The following Fedora 21 Security updates need testing:
Age URL
73
https://admin.fedoraproject.org/updates/FEDORA-2014-15342/rubygem-actionp...
72
https://admin.fedoraproject.org/updates/FEDORA-2014-15413/rubygem-sprocke...
50
https://admin.fedoraproject.org/updates/FEDORA-2014-16782/mutt-1.5.23-7.fc21
49
https://admin.fedoraproject.org/updates/FEDORA-2014-16833/asterisk-11.14....
44
https://admin.fedoraproject.org/updates/FEDORA-2014-17195/httpd-2.4.10-15...
40
https://admin.fedoraproject.org/updates/FEDORA-2014-17139/aeskulap-0.2.2-...
37
https://admin.fedoraproject.org/updates/FEDORA-2014-17567/mapserver-6.2.2...
35
https://admin.fedoraproject.org/updates/FEDORA-2014-17635/dokuwiki-0-0.23...
24
https://admin.fedoraproject.org/updates/FEDORA-2015-0264/gcab-0.4-7.fc21
19
https://admin.fedoraproject.org/updates/FEDORA-2015-0594/strongswan-5.2.2...
17
https://admin.fedoraproject.org/updates/FEDORA-2015-0620/chicken-4.9.0.1-...
14
https://admin.fedoraproject.org/updates/FEDORA-2015-0754/arc-5.21p-5.fc21
11
https://admin.fedoraproject.org/updates/FEDORA-2015-0938/android-tools-20...
10
https://admin.fedoraproject.org/updates/FEDORA-2015-1023/dump-0.4-0.24.b4...
5
https://admin.fedoraproject.org/updates/FEDORA-2015-1066/seamonkey-2.32-1...
5
https://admin.fedoraproject.org/updates/FEDORA-2015-1058/php-5.6.5-1.fc21
5
https://admin.fedoraproject.org/updates/FEDORA-2015-1068/mingw-jasper-1.9...
5
https://admin.fedoraproject.org/updates/FEDORA-2015-1062/jasper-1.900.1-3...
5
https://admin.fedoraproject.org/updates/FEDORA-2015-1129/qpid-cpp-0.30-7....
5
https://admin.fedoraproject.org/updates/FEDORA-2015-1161/puppetlabs-stdli...
4
https://admin.fedoraproject.org/updates/FEDORA-2015-1225/privoxy-3.0.23-1...
1
https://admin.fedoraproject.org/updates/FEDORA-2015-1419/mantis-1.2.19-1....
1
https://admin.fedoraproject.org/updates/FEDORA-2015-1467/openstack-glance...
1
https://admin.fedoraproject.org/updates/FEDORA-2015-1465/websvn-2.3.3-8.fc21
0
https://admin.fedoraproject.org/updates/FEDORA-2015-1198/maradns-2.0.11-1...
0
https://admin.fedoraproject.org/updates/FEDORA-2015-1488/pigz-2.3.3-1.fc21
0
https://admin.fedoraproject.org/updates/FEDORA-2015-1505/kernel-3.18.5-20...
The following Fedora 21 Critical Path updates have yet to be approved:
Age URL
5
https://admin.fedoraproject.org/updates/FEDORA-2015-1091/perl-Filter-1.54...
5
https://admin.fedoraproject.org/updates/FEDORA-2015-1079/perl-Encode-2.68...
5
https://admin.fedoraproject.org/updates/FEDORA-2015-1087/network-manager-...
5
https://admin.fedoraproject.org/updates/FEDORA-2015-1152/imlib2-1.4.6-3.fc21
5
https://admin.fedoraproject.org/updates/FEDORA-2015-1062/jasper-1.900.1-3...
4
https://admin.fedoraproject.org/updates/FEDORA-2015-1254/rygel-0.24.3-1.fc21
3
https://admin.fedoraproject.org/updates/FEDORA-2015-1297/polkit-0.112-7.f...
1
https://admin.fedoraproject.org/updates/FEDORA-2015-1456/perl-Getopt-Long...
1
https://admin.fedoraproject.org/updates/FEDORA-2015-1454/perl-Pod-Simple-...
1
https://admin.fedoraproject.org/updates/FEDORA-2015-1436/koji-1.9.0-10.fc...
1
https://admin.fedoraproject.org/updates/FEDORA-2015-1407/cairo-1.14.0-1.fc21
0
https://admin.fedoraproject.org/updates/FEDORA-2015-1488/pigz-2.3.3-1.fc21
0
https://admin.fedoraproject.org/updates/FEDORA-2015-1507/nspr-4.10.8-1.fc...
