Fedora 21 updates-testing report
updates at fedoraproject.org
updates at fedoraproject.org
Fri Feb 6 04:05:29 UTC 2015
The following Fedora 21 Security updates need testing:
Age URL
79 https://admin.fedoraproject.org/updates/FEDORA-2014-15342/rubygem-actionpack-4.1.5-2.fc21
77 https://admin.fedoraproject.org/updates/FEDORA-2014-15413/rubygem-sprockets-2.12.1-3.fc21
55 https://admin.fedoraproject.org/updates/FEDORA-2014-16782/mutt-1.5.23-7.fc21
54 https://admin.fedoraproject.org/updates/FEDORA-2014-16833/asterisk-11.14.2-1.fc21
49 https://admin.fedoraproject.org/updates/FEDORA-2014-17195/httpd-2.4.10-15.fc21
46 https://admin.fedoraproject.org/updates/FEDORA-2014-17139/aeskulap-0.2.2-0.20beta1.fc21,orthanc-0.8.5-2.fc21,dcmtk-3.6.1-1.fc21
42 https://admin.fedoraproject.org/updates/FEDORA-2014-17567/mapserver-6.2.2-1.fc21
40 https://admin.fedoraproject.org/updates/FEDORA-2014-17635/dokuwiki-0-0.23.20140929b.fc21
30 https://admin.fedoraproject.org/updates/FEDORA-2015-0264/gcab-0.4-7.fc21
24 https://admin.fedoraproject.org/updates/FEDORA-2015-0594/strongswan-5.2.2-1.fc21
22 https://admin.fedoraproject.org/updates/FEDORA-2015-0620/chicken-4.9.0.1-3.fc21
19 https://admin.fedoraproject.org/updates/FEDORA-2015-0754/arc-5.21p-5.fc21
16 https://admin.fedoraproject.org/updates/FEDORA-2015-0938/android-tools-20141219git8393e50-2.fc21
15 https://admin.fedoraproject.org/updates/FEDORA-2015-1023/dump-0.4-0.24.b44.fc21
11 https://admin.fedoraproject.org/updates/FEDORA-2015-1062/jasper-1.900.1-30.fc21
6 https://admin.fedoraproject.org/updates/FEDORA-2015-1419/mantis-1.2.19-1.fc21
6 https://admin.fedoraproject.org/updates/FEDORA-2015-1467/openstack-glance-2014.1.3-4.fc21
6 https://admin.fedoraproject.org/updates/FEDORA-2015-1465/websvn-2.3.3-8.fc21
5 https://admin.fedoraproject.org/updates/FEDORA-2015-1488/pigz-2.3.3-1.fc21
2 https://admin.fedoraproject.org/updates/FEDORA-2015-1570/qpid-cpp-0.30-9.fc21
1 https://admin.fedoraproject.org/updates/FEDORA-2015-1632/virt-who-0.8-11.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-1708/puppetlabs-stdlib-4.5.1-2.20150121git7a91f20.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-1736/ntp-4.2.6p5-27.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-1713/bugzilla-4.4.8-1.fc21.1
0 https://admin.fedoraproject.org/updates/FEDORA-2015-1751/moodle-2.7.5-1.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-1745/postgresql-9.3.6-1.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-1733/perl-Gtk2-1.2495-1.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-1772/roundcubemail-1.0.5-1.fc21
The following Fedora 21 Critical Path updates have yet to be approved:
Age URL
11 https://admin.fedoraproject.org/updates/FEDORA-2015-1091/perl-Filter-1.54-1.fc21
11 https://admin.fedoraproject.org/updates/FEDORA-2015-1152/imlib2-1.4.6-3.fc21
11 https://admin.fedoraproject.org/updates/FEDORA-2015-1062/jasper-1.900.1-30.fc21
10 https://admin.fedoraproject.org/updates/FEDORA-2015-1254/rygel-0.24.3-1.fc21
6 https://admin.fedoraproject.org/updates/FEDORA-2015-1456/perl-Getopt-Long-2.43-1.fc21
6 https://admin.fedoraproject.org/updates/FEDORA-2015-1454/perl-Pod-Simple-3.29-1.fc21
6 https://admin.fedoraproject.org/updates/FEDORA-2015-1436/koji-1.9.0-10.fc21.gitcd45e886
5 https://admin.fedoraproject.org/updates/FEDORA-2015-1488/pigz-2.3.3-1.fc21
2 https://admin.fedoraproject.org/updates/FEDORA-2015-1597/bind-9.9.6-7.P1.fc21
1 https://admin.fedoraproject.org/updates/FEDORA-2015-1669/highlight-3.21-1.fc21
1 https://admin.fedoraproject.org/updates/FEDORA-2015-1662/sqlite-3.8.8-2.fc21
1 https://admin.fedoraproject.org/updates/FEDORA-2015-1641/perl-version-0.99.12-1.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-1725/perl-Encode-2.70-1.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-1768/selinux-policy-3.13.1-105.3.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-1763/systemd-216-18.fc21
0 https://admin.fedoraproject.org/updates/FEDORA-2015-1769/xorg-x11-drv-synaptics-1.8.1-3.fc21
The following builds have been pushed to Fedora 21 updates-testing
389-ds-base-1.3.3.8-1.fc21
389-ds-console-1.2.9-1.fc21
RackTables-0.20.10-1.fc21
claws-mail-3.11.1-6.fc21
cln-1.3.4-1.fc21
csvcat-0.1-20141205git858edfe.fc21
dnf-langpacks-0.7.0-2.fc21
dovecot-2.2.15-3.fc21
fdm-1.8-1.fc21
gammaray-2.2.1-3.fc21
gedit-3.14.3-1.fc21
idm-console-framework-1.1.9-1.fc21
kf5-kguiaddons-5.6.0-2.fc21
minised-1.15-1.fc21
moodle-2.7.5-1.fc21
ntp-4.2.6p5-27.fc21
open-vm-tools-9.4.6-6.fc21
openbabel-2.3.2-11.fc21
perl-Encode-2.70-1.fc21
perl-Gtk2-1.2495-1.fc21
