The following Fedora 21 Security updates need testing:
Age URL
209
https://bodhi.fedoraproject.org/updates/FEDORA-2015-1467
openstack-glance-2014.1.3-4.fc21
90
https://bodhi.fedoraproject.org/updates/FEDORA-2015-9090 fossil-1.33-1.fc21
90
https://bodhi.fedoraproject.org/updates/FEDORA-2015-9141
ceph-deploy-1.5.25-1.fc21
78
https://bodhi.fedoraproject.org/updates/FEDORA-2015-9744 squid-3.4.13-1.fc21
68
https://bodhi.fedoraproject.org/updates/FEDORA-2015-10301
389-ds-base-1.3.3.12-1.fc21
22
https://bodhi.fedoraproject.org/updates/FEDORA-2015-12773
python-kdcproxy-0.3.2-1.fc21
15
https://bodhi.fedoraproject.org/updates/FEDORA-2015-13404 qemu-2.1.3-9.fc21
9
https://bodhi.fedoraproject.org/updates/FEDORA-2015-13700
drupal6-views_bulk_operations-1.17-1.fc21
6
https://bodhi.fedoraproject.org/updates/FEDORA-2015-13423 php-twig-1.20.0-1.fc21
6
https://bodhi.fedoraproject.org/updates/conntrack-tools-1.4.2-9.fc21
conntrack-tools-1.4.2-9.fc21
6
https://bodhi.fedoraproject.org/updates/mediawiki-1.24.3-1.fc21
mediawiki-1.24.3-1.fc21
6
https://bodhi.fedoraproject.org/updates/ca-certificates-2015.2.5-1.0.fc21
ca-certificates-2015.2.5-1.0.fc21
6
https://bodhi.fedoraproject.org/updates/FEDORA-2015-13917 drupal7-7.39-1.fc21
6
https://bodhi.fedoraproject.org/updates/FEDORA-2015-13926
gdk-pixbuf2-2.31.6-1.fc21
5
https://bodhi.fedoraproject.org/updates/FEDORA-2015-14010
mingw-gdk-pixbuf-2.31.6-1.fc21
2
https://bodhi.fedoraproject.org/updates/FEDORA-2015-14179 libreswan-3.15-1.fc21
2
https://bodhi.fedoraproject.org/updates/FEDORA-2015-14200 sblim-sfcb-1.4.8-5.fc21
2
https://bodhi.fedoraproject.org/updates/FEDORA-2015-14211 ntp-4.2.6p5-33.fc21
2
https://bodhi.fedoraproject.org/updates/FEDORA-2015-14242 pcre-8.35-14.fc21
0
https://bodhi.fedoraproject.org/updates/FEDORA-2015-14330
drupal6-ctools-1.14-1.fc21
0
https://bodhi.fedoraproject.org/updates/FEDORA-2015-14363 xen-4.4.3-1.fc21
0
https://bodhi.fedoraproject.org/updates/FEDORA-2015-14442 drupal6-6.37-1.fc21
The following Fedora 21 Critical Path updates have yet to be approved:
Age URL
154
https://bodhi.fedoraproject.org/updates/FEDORA-2015-4638 lcms2-2.7-1.fc21
41
https://bodhi.fedoraproject.org/updates/FEDORA-2015-11787
redhat-rpm-config-29-1.fc21
29
https://bodhi.fedoraproject.org/updates/FEDORA-2015-12212 perl-Filter-1.55-1.fc21
28
https://bodhi.fedoraproject.org/updates/FEDORA-2015-12402
gstreamer1-plugins-good-1.4.5-3.fc21
27
https://bodhi.fedoraproject.org/updates/FEDORA-2015-12575 perl-Encode-2.76-1.fc21
22
https://bodhi.fedoraproject.org/updates/FEDORA-2015-12790 libsolv-0.6.11-2.fc21
16
https://bodhi.fedoraproject.org/updates/FEDORA-2015-13233
yum-utils-1.1.31-28.fc21
16
https://bodhi.fedoraproject.org/updates/FEDORA-2015-13239 yum-3.4.3-154.fc21
9
https://bodhi.fedoraproject.org/updates/FEDORA-2015-13654 bash-4.3.42-1.fc21
9
https://bodhi.fedoraproject.org/updates/FEDORA-2015-13747 hwdata-0.281-1.fc21
9
https://bodhi.fedoraproject.org/updates/FEDORA-2015-13745 kernel-4.1.6-100.fc21
9
https://bodhi.fedoraproject.org/updates/FEDORA-2015-13673
python-slip-0.6.3-1.fc21
6
https://bodhi.fedoraproject.org/updates/FEDORA-2015-13926
gdk-pixbuf2-2.31.6-1.fc21
6
https://bodhi.fedoraproject.org/updates/FEDORA-2015-13908 librsvg2-2.40.10-1.fc21
6
https://bodhi.fedoraproject.org/updates/FEDORA-2015-13885
thunderbird-38.2.0-2.fc21
6
https://bodhi.fedoraproject.org/updates/FEDORA-2015-13877 libteam-1.18-1.fc21
6
https://bodhi.fedoraproject.org/updates/FEDORA-2015-13805 tigervnc-1.5.0-2.fc21
6
https://bodhi.fedoraproject.org/updates/dracut-038-40.git20150819.fc21
dracut-038-40.git20150819.fc21
6
https://bodhi.fedoraproject.org/updates/ca-certificates-2015.2.5-1.0.fc21
ca-certificates-2015.2.5-1.0.fc21
6
https://bodhi.fedoraproject.org/updates/btrfs-progs-4.1.2-1.fc21
btrfs-progs-4.1.2-1.fc21
5
https://bodhi.fedoraproject.org/updates/FEDORA-2015-14019 nss-3.20.0-1.0.fc21
nss-softokn-3.20.0-1.0.fc21 nss-util-3.20.0-1.0.fc21
3
https://bodhi.fedoraproject.org/updates/FEDORA-2015-14135
libpwquality-1.2.4-3.fc21
3
https://bodhi.fedoraproject.org/updates/FEDORA-2015-14070
selinux-policy-3.13.1-105.21.fc21
3
https://bodhi.fedoraproject.org/updates/FEDORA-2015-14065
perl-generators-1.04-1.fc21
2
