fc20,nss-3.17.3-2.fc20,nss-softokn-3.17.3-1.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2014-17153/httpd-2.4.10-2.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2014-17219/seamonkey-2.31-1.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2014-17222/subversion-1.8.11-1.fc20
2 https://admin.fedoraproject.org/updates/FEDORA-2014-16349/jasper-1.900.1-27.fc20
2 https://admin.fedoraproject.org/updates/FEDORA-2014-17245/mailx-12.5-11.fc20
2 https://admin.fedoraproject.org/updates/FEDORA-2014-17228/mediawiki-1.23.8-1.fc20
2 https://admin.fedoraproject.org/updates/FEDORA-2014-17229/php-5.5.20-2.fc20
2 https://admin.fedoraproject.org/updates/FEDORA-2014-17272/ca-certificates-2014.2.2-1.0.fc20
2 https://admin.fedoraproject.org/updates/FEDORA-2014-17274/mingw-jasper-1.900.1-25.fc20
1 https://admin.fedoraproject.org/updates/FEDORA-2014-17303/libssh-0.6.4-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-17415/thermostat-1.0.6-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-17089/aeskulap-0.2.2-0.20beta1.fc20,orthanc-0.8.5-2.fc20,dcmtk-3.6.1-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-17461/roundcubemail-1.0.4-2.fc20
The following Fedora 20 Critical Path updates have yet to be approved:
Age URL
8 https://admin.fedoraproject.org/updates/FEDORA-2014-16810/ppp-2.4.5-35.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2014-16530/nss-util-3.17.3-1.fc20,nss-3.17.3-2.fc20,nss-softokn-3.17.3-1.fc20
2 https://admin.fedoraproject.org/updates/FEDORA-2014-17287/btrfs-progs-3.17.3-1.fc20
2 https://admin.fedoraproject.org/updates/FEDORA-2014-16705/ibus-1.5.9-8.fc20
2 https://admin.fedoraproject.org/updates/FEDORA-2014-16349/jasper-1.900.1-27.fc20
The following builds have been pushed to Fedora 20 updates-testing
4Pane-3.0-5.fc20
aeskulap-0.2.2-0.20beta1.fc20
dcmtk-3.6.1-1.fc20
git-review-1.24-3.fc20
mdds-0.11.2-1.fc20
musique-1.4-1.fc20
nemo-2.4.4-2.fc20
orthanc-0.8.5-2.fc20
owncloud-7.0.4-2.fc20
php-google-apiclient-1.0.6-0.3.beta.fc20
phpMyAdmin-4.3.3-1.fc20
python-tilestache-1.49.11-3.fc20
roundcubemail-1.0.4-2.fc20
rubygem-domain_name-0.5.23-1.fc20
scidavis-1.D8-6.fc20
subsurface-4.3-1.fc20
waffle-1.5.0-1.fc20
Details about builds:
================================================================================
4Pane-3.0-5.fc20 (FEDORA-2014-17438)
Multi-pane, detailed-list file manager
--------------------------------------------------------------------------------
Update Information:
Include man page
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 21 2014 Mamoru TASAKA <mtasaka at fedoraproject.org> - 3.0-5
- Add man page, appdata (on F-21+)
--------------------------------------------------------------------------------
================================================================================
aeskulap-0.2.2-0.20beta1.fc20 (FEDORA-2014-17089)
A full open source replacement for commercially available DICOM viewers
--------------------------------------------------------------------------------
Update Information:
This upgrade to latest upstream snapshot fixes a setuid vulnerability.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 16 2014 Mario Ceresa <mrceresa AT fedoraproject DOT org> - 0.2.2-0.20beta1
- Bump up for dcmtk rebuild
* Fri Aug 15 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.2.2-0.19beta1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.2.2-0.18beta1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1104041 - CVE-2013-6825 dcmtk: possible privilege escalation if setuid() fails [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1104041
--------------------------------------------------------------------------------
================================================================================
dcmtk-3.6.1-1.fc20 (FEDORA-2014-17089)
Offis DICOM Toolkit (DCMTK)
--------------------------------------------------------------------------------
Update Information:
This upgrade to latest upstream snapshot fixes a setuid vulnerability.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 15 2014 Mario Ceresa <mrceresa AT fedoraproject DOT org> - 3.6.1-1
- Upgraded to new upstream version.