pgp-tools-1.1.12-2.fc21
php-pecl-mongo-1.6.1-1.fc21
postgresql-9.3.6-1.fc21
publicsuffix-list-20150204-1.fc21
python-paho-mqtt-1.1-1.fc21
python-sphinx-1.2.3-1.fc21
roundcubemail-1.0.5-1.fc21
rpcbind-0.2.2-2.1.fc21
rubygem-hoe-3.13.1-1.fc21
rubygem-isolate-3.3.1-1.fc21
rubygem-marc-1.0.0-1.fc21
s3cmd-1.5.1.2-4.fc21
selinux-policy-3.13.1-105.3.fc21
systemd-216-18.fc21
xorg-x11-drv-synaptics-1.8.1-3.fc21
Details about builds:
================================================================================
389-ds-base-1.3.3.8-1.fc21 (FEDORA-2015-1741)
389 Directory Server (base)
--------------------------------------------------------------------------------
Update Information:
release 1.3.3.8
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 4 2015 Noriko Hosoi <nhosoi at redhat.com> - 1.3.3.8-1
- bump version to 1.3.3.8
- Ticket 48001 - ns-activate.pl fails to activate account if it was disabled on AD
- Ticket 47963 - memberof skip nested groups breaks the plugin
* Wed Jan 28 2015 Noriko Hosoi <nhosoi at redhat.com> - 1.3.3.7-2
- removed USE_64=1 which is not used any more.
* Wed Jan 28 2015 Noriko Hosoi <nhosoi at redhat.com> - 1.3.3.7-1
- bump version to 1.3.3.7
- Coverity 12970 - Explicit null dereference
- Ticket 47988: Schema learning mechanism, in replication, unable to extend an existing definition
- Ticket 47996 - ldclt needs to support SSL Version range
- Ticket 47738 - use PL_strcasestr instead of strcasestr
- Ticket 47462 - Stop using DES in the reversible password encryption plug-in
- Ticket 47807 - SLAPI_REQUESTOR_ISROOT not set for extended operation plugins
- Ticket 47991 - upgrade script fails if /etc and /var are on different file systems
- Ticket 47989 - Windows Sync accidentally cleared raw_entry
- Ticket 47964 - v2 - Incorrect search result after replacing an empty attribute
- Ticket 47934 - nsslapd-db-locks modify not taking into account.
- Ticket 47617 - replication changelog trimming setting validation
- Ticket 47905 - Bad manipulation of passwordhistory
- Ticket 47973 - During schema reload sometimes the search returns no results
- Ticket 47981 - COS cache doesn't properly mark vattr cache as invalid when there are multiple suffixes
- Ticket 47980 - Nested COS definitions can be incorrectly processed
- Ticket 47451 - Dynamic plugins - fixed thread synchronization
- Ticket 47750 - During delete operation do not refresh cache entry if it is a tombstone
- Ticket 47947 - start dirsrv after chrony on RHEL7 and Fedora
- fix jenkins warning
- Ticket 47526 - Additional fix for ticket 47526 v3
- Ticket 47451 - Add Dynamic Plugin CI Suite
- Ticket 47965 - Fix coverity issues (2014/12/16)
- Ticket 47451 - Fix jenkins errors
- Ticket 47451 - Dynamic Plugin - various fixes
- Ticket 47935 - Error: failed to open an LDAP connection to host 'example.org' port '389' as user 'cn=Directory Manager'. Error: unknown.
- Ticket 47750 - Need to refresh cache entry after called betxn postop plugins
- Ticket 47942 - DS hangs during online total update
- Ticket 47960 - cookie_change_info returns random negative number if there was no change in a tree
- Ticket 47960 - cookie_change_info returns random negative number if there was no change in a tree
- Ticket 47722 - Using the filter file does not work
- Ticket 47636 - Error log levels not displayed correctly
- Ticket 47965 - Fix coverity issues (2014/11/24)
- Ticket 47969 - Fix coverity issue
- Ticket 47949 - logconv.pl -- support parsing/showing/reporting different protocol versions
- Ticket 47525 - Crash if setting invalid plugin config area for MemberOf Plugin
- Ticket 47970 - add lib389 testcase
- Ticket 47970 - Account lockout attributes incorrectly updated after failed SASL Bind
- Ticket 47969 - COS memory leak when rebuilding the cache
- Ticket 47967 - cos_cache_build_definition_list does not stop during server shutdown
- Ticket 47451 - Running a plugin task can crash the server
- Ticket 47963 - skip nested groups breaks memberof fixup task
- Ticket 47963 - RFE - memberOf - add option to skip nested group lookups during delete operations
- Ticket 47810 - RI plugin does not return result code if update fails
- Ticket 47950 - Bind DN tracking unable to write to internalModifiersName without special permissions
- Ticket 47958 - Memory leak in password admin if the admin entry does not exist
- Ticket 47952 - PasswordAdminDN attribute is not properly returned to client
- Ticket 47451 - Need to unregister tasks created by plugins
- Ticket 47928 - Disable SSL v3, by default.
