The following Fedora 20 Security updates need testing: Age URL 60 https://admin.fedoraproject.org/updates/FEDORA-2014-5897/nrpe-2.15-2.fc20 40 https://admin.fedoraproject.org/updates/FEDORA-2014-6551/chicken-4.8.0.6-2.f... 38 https://admin.fedoraproject.org/updates/FEDORA-2014-6615/drupal7-views-3.8-1... 18 https://admin.fedoraproject.org/updates/FEDORA-2014-7348/ReviewBoard-1.7.26-... 12 https://admin.fedoraproject.org/updates/FEDORA-2014-5497/openstack-keystone-... 11 https://admin.fedoraproject.org/updates/FEDORA-2014-7523/readline-6.2-10.fc2... 10 https://admin.fedoraproject.org/updates/FEDORA-2014-7551/asterisk-11.10.2-2.... 10 https://admin.fedoraproject.org/updates/FEDORA-2014-7577/claws-mail-3.10.1-1... 9 https://admin.fedoraproject.org/updates/FEDORA-2014-7613/perl-Email-Address-... 6 https://admin.fedoraproject.org/updates/FEDORA-2014-7657/couchdb-1.6.0-2.fc2... 6 https://admin.fedoraproject.org/updates/FEDORA-2014-7697/dpkg-1.16.15-1.fc20 6 https://admin.fedoraproject.org/updates/FEDORA-2014-7682/seamonkey-2.26.1-1.... 5 https://admin.fedoraproject.org/updates/FEDORA-2014-7722/xen-4.3.2-6.fc20 5 https://admin.fedoraproject.org/updates/FEDORA-2014-7751/apt-cacher-ng-0.7.2... 4 https://admin.fedoraproject.org/updates/FEDORA-2014-7804/ansible-1.6.5-1.fc2... 4 https://admin.fedoraproject.org/updates/FEDORA-2014-7779/mediawiki-1.21.11-1... 4 https://admin.fedoraproject.org/updates/FEDORA-2014-7799/openstack-ceilomete... 4 https://admin.fedoraproject.org/updates/FEDORA-2014-7780/python-pycadf-0.5.1... 2 https://admin.fedoraproject.org/updates/FEDORA-2014-7836/cacti-0.8.8b-7.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-7926/lzo-2.08-1.fc20 0 https://admin.fedoraproject.org/updates/FEDORA-2014-7896/zarafa-7.1.10-1.fc2... 0 https://admin.fedoraproject.org/updates/FEDORA-2014-7936/python3-3.3.2-16.fc... 0 https://admin.fedoraproject.org/updates/FEDORA-2014-7954/openstack-nova-2013... 0 https://admin.fedoraproject.org/updates/FEDORA-2014-7964/owncloud-6.0.4-1.fc...
The following Fedora 20 Critical Path updates have yet to be approved: Age URL 4 https://admin.fedoraproject.org/updates/FEDORA-2014-7789/libndp-1.3-1.fc20 2 https://admin.fedoraproject.org/updates/FEDORA-2014-7857/python-mako-1.0.0-1... 2 https://admin.fedoraproject.org/updates/FEDORA-2014-7868/gnome-shell-3.10.4-... 0 https://admin.fedoraproject.org/updates/FEDORA-2014-7941/nss-util-3.16.2-1.f... 0 https://admin.fedoraproject.org/updates/FEDORA-2014-7927/kde-settings-20-14.... 0 https://admin.fedoraproject.org/updates/FEDORA-2014-7928/libtasn1-3.7-1.fc20
The following builds have been pushed to Fedora 20 updates-testing
bluedevil-2.0.0-0.13.36f0438agit20140630.fc20 community-mysql-5.5.38-3.fc20 dnssec-trigger-0.12-12.fc20 ioprocess-0.5.0-1.fc20 libbluedevil-2.0-0.8.rc1.fc20 libva-1.2.1-3.fc20 mawk-1.3.4-5.20131226.fc20 mg-20140414-1.fc20 nodejs-weak-map-1.0.5-1.fc20 nss-3.16.2-1.fc20 nss-softokn-3.16.2-1.fc20 nss-util-3.16.2-1.fc20 openstack-nova-2013.2.3-2.fc20 owncloud-6.0.4-1.fc20 python-moksha-hub-1.3.4-1.fc20 python3-3.3.2-17.fc20 rubygem-docile-1.1.4-1.fc20 scap-workbench-1.0.0-1.fc20 srcpd-2.1.2-4.fc20 vile-9.8m-4.fc20 wicd-1.7.2.4-9.fc20
Details about builds:
================================================================================ bluedevil-2.0.0-0.13.36f0438agit20140630.fc20 (FEDORA-2014-7944) Bluetooth stack for KDE -------------------------------------------------------------------------------- Update Information:
Backport recent upstream fixes. -------------------------------------------------------------------------------- ChangeLog:
* Mon Jun 30 2014 Rex Dieter rdieter@fedoraproject.org 2.0.0-0.13.36f0438agit20140630 - 20140630 snapshot (#1114397) * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.0.0-0.12.rc1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1114397 - Please rebase bluedevil https://bugzilla.redhat.com/show_bug.cgi?id=1114397 --------------------------------------------------------------------------------
================================================================================ community-mysql-5.5.38-3.fc20 (FEDORA-2014-7958) MySQL client programs and shared libraries -------------------------------------------------------------------------------- Update Information:
Update to MySQL 5.5.38, for various fixes described at http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-38.html. This update also starts to use /etc/my.cnf from mariadb-libs. -------------------------------------------------------------------------------- ChangeLog:
