Fedora 20 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Mon Nov 17 06:35:03 UTC 2014
The following Fedora 20 Security updates need testing:
Age URL
199 https://admin.fedoraproject.org/updates/FEDORA-2014-5897/nrpe-2.15-2.fc20
68 https://admin.fedoraproject.org/updates/FEDORA-2014-10451/geary-0.6.3-1.fc20
68 https://admin.fedoraproject.org/updates/FEDORA-2014-10468/icecream-1.0.1-8.20140822git.fc20
52 https://admin.fedoraproject.org/updates/FEDORA-2014-11430/ca-certificates-2014.2.1-1.1.fc20
45 https://admin.fedoraproject.org/updates/FEDORA-2014-11969/krb5-1.11.5-16.fc20
36 https://admin.fedoraproject.org/updates/FEDORA-2014-12699/facter-1.7.6-1.fc20
7 https://admin.fedoraproject.org/updates/FEDORA-2014-14506/oath-toolkit-2.4.1-6.fc20
6 https://admin.fedoraproject.org/updates/FEDORA-2014-14674/drupal7-ckeditor-1.16-2.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2014-14791/mariadb-galera-5.5.40-2.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2014-14898/polarssl-1.2.12-1.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2014-14883/python-pillow-2.2.1-7.fc20
1 https://admin.fedoraproject.org/updates/FEDORA-2014-15108/mantis-1.2.17-4.fc20
1 https://admin.fedoraproject.org/updates/FEDORA-2014-14963/avr-binutils-2.24-3.fc20
1 https://admin.fedoraproject.org/updates/FEDORA-2014-15102/moodle-2.5.9-1.fc20
1 https://admin.fedoraproject.org/updates/FEDORA-2014-14833/arm-none-eabi-binutils-cs-2014.05.28-3.fc20
1 https://admin.fedoraproject.org/updates/FEDORA-2014-15130/kwebkitpart-1.3.4-5.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-15228/libvirt-1.1.3.8-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-15200/kernel-3.17.3-200.fc20
The following Fedora 20 Critical Path updates have yet to be approved:
Age URL
10 https://admin.fedoraproject.org/updates/FEDORA-2014-14389/colord-1.1.8-1.fc20
5 https://admin.fedoraproject.org/updates/FEDORA-2014-14728/xkeyboard-config-2.10.1-3.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2014-14798/device-mapper-persistent-data-0.4.1-2.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2014-14933/pciutils-3.3.0-1.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2014-14964/libtdb-1.3.1-1.fc20
3 https://admin.fedoraproject.org/updates/FEDORA-2014-14861/libpipeline-1.2.4-3.fc20
2 https://admin.fedoraproject.org/updates/FEDORA-2014-15054/perl-Pod-Usage-1.64-2.fc20,perl-Pod-Checker-1.60-292.fc20
2 https://admin.fedoraproject.org/updates/FEDORA-2014-15046/man-db-2.6.5-6.fc20
1 https://admin.fedoraproject.org/updates/FEDORA-2014-15120/dosfstools-3.0.27-1.fc20
0 https://admin.fedoraproject.org/updates/FEDORA-2014-15165/llvm-3.4-10.fc20
The following builds have been pushed to Fedora 20 updates-testing
Zim-0.62-2.fc20
kde-partitionmanager-1.1.0-3.fc20
libvirt-1.1.3.8-1.fc20
mock-1.2.1-1.fc20
php-5.5.19-2.fc20
python-shadowsocks-2.4.3-2.fc20
scummvm-tools-1.7.0-1.fc20
vim-latex-1.8.23-14.20141116.812.gitd0f31c9.fc20
vtun-3.0.3-9.fc20
xscreensaver-5.31-1.fc20
Details about builds:
================================================================================
Zim-0.62-2.fc20 (FEDORA-2014-15222)
Desktop wiki & notekeeper
--------------------------------------------------------------------------------
Update Information:
Backport upstream bzr755 to fix mis-matched gtk and pygtk in Fedora/RHEL
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 16 2014 Robin Lee <cheeselee at fedoraproject.org> - 0.62-2
- Backport upstream bzr755 to fix mis-matched gtk and pygtk in Fedora/RHEL
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1046099 - [abrt] Zim: ipc.py:756:call:ValueError: No such object: <RemoteObject: zim.gui.GtkInterface(file:///home/apjena/Dropbox/ZIM)>
https://bugzilla.redhat.com/show_bug.cgi?id=1046099
--------------------------------------------------------------------------------
================================================================================
kde-partitionmanager-1.1.0-3.fc20 (FEDORA-2014-15223)
KDE Partition Manager
--------------------------------------------------------------------------------
Update Information:
Backport upstream patch to fix detection of devices without partition table.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 16 2014 Mattia Verga <mattia.verga at tiscali.it> - 1.1.0-3
- Fix detection of devices without partition table
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.1.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Thu Jul 10 2014 Rex Dieter <rdieter at fedoraproject.org> 1.1.0-1
- 1.1.0 release, improve scriptlets/kde4 macro usage, include translations