- Ticket 47953 - Should not check aci syntax when deleting an aci
- Ticket 47948 - ldap_sasl_bind fails assertion (ld != NULL) if it is called from chainingdb_bind over SSL/startTLS
- Ticket 47945 - Add SSL/TLS version info to the access log
- Ticket 47939 - Malformed cookie for LDAP Sync makes DS crash
- Ticket 47937 - Crash in entry_add_present_values_wsi_multi_valued
- Ticket 47928 - CI test: added test cases for ticket 47928
- Ticket 47553 - Enhance ACIs to have more control over MODRDN operations
--------------------------------------------------------------------------------
================================================================================
389-ds-console-1.2.9-1.fc21 (FEDORA-2015-1755)
389 Directory Server Management Console
--------------------------------------------------------------------------------
Update Information:
release 1.2.9
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 4 2015 Noriko Hosoi <nhosoi at redhat.com> - 1.2.9-1
- Bumped version to 1.2.9
- Bug 1184175 - DS Console always sets nsSSL3 to "on" when a securty setting is adjusted (DS 47994)
- Bug 916045 - RFE: Winsync loses connection with AD objects when they move from the console. (#47380)
- Bug 1173281 - DS console - right clicking an object does not select that object (#135)
- Bug 1134688 - DS Console does not correctly disable SSL (#47887)
- Bug 963254 - DS instance cannot be restored from remote console (#47485)
- Ticket 47886 - DS Console - mouse wheel speed very slow
- Bug 758983 - DS Console should timeout when mismatched port and protocol combination is chosen (#176)
- Bug 1173283 - DS Console - java exception when refreshing schema (#47883)
- Bug 1173284 - Window too large for Manage password policy (#96)
--------------------------------------------------------------------------------
================================================================================
RackTables-0.20.10-1.fc21 (FEDORA-2015-1758)
A data-center asset management system
--------------------------------------------------------------------------------
Update Information:
Rebase to v0.20.10
Rebase to v0.20.9
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 5 2015 Colin Coe <colin.coe at gmail.com> - 0.20.10-1
- Rebase to v0.20.10
* Fri Jan 16 2015 Colin Coe <colin.coe at gmail.com> - 0.20.9-1
- Rebase to v0.20.9
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1186291 - RackTables-0.20.10 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1186291
[ 2 ] Bug #977277 - RackTables-0.20.9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=977277
--------------------------------------------------------------------------------
================================================================================
claws-mail-3.11.1-6.fc21 (FEDORA-2015-1739)
Email client and news reader based on GTK+
--------------------------------------------------------------------------------
Update Information:
Fix crash in clamav plugin dialog
Add workaround for crashes in gtk_cmctree
Add workaround for crashes in gtk_cmctree
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 4 2015 Andreas Bierfert <andreas.bierfert at lowlatency.de>
- 3.11.1-6
- fix clamav preferences crash (rhbz#118891, rhbz#118774)
* Tue Feb 3 2015 Andreas Bierfert <andreas.bierfert at lowlatency.de>
- 3.11.1-5
- enable gdata plugin on epel
* Tue Feb 3 2015 Andreas Bierfert <andreas.bierfert at lowlatency.de>
- 3.11.1-4
- workaround for crashes in gtk_cmctree (rhbz#1172963, rhbz#1165158)
- enable tnef plugin on epel
- disable bsfilter plugin on epel
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1187744 - [abrt] claws-mail: g_type_check_instance_cast(): claws-mail killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1187744
[ 2 ] Bug #1188919 - [abrt] claws-mail: g_type_check_instance_cast(): claws-mail killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1188919
[ 3 ] Bug #1165158 - [abrt] claws-mail: gtk_cmctree_is_viewable(): claws-mail killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1165158
[ 4 ] Bug #1172963 - [abrt] claws-mail: gtk_cmctree_node_get_row_data(): claws-mail killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1172963
--------------------------------------------------------------------------------
================================================================================
cln-1.3.4-1.fc21 (FEDORA-2015-1764)
Class Library for Numbers
--------------------------------------------------------------------------------
Update Information:
Update to the latest version(should be updated long ago)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 15 2014 Christopher Meng <rpm at cicku.me> - 1.3.4-1
- Update to 1.3.4
--------------------------------------------------------------------------------
================================================================================
csvcat-0.1-20141205git858edfe.fc21 (FEDORA-2015-1749)
Efficiently concatenate CSVs or other tabular text files
--------------------------------------------------------------------------------
Update Information:
New package, please test with:
csvcat.sh file1 file2 [...] > concatenated.csv
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1177406 - Review Request: csvcat - Efficiently concatenate CSVs or other tabular text files
https://bugzilla.redhat.com/show_bug.cgi?id=1177406
--------------------------------------------------------------------------------
================================================================================
dnf-langpacks-0.7.0-2.fc21 (FEDORA-2015-1756)
Langpacks plugin for dnf
--------------------------------------------------------------------------------
Update Information:
Added python3-dnf-langpacks sub-package
update to 0.7.0 release
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 3 2015 Parag Nemade <pnemade AT redhat DOT com> - 0.7.0-2
- Added python3-dnf-langpacks sub-package
* Mon Feb 2 2015 Parag Nemade <pnemade AT redhat DOT com> - 0.7.0-1
- update to 0.7.0 release
--------------------------------------------------------------------------------
================================================================================
dovecot-2.2.15-3.fc21 (FEDORA-2015-1766)
Secure imap and pop3 server
--------------------------------------------------------------------------------
Update Information:
fixes mbox istream crashes
- fix crash related to logging BYE notifications (#1176282)
- update pigeonhole to 0.4.6