https://bodhi.fedoraproject.org/updates/FEDORA-2015-14242 pcre-8.35-14.fc21
2
https://bodhi.fedoraproject.org/updates/FEDORA-2015-14209 vim-7.4.827-1.fc21
0
https://bodhi.fedoraproject.org/updates/FEDORA-2015-14405 abrt-2.3.0-10.fc21
libreport-2.3.0-9.fc21
0
https://bodhi.fedoraproject.org/updates/FEDORA-2015-14380 firefox-40.0-10.fc21
0
https://bodhi.fedoraproject.org/updates/FEDORA-2015-14323 dnf-0.6.4-6.fc21
0
https://bodhi.fedoraproject.org/updates/FEDORA-2015-14307
perl-Thread-Queue-3.06-1.fc21
The following builds have been pushed to Fedora 21 updates-testing
abrt-2.3.0-10.fc21
anka-coder-fonts-1.100-0.3.20130409hg4348cf4ec395.fc21
antimicro-2.18.2-1.fc21
dnf-0.6.4-6.fc21
docker-io-1.7.1-3.git33de319.fc21
docker-io-1.8.1-2.git32b8b25.fc21
drupal6-6.37-1.fc21
drupal6-ctools-1.14-1.fc21
eigen3-3.2.5-2.fc21
firefox-40.0-10.fc21
globus-gridftp-server-8.7-1.fc21
gmusicbrowser-1.1.15-1.fc21
golang-github-julienschmidt-httprouter-1.1-1.fc21
golang-github-vishvananda-netns-0-0.5.git604eaf1.fc21
ibus-typing-booster-1.2.12-1.fc21
inxi-2.2.28-1.fc21
java-1.8.0-openjdk-1.8.0.60-14.b27.fc21
java-mersenne-twister-20-4.fc21
libreoffice-4.3.7.2-10.fc21
libreport-2.3.0-9.fc21
nx-libs-3.5.0.32-2.fc21
open-vm-tools-9.10.2-2.fc21
openvswitch-2.4.0-1.fc21
perl-Geo-IPfree-1.1.5.1.9.4.0-1.fc21
perl-IO-Prompt-0.997.003-1.fc21
perl-Object-InsideOut-3.99-1.fc21
perl-Object-InsideOut-4.02-1.fc21
perl-Server-Starter-0.32-1.fc21
perl-Text-Unidecode-1.24-1.fc21
perl-Thread-Queue-3.06-1.fc21
php-Raven-0.12.1-1.fc21
php-horde-Horde-Crypt-2.6.1-1.fc21
php-pecl-mongo-1.6.11-1.fc21
prosody-0.9.8-5.fc21
python-dockerfile-parse-0.0.4-1.fc21
python-fedora-0.5.5-2.fc21
python-jenkins-0.4.8-1.fc21
smuxi-1.0-2.fc21
spacefm-1.0.3-1.fc21
vym-2.4.8-1.fc21
wordpress-4.3-1.fc21
xen-4.4.3-1.fc21
Details about builds:
================================================================================
abrt-2.3.0-10.fc21 (FEDORA-2015-14405)
Automatic bug detection and reporting tool
--------------------------------------------------------------------------------
Update Information:
libreport-2.3.0-9.fc21 - add a helper for HTTP GET abrt-2.3.0-10.fc21 -
bodhi: add parsing of error responses - bodhi: add ignoring of Rawhide - do not
break the reporting if a-bodhi fails - spec: add hawkey to BRs of abrt-bodhi -
introduce bodhi2 to abrt-bodhi - add bash on the package blacklist
--------------------------------------------------------------------------------
================================================================================
anka-coder-fonts-1.100-0.3.20130409hg4348cf4ec395.fc21 (FEDORA-2015-14352)
A mono spaced, courier-width font
--------------------------------------------------------------------------------
Update Information:
New font! Anka-coder - A mono spaced, courier-width font.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #949954 - Review Request: anka-coder-fonts - A mono spaced, courier-width
font
https://bugzilla.redhat.com/show_bug.cgi?id=949954
--------------------------------------------------------------------------------
================================================================================
antimicro-2.18.2-1.fc21 (FEDORA-2015-14503)
Graphical program used to map keyboard buttons and mouse controls to a gamepad
--------------------------------------------------------------------------------
Update Information:
Additional thread-related bug fixes. ---- New upstream release to address
thread-related issues. new upstream release v2.18 (#1253911)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1253911 - antimicro-2.18 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1253911
--------------------------------------------------------------------------------
================================================================================
dnf-0.6.4-6.fc21 (FEDORA-2015-14323)
Package manager forked from Yum, using libsolv as a dependency resolver
--------------------------------------------------------------------------------
Update Information:
dnf-0.6.4-6.fc21 - cleanup old cache in posttrans (Michael Mraka) - include
/var/cache/dnf into rpm (Michael Mraka) - do not use releasever in cache path
(related to RhBug:1173107) (Michael Mraka) The DNF version 0.6.2 contains