* Fri Jun 27 2014 Honza Horak hhorak@redhat.com - 5.5.38-3 - Require /etc/my.cnf instead of shipping it * Tue Jun 17 2014 Honza Horak hhorak@redhat.com - 5.5.38-2 - Re-enable tests again * Tue Jun 17 2014 Honza Horak hhorak@redhat.com - 5.5.38-1 - Update to MySQL 5.5.38, for various fixes described at http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-38.html --------------------------------------------------------------------------------
================================================================================ dnssec-trigger-0.12-12.fc20 (FEDORA-2014-7942) NetworkManager plugin to update/reconfigure DNSSEC resolving -------------------------------------------------------------------------------- Update Information:
New upstream version and a number of additional fixes. This update can be also viewed as the first snapshot of the DNSSEC functionality being prepared for Fedora 22. On the other hand, you should still treat dnssec-trigger as experimental software as some of the serious issues are not fixed by this update. -------------------------------------------------------------------------------- ChangeLog:
* Mon Jun 30 2014 Pavel Šimerda psimerda@redhat.com - 0.12-12 - Resolves: #1112248 - require a version of NetworkManager with #1113122 fixed * Tue Jun 24 2014 Pavel Šimerda psimerda@redhat.com - 0.12-11 - Resolves: #1112248 - serialize the script instances * Tue Jun 24 2014 Pavel Šimerda psimerda@redhat.com - 0.12-10 - Resolves: #1112248 - fix a typo * Tue Jun 24 2014 Pavel Šimerda psimerda@redhat.com - 0.12-9 - Resolves: #1112248 - fix systemd race condition * Mon Jun 23 2014 Pavel Šimerda psimerda@redhat.com - 0.12-8 - Resolves: #1112248 - don't block on systemctl restart NetworkManager * Mon Jun 23 2014 Pavel Šimerda psimerda@redhat.com - 0.12-7 - Resolves: #1112248, #1111143 - update dnssec-trigger-script and dnssec-triggerd.service * Fri Jun 20 2014 Pavel Šimerda psimerda@redhat.com - 0.12-6 - Resolves: #1111143 - fix for python2 * Fri Jun 20 2014 Pavel Šimerda psimerda@redhat.com - 0.12-5 - Related: #842455 - remove a patch that is now redundant * Fri Jun 20 2014 Pavel Šimerda psimerda@redhat.com - 0.12-4 - update dnssec-trigger-script to current development submitted upstream * Wed Jun 18 2014 Pavel Šimerda psimerda@redhat.com - 0.12-3 - Resolves: #1105896 - the new script doesn't call dnssec-trigger-control submit * Fri Jun 6 2014 Pavel Šimerda psimerda@redhat.com - 0.12-2 - fix various dnssec-trigger-script issues * Fri May 23 2014 Tomas Hozza thozza@redhat.com - 0.12-1 - Update to 0.12 version - Drop merged patches - Drop downstream files (systemd, dispatcher scripts) * Tue May 13 2014 Paul Wouters pwouters@redhat.com - 0.11-21 - Enable full hardening (includig PIE) - Resolves: rhbz#1045689 dnssec-trigger creates long-time RSA key with inappropriate size -------------------------------------------------------------------------------- References:
[ 1 ] Bug #842455 - dnssec-triggerd doesn't restore /etc/resolv.conf immutable attribute https://bugzilla.redhat.com/show_bug.cgi?id=842455 [ 2 ] Bug #1067452 - connection zones lost when unbound is restarted https://bugzilla.redhat.com/show_bug.cgi?id=1067452 [ 3 ] Bug #1067554 - split the pythonic NetworkManager dispatcher script into a minimal script and an updater https://bugzilla.redhat.com/show_bug.cgi?id=1067554 [ 4 ] Bug #1070631 - NetworkManager dispatcher script doesn't respect nameserver list changes https://bugzilla.redhat.com/show_bug.cgi?id=1070631 [ 5 ] Bug #1105896 - the new script doesn't call dnssec-trigger-control submit https://bugzilla.redhat.com/show_bug.cgi?id=1105896 [ 6 ] Bug #1111143 - dnssec-trigger-script: offer a seamless upgrade from pre-0.12 (without unbound restart) https://bugzilla.redhat.com/show_bug.cgi?id=1111143 [ 7 ] Bug #1089767 - Unbound caches missed entries. https://bugzilla.redhat.com/show_bug.cgi?id=1089767 [ 8 ] Bug #1112248 - dnssec-trigger-script fails to configure unbound on dnssec-triggerd restart https://bugzilla.redhat.com/show_bug.cgi?id=1112248 [ 9 ] Bug #1100794 - New dispatcher script does not work with python2 https://bugzilla.redhat.com/show_bug.cgi?id=1100794 [ 10 ] Bug #1100796 - New dispatcher script does not work with latest unbound https://bugzilla.redhat.com/show_bug.cgi?id=1100796 [ 11 ] Bug #1089910 - Unbound cache across networks causes traffic leaking. https://bugzilla.redhat.com/show_bug.cgi?id=1089910 --------------------------------------------------------------------------------
================================================================================ ioprocess-0.5.0-1.fc20 (FEDORA-2014-7953) Slave process to perform risky IO -------------------------------------------------------------------------------- Update Information:
Fixed missing error check in readfile() -------------------------------------------------------------------------------- ChangeLog:
* Sun Jun 15 2014 Saggi Mizrahi smizrahi@redhat.com 0.5.0-1 Fixed missing error check in readfile() Added flags arg to fetch() Added st_blocks to stat() --------------------------------------------------------------------------------
================================================================================ libbluedevil-2.0-0.8.rc1.fc20 (FEDORA-2014-7944) A Qt wrapper for bluez -------------------------------------------------------------------------------- Update Information:
Backport recent upstream fixes. -------------------------------------------------------------------------------- ChangeLog:
* Mon Jun 30 2014 Rex Dieter rdieter@fedoraproject.org 2.0-0.8.rc1 - backport recent upstream commits (#1114397) * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.0-0.7.rc1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1114397 - Please rebase bluedevil https://bugzilla.redhat.com/show_bug.cgi?id=1114397 --------------------------------------------------------------------------------
================================================================================ libva-1.2.1-3.fc20 (FEDORA-2014-7946) Video Acceleration (VA) API for Linux -------------------------------------------------------------------------------- Update Information:
-Backport a missing commit from upstream -Fix a crash with firefox -------------------------------------------------------------------------------- ChangeLog:
* Fri Jun 20 2014 Elad Alfassa elad@fedoraproject.org - 1.2.1-3 - Apply upstream patch to fix a firefox crash (rhbz #1105890) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1105890 - Firefox crashes due to gstreamer (libva). It happens often https://bugzilla.redhat.com/show_bug.cgi?id=1105890 --------------------------------------------------------------------------------
================================================================================ mawk-1.3.4-5.20131226.fc20 (FEDORA-2014-7965) Interpreter for the AWK programming language -------------------------------------------------------------------------------- Update Information:
upgrade to latestest upstream -------------------------------------------------------------------------------- ChangeLog:
* Sun Jun 22 2014 Mark McKinstry mmckinst@nexcess.net - 1:1.3.4-5.20131226 - re-add missing buildroot for el5 * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1:1.3.4-4.20131226 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Wed May 21 2014 Filipe Rosset rosset.filipe@gmail.com - 1:1.3.4-3.20131226 - Rebuilt for new upstream version, spec cleanup, fixes rhbz #885733 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #885733 - mawk-1.3.4-20130219 is available https://bugzilla.redhat.com/show_bug.cgi?id=885733 --------------------------------------------------------------------------------
================================================================================ mg-20140414-1.fc20 (FEDORA-2014-7947) Tiny Emacs-like editor -------------------------------------------------------------------------------- Update Information:
upgrade to latest upstream -------------------------------------------------------------------------------- ChangeLog:
* Sun Jun 22 2014 Mark McKinstry mmckinst@nexcess.net - 20140414-1 - upgrade to 20140414 (RHBZ#1010897) - add libbsd-devel as a requirement * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 20110905-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1010897 - mg-20140414 is available https://bugzilla.redhat.com/show_bug.cgi?id=1010897 --------------------------------------------------------------------------------
================================================================================ nodejs-weak-map-1.0.5-1.fc20 (FEDORA-2014-7949) A WeakMap shim for Node.js and browsers -------------------------------------------------------------------------------- Update Information:
Initial package --------------------------------------------------------------------------------
================================================================================ nss-3.16.2-1.fc20 (FEDORA-2014-7941) Network Security Services -------------------------------------------------------------------------------- Update Information:
Update nss, nss-softokn, and nss-util to nss-3.12.6
For more details on the bugs fixed with this release, please see the upstream release notes at
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.16.2_rel...