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 5 2015 Michal Hlavinka <mhlavink at redhat.com> - 1:2.2.15-3
- fix mbox istream crashes (#1189198, #1186504)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1189198 - dovecot IMAP crashes on mbox files
https://bugzilla.redhat.com/show_bug.cgi?id=1189198
[ 2 ] Bug #1176282 - [abrt] dovecot: strlen(): log killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1176282
[ 3 ] Bug #1186504 - [abrt] dovecot: default_fatal_finish(): imap killed by SIGABRT
https://bugzilla.redhat.com/show_bug.cgi?id=1186504
--------------------------------------------------------------------------------
================================================================================
fdm-1.8-1.fc21 (FEDORA-2015-1764)
A simple lightweight tool of fetching, filtering and delivering emails
--------------------------------------------------------------------------------
Update Information:
Update to the latest version(should be updated long ago)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 28 2015 Christopher Meng <rpm at cicku.me> - 1.8-1
- Update to 1.8
--------------------------------------------------------------------------------
================================================================================
gammaray-2.2.1-3.fc21 (FEDORA-2015-1774)
A tool for examining internals of Qt applications
--------------------------------------------------------------------------------
Update Information:
Update to 2.2.1
- default to Qt 5 build
- split probes to -qt5 and -qt4 subpackages
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 3 2015 Daniel Vrátil <dvratil at redhat.com> - 2.2.1-3
- fix typo
* Tue Feb 3 2015 Daniel Vrátil <dvratil at redhat.com> - 2.2.1-2
- drop ambiguous BuildArch
* Tue Feb 3 2015 Daniel Vrátil <dvratil at redhat.com> - 2.2.1-1
- Update to 2.2.1
- Default to Qt 5 build now
- Provide probes for Qt 5 and Qt 4 in -qt5 and -qt4 subpackages
* Wed Jan 7 2015 Orion Poplawski <orion at cora.nwra.com> - 2.1.1-2
- Rebuild for hdf5 1.8.4
--------------------------------------------------------------------------------
================================================================================
gedit-3.14.3-1.fc21 (FEDORA-2015-1767)
Text editor for the GNOME desktop
--------------------------------------------------------------------------------
Update Information:
Update to 3.14.3
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 5 2015 Ignacio Casal Quinteiro <icq at gnome.org> - 2:3.14.3-1
- Update to 3.14.3
--------------------------------------------------------------------------------
================================================================================
idm-console-framework-1.1.9-1.fc21 (FEDORA-2015-1765)
Identity Management Console Framework
--------------------------------------------------------------------------------
Update Information:
release 1.1.9
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 4 2015 Noriko Hosoi <nhosoi at redhat.com> - 1.1.9-1
- Bump version to 1.1.9
- Ticket 47929 - idm-console-framework - set default min to tls1.0
- Ticket 47946 - ACI's are replaced by "ACI_ALL" after editing group of ACI's including invalid one
- Ticket 47929 - Console - add tls1.1 support
- Ticket 47472 - Entries cannot be highlighted in the "Edit Aci" Rights panel
- Ticket 47364 - Console does not support passwords containing 8-bit characters
- Ticket 47604 - idm-console-framework: remove versioned jars from /usr/share/java
- Ticket 47480 - Admin Console "server restart dialog" disppears after clicking OK
- Ticket 47467 - Improve CRL import dialog text
- Ticket 362 - Directory Console generates insufficient key strength
* Fri Aug 29 2014 Mark Reynolds <mreynolds at redhat.com> - 1.1.7-9
- Bug 1022104 - Remove versioned jarfiles from _javadir
--------------------------------------------------------------------------------
================================================================================
kf5-kguiaddons-5.6.0-2.fc21 (FEDORA-2015-1722)
KDE Frameworks 5 Tier 1 addon with various classes on top of QtGui
--------------------------------------------------------------------------------
Update Information:
BR qt5-qtx11extras-devel
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 5 2015 Daniel Vrátil <dvratil at redhat.com> - 5.6.0-2
- BR qt5-qtx11extras-devel
--------------------------------------------------------------------------------
================================================================================
minised-1.15-1.fc21 (FEDORA-2015-1734)
A smaller, cheaper, faster SED implementation
--------------------------------------------------------------------------------
Update Information:
The 1.15 version fixes some Kleene star operator relates bugs and
includes some code cleanups.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 20 2015 Christopher Meng <rpm at cicku.me> - 1.15-1
- Update to 1.15
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1150999 - minised-1.15 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1150999
--------------------------------------------------------------------------------
================================================================================
moodle-2.7.5-1.fc21 (FEDORA-2015-1751)
A Course Management System
--------------------------------------------------------------------------------
Update Information:
The following security notifications have now been made public:
==============================================================================
MSA-15-0001: Insufficient access check in LTI module
Description: Absence of capability check in AJAX backend script could
allow any enrolled user to search the list of registered
tools
Issue summary: mod/lti/ajax.php security problems
Severity/Risk: Minor
Versions affected: 2.8 to 2.8.1, 2.7 to 2.7.3, 2.6 to 2.6.6 and earlier
unsupported versions
Versions fixed: 2.8.2, 2.7.4 and 2.6.7
Reported by: Petr Skoda
Issue no.: MDL-47920
CVE identifier: CVE-2015-0211
Changes (master):
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47920
==============================================================================
MSA-15-0002: XSS vulnerability in course request pending approval page
Description: Course summary on course request pending approval page was
displayed to the manager unescaped and could be used for
XSS attack
Issue summary: XSS in course request pending approval page (Privilege
Escalation?)