* Sun Jun 8 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.0.3-14.20130815svn
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1086351 - kde-partitionmanager fails to see any devices after the first one
https://bugzilla.redhat.com/show_bug.cgi?id=1086351
--------------------------------------------------------------------------------
================================================================================
libvirt-1.1.3.8-1.fc20 (FEDORA-2014-15228)
Library providing a simple virtualization API
--------------------------------------------------------------------------------
Update Information:
* Rebased to version 1.1.3.8
* CVE-2014-3633: out-of-bounds read in blockiotune (bz #1160823)
* CVE-2014-3657: Potential deadlock in domain_conf (bz #1160824)
* CVE-2014-7823: information leak with migratable flag (bz #1160822)
--------------------------------------------------------------------------------
ChangeLog:
* Sat Nov 15 2014 Cole Robinson <crobinso at redhat.com> - 1.1.3.8-1
- Rebased to version 1.1.3.8
- CVE-2014-3633: out-of-bounds read in blockiotune (bz #1160823)
- CVE-2014-3657: Potential deadlock in domain_conf (bz #1160824)
- CVE-2014-7823: information leak with migratable flag (bz #1160822)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1141131 - CVE-2014-3633 libvirt: qemu: out-of-bounds read access in qemuDomainGetBlockIoTune() due to invalid index
https://bugzilla.redhat.com/show_bug.cgi?id=1141131
[ 2 ] Bug #1145667 - CVE-2014-3657 libvirt: domain_conf: domain deadlock DoS
https://bugzilla.redhat.com/show_bug.cgi?id=1145667
[ 3 ] Bug #1160817 - CVE-2014-7823 libvirt: dumpxml: information leak with migratable flag
https://bugzilla.redhat.com/show_bug.cgi?id=1160817
--------------------------------------------------------------------------------
================================================================================
mock-1.2.1-1.fc20 (FEDORA-2014-15217)
Builds packages inside chroots
--------------------------------------------------------------------------------
Update Information:
Bump in plugin ABI.
New LVM plugin.
Nosync for better IO performance.
DNF support.
Printing more useful output on terminal.
Concurrent shell acces to buildroot.
Executing package management commands.
--enablerepo and --disablerepo options
Short circuit options.
Automatic initialization.
Python 3 support.
Experimental support for building using systemd-nspawn.
Accept path as config.
New compress_logs plugin.
And lots of bugfixes.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Nov 15 2014 Miroslav Suchý <msuchy at redhat.com> - 1.2.1-1
- allow mockchain to accept path as config
- end yum's installroot path with a slash [RHBZ#1160428]
- add --mount option [RHBZ#1162637]
- add some missing bash completation strings
- run --shell as root with --new-chroot
- Don't fail scrub when there's no pool [RHBZ#1162631]
- Globbing and tilde expansion
- move restoring priviledges to finally [RHBZ#1162720]
- Remove "Buildroot must be already initialized" note
- Add missing --print-root-path to manpage
- Do not print ANSI escape characters into log [RHBZ#1163037]
- in site-defaults.cfg initialize dictionary of plugins [RHBZ#1162595]
- Disable empty names and values in config_opts[macros] [RHBZ#1160765]
- Disable single macros in -D cmd option [RHBZ#1160765]
- rpmbuild is in /usr/bin [RHBZ#1161112]
- man page for --macro-file [RHBZ#1160326]
- Added option [--macro-file] to support external rpm macros file [RHBZ#1160326]
- Don't output installation/build output when redirected
- Better log message for intial buildroot installation
- Be more specific when installing configs
- Install into correct sitelib when using Python 3
- Fix nosync on aarch64
- wrap all remaining getcwd() [RHBZ#1159300]
- do not use rpm in %post scriptlet [RHBZ#1131279]
- Fix unclear legal host output [RHBZ#1159794]
- allow running from directory, which is deleted [RHBZ#1159300]
- create compress_logs plugin [RHBZ#1100923]
- when default.cfg exists create default.cfg.rpmnew [RHBZ#1085308]
- accept paths to target definition files [RHBZ#1126117]
- set title bar in xterm [RHBZ#1126235]
- pass --enablerepo/--disablerepo to yum in the same order as provided to mock [RHBZ#1154604]
- Fix incorrect printing of binary strings on py3
- Add missing Requires rpm-python3
- Don't print Yum and build output when quiet
- Prevent output being printed twice with --verbose (rhbz#1152971)
- Fix printing non-ascii characters with output redirected (rhbz#1152952)
- replace urlgrabber by python-requests
- use python3 for Fedora22+
- Don't print we're doing rpmbuild -bb, when it may not be true