-------------------------------------------------------------------------------- ChangeLog:
* Mon Jun 30 2014 Elio Maldonado emaldona@redhat.com - 3.16.2-1 - Update to nss-3.16.2 - Remove unwanted source directories at end of %prep so it truly removes them - Skip the cipher suite already run as part of the nss-softokn build - Resolves: Bug 1114319 - nss-3.16.2 is available -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1114319 - nss-3.16.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1114319 --------------------------------------------------------------------------------
================================================================================ nss-softokn-3.16.2-1.fc20 (FEDORA-2014-7941) Network Security Services Softoken Module -------------------------------------------------------------------------------- Update Information:
Update nss, nss-softokn, and nss-util to nss-3.12.6
For more details on the bugs fixed with this release, please see the upstream release notes at
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.16.2_rel...
-------------------------------------------------------------------------------- ChangeLog:
* Mon Jun 30 2014 Elio Maldonado emaldona@redhat.com - 3.16.2-1 - Update to nss-3.16.2 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1114319 - nss-3.16.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1114319 --------------------------------------------------------------------------------
================================================================================ nss-util-3.16.2-1.fc20 (FEDORA-2014-7941) Network Security Services Utilities Library -------------------------------------------------------------------------------- Update Information:
Update nss, nss-softokn, and nss-util to nss-3.12.6
For more details on the bugs fixed with this release, please see the upstream release notes at
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.16.2_rel...
-------------------------------------------------------------------------------- ChangeLog:
* Mon Jun 30 2014 Elio Maldonado emaldona@redhat.com - 3.16.2-1 - Update to nss-3.16.2 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1114319 - nss-3.16.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1114319 --------------------------------------------------------------------------------
================================================================================ openstack-nova-2013.2.3-2.fc20 (FEDORA-2014-7954) OpenStack Compute (nova) -------------------------------------------------------------------------------- Update Information:
Add RBAC policy for ec2 API security groups calls - CVE-2014-0167 -------------------------------------------------------------------------------- ChangeLog:
* Mon Jun 30 2014 Vladan Popovic vpopovic@redhat.com 2013.2.3-2 - Add RBAC policy for ec2 API security groups calls - CVE-2014-0167 - Move notification point to a better place - notify calling process we are ready to serve -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1084868 - CVE-2014-0167 openstack-nova: RBAC policy not properly enforced in Nova EC2 API https://bugzilla.redhat.com/show_bug.cgi?id=1084868 --------------------------------------------------------------------------------
================================================================================ owncloud-6.0.4-1.fc20 (FEDORA-2014-7964) Private file sync and share server -------------------------------------------------------------------------------- Update Information:
update to 6.0.4 -------------------------------------------------------------------------------- ChangeLog:
* Mon Jun 30 2014 Gregor Tätzner brummbq@fedoraproject.org - 6.0.4-1 - 6.0.4 * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 6.0.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1114605 - owncloud: undisclosed security issue in owncloud-6.0.3 https://bugzilla.redhat.com/show_bug.cgi?id=1114605 --------------------------------------------------------------------------------
================================================================================ python-moksha-hub-1.3.4-1.fc20 (FEDORA-2014-7961) Hub components for Moksha -------------------------------------------------------------------------------- Update Information:
Improved error handling in the consumer API. -------------------------------------------------------------------------------- ChangeLog:
* Mon Jun 30 2014 Ralph Bean rbean@redhat.com - 1.3.4-1 - Improved exception handling in the consumer API. * Sat Jun 7 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.3.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Tue Jun 3 2014 Ralph Bean rbean@redhat.com - 1.3.3-1 - Added threading model to the polling producer API. --------------------------------------------------------------------------------