mostly bug fixes, improves database locking mechanism and does not request
fresh metadata for every command.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #909856 - [rfe] lazy mode for metadata syncing
https://bugzilla.redhat.com/show_bug.cgi?id=909856
[ 2 ] Bug #1136584 - [abrt] dnf: rpmsack.py:255:_read:AttributeError:
<dnf.yum.rpmsack.RPMDBAdditionalDataPackage object at 0x7f10fed01b50> has no
attribute reason
https://bugzilla.redhat.com/show_bug.cgi?id=1136584
[ 3 ] Bug #1138700 - dnf doesn't install all packages on command line
https://bugzilla.redhat.com/show_bug.cgi?id=1138700
[ 4 ] Bug #1135861 - group erase libreoffice fails, package requires but none of the
providers can be installed
https://bugzilla.redhat.com/show_bug.cgi?id=1135861
[ 5 ] Bug #1173107 - mock: use of "dnf --installroot ..." yields
"releasever not given" error
https://bugzilla.redhat.com/show_bug.cgi?id=1173107
[ 6 ] Bug #1136223 - [abrt] dnf: packages.py:76:parsePackages:TypeError: unsupported
operand type(s) for |=: 'set' and 'list'
https://bugzilla.redhat.com/show_bug.cgi?id=1136223
[ 7 ] Bug #1070902 - dnf autocomplete for install ./* + <TAB> takes ages
https://bugzilla.redhat.com/show_bug.cgi?id=1070902
[ 8 ] Bug #1122617 - reinstall of local rpms gives traceback
https://bugzilla.redhat.com/show_bug.cgi?id=1122617
[ 9 ] Bug #1134893 - "dnf update" works as "dnf install" on local
package files
https://bugzilla.redhat.com/show_bug.cgi?id=1134893
[ 10 ] Bug #1133830 - Does not import gpg keys
https://bugzilla.redhat.com/show_bug.cgi?id=1133830
[ 11 ] Bug #1124316 - [locking] per-installroot metadata lock
https://bugzilla.redhat.com/show_bug.cgi?id=1124316
[ 12 ] Bug #1121184 - dnf: shows fake download speed when not downloading anything
https://bugzilla.redhat.com/show_bug.cgi?id=1121184
--------------------------------------------------------------------------------
================================================================================
docker-io-1.7.1-3.git33de319.fc21 (FEDORA-2015-14351)
Automates deployment of containerized applications
--------------------------------------------------------------------------------
Update Information:
built d-s-s master commit#d3b9ba7 built docker @rhatdan/fedora-1.7
commit#33de319 adjust min VR of selinux-policy to what's actually available in
f21
--------------------------------------------------------------------------------
================================================================================
docker-io-1.8.1-2.git32b8b25.fc21 (FEDORA-2015-14514)
Automates deployment of containerized applications
--------------------------------------------------------------------------------
Update Information:
built docker @rhatdan/fedora-1.8 commit#32b8b25
--------------------------------------------------------------------------------
================================================================================
drupal6-6.37-1.fc21 (FEDORA-2015-14442)
An open-source content-management platform
--------------------------------------------------------------------------------
Update Information:
Maintenance and security release of the Drupal 6 series. This release fixes
**security vulnerabilities**. Sites are [urged to upgrade
immediately](https://www.drupal.org/node/1494290) after reading the notes below
and the security announcement: [Drupal Core - Critical - Multiple
Vulnerabilities -
SA-CORE-2015-003](https://www.drupal.org/SA-CORE-2015-003) No
other fixes are included. No changes have been made to the .htaccess,
robots.txt or default settings.php files in this release, so upgrading custom
versions of those files is not necessary. #### Known issues: None. #### Major
changes since 6.36: * For security reasons, the autocomplete system now makes
Ajax requests to non-clean URLs only, although protection is also in place for
custom code that does so using clean URLs. There is a new form API #process
function on autocomplete-enabled text fields that is required for the
autocomplete functionality to work; custom and contributed modules should ensure
that they are not overriding this #process function accidentally when altering
text fields on forms. Part of the security fix also includes changes to