0
https://admin.fedoraproject.org/updates/FEDORA-2015-1504/lvm2-2.02.116-3....
0
https://admin.fedoraproject.org/updates/FEDORA-2015-1480/libgpg-error-1.1...
0
https://admin.fedoraproject.org/updates/FEDORA-2015-1509/selinux-policy-3...
The following builds have been pushed to Fedora 21 updates-testing
biblesync-1.1.2-1.fc21
coin-or-Ipopt-3.12.0-1.fc21
dovecot-2.2.15-2.fc21
doxygen-1.8.9.1-1.fc21
freeradius-client-1.1.7-3.fc21
gap-pkg-atlasrep-1.5.0-2.fc21
gap-pkg-browse-1.8.6-2.fc21
gap-pkg-ctbllib-1.2.2-3.fc21
gap-pkg-io-4.4.4-1.fc21
gap-pkg-sonata-2.6-4.fc21
gap-pkg-spinsym-1.5-1.fc21
gap-pkg-tomlib-1.2.5-3.fc21
glite-px-proxyrenewal-1.3.36-2.fc21
iotop-0.6-5.fc21
isdn4k-utils-3.2-99.fc21
kernel-3.18.5-200.fc21
libgpg-error-1.17-2.fc21
lvm2-2.02.116-3.fc21
maradns-2.0.11-1.fc21
mingw-gnutls-3.3.12-1.fc21
nodejs-dependency-lister-1.0.2-1.fc21
nodejs-read-all-stream-1.0.2-1.fc21
nspr-4.10.8-1.fc21
nss-3.17.4-1.fc21
nss-softokn-3.17.4-1.fc21
nss-util-3.17.4-1.fc21
oath-toolkit-2.4.1-9.fc21
pcsc-tools-1.4.23-1.fc21
php-aws-sdk-2.7.17-1.fc21
pigz-2.3.3-1.fc21
pulseaudio-equalizer-2.7-14.fc21
python-mwlib-0.15.14-1.fc21
python-tbgrep-0.3.0-1.fc21
rubygem-rmagick-2.13.4-2.fc21
schroot-1.6.5-8.fc21
selinux-policy-3.13.1-105.1.fc21
subtitleeditor-0.41.0-5.fc21
tcpcrypt-0.4-0.3.bb990b1b.fc21
torbrowser-launcher-0.1.9-1.fc21
vagrant-lxc-1.1.0-6.fc21
Details about builds:
================================================================================
biblesync-1.1.2-1.fc21 (FEDORA-2015-1482)
A Cross-platform library for sharing Bible navigation
--------------------------------------------------------------------------------
Update Information:
New upstream version
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 9 2014 Greg Hellings <greg.hellings(a)gmail.com> - 1.1.2-1
- New upstream version
- API incompatible with 1.0 series
--------------------------------------------------------------------------------
================================================================================
coin-or-Ipopt-3.12.0-1.fc21 (FEDORA-2015-1491)
Interior Point OPTimizer
--------------------------------------------------------------------------------
Update Information:
- **Update to 3.12.0**
Correct aarch64 build (#1185848)
- **Fix libraries's symlinks (bz#1152812)**
- **Update to 3.11.10**
- **Fix libraries's symlinks (bz#1152812)**
- **Update to 3.11.10**
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 27 2015 Antonio Trande <sagitterATfedoraproject.org> - 3.12.0-1
- Update to 3.12.0 (bz#1152812)
* Mon Jan 26 2015 pcpa <paulo.cesar.pereira.de.andrade(a)gmail.com> - 3.11.10-3
- Correct aarch64 build (#1185848)
* Fri Jan 23 2015 Antonio Trande <sagitterATfedoraproject.org> - 3.11.10-2
- Fix libraries's symlinks (bz#1152812)
* Mon Jan 19 2015 Antonio Trande <sagitterATfedoraproject.org> - 3.11.10-1
- Update to 3.11.10
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1185848 - package fails to build on aarch64 due to very old
config.{guess,sub} files
https://bugzilla.redhat.com/show_bug.cgi?id=1185848
[ 2 ] Bug #1152812 - Dynamic library file should be symlink
https://bugzilla.redhat.com/show_bug.cgi?id=1152812
[ 3 ] Bug #1183505 - coin-or-Ipopt-3.11.10 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1183505
--------------------------------------------------------------------------------
================================================================================
dovecot-2.2.15-2.fc21 (FEDORA-2015-1493)
Secure imap and pop3 server
--------------------------------------------------------------------------------
Update Information:
- fix crash related to logging BYE notifications (#1176282)
- update pigeonhole to 0.4.6
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 5 2015 Michal Hlavinka <mhlavink(a)redhat.com> - 1:2.2.15-2
- fix crash related to logging BYE notifications (#1176282)
- update pigeonhole to 0.4.6
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1176282 - [abrt] dovecot: strlen(): log killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1176282
--------------------------------------------------------------------------------
================================================================================
doxygen-1.8.9.1-1.fc21 (FEDORA-2015-1476)
A documentation system for C/C++
--------------------------------------------------------------------------------
Update Information:
update to 1.8.9.1
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 21 2015 Than Ngo <than(a)redhat.com> 1.8.9.1-1
- update to 1.8.9.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1176278 - [abrt] doxygen: Definition::localName(): doxygen killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1176278
--------------------------------------------------------------------------------
================================================================================