================================================================================ python3-3.3.2-17.fc20 (FEDORA-2014-7948) Version 3 of the Python programming language aka Python 3000 -------------------------------------------------------------------------------- Update Information:
Rewrite the config wrapper from Bash to Python, so it can be interpreted with Python -------------------------------------------------------------------------------- ChangeLog:
* Mon Jun 30 2014 Miro Hrončok mhroncok@redhat.com - 3.3.2-17 - Rewrite the config wrapper from Bash to Python, so it can be interpreted with Python * Mon Jun 30 2014 Matej Stuchlik mstuchli@redhat.com - 3.3.2-16 - JSON module could read arbitrary process memory Resolves: rhbz#1112293 --------------------------------------------------------------------------------
================================================================================ rubygem-docile-1.1.4-1.fc20 (FEDORA-2014-7943) Docile keeps your Ruby DSLs tame and well-behaved -------------------------------------------------------------------------------- Update Information:
Newpackage -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1083701 - Review Request: rubygem-docile - Docile keeps your Ruby DSLs tame and well-behaved https://bugzilla.redhat.com/show_bug.cgi?id=1083701 --------------------------------------------------------------------------------
================================================================================ scap-workbench-1.0.0-1.fc20 (FEDORA-2014-7957) Scanning, tailoring, editing and validation tool for SCAP content -------------------------------------------------------------------------------- Update Information:
Updated to new version -------------------------------------------------------------------------------- ChangeLog:
* Fri Jun 27 2014 Martin Preisler mpreisle@redhat.com 1.0.0-1 - Updated to new version --------------------------------------------------------------------------------
================================================================================ srcpd-2.1.2-4.fc20 (FEDORA-2014-7960) Simple Railroad Command Protocol (SRCP) server -------------------------------------------------------------------------------- Update Information:
srcpd: initial submission -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1062911 - Review Request: srcpd - Simple Railroad Command Protocol (SRCP) server https://bugzilla.redhat.com/show_bug.cgi?id=1062911 --------------------------------------------------------------------------------
================================================================================ vile-9.8m-4.fc20 (FEDORA-2014-7955) VI Like Emacs -------------------------------------------------------------------------------- Update Information:
don't strip executables during build -------------------------------------------------------------------------------- ChangeLog:
* Sun Jun 22 2014 Mark McKinstry mmckinst@example.com - 9.8m-4 - re-add buildroot for el5 * Sun Jun 22 2014 Mark McKinstry mmckinst@nexcess.net - 9.8m-3 - don't strip executables during build (RHBZ#1106365) * Sun Jun 8 2014 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 9.8m-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Wed Jun 4 2014 Filipe Rosset rosset.filipe@gmail.com - 9.8m-1 - Rebuilt for new upstream release, spec cleanup, fixes rhbz #1060488 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1106365 - Don't strip executables during build https://bugzilla.redhat.com/show_bug.cgi?id=1106365 --------------------------------------------------------------------------------
================================================================================ wicd-1.7.2.4-9.fc20 (FEDORA-2014-7967) Wireless and wired network connection manager -------------------------------------------------------------------------------- Update Information:
Fixes for #1074315, #894646, and #1074372. -------------------------------------------------------------------------------- ChangeLog:
* Mon Jun 30 2014 David Cantrell dcantrell@redhat.com - 1.7.2.4-9 - Do not assume wicd-daemon is running when wicd-client runs (#1074315) - Fix wicd-curses crash on startup (#894646) - Edit default D-Bus policy file to allow 'users' group members to run wicd client programs (#1074372) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1074315 - wicd-client.py:752:_trigger_scan_if_needed:AttributeError: 'NoneType' object has no attribute 'Scan' https://bugzilla.redhat.com/show_bug.cgi?id=1074315 [ 2 ] Bug #894646 - wicd-curses crash on startup https://bugzilla.redhat.com/show_bug.cgi?id=894646 [ 3 ] Bug #1074372 - [abrt] wicd-gtk: wicd-client.py:95:wrapper:DBusException: org.freedesktop.DBus.Error.AccessDenied: Rejected send message, 1 matched rules; type="method_call", sender=":1.65" (uid=1000 pid=2817 comm="/usr/bin/python -O /usr/share/wicd/gtk/wicd-client") ... https://bugzilla.redhat.com/show_bug.cgi?id=1074372 --------------------------------------------------------------------------------