theme_textfield(); it is recommended that sites which override this theme
function make those changes as well (see the theme_textfield section of this
diff for details). * When form API token validation fails (for example, when a
cross-site request forgery attempt is detected, or a user tries to submit a form
after having logged out and back in again in the meantime), the form API now
skips calling form element value callbacks, except for a select list of
callbacks provided by Drupal core that are known to be safe. In rare cases, this
could lead to data loss when a user submits a form and receives a token
validation error, but the overall effect is expected to be minor.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1255662 - CVE-2015-6658 CVE-2015-6659 CVE-2015-6660 CVE-2015-6661
CVE-2015-6665 drupal: Several issues in 6.x and 7.x (SA-CORE-2015-003)
https://bugzilla.redhat.com/show_bug.cgi?id=1255662
--------------------------------------------------------------------------------
================================================================================
drupal6-ctools-1.14-1.fc21 (FEDORA-2015-14330)
Primarily a set of APIs and tools to improve the developer experience
--------------------------------------------------------------------------------
Update Information:
**See [Ctools - Critical - Multiple Vulnerabilities - SA-
CONTRIB-2015-141.](https://www.drupal.org/node/2554145)** **This is an
incremental security and bugfix release for ctools.** Looking to fix future D6
CTools issues? Find japerry or merlinofchaos in #drupal-scotch, #drupal-
contribute, or #drupal-panels -- and become a maintainer for D6 CTools. Changes
since 6.x-1.13: * Harden AJAX link handling * Content type plugins do not
properly inherit "edit" permission * Various lint fixes * Fix typo * Issue
\#2512850 by DamienMcKenna, mw4ll4c3: PHP 5.4+ compatibility * Issue \#2010124
by davidwhthomas: ctools_access_get_loggedin_context doesn't fully load current
user in context
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1256131 - drupal6-ctools-1.14 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1256131
--------------------------------------------------------------------------------
================================================================================
eigen3-3.2.5-2.fc21 (FEDORA-2015-14473)
A lightweight C++ template library for vector and matrix math
--------------------------------------------------------------------------------
Update Information:
eigen3-3.2.5-2.fc21 - Apply patch to install FindEigen3.cmake
eigen3-3.2.5-2.fc22 - Apply patch to install FindEigen3.cmake
eigen3-3.2.5-2.fc23 - Apply patch to install FindEigen3.cmake
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1255612 - Ship eigen3 with FindEigen3.cmake
https://bugzilla.redhat.com/show_bug.cgi?id=1255612
--------------------------------------------------------------------------------
================================================================================
firefox-40.0-10.fc21 (FEDORA-2015-14380)
Mozilla Firefox Web browser
--------------------------------------------------------------------------------
Update Information:
firefox-40.0-10.fc21 - Added a fix for mozbz#1127752 (rhbz#1256875) -
Gtk3&OMTC crashes firefox-40.0-10.fc22 - Added a fix for mozbz#1127752
(rhbz#1256875) - Gtk3&OMTC crashes firefox-40.0-10.fc23 - Added a fix for
mozbz#1127752 (rhbz#1256875) - Gtk3&OMTC crashes firefox-40.0-7.fc21 - Fix
crash reporter layout under GTK3 - mozbz#1192243 firefox-40.0-7.fc22 - Fix
crash reporter layout under GTK3 - mozbz#1192243 firefox-40.0-7.fc23 - Fix
crash reporter layout under GTK3 - mozbz#1192243
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
================================================================================
globus-gridftp-server-8.7-1.fc21 (FEDORA-2015-14512)
Globus Toolkit - Globus GridFTP Server
--------------------------------------------------------------------------------
Update Information:
- GT6 update (Improvements to globus-gridftp-server-setup-chroot) - Man page for
globus-gridftp-server-setup-chroot now provided by upstream, remove the one from
the source rpm - Add build requires on openssl and fakeroot needed for new tests