freeradius-client-1.1.7-3.fc21 (FEDORA-2015-1501)
RADIUS protocol client library
--------------------------------------------------------------------------------
Update Information:
Line wrapped description message
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1171129 - Review Request: freeradius-client - Client library and utilities
for radius
https://bugzilla.redhat.com/show_bug.cgi?id=1171129
--------------------------------------------------------------------------------
================================================================================
gap-pkg-atlasrep-1.5.0-2.fc21 (FEDORA-2015-1479)
GAP interface to the Atlas of Group Representations
--------------------------------------------------------------------------------
Update Information:
This new package is a GAP interface to the Atlas of Group Representations, a database that
comprises representations of many almost simple groups and information about their maximal
subgroups. This database is available independent of GAP.
The AtlasRep package consists of this database and a GAP interface. The latter allows the
user to get an overview of the database, and to access the data in GAP format.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1185014 - Review Request: gap-pkg-atlasrep - GAP interface to the Atlas of
Group Representations
https://bugzilla.redhat.com/show_bug.cgi?id=1185014
--------------------------------------------------------------------------------
================================================================================
gap-pkg-browse-1.8.6-2.fc21 (FEDORA-2015-1514)
GAP browser for 2-dimensional arrays of data
--------------------------------------------------------------------------------
Update Information:
This package is a rename from the old gap-Browse package. It contains a GAP browser for
2-dimensional arrays of data.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1185015 - Review Request: gap-pkg-browse - GAP browser for 2-dimensional
arrays of data
https://bugzilla.redhat.com/show_bug.cgi?id=1185015
--------------------------------------------------------------------------------
================================================================================
gap-pkg-ctbllib-1.2.2-3.fc21 (FEDORA-2015-1473)
GAP Character Table Library
--------------------------------------------------------------------------------
Update Information:
This new package is a rename of the old gap-character-tables package. It contains the GAP
Character Table Library by Thomas Breuer.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1185020 - Review Request: gap-pkg-ctbllib - GAP Character Table Library
https://bugzilla.redhat.com/show_bug.cgi?id=1185020
--------------------------------------------------------------------------------
================================================================================
gap-pkg-io-4.4.4-1.fc21 (FEDORA-2015-1508)
Unix I/O functionality for GAP
--------------------------------------------------------------------------------
Update Information:
This new package is a rename of the old gap-io package. It contains an interface to Unix
I/O functionality from GAP.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1185016 - Review Request: gap-pkg-io - Unix I/O functionality for GAP
https://bugzilla.redhat.com/show_bug.cgi?id=1185016
--------------------------------------------------------------------------------
================================================================================
gap-pkg-sonata-2.6-4.fc21 (FEDORA-2015-1483)
GAP package for systems of nearrings
--------------------------------------------------------------------------------
Update Information:
This new package is a rename of the old gap-sonata package. It contains tools for working
with systems of nearrings in GAP.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1185018 - Review Request: gap-pkg-sonata - GAP package for systems of
nearrings
https://bugzilla.redhat.com/show_bug.cgi?id=1185018
--------------------------------------------------------------------------------
================================================================================
gap-pkg-spinsym-1.5-1.fc21 (FEDORA-2015-1503)
GAP package for Brauer tables of spin-symmetric groups
--------------------------------------------------------------------------------
Update Information:
This new package contains some p-modular character tables of Schur covers of symmetric and
alternating groups for GAP. It also provides some more functionalities related to these
groups, for example, a method to construct character tables of their maximal Young
subgroups.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1185021 - Review Request: gap-pkg-spinsym - GAP package for Brauer tables of
spin-symmetric groups
https://bugzilla.redhat.com/show_bug.cgi?id=1185021