Severity/Risk: Serious
Versions affected: 2.8 to 2.8.1, 2.7 to 2.7.3, 2.6 to 2.6.6 and earlier
unsupported versions
Versions fixed: 2.8.2, 2.7.4 and 2.6.7
Reported by: Skylar Kelty
Issue no.: MDL-48368
Workaround: Grant permission moodle/course:request only to trusted
users
CVE identifier: CVE-2015-0212
Changes (master):
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48368
==============================================================================
MSA-15-0003: CSRF possible in Glossary module
Description: Two files in the Glossary module lacked a session key check
potentially allowing cross-site request forgery
Issue summary: Multiple CSRF in mod glossary
Severity/Risk: Serious
Versions affected: 2.8 to 2.8.1, 2.7 to 2.7.3, 2.6 to 2.6.6 and earlier
unsupported versions
Versions fixed: 2.8.2, 2.7.4 and 2.6.7
Reported by: Ankit Agarwal
Issue no.: MDL-48106
CVE identifier: CVE-2015-0213
Changes (master):
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48106
==============================================================================
MSA-15-0004: Information leak through messaging functions in web-services
Description: Through web-services it was possible to access
messaging-related functions such as people search even if
messaging is disabled on the site
Issue summary: Messages external functions doesn't check if messaging is
enabled
Severity/Risk: Minor
Versions affected: 2.8 to 2.8.1, 2.7 to 2.7.3, 2.6 to 2.6.6 and earlier
unsupported versions
Versions fixed: 2.8.2, 2.7.4 and 2.6.7
Reported by: Juan Leyva
Issue no.: MDL-48329
Workaround: Disable web services or disable individual message-related
functions
CVE identifier: CVE-2015-0214
Changes (master):
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48329
==============================================================================
MSA-15-0005: Insufficient access check in calendar functions in web-services
Description: Through web-services it was possible to get information
about calendar events which user did not have enough
permissions to see
Issue summary: calendar/externallib.php lacks
self::validate_context($context);
Severity/Risk: Minor
Versions affected: 2.8 to 2.8.1, 2.7 to 2.7.3, 2.6 to 2.6.6 and earlier
unsupported versions
Versions fixed: 2.8.2, 2.7.4 and 2.6.7
Reported by: Petr Skoda
Issue no.: MDL-48017
CVE identifier: CVE-2015-0215
Changes (master):
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48017
==============================================================================
MSA-15-0006: Capability to grade Lesson module is missing XSS bitmask
Description: Users with capability to grade in Lesson module were not
reported as users with XSS risk but their feedback was
displayed without cleaning
Issue summary: mod/lesson:grade capability missing RISK_XSS but essay
feedback is displayed with noclean=true
Severity/Risk: Minor
Versions affected: 2.8 to 2.8.1
Versions fixed: 2.8.2
Reported by: Damyon Wiese
Issue no.: MDL-48034
CVE identifier: CVE-2015-0216
Changes (master):
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48034
==============================================================================
MSA-15-0007: ReDoS possible in the multimedia filter
Description: Not optimal regular expression in the filter could be
exploited to create extra server load or make particular
page unavailable
Issue summary: ReDOS in the multimedia filter
Severity/Risk: Serious
Versions affected: 2.8 to 2.8.1, 2.7 to 2.7.3, 2.6 to 2.6.6 and earlier
unsupported versions
Versions fixed: 2.8.2, 2.7.4 and 2.6.7
Reported by: Nicolas Martignoni
Issue no.: MDL-48546
Workaround: Disable multimedia filter
CVE identifier: CVE-2015-0217
Changes (master):
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48546
==============================================================================
MSA-15-0008: Forced logout through Shibboleth authentication plugin
Description: It was possible to forge a request to logout users even
when not authenticated through Shibboleth
Issue summary: Forced logout via auth/shibboleth/logout.php
Severity/Risk: Serious
Versions affected: 2.8 to 2.8.1, 2.7 to 2.7.3, 2.6 to 2.6.6 and earlier
unsupported versions
Versions fixed: 2.8.2, 2.7.4 and 2.6.7
Reported by: Petr Skoda
Issue no.: MDL-47964
Workaround: Deny access to file auth/shibboleth/logout.php in webserver
configuration
CVE identifier: CVE-2015-0218
Changes (master):
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47964
==============================================================================
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 5 2015 Jon Ciesla <limburgher at gmail.com> - 2.7.5-1
- 2.7.5, fix for security issues.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1183695 - CVE-2015-0218 CVE-2015-0212 CVE-2015-0213 CVE-2015-0211 CVE-2015-0216 CVE-2015-0217 CVE-2015-0214 CVE-2015-0215 moodle: new update fixes several security issues [epel-6]
https://bugzilla.redhat.com/show_bug.cgi?id=1183695
[ 2 ] Bug #1183694 - CVE-2015-0218 CVE-2015-0212 CVE-2015-0213 CVE-2015-0211 CVE-2015-0216 CVE-2015-0217 CVE-2015-0214 CVE-2015-0215 moodle: new update fixes several security issues [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1183694
--------------------------------------------------------------------------------
================================================================================
ntp-4.2.6p5-27.fc21 (FEDORA-2015-1736)
The NTP daemon and utilities
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2014-9297, CVE-2014-9298
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 5 2015 Miroslav Lichvar <mlichvar at redhat.com> 4.2.6p5-27
- validate lengths of values in extension fields (CVE-2014-9297)
- drop packets with spoofed source address ::1 (CVE-2014-9298)
* Thu Jan 29 2015 Miroslav Lichvar <mlichvar at redhat.com> 4.2.6p5-26
- require timedatex (#1136905)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1184572 - CVE-2014-9298 ntp: drop packets with source address ::1
https://bugzilla.redhat.com/show_bug.cgi?id=1184572
[ 2 ] Bug #1184573 - CVE-2014-9297 ntp: vallen in extension fields are not validated
https://bugzilla.redhat.com/show_bug.cgi?id=1184573
--------------------------------------------------------------------------------
================================================================================
open-vm-tools-9.4.6-6.fc21 (FEDORA-2015-1738)
Open Virtual Machine Tools for virtual machines hosted on VMware
--------------------------------------------------------------------------------
Update Information:
This update fixes the missing NetIpRouteConfigInfo (BZ#1189295).