--------------------------------------------------------------------------------
================================================================================
gmusicbrowser-1.1.15-1.fc21 (FEDORA-2015-14350)
Jukebox for large collections of music files
--------------------------------------------------------------------------------
Update Information:
Main changes since v1.1.14 : * replace gmb icon with the svg icon made by
zeltak * add mpv output * add "high priority" keyboard shortcuts * add embedded
pictures tab to song property dialog * when adding a song, check if it is
already in the library with an old filename * PictureBrowser: improve navigation
of the folder pane * PictureBrowser: add folder icons to folder pane *
PictureBrowser: keep scaled size constant when changing picture *
PictureBrowser: add "paste link" to context menu * activate
"accent-insensitive"
search on file, folder and comment fields * optimize function that remove
"accents" (diacritic) * add star pictures option for rating fields * add option
for label-like and rating fields to have a submenu in song context menu * add
option to show/hide extension to title_or_file field (defaults to hide) * update
google image parser * various equalizer improvements * use internal equalizer
presets rather than gstreamer's (with option to sync with gstreamer's) *
mplayer: use slave mode to improve the transition between songs * picture finder
plugin: add DuckDuckGo search engine * add Shuffle command * use title_or_file
instead of title for choose-songs menus * make middle-click on stop and quit
button set the after queue action * make middle-click on Artist and Album Lock
enqueue the artist or album * make filename sorting in PictureBrowser number-
aware * add "Row number" column for SongList * add "Append to
playlist" to song
context menu when in list mode * show artist in addition to title in recent
songs menu * fix setting master filter not working properly * mplayer: fix
"Failed to open ~/.mplayer/input.conf" error * fix setting replaygain value
with
decimals not working with perl <5.20 when using locales that don't use dot as
decimal separator * fix songs with no label/genre not matching negative
label/genre filters * fix "0" appearing in "artists" tab for unknown
artists *
lastfm plugin: give up sending now-playing when the song is no longer playing *
translations updates: Finnish, French, German, Korean, Malay (Malaysia)
--------------------------------------------------------------------------------
================================================================================
golang-github-julienschmidt-httprouter-1.1-1.fc21 (FEDORA-2015-14439)
A high performance HTTP request router that scales well
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1257619 - Review Request: golang-github-julienschmidt-httprouter - A high
performance HTTP request router that scales well
https://bugzilla.redhat.com/show_bug.cgi?id=1257619
--------------------------------------------------------------------------------
================================================================================
golang-github-vishvananda-netns-0-0.5.git604eaf1.fc21 (FEDORA-2015-14395)
Simple network namespace handling for go
--------------------------------------------------------------------------------
Update Information:
Bump to upstream 604eaf189ee867d8c147fafc28def2394e878d25
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1248150 - Tracker for golang-github-vishvananda-netns
https://bugzilla.redhat.com/show_bug.cgi?id=1248150
--------------------------------------------------------------------------------
================================================================================
ibus-typing-booster-1.2.12-1.fc21 (FEDORA-2015-14394)
A typing booster engine for the IBus platform
--------------------------------------------------------------------------------
Update Information:
Use open() instead of codecs.open() to fix dictionary loading problem on F23
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1257465 - Loading hunspell dictionaries fails in ibus-typing-booster
https://bugzilla.redhat.com/show_bug.cgi?id=1257465