--------------------------------------------------------------------------------
================================================================================
gap-pkg-tomlib-1.2.5-3.fc21 (FEDORA-2015-1490)
GAP Table of Marks package
--------------------------------------------------------------------------------
Update Information:
This new package is a rename of the old gap-table-of-marks package. It provides access to
several hundred tables of marks of almost simple groups and their maximal subgroups.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1185019 - Review Request: gap-pkg-tomlib - GAP Table of Marks package
https://bugzilla.redhat.com/show_bug.cgi?id=1185019
--------------------------------------------------------------------------------
================================================================================
glite-px-proxyrenewal-1.3.36-2.fc21 (FEDORA-2015-1511)
gLite proxyrenewal renews existing proxy certificates for grid users
--------------------------------------------------------------------------------
Update Information:
New version released. Fixed build from source and manual page update.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 29 2015 František Dvořák <valtri(a)civ.zcu.cz> - 1.3.36-2
- Patch to fix build with recent build tools
* Mon Oct 27 2014 František Dvořák <valtri(a)civ.zcu.cz> - 1.3.36-1
- Release glite-px-proxyrenewal 1.3.36
- Patches merged upstream
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1187090 - [glite-px-proxyrenewal] FTBFS in fc22
https://bugzilla.redhat.com/show_bug.cgi?id=1187090
--------------------------------------------------------------------------------
================================================================================
iotop-0.6-5.fc21 (FEDORA-2015-1502)
Top like utility for I/O
--------------------------------------------------------------------------------
Update Information:
do not raise an exception when nocbreak() fails on exit
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 30 2015 Michal Hlavinka <mhlavink(a)redhat.com> - 0.6-5
- always ignore nocbreak errors, there is way too many false positives (#1035503)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1035503 - [abrt] iotop-0.6-1.fc19: wrapper.py:49:wrapper:error: nocbreak()
returned ERR
https://bugzilla.redhat.com/show_bug.cgi?id=1035503
--------------------------------------------------------------------------------
================================================================================
isdn4k-utils-3.2-99.fc21 (FEDORA-2015-1487)
Utilities for configuring an ISDN subsystem
--------------------------------------------------------------------------------
Update Information:
bug fix update
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1045909 - 32 and 64 bit isdn4k conflicts for file /usr/share/isdn/dest.cdb
https://bugzilla.redhat.com/show_bug.cgi?id=1045909
[ 2 ] Bug #913721 - udev rules are installed into wrong directory
https://bugzilla.redhat.com/show_bug.cgi?id=913721
[ 3 ] Bug #1073894 - Service files are installed with unnecessary executable perms
https://bugzilla.redhat.com/show_bug.cgi?id=1073894
[ 4 ] Bug #1176116 - Configuration file /usr/lib/systemd/system/isdn.service is marked
executable.
https://bugzilla.redhat.com/show_bug.cgi?id=1176116
--------------------------------------------------------------------------------
================================================================================
kernel-3.18.5-200.fc21 (FEDORA-2015-1505)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 3.18.5 stable update contains a number of important fixes across the tree.
The 3.18.4 stable update contains a number of important fixes across the tree.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 30 2015 Justin M. Forbes <jforbes(a)fedoraproject.org> - 3.18.5-100
- Linux v3.18.5
* Thu Jan 29 2015 Josh Boyer <jwboyer(a)fedoraproject.org>
- Backport patch from Rob Clark to toggle i915 state machine checks
- Disable i915 state checks
* Tue Jan 27 2015 Justin M. Forbes <jforbes(a)fedoraproject.org> - 3.18.4-200
- Linux v3.18.4
* Tue Jan 27 2015 Josh Boyer <jwboyer(a)fedoraproject.org>
- CVE-2015-0239 kvm: insufficient sysenter emulation from 16-bit (rhbz 1186448 1186453)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1186448 - CVE-2015-0239 kernel: kvm: insufficient sysenter emulation when
invoked from 16-bit code
https://bugzilla.redhat.com/show_bug.cgi?id=1186448
--------------------------------------------------------------------------------
================================================================================
libgpg-error-1.17-2.fc21 (FEDORA-2015-1480)
Library for error values used by GnuPG components
--------------------------------------------------------------------------------
Update Information:
New upstream release with minor changes.