- Various fixes to the specfile
- Fixes CVE-2013-6825 dcmtk: possible privilege escalation if setuid() fails
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.6.0-18
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.6.0-17
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1104041 - CVE-2013-6825 dcmtk: possible privilege escalation if setuid() fails [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1104041
--------------------------------------------------------------------------------
================================================================================
git-review-1.24-3.fc20 (FEDORA-2014-17459)
A Git helper for integration with Gerrit
--------------------------------------------------------------------------------
Update Information:
This update corrects an unreadable manpage.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 11 2014 Pete Zaitcev <zaitcev at redhat.com> - 1.24-3
- Fix up the man page (#1170410)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1170410 - git-review's man page needs help
https://bugzilla.redhat.com/show_bug.cgi?id=1170410
--------------------------------------------------------------------------------
================================================================================
mdds-0.11.2-1.fc20 (FEDORA-2014-17447)
A collection of multi-dimensional data structures and indexing algorithms
--------------------------------------------------------------------------------
Update Information:
new upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 21 2014 David Tardon <dtardon at redhat.com> - 0.11.2-1
- new upstream release
--------------------------------------------------------------------------------
================================================================================
musique-1.4-1.fc20 (FEDORA-2014-17446)
A music player designed by and for people that love music
--------------------------------------------------------------------------------
Update Information:
Updated to new upstream version 1.4
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 20 2014 Germán A. Racca <skytux at fedoraproject.org> - 1.4-1
- Updated to new upstream version 1.4
- Re-created patch to use system qtsingleapplication
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.3-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Wed Aug 13 2014 Rex Dieter <rdieter at fedoraproject.org> 1.3-3
- rebuild (qt/phonon)
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
nemo-2.4.4-2.fc20 (FEDORA-2014-17434)
File manager for Cinnamon
--------------------------------------------------------------------------------
Update Information:
- add patch to fix nemo desktop font colour\r\n- raise thunbnail file size limit
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 21 2014 Leigh Scott <leigh123linux at googlemail.com> - 2.4.4-2
- add patch to fix nemo desktop font colour
- raise thunbnail file size limit
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1176370 - "Adwaita" default gtk-theme results in incorrect title bar and desktop icon text colors
https://bugzilla.redhat.com/show_bug.cgi?id=1176370
--------------------------------------------------------------------------------
================================================================================
orthanc-0.8.5-2.fc20 (FEDORA-2014-17089)
RESTful DICOM server for healthcare and medical research
--------------------------------------------------------------------------------
Update Information:
This upgrade to latest upstream snapshot fixes a setuid vulnerability.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 16 2014 Mario Ceresa <mrceresa at gmail.com> 0.8.5-2
- Rebuild for dcmtk update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1104041 - CVE-2013-6825 dcmtk: possible privilege escalation if setuid() fails [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1104041
--------------------------------------------------------------------------------
================================================================================
owncloud-7.0.4-2.fc20 (FEDORA-2014-17441)
Private file sync and share server
--------------------------------------------------------------------------------
Update Information:
This update backports ownCloud support for v1.x of the Google API PHP library (plus some associated bug fixes) from upstream (it will be a part of the 8.x upstream release series), and drops ownCloud's bundled copy of the 0.6 version of the library. The update to the library package itself is a minor one which simply provides a new dependency according to the packaging guidelines.\r\n\r\nThe 0.6 version of the library is deprecated and has been for some time, and bundling is to be avoided when possible. There are many bug fixes in v1.x of the library compared to 0.6, and combined with the bug fixes to ownCloud's integration code, this update should substantially improve the experience of using Google Drive as an external storage provider with the Fedora ownCloud packages.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 20 2014 Adam Williamson <awilliam at redhat.com> - 7.0.4-2
- backport upstream support for google PHP lib 1.x and unbundle it
* Tue Dec 9 2014 Adam Williamson <awilliam at redhat.com> - 7.0.4-1
- new release 7.0.4
--------------------------------------------------------------------------------
================================================================================
php-google-apiclient-1.0.6-0.3.beta.fc20 (FEDORA-2014-17441)
Client library for Google APIs
--------------------------------------------------------------------------------
Update Information:
This update backports ownCloud support for v1.x of the Google API PHP library (plus some associated bug fixes) from upstream (it will be a part of the 8.x upstream release series), and drops ownCloud's bundled copy of the 0.6 version of the library. The update to the library package itself is a minor one which simply provides a new dependency according to the packaging guidelines.\r\n\r\nThe 0.6 version of the library is deprecated and has been for some time, and bundling is to be avoided when possible. There are many bug fixes in v1.x of the library compared to 0.6, and combined with the bug fixes to ownCloud's integration code, this update should substantially improve the experience of using Google Drive as an external storage provider with the Fedora ownCloud packages.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 20 2014 Adam Williamson <awilliam at redhat.com> - 1.0.6-0.3.beta