--------------------------------------------------------------------------------
================================================================================
inxi-2.2.28-1.fc21 (FEDORA-2015-14459)
A full featured system information script
--------------------------------------------------------------------------------
Update Information:
inxi-2.2.28-1.fc21 - Update to 2.2.28 inxi-2.2.28-1.fc22 - Update to
2.2.28 inxi-2.2.28-1.el6 - Update to 2.2.28 inxi-2.2.28-1.el7 - Update to
2.2.28
--------------------------------------------------------------------------------
================================================================================
java-1.8.0-openjdk-1.8.0.60-14.b27.fc21 (FEDORA-2015-14462)
OpenJDK Runtime Environment
--------------------------------------------------------------------------------
Update Information:
sync with f23, updated to u60
--------------------------------------------------------------------------------
================================================================================
java-mersenne-twister-20-4.fc21 (FEDORA-2015-14491)
Mersenne Twister random number generator in Java
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1256377 - Review Request:java-mersenne-twister - Mersenne Twister random
number generator in Java
https://bugzilla.redhat.com/show_bug.cgi?id=1256377
--------------------------------------------------------------------------------
================================================================================
libreoffice-4.3.7.2-10.fc21 (FEDORA-2015-14425)
Free Software Productivity Suite
--------------------------------------------------------------------------------
Update Information:
Resolves: tdf#92767 use ISO 8601 for internal date string representation Check
annotation caption pointers, blind fix for rhbz#1242099. Resolves: tdf#86024 do
not attempt to shorten numeric value output. Handle en-GB-oxendict vs en-GB-oed
language tag for newer liblangtag data. Resolves: rhbz#1255811 implement Edit
modify handler.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1242099 - [abrt] libreoffice-core: ScXMLExport::WriteAnnotation():
soffice.bin killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1242099
--------------------------------------------------------------------------------
================================================================================
libreport-2.3.0-9.fc21 (FEDORA-2015-14405)
Generic library for reporting various problems
--------------------------------------------------------------------------------
Update Information:
libreport-2.3.0-9.fc21 - add a helper for HTTP GET abrt-2.3.0-10.fc21 -
bodhi: add parsing of error responses - bodhi: add ignoring of Rawhide - do not
break the reporting if a-bodhi fails - spec: add hawkey to BRs of abrt-bodhi -
introduce bodhi2 to abrt-bodhi - add bash on the package blacklist
--------------------------------------------------------------------------------
================================================================================
nx-libs-3.5.0.32-2.fc21 (FEDORA-2015-14281)
NX X11 protocol compression libraries
--------------------------------------------------------------------------------
Update Information:
nx-libs-3.5.0.32-2.fc21 - Make libXinerama symlink (bug #1256724) nx-
libs-3.5.0.32-2.fc22 - Make libXinerama symlink (bug #1256724) nx-
libs-3.5.0.32-2.el6 - Make libXinerama symlink (bug #1256724) nx-
libs-3.5.0.32-2.el7 - Make libXinerama symlink (bug #1256724) nx-
libs-3.5.0.32-2.fc23 - Make libXinerama symlink (bug #1256724) Update to nx-
libs 3.5.0.32: - Proper integration of all patches in the source tarballs.
Bugs in the tarball generation script and patch file names prohibited inclusion
of many patches previously, including security fixes. - Better support for
debug (DEBUG, TEST, TRACE and other directives) builds, in part thanks to Nito
Martinez. - Build fixes due to underlinking of libdl thanks to Bernard
Cafarelli. - Retroactively document correct GPLv2 licensing of previously
potentially offending DXPC code. - Help text fixups. - Restart reading if
interrupted, gets rid of "Negotiation in stage 10" errors thanks to Vadim
Troshchinskiy. - A dozen X.Org Server fixes backported by Ulrich Sibiller.