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 4 2015 Ravindra Kumar <ravindrakumar at vmware.com> - 9.4.6-6
- Added a patch for missing NetIpRouteConfigInfo (BZ#1189295)
* Mon Jan 26 2015 David Tardon <dtardon at redhat.com> - 9.4.6-5
- rebuild for ICU 54.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1189295 - open-vm-tools does not report NetIpRouteConfigInfo to vSphere APIs
https://bugzilla.redhat.com/show_bug.cgi?id=1189295
--------------------------------------------------------------------------------
================================================================================
openbabel-2.3.2-11.fc21 (FEDORA-2015-1735)
Chemistry software file format converter
--------------------------------------------------------------------------------
Update Information:
Unify patches which disable tests on ppc64, s390(x), arm and enable
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 27 2015 Marcin Juszkiewicz <mjuszkiewicz at redhat.com> - 2.3.2-11
- Unify patches which disable tests on ppc64, s390(x), arm and enable
result also for aarch64. rhbugs: #1108103 #1094491 #1094513
* Fri Jan 16 2015 Mamoru TASAKA <mtasaka at fedoraproject.org> - 2.3.2-10
- Rebuild for https://fedoraproject.org/wiki/Changes/Ruby_2.2
- Remove deprecated Config:: usage
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1108103 - FTBFS: several unit tests fail on ppc64
https://bugzilla.redhat.com/show_bug.cgi?id=1108103
[ 2 ] Bug #1094491 - openbabel testsuite is failing on ARM
https://bugzilla.redhat.com/show_bug.cgi?id=1094491
[ 3 ] Bug #1094513 - openbabel testsuite is failing on ppc64, ppc64le, aarch64
https://bugzilla.redhat.com/show_bug.cgi?id=1094513
--------------------------------------------------------------------------------
================================================================================
perl-Encode-2.70-1.fc21 (FEDORA-2015-1725)
Character encodings in Perl
--------------------------------------------------------------------------------
Update Information:
This release brings a new encguess(1) tool which as a wrapper around Encoding::Guess Perl module.
This release corrects handling taint flag when encoding MIME, it fixes documentation and some compiler warnings.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 5 2015 Petr Pisar <ppisar at redhat.com> - 1:2.70-1
- 2.70 bump
* Fri Jan 23 2015 Petr Pisar <ppisar at redhat.com> - 1:2.68-1
- 2.68 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1185328 - perl-Encode-2.68 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1185328
--------------------------------------------------------------------------------
================================================================================
perl-Gtk2-1.2495-1.fc21 (FEDORA-2015-1733)
Perl interface to the 2.x series of the Gimp Toolkit library
--------------------------------------------------------------------------------
Update Information:
Update to 1.2495 to resolve an incorrect memory management issue in Gtk2::Gdk::Display::list_devices, which can potentially lead to arbitrary code execution.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 4 2015 Tom Callaway <spot at fedoraproject.org> - 1.2495-1
- update to 1.2495
* Mon Jan 5 2015 Tom Callaway <spot at fedoraproject.org> - 1.2494-1
- update to 1.2494
* Wed Dec 10 2014 Tom Callaway <spot at fedoraproject.org> - 1.2493-1
- update to 1.2493
* Mon Sep 1 2014 Jitka Plesnikova <jplesnik at redhat.com> - 1.2492-3
- Perl 5.20 rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1188219 - perl-Gtk2: incorrect memory management in Gtk2::Gdk::Display::list_devices
https://bugzilla.redhat.com/show_bug.cgi?id=1188219
--------------------------------------------------------------------------------
================================================================================
pgp-tools-1.1.12-2.fc21 (FEDORA-2015-1726)
Collection of several utilities related to OpenPGP
--------------------------------------------------------------------------------
Update Information:
New upstream release with bugfies.
Minore bugfixing release from updatream.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 4 2015 Jochen Schmitt <Jochen herr-schmitt de> - 1.1.12-2
- New upstream release
* Wed Jan 21 2015 Jochen Schmitt <Jochen herr-schmitt de> - 1.1.10-2
- Fix dependency issue agains perl(for) (#1184547)
* Sat Jan 10 2015 Jochen Schmitt <Jochen herr-schmitt de> - 1.1.10-1
- New upstream release
--------------------------------------------------------------------------------
================================================================================
php-pecl-mongo-1.6.1-1.fc21 (FEDORA-2015-1750)
PHP MongoDB database driver
--------------------------------------------------------------------------------
Update Information:
From upstream announcement:
We are glad to announce the release of version 1.6.0 of the MongoDB PHP driver.
It supports all new features for MongoDB 3.0, including:
* Support for WiredTiger, and other storage engines.