Also fixes multilib conflict in the header file.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 30 2015 Tomáš Mráz <tmraz(a)redhat.com> 1.17-2
- do not conflict on header file between architectures (#1180857)
* Thu Jan 29 2015 Tomáš Mráz <tmraz(a)redhat.com> 1.17-1
- new upstream release
* Fri Sep 19 2014 Tomáš Mráz <tmraz(a)redhat.com> 1.16-1
- new upstream release
- move from /lib to /usr/lib
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1180857 - libgpg-error-devel 32 vs. 64 bit header file conflict
https://bugzilla.redhat.com/show_bug.cgi?id=1180857
--------------------------------------------------------------------------------
================================================================================
lvm2-2.02.116-3.fc21 (FEDORA-2015-1504)
Userland logical volume management tools
--------------------------------------------------------------------------------
Update Information:
New lvm2 upstream release containing fixes documented in WHATS_NEW file.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 30 2015 Peter Rajnoha <prajnoha(a)redhat.com> - 2.02.116-3
- Deactivate unused thin pools activated with lvm2 pre-2.02.112 versions.
- Check lock holding LV when lvconverting stacked raid LV in cluster.
- Support udev external dev info for filters: PV min size, mpath, md, partition.
- Add fw_raid_component_detection lvm.conf option to enable FW raid detection.
- Add devices/external_device_info_source lvm.conf option ("none" by default).
- Scan pools in for_each_sub_lv() and add for_each_sub_lv_except_pools().
- Fix lvm2app lvm_lv_get_property return value for fields with info/status ioctl.
- Fix lvm2app regression in lvm_lv_get_attr causing unknown values (2.02.115).
- Preserve chunk size with repair and metadata swap of a thin pool.
- Fix raid --splitmirror 1 functionality (2.02.112).
- Fix tree preload to handle splitting raid images.
- Do not support unpartitioned DASD devices.
- Improve config validation to check if setting with string value can be empty.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1187481 - lvm2 2.02.115 breaks storaged, which breaks Cockpit
https://bugzilla.redhat.com/show_bug.cgi?id=1187481
--------------------------------------------------------------------------------
================================================================================
maradns-2.0.11-1.fc21 (FEDORA-2015-1198)
Authoritative and recursive DNS server made with security in mind
--------------------------------------------------------------------------------
Update Information:
This upgrade fixes CERT VU#264212 (infinite referral loop) along with few other fixes.
Full details at
http://samiam.org/blog/2015-01-25.html
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 30 2015 Tomasz Torcz <ttorcz(a)fedoraproject.org> - 2.0.11-1
- new upstream version
* Sun Jan 25 2015 Tomasz Torcz <ttorcz(a)fedoraproject.org> - 2.0.10-1
- new upstream version with important security fix -
http://samiam.org/blog/2015-01-25.html
--------------------------------------------------------------------------------
================================================================================
mingw-gnutls-3.3.12-1.fc21 (FEDORA-2015-1496)
MinGW GnuTLS TLS/SSL encryption library
--------------------------------------------------------------------------------
Update Information:
new upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 30 2015 Michael Cronenworth <mike(a)cchtml.com> - 3.3.12-1
- Update to 3.3.12
--------------------------------------------------------------------------------
================================================================================
nodejs-dependency-lister-1.0.2-1.fc21 (FEDORA-2015-1486)
Lists your module's dependencies with URLs and licenses
--------------------------------------------------------------------------------
Update Information:
update to 1.0.2 upstream release
Initial packaging
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1173205 - Review Request: nodejs-dependency-lister - Lists your module's
dependencies with URLs and licenses
https://bugzilla.redhat.com/show_bug.cgi?id=1173205
--------------------------------------------------------------------------------
================================================================================
nodejs-read-all-stream-1.0.2-1.fc21 (FEDORA-2015-1471)
Read all stream content and pass it to callback
--------------------------------------------------------------------------------
Update Information:
Update to 1.0.2 release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 29 2015 Parag Nemade <pnemade AT redhat DOT com> - 1.0.2-1
- Update to 1.0.2 release
* Sat Jan 24 2015 Parag Nemade <pnemade AT redhat DOT com> - 1.0.1-1
- Update to 1.0.1 release
--------------------------------------------------------------------------------
================================================================================
nspr-4.10.8-1.fc21 (FEDORA-2015-1507)
Netscape Portable Runtime
--------------------------------------------------------------------------------
Update Information:
Update the nss, nss-softokn, and nss-util packages to nss-3.17.3 and nspr to nspr-4.10.8
For more details on the bugs fixed with this release, please see the upstream release
notes at
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.4_...