The X2Go Project thanks Bernard Cafarelli, Nito Martinez (Qindel Group), Vadim
Troshchinskiy (Qindel Group) and Ulrich Sibiller for their contributions.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1256724 - xclients must load the patched libXinerama
https://bugzilla.redhat.com/show_bug.cgi?id=1256724
--------------------------------------------------------------------------------
================================================================================
open-vm-tools-9.10.2-2.fc21 (FEDORA-2015-14336)
Open Virtual Machine Tools for virtual machines hosted on VMware
--------------------------------------------------------------------------------
Update Information:
- Add license macro. - Remove initscripts requirement (#1226369). - Delete
mount.vmhgfs instead of excluding from packaging, so the debug information is
not included in the package (#1190540). - Be more explicit with configuration
files, newer mock complains of files being listed twice.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1190540 - open-vm-tools-debuginfo cannot be installed because it conflicts
with itself.
https://bugzilla.redhat.com/show_bug.cgi?id=1190540
[ 2 ] Bug #1226369 - Unneeded dependency on initscripts
https://bugzilla.redhat.com/show_bug.cgi?id=1226369
--------------------------------------------------------------------------------
================================================================================
openvswitch-2.4.0-1.fc21 (FEDORA-2015-14364)
Open vSwitch daemon/database/utilities
--------------------------------------------------------------------------------
Update Information:
updated to 2.4.0 (#1256922)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1256922 - openvswitch-2.4.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1256922
--------------------------------------------------------------------------------
================================================================================
perl-Geo-IPfree-1.1.5.1.9.4.0-1.fc21 (FEDORA-2015-14322)
Look up the country of an IPv4 Address
--------------------------------------------------------------------------------
Update Information:
This release provides IP database snapshot from 2015-07-13. It increases cache
size to 5000 entries and it keeps the cache populated as much as possible.
Especially, it remove only one entry instead of flushing all the entries when
the cache is full.
--------------------------------------------------------------------------------
================================================================================
perl-IO-Prompt-0.997.003-1.fc21 (FEDORA-2015-14293)
Interactively prompt for user input
--------------------------------------------------------------------------------
Update Information:
This release corrects tests to pass without terminal.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1256152 - perl-IO-Prompt-0.997003 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1256152
--------------------------------------------------------------------------------
================================================================================
perl-Object-InsideOut-3.99-1.fc21 (FEDORA-2015-14299)
Comprehensive inside-out object support module
--------------------------------------------------------------------------------
Update Information:
This release fixes array_ref subtype checking on assignement.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1256187 - perl-Object-InsideOut-3.99 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1256187
--------------------------------------------------------------------------------
================================================================================
perl-Object-InsideOut-4.02-1.fc21 (FEDORA-2015-14391)
Comprehensive inside-out object support module
--------------------------------------------------------------------------------
Update Information:
This release merges Fedora's patch. We provide it in order to deliver latest
version number.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1257174 - perl-Object-InsideOut-4.01 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1257174
--------------------------------------------------------------------------------
================================================================================
perl-Server-Starter-0.32-1.fc21 (FEDORA-2015-14456)
Superdaemon for hot-deploying server programs
--------------------------------------------------------------------------------
Update Information:
perl-Server-Starter-0.32-1.fc22 - Upstream update. perl-Server-
Starter-0.32-1.fc21 - Upstream update.
--------------------------------------------------------------------------------
================================================================================
perl-Text-Unidecode-1.24-1.fc21 (FEDORA-2015-14485)
US-ASCII transliterations of Unicode text
--------------------------------------------------------------------------------
Update Information:
A new version of Text::Unicode is available. See
http://cpansearch.perl.org/src/SBURKE/Text-Unidecode-1.24/ChangeLog for the
summary of changes in this release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1257934 - perl-Text-Unidecode-1.24 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1257934
--------------------------------------------------------------------------------
================================================================================
perl-Thread-Queue-3.06-1.fc21 (FEDORA-2015-14307)
Thread-safe queues
--------------------------------------------------------------------------------
Update Information:
This release allows to limit queue length.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1256194 - perl-Thread-Queue-3.06 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1256194
--------------------------------------------------------------------------------
================================================================================
php-Raven-0.12.1-1.fc21 (FEDORA-2015-14518)
A PHP client for Sentry
--------------------------------------------------------------------------------
Update Information:
#### 0.12.1 - Dont send empty values for various context.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1256982 - php-Raven-0.12.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1256982
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Crypt-2.6.1-1.fc21 (FEDORA-2015-14289)
Horde Cryptography API
--------------------------------------------------------------------------------
Update Information:
**Horde_Crypt 2.6.1** * [mjr] Fix PHP 5.3 incompatibility (Bug #14090)
--------------------------------------------------------------------------------
================================================================================
php-pecl-mongo-1.6.11-1.fc21 (FEDORA-2015-14386)
PHP MongoDB database driver
--------------------------------------------------------------------------------
Update Information:
**Version 1.6.11** * [PHP-1467] - PHP driver on big endian platform not
connecting to MongoDB
--------------------------------------------------------------------------------
================================================================================
prosody-0.9.8-5.fc21 (FEDORA-2015-14494)
Flexible communications server for Jabber/XMPP
--------------------------------------------------------------------------------
Update Information:
Start prosody after network-online.target not after network.target (#1256062)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1256062 - Prosody service starts when network is not yet ready
https://bugzilla.redhat.com/show_bug.cgi?id=1256062
--------------------------------------------------------------------------------
================================================================================
python-dockerfile-parse-0.0.4-1.fc21 (FEDORA-2015-14429)
Python library for Dockerfile manipulation
--------------------------------------------------------------------------------
Update Information:
New upstream release.