* Support for the new SCRAM-SHA-1 SASL authentication mechanism
* Support for 50 replica set members
For full fixed bug list, see:
* 1.6.0: https://jira.mongodb.org/secure/ReleaseNote.jspa?projectId=10007&version=14800
* 1.6.1: https://jira.mongodb.org/secure/ReleaseNote.jspa?projectId=10007&version=14825
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 5 2015 Remi Collet <remi at fedoraproject.org> - 1.6.1-1
- Update to 1.6.1 (stable)
--------------------------------------------------------------------------------
================================================================================
postgresql-9.3.6-1.fc21 (FEDORA-2015-1745)
PostgreSQL client programs
--------------------------------------------------------------------------------
Update Information:
update to 9.3.6 per release notes http://www.postgresql.org/docs/9.3/static/release-9-3-6.html, CVE-2015-0241, CVE-2015-0242, CVE-2015-0243, CVE-2015-0244
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 4 2015 Pavel Raiskup <praiskup at redhat.com> - 9.3.6-1
- update to 9.3.6 per release notes
http://www.postgresql.org/docs/9.3/static/release-9-3-6.html
--------------------------------------------------------------------------------
================================================================================
publicsuffix-list-20150204-1.fc21 (FEDORA-2015-1723)
Cross-vendor public domain suffix database
--------------------------------------------------------------------------------
Update Information:
The latest revision - 20150204
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 5 2015 Yanko Kaneti <yaneti at declera.com> - 20150204-1
- The latest revision - 20150204
- Initial version for review - 20141124-1
--------------------------------------------------------------------------------
================================================================================
python-paho-mqtt-1.1-1.fc21 (FEDORA-2015-1760)
A Python MQTT version 3.1/3.1.1 client class
--------------------------------------------------------------------------------
Update Information:
Update to new upstream version 1.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 5 2015 Fabian Affolter <mail at fabian-affolter.ch> - 1.1-1
- Update to new upstream version 1.1
--------------------------------------------------------------------------------
================================================================================
python-sphinx-1.2.3-1.fc21 (FEDORA-2015-1748)
Python documentation generator
--------------------------------------------------------------------------------
Update Information:
- Update to latest upstream release, see CHANGES file for new features and bugfixes
- License file now tagged as %license instead of %doc
- Complete LaTeX builder deps
- Make test output verbose
- Add BRs needed to enable all tests
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 5 2015 Michel Alexandre Salim <salimma at fedoraproject.org> - 1.2.3-1
- Update to 1.2.3
- Mark license file with %license instead of %doc
* Thu Feb 5 2015 Michel Alexandre Salim <salimma at fedoraproject.org> - 1.2.2-10
- Complete LaTeX builder deps (fixes bz#882166)
- Make test output verbose
- Add BRs needed to enable all tests
* Tue Feb 3 2015 Michel Alexandre Salim <salimma at fedoraproject.org> - 1.2.2-9
- python3-sphinx package also Provides: python3-sphinx-latex
* Tue Feb 3 2015 Michel Alexandre Salim <salimma at fedoraproject.org> - 1.2.2-8
- If a separate LaTeX subpackage is not generated, the main package should have
a virtual Provides: for it (bz#1187989)
* Tue Jan 27 2015 Michel Alexandre Salim <salimma at fedoraproject.org> - 1.2.2-7
- Disable separate LaTeX builder for now (bz#1185574)
* Thu Jan 22 2015 Michel Alexandre Salim <salimma at fedoraproject.org> - 1.2.2-6
- Split off LaTeX builder into its own subpackages, to remove TeXLive
dependencies from the main package.
Thanks to Robert Kuska <rkuska at redhat.com> for feedback
- Clean up python3-sphinx's locale files, they ended up in the python2 package.
Share the locale files in /usr/share instead
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1148845 - "make latexpdf" fails with a pristine sphinx project (texlive issues?)
https://bugzilla.redhat.com/show_bug.cgi?id=1148845
[ 2 ] Bug #882166 - make latex does not work out of the box
https://bugzilla.redhat.com/show_bug.cgi?id=882166
[ 3 ] Bug #1148037 - python-sphinx contains python3 files
https://bugzilla.redhat.com/show_bug.cgi?id=1148037
--------------------------------------------------------------------------------
================================================================================
roundcubemail-1.0.5-1.fc21 (FEDORA-2015-1772)
Round Cube Webmail is a browser-based multilingual IMAP client
--------------------------------------------------------------------------------
Update Information:
Cross-site scripting vulnerability has been fixed in Roundcube 1.0.5 version.
http://roundcube.net/news/2015/01/24/security-update-1.0.5/
http://trac.roundcube.net/wiki/Changelog#RELEASE1.0.5
http://trac.roundcube.net/ticket/1490227
CVE request: http://www.openwall.com/lists/oss-security/2015/01/31/3
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 5 2015 Jon Ciesla <limburgher at gmail.com> - 1.0.5-1
- Fix for security issues.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1188203 - CVE-2015-1433 roundcubemail: crooss-site scripting in style attribute handling [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1188203
[ 2 ] Bug #1188202 - CVE-2015-1433 roundcubemail: crooss-site scripting in style attribute handling [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1188202
--------------------------------------------------------------------------------
================================================================================
rpcbind-0.2.2-2.1.fc21 (FEDORA-2015-1678)
Universal Addresses to RPC Program Number Mapper
--------------------------------------------------------------------------------
Update Information:
commit 2a4dad119847f2ffd7511279b3cd3861fe90eaa4
Author: Steve Dickson <steved at redhat.com>
Date: Wed Feb 4 09:17:49 2015 -0500
Updated to the latest rc release: rpcbind-0_2_3-rc1 (bz 1095021)
Signed-off-by: Steve Dickson <steved at redhat.com>
* Thu Feb 5 2015 Steve Dickson <steved at redhat.com> - 0.2.2-2.1
- Added xlogging debugging to rpcbind
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 5 2015 Steve Dickson <steved at redhat.com> - 0.2.2-2.1
- Added xlogging debugging to rpcbind
* Wed Feb 4 2015 Steve Dickson <steved at redhat.com> - 0.2.2-2.0
- Updated to the latest rc release: rpcbind-0_2_3-rc1 (bz 1095021)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1095021 - systemd integration patches/assorted fixes