- 'prep' choice missing in short-circuit option parser
- Don't execute prebuild in short-circuit mode
* Thu Oct 9 2014 Miroslav Suchý <msuchy at redhat.com> - 1.2.0-1
- update configs for secondary architecture (Dan Horák)
- caching of buildroots using LVM (Michael Simacek)
- add support for DNF (Michael Simacek)
- initial porting to python3 (Michael Simacek)
- new config option nosync (Michael Simacek)
- add CentOS extra repository [BZ# 1108402]
- correctly create default.cfg on arm [BZ# 1033786]
- postpone loading of rpm after chroot is set [BZ# 1111147]
- use systemd-nspawn instead of chroot [RHBZ# 1132762]
- in --copyout do not fail on symlinks [BZ# 971474]
- allow to short circuit to prep phase [BZ# 966985]
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1160428 - mock 1.2.0 tries to install f21 packages in f19 chroot
https://bugzilla.redhat.com/show_bug.cgi?id=1160428
[ 2 ] Bug #1162637 - Provide --umount counterpart for LVM plugin
https://bugzilla.redhat.com/show_bug.cgi?id=1162637
[ 3 ] Bug #1162631 - With LVM plugin enabled, I can't scrub traditional directories
https://bugzilla.redhat.com/show_bug.cgi?id=1162631
[ 4 ] Bug #1162720 - --copyout prints confusing errors when the copied file doesn't exist
https://bugzilla.redhat.com/show_bug.cgi?id=1162720
[ 5 ] Bug #1163037 - Do not print ANSI escape characters into log
https://bugzilla.redhat.com/show_bug.cgi?id=1163037
[ 6 ] Bug #1162595 - lvm_root_opts options in site-defaults.cfg don't work
https://bugzilla.redhat.com/show_bug.cgi?id=1162595
[ 7 ] Bug #1160765 - empty and single values for rpm macros in mock cfg file and cmd option
https://bugzilla.redhat.com/show_bug.cgi?id=1160765
[ 8 ] Bug #1161112 - pre-UsrMove profiles stopped working after update of mock
https://bugzilla.redhat.com/show_bug.cgi?id=1161112
[ 9 ] Bug #1160326 - mock new command line option --macro-file for defining rpm macros file
https://bugzilla.redhat.com/show_bug.cgi?id=1160326
[ 10 ] Bug #1159300 - running mock from chroot path directory produces "error retrieving current directory: getcwd"
https://bugzilla.redhat.com/show_bug.cgi?id=1159300
[ 11 ] Bug #1131279 - mock package has a questionable scriptlet, leading to errors about rpm db version mismatch
https://bugzilla.redhat.com/show_bug.cgi?id=1131279
[ 12 ] Bug #1159794 - invalid legal_host_arches option can cause unclear output
https://bugzilla.redhat.com/show_bug.cgi?id=1159794
[ 13 ] Bug #1100923 - RFE: compress mock build logs when done building
https://bugzilla.redhat.com/show_bug.cgi?id=1100923
[ 14 ] Bug #1085308 - mock: User configuration is lost during update
https://bugzilla.redhat.com/show_bug.cgi?id=1085308
[ 15 ] Bug #1126117 - Mock should accept paths to target definition files
https://bugzilla.redhat.com/show_bug.cgi?id=1126117
[ 16 ] Bug #1126235 - PROMPT_COMMAND does not include required escape codes
https://bugzilla.redhat.com/show_bug.cgi?id=1126235
[ 17 ] Bug #1154604 - mock: enablerepo doesn't work if used after disablerepo
https://bugzilla.redhat.com/show_bug.cgi?id=1154604
[ 18 ] Bug #1152971 - Verbose mode is repeating lines
https://bugzilla.redhat.com/show_bug.cgi?id=1152971
[ 19 ] Bug #1152952 - [mock] UnicodeEncodeError: 'ascii' codec can't encode characters in position 6-7: ordinal not in range(128)
https://bugzilla.redhat.com/show_bug.cgi?id=1152952
--------------------------------------------------------------------------------
================================================================================
php-5.5.19-2.fc20 (FEDORA-2014-15061)
PHP scripting language for creating dynamic web sites
--------------------------------------------------------------------------------
Update Information:
13 Nov 2014, PHP 5.5.19
Core:
* Fixed bug #68095 (AddressSanitizer reports a heap buffer overflow in php_getopt()). (Stas)
* Fixed bug #68118 ($a->foo .= 'test'; can leave $a->foo undefined). (Nikita)
* Fixed bug #68129 (parse_url() - incomplete support for empty usernames and passwords) (Tjerk)
* Fixed bug #68365 (zend_mm_heap corrupted after memory overflow in zend_hash_copy). (Dmitry)
Fileinfo:
* Fixed bug #66242 (libmagic: don't assume char is signed). (ArdB)
* Fixed bug #68283 (fileinfo: out-of-bounds read in elf note headers). (CVE-2014-3710) (Remi)
FPM:
* Implemented FR #55508 (listen and listen.allowed_clients should take IPv6 addresses). (Robin Gloster)
GD:
* Fixed bug #65171 (imagescale() fails without height param). (Remi)
GMP:
* Fixed bug #63595 (GMP memory management conflicts with other libraries using GMP). (Remi)
Mysqli:
* Fixed bug #68114 (linker error on some OS X machines with fixed width decimal support) (Keyur Govande)