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jan 31 2015 Elio Maldonado <emaldona(a)redhat.com> - 4.10.7-2
- Update to NSPR_4_10_8_RTM
--------------------------------------------------------------------------------
================================================================================
nss-3.17.4-1.fc21 (FEDORA-2015-1507)
Network Security Services
--------------------------------------------------------------------------------
Update Information:
Update the nss, nss-softokn, and nss-util packages to nss-3.17.3 and nspr to nspr-4.10.8
For more details on the bugs fixed with this release, please see the upstream release
notes at
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.4_...
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 28 2015 Elio Maldonado <emaldona(a)redhat.com> - 3.17.4-1
- Update to nss-3.17.4
* Sat Jan 24 2015 Ville Skyttä <ville.skytta(a)iki.fi> - 3.17.3-4
- Own the %{_datadir}/doc/nss-tools dir
--------------------------------------------------------------------------------
================================================================================
nss-softokn-3.17.4-1.fc21 (FEDORA-2015-1507)
Network Security Services Softoken Module
--------------------------------------------------------------------------------
Update Information:
Update the nss, nss-softokn, and nss-util packages to nss-3.17.3 and nspr to nspr-4.10.8
For more details on the bugs fixed with this release, please see the upstream release
notes at
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.4_...
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 28 2015 Elio Maldonado <emaldona(a)redhat.com> - 3.17.4-1
- Update to nss-3.17.4
- fix dependencies so nss-softokn pulls in nss-softokn-freebl of the same version and
release
--------------------------------------------------------------------------------
================================================================================
nss-util-3.17.4-1.fc21 (FEDORA-2015-1507)
Network Security Services Utilities Library
--------------------------------------------------------------------------------
Update Information:
Update the nss, nss-softokn, and nss-util packages to nss-3.17.3 and nspr to nspr-4.10.8
For more details on the bugs fixed with this release, please see the upstream release
notes at
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.4_...
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 28 2015 Elio Maldonado <emaldona(a)redhat.com> - 3.17.4-1
- Update to nss-3.17.4
--------------------------------------------------------------------------------
================================================================================
oath-toolkit-2.4.1-9.fc21 (FEDORA-2015-1484)
One-time password components
--------------------------------------------------------------------------------
Update Information:
Fixed invalid reads in libpskc due to references to old (freed) xmlDoc
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 30 2015 Jaroslav Škarvada <jskarvad(a)redhat.com> - 2.4.1-9
- Fixed invalid reads in libpskc due to references to old (freed) xmlDoc
(by retain-original-xmldoc patch), patch provided by David Woodhouse
Resolves: rhbz#1129491
* Tue Nov 11 2014 Jaroslav Škarvada <jskarvad(a)redhat.com> - 2.4.1-8
- Removed RHEL conditionals (not needed any more)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1129491 - memory corruption after pskc_build_xml()
https://bugzilla.redhat.com/show_bug.cgi?id=1129491
--------------------------------------------------------------------------------
================================================================================
pcsc-tools-1.4.23-1.fc21 (FEDORA-2015-1485)
Tools to be used with smart cards and PC/SC
--------------------------------------------------------------------------------
Update Information:
Update to the current upstream version.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 30 2015 Tomáš Mráz <tmraz(a)redhat.com> - 1.4.23-1
- upgrade to a latest upstream version
- include latest smartcard_list.txt (#1183327)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1183327 - SmartCard database outdated
https://bugzilla.redhat.com/show_bug.cgi?id=1183327
--------------------------------------------------------------------------------
================================================================================
php-aws-sdk-2.7.17-1.fc21 (FEDORA-2015-1498)
Amazon Web Services framework for PHP
--------------------------------------------------------------------------------
Update Information:
## 2.7.17 - 2015-01-27
* Added support for `getShippingLabel` to the AWS Import/Export client.
* Updated the AWS Lambda client.
## 2.7.16 - 2015-01-20
* Added support for custom security groups to the Amazon EMR client.
* Added support for the latest APIs to the Amazon Cognito Identity client.
* Added support for ClassicLink to the Auto Scaling client.
* Added the ability to set a client's API version to "latest" for forwards
compatibility with v3.
## 2.7.15 - 2015-01-15
* Added support for [HLS Content
Protection](https://aws.amazon.com/releasenotes/3388917394239147) to the Elastic
Transcoder client.