- use new ASL 2.0 directory
- add Packagist/Composer provide
* Fri Nov 7 2014 Adam Williamson <awilliam at redhat.com> - 1.0.6-0.2.beta
- apply CA trust store path substitution to Curl as well as Stream
* Fri Nov 7 2014 Adam Williamson <awilliam at redhat.com> - 1.0.6-0.1.beta
- new upstream release 1.0.6-beta
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.0.3-0.3.beta
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
phpMyAdmin-4.3.3-1.fc20 (FEDORA-2014-17440)
Handle the administration of MySQL over the World Wide Web
--------------------------------------------------------------------------------
Update Information:
phpMyAdmin 4.3.3.0 (2014-12-21)\r\n===============================\r\n\r\n - The "Recently used tables" setting should be with Nav panel\r\n - Can't disable Favorites\r\n - Version Check Broken\r\n - AJAX request infinite loop\r\n - Attributes field size smaller than others\r\n - Cannot remove table ordering on a Mac\r\n - Fix initial replication configuration\r\n - Undefined index central_columnswork\r\n - Don't have default blowfish_secret\r\n - Some error popups fade away too quickly\r\n - Consistency in borders\r\n - $cfg['Error_Handler']['display'] no longer necessary\r\n - Leading and trailing whitespace in column name
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 21 2014 Robert Scheck <robert at fedoraproject.org> 4.3.3-1
- Upgrade to 4.3.3
* Fri Dec 12 2014 Robert Scheck <robert at fedoraproject.org> 4.3.2-1
- Upgrade to 4.3.2
* Thu Dec 11 2014 Robert Scheck <robert at fedoraproject.org> 4.3.1-2
- Use %{pkgname} rather %{name} in %post scriptlet (#1173189)
--------------------------------------------------------------------------------
================================================================================
python-tilestache-1.49.11-3.fc20 (FEDORA-2014-17433)
A stylish alternative for caching your map tiles
--------------------------------------------------------------------------------
Update Information:
New package python-tilestache
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1147356 - Review Request: python-tilestache - A stylish alternative for caching your map tiles
https://bugzilla.redhat.com/show_bug.cgi?id=1147356
--------------------------------------------------------------------------------
================================================================================
roundcubemail-1.0.4-2.fc20 (FEDORA-2014-17461)
Round Cube Webmail is a browser-based multilingual IMAP client
--------------------------------------------------------------------------------
Update Information:
This update provides Roundcube 1.0.4. This is a stable security update: the security fix is described by upstream as "Fix possible CSRF attacks to some address book operations as well as to the ACL and Managesieve plugins." More details on the update are available at http://roundcube.net/news/2014/12/18/update-1.0.4-released/ . The update should apply without any special handling by the system administrator.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 20 2014 Adam Williamson <awilliam at redhat.com> - 1.0.4-2
- drop tinymce bbcode plugin for safety (CVE-2012-4230)
* Sat Dec 20 2014 Adam Williamson <awilliam at redhat.com> - 1.0.4-1
- new release 1.0.4 (security update)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1091438 - CVE-2012-4230 tinymce: XSS attacks via security policy bypass
https://bugzilla.redhat.com/show_bug.cgi?id=1091438
--------------------------------------------------------------------------------
================================================================================
rubygem-domain_name-0.5.23-1.fc20 (FEDORA-2014-17464)
Domain Name manipulation library for Ruby
--------------------------------------------------------------------------------
Update Information:
New version 0.5.23 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Dec 21 2014 Mamoru TASAKA <mtasaka at fedoraproject.org> - 0.5.23-1
- 0.5.23
--------------------------------------------------------------------------------
================================================================================
scidavis-1.D8-6.fc20 (FEDORA-2014-17460)
Application for Scientific Data Analysis and Visualization
--------------------------------------------------------------------------------
Update Information:
Add scidavis to Fedora, added find_lang macro missing in release 5
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1127636 - Review Request: scidavis - Application for Scientific Data Analysis and Visualization
https://bugzilla.redhat.com/show_bug.cgi?id=1127636
--------------------------------------------------------------------------------
================================================================================
subsurface-4.3-1.fc20 (FEDORA-2014-17437)
A feature-full divelog in Qt
--------------------------------------------------------------------------------
Update Information:
Updates subsurface to 4.3
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 20 2014 Pierre-Yves Chibon <pingou at pingoured.fr> - 4.3
- Update to 4.3
--------------------------------------------------------------------------------
================================================================================
waffle-1.5.0-1.fc20 (FEDORA-2014-17451)
Platform independent GL API layer
--------------------------------------------------------------------------------
Update Information:
1.5.0 release
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 16 2014 Dave Airlie <airlied at redhat.com> 1.5.0-1
- 1.5.0 release
--------------------------------------------------------------------------------
More information about the test
mailing list