ODBC:
* Fixed bug #68087 (ODBC not correctly reading DATE column when preceded by a VARCHAR column) (Keyur Govande)
SPL:
* Fixed bug #68128 (Regression in RecursiveRegexIterator) (Tjerk)
CURL:
* Add CURL_SSLVERSION_TLSv1_0, CURL_SSLVERSION_TLSv1_1, and CURL_SSLVERSION_TLSv1_2 constants if supported by libcurl (Rasmus)
Backported from 5.5.20
FPM:
* Fixed bug #68420 (listen=9000 listens to ipv6 localhost instead of all addresses). (Remi)
* Fixed bug #68421 (access.format='%R' doesn't log ipv6 address). (Remi)
* Fixed bug #68423 (PHP-FPM will no longer load all pools). (Remi)
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 16 2014 Remi Collet <remi at fedoraproject.org> 5.5.19-2
- FPM: add upstream patch for https://bugs.php.net/68421
access.format=R doesn't log ipv6 address
- FPM: add upstream patch for https://bugs.php.net/68420
listen=9000 listens to ipv6 localhost instead of all addresses
- FPM: add upstream patch for https://bugs.php.net/68423
will no longer load all pools
* Thu Nov 13 2014 Remi Collet <remi at fedoraproject.org> 5.5.19-1
- Update to 5.5.19
http://www.php.net/releases/5_5_19.php
- new version of systzdata patch, fix case sensitivity
--------------------------------------------------------------------------------
================================================================================
python-shadowsocks-2.4.3-2.fc20 (FEDORA-2014-15243)
A fast tunnel proxy that help you get through firewalls
--------------------------------------------------------------------------------
Update Information:
Upstream release with python3 support
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 16 2014 Robin Lee <cheeselee at fedoraproject.org> - 2.4.3-2
- Build a subpackage for python3
* Sun Nov 16 2014 Robin Lee <cheeselee at fedoraproject.org> - 2.4.3-1
- Update to 2.4.3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1143001 - python-shadowsocks-2.4.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1143001
--------------------------------------------------------------------------------
================================================================================
scummvm-tools-1.7.0-1.fc20 (FEDORA-2014-15218)
Tools for scummVM / S.C.U.M.M scripting language
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 12 2014 Christian Krause <chkr at fedoraproject.org> - 1.7.0-1
- new upstream release
--------------------------------------------------------------------------------
================================================================================
vim-latex-1.8.23-14.20141116.812.gitd0f31c9.fc20 (FEDORA-2014-15241)
Tools to view, edit and compile LaTeX documents in Vim
--------------------------------------------------------------------------------
Update Information:
New upstream release with several bug fixes and appdata support.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 16 2014 Till Maas <opensource at till.name> - 1.8.23-14.20141116.812.gitd0f31c9
- Update to new release
* Sun Jun 8 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.8.23-13.20130116.788.git2ef9956
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1128816 - Add Addon metadata for GNOME Software to vim-latex
https://bugzilla.redhat.com/show_bug.cgi?id=1128816
[ 2 ] Bug #1163518 - LaTeX-suite clobbers the "a" macro
https://bugzilla.redhat.com/show_bug.cgi?id=1163518
--------------------------------------------------------------------------------
================================================================================
vtun-3.0.3-9.fc20 (FEDORA-2014-15231)
Virtual tunnel over TCP/IP networks
--------------------------------------------------------------------------------
Update Information:
added /etc/sysconfig/vtun environment file; updated unit files
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 14 2014 Gabriel Somlo <somlo at cmu.edu> 3.0.3-9
- added /etc/sysconfig/vtun environment file
- updated unit files
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.0.3-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sun Jun 8 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.0.3-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
xscreensaver-5.31-1.fc20 (FEDORA-2014-15229)
X screen saver and locker
--------------------------------------------------------------------------------
Update Information:
New version 5.31 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Nov 16 2014 Mamoru TASAKA <mtasaka at fedoraproject.org> - 1:5.31-1
- Update to 5.31
--------------------------------------------------------------------------------
More information about the test
mailing list