* Updated client factory logic to add the `SignatureListener`, even when `NullCredentials`
have been specified. This way, you can update a client's credentials later if you want
to begin signing requests.
## 2.7.14 - 2015-01-09
* Fixed a regression in the CloudSearch Domain client (#448).
## 2.7.13 - 2015-01-08
* Added the Amazon EC2 Container Service client.
* Added the Amazon CloudHSM client.
* Added support for dynamic fields to the Amazon CloudSearch client.
* Added support for the ClassicLink feature to the Amazon EC2 client.
* Updated the Amazon RDS client to use the latest 2014-10-31 API.
* Updated S3 signature so retries use a new Date header on each attempt.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 29 2015 Shawn Iwinski <shawn.iwinski(a)gmail.com> - 2.7.17-1
- Updated to 2.7.17 (BZ #1180500)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1180500 - php-aws-sdk-2.7.17 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1180500
--------------------------------------------------------------------------------
================================================================================
pigz-2.3.3-1.fc21 (FEDORA-2015-1488)
Parallel implementation of gzip
--------------------------------------------------------------------------------
Update Information:
Update to 2.3.3, fixes CVE-2015-1191:
- Return zero exit code when only warnings are issued
- Increase speed of unlzw (Unix compress decompression)
- Update zopfli to current google state
- Allow larger maximum blocksize (-b), now 512 MiB
- Do not require that -d precede -N, -n, -T options
- Strip any path from header name for -dN or -dNT
- Remove use of PATH_MAX (PATH_MAX is not reliable)
- Do not abort on inflate data error, do remaining files
- Check gzip header CRC if present
- Improve decompression error detection and reporting
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 30 2015 Orion Poplawski <orion(a)cora.nwra.com> - 2.3.3-1
- Update to 2.3.3, fixes CVE-2015-1191 (bug #1181045)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1181045 - CVE-2015-1191 pigz: directory traversal vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=1181045
--------------------------------------------------------------------------------
================================================================================
pulseaudio-equalizer-2.7-14.fc21 (FEDORA-2015-1495)
A 15 Bands Equalizer for PulseAudio
--------------------------------------------------------------------------------
Update Information:
- Fixing missing $HOME/.pulse dir
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 30 2015 Jaromir Capik <jcapik(a)redhat.com> - 2.7-14
- Fixing crashes when $HOME/.pulse missing (#1183283)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1185103 - [abrt] pulseaudio-equalizer:
pulseaudio-equalizer.py:46:GetSettings:IOError: [Errno 2] No such file or directory:
'/home/arcademan/.pulse/equalizerrc'
https://bugzilla.redhat.com/show_bug.cgi?id=1185103
--------------------------------------------------------------------------------
================================================================================
python-mwlib-0.15.14-1.fc21 (FEDORA-2015-1492)
MediaWiki parser and utility library
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream bugfix release.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 30 2015 Zbigniew Jędrzejewski-Szmek <zbyszek(a)in.waw.pl> - 0.15.14-1
- Update to 0.15.14 and enable tests (#1031279)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1031279 - python-mwlib-0.15.14 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1031279
--------------------------------------------------------------------------------
================================================================================
python-tbgrep-0.3.0-1.fc21 (FEDORA-2015-1477)
Extract Python Tracebacks from text
--------------------------------------------------------------------------------
Update Information:
Latest upstream release with new functionality
https://github.com/lmacken/tbgrep
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 30 2015 Luke Macken <lmacken(a)redhat.com> - 0.3.0-1
- Update to 0.3.0
--------------------------------------------------------------------------------
================================================================================
rubygem-rmagick-2.13.4-2.fc21 (FEDORA-2015-1472)
Ruby binding to ImageMagick
--------------------------------------------------------------------------------
Update Information:
This is a new package
--------------------------------------------------------------------------------
================================================================================
schroot-1.6.5-8.fc21 (FEDORA-2015-1489)
Execute commands in a chroot environment
--------------------------------------------------------------------------------
Update Information:
binary must be suid root.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 30 2015 Zach Carter <os(a)zachcarter.com> - 1.6.5-8
- Make sure schroot is suid (BZ1045006,BZ1175351)
* Mon Jan 26 2015 Petr Machata <pmachata(a)redhat.com> - 1.6.5-7
- Rebuild for boost 1.57.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1175351 - schroot binary should be setuid root
https://bugzilla.redhat.com/show_bug.cgi?id=1175351
--------------------------------------------------------------------------------
================================================================================
selinux-policy-3.13.1-105.1.fc21 (FEDORA-2015-1509)
SELinux policy configuration
--------------------------------------------------------------------------------
Update Information:
More info:
http://koji.fedoraproject.org/koji/buildinfo?buildID=607962
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 29 2015 Lukas Vrabec <lvrabec(a)redhat.com> 3.13.1-105.1
- Add unconfined_setsched() interface
- Add ipsec_rw_inherited_pipes() interface.