--------------------------------------------------------------------------------
================================================================================
python-fedora-0.5.5-2.fc21 (FEDORA-2015-14414)
Python modules for talking to Fedora Infrastructure Services
--------------------------------------------------------------------------------
Update Information:
Specbump to get in F21 updates-testing again. Consistent error handling from the
Bodhi2Client. More adjustments to bodhi server version detection. Better compat
with 'fedpkg update'. Better version checking of the bodhi server. Typofix in
the BodhiClient. Bodhi2 compatibility(!). munch objects are now returned by the
OpenIdBaseClient for a more symmetric API. There is also a minor python3 compat
fix. Better detection of bodhi server version. Be more careful with python-six
API usage for EPEL.
--------------------------------------------------------------------------------
================================================================================
python-jenkins-0.4.8-1.fc21 (FEDORA-2015-14285)
Python bindings for the remote Jenkins API
--------------------------------------------------------------------------------
Update Information:
Update to 0.4.8
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1242689 - python-jenkins-0.4.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1242689
--------------------------------------------------------------------------------
================================================================================
smuxi-1.0-2.fc21 (FEDORA-2015-14479)
Powerful, flexible, user-friendly chat client
--------------------------------------------------------------------------------
Update Information:
smuxi-1.0-2.fc21 - Added patch to not expose the user's realname
automatically (bz#1257597)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1257597 - smuxi: User information leak at first start
https://bugzilla.redhat.com/show_bug.cgi?id=1257597
[ 2 ] Bug #1257598 - smuxi: User information leak at first start [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1257598
--------------------------------------------------------------------------------
================================================================================
spacefm-1.0.3-1.fc21 (FEDORA-2015-14515)
Multi-panel tabbed file and desktop manager
--------------------------------------------------------------------------------
Update Information:
New version 1.0.3 is released.
--------------------------------------------------------------------------------
================================================================================
vym-2.4.8-1.fc21 (FEDORA-2015-14428)
View your mind
--------------------------------------------------------------------------------
Update Information:
vym-2.4.8-1.fc21 - Latest upstream, BZ 1256983. vym-2.4.7-1.fc21 - Latest
upstream, BZ 1256210.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1256983 - vym-2.4.8-1.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1256983
[ 2 ] Bug #1256210 - vym-2.4.6-4.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1256210
--------------------------------------------------------------------------------
================================================================================
wordpress-4.3-1.fc21 (FEDORA-2015-14302)
Blog tool and publishing platform
--------------------------------------------------------------------------------
Update Information:
Upstream Annoucement: [WordPress 4.3
“Billie”](https://wordpress.org/news/2015/08/billie/) Release Notes: [Version
4.3](https://codex.wordpress.org/Version_4.3)
--------------------------------------------------------------------------------
================================================================================
xen-4.4.3-1.fc21 (FEDORA-2015-14363)
Xen is a virtual machine monitor
--------------------------------------------------------------------------------
Update Information:
update to xen-4.4.3, including Use after free in QEMU/Xen block unplug protocol
[XSA-139, CVE-2015-5166], QEMU leak of uninitialized heap memory in rtl8139
device model [XSA-140, CVE-2015-5165]
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1248997 - CVE-2015-5166 Qemu: BlockBackend object use after free issue
(XSA-139)
https://bugzilla.redhat.com/show_bug.cgi?id=1248997
[ 2 ] Bug #1248760 - CVE-2015-5165 Qemu: rtl8139 uninitialized heap memory information
leakage to guest (XSA-140)
https://bugzilla.redhat.com/show_bug.cgi?id=1248760
--------------------------------------------------------------------------------