https://bugzilla.redhat.com/show_bug.cgi?id=1095021
--------------------------------------------------------------------------------
================================================================================
rubygem-hoe-3.13.1-1.fc21 (FEDORA-2015-1757)
Hoe is a simple rake/rubygems helper for project Rakefiles
--------------------------------------------------------------------------------
Update Information:
New version 3.13.1 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 5 2015 Mamoru TASAKA <mtasaka at fedoraproject.org> - 3.13.1-1
- 3.13.1
--------------------------------------------------------------------------------
================================================================================
rubygem-isolate-3.3.1-1.fc21 (FEDORA-2015-1740)
Very simple RubyGems sandbox
--------------------------------------------------------------------------------
Update Information:
New version 3.3.1 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 5 2015 Mamoru TASAKA <mtasaka at fedoraproject.org> - 3.3.1-1
- 3.3.1
--------------------------------------------------------------------------------
================================================================================
rubygem-marc-1.0.0-1.fc21 (FEDORA-2015-1743)
Ruby library for MARC catalog
--------------------------------------------------------------------------------
Update Information:
New version 1.0.0 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 5 2015 Mamoru TASAKA <mtasaka at fedoraproject.org> - 1.0.0-1
- 1.0.0
--------------------------------------------------------------------------------
================================================================================
s3cmd-1.5.1.2-4.fc21 (FEDORA-2015-1754)
Tool for accessing Amazon Simple Storage Service
--------------------------------------------------------------------------------
Update Information:
upstream 1.5.1.2, mostly bug fixes
upstream 1.5.0 final
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 4 2015 Matt Domsch <mdomsch at fedoraproject.org> - 1.5.1.2-4
- upstream 1.5.1.2, mostly bug fixes
- remove ez_setup, add dependency on python-setuptools
* Mon Jan 12 2015 Matt Domsch <mdomsch at fedoraproject.org> - 1.5.0-1
- upstream 1.5.0 final
--------------------------------------------------------------------------------
================================================================================
selinux-policy-3.13.1-105.3.fc21 (FEDORA-2015-1768)
SELinux policy configuration
--------------------------------------------------------------------------------
Update Information:
More info: http://koji.fedoraproject.org/koji/buildinfo?buildID=609261
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 5 2015 Lukas Vrabec <lvrabec at redhat.com> 3.13.1-105.3
- apmd needs sys_resource when shutting down the machine
- Allow upsmon_t to read urandom device.
* Mon Feb 2 2015 Lukas Vrabec <lvrabec at redhat.com> 3.13.1-105.2
- Added boolean xdm_bind_vnc_tcp_port. BZ(1187975)
- Allow svirt sandbox domains to read /proc/mtrr
- Allow sshd_t to manage gssd keyring
- Allow docker to attach to the sandbox and user domains tun devices
- Dontaudit network connections related to thumb_t. BZ(1187981)
- Allow dovecot domains to use sys_resouce
- Allow svirt sandbox domains to read /proc/mtrr
- Allow polipo_deamon connect to all ephemeral ports. BZ(1187723)
- Allow sshd_t to manage gssd keyring
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1063827 - selinux avc for httpd accessing KEYRING ccache type
https://bugzilla.redhat.com/show_bug.cgi?id=1063827
[ 2 ] Bug #1172908 - SELinux is preventing dovecot from using the sys_resource capability.
https://bugzilla.redhat.com/show_bug.cgi?id=1172908
[ 3 ] Bug #1181338 - SELinux is preventing openvpn from 'relabelfrom' accesses on the tun_socket Unknown.
https://bugzilla.redhat.com/show_bug.cgi?id=1181338
[ 4 ] Bug #1185621 - SELinux is preventing systemctl from using the 'setrlimit' accesses on a process.
https://bugzilla.redhat.com/show_bug.cgi?id=1185621
[ 5 ] Bug #1186072 - SELinux is preventing /usr/sbin/upsmon from 'read' accesses on the chr_file random.
https://bugzilla.redhat.com/show_bug.cgi?id=1186072
[ 6 ] Bug #1187723 - SELinux is preventing /usr/bin/polipo from 'name_connect' accesses on the tcp_socket port 35651.
https://bugzilla.redhat.com/show_bug.cgi?id=1187723
[ 7 ] Bug #1187975 - SELinux blocks LightDM VNC server
https://bugzilla.redhat.com/show_bug.cgi?id=1187975
[ 8 ] Bug #1187981 - SELinux is preventing souphttpsrc0:sr from 'name_connect' accesses on the tcp_socket port 80.
https://bugzilla.redhat.com/show_bug.cgi?id=1187981
[ 9 ] Bug #1189382 - SELinux is preventing /usr/bin/systemctl from using the 'sys_resource' capabilities.
https://bugzilla.redhat.com/show_bug.cgi?id=1189382
--------------------------------------------------------------------------------
================================================================================
systemd-216-18.fc21 (FEDORA-2015-1763)
A System and Service Manager
--------------------------------------------------------------------------------
Update Information:
RFE: journal: automatically rotate the file if it is unlinked (#1171719);Add the touchpad hwdb (#1189319)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 5 2015 Jan Synáček <jsynacek at redhat.com> - 216-18
- RFE: journal: automatically rotate the file if it is unlinked (#1171719)
- Add the touchpad hwdb (#1189319)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1171719 - RFE: journal: automatically rotate the file if it is unlinked
https://bugzilla.redhat.com/show_bug.cgi?id=1171719
[ 2 ] Bug #1189319 - add the touchpad hwdb
https://bugzilla.redhat.com/show_bug.cgi?id=1189319
--------------------------------------------------------------------------------
================================================================================
xorg-x11-drv-synaptics-1.8.1-3.fc21 (FEDORA-2015-1769)
Xorg X11 Synaptics touchpad input driver
--------------------------------------------------------------------------------
Update Information:
Fix missing bits and bobs for the X1 Carbon quirks (#1189329)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 5 2015 Peter Hutterer <peter.hutterer at redhat.com> 1.8.1-3
- Fix missing bits and bobs for the X1 Carbon quirks (#1189329)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1189329 - xorg-x11-drv-synaptics-1.8.1-2.fc21 patch for new Lenovo touchpads is incorrect
https://bugzilla.redhat.com/show_bug.cgi?id=1189329
--------------------------------------------------------------------------------
More information about the test
mailing list