- Update seutil_manage_config() interface.
- journald now reads the netlink audit socket
- Update ipsec_manage_pid() interface.
- Allow netutils chown capability to make tcpdump working with -w
- Label /ostree/deploy/rhel-atomic-host/deploy directory as system_conf_t.
- Allow ipsec to execute _updown.netkey script to run unbound-control.
- Add auditing support for ipsec.
- Allow nut_upsmon_t to read random_device_t. BZ(1186072)
- Allow fowner capability for sssd because of selinux_child handling.
- ALlow bind to read/write inherited ipsec pipes
- Allow hypervkvp to read /dev/urandom and read addition states/config files.
- Allow cluster domain to dbus chat with systemd-logind.
- Allow gluster rpm scripletto create glusterd socket with correct labeling. This is a
workaround until we get fix in glusterd
- Add glusterd_filetrans_named_pid() interface.
- Allow radiusd to connect to radsec ports.
- Allow setuid/setgid for selinux_child.
- Allow pingd to read /dev/urandom. BZ(1181831)
- Allow lsmd plugin to connect to tcp/5989 by default.
- pkcsslotd_lock_t should be an alias for pkcs_slotd_lock_t.
- Allow docker_t to changes it rlimit
- Allow docker to setsched on unconfined_t user
- Dontaudit couchdb search in gconf_home_t. BZ(1177717)
- Call correct macro in virt_read_content().
- Allow neutron to read rpm DB.
- Add labeling for pacemaker.log.
- Allow radius to connect/bind radsec ports.
- Allow pm-suspend running as virt_qemu_ga to read /var/log/pm-suspend.log.
- Add devicekit_read_log_files()
- Allow virt_qemu_ga to dbus chat with rpm.
- Update virt_read_content() interface to allow read also char devices.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1181831 - SELinux is preventing ping6 from read access on the chr_file
urandom.
https://bugzilla.redhat.com/show_bug.cgi?id=1181831
--------------------------------------------------------------------------------
================================================================================
subtitleeditor-0.41.0-5.fc21 (FEDORA-2015-1470)
GTK+2 tool to edit subtitles for GNU/Linux/*BSD
--------------------------------------------------------------------------------
Update Information:
Added patches for rhbz #1187152 (upstream #22857 and #23018)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 29 2015 Artur Szymczak <artur.szymczak(a)nadzieja.pl> - 0.41.0-5
- Added patches for rhbz #1187152 (upstream #22857 and #23018)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1187152 - Editing subtitles, start and end time, duration and CPS does not
work with glib2 2.42 anymore
https://bugzilla.redhat.com/show_bug.cgi?id=1187152
--------------------------------------------------------------------------------
================================================================================
tcpcrypt-0.4-0.3.bb990b1b.fc21 (FEDORA-2015-1494)
Opportunistically encrypt TCP connections
--------------------------------------------------------------------------------
Update Information:
Initial package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1122777 - Review Request: tcpcrypt - Opportunistically encrypt TCP
connections
https://bugzilla.redhat.com/show_bug.cgi?id=1122777
--------------------------------------------------------------------------------
================================================================================
torbrowser-launcher-0.1.9-1.fc21 (FEDORA-2015-1499)
Tor Browser Bundle managing tool
--------------------------------------------------------------------------------
Update Information:
fix required txsocksx and service-identity
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jan 24 2015 Robert Mayr <robyduck(a)fedoraoproject.org> 0.1.9-1
- fix required txsocksx and service-identity
- bump to last version available
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1177388 - torbrowser-launcher gives error checking for updates and
python-txsocksx package is missing
https://bugzilla.redhat.com/show_bug.cgi?id=1177388
--------------------------------------------------------------------------------
================================================================================
vagrant-lxc-1.1.0-6.fc21 (FEDORA-2015-1469)
LXC provider for vagrant
--------------------------------------------------------------------------------
Update Information:
Introduce vagrant-lxc package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1185685 - Review Request: vagrant-lxc - LXC-provider for vagrant
https://bugzilla.redhat.com/show_bug.cgi?id=1185685
--------------------------------------------------